mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-16 04:42:22 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2023/01/19 12:33:38

Browse source
This commit is contained in:
motikan2010-bot 2023-01-19 21:33:38 +09:00
parent 4913c04f89
commit 29e3b41afa
28 changed files with 246 additions and 130 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
2016/CVE-2016-5195.json
View file

@ -71,10 +71,10 @@
"description": "CVE-2016-5195 (dirtycow\/dirtyc0w) proof of concept for Android",
"fork": false,
"created_at": "2016-10-21T11:19:21Z",
"updated_at": "2023-01-17T12:44:17Z",
"updated_at": "2023-01-19T11:38:19Z",
"pushed_at": "2021-02-03T16:03:40Z",
"stargazers_count": 915,
"watchers_count": 915,
"stargazers_count": 916,
"watchers_count": 916,
"has_discussions": false,
"forks_count": 409,
"allow_forking": true,
@ -83,7 +83,7 @@
"topics": [],
"visibility": "public",
"forks": 409,
"watchers": 915,
"watchers": 916,
"score": 0
},
{

8
2016/CVE-2016-8858.json
View file

@ -13,10 +13,10 @@
"description": "Proof of concept for CVE-2016-8858",
"fork": false,
"created_at": "2016-11-03T16:10:47Z",
"updated_at": "2021-08-07T15:43:19Z",
"updated_at": "2023-01-19T08:00:21Z",
"pushed_at": "2018-09-17T13:51:37Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 6,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 6,
"watchers": 4,
"watchers": 5,
"score": 0
}
]

8
2019/CVE-2019-17558.json
View file

@ -42,10 +42,10 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2023-01-19T05:57:17Z",
"updated_at": "2023-01-19T08:49:21Z",
"pushed_at": "2021-04-04T09:13:57Z",
"stargazers_count": 3658,
"watchers_count": 3658,
"stargazers_count": 3659,
"watchers_count": 3659,
"has_discussions": false,
"forks_count": 1052,
"allow_forking": true,
@ -74,7 +74,7 @@
],
"visibility": "public",
"forks": 1052,
"watchers": 3658,
"watchers": 3659,
"score": 0
},
{

2
2019/CVE-2019-5418.json
View file

@ -107,7 +107,7 @@
"fork": false,
"created_at": "2019-03-23T02:52:31Z",
"updated_at": "2022-12-10T01:50:20Z",
"pushed_at": "2022-12-14T05:21:32Z",
"pushed_at": "2023-01-19T12:13:40Z",
"stargazers_count": 121,
"watchers_count": 121,
"has_discussions": false,

4
2020/CVE-2020-12351.json
View file

@ -18,13 +18,13 @@
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"forks": 1,
"watchers": 2,
"score": 0
}

8
2020/CVE-2020-14882.json
View file

@ -13,10 +13,10 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2023-01-19T05:57:17Z",
"updated_at": "2023-01-19T08:49:21Z",
"pushed_at": "2021-04-04T09:13:57Z",
"stargazers_count": 3658,
"watchers_count": 3658,
"stargazers_count": 3659,
"watchers_count": 3659,
"has_discussions": false,
"forks_count": 1052,
"allow_forking": true,
@ -45,7 +45,7 @@
],
"visibility": "public",
"forks": 1052,
"watchers": 3658,
"watchers": 3659,
"score": 0
},
{

8
2020/CVE-2020-35846.json
View file

@ -13,10 +13,10 @@
"description": "Python PoC for CVE-2020-35846 targeting Cockpit 0.11.1",
"fork": false,
"created_at": "2021-07-25T05:05:14Z",
"updated_at": "2022-11-27T13:03:41Z",
"updated_at": "2023-01-19T09:01:36Z",
"pushed_at": "2021-07-25T05:28:51Z",
"stargazers_count": 14,
"watchers_count": 14,
"stargazers_count": 15,
"watchers_count": 15,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 5,
"watchers": 14,
"watchers": 15,
"score": 0
},
{

37
2021/CVE-2021-31800.json
View file

@ -1,4 +1,41 @@
[
{
"id": 529954227,
"name": "CVE-2021-31800-Impacket-SMB-Server-Arbitrary-file-read-write",
"full_name": "p0dalirius\/CVE-2021-31800-Impacket-SMB-Server-Arbitrary-file-read-write",
"owner": {
"login": "p0dalirius",
"id": 79218792,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79218792?v=4",
"html_url": "https:\/\/github.com\/p0dalirius"
},
"html_url": "https:\/\/github.com\/p0dalirius\/CVE-2021-31800-Impacket-SMB-Server-Arbitrary-file-read-write",
"description": "A path traversal in smbserver.py allows an attacker to read\/write arbitrary files on the server.",
"fork": false,
"created_at": "2022-08-28T19:04:46Z",
"updated_at": "2023-01-19T11:08:52Z",
"pushed_at": "2023-01-19T11:06:33Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"arbitrary",
"cve-2021-31800",
"file",
"impacket",
"read",
"smbserver",
"write"
],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 531854393,
"name": "CVE-2021-31800",

8
2021/CVE-2021-34527.json
View file

@ -179,10 +179,10 @@
"description": "PrintNightmare (CVE-2021-34527) PoC Exploit",
"fork": false,
"created_at": "2022-08-23T20:20:45Z",
"updated_at": "2023-01-17T13:04:52Z",
"updated_at": "2023-01-19T06:44:58Z",
"pushed_at": "2022-12-17T16:10:46Z",
"stargazers_count": 62,
"watchers_count": 62,
"stargazers_count": 63,
"watchers_count": 63,
"has_discussions": false,
"forks_count": 14,
"allow_forking": true,
@ -191,7 +191,7 @@
"topics": [],
"visibility": "public",
"forks": 14,
"watchers": 62,
"watchers": 63,
"score": 0
},
{

2
2021/CVE-2021-41773.json
View file

@ -3306,7 +3306,7 @@
"description": "Apache HTTP-Server 2.4.49-2.4.50 Path Traversal & Remote Code Execution PoC (CVE-2021-41773 & CVE-2021-42013)",
"fork": false,
"created_at": "2022-11-22T14:09:18Z",
"updated_at": "2022-11-22T16:30:39Z",
"updated_at": "2023-01-19T08:25:10Z",
"pushed_at": "2022-11-22T14:42:10Z",
"stargazers_count": 2,
"watchers_count": 2,

8
2022/CVE-2022-0543.json
View file

@ -18,13 +18,13 @@
"stargazers_count": 74,
"watchers_count": 74,
"has_discussions": false,
"forks_count": 29,
"forks_count": 30,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 29,
"forks": 30,
"watchers": 74,
"score": 0
},
@ -47,13 +47,13 @@
"stargazers_count": 19,
"watchers_count": 19,
"has_discussions": false,
"forks_count": 11,
"forks_count": 12,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 11,
"forks": 12,
"watchers": 19,
"score": 0
},

8
2022/CVE-2022-0847.json
View file

@ -129,10 +129,10 @@
"description": "A root exploit for CVE-2022-0847 (Dirty Pipe)",
"fork": false,
"created_at": "2022-03-07T18:55:20Z",
"updated_at": "2023-01-09T10:15:52Z",
"updated_at": "2023-01-19T09:20:04Z",
"pushed_at": "2022-03-08T06:20:05Z",
"stargazers_count": 1005,
"watchers_count": 1005,
"stargazers_count": 1006,
"watchers_count": 1006,
"has_discussions": false,
"forks_count": 218,
"allow_forking": true,
@ -141,7 +141,7 @@
"topics": [],
"visibility": "public",
"forks": 218,
"watchers": 1005,
"watchers": 1006,
"score": 0
},
{

4
2022/CVE-2022-1040.json
View file

@ -85,13 +85,13 @@
"stargazers_count": 12,
"watchers_count": 12,
"has_discussions": false,
"forks_count": 1,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"forks": 2,
"watchers": 12,
"score": 0
},

2
2022/CVE-2022-20452.json
View file

@ -13,7 +13,7 @@
"description": "Exploit for CVE-2022-20452, privilege escalation on Android from installed app to system app (or another app) via LazyValue using Parcel after recycle()",
"fork": false,
"created_at": "2023-01-10T16:24:51Z",
"updated_at": "2023-01-19T04:17:20Z",
"updated_at": "2023-01-19T07:55:09Z",
"pushed_at": "2023-01-10T16:25:49Z",
"stargazers_count": 117,
"watchers_count": 117,

4
2022/CVE-2022-22536.json
View file

@ -18,13 +18,13 @@
"stargazers_count": 50,
"watchers_count": 50,
"has_discussions": false,
"forks_count": 15,
"forks_count": 16,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 15,
"forks": 16,
"watchers": 50,
"score": 0
},

4
2022/CVE-2022-22965.json
View file

@ -547,13 +547,13 @@
"stargazers_count": 73,
"watchers_count": 73,
"has_discussions": false,
"forks_count": 15,
"forks_count": 16,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 15,
"forks": 16,
"watchers": 73,
"score": 0
},

30
2022/CVE-2022-23521.json
View file

@ -1,22 +1,22 @@
[
{
"id": 590400210,
"name": "git-crasher-poc-cve-2022-23521",
"full_name": "jfrog\/git-crasher-poc-cve-2022-23521",
"id": 590864009,
"name": "CVE-2022-23521",
"full_name": "0xDSousa\/CVE-2022-23521",
"owner": {
"login": "jfrog",
"id": 499942,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/499942?v=4",
"html_url": "https:\/\/github.com\/jfrog"
"login": "0xDSousa",
"id": 30153603,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30153603?v=4",
"html_url": "https:\/\/github.com\/0xDSousa"
},
"html_url": "https:\/\/github.com\/jfrog\/git-crasher-poc-cve-2022-23521",
"description": null,
"html_url": "https:\/\/github.com\/0xDSousa\/CVE-2022-23521",
"description": "Truncated Allocation Leading to Out of Bounds Write Via Large Number of Attributes",
"fork": false,
"created_at": "2023-01-18T10:27:34Z",
"updated_at": "2023-01-18T19:55:18Z",
"pushed_at": "2023-01-18T10:27:35Z",
"stargazers_count": 1,
"watchers_count": 1,
"created_at": "2023-01-19T11:50:21Z",
"updated_at": "2023-01-19T11:50:21Z",
"pushed_at": "2023-01-19T11:50:21Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"watchers": 0,
"score": 0
}
]

12
2022/CVE-2022-2588.json
View file

@ -13,19 +13,19 @@
"description": "exploit for CVE-2022-2588",
"fork": false,
"created_at": "2022-08-11T06:01:24Z",
"updated_at": "2023-01-11T09:03:03Z",
"updated_at": "2023-01-19T10:15:27Z",
"pushed_at": "2022-10-27T16:35:08Z",
"stargazers_count": 404,
"watchers_count": 404,
"stargazers_count": 405,
"watchers_count": 405,
"has_discussions": false,
"forks_count": 54,
"forks_count": 53,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 54,
"watchers": 404,
"forks": 53,
"watchers": 405,
"score": 0
},
{

8
2022/CVE-2022-26134.json
View file

@ -1920,10 +1920,10 @@
"description": null,
"fork": false,
"created_at": "2023-01-15T20:11:27Z",
"updated_at": "2023-01-15T22:05:28Z",
"updated_at": "2023-01-19T09:17:14Z",
"pushed_at": "2023-01-15T20:14:57Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -1932,7 +1932,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"watchers": 2,
"score": 0
}
]

8
2022/CVE-2022-34169.json
View file

@ -42,10 +42,10 @@
"description": "cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具可根据不同的Jdk生成出其所对应的xslt文件",
"fork": false,
"created_at": "2023-01-17T03:48:11Z",
"updated_at": "2023-01-18T15:40:55Z",
"updated_at": "2023-01-19T10:51:27Z",
"pushed_at": "2023-01-17T12:27:08Z",
"stargazers_count": 28,
"watchers_count": 28,
"stargazers_count": 30,
"watchers_count": 30,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -54,7 +54,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 28,
"watchers": 30,
"score": 0
}
]

4
2022/CVE-2022-37332.json
View file

@ -18,13 +18,13 @@
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"forks": 1,
"watchers": 0,
"score": 0
}

8
2022/CVE-2022-40684.json
View file

@ -13,10 +13,10 @@
"description": "A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager",
"fork": false,
"created_at": "2022-10-13T14:24:12Z",
"updated_at": "2023-01-17T08:24:42Z",
"updated_at": "2023-01-19T07:46:35Z",
"pushed_at": "2022-10-13T15:25:00Z",
"stargazers_count": 300,
"watchers_count": 300,
"stargazers_count": 301,
"watchers_count": 301,
"has_discussions": false,
"forks_count": 89,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 89,
"watchers": 300,
"watchers": 301,
"score": 0
},
{

31
2022/CVE-2022-45934.json Normal file
View file

@ -0,0 +1,31 @@
[
{
"id": 590866603,
"name": "linux-4.19.72_CVE-2022-45934",
"full_name": "Trinadh465\/linux-4.19.72_CVE-2022-45934",
"owner": {
"login": "Trinadh465",
"id": 102574296,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4",
"html_url": "https:\/\/github.com\/Trinadh465"
},
"html_url": "https:\/\/github.com\/Trinadh465\/linux-4.19.72_CVE-2022-45934",
"description": null,
"fork": false,
"created_at": "2023-01-19T11:58:08Z",
"updated_at": "2023-01-19T12:12:29Z",
"pushed_at": "2023-01-19T12:09:58Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

33
2022/CVE-2022-46463.json
View file

@ -47,43 +47,14 @@
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"forks": 1,
"watchers": 3,
"score": 0
},
{
"id": 590343306,
"name": "CVE-2022-46463",
"full_name": "lanqingaa\/CVE-2022-46463",
"owner": {
"login": "lanqingaa",
"id": 94030940,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94030940?v=4",
"html_url": "https:\/\/github.com\/lanqingaa"
},
"html_url": "https:\/\/github.com\/lanqingaa\/CVE-2022-46463",
"description": null,
"fork": false,
"created_at": "2023-01-18T07:34:58Z",
"updated_at": "2023-01-18T07:34:58Z",
"pushed_at": "2023-01-18T07:35:29Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

30
2022/CVE-2022-46689.json
View file

@ -71,19 +71,19 @@
"description": "Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.",
"fork": false,
"created_at": "2022-12-26T06:56:35Z",
"updated_at": "2023-01-18T17:45:52Z",
"updated_at": "2023-01-19T09:08:07Z",
"pushed_at": "2023-01-06T06:31:57Z",
"stargazers_count": 621,
"watchers_count": 621,
"stargazers_count": 622,
"watchers_count": 622,
"has_discussions": false,
"forks_count": 42,
"forks_count": 43,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 42,
"watchers": 621,
"forks": 43,
"watchers": 622,
"score": 0
},
{
@ -129,8 +129,8 @@
"description": "CVE-2022-46689",
"fork": false,
"created_at": "2023-01-03T21:46:37Z",
"updated_at": "2023-01-18T20:40:23Z",
"pushed_at": "2023-01-18T20:22:31Z",
"updated_at": "2023-01-19T08:03:41Z",
"pushed_at": "2023-01-19T08:04:02Z",
"stargazers_count": 50,
"watchers_count": 50,
"has_discussions": false,
@ -158,8 +158,8 @@
"description": "CVE-2022-46689",
"fork": false,
"created_at": "2023-01-04T05:08:20Z",
"updated_at": "2023-01-17T15:56:19Z",
"pushed_at": "2023-01-18T20:18:14Z",
"updated_at": "2023-01-19T08:12:23Z",
"pushed_at": "2023-01-19T08:12:40Z",
"stargazers_count": 28,
"watchers_count": 28,
"has_discussions": false,
@ -221,10 +221,10 @@
"description": "CVE-2022-46689",
"fork": false,
"created_at": "2023-01-05T21:50:25Z",
"updated_at": "2023-01-19T03:29:17Z",
"pushed_at": "2023-01-18T20:12:54Z",
"stargazers_count": 97,
"watchers_count": 97,
"updated_at": "2023-01-19T07:25:20Z",
"pushed_at": "2023-01-19T10:24:20Z",
"stargazers_count": 98,
"watchers_count": 98,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
@ -235,7 +235,7 @@
],
"visibility": "public",
"forks": 4,
"watchers": 97,
"watchers": 98,
"score": 0
},
{

60
2022/CVE-2022-47966.json Normal file
View file

@ -0,0 +1,60 @@
[
{
"id": 590840796,
"name": "CVE-2022-47966-RCE-PoC",
"full_name": "ralph-morrinson\/CVE-2022-47966-RCE-PoC",
"owner": {
"login": "ralph-morrinson",
"id": 123068091,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123068091?v=4",
"html_url": "https:\/\/github.com\/ralph-morrinson"
},
"html_url": "https:\/\/github.com\/ralph-morrinson\/CVE-2022-47966-RCE-PoC",
"description": "CVE-2022-47966 ManageEngine unauthenticated RCE exploit via the SAML request,",
"fork": false,
"created_at": "2023-01-19T10:41:26Z",
"updated_at": "2023-01-19T10:41:26Z",
"pushed_at": "2023-01-19T10:49:16Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 590861031,
"name": "PoC-for-ME-SAML-Vulnerability",
"full_name": "shameem-testing\/PoC-for-ME-SAML-Vulnerability",
"owner": {
"login": "shameem-testing",
"id": 83210904,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83210904?v=4",
"html_url": "https:\/\/github.com\/shameem-testing"
},
"html_url": "https:\/\/github.com\/shameem-testing\/PoC-for-ME-SAML-Vulnerability",
"description": "PoC for cve-2022-47966",
"fork": false,
"created_at": "2023-01-19T11:41:05Z",
"updated_at": "2023-01-19T11:41:05Z",
"pushed_at": "2023-01-19T12:29:33Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

8
2023/CVE-2023-21752.json
View file

@ -13,10 +13,10 @@
"description": null,
"fork": false,
"created_at": "2023-01-10T15:59:26Z",
"updated_at": "2023-01-19T04:51:48Z",
"updated_at": "2023-01-19T11:50:54Z",
"pushed_at": "2023-01-13T09:01:20Z",
"stargazers_count": 209,
"watchers_count": 209,
"stargazers_count": 211,
"watchers_count": 211,
"has_discussions": false,
"forks_count": 44,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 44,
"watchers": 209,
"watchers": 211,
"score": 0
}
]

21
README.md
View file

@ -1755,7 +1755,7 @@ A Cross-Site Scripting (XSS) vulnerability exists within the 3.2.2 version of Ta
Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined by adding a `.gitattributes` file to the repository, which contains a set of file patterns and the attributes that should be set for paths matching this pattern. When parsing gitattributes, multiple integer overflows can occur when there is a huge number of path patterns, a huge number of attributes for a single pattern, or when the declared attribute names are huge. These overflows can be triggered via a crafted `.gitattributes` file that may be part of the commit history. Git silently splits lines longer than 2KB when parsing gitattributes from a file, but not when parsing them from the index. Consequentially, the failure mode depends on whether the file exists in the working tree, the index or both. This integer overflow can result in arbitrary heap reads and writes, which may result in remote code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. There are no known workarounds for this issue.
</code>
- [jfrog/git-crasher-poc-cve-2022-23521](https://github.com/jfrog/git-crasher-poc-cve-2022-23521)
- [0xDSousa/CVE-2022-23521](https://github.com/0xDSousa/CVE-2022-23521)
### CVE-2022-23529 (2022-12-21)
@ -5125,6 +5125,14 @@ An issue in the /api/audits component of Pwndoc v0.5.3 allows attackers to escal
- [p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE](https://github.com/p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE)
### CVE-2022-45934 (2022-11-26)
<code>
An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets.
</code>
- [Trinadh465/linux-4.19.72_CVE-2022-45934](https://github.com/Trinadh465/linux-4.19.72_CVE-2022-45934)
### CVE-2022-46104
- [NurSec747/CVE-2022-46104---POC](https://github.com/NurSec747/CVE-2022-46104---POC)
@ -5182,7 +5190,6 @@ Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type param
- [wh-gov/CVE-2022-46463](https://github.com/wh-gov/CVE-2022-46463)
- [nu0l/CVE-2022-46463](https://github.com/nu0l/CVE-2022-46463)
- [lanqingaa/CVE-2022-46463](https://github.com/lanqingaa/CVE-2022-46463)
### CVE-2022-46484
- [WodenSec/CVE-2022-46484](https://github.com/WodenSec/CVE-2022-46484)
@ -5246,6 +5253,15 @@ lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local
- [MaherAzzouzi/CVE-2022-47952](https://github.com/MaherAzzouzi/CVE-2022-47952)
### CVE-2022-47966 (2023-01-18)
<code>
Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsible for certain security protections, and the ManageEngine applications did not provide those protections.
</code>
- [ralph-morrinson/CVE-2022-47966-RCE-PoC](https://github.com/ralph-morrinson/CVE-2022-47966-RCE-PoC)
- [shameem-testing/PoC-for-ME-SAML-Vulnerability](https://github.com/shameem-testing/PoC-for-ME-SAML-Vulnerability)
### CVE-2022-48194 (2022-12-30)
<code>
@ -8485,6 +8501,7 @@ Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privil
Multiple path traversal vulnerabilities exist in smbserver.py in Impacket through 0.9.22. An attacker that connects to a running smbserver instance can list and write to arbitrary files via ../ directory traversal. This could potentially be abused to achieve arbitrary code execution by replacing /etc/shadow or an SSH authorized key.
</code>
- [p0dalirius/CVE-2021-31800-Impacket-SMB-Server-Arbitrary-file-read-write](https://github.com/p0dalirius/CVE-2021-31800-Impacket-SMB-Server-Arbitrary-file-read-write)
- [Louzogh/CVE-2021-31800](https://github.com/Louzogh/CVE-2021-31800)
### CVE-2021-31805 (2022-04-12)