mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-16 04:42:22 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2022/08/03 00:17:11

Browse source
This commit is contained in:
motikan2010-bot 2022-08-03 09:17:11 +09:00
parent e5374f5950
commit 2a3b8a1141
11 changed files with 170 additions and 60 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
2017/CVE-2017-10271.json
View file

@ -97,10 +97,10 @@
"description": "WebLogic Exploit",
"fork": false,
"created_at": "2017-12-28T01:30:50Z",
"updated_at": "2022-06-23T11:59:39Z",
"updated_at": "2022-08-02T20:03:40Z",
"pushed_at": "2018-07-13T18:56:53Z",
"stargazers_count": 137,
"watchers_count": 137,
"stargazers_count": 136,
"watchers_count": 136,
"forks_count": 51,
"allow_forking": true,
"is_template": false,
@ -108,7 +108,7 @@
"topics": [],
"visibility": "public",
"forks": 51,
"watchers": 137,
"watchers": 136,
"score": 0
},
{

4
2018/CVE-2018-4407.json
View file

@ -101,7 +101,7 @@
"pushed_at": "2018-12-04T08:21:43Z",
"stargazers_count": 25,
"watchers_count": 25,
"forks_count": 5,
"forks_count": 6,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -111,7 +111,7 @@
"exploit"
],
"visibility": "public",
"forks": 5,
"forks": 6,
"watchers": 25,
"score": 0
},

8
2020/CVE-2020-0796.json
View file

@ -1783,10 +1783,10 @@
"description": null,
"fork": false,
"created_at": "2020-09-17T01:48:37Z",
"updated_at": "2022-07-20T21:30:47Z",
"updated_at": "2022-08-02T23:44:07Z",
"pushed_at": "2020-09-17T01:55:48Z",
"stargazers_count": 64,
"watchers_count": 64,
"stargazers_count": 65,
"watchers_count": 65,
"forks_count": 19,
"allow_forking": true,
"is_template": false,
@ -1794,7 +1794,7 @@
"topics": [],
"visibility": "public",
"forks": 19,
"watchers": 64,
"watchers": 65,
"score": 0
},
{

8
2021/CVE-2021-22204.json
View file

@ -72,10 +72,10 @@
"description": "POC for exiftool vuln (CVE-2021-22204).",
"fork": false,
"created_at": "2021-05-21T00:14:52Z",
"updated_at": "2022-07-03T10:32:47Z",
"updated_at": "2022-08-02T23:18:41Z",
"pushed_at": "2021-05-21T00:17:10Z",
"stargazers_count": 5,
"watchers_count": 5,
"stargazers_count": 6,
"watchers_count": 6,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
@ -83,7 +83,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 5,
"watchers": 6,
"score": 0
},
{

8
2021/CVE-2021-23017.json
View file

@ -41,10 +41,10 @@
"description": "PoC for Nginx 0.6.18 - 1.20.0 Memory Overwrite Vulnerability CVE-2021-23017",
"fork": false,
"created_at": "2022-06-30T04:39:58Z",
"updated_at": "2022-07-31T04:24:20Z",
"updated_at": "2022-08-02T23:37:29Z",
"pushed_at": "2022-07-01T00:33:57Z",
"stargazers_count": 16,
"watchers_count": 16,
"stargazers_count": 17,
"watchers_count": 17,
"forks_count": 4,
"allow_forking": true,
"is_template": false,
@ -55,7 +55,7 @@
],
"visibility": "public",
"forks": 4,
"watchers": 16,
"watchers": 17,
"score": 0
}
]

8
2021/CVE-2021-42278.json
View file

@ -46,10 +46,10 @@
"description": "Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user ",
"fork": false,
"created_at": "2021-12-13T10:28:12Z",
"updated_at": "2022-08-01T09:09:05Z",
"updated_at": "2022-08-02T21:54:03Z",
"pushed_at": "2022-04-25T07:53:41Z",
"stargazers_count": 372,
"watchers_count": 372,
"stargazers_count": 373,
"watchers_count": 373,
"forks_count": 75,
"allow_forking": true,
"is_template": false,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 75,
"watchers": 372,
"watchers": 373,
"score": 0
},
{

12
2022/CVE-2022-0847.json
View file

@ -1135,18 +1135,18 @@
"description": "A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability.",
"fork": false,
"created_at": "2022-03-12T20:57:24Z",
"updated_at": "2022-07-30T22:35:12Z",
"updated_at": "2022-08-02T23:21:13Z",
"pushed_at": "2022-06-13T19:33:08Z",
"stargazers_count": 297,
"watchers_count": 297,
"forks_count": 82,
"stargazers_count": 298,
"watchers_count": 298,
"forks_count": 83,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 82,
"watchers": 297,
"forks": 83,
"watchers": 298,
"score": 0
},
{

4
2022/CVE-2022-2022.json
View file

@ -17,13 +17,13 @@
"pushed_at": "2022-07-27T07:01:33Z",
"stargazers_count": 225,
"watchers_count": 225,
"forks_count": 94,
"forks_count": 95,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 94,
"forks": 95,
"watchers": 225,
"score": 0
}

8
2022/CVE-2022-22965.json
View file

@ -1875,10 +1875,10 @@
"description": "Exploit for SpringShell.",
"fork": false,
"created_at": "2022-07-31T08:21:59Z",
"updated_at": "2022-08-02T10:45:35Z",
"updated_at": "2022-08-02T22:57:50Z",
"pushed_at": "2022-07-31T08:26:01Z",
"stargazers_count": 5,
"watchers_count": 5,
"stargazers_count": 6,
"watchers_count": 6,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
@ -1886,7 +1886,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 5,
"watchers": 6,
"score": 0
}
]

8
2022/CVE-2022-34918.json
View file

@ -153,10 +153,10 @@
"description": null,
"fork": false,
"created_at": "2022-08-02T09:52:02Z",
"updated_at": "2022-08-02T17:10:02Z",
"updated_at": "2022-08-03T00:04:51Z",
"pushed_at": "2022-08-02T11:04:56Z",
"stargazers_count": 8,
"watchers_count": 8,
"stargazers_count": 12,
"watchers_count": 12,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
@ -164,7 +164,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 8,
"watchers": 12,
"score": 0
}
]

154
README.md
View file

@ -26565,41 +26565,96 @@ The Data Security component in Apple iOS before 4.2.10 and 4.3.x before 4.3.5 do
- [jan0/isslfix](https://github.com/jan0/isslfix)
### CVE-2011-1237
### CVE-2011-1237 (2011-04-13)
<code>
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other &quot;Vulnerability Type 1&quot; CVEs listed in MS11-034, aka &quot;Win32k Use After Free Vulnerability.&quot;
</code>
- [BrunoPujos/CVE-2011-1237](https://github.com/BrunoPujos/CVE-2011-1237)
### CVE-2011-1249
### CVE-2011-1249 (2011-06-16)
<code>
The Ancillary Function Driver (AFD) in afd.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka &quot;Ancillary Function Driver Elevation of Privilege Vulnerability.&quot;
</code>
- [Madusanka99/OHTS](https://github.com/Madusanka99/OHTS)
- [k4u5h41/CVE-2011-1249](https://github.com/k4u5h41/CVE-2011-1249)
### CVE-2011-1473
### CVE-2011-1473 (2012-06-16)
<code>
** DISPUTED ** OpenSSL before 0.9.8l, and 0.9.8m through 1.x, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection, a different vulnerability than CVE-2011-5094. NOTE: it can also be argued that it is the responsibility of server deployments, not a security library, to prevent or limit renegotiation when it is inappropriate within a specific environment.
</code>
- [zjt674449039/cve-2011-1473](https://github.com/zjt674449039/cve-2011-1473)
- [XDLDCG/bash-tls-reneg-attack](https://github.com/XDLDCG/bash-tls-reneg-attack)
### CVE-2011-1475
### CVE-2011-1475 (2011-04-08)
<code>
The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to &quot;a mix-up of responses for requests from different users.&quot;
</code>
- [samaujs/CVE-2011-1475](https://github.com/samaujs/CVE-2011-1475)
### CVE-2011-1485
### CVE-2011-1485 (2011-05-31)
<code>
Race condition in the pkexec utility and polkitd daemon in PolicyKit (aka polkit) 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID.
</code>
- [Pashkela/CVE-2011-1485](https://github.com/Pashkela/CVE-2011-1485)
### CVE-2011-1571
### CVE-2011-1571 (2011-05-07)
<code>
Unspecified vulnerability in the XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote attackers to execute arbitrary commands via unknown vectors.
</code>
- [noobpk/CVE-2011-1571](https://github.com/noobpk/CVE-2011-1571)
### CVE-2011-1575
### CVE-2011-1575 (2011-05-23)
<code>
The STARTTLS implementation in ftp_parser.c in Pure-FTPd before 1.0.30 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted FTP sessions by sending a cleartext command that is processed after TLS is in place, related to a &quot;plaintext command injection&quot; attack, a similar issue to CVE-2011-0411.
</code>
- [masamoon/cve-2011-1575-poc](https://github.com/masamoon/cve-2011-1575-poc)
### CVE-2011-1720
### CVE-2011-1720 (2011-05-13)
<code>
The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service (heap memory corruption and daemon crash) or possibly execute arbitrary code via an invalid AUTH command with one method followed by an AUTH command with a different method.
</code>
- [nbeguier/postfix_exploit](https://github.com/nbeguier/postfix_exploit)
### CVE-2011-1974
### CVE-2011-1974 (2011-08-10)
<code>
NDISTAPI.sys in the NDISTAPI driver in Remote Access Service (RAS) in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka &quot;NDISTAPI Elevation of Privilege Vulnerability.&quot;
</code>
- [hittlle/CVE-2011-1974-PoC](https://github.com/hittlle/CVE-2011-1974-PoC)
### CVE-2011-2461
### CVE-2011-2461 (2011-12-01)
<code>
Cross-site scripting (XSS) vulnerability in the Adobe Flex SDK 3.x and 4.x before 4.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to the loading of modules from different domains.
</code>
- [ikkisoft/ParrotNG](https://github.com/ikkisoft/ParrotNG)
- [u-maxx/magento-swf-patched-CVE-2011-2461](https://github.com/u-maxx/magento-swf-patched-CVE-2011-2461)
- [edmondscommerce/CVE-2011-2461_Magento_Patch](https://github.com/edmondscommerce/CVE-2011-2461_Magento_Patch)
### CVE-2011-2523
### CVE-2011-2523 (2019-11-27)
<code>
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
</code>
- [HerculesRD/vsftpd2.3.4PyExploit](https://github.com/HerculesRD/vsftpd2.3.4PyExploit)
- [nobodyatall648/CVE-2011-2523](https://github.com/nobodyatall648/CVE-2011-2523)
- [Gr4ykt/CVE-2011-2523](https://github.com/Gr4ykt/CVE-2011-2523)
@ -26609,42 +26664,97 @@ The Data Security component in Apple iOS before 4.2.10 and 4.3.x before 4.3.5 do
- [NullBrunk/CVE-2011-2523](https://github.com/NullBrunk/CVE-2011-2523)
- [0xSojalSec/-CVE-2011-2523](https://github.com/0xSojalSec/-CVE-2011-2523)
### CVE-2011-2894
### CVE-2011-2894 (2011-10-04)
<code>
Spring Framework 3.0.0 through 3.0.5, Spring Security 3.0.0 through 3.0.5 and 2.0.0 through 2.0.6, and possibly other versions deserialize objects from untrusted sources, which allows remote attackers to bypass intended security restrictions and execute untrusted code by (1) serializing a java.lang.Proxy instance and using InvocationHandler, or (2) accessing internal AOP interfaces, as demonstrated using deserialization of a DefaultListableBeanFactory instance to execute arbitrary commands via the java.lang.Runtime class.
</code>
- [pwntester/SpringBreaker](https://github.com/pwntester/SpringBreaker)
### CVE-2011-3026
### CVE-2011-3026 (2012-02-16)
<code>
Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.
</code>
- [argp/cve-2011-3026-firefox](https://github.com/argp/cve-2011-3026-firefox)
### CVE-2011-3192
### CVE-2011-3192 (2011-08-29)
<code>
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
</code>
- [tkisason/KillApachePy](https://github.com/tkisason/KillApachePy)
- [limkokholefork/CVE-2011-3192](https://github.com/limkokholefork/CVE-2011-3192)
- [stcmjp/cve-2011-3192](https://github.com/stcmjp/cve-2011-3192)
### CVE-2011-3368
### CVE-2011-3368 (2011-10-05)
<code>
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.
</code>
- [SECFORCE/CVE-2011-3368](https://github.com/SECFORCE/CVE-2011-3368)
- [colorblindpentester/CVE-2011-3368](https://github.com/colorblindpentester/CVE-2011-3368)
### CVE-2011-3389
### CVE-2011-3389 (2011-09-06)
<code>
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a &quot;BEAST&quot; attack.
</code>
- [mpgn/BEAST-PoC](https://github.com/mpgn/BEAST-PoC)
### CVE-2011-3556
### CVE-2011-3556 (2011-10-19)
<code>
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI, a different vulnerability than CVE-2011-3557.
</code>
- [sk4la/cve_2011_3556](https://github.com/sk4la/cve_2011_3556)
### CVE-2011-3872
### CVE-2011-3872 (2011-10-27)
<code>
Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof a Puppet master via a man-in-the-middle (MITM) attack against an agent that uses an alternate DNS name for the master, aka &quot;AltNames Vulnerability.&quot;
</code>
- [puppetlabs-toy-chest/puppetlabs-cve20113872](https://github.com/puppetlabs-toy-chest/puppetlabs-cve20113872)
### CVE-2011-4107
### CVE-2011-4107 (2011-11-17)
<code>
The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack.
</code>
- [SECFORCE/CVE-2011-4107](https://github.com/SECFORCE/CVE-2011-4107)
### CVE-2011-4862
### CVE-2011-4862 (2011-12-24)
<code>
Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.
</code>
- [hdbreaker/GO-CVE-2011-4862](https://github.com/hdbreaker/GO-CVE-2011-4862)
- [lol-fi/cve-2011-4862](https://github.com/lol-fi/cve-2011-4862)
- [kpawar2410/CVE-2011-4862](https://github.com/kpawar2410/CVE-2011-4862)
### CVE-2011-4919
### CVE-2011-4919 (2019-11-19)
<code>
mpack 1.6 has information disclosure via eavesdropping on mails sent by other users
</code>
- [hartwork/mpacktrafficripper](https://github.com/hartwork/mpacktrafficripper)
### CVE-2011-5331
### CVE-2011-5331 (2019-11-18)
<code>
Distributed Ruby (aka DRuby) 1.8 mishandles instance_eval.
</code>
- [tomquinn8/CVE-2011-5331](https://github.com/tomquinn8/CVE-2011-5331)