From 2b7993068694b2848e0fdf75b85276f456c15468 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Fri, 29 Nov 2024 15:32:01 +0900 Subject: [PATCH] Auto Update 2024/11/29 06:32:01 --- 2017/CVE-2017-12615.json | 8 ++++---- 2017/CVE-2017-17736.json | 8 ++++---- 2018/CVE-2018-0886.json | 31 +++++++++++++++++++++++++++++++ 2018/CVE-2018-13379.json | 4 ++-- 2018/CVE-2018-15473.json | 16 ++++++++-------- 2018/CVE-2018-15832.json | 10 +++++----- 2018/CVE-2018-5955.json | 2 +- 2020/CVE-2020-0423.json | 8 ++++---- 2020/CVE-2020-0796.json | 4 ++-- 2020/CVE-2020-1938.json | 8 ++++---- 2021/CVE-2021-1965.json | 8 ++++---- 2021/CVE-2021-21972.json | 8 ++++---- 2021/CVE-2021-44228.json | 8 ++++---- 2022/CVE-2022-1471.json | 4 ++-- 2022/CVE-2022-22947.json | 8 ++++---- 2022/CVE-2022-22954.json | 8 ++++---- 2022/CVE-2022-41678.json | 2 +- 2023/CVE-2023-20198.json | 2 +- 2023/CVE-2023-22515.json | 16 ++++++++-------- 2023/CVE-2023-32428.json | 2 +- 2023/CVE-2023-36844.json | 8 ++++---- 2023/CVE-2023-36845.json | 8 ++++---- 2023/CVE-2023-42326.json | 4 ++-- 2023/CVE-2023-43208.json | 2 +- 2023/CVE-2023-48123.json | 4 ++-- 2023/CVE-2023-50164.json | 8 ++++---- 2023/CVE-2023-7261.json | 2 +- 2024/CVE-2024-0012.json | 8 ++++---- 2024/CVE-2024-0044.json | 8 ++++---- 2024/CVE-2024-11477.json | 33 +++++++++++++++++++++++++++++++++ 2024/CVE-2024-20696.json | 8 ++++---- 2024/CVE-2024-21534.json | 4 ++-- 2024/CVE-2024-32258.json | 8 ++++---- 2024/CVE-2024-35250.json | 8 ++++---- 2024/CVE-2024-39090.json | 4 ++-- 2024/CVE-2024-47575.json | 8 ++++---- 2024/CVE-2024-48990.json | 8 ++++---- 2024/CVE-2024-8069.json | 4 ++-- README.md | 10 +++++++++- 39 files changed, 192 insertions(+), 120 deletions(-) create mode 100644 2024/CVE-2024-11477.json diff --git a/2017/CVE-2017-12615.json b/2017/CVE-2017-12615.json index 75d5604ed3..72018663e5 100644 --- a/2017/CVE-2017-12615.json +++ b/2017/CVE-2017-12615.json @@ -417,10 +417,10 @@ "description": "tomcat自动化漏洞扫描利用工具,支持批量弱口令检测、后台部署war包getshell、CVE-2017-12615 文件上传、CVE-2020-1938\/CNVD-2020-10487 文件包含", "fork": false, "created_at": "2024-08-29T06:38:16Z", - "updated_at": "2024-11-28T12:25:23Z", + "updated_at": "2024-11-29T01:56:26Z", "pushed_at": "2024-11-13T03:12:58Z", - "stargazers_count": 151, - "watchers_count": 151, + "stargazers_count": 152, + "watchers_count": 152, "has_discussions": false, "forks_count": 14, "allow_forking": true, @@ -437,7 +437,7 @@ ], "visibility": "public", "forks": 14, - "watchers": 151, + "watchers": 152, "score": 0, "subscribers_count": 2 }, diff --git a/2017/CVE-2017-17736.json b/2017/CVE-2017-17736.json index 6769afd620..9dc843faf3 100644 --- a/2017/CVE-2017-17736.json +++ b/2017/CVE-2017-17736.json @@ -14,10 +14,10 @@ "description": null, "fork": false, "created_at": "2022-07-12T17:04:51Z", - "updated_at": "2024-08-12T20:25:01Z", + "updated_at": "2024-11-29T03:43:13Z", "pushed_at": "2022-07-12T17:05:56Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 1 } diff --git a/2018/CVE-2018-0886.json b/2018/CVE-2018-0886.json index 1bd2b89007..bc83d1abe5 100644 --- a/2018/CVE-2018-0886.json +++ b/2018/CVE-2018-0886.json @@ -29,5 +29,36 @@ "watchers": 262, "score": 0, "subscribers_count": 18 + }, + { + "id": 895828584, + "name": "Remote_code_execution_vulnerability_CVE-2018-0886_vulnerability_fixing_resources_download", + "full_name": "andychao\/Remote_code_execution_vulnerability_CVE-2018-0886_vulnerability_fixing_resources_download", + "owner": { + "login": "andychao", + "id": 3231537, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3231537?v=4", + "html_url": "https:\/\/github.com\/andychao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andychao\/Remote_code_execution_vulnerability_CVE-2018-0886_vulnerability_fixing_resources_download", + "description": "远程执行代码漏洞CVE-2018-0886漏洞修复资源下载 免费下载", + "fork": false, + "created_at": "2024-11-29T01:57:06Z", + "updated_at": "2024-11-29T01:57:12Z", + "pushed_at": "2024-11-29T01:57:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2018/CVE-2018-13379.json b/2018/CVE-2018-13379.json index 961079a523..a2b26727dd 100644 --- a/2018/CVE-2018-13379.json +++ b/2018/CVE-2018-13379.json @@ -331,8 +331,8 @@ "description": "An exploit for Fortinet CVE-2018-13379", "fork": false, "created_at": "2024-11-28T12:03:36Z", - "updated_at": "2024-11-28T12:45:56Z", - "pushed_at": "2024-11-28T12:45:53Z", + "updated_at": "2024-11-29T05:37:05Z", + "pushed_at": "2024-11-29T05:37:02Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, diff --git a/2018/CVE-2018-15473.json b/2018/CVE-2018-15473.json index c0814f0cb4..4ea3165f3a 100644 --- a/2018/CVE-2018-15473.json +++ b/2018/CVE-2018-15473.json @@ -596,10 +596,10 @@ "description": "OpenSSH 2.3 < 7.7 - Username Enumeration", "fork": false, "created_at": "2020-11-29T17:36:11Z", - "updated_at": "2024-11-25T22:20:11Z", + "updated_at": "2024-11-29T03:21:01Z", "pushed_at": "2023-09-04T20:57:42Z", - "stargazers_count": 39, - "watchers_count": 39, + "stargazers_count": 40, + "watchers_count": 40, "has_discussions": false, "forks_count": 12, "allow_forking": true, @@ -608,7 +608,7 @@ "topics": [], "visibility": "public", "forks": 12, - "watchers": 39, + "watchers": 40, "score": 0, "subscribers_count": 3 }, @@ -782,10 +782,10 @@ "description": "SSH User Enumerator in Python3, CVE-2018-15473, I updated the code of this exploit (https:\/\/www.exploit-db.com\/exploits\/45939) to work with python3 instead of python2.", "fork": false, "created_at": "2023-03-09T15:23:53Z", - "updated_at": "2024-11-27T16:07:59Z", + "updated_at": "2024-11-29T02:19:39Z", "pushed_at": "2023-03-12T20:38:31Z", - "stargazers_count": 2, - "watchers_count": 2, + "stargazers_count": 3, + "watchers_count": 3, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -807,7 +807,7 @@ ], "visibility": "public", "forks": 0, - "watchers": 2, + "watchers": 3, "score": 0, "subscribers_count": 1 }, diff --git a/2018/CVE-2018-15832.json b/2018/CVE-2018-15832.json index 0eec672c18..9d2a66b24d 100644 --- a/2018/CVE-2018-15832.json +++ b/2018/CVE-2018-15832.json @@ -1,8 +1,8 @@ [ { "id": 148423840, - "name": "Ubisoft-Uplay-Desktop-Client-63.0.5699.0", - "full_name": "JacksonKuo\/Ubisoft-Uplay-Desktop-Client-63.0.5699.0", + "name": "ubisoft-uplay-desktop-client-63.0.5699.0", + "full_name": "JacksonKuo\/ubisoft-uplay-desktop-client-63.0.5699.0", "owner": { "login": "JacksonKuo", "id": 5520730, @@ -10,12 +10,12 @@ "html_url": "https:\/\/github.com\/JacksonKuo", "user_view_type": "public" }, - "html_url": "https:\/\/github.com\/JacksonKuo\/Ubisoft-Uplay-Desktop-Client-63.0.5699.0", + "html_url": "https:\/\/github.com\/JacksonKuo\/ubisoft-uplay-desktop-client-63.0.5699.0", "description": "CVE-2018-15832", "fork": false, "created_at": "2018-09-12T04:59:11Z", - "updated_at": "2018-09-12T05:05:37Z", - "pushed_at": "2018-09-12T05:00:01Z", + "updated_at": "2024-11-29T04:16:35Z", + "pushed_at": "2024-11-29T04:16:25Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, diff --git a/2018/CVE-2018-5955.json b/2018/CVE-2018-5955.json index 4dc45144ae..1c09a2a661 100644 --- a/2018/CVE-2018-5955.json +++ b/2018/CVE-2018-5955.json @@ -45,7 +45,7 @@ "description": "一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能", "fork": false, "created_at": "2019-12-21T22:45:55Z", - "updated_at": "2024-11-14T04:30:04Z", + "updated_at": "2024-11-29T03:20:33Z", "pushed_at": "2020-01-05T21:46:25Z", "stargazers_count": 649, "watchers_count": 649, diff --git a/2020/CVE-2020-0423.json b/2020/CVE-2020-0423.json index a0b859c0e2..59804e467a 100644 --- a/2020/CVE-2020-0423.json +++ b/2020/CVE-2020-0423.json @@ -14,10 +14,10 @@ "description": "Researching CVE published originally by longterm.io", "fork": false, "created_at": "2024-03-19T01:47:28Z", - "updated_at": "2024-11-27T03:36:00Z", + "updated_at": "2024-11-29T04:33:09Z", "pushed_at": "2024-04-11T15:04:05Z", - "stargazers_count": 2, - "watchers_count": 2, + "stargazers_count": 3, + "watchers_count": 3, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 2, + "watchers": 3, "score": 0, "subscribers_count": 1 } diff --git a/2020/CVE-2020-0796.json b/2020/CVE-2020-0796.json index 7430e77429..39fe3c30ac 100644 --- a/2020/CVE-2020-0796.json +++ b/2020/CVE-2020-0796.json @@ -1403,7 +1403,7 @@ "stargazers_count": 539, "watchers_count": 539, "has_discussions": false, - "forks_count": 169, + "forks_count": 170, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -1415,7 +1415,7 @@ "smbghost" ], "visibility": "public", - "forks": 169, + "forks": 170, "watchers": 539, "score": 0, "subscribers_count": 26 diff --git a/2020/CVE-2020-1938.json b/2020/CVE-2020-1938.json index 8d896da43b..8f2d12f059 100644 --- a/2020/CVE-2020-1938.json +++ b/2020/CVE-2020-1938.json @@ -981,10 +981,10 @@ "description": "tomcat自动化漏洞扫描利用工具,支持批量弱口令检测、后台部署war包getshell、CVE-2017-12615 文件上传、CVE-2020-1938\/CNVD-2020-10487 文件包含", "fork": false, "created_at": "2024-08-29T06:38:16Z", - "updated_at": "2024-11-28T12:25:23Z", + "updated_at": "2024-11-29T01:56:26Z", "pushed_at": "2024-11-13T03:12:58Z", - "stargazers_count": 151, - "watchers_count": 151, + "stargazers_count": 152, + "watchers_count": 152, "has_discussions": false, "forks_count": 14, "allow_forking": true, @@ -1001,7 +1001,7 @@ ], "visibility": "public", "forks": 14, - "watchers": 151, + "watchers": 152, "score": 0, "subscribers_count": 2 }, diff --git a/2021/CVE-2021-1965.json b/2021/CVE-2021-1965.json index 553f67c051..3bb7041263 100644 --- a/2021/CVE-2021-1965.json +++ b/2021/CVE-2021-1965.json @@ -14,10 +14,10 @@ "description": "CVE-2021-1965 WiFi Zero Click RCE Trigger PoC", "fork": false, "created_at": "2022-02-18T14:19:58Z", - "updated_at": "2024-11-15T16:46:27Z", + "updated_at": "2024-11-29T00:42:42Z", "pushed_at": "2022-02-19T13:52:32Z", - "stargazers_count": 167, - "watchers_count": 167, + "stargazers_count": 168, + "watchers_count": 168, "has_discussions": false, "forks_count": 29, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 29, - "watchers": 167, + "watchers": 168, "score": 0, "subscribers_count": 5 }, diff --git a/2021/CVE-2021-21972.json b/2021/CVE-2021-21972.json index 884fe7346a..ea68670a17 100644 --- a/2021/CVE-2021-21972.json +++ b/2021/CVE-2021-21972.json @@ -848,10 +848,10 @@ "description": "一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972\/31656以及log4j,提供一键上传webshell,命令执行或者上传公钥使用SSH免密连接", "fork": false, "created_at": "2022-10-04T03:39:27Z", - "updated_at": "2024-11-28T16:39:31Z", + "updated_at": "2024-11-29T03:29:06Z", "pushed_at": "2024-04-25T06:09:38Z", - "stargazers_count": 1335, - "watchers_count": 1335, + "stargazers_count": 1336, + "watchers_count": 1336, "has_discussions": false, "forks_count": 165, "allow_forking": true, @@ -867,7 +867,7 @@ ], "visibility": "public", "forks": 165, - "watchers": 1335, + "watchers": 1336, "score": 0, "subscribers_count": 15 } diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json index d82201b898..8c368c1c8f 100644 --- a/2021/CVE-2021-44228.json +++ b/2021/CVE-2021-44228.json @@ -9266,10 +9266,10 @@ "description": "log4j2 RCE漏洞(CVE-2021-44228)内网扫描器,可用于在不出网的条件下进行漏洞扫描,帮助企业内部快速发现Log4jShell漏洞。", "fork": false, "created_at": "2021-12-20T13:41:35Z", - "updated_at": "2023-12-06T02:42:38Z", + "updated_at": "2024-11-29T01:08:17Z", "pushed_at": "2021-12-21T06:11:58Z", - "stargazers_count": 36, - "watchers_count": 36, + "stargazers_count": 37, + "watchers_count": 37, "has_discussions": false, "forks_count": 6, "allow_forking": true, @@ -9278,7 +9278,7 @@ "topics": [], "visibility": "public", "forks": 6, - "watchers": 36, + "watchers": 37, "score": 0, "subscribers_count": 2 }, diff --git a/2022/CVE-2022-1471.json b/2022/CVE-2022-1471.json index f17f702ed1..dc18fb89e8 100644 --- a/2022/CVE-2022-1471.json +++ b/2022/CVE-2022-1471.json @@ -19,13 +19,13 @@ "stargazers_count": 8, "watchers_count": 8, "has_discussions": false, - "forks_count": 3, + "forks_count": 4, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 3, + "forks": 4, "watchers": 8, "score": 0, "subscribers_count": 1 diff --git a/2022/CVE-2022-22947.json b/2022/CVE-2022-22947.json index f1b82cb2e5..8de29f7862 100644 --- a/2022/CVE-2022-22947.json +++ b/2022/CVE-2022-22947.json @@ -1327,10 +1327,10 @@ "description": "CVE-2022-22947 注入Godzilla内存马", "fork": false, "created_at": "2022-04-26T05:48:27Z", - "updated_at": "2024-11-07T04:36:33Z", + "updated_at": "2024-11-29T04:13:35Z", "pushed_at": "2022-04-26T05:55:58Z", - "stargazers_count": 203, - "watchers_count": 203, + "stargazers_count": 204, + "watchers_count": 204, "has_discussions": false, "forks_count": 28, "allow_forking": true, @@ -1339,7 +1339,7 @@ "topics": [], "visibility": "public", "forks": 28, - "watchers": 203, + "watchers": 204, "score": 0, "subscribers_count": 5 }, diff --git a/2022/CVE-2022-22954.json b/2022/CVE-2022-22954.json index fcc6175b9f..51fd881b35 100644 --- a/2022/CVE-2022-22954.json +++ b/2022/CVE-2022-22954.json @@ -792,10 +792,10 @@ "description": "一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972\/31656以及log4j,提供一键上传webshell,命令执行或者上传公钥使用SSH免密连接", "fork": false, "created_at": "2022-10-04T03:39:27Z", - "updated_at": "2024-11-28T16:39:31Z", + "updated_at": "2024-11-29T03:29:06Z", "pushed_at": "2024-04-25T06:09:38Z", - "stargazers_count": 1335, - "watchers_count": 1335, + "stargazers_count": 1336, + "watchers_count": 1336, "has_discussions": false, "forks_count": 165, "allow_forking": true, @@ -811,7 +811,7 @@ ], "visibility": "public", "forks": 165, - "watchers": 1335, + "watchers": 1336, "score": 0, "subscribers_count": 15 } diff --git a/2022/CVE-2022-41678.json b/2022/CVE-2022-41678.json index b1e0723d7c..99b2cd6e6e 100644 --- a/2022/CVE-2022-41678.json +++ b/2022/CVE-2022-41678.json @@ -36,6 +36,6 @@ "forks": 0, "watchers": 0, "score": 0, - "subscribers_count": 0 + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2023/CVE-2023-20198.json b/2023/CVE-2023-20198.json index b51c70e7eb..92ed64c3e6 100644 --- a/2023/CVE-2023-20198.json +++ b/2023/CVE-2023-20198.json @@ -812,6 +812,6 @@ "forks": 1, "watchers": 3, "score": 0, - "subscribers_count": 1 + "subscribers_count": 2 } ] \ No newline at end of file diff --git a/2023/CVE-2023-22515.json b/2023/CVE-2023-22515.json index 61d4a9cec5..2256ec01c5 100644 --- a/2023/CVE-2023-22515.json +++ b/2023/CVE-2023-22515.json @@ -438,10 +438,10 @@ "description": "CVE-2023-22515", "fork": false, "created_at": "2023-10-30T00:17:45Z", - "updated_at": "2024-09-02T04:23:40Z", + "updated_at": "2024-11-29T04:13:32Z", "pushed_at": "2023-11-10T17:43:40Z", - "stargazers_count": 49, - "watchers_count": 49, + "stargazers_count": 50, + "watchers_count": 50, "has_discussions": false, "forks_count": 7, "allow_forking": true, @@ -460,7 +460,7 @@ ], "visibility": "public", "forks": 7, - "watchers": 49, + "watchers": 50, "score": 0, "subscribers_count": 1 }, @@ -515,10 +515,10 @@ "description": "配合 CVE-2023-22515 后台上传jar包实现RCE", "fork": false, "created_at": "2023-11-09T12:55:25Z", - "updated_at": "2024-03-15T16:30:11Z", + "updated_at": "2024-11-29T04:13:31Z", "pushed_at": "2023-11-09T14:21:58Z", - "stargazers_count": 20, - "watchers_count": 20, + "stargazers_count": 21, + "watchers_count": 21, "has_discussions": false, "forks_count": 2, "allow_forking": true, @@ -527,7 +527,7 @@ "topics": [], "visibility": "public", "forks": 2, - "watchers": 20, + "watchers": 21, "score": 0, "subscribers_count": 1 }, diff --git a/2023/CVE-2023-32428.json b/2023/CVE-2023-32428.json index 46a6244a7a..473d142abb 100644 --- a/2023/CVE-2023-32428.json +++ b/2023/CVE-2023-32428.json @@ -28,6 +28,6 @@ "forks": 4, "watchers": 13, "score": 0, - "subscribers_count": 1 + "subscribers_count": 2 } ] \ No newline at end of file diff --git a/2023/CVE-2023-36844.json b/2023/CVE-2023-36844.json index 01e38f0a30..26d38c38bf 100644 --- a/2023/CVE-2023-36844.json +++ b/2023/CVE-2023-36844.json @@ -76,10 +76,10 @@ "description": "A Proof of Concept for chaining the CVEs [CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847] to achieve Remote Code Execution (phpinfo) in Juniper JunOS within SRX and EX Series products.Modified from original exploit developed by @watchTowr .", "fork": false, "created_at": "2023-09-24T13:30:09Z", - "updated_at": "2024-11-01T09:26:50Z", + "updated_at": "2024-11-29T01:47:51Z", "pushed_at": "2023-09-24T13:36:08Z", - "stargazers_count": 3, - "watchers_count": 3, + "stargazers_count": 4, + "watchers_count": 4, "has_discussions": false, "forks_count": 2, "allow_forking": true, @@ -88,7 +88,7 @@ "topics": [], "visibility": "public", "forks": 2, - "watchers": 3, + "watchers": 4, "score": 0, "subscribers_count": 1 } diff --git a/2023/CVE-2023-36845.json b/2023/CVE-2023-36845.json index f0d5ffa431..be32985013 100644 --- a/2023/CVE-2023-36845.json +++ b/2023/CVE-2023-36845.json @@ -48,10 +48,10 @@ "description": "Juniper Firewalls CVE-2023-36845 - RCE", "fork": false, "created_at": "2023-09-26T17:56:55Z", - "updated_at": "2024-09-07T15:40:26Z", + "updated_at": "2024-11-29T01:47:08Z", "pushed_at": "2023-12-29T14:56:44Z", - "stargazers_count": 47, - "watchers_count": 47, + "stargazers_count": 48, + "watchers_count": 48, "has_discussions": false, "forks_count": 13, "allow_forking": true, @@ -79,7 +79,7 @@ ], "visibility": "public", "forks": 13, - "watchers": 47, + "watchers": 48, "score": 0, "subscribers_count": 2 }, diff --git a/2023/CVE-2023-42326.json b/2023/CVE-2023-42326.json index efdf5314e1..5f56b90f55 100644 --- a/2023/CVE-2023-42326.json +++ b/2023/CVE-2023-42326.json @@ -45,8 +45,8 @@ "description": "CVE-2023-42326 exploit", "fork": false, "created_at": "2024-10-31T18:51:54Z", - "updated_at": "2024-11-01T08:57:04Z", - "pushed_at": "2024-11-01T08:57:01Z", + "updated_at": "2024-11-29T05:38:12Z", + "pushed_at": "2024-11-29T05:38:09Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, diff --git a/2023/CVE-2023-43208.json b/2023/CVE-2023-43208.json index ec1fdf5555..23374f4909 100644 --- a/2023/CVE-2023-43208.json +++ b/2023/CVE-2023-43208.json @@ -135,6 +135,6 @@ "forks": 0, "watchers": 2, "score": 0, - "subscribers_count": 0 + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2023/CVE-2023-48123.json b/2023/CVE-2023-48123.json index 089400cac7..670798117f 100644 --- a/2023/CVE-2023-48123.json +++ b/2023/CVE-2023-48123.json @@ -45,8 +45,8 @@ "description": "CVE-2023-48123 exploit", "fork": false, "created_at": "2024-10-31T19:35:07Z", - "updated_at": "2024-11-01T08:55:26Z", - "pushed_at": "2024-11-01T08:54:53Z", + "updated_at": "2024-11-29T05:38:55Z", + "pushed_at": "2024-11-29T05:38:51Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, diff --git a/2023/CVE-2023-50164.json b/2023/CVE-2023-50164.json index 5b11f99483..195bb1d867 100644 --- a/2023/CVE-2023-50164.json +++ b/2023/CVE-2023-50164.json @@ -293,10 +293,10 @@ "description": null, "fork": false, "created_at": "2023-12-30T21:37:08Z", - "updated_at": "2024-11-28T12:21:03Z", + "updated_at": "2024-11-29T05:49:34Z", "pushed_at": "2024-01-16T14:59:23Z", - "stargazers_count": 4, - "watchers_count": 4, + "stargazers_count": 5, + "watchers_count": 5, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -305,7 +305,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 4, + "watchers": 5, "score": 0, "subscribers_count": 7 }, diff --git a/2023/CVE-2023-7261.json b/2023/CVE-2023-7261.json index e02220a1f1..e0aed763d2 100644 --- a/2023/CVE-2023-7261.json +++ b/2023/CVE-2023-7261.json @@ -28,6 +28,6 @@ "forks": 3, "watchers": 4, "score": 0, - "subscribers_count": 1 + "subscribers_count": 2 } ] \ No newline at end of file diff --git a/2024/CVE-2024-0012.json b/2024/CVE-2024-0012.json index c41b963ca9..0573307268 100644 --- a/2024/CVE-2024-0012.json +++ b/2024/CVE-2024-0012.json @@ -14,10 +14,10 @@ "description": null, "fork": false, "created_at": "2024-11-19T08:29:32Z", - "updated_at": "2024-11-25T06:15:42Z", + "updated_at": "2024-11-29T04:19:05Z", "pushed_at": "2024-11-19T09:28:42Z", - "stargazers_count": 20, - "watchers_count": 20, + "stargazers_count": 21, + "watchers_count": 21, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 3, - "watchers": 20, + "watchers": 21, "score": 0, "subscribers_count": 0 }, diff --git a/2024/CVE-2024-0044.json b/2024/CVE-2024-0044.json index d03b9ac446..82764d9123 100644 --- a/2024/CVE-2024-0044.json +++ b/2024/CVE-2024-0044.json @@ -45,10 +45,10 @@ "description": "CVE-2024-0044: a \"run-as any app\" high-severity vulnerability affecting Android versions 12 and 13", "fork": false, "created_at": "2024-06-18T12:30:53Z", - "updated_at": "2024-11-23T03:06:02Z", + "updated_at": "2024-11-29T04:38:32Z", "pushed_at": "2024-07-25T18:12:57Z", - "stargazers_count": 256, - "watchers_count": 256, + "stargazers_count": 257, + "watchers_count": 257, "has_discussions": false, "forks_count": 60, "allow_forking": true, @@ -57,7 +57,7 @@ "topics": [], "visibility": "public", "forks": 60, - "watchers": 256, + "watchers": 257, "score": 0, "subscribers_count": 7 }, diff --git a/2024/CVE-2024-11477.json b/2024/CVE-2024-11477.json new file mode 100644 index 0000000000..b1efcd8a3d --- /dev/null +++ b/2024/CVE-2024-11477.json @@ -0,0 +1,33 @@ +[ + { + "id": 895895052, + "name": "cve-2024-11477-writeup", + "full_name": "TheN00bBuilder\/cve-2024-11477-writeup", + "owner": { + "login": "TheN00bBuilder", + "id": 41171807, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41171807?v=4", + "html_url": "https:\/\/github.com\/TheN00bBuilder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheN00bBuilder\/cve-2024-11477-writeup", + "description": "CVE-2024-11477 7Zip Code Execution Writeup and Analysis", + "fork": false, + "created_at": "2024-11-29T06:13:36Z", + "updated_at": "2024-11-29T06:26:16Z", + "pushed_at": "2024-11-29T06:26:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20696.json b/2024/CVE-2024-20696.json index 6274feb636..0deaf1a718 100644 --- a/2024/CVE-2024-20696.json +++ b/2024/CVE-2024-20696.json @@ -14,10 +14,10 @@ "description": null, "fork": false, "created_at": "2024-03-08T02:31:41Z", - "updated_at": "2024-09-21T07:59:26Z", + "updated_at": "2024-11-29T05:01:59Z", "pushed_at": "2024-03-12T13:33:58Z", - "stargazers_count": 5, - "watchers_count": 5, + "stargazers_count": 6, + "watchers_count": 6, "has_discussions": false, "forks_count": 2, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 2, - "watchers": 5, + "watchers": 6, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-21534.json b/2024/CVE-2024-21534.json index 2d2cdb4c35..68d5d55fb8 100644 --- a/2024/CVE-2024-21534.json +++ b/2024/CVE-2024-21534.json @@ -19,13 +19,13 @@ "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, - "forks_count": 0, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 0, + "forks": 1, "watchers": 1, "score": 0, "subscribers_count": 1 diff --git a/2024/CVE-2024-32258.json b/2024/CVE-2024-32258.json index 8ceaaf0828..391bb29f0e 100644 --- a/2024/CVE-2024-32258.json +++ b/2024/CVE-2024-32258.json @@ -14,10 +14,10 @@ "description": null, "fork": false, "created_at": "2024-04-18T17:07:07Z", - "updated_at": "2024-11-01T15:36:18Z", + "updated_at": "2024-11-29T02:13:43Z", "pushed_at": "2024-11-01T15:36:15Z", - "stargazers_count": 1, - "watchers_count": 1, + "stargazers_count": 2, + "watchers_count": 2, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 1, + "watchers": 2, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-35250.json b/2024/CVE-2024-35250.json index e9695aa992..82f3006511 100644 --- a/2024/CVE-2024-35250.json +++ b/2024/CVE-2024-35250.json @@ -14,10 +14,10 @@ "description": "PoC for the Untrusted Pointer Dereference in the ks.sys driver", "fork": false, "created_at": "2024-10-13T19:30:20Z", - "updated_at": "2024-11-27T06:42:50Z", + "updated_at": "2024-11-29T03:13:33Z", "pushed_at": "2024-11-26T20:54:17Z", - "stargazers_count": 211, - "watchers_count": 211, + "stargazers_count": 212, + "watchers_count": 212, "has_discussions": false, "forks_count": 46, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 46, - "watchers": 211, + "watchers": 212, "score": 0, "subscribers_count": 6 }, diff --git a/2024/CVE-2024-39090.json b/2024/CVE-2024-39090.json index 21220672be..091aa24c42 100644 --- a/2024/CVE-2024-39090.json +++ b/2024/CVE-2024-39090.json @@ -14,8 +14,8 @@ "description": "This PoC script exploits CVE-2024-39090, a CSRF to Stored XSS vulnerability in PHPGurukul Online Shopping Portal v2.0. It automates CSRF attacks to inject persistent JavaScript payloads, which execute when a privileged user accesses the affected page, enabling actions such as session hijacking or credential theft.", "fork": false, "created_at": "2024-11-27T14:55:58Z", - "updated_at": "2024-11-27T14:57:36Z", - "pushed_at": "2024-11-27T14:56:14Z", + "updated_at": "2024-11-29T03:05:46Z", + "pushed_at": "2024-11-29T01:02:08Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, diff --git a/2024/CVE-2024-47575.json b/2024/CVE-2024-47575.json index 738232d93b..e1fde42ecd 100644 --- a/2024/CVE-2024-47575.json +++ b/2024/CVE-2024-47575.json @@ -14,10 +14,10 @@ "description": "Fortinet Fortimanager Unauthenticated Remote Code Execution AKA FortiJump CVE-2024-47575", "fork": false, "created_at": "2024-11-07T21:03:30Z", - "updated_at": "2024-11-27T19:14:30Z", + "updated_at": "2024-11-29T01:40:56Z", "pushed_at": "2024-11-14T16:25:52Z", - "stargazers_count": 69, - "watchers_count": 69, + "stargazers_count": 70, + "watchers_count": 70, "has_discussions": false, "forks_count": 22, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 22, - "watchers": 69, + "watchers": 70, "score": 0, "subscribers_count": 0 }, diff --git a/2024/CVE-2024-48990.json b/2024/CVE-2024-48990.json index ac3a06f000..7fe0c633ef 100644 --- a/2024/CVE-2024-48990.json +++ b/2024/CVE-2024-48990.json @@ -169,10 +169,10 @@ "description": "Needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.", "fork": false, "created_at": "2024-11-24T15:57:45Z", - "updated_at": "2024-11-26T01:02:14Z", + "updated_at": "2024-11-29T05:10:42Z", "pushed_at": "2024-11-24T17:47:02Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -181,7 +181,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 1 }, diff --git a/2024/CVE-2024-8069.json b/2024/CVE-2024-8069.json index 4d6912051b..c99650f423 100644 --- a/2024/CVE-2024-8069.json +++ b/2024/CVE-2024-8069.json @@ -14,8 +14,8 @@ "description": "Citrix Virtual Apps and Desktops (XEN) Unauthenticated RCE", "fork": false, "created_at": "2024-11-13T02:50:56Z", - "updated_at": "2024-11-22T09:52:50Z", - "pushed_at": "2024-11-13T03:29:28Z", + "updated_at": "2024-11-29T03:02:12Z", + "pushed_at": "2024-11-29T03:02:09Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, diff --git a/README.md b/README.md index 94a12ecdc2..a29aee653a 100644 --- a/README.md +++ b/README.md @@ -2208,6 +2208,13 @@ - [windz3r0day/CVE-2024-11432](https://github.com/windz3r0day/CVE-2024-11432) +### CVE-2024-11477 (2024-11-22) + +7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\n\nThe specific flaw exists within the implementation of Zstandard decompression. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24346. + + +- [TheN00bBuilder/cve-2024-11477-writeup](https://github.com/TheN00bBuilder/cve-2024-11477-writeup) + ### CVE-2024-12883 - [mhtsec/cve-2024-12883](https://github.com/mhtsec/cve-2024-12883) @@ -38547,6 +38554,7 @@ - [preempt/credssp](https://github.com/preempt/credssp) +- [andychao/Remote_code_execution_vulnerability_CVE-2018-0886_vulnerability_fixing_resources_download](https://github.com/andychao/Remote_code_execution_vulnerability_CVE-2018-0886_vulnerability_fixing_resources_download) ### CVE-2018-0952 (2018-08-15) @@ -41002,7 +41010,7 @@ upc.exe in Ubisoft Uplay Desktop Client versions 63.0.5699.0 allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of URI handlers. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code under the context of the current process. -- [JacksonKuo/Ubisoft-Uplay-Desktop-Client-63.0.5699.0](https://github.com/JacksonKuo/Ubisoft-Uplay-Desktop-Client-63.0.5699.0) +- [JacksonKuo/ubisoft-uplay-desktop-client-63.0.5699.0](https://github.com/JacksonKuo/ubisoft-uplay-desktop-client-63.0.5699.0) ### CVE-2018-15835 (2018-11-30)