mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-29 02:54:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2022/08/19 00:18:44

Browse source
This commit is contained in:
motikan2010-bot 2022-08-19 09:18:44 +09:00
parent 2a4a43c6c8
commit 2d95d7d11c
31 changed files with 488 additions and 77 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
2008/CVE-2008-0166.json
View file

@ -13,10 +13,10 @@
"description": "Debian OpenSSL Predictable PRNG (CVE-2008-0166)",
"fork": false,
"created_at": "2013-09-22T21:20:31Z",
"updated_at": "2022-08-17T01:25:39Z",
"updated_at": "2022-08-18T23:24:16Z",
"pushed_at": "2017-04-24T14:16:56Z",
"stargazers_count": 343,
"watchers_count": 343,
"stargazers_count": 344,
"watchers_count": 344,
"forks_count": 108,
"allow_forking": true,
"is_template": false,
@ -26,7 +26,7 @@
],
"visibility": "public",
"forks": 108,
"watchers": 343,
"watchers": 344,
"score": 0
},
{

4
2009/CVE-2009-0689.json
View file

@ -17,13 +17,13 @@
"pushed_at": "2019-09-30T23:38:11Z",
"stargazers_count": 47,
"watchers_count": 47,
"forks_count": 10,
"forks_count": 11,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 10,
"forks": 11,
"watchers": 47,
"score": 0
}

8
2017/CVE-2017-0781.json
View file

@ -13,10 +13,10 @@
"description": "Blueborne CVE-2017-0781 Android heap overflow vulnerability",
"fork": false,
"created_at": "2017-10-09T15:13:25Z",
"updated_at": "2022-07-20T16:31:51Z",
"updated_at": "2022-08-18T20:24:51Z",
"pushed_at": "2021-07-29T12:00:48Z",
"stargazers_count": 86,
"watchers_count": 86,
"stargazers_count": 85,
"watchers_count": 85,
"forks_count": 46,
"allow_forking": true,
"is_template": false,
@ -30,7 +30,7 @@
],
"visibility": "public",
"forks": 46,
"watchers": 86,
"watchers": 85,
"score": 0
},
{

8
2017/CVE-2017-0785.json
View file

@ -130,10 +130,10 @@
"description": "Scan\/Exploit Blueborne CVE-2017-0785",
"fork": false,
"created_at": "2017-10-04T20:41:12Z",
"updated_at": "2022-07-28T11:11:02Z",
"updated_at": "2022-08-18T20:25:45Z",
"pushed_at": "2018-02-28T07:04:05Z",
"stargazers_count": 31,
"watchers_count": 31,
"stargazers_count": 30,
"watchers_count": 30,
"forks_count": 21,
"allow_forking": true,
"is_template": false,
@ -141,7 +141,7 @@
"topics": [],
"visibility": "public",
"forks": 21,
"watchers": 31,
"watchers": 30,
"score": 0
},
{

4
2018/CVE-2018-3191.json
View file

@ -45,13 +45,13 @@
"pushed_at": "2018-10-23T05:10:54Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 52,
"forks_count": 53,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 52,
"forks": 53,
"watchers": 0,
"score": 0
},

8
2018/CVE-2018-4280.json
View file

@ -13,10 +13,10 @@
"description": "CVE-2018-4280: Mach port replacement vulnerability in launchd on macOS 10.13.5 leading to local privilege escalation and SIP bypass.",
"fork": false,
"created_at": "2018-01-22T06:22:59Z",
"updated_at": "2022-07-23T07:51:26Z",
"updated_at": "2022-08-18T22:04:49Z",
"pushed_at": "2018-10-28T20:23:30Z",
"stargazers_count": 51,
"watchers_count": 51,
"stargazers_count": 52,
"watchers_count": 52,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
@ -24,7 +24,7 @@
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 51,
"watchers": 52,
"score": 0
},
{

8
2018/CVE-2018-5955.json
View file

@ -41,10 +41,10 @@
"description": "一款功能强大的漏洞扫描器子域名爆破使用aioDNSasyncio异步快速扫描覆盖目标全方位资产进行批量漏洞扫描中间件信息收集自动收集ip代理探测Waf信息时自动使用来保护本机真实Ip在本机Ip被Waf杀死后自动切换代理Ip进行扫描Waf信息收集(国内外100+款waf信息)包括安全狗云锁阿里云云盾腾讯云等提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能",
"fork": false,
"created_at": "2019-12-21T22:45:55Z",
"updated_at": "2022-08-15T15:41:31Z",
"updated_at": "2022-08-18T19:09:19Z",
"pushed_at": "2020-01-05T21:46:25Z",
"stargazers_count": 571,
"watchers_count": 571,
"stargazers_count": 572,
"watchers_count": 572,
"forks_count": 125,
"allow_forking": true,
"is_template": false,
@ -65,7 +65,7 @@
],
"visibility": "public",
"forks": 125,
"watchers": 571,
"watchers": 572,
"score": 0
}
]

59
2019/CVE-2019-0230.json
View file

@ -86,5 +86,64 @@
"forks": 0,
"watchers": 1,
"score": 0
},
{
"id": 320458800,
"name": "CVE-2019-0230",
"full_name": "Al1ex\/CVE-2019-0230",
"owner": {
"login": "Al1ex",
"id": 38161463,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4",
"html_url": "https:\/\/github.com\/Al1ex"
},
"html_url": "https:\/\/github.com\/Al1ex\/CVE-2019-0230",
"description": "S2-059(CVE-2019-0230)",
"fork": false,
"created_at": "2020-12-11T03:40:04Z",
"updated_at": "2022-08-01T02:16:43Z",
"pushed_at": "2020-12-11T04:28:10Z",
"stargazers_count": 9,
"watchers_count": 9,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve-2019-0230",
"s2-059"
],
"visibility": "public",
"forks": 2,
"watchers": 9,
"score": 0
},
{
"id": 320658849,
"name": "CVE-2019-0230_Struts2S2-059",
"full_name": "tw-eason-tseng\/CVE-2019-0230_Struts2S2-059",
"owner": {
"login": "tw-eason-tseng",
"id": 7005895,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7005895?v=4",
"html_url": "https:\/\/github.com\/tw-eason-tseng"
},
"html_url": "https:\/\/github.com\/tw-eason-tseng\/CVE-2019-0230_Struts2S2-059",
"description": null,
"fork": false,
"created_at": "2020-12-11T18:57:14Z",
"updated_at": "2021-08-27T17:41:18Z",
"pushed_at": "2020-12-11T19:32:12Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

30
2019/CVE-2019-14450.json Normal file
View file

@ -0,0 +1,30 @@
[
{
"id": 318244452,
"name": "CVE-2019-14450",
"full_name": "securifera\/CVE-2019-14450",
"owner": {
"login": "securifera",
"id": 12126525,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12126525?v=4",
"html_url": "https:\/\/github.com\/securifera"
},
"html_url": "https:\/\/github.com\/securifera\/CVE-2019-14450",
"description": null,
"fork": false,
"created_at": "2020-12-03T15:54:39Z",
"updated_at": "2021-12-13T21:33:11Z",
"pushed_at": "2020-12-03T15:55:31Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0
}
]

28
2019/CVE-2019-15107.json
View file

@ -429,6 +429,34 @@
"watchers": 29,
"score": 0
},
{
"id": 318241258,
"name": "CVE-2019-15107",
"full_name": "diegojuan\/CVE-2019-15107",
"owner": {
"login": "diegojuan",
"id": 4934646,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4934646?v=4",
"html_url": "https:\/\/github.com\/diegojuan"
},
"html_url": "https:\/\/github.com\/diegojuan\/CVE-2019-15107",
"description": null,
"fork": false,
"created_at": "2020-12-03T15:43:39Z",
"updated_at": "2020-12-03T15:53:03Z",
"pushed_at": "2020-12-03T15:53:01Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 382448618,
"name": "CVE-2019-15107",

30
2019/CVE-2019-17041.json Normal file
View file

@ -0,0 +1,30 @@
[
{
"id": 318732411,
"name": "CVE-2019-17041",
"full_name": "Resery\/CVE-2019-17041",
"owner": {
"login": "Resery",
"id": 50428593,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50428593?v=4",
"html_url": "https:\/\/github.com\/Resery"
},
"html_url": "https:\/\/github.com\/Resery\/CVE-2019-17041",
"description": null,
"fork": false,
"created_at": "2020-12-05T07:49:11Z",
"updated_at": "2022-01-30T07:44:24Z",
"pushed_at": "2020-12-05T07:50:36Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 1,
"score": 0
}
]

28
2019/CVE-2019-17558.json
View file

@ -102,5 +102,33 @@
"forks": 1,
"watchers": 2,
"score": 0
},
{
"id": 321554194,
"name": "Exploit_CVE-2019-17558-RCE",
"full_name": "xkyrage\/Exploit_CVE-2019-17558-RCE",
"owner": {
"login": "xkyrage",
"id": 57317804,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57317804?v=4",
"html_url": "https:\/\/github.com\/xkyrage"
},
"html_url": "https:\/\/github.com\/xkyrage\/Exploit_CVE-2019-17558-RCE",
"description": "Apache Solr 1.4 Injection to get a shell",
"fork": false,
"created_at": "2020-12-15T04:38:06Z",
"updated_at": "2020-12-15T04:40:53Z",
"pushed_at": "2020-12-15T04:40:51Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

28
2019/CVE-2019-3980.json
View file

@ -1,4 +1,32 @@
[
{
"id": 284718304,
"name": "CVE-2019-3980",
"full_name": "warferik\/CVE-2019-3980",
"owner": {
"login": "warferik",
"id": 16766938,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16766938?v=4",
"html_url": "https:\/\/github.com\/warferik"
},
"html_url": "https:\/\/github.com\/warferik\/CVE-2019-3980",
"description": null,
"fork": false,
"created_at": "2020-08-03T14:12:56Z",
"updated_at": "2022-08-08T11:31:57Z",
"pushed_at": "2020-12-12T03:41:43Z",
"stargazers_count": 17,
"watchers_count": 17,
"forks_count": 10,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 10,
"watchers": 17,
"score": 0
},
{
"id": 419046445,
"name": "CVE-2019-3980",

30
2019/CVE-2019-5427.json Normal file
View file

@ -0,0 +1,30 @@
[
{
"id": 321055902,
"name": "cp30_XXE_partial_fix",
"full_name": "shanika04\/cp30_XXE_partial_fix",
"owner": {
"login": "shanika04",
"id": 73774345,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73774345?v=4",
"html_url": "https:\/\/github.com\/shanika04"
},
"html_url": "https:\/\/github.com\/shanika04\/cp30_XXE_partial_fix",
"description": "version between CVE-2018-20433 and CVE-2019-5427",
"fork": false,
"created_at": "2020-12-13T12:08:30Z",
"updated_at": "2020-12-13T12:10:34Z",
"pushed_at": "2020-12-13T12:10:30Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 0,
"score": 0
}
]

30
2019/CVE-2019-5454.json Normal file
View file

@ -0,0 +1,30 @@
[
{
"id": 319352277,
"name": "nextcloud_android",
"full_name": "shanika04\/nextcloud_android",
"owner": {
"login": "shanika04",
"id": 73774345,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73774345?v=4",
"html_url": "https:\/\/github.com\/shanika04"
},
"html_url": "https:\/\/github.com\/shanika04\/nextcloud_android",
"description": "SQLi CVE-2019-5454",
"fork": false,
"created_at": "2020-12-07T14:53:25Z",
"updated_at": "2020-12-07T15:01:34Z",
"pushed_at": "2020-12-07T15:01:28Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

34
2019/CVE-2019-5544.json
View file

@ -1,4 +1,38 @@
[
{
"id": 317555828,
"name": "CVE-2019-5544_CVE-2020-3992",
"full_name": "HynekPetrak\/CVE-2019-5544_CVE-2020-3992",
"owner": {
"login": "HynekPetrak",
"id": 8593983,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8593983?v=4",
"html_url": "https:\/\/github.com\/HynekPetrak"
},
"html_url": "https:\/\/github.com\/HynekPetrak\/CVE-2019-5544_CVE-2020-3992",
"description": "Python \/ scapy module implementing SRVLOC\/SLP protocol and scans for enabled OpenSLP services.",
"fork": false,
"created_at": "2020-12-01T13:49:26Z",
"updated_at": "2022-07-27T07:12:28Z",
"pushed_at": "2020-12-07T00:12:21Z",
"stargazers_count": 32,
"watchers_count": 32,
"forks_count": 8,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve-2019-5544",
"cve-2020-3992",
"openslp",
"slp",
"srvloc"
],
"visibility": "public",
"forks": 8,
"watchers": 32,
"score": 0
},
{
"id": 335992894,
"name": "VMware_ESXI_OpenSLP_PoCs",

4
2020/CVE-2020-15368.json
View file

@ -17,7 +17,7 @@
"pushed_at": "2022-04-14T03:17:44Z",
"stargazers_count": 334,
"watchers_count": 334,
"forks_count": 35,
"forks_count": 36,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -28,7 +28,7 @@
"windows"
],
"visibility": "public",
"forks": 35,
"forks": 36,
"watchers": 334,
"score": 0
}

24
2021/CVE-2021-4034.json
View file

@ -159,10 +159,10 @@
"description": "PoC for PwnKit: Local Privilege Escalation Vulnerability in polkits pkexec (CVE-2021-4034)",
"fork": false,
"created_at": "2022-01-26T00:56:36Z",
"updated_at": "2022-08-15T15:42:06Z",
"updated_at": "2022-08-18T18:47:38Z",
"pushed_at": "2022-02-12T05:22:58Z",
"stargazers_count": 899,
"watchers_count": 899,
"stargazers_count": 900,
"watchers_count": 900,
"forks_count": 294,
"allow_forking": true,
"is_template": false,
@ -174,7 +174,7 @@
],
"visibility": "public",
"forks": 294,
"watchers": 899,
"watchers": 900,
"score": 0
},
{
@ -878,10 +878,10 @@
"description": "Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation",
"fork": false,
"created_at": "2022-01-26T14:26:10Z",
"updated_at": "2022-08-16T07:18:59Z",
"updated_at": "2022-08-18T19:19:13Z",
"pushed_at": "2022-06-21T14:52:05Z",
"stargazers_count": 588,
"watchers_count": 588,
"stargazers_count": 589,
"watchers_count": 589,
"forks_count": 120,
"allow_forking": true,
"is_template": false,
@ -891,7 +891,7 @@
],
"visibility": "public",
"forks": 120,
"watchers": 588,
"watchers": 589,
"score": 0
},
{
@ -1856,10 +1856,10 @@
"description": "Proof of concept for pwnkit vulnerability",
"fork": false,
"created_at": "2022-01-27T14:43:57Z",
"updated_at": "2022-08-18T16:22:04Z",
"updated_at": "2022-08-18T19:24:25Z",
"pushed_at": "2022-04-19T12:33:32Z",
"stargazers_count": 300,
"watchers_count": 300,
"stargazers_count": 301,
"watchers_count": 301,
"forks_count": 35,
"allow_forking": true,
"is_template": false,
@ -1867,7 +1867,7 @@
"topics": [],
"visibility": "public",
"forks": 35,
"watchers": 300,
"watchers": 301,
"score": 0
},
{

8
2021/CVE-2021-42278.json
View file

@ -46,10 +46,10 @@
"description": "Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user ",
"fork": false,
"created_at": "2021-12-13T10:28:12Z",
"updated_at": "2022-08-18T02:04:10Z",
"updated_at": "2022-08-18T20:10:44Z",
"pushed_at": "2022-04-25T07:53:41Z",
"stargazers_count": 381,
"watchers_count": 381,
"stargazers_count": 382,
"watchers_count": 382,
"forks_count": 76,
"allow_forking": true,
"is_template": false,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 76,
"watchers": 381,
"watchers": 382,
"score": 0
},
{

4
2021/CVE-2021-43798.json
View file

@ -301,13 +301,13 @@
"pushed_at": "2021-12-21T23:40:59Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"forks": 1,
"watchers": 0,
"score": 0
},

8
2021/CVE-2021-44228.json
View file

@ -1401,7 +1401,7 @@
"pushed_at": "2021-12-17T13:59:44Z",
"stargazers_count": 19,
"watchers_count": 19,
"forks_count": 17,
"forks_count": 18,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -1411,7 +1411,7 @@
"spring-boot-log4j"
],
"visibility": "public",
"forks": 17,
"forks": 18,
"watchers": 19,
"score": 0
},
@ -3681,13 +3681,13 @@
"pushed_at": "2021-12-17T07:41:47Z",
"stargazers_count": 38,
"watchers_count": 38,
"forks_count": 7,
"forks_count": 8,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 7,
"forks": 8,
"watchers": 38,
"score": 0
},

8
2022/CVE-2022-0185.json
View file

@ -97,10 +97,10 @@
"description": "CVE-2022-0185 POC and Docker and Analysis write up",
"fork": false,
"created_at": "2022-02-18T09:27:34Z",
"updated_at": "2022-08-02T18:42:28Z",
"updated_at": "2022-08-18T19:22:25Z",
"pushed_at": "2022-05-24T11:18:03Z",
"stargazers_count": 19,
"watchers_count": 19,
"stargazers_count": 20,
"watchers_count": 20,
"forks_count": 7,
"allow_forking": true,
"is_template": false,
@ -108,7 +108,7 @@
"topics": [],
"visibility": "public",
"forks": 7,
"watchers": 19,
"watchers": 20,
"score": 0
},
{

8
2022/CVE-2022-0543.json
View file

@ -13,10 +13,10 @@
"description": "CVE-2022-0543_RCE,Redis Lua沙盒绕过 命令执行",
"fork": false,
"created_at": "2022-03-16T06:41:50Z",
"updated_at": "2022-08-05T03:54:53Z",
"updated_at": "2022-08-18T22:27:46Z",
"pushed_at": "2022-07-23T23:14:02Z",
"stargazers_count": 60,
"watchers_count": 60,
"stargazers_count": 61,
"watchers_count": 61,
"forks_count": 23,
"allow_forking": true,
"is_template": false,
@ -24,7 +24,7 @@
"topics": [],
"visibility": "public",
"forks": 23,
"watchers": 60,
"watchers": 61,
"score": 0
},
{

4
2022/CVE-2022-21894.json
View file

@ -51,13 +51,13 @@
"pushed_at": "2022-08-18T13:53:06Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"forks": 1,
"watchers": 1,
"score": 0
}

8
2022/CVE-2022-22980.json
View file

@ -13,10 +13,10 @@
"description": "Poc of CVE-2022-22980",
"fork": false,
"created_at": "2022-06-21T11:39:13Z",
"updated_at": "2022-08-15T15:42:30Z",
"updated_at": "2022-08-18T18:58:40Z",
"pushed_at": "2022-06-23T09:53:01Z",
"stargazers_count": 29,
"watchers_count": 29,
"stargazers_count": 30,
"watchers_count": 30,
"forks_count": 7,
"allow_forking": true,
"is_template": false,
@ -24,7 +24,7 @@
"topics": [],
"visibility": "public",
"forks": 7,
"watchers": 29,
"watchers": 30,
"score": 0
},
{

8
2022/CVE-2022-23808.json
View file

@ -13,10 +13,10 @@
"description": "phpMyAdmin XSS ",
"fork": false,
"created_at": "2022-02-01T17:02:03Z",
"updated_at": "2022-08-11T05:11:57Z",
"updated_at": "2022-08-18T20:08:08Z",
"pushed_at": "2022-02-03T16:21:01Z",
"stargazers_count": 82,
"watchers_count": 82,
"stargazers_count": 83,
"watchers_count": 83,
"forks_count": 15,
"allow_forking": true,
"is_template": false,
@ -42,7 +42,7 @@
],
"visibility": "public",
"forks": 15,
"watchers": 82,
"watchers": 83,
"score": 0
}
]

30
2022/CVE-2022-2414.json Normal file
View file

@ -0,0 +1,30 @@
[
{
"id": 526356142,
"name": "CVE-2022-2414-POC",
"full_name": "superhac\/CVE-2022-2414-POC",
"owner": {
"login": "superhac",
"id": 7942984,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7942984?v=4",
"html_url": "https:\/\/github.com\/superhac"
},
"html_url": "https:\/\/github.com\/superhac\/CVE-2022-2414-POC",
"description": null,
"fork": false,
"created_at": "2022-08-18T19:58:53Z",
"updated_at": "2022-08-18T21:20:48Z",
"pushed_at": "2022-08-18T20:33:38Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

12
2022/CVE-2022-27255.json
View file

@ -13,18 +13,18 @@
"description": null,
"fork": false,
"created_at": "2022-07-06T17:29:04Z",
"updated_at": "2022-08-18T18:15:39Z",
"updated_at": "2022-08-18T22:48:30Z",
"pushed_at": "2022-08-17T02:33:15Z",
"stargazers_count": 87,
"watchers_count": 87,
"forks_count": 19,
"stargazers_count": 91,
"watchers_count": 91,
"forks_count": 20,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 19,
"watchers": 87,
"forks": 20,
"watchers": 91,
"score": 0
}
]

8
2022/CVE-2022-34265.json
View file

@ -30,14 +30,14 @@
{
"id": 513523694,
"name": "CVE-2022-34265",
"full_name": "not-xences\/CVE-2022-34265",
"full_name": "traumatising\/CVE-2022-34265",
"owner": {
"login": "not-xences",
"login": "traumatising",
"id": 109222893,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109222893?v=4",
"html_url": "https:\/\/github.com\/not-xences"
"html_url": "https:\/\/github.com\/traumatising"
},
"html_url": "https:\/\/github.com\/not-xences\/CVE-2022-34265",
"html_url": "https:\/\/github.com\/traumatising\/CVE-2022-34265",
"description": "CVE-2022-34265 Vulnerability ",
"fork": false,
"created_at": "2022-07-13T13:02:41Z",

30
2022/CVE-2022-37042.json Normal file
View file

@ -0,0 +1,30 @@
[
{
"id": 526332797,
"name": "Zimbra_CVE-2022-37042-_CVE-2022-27925",
"full_name": "GreyNoise-Intelligence\/Zimbra_CVE-2022-37042-_CVE-2022-27925",
"owner": {
"login": "GreyNoise-Intelligence",
"id": 32075718,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32075718?v=4",
"html_url": "https:\/\/github.com\/GreyNoise-Intelligence"
},
"html_url": "https:\/\/github.com\/GreyNoise-Intelligence\/Zimbra_CVE-2022-37042-_CVE-2022-27925",
"description": null,
"fork": false,
"created_at": "2022-08-18T18:39:39Z",
"updated_at": "2022-08-18T20:30:00Z",
"pushed_at": "2022-08-18T18:41:13Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0
}
]

56
README.md
View file

@ -505,6 +505,14 @@ A critical issue has been discovered in GitLab affecting all versions starting f
### CVE-2022-2333
- [shirouQwQ/CVE-2022-2333](https://github.com/shirouQwQ/CVE-2022-2333)
### CVE-2022-2414 (2022-07-29)
<code>
Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests.
</code>
- [superhac/CVE-2022-2414-POC](https://github.com/superhac/CVE-2022-2414-POC)
### CVE-2022-2466
- [yuxblank/CVE-2022-2466---Request-Context-not-terminated-with-GraphQL](https://github.com/yuxblank/CVE-2022-2466---Request-Context-not-terminated-with-GraphQL)
@ -3099,7 +3107,7 @@ An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Tr
</code>
- [aeyesec/CVE-2022-34265](https://github.com/aeyesec/CVE-2022-34265)
- [not-xences/CVE-2022-34265](https://github.com/not-xences/CVE-2022-34265)
- [traumatising/CVE-2022-34265](https://github.com/traumatising/CVE-2022-34265)
### CVE-2022-34298 (2022-06-22)
@ -3215,6 +3223,14 @@ nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18
- [Pwnzer0tt1/CVE-2022-36946](https://github.com/Pwnzer0tt1/CVE-2022-36946)
- [XmasSnowISBACK/CVE-2022-36946](https://github.com/XmasSnowISBACK/CVE-2022-36946)
### CVE-2022-37042 (2022-08-11)
<code>
Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. By bypassing authentication (i.e., not having an authtoken), an attacker can upload arbitrary files to the system, leading to directory traversal and remote code execution. NOTE: this issue exists because of an incomplete fix for CVE-2022-27925.
</code>
- [GreyNoise-Intelligence/Zimbra_CVE-2022-37042-_CVE-2022-27925](https://github.com/GreyNoise-Intelligence/Zimbra_CVE-2022-37042-_CVE-2022-27925)
## 2021
### CVE-2021-0302 (2021-02-10)
@ -13183,6 +13199,8 @@ Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on r
- [PrinceFPF/CVE-2019-0230](https://github.com/PrinceFPF/CVE-2019-0230)
- [ramoncjs3/CVE-2019-0230](https://github.com/ramoncjs3/CVE-2019-0230)
- [f8al/CVE-2019-0230-PoC](https://github.com/f8al/CVE-2019-0230-PoC)
- [Al1ex/CVE-2019-0230](https://github.com/Al1ex/CVE-2019-0230)
- [tw-eason-tseng/CVE-2019-0230_Struts2S2-059](https://github.com/tw-eason-tseng/CVE-2019-0230_Struts2S2-059)
### CVE-2019-0232 (2019-04-15)
@ -14018,6 +14036,7 @@ The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco we
The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart card authentication which can allow a user to upload an executable to be executed on the DWRCS.exe host. An unauthenticated, remote attacker can request smart card login and upload and execute an arbitrary executable run under the Local System account.
</code>
- [warferik/CVE-2019-3980](https://github.com/warferik/CVE-2019-3980)
- [Barbarisch/CVE-2019-3980](https://github.com/Barbarisch/CVE-2019-3980)
### CVE-2019-5010 (2019-10-31)
@ -14086,6 +14105,22 @@ A remote code execution vulnerability in development mode Rails &lt;5.2.2.1, &lt
- [PenTestical/CVE-2019-5420](https://github.com/PenTestical/CVE-2019-5420)
- [laffray/ruby-RCE-CVE-2019-5420-](https://github.com/laffray/ruby-RCE-CVE-2019-5420-)
### CVE-2019-5427 (2019-04-22)
<code>
c3p0 version &lt; 0.9.5.4 may be exploited by a billion laughs attack when loading XML configuration due to missing protections against recursive entity expansion when loading configuration.
</code>
- [shanika04/cp30_XXE_partial_fix](https://github.com/shanika04/cp30_XXE_partial_fix)
### CVE-2019-5454 (2019-07-30)
<code>
SQL Injection in the Nextcloud Android app prior to version 3.0.0 allows to destroy a local cache when a harmful query is executed requiring to resetup the account.
</code>
- [shanika04/nextcloud_android](https://github.com/shanika04/nextcloud_android)
### CVE-2019-5475 (2019-09-03)
<code>
@ -14110,6 +14145,7 @@ The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
</code>
- [HynekPetrak/CVE-2019-5544_CVE-2020-3992](https://github.com/HynekPetrak/CVE-2019-5544_CVE-2020-3992)
- [dgh05t/VMware_ESXI_OpenSLP_PoCs](https://github.com/dgh05t/VMware_ESXI_OpenSLP_PoCs)
### CVE-2019-5624 (2019-04-30)
@ -15982,6 +16018,14 @@ A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x befo
- [jas502n/CVE-2019-14439](https://github.com/jas502n/CVE-2019-14439)
### CVE-2019-14450 (2019-10-28)
<code>
A directory traversal vulnerability was discovered in RepetierServer.exe in Repetier-Server 0.8 through 0.91 that allows for the creation of a user controlled XML file at an unintended location. When this is combined with CVE-2019-14451, an attacker can upload an &quot;external command&quot; configuration as a printer configuration, and achieve remote code execution. After exploitation, loading of the external command configuration is dependent on a system reboot or service restart.
</code>
- [securifera/CVE-2019-14450](https://github.com/securifera/CVE-2019-14450)
### CVE-2019-14514 (2020-02-10)
<code>
@ -16116,6 +16160,7 @@ An issue was discovered in Webmin &lt;=1.920. The parameter old in password_chan
- [n0obit4/Webmin_1.890-POC](https://github.com/n0obit4/Webmin_1.890-POC)
- [squid22/Webmin_CVE-2019-15107](https://github.com/squid22/Webmin_CVE-2019-15107)
- [MuirlandOracle/CVE-2019-15107](https://github.com/MuirlandOracle/CVE-2019-15107)
- [diegojuan/CVE-2019-15107](https://github.com/diegojuan/CVE-2019-15107)
- [whokilleddb/CVE-2019-15107](https://github.com/whokilleddb/CVE-2019-15107)
- [puckiestyle/CVE-2019-15107](https://github.com/puckiestyle/CVE-2019-15107)
- [darrenmartyn/CVE-2019-15107](https://github.com/darrenmartyn/CVE-2019-15107)
@ -16428,6 +16473,14 @@ Incorrect alias information in IonMonkey JIT compiler for setting array elements
- [maxpl0it/CVE-2019-17026-Exploit](https://github.com/maxpl0it/CVE-2019-17026-Exploit)
- [lsw29475/CVE-2019-17026](https://github.com/lsw29475/CVE-2019-17026)
### CVE-2019-17041 (2019-10-07)
<code>
An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon) but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow.
</code>
- [Resery/CVE-2019-17041](https://github.com/Resery/CVE-2019-17041)
### CVE-2019-17080 (2019-10-02)
<code>
@ -16548,6 +16601,7 @@ Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution
- [SDNDTeam/CVE-2019-17558_Solr_Vul_Tool](https://github.com/SDNDTeam/CVE-2019-17558_Solr_Vul_Tool)
- [zhzyker/exphub](https://github.com/zhzyker/exphub)
- [Ma1Dong/Solr_CVE-2019-17558](https://github.com/Ma1Dong/Solr_CVE-2019-17558)
- [xkyrage/Exploit_CVE-2019-17558-RCE](https://github.com/xkyrage/Exploit_CVE-2019-17558-RCE)
### CVE-2019-17564 (2020-04-01)