diff --git a/2017/CVE-2017-9248.json b/2017/CVE-2017-9248.json index 930b704cee..ee268a7905 100644 --- a/2017/CVE-2017-9248.json +++ b/2017/CVE-2017-9248.json @@ -36,13 +36,13 @@ "description": "A Burp extension to detect and exploit versions of Telerik Web UI vulnerable to CVE-2017-9248.", "fork": false, "created_at": "2018-08-03T04:36:23Z", - "updated_at": "2021-02-23T21:13:07Z", + "updated_at": "2021-04-09T02:11:33Z", "pushed_at": "2018-08-14T07:47:02Z", - "stargazers_count": 80, - "watchers_count": 80, + "stargazers_count": 81, + "watchers_count": 81, "forks_count": 24, "forks": 24, - "watchers": 80, + "watchers": 81, "score": 0 }, { diff --git a/2018/CVE-2018-1133.json b/2018/CVE-2018-1133.json index 100d13c892..48c01516aa 100644 --- a/2018/CVE-2018-1133.json +++ b/2018/CVE-2018-1133.json @@ -59,8 +59,8 @@ "description": null, "fork": false, "created_at": "2021-04-08T19:41:57Z", - "updated_at": "2021-04-08T21:10:16Z", - "pushed_at": "2021-04-08T21:10:14Z", + "updated_at": "2021-04-08T22:34:39Z", + "pushed_at": "2021-04-08T22:34:37Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, diff --git a/2018/CVE-2018-4087.json b/2018/CVE-2018-4087.json index d9b76c84ba..60d91eaa89 100644 --- a/2018/CVE-2018-4087.json +++ b/2018/CVE-2018-4087.json @@ -36,13 +36,13 @@ "description": "A sandbox escape based on the proof-of-concept (CVE-2018-4087) by Rani Idan (Zimperium)", "fork": false, "created_at": "2018-02-28T14:45:06Z", - "updated_at": "2021-03-11T01:57:10Z", + "updated_at": "2021-04-09T00:54:14Z", "pushed_at": "2018-05-08T10:59:23Z", - "stargazers_count": 79, - "watchers_count": 79, + "stargazers_count": 81, + "watchers_count": 81, "forks_count": 24, "forks": 24, - "watchers": 79, + "watchers": 81, "score": 0 }, { diff --git a/2018/CVE-2018-5955.json b/2018/CVE-2018-5955.json index d0d11ce018..39ea2f3f37 100644 --- a/2018/CVE-2018-5955.json +++ b/2018/CVE-2018-5955.json @@ -36,13 +36,13 @@ "description": "一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能", "fork": false, "created_at": "2019-12-21T22:45:55Z", - "updated_at": "2021-04-06T11:16:49Z", + "updated_at": "2021-04-09T03:07:33Z", "pushed_at": "2020-01-05T21:46:25Z", - "stargazers_count": 397, - "watchers_count": 397, + "stargazers_count": 399, + "watchers_count": 399, "forks_count": 96, "forks": 96, - "watchers": 397, + "watchers": 399, "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-0708.json b/2019/CVE-2019-0708.json index e13c225cb8..65a3cb4c7b 100644 --- a/2019/CVE-2019-0708.json +++ b/2019/CVE-2019-0708.json @@ -1324,13 +1324,13 @@ "description": "基于360公开的无损检测工具的可直接在windows上运行的批量检测程序", "fork": false, "created_at": "2019-05-28T16:09:10Z", - "updated_at": "2019-10-20T18:29:55Z", + "updated_at": "2021-04-09T01:20:13Z", "pushed_at": "2019-05-28T17:16:24Z", - "stargazers_count": 3, - "watchers_count": 3, + "stargazers_count": 4, + "watchers_count": 4, "forks_count": 2, "forks": 2, - "watchers": 3, + "watchers": 4, "score": 0 }, { diff --git a/2019/CVE-2019-1040.json b/2019/CVE-2019-1040.json index 9a31fc157a..9921d3a2a3 100644 --- a/2019/CVE-2019-1040.json +++ b/2019/CVE-2019-1040.json @@ -13,13 +13,13 @@ "description": "CVE-2019-1040 with Exchange", "fork": false, "created_at": "2019-06-14T11:16:03Z", - "updated_at": "2021-03-23T03:15:54Z", + "updated_at": "2021-04-08T23:38:21Z", "pushed_at": "2021-02-02T12:25:57Z", - "stargazers_count": 186, - "watchers_count": 186, + "stargazers_count": 187, + "watchers_count": 187, "forks_count": 56, "forks": 56, - "watchers": 186, + "watchers": 187, "score": 0 }, { diff --git a/2019/CVE-2019-2618.json b/2019/CVE-2019-2618.json index 0c6c50be74..d92e15c903 100644 --- a/2019/CVE-2019-2618.json +++ b/2019/CVE-2019-2618.json @@ -82,13 +82,13 @@ "description": "增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持", "fork": false, "created_at": "2019-06-21T09:22:43Z", - "updated_at": "2021-04-08T01:44:43Z", + "updated_at": "2021-04-09T00:25:14Z", "pushed_at": "2020-04-26T10:49:25Z", - "stargazers_count": 756, - "watchers_count": 756, - "forks_count": 156, - "forks": 156, - "watchers": 756, + "stargazers_count": 757, + "watchers_count": 757, + "forks_count": 157, + "forks": 157, + "watchers": 757, "score": 0 }, { diff --git a/2019/CVE-2019-2725.json b/2019/CVE-2019-2725.json index 85ea827592..4289110820 100644 --- a/2019/CVE-2019-2725.json +++ b/2019/CVE-2019-2725.json @@ -316,8 +316,8 @@ "pushed_at": "2019-07-15T06:03:15Z", "stargazers_count": 60, "watchers_count": 60, - "forks_count": 22, - "forks": 22, + "forks_count": 23, + "forks": 23, "watchers": 60, "score": 0 }, diff --git a/2020/CVE-2020-0014.json b/2020/CVE-2020-0014.json new file mode 100644 index 0000000000..9fee46e718 --- /dev/null +++ b/2020/CVE-2020-0014.json @@ -0,0 +1,25 @@ +[ + { + "id": 292801316, + "name": "CVE-2020-0014-Toast", + "full_name": "tea9\/CVE-2020-0014-Toast", + "owner": { + "login": "tea9", + "id": 39117901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39117901?v=4", + "html_url": "https:\/\/github.com\/tea9" + }, + "html_url": "https:\/\/github.com\/tea9\/CVE-2020-0014-Toast", + "description": "CVE-2020-0014-Toast-复现", + "fork": false, + "created_at": "2020-09-04T09:02:29Z", + "updated_at": "2020-11-25T07:28:27Z", + "pushed_at": "2020-09-07T06:34:42Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 3, + "forks": 3, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0041.json b/2020/CVE-2020-0041.json index 7ec1888b0b..310d301bb9 100644 --- a/2020/CVE-2020-0041.json +++ b/2020/CVE-2020-0041.json @@ -45,6 +45,52 @@ "watchers": 20, "score": 0 }, + { + "id": 288758217, + "name": "CVE-2020-0041", + "full_name": "minutesinch\/CVE-2020-0041", + "owner": { + "login": "minutesinch", + "id": 46642972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46642972?v=4", + "html_url": "https:\/\/github.com\/minutesinch" + }, + "html_url": "https:\/\/github.com\/minutesinch\/CVE-2020-0041", + "description": null, + "fork": false, + "created_at": "2020-08-19T14:44:48Z", + "updated_at": "2020-08-19T14:45:02Z", + "pushed_at": "2020-08-19T14:44:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 288758376, + "name": "CVE-2020-0041-Original", + "full_name": "minutesinch\/CVE-2020-0041-Original", + "owner": { + "login": "minutesinch", + "id": 46642972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46642972?v=4", + "html_url": "https:\/\/github.com\/minutesinch" + }, + "html_url": "https:\/\/github.com\/minutesinch\/CVE-2020-0041-Original", + "description": null, + "fork": false, + "created_at": "2020-08-19T14:45:28Z", + "updated_at": "2020-08-19T14:45:41Z", + "pushed_at": "2020-08-19T14:45:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 337629139, "name": "CVE-2020-0041", diff --git a/2020/CVE-2020-0108.json b/2020/CVE-2020-0108.json new file mode 100644 index 0000000000..608d02b590 --- /dev/null +++ b/2020/CVE-2020-0108.json @@ -0,0 +1,25 @@ +[ + { + "id": 285182790, + "name": "ServiceCheater", + "full_name": "CrackerCat\/ServiceCheater", + "owner": { + "login": "CrackerCat", + "id": 17995064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17995064?v=4", + "html_url": "https:\/\/github.com\/CrackerCat" + }, + "html_url": "https:\/\/github.com\/CrackerCat\/ServiceCheater", + "description": "PoC of CVE-2020-0108", + "fork": false, + "created_at": "2020-08-05T04:50:42Z", + "updated_at": "2021-02-04T02:18:03Z", + "pushed_at": "2020-08-05T02:55:34Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0114.json b/2020/CVE-2020-0114.json new file mode 100644 index 0000000000..cfbfbcf4f4 --- /dev/null +++ b/2020/CVE-2020-0114.json @@ -0,0 +1,25 @@ +[ + { + "id": 293716653, + "name": "CVE-2020-0114-systemui", + "full_name": "tea9\/CVE-2020-0114-systemui", + "owner": { + "login": "tea9", + "id": 39117901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39117901?v=4", + "html_url": "https:\/\/github.com\/tea9" + }, + "html_url": "https:\/\/github.com\/tea9\/CVE-2020-0114-systemui", + "description": null, + "fork": false, + "created_at": "2020-09-08T06:06:36Z", + "updated_at": "2020-11-25T07:32:06Z", + "pushed_at": "2020-09-08T06:09:54Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 4, + "forks": 4, + "watchers": 5, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0674.json b/2020/CVE-2020-0674.json index 4de4762aae..917f8060ee 100644 --- a/2020/CVE-2020-0674.json +++ b/2020/CVE-2020-0674.json @@ -44,5 +44,28 @@ "forks": 66, "watchers": 195, "score": 0 + }, + { + "id": 299851365, + "name": "CVE-2020-0674", + "full_name": "Ken-Abruzzi\/CVE-2020-0674", + "owner": { + "login": "Ken-Abruzzi", + "id": 68931768, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68931768?v=4", + "html_url": "https:\/\/github.com\/Ken-Abruzzi" + }, + "html_url": "https:\/\/github.com\/Ken-Abruzzi\/CVE-2020-0674", + "description": null, + "fork": false, + "created_at": "2020-09-30T08:08:42Z", + "updated_at": "2020-09-30T08:27:55Z", + "pushed_at": "2020-09-30T08:27:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-0688.json b/2020/CVE-2020-0688.json index 86d8e5687f..adbc9a3a1a 100644 --- a/2020/CVE-2020-0688.json +++ b/2020/CVE-2020-0688.json @@ -344,6 +344,75 @@ "watchers": 14, "score": 0 }, + { + "id": 288177224, + "name": "CVE-2020-0688", + "full_name": "murataydemir\/CVE-2020-0688", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2020-0688", + "description": "[CVE-2020-0688] Microsoft Exchange Server Fixed Cryptographic Key Remote Code Execution (RCE)", + "fork": false, + "created_at": "2020-08-17T12:41:51Z", + "updated_at": "2021-03-13T00:32:52Z", + "pushed_at": "2020-08-29T21:00:56Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + }, + { + "id": 306497480, + "name": "ecp_slap", + "full_name": "zyn3rgy\/ecp_slap", + "owner": { + "login": "zyn3rgy", + "id": 73311948, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73311948?v=4", + "html_url": "https:\/\/github.com\/zyn3rgy" + }, + "html_url": "https:\/\/github.com\/zyn3rgy\/ecp_slap", + "description": "CVE-2020-0688 PoC", + "fork": false, + "created_at": "2020-10-23T01:18:13Z", + "updated_at": "2020-12-21T20:27:18Z", + "pushed_at": "2020-10-26T03:35:14Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 1, + "forks": 1, + "watchers": 7, + "score": 0 + }, + { + "id": 308367304, + "name": "CVE-2020-0688-Scanner", + "full_name": "SLSteff\/CVE-2020-0688-Scanner", + "owner": { + "login": "SLSteff", + "id": 20557573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20557573?v=4", + "html_url": "https:\/\/github.com\/SLSteff" + }, + "html_url": "https:\/\/github.com\/SLSteff\/CVE-2020-0688-Scanner", + "description": "Scans for Microsoft Exchange Versions with masscan", + "fork": false, + "created_at": "2020-10-29T15:16:24Z", + "updated_at": "2021-03-20T06:54:20Z", + "pushed_at": "2020-10-29T20:06:25Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, { "id": 326652424, "name": "CVE-2020-0688", diff --git a/2020/CVE-2020-0796.json b/2020/CVE-2020-0796.json index 33f2305e5b..6dc9e094cf 100644 --- a/2020/CVE-2020-0796.json +++ b/2020/CVE-2020-0796.json @@ -1379,6 +1379,121 @@ "watchers": 20, "score": 0 }, + { + "id": 277568818, + "name": "SMBGhost-SMBleed-scanner", + "full_name": "ZecOps\/SMBGhost-SMBleed-scanner", + "owner": { + "login": "ZecOps", + "id": 31035096, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31035096?v=4", + "html_url": "https:\/\/github.com\/ZecOps" + }, + "html_url": "https:\/\/github.com\/ZecOps\/SMBGhost-SMBleed-scanner", + "description": "SMBGhost (CVE-2020-0796) and SMBleed (CVE-2020-1206) Scanner", + "fork": false, + "created_at": "2020-07-06T14:45:07Z", + "updated_at": "2021-04-02T02:34:56Z", + "pushed_at": "2020-07-06T19:00:06Z", + "stargazers_count": 29, + "watchers_count": 29, + "forks_count": 11, + "forks": 11, + "watchers": 29, + "score": 0 + }, + { + "id": 279475059, + "name": "smbghost-5", + "full_name": "5l1v3r1\/smbghost-5", + "owner": { + "login": "5l1v3r1", + "id": 34143537, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34143537?v=4", + "html_url": "https:\/\/github.com\/5l1v3r1" + }, + "html_url": "https:\/\/github.com\/5l1v3r1\/smbghost-5", + "description": "CVE-2020-0796. Smbghost Local Privilege Escalation", + "fork": false, + "created_at": "2020-07-14T03:49:09Z", + "updated_at": "2021-02-05T22:53:54Z", + "pushed_at": "2020-07-12T09:59:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 296190446, + "name": "CVE-2020-0796-BOF", + "full_name": "rsmudge\/CVE-2020-0796-BOF", + "owner": { + "login": "rsmudge", + "id": 1174994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1174994?v=4", + "html_url": "https:\/\/github.com\/rsmudge" + }, + "html_url": "https:\/\/github.com\/rsmudge\/CVE-2020-0796-BOF", + "description": null, + "fork": false, + "created_at": "2020-09-17T01:48:37Z", + "updated_at": "2021-02-12T02:17:59Z", + "pushed_at": "2020-09-17T01:55:48Z", + "stargazers_count": 51, + "watchers_count": 51, + "forks_count": 14, + "forks": 14, + "watchers": 51, + "score": 0 + }, + { + "id": 299197060, + "name": "SMBGhost-CVE-2020-0796-", + "full_name": "codewithpradhan\/SMBGhost-CVE-2020-0796-", + "owner": { + "login": "codewithpradhan", + "id": 68530116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68530116?v=4", + "html_url": "https:\/\/github.com\/codewithpradhan" + }, + "html_url": "https:\/\/github.com\/codewithpradhan\/SMBGhost-CVE-2020-0796-", + "description": "To crash Windows-10 easily", + "fork": false, + "created_at": "2020-09-28T05:23:20Z", + "updated_at": "2020-09-28T05:37:37Z", + "pushed_at": "2020-09-28T05:24:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 310486564, + "name": "CVE-2020-0796-POC", + "full_name": "AaronWilsonGrylls\/CVE-2020-0796-POC", + "owner": { + "login": "AaronWilsonGrylls", + "id": 40255963, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40255963?v=4", + "html_url": "https:\/\/github.com\/AaronWilsonGrylls" + }, + "html_url": "https:\/\/github.com\/AaronWilsonGrylls\/CVE-2020-0796-POC", + "description": "CVE-2020-0796-POC", + "fork": false, + "created_at": "2020-11-06T03:56:52Z", + "updated_at": "2020-11-06T05:27:47Z", + "pushed_at": "2020-11-06T05:27:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 311524122, "name": "CVE-2020-0796", diff --git a/2020/CVE-2020-0890.json b/2020/CVE-2020-0890.json new file mode 100644 index 0000000000..5cc31eee10 --- /dev/null +++ b/2020/CVE-2020-0890.json @@ -0,0 +1,25 @@ +[ + { + "id": 292597950, + "name": "hyperv_local_dos_poc", + "full_name": "gerhart01\/hyperv_local_dos_poc", + "owner": { + "login": "gerhart01", + "id": 25981258, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25981258?v=4", + "html_url": "https:\/\/github.com\/gerhart01" + }, + "html_url": "https:\/\/github.com\/gerhart01\/hyperv_local_dos_poc", + "description": "CVE-2020-0890 | Windows Hyper-V Denial of Service Vulnerability proof-of-concept code", + "fork": false, + "created_at": "2020-09-03T14:45:51Z", + "updated_at": "2021-03-19T02:06:23Z", + "pushed_at": "2020-09-08T20:01:05Z", + "stargazers_count": 27, + "watchers_count": 27, + "forks_count": 7, + "forks": 7, + "watchers": 27, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1.json b/2020/CVE-2020-1.json new file mode 100644 index 0000000000..3a1bd26341 --- /dev/null +++ b/2020/CVE-2020-1.json @@ -0,0 +1,25 @@ +[ + { + "id": 287520540, + "name": "FDEU-CVE-2020-1FC5", + "full_name": "full-disclosure\/FDEU-CVE-2020-1FC5", + "owner": { + "login": "full-disclosure", + "id": 62108425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62108425?v=4", + "html_url": "https:\/\/github.com\/full-disclosure" + }, + "html_url": "https:\/\/github.com\/full-disclosure\/FDEU-CVE-2020-1FC5", + "description": "Telia Technicolor TG389ac v.17.1.7992 Samba privilege escalation exploit", + "fork": false, + "created_at": "2020-08-14T11:47:37Z", + "updated_at": "2021-01-11T11:41:40Z", + "pushed_at": "2020-08-17T07:43:41Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 1, + "forks": 1, + "watchers": 6, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10205.json b/2020/CVE-2020-10205.json new file mode 100644 index 0000000000..bc6096a999 --- /dev/null +++ b/2020/CVE-2020-10205.json @@ -0,0 +1,25 @@ +[ + { + "id": 300210711, + "name": "CVE-2020-10205", + "full_name": "5l1v3r1\/CVE-2020-10205", + "owner": { + "login": "5l1v3r1", + "id": 34143537, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34143537?v=4", + "html_url": "https:\/\/github.com\/5l1v3r1" + }, + "html_url": "https:\/\/github.com\/5l1v3r1\/CVE-2020-10205", + "description": null, + "fork": false, + "created_at": "2020-10-01T08:49:47Z", + "updated_at": "2021-01-30T16:15:20Z", + "pushed_at": "2020-04-17T04:00:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1048.json b/2020/CVE-2020-1048.json index bc45bcfa89..c33efbf9e7 100644 --- a/2020/CVE-2020-1048.json +++ b/2020/CVE-2020-1048.json @@ -44,5 +44,28 @@ "forks": 3, "watchers": 10, "score": 0 + }, + { + "id": 297202950, + "name": "CVE-2020-1048", + "full_name": "Ken-Abruzzi\/CVE-2020-1048", + "owner": { + "login": "Ken-Abruzzi", + "id": 68931768, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68931768?v=4", + "html_url": "https:\/\/github.com\/Ken-Abruzzi" + }, + "html_url": "https:\/\/github.com\/Ken-Abruzzi\/CVE-2020-1048", + "description": "An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'.", + "fork": false, + "created_at": "2020-09-21T01:59:38Z", + "updated_at": "2020-09-21T03:26:18Z", + "pushed_at": "2020-09-21T03:26:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-1054.json b/2020/CVE-2020-1054.json index a8572796fe..471bb407ff 100644 --- a/2020/CVE-2020-1054.json +++ b/2020/CVE-2020-1054.json @@ -21,5 +21,74 @@ "forks": 27, "watchers": 78, "score": 0 + }, + { + "id": 280822745, + "name": "CVE-2020-1054", + "full_name": "Iamgublin\/CVE-2020-1054", + "owner": { + "login": "Iamgublin", + "id": 16526066, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16526066?v=4", + "html_url": "https:\/\/github.com\/Iamgublin" + }, + "html_url": "https:\/\/github.com\/Iamgublin\/CVE-2020-1054", + "description": null, + "fork": false, + "created_at": "2020-07-19T08:20:57Z", + "updated_at": "2020-11-23T06:23:07Z", + "pushed_at": "2020-07-19T08:24:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 5, + "forks": 5, + "watchers": 2, + "score": 0 + }, + { + "id": 282434512, + "name": "CVE-2020-1054", + "full_name": "KaLendsi\/CVE-2020-1054", + "owner": { + "login": "KaLendsi", + "id": 68001644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68001644?v=4", + "html_url": "https:\/\/github.com\/KaLendsi" + }, + "html_url": "https:\/\/github.com\/KaLendsi\/CVE-2020-1054", + "description": null, + "fork": false, + "created_at": "2020-07-25T11:56:48Z", + "updated_at": "2021-04-01T07:16:46Z", + "pushed_at": "2020-07-27T02:43:12Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 5, + "forks": 5, + "watchers": 5, + "score": 0 + }, + { + "id": 307866361, + "name": "CVE-2020-1054", + "full_name": "Graham382\/CVE-2020-1054", + "owner": { + "login": "Graham382", + "id": 67909699, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67909699?v=4", + "html_url": "https:\/\/github.com\/Graham382" + }, + "html_url": "https:\/\/github.com\/Graham382\/CVE-2020-1054", + "description": "Windows 7 LPE", + "fork": false, + "created_at": "2020-10-28T00:48:43Z", + "updated_at": "2020-10-28T06:09:12Z", + "pushed_at": "2020-10-28T00:57:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 4, + "forks": 4, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-10713.json b/2020/CVE-2020-10713.json new file mode 100644 index 0000000000..3a996ba7c5 --- /dev/null +++ b/2020/CVE-2020-10713.json @@ -0,0 +1,25 @@ +[ + { + "id": 283354389, + "name": "BootHole", + "full_name": "eclypsium\/BootHole", + "owner": { + "login": "eclypsium", + "id": 28793771, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28793771?v=4", + "html_url": "https:\/\/github.com\/eclypsium" + }, + "html_url": "https:\/\/github.com\/eclypsium\/BootHole", + "description": "BootHole vulnerability (CVE-2020-10713). detection script, links and other mitigation related materials", + "fork": false, + "created_at": "2020-07-29T00:01:41Z", + "updated_at": "2021-03-03T14:00:14Z", + "pushed_at": "2020-08-24T23:16:38Z", + "stargazers_count": 52, + "watchers_count": 52, + "forks_count": 9, + "forks": 9, + "watchers": 52, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11896.json b/2020/CVE-2020-11896.json new file mode 100644 index 0000000000..a17db5d257 --- /dev/null +++ b/2020/CVE-2020-11896.json @@ -0,0 +1,25 @@ +[ + { + "id": 281287041, + "name": "Treck20-Related", + "full_name": "Fans0n-Fan\/Treck20-Related", + "owner": { + "login": "Fans0n-Fan", + "id": 62650136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62650136?v=4", + "html_url": "https:\/\/github.com\/Fans0n-Fan" + }, + "html_url": "https:\/\/github.com\/Fans0n-Fan\/Treck20-Related", + "description": "PoC for CVE-2020-11896 Treck TCP\/IP stack and device asset investigation", + "fork": false, + "created_at": "2020-07-21T03:38:31Z", + "updated_at": "2020-09-03T10:53:52Z", + "pushed_at": "2020-09-03T06:37:46Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 1, + "forks": 1, + "watchers": 6, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11989.json b/2020/CVE-2020-11989.json new file mode 100644 index 0000000000..3c5ebbf62f --- /dev/null +++ b/2020/CVE-2020-11989.json @@ -0,0 +1,25 @@ +[ + { + "id": 305056797, + "name": "HYWZ36-CVE-2020-11989-code", + "full_name": "HYWZ36\/HYWZ36-CVE-2020-11989-code", + "owner": { + "login": "HYWZ36", + "id": 27775281, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27775281?v=4", + "html_url": "https:\/\/github.com\/HYWZ36" + }, + "html_url": "https:\/\/github.com\/HYWZ36\/HYWZ36-CVE-2020-11989-code", + "description": null, + "fork": false, + "created_at": "2020-10-18T08:34:47Z", + "updated_at": "2020-10-19T08:52:49Z", + "pushed_at": "2020-10-19T08:52:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11996.json b/2020/CVE-2020-11996.json new file mode 100644 index 0000000000..6188dbaadb --- /dev/null +++ b/2020/CVE-2020-11996.json @@ -0,0 +1,25 @@ +[ + { + "id": 282904807, + "name": "tomcat-embed-core-9.0.31-CVE-2020-11996", + "full_name": "rusakovichma\/tomcat-embed-core-9.0.31-CVE-2020-11996", + "owner": { + "login": "rusakovichma", + "id": 4024331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4024331?v=4", + "html_url": "https:\/\/github.com\/rusakovichma" + }, + "html_url": "https:\/\/github.com\/rusakovichma\/tomcat-embed-core-9.0.31-CVE-2020-11996", + "description": "tomcat-embed-core-9.0.31 CVE-2020-11996 Test PoC", + "fork": false, + "created_at": "2020-07-27T13:22:21Z", + "updated_at": "2020-11-06T13:06:12Z", + "pushed_at": "2020-11-06T13:05:59Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1206.json b/2020/CVE-2020-1206.json index 1c90e72db6..ecddfd44db 100644 --- a/2020/CVE-2020-1206.json +++ b/2020/CVE-2020-1206.json @@ -21,5 +21,51 @@ "forks": 44, "watchers": 133, "score": 0 + }, + { + "id": 277048370, + "name": "CVE-2020-1206-Exploit", + "full_name": "Info-Security-Solution-Kolkata\/CVE-2020-1206-Exploit", + "owner": { + "login": "Info-Security-Solution-Kolkata", + "id": 67817658, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67817658?v=4", + "html_url": "https:\/\/github.com\/Info-Security-Solution-Kolkata" + }, + "html_url": "https:\/\/github.com\/Info-Security-Solution-Kolkata\/CVE-2020-1206-Exploit", + "description": null, + "fork": false, + "created_at": "2020-07-04T05:54:58Z", + "updated_at": "2020-07-04T05:54:58Z", + "pushed_at": "2020-07-04T05:54:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 277049855, + "name": "Smbleed-CVE-2020-1206-Exploit", + "full_name": "Info-Security-Solution-Kolkata\/Smbleed-CVE-2020-1206-Exploit", + "owner": { + "login": "Info-Security-Solution-Kolkata", + "id": 67817658, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67817658?v=4", + "html_url": "https:\/\/github.com\/Info-Security-Solution-Kolkata" + }, + "html_url": "https:\/\/github.com\/Info-Security-Solution-Kolkata\/Smbleed-CVE-2020-1206-Exploit", + "description": null, + "fork": false, + "created_at": "2020-07-04T06:06:52Z", + "updated_at": "2020-07-04T06:06:52Z", + "pushed_at": "2020-07-04T06:06:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-12432.json b/2020/CVE-2020-12432.json new file mode 100644 index 0000000000..0429dcb431 --- /dev/null +++ b/2020/CVE-2020-12432.json @@ -0,0 +1,25 @@ +[ + { + "id": 281384090, + "name": "CVE-2020-12432", + "full_name": "d7x\/CVE-2020-12432", + "owner": { + "login": "d7x", + "id": 36901198, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36901198?v=4", + "html_url": "https:\/\/github.com\/d7x" + }, + "html_url": "https:\/\/github.com\/d7x\/CVE-2020-12432", + "description": null, + "fork": false, + "created_at": "2020-07-21T11:53:27Z", + "updated_at": "2020-07-21T12:17:54Z", + "pushed_at": "2020-07-21T12:17:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13094.json b/2020/CVE-2020-13094.json new file mode 100644 index 0000000000..d28c2f009f --- /dev/null +++ b/2020/CVE-2020-13094.json @@ -0,0 +1,25 @@ +[ + { + "id": 284480533, + "name": "CVE-2020-13094", + "full_name": "mkelepce\/CVE-2020-13094", + "owner": { + "login": "mkelepce", + "id": 10780392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10780392?v=4", + "html_url": "https:\/\/github.com\/mkelepce" + }, + "html_url": "https:\/\/github.com\/mkelepce\/CVE-2020-13094", + "description": " Dolibarr 11.0.3 - Persistent Cross-Site Scripting", + "fork": false, + "created_at": "2020-08-02T14:43:43Z", + "updated_at": "2020-08-02T14:45:17Z", + "pushed_at": "2020-08-02T14:45:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1313.json b/2020/CVE-2020-1313.json new file mode 100644 index 0000000000..98e8364215 --- /dev/null +++ b/2020/CVE-2020-1313.json @@ -0,0 +1,25 @@ +[ + { + "id": 283541946, + "name": "CVE-2020-1313", + "full_name": "irsl\/CVE-2020-1313", + "owner": { + "login": "irsl", + "id": 6357121, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6357121?v=4", + "html_url": "https:\/\/github.com\/irsl" + }, + "html_url": "https:\/\/github.com\/irsl\/CVE-2020-1313", + "description": "Proof of concept exploit of Windows Update Orchestrator Service Elevation of Privilege Vulnerability", + "fork": false, + "created_at": "2020-07-29T15:56:50Z", + "updated_at": "2021-02-15T13:32:57Z", + "pushed_at": "2020-07-30T07:48:40Z", + "stargazers_count": 110, + "watchers_count": 110, + "forks_count": 20, + "forks": 20, + "watchers": 110, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13151.json b/2020/CVE-2020-13151.json new file mode 100644 index 0000000000..04e5443214 --- /dev/null +++ b/2020/CVE-2020-13151.json @@ -0,0 +1,25 @@ +[ + { + "id": 284276011, + "name": "CVE-2020-13151", + "full_name": "b4ny4n\/CVE-2020-13151", + "owner": { + "login": "b4ny4n", + "id": 18220016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18220016?v=4", + "html_url": "https:\/\/github.com\/b4ny4n" + }, + "html_url": "https:\/\/github.com\/b4ny4n\/CVE-2020-13151", + "description": "POC for CVE-2020-13151", + "fork": false, + "created_at": "2020-08-01T14:29:59Z", + "updated_at": "2020-08-06T04:09:52Z", + "pushed_at": "2020-08-03T18:55:37Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13162.json b/2020/CVE-2020-13162.json new file mode 100644 index 0000000000..bae230c502 --- /dev/null +++ b/2020/CVE-2020-13162.json @@ -0,0 +1,25 @@ +[ + { + "id": 292356141, + "name": "tu-TOCTOU-kaiu-TOCMEU-CVE-2020-13162-", + "full_name": "redtimmy\/tu-TOCTOU-kaiu-TOCMEU-CVE-2020-13162-", + "owner": { + "login": "redtimmy", + "id": 40774163, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40774163?v=4", + "html_url": "https:\/\/github.com\/redtimmy" + }, + "html_url": "https:\/\/github.com\/redtimmy\/tu-TOCTOU-kaiu-TOCMEU-CVE-2020-13162-", + "description": "Exploit for CVE-2020-13162", + "fork": false, + "created_at": "2020-09-02T17:58:32Z", + "updated_at": "2021-01-28T03:34:26Z", + "pushed_at": "2020-09-02T19:14:21Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 9, + "forks": 9, + "watchers": 10, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13259.json b/2020/CVE-2020-13259.json new file mode 100644 index 0000000000..7c3180616c --- /dev/null +++ b/2020/CVE-2020-13259.json @@ -0,0 +1,25 @@ +[ + { + "id": 291721408, + "name": "CVE-2020-13259", + "full_name": "UrielYochpaz\/CVE-2020-13259", + "owner": { + "login": "UrielYochpaz", + "id": 36864886, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36864886?v=4", + "html_url": "https:\/\/github.com\/UrielYochpaz" + }, + "html_url": "https:\/\/github.com\/UrielYochpaz\/CVE-2020-13259", + "description": "PoC of Full Account Takeover on RAD SecFlow-1v ", + "fork": false, + "created_at": "2020-08-31T13:22:21Z", + "updated_at": "2020-09-15T09:24:49Z", + "pushed_at": "2020-08-31T13:53:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1337.json b/2020/CVE-2020-1337.json index c7971f90bc..9bcfb56696 100644 --- a/2020/CVE-2020-1337.json +++ b/2020/CVE-2020-1337.json @@ -1,4 +1,96 @@ [ + { + "id": 281334440, + "name": "CVE-2020-1337-exploit", + "full_name": "math1as\/CVE-2020-1337-exploit", + "owner": { + "login": "math1as", + "id": 13290978, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13290978?v=4", + "html_url": "https:\/\/github.com\/math1as" + }, + "html_url": "https:\/\/github.com\/math1as\/CVE-2020-1337-exploit", + "description": "CVE-2020-1337 Windows Print Spooler Privilege Escalation", + "fork": false, + "created_at": "2020-07-21T08:01:20Z", + "updated_at": "2021-02-07T02:19:32Z", + "pushed_at": "2020-07-21T10:28:42Z", + "stargazers_count": 144, + "watchers_count": 144, + "forks_count": 28, + "forks": 28, + "watchers": 144, + "score": 0 + }, + { + "id": 286737584, + "name": "CVE-2020-1337", + "full_name": "VoidSec\/CVE-2020-1337", + "owner": { + "login": "VoidSec", + "id": 5717603, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5717603?v=4", + "html_url": "https:\/\/github.com\/VoidSec" + }, + "html_url": "https:\/\/github.com\/VoidSec\/CVE-2020-1337", + "description": "CVE-2020-1337 a bypass of (PrintDemon) CVE-2020-1048’s patch", + "fork": false, + "created_at": "2020-08-11T12:22:56Z", + "updated_at": "2020-12-21T06:15:20Z", + "pushed_at": "2020-08-11T17:23:04Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 1, + "forks": 1, + "watchers": 9, + "score": 0 + }, + { + "id": 286767343, + "name": "CVE-2020-1337", + "full_name": "neofito\/CVE-2020-1337", + "owner": { + "login": "neofito", + "id": 1921186, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1921186?v=4", + "html_url": "https:\/\/github.com\/neofito" + }, + "html_url": "https:\/\/github.com\/neofito\/CVE-2020-1337", + "description": "CVE-2020-1048 bypass: binary planting PoC", + "fork": false, + "created_at": "2020-08-11T14:34:07Z", + "updated_at": "2020-12-11T17:31:45Z", + "pushed_at": "2020-08-20T15:15:50Z", + "stargazers_count": 32, + "watchers_count": 32, + "forks_count": 8, + "forks": 8, + "watchers": 32, + "score": 0 + }, + { + "id": 286979865, + "name": "cve-2020-1337-poc", + "full_name": "sailay1996\/cve-2020-1337-poc", + "owner": { + "login": "sailay1996", + "id": 16739401, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16739401?v=4", + "html_url": "https:\/\/github.com\/sailay1996" + }, + "html_url": "https:\/\/github.com\/sailay1996\/cve-2020-1337-poc", + "description": "poc for CVE-2020-1337 (Windows Print Spooler Elevation of Privilege)", + "fork": false, + "created_at": "2020-08-12T10:05:36Z", + "updated_at": "2021-03-10T05:50:53Z", + "pushed_at": "2020-08-13T07:16:12Z", + "stargazers_count": 144, + "watchers_count": 144, + "forks_count": 42, + "forks": 42, + "watchers": 144, + "score": 0 + }, { "id": 354442383, "name": "cve-2020-1337-poc", diff --git a/2020/CVE-2020-13424.json b/2020/CVE-2020-13424.json new file mode 100644 index 0000000000..3bcecd1a46 --- /dev/null +++ b/2020/CVE-2020-13424.json @@ -0,0 +1,25 @@ +[ + { + "id": 284480950, + "name": "CVE-2020-13424", + "full_name": "mkelepce\/CVE-2020-13424", + "owner": { + "login": "mkelepce", + "id": 10780392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10780392?v=4", + "html_url": "https:\/\/github.com\/mkelepce" + }, + "html_url": "https:\/\/github.com\/mkelepce\/CVE-2020-13424", + "description": " Joomla! Plugin XCloner Backup 3.5.3 - Local File Inclusion (Authenticated)", + "fork": false, + "created_at": "2020-08-02T14:46:10Z", + "updated_at": "2020-08-02T14:49:24Z", + "pushed_at": "2020-08-02T14:49:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1349.json b/2020/CVE-2020-1349.json new file mode 100644 index 0000000000..a847910bf7 --- /dev/null +++ b/2020/CVE-2020-1349.json @@ -0,0 +1,25 @@ +[ + { + "id": 283193307, + "name": "CVE-2020-1349", + "full_name": "0neb1n\/CVE-2020-1349", + "owner": { + "login": "0neb1n", + "id": 22587350, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22587350?v=4", + "html_url": "https:\/\/github.com\/0neb1n" + }, + "html_url": "https:\/\/github.com\/0neb1n\/CVE-2020-1349", + "description": null, + "fork": false, + "created_at": "2020-07-28T11:33:38Z", + "updated_at": "2021-01-24T17:07:02Z", + "pushed_at": "2020-07-28T13:36:41Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 4, + "forks": 4, + "watchers": 11, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1350.json b/2020/CVE-2020-1350.json index 20072dead8..dc2edc16b1 100644 --- a/2020/CVE-2020-1350.json +++ b/2020/CVE-2020-1350.json @@ -21,5 +21,304 @@ "forks": 15, "watchers": 54, "score": 0 + }, + { + "id": 279675165, + "name": "CVE-2020-1350", + "full_name": "mr-r3b00t\/CVE-2020-1350", + "owner": { + "login": "mr-r3b00t", + "id": 14963690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14963690?v=4", + "html_url": "https:\/\/github.com\/mr-r3b00t" + }, + "html_url": "https:\/\/github.com\/mr-r3b00t\/CVE-2020-1350", + "description": null, + "fork": false, + "created_at": "2020-07-14T19:28:46Z", + "updated_at": "2020-10-10T20:44:29Z", + "pushed_at": "2020-07-20T06:15:56Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 6, + "forks": 6, + "watchers": 6, + "score": 0 + }, + { + "id": 279701266, + "name": "Fake_CVE-2020-1350", + "full_name": "zoomerxsec\/Fake_CVE-2020-1350", + "owner": { + "login": "zoomerxsec", + "id": 56858864, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56858864?v=4", + "html_url": "https:\/\/github.com\/zoomerxsec" + }, + "html_url": "https:\/\/github.com\/zoomerxsec\/Fake_CVE-2020-1350", + "description": "Fake exploit tool, designed to rickroll users attempting to actually exploit.", + "fork": false, + "created_at": "2020-07-14T21:55:57Z", + "updated_at": "2020-10-10T20:44:46Z", + "pushed_at": "2020-07-19T02:29:33Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 3, + "forks": 3, + "watchers": 5, + "score": 0 + }, + { + "id": 279776271, + "name": "CVE-2020-1350", + "full_name": "T13nn3s\/CVE-2020-1350", + "owner": { + "login": "T13nn3s", + "id": 29333776, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29333776?v=4", + "html_url": "https:\/\/github.com\/T13nn3s" + }, + "html_url": "https:\/\/github.com\/T13nn3s\/CVE-2020-1350", + "description": "This Powershell Script is checking if your server is vulnerable for the CVE-2020-1350 Remote Code Execution flaw in the Windows DNS Service", + "fork": false, + "created_at": "2020-07-15T05:46:31Z", + "updated_at": "2020-10-26T00:13:06Z", + "pushed_at": "2020-07-18T06:38:11Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 10, + "forks": 10, + "watchers": 14, + "score": 0 + }, + { + "id": 279778118, + "name": "SIGRed", + "full_name": "corelight\/SIGRed", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight" + }, + "html_url": "https:\/\/github.com\/corelight\/SIGRed", + "description": "Detection of attempts to exploit Microsoft Windows DNS server via CVE-2020-1350 (AKA SIGRed)", + "fork": false, + "created_at": "2020-07-15T05:55:20Z", + "updated_at": "2021-01-14T18:47:12Z", + "pushed_at": "2020-07-20T02:20:43Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 4, + "forks": 4, + "watchers": 10, + "score": 0 + }, + { + "id": 279961698, + "name": "dRMM-CVE-2020-1350-response", + "full_name": "jmaddington\/dRMM-CVE-2020-1350-response", + "owner": { + "login": "jmaddington", + "id": 2353597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2353597?v=4", + "html_url": "https:\/\/github.com\/jmaddington" + }, + "html_url": "https:\/\/github.com\/jmaddington\/dRMM-CVE-2020-1350-response", + "description": "Windows registry mitigation response to CVE-2020-1350", + "fork": false, + "created_at": "2020-07-15T19:43:39Z", + "updated_at": "2020-10-10T20:38:31Z", + "pushed_at": "2020-07-15T19:59:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 3, + "forks": 3, + "watchers": 1, + "score": 0 + }, + { + "id": 279999285, + "name": "CVE-2020-1350-DoS", + "full_name": "maxpl0it\/CVE-2020-1350-DoS", + "owner": { + "login": "maxpl0it", + "id": 27973683, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27973683?v=4", + "html_url": "https:\/\/github.com\/maxpl0it" + }, + "html_url": "https:\/\/github.com\/maxpl0it\/CVE-2020-1350-DoS", + "description": "A denial-of-service proof-of-concept for CVE-2020-1350", + "fork": false, + "created_at": "2020-07-15T23:00:00Z", + "updated_at": "2021-03-31T07:43:42Z", + "pushed_at": "2020-07-17T13:07:29Z", + "stargazers_count": 228, + "watchers_count": 228, + "forks_count": 52, + "forks": 52, + "watchers": 228, + "score": 0 + }, + { + "id": 280207373, + "name": "CVE-2020-1350", + "full_name": "captainGeech42\/CVE-2020-1350", + "owner": { + "login": "captainGeech42", + "id": 4255667, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4255667?v=4", + "html_url": "https:\/\/github.com\/captainGeech42" + }, + "html_url": "https:\/\/github.com\/captainGeech42\/CVE-2020-1350", + "description": "Denial of Service PoC for CVE-2020-1350 (SIGRed)", + "fork": false, + "created_at": "2020-07-16T16:46:48Z", + "updated_at": "2021-01-10T20:47:19Z", + "pushed_at": "2020-07-16T18:32:04Z", + "stargazers_count": 17, + "watchers_count": 17, + "forks_count": 5, + "forks": 5, + "watchers": 17, + "score": 0 + }, + { + "id": 280336928, + "name": "CVE-2020-1350", + "full_name": "connormcgarr\/CVE-2020-1350", + "owner": { + "login": "connormcgarr", + "id": 45445720, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45445720?v=4", + "html_url": "https:\/\/github.com\/connormcgarr" + }, + "html_url": "https:\/\/github.com\/connormcgarr\/CVE-2020-1350", + "description": "CVE-2020-1350 Proof-of-Concept", + "fork": false, + "created_at": "2020-07-17T05:41:19Z", + "updated_at": "2021-03-13T12:31:18Z", + "pushed_at": "2020-07-27T16:20:06Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 1, + "forks": 1, + "watchers": 6, + "score": 0 + }, + { + "id": 280665873, + "name": "CVE-2020-1350", + "full_name": "graph-inc\/CVE-2020-1350", + "owner": { + "login": "graph-inc", + "id": 68469953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68469953?v=4", + "html_url": "https:\/\/github.com\/graph-inc" + }, + "html_url": "https:\/\/github.com\/graph-inc\/CVE-2020-1350", + "description": "Scanner and Mitigator for CVE 2020-1350", + "fork": false, + "created_at": "2020-07-18T13:49:54Z", + "updated_at": "2021-01-27T17:38:05Z", + "pushed_at": "2020-07-18T14:05:55Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + }, + { + "id": 280916907, + "name": "CVE-2020-1350", + "full_name": "CVEmaster\/CVE-2020-1350", + "owner": { + "login": "CVEmaster", + "id": 68512490, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68512490?v=4", + "html_url": "https:\/\/github.com\/CVEmaster" + }, + "html_url": "https:\/\/github.com\/CVEmaster\/CVE-2020-1350", + "description": "DNS Vulnerability - CVE-2020-1350", + "fork": false, + "created_at": "2020-07-19T17:32:47Z", + "updated_at": "2020-10-10T20:39:05Z", + "pushed_at": "2020-07-20T14:25:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 281069444, + "name": "CVE-2020-1350-checker.ps1", + "full_name": "Secuora-Org\/CVE-2020-1350-checker.ps1", + "owner": { + "login": "Secuora-Org", + "id": 67636594, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67636594?v=4", + "html_url": "https:\/\/github.com\/Secuora-Org" + }, + "html_url": "https:\/\/github.com\/Secuora-Org\/CVE-2020-1350-checker.ps1", + "description": "Comprueba si su servidor DNS es vulnerable a la ejecución remota de código.", + "fork": false, + "created_at": "2020-07-20T09:12:07Z", + "updated_at": "2020-10-10T20:40:44Z", + "pushed_at": "2020-07-20T09:12:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + }, + { + "id": 281667659, + "name": "cve-2020-1350", + "full_name": "gdwnet\/cve-2020-1350", + "owner": { + "login": "gdwnet", + "id": 19855556, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19855556?v=4", + "html_url": "https:\/\/github.com\/gdwnet" + }, + "html_url": "https:\/\/github.com\/gdwnet\/cve-2020-1350", + "description": "A powershell script to deploy the registry mitigation key for CVE-2020-1350", + "fork": false, + "created_at": "2020-07-22T12:11:33Z", + "updated_at": "2020-10-10T20:40:26Z", + "pushed_at": "2020-07-22T12:15:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 282558950, + "name": "CVE-2020-1350-Fix", + "full_name": "simeononsecurity\/CVE-2020-1350-Fix", + "owner": { + "login": "simeononsecurity", + "id": 4913771, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4913771?v=4", + "html_url": "https:\/\/github.com\/simeononsecurity" + }, + "html_url": "https:\/\/github.com\/simeononsecurity\/CVE-2020-1350-Fix", + "description": "A registry-based workaround can be used to help protect an affected Windows server, and it can be implemented without requiring an administrator to restart the server. Because of the volatility of this vulnerability, administrators may have to implement the workaround before they apply the security update in order to enable them to update their systems by using a standard deployment cadence.", + "fork": false, + "created_at": "2020-07-26T02:12:36Z", + "updated_at": "2020-10-10T20:40:04Z", + "pushed_at": "2020-07-26T02:13:24Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-1362.json b/2020/CVE-2020-1362.json new file mode 100644 index 0000000000..17c4f399d5 --- /dev/null +++ b/2020/CVE-2020-1362.json @@ -0,0 +1,25 @@ +[ + { + "id": 280358563, + "name": "CVE-2020-1362", + "full_name": "Q4n\/CVE-2020-1362", + "owner": { + "login": "Q4n", + "id": 48317526, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48317526?v=4", + "html_url": "https:\/\/github.com\/Q4n" + }, + "html_url": "https:\/\/github.com\/Q4n\/CVE-2020-1362", + "description": "writeup of CVE-2020-1362", + "fork": false, + "created_at": "2020-07-17T07:35:05Z", + "updated_at": "2021-03-12T18:18:45Z", + "pushed_at": "2020-07-17T07:54:26Z", + "stargazers_count": 223, + "watchers_count": 223, + "forks_count": 44, + "forks": 44, + "watchers": 223, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13640.json b/2020/CVE-2020-13640.json new file mode 100644 index 0000000000..473d6650bf --- /dev/null +++ b/2020/CVE-2020-13640.json @@ -0,0 +1,25 @@ +[ + { + "id": 277377386, + "name": "CVE-2020-13640", + "full_name": "asterite3\/CVE-2020-13640", + "owner": { + "login": "asterite3", + "id": 5569241, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5569241?v=4", + "html_url": "https:\/\/github.com\/asterite3" + }, + "html_url": "https:\/\/github.com\/asterite3\/CVE-2020-13640", + "description": "CVE-2020-13640 - SQL injection in wpDiscuz WordPress plugin <= 5.3.5", + "fork": false, + "created_at": "2020-07-05T20:22:16Z", + "updated_at": "2020-07-29T06:32:34Z", + "pushed_at": "2020-07-05T20:24:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13925.json b/2020/CVE-2020-13925.json new file mode 100644 index 0000000000..ff0a06e06d --- /dev/null +++ b/2020/CVE-2020-13925.json @@ -0,0 +1,25 @@ +[ + { + "id": 281088072, + "name": "CVE-2020-13925", + "full_name": "bit4woo\/CVE-2020-13925", + "owner": { + "login": "bit4woo", + "id": 8793481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8793481?v=4", + "html_url": "https:\/\/github.com\/bit4woo" + }, + "html_url": "https:\/\/github.com\/bit4woo\/CVE-2020-13925", + "description": null, + "fork": false, + "created_at": "2020-07-20T10:38:14Z", + "updated_at": "2020-09-01T02:28:05Z", + "pushed_at": "2020-07-20T10:56:28Z", + "stargazers_count": 15, + "watchers_count": 15, + "forks_count": 1, + "forks": 1, + "watchers": 15, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13933.json b/2020/CVE-2020-13933.json new file mode 100644 index 0000000000..9a9e8e1693 --- /dev/null +++ b/2020/CVE-2020-13933.json @@ -0,0 +1,48 @@ +[ + { + "id": 294077686, + "name": "CVE-2020-13933", + "full_name": "lyy289065406\/CVE-2020-13933", + "owner": { + "login": "lyy289065406", + "id": 17040287, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17040287?v=4", + "html_url": "https:\/\/github.com\/lyy289065406" + }, + "html_url": "https:\/\/github.com\/lyy289065406\/CVE-2020-13933", + "description": "CVE-2020-13933 靶场: shiro 认证绕过漏洞", + "fork": false, + "created_at": "2020-09-09T10:20:25Z", + "updated_at": "2020-11-20T06:30:05Z", + "pushed_at": "2020-09-11T17:14:19Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 1, + "forks": 1, + "watchers": 8, + "score": 0 + }, + { + "id": 297823317, + "name": "cve-2020-13933", + "full_name": "0xkami\/cve-2020-13933", + "owner": { + "login": "0xkami", + "id": 19571618, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19571618?v=4", + "html_url": "https:\/\/github.com\/0xkami" + }, + "html_url": "https:\/\/github.com\/0xkami\/cve-2020-13933", + "description": "cve-2020-13933 apache shiro权限绕过漏洞", + "fork": false, + "created_at": "2020-09-23T01:55:46Z", + "updated_at": "2020-12-14T07:27:56Z", + "pushed_at": "2020-09-23T02:00:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13935.json b/2020/CVE-2020-13935.json new file mode 100644 index 0000000000..fb8df6fe31 --- /dev/null +++ b/2020/CVE-2020-13935.json @@ -0,0 +1,25 @@ +[ + { + "id": 309400991, + "name": "CVE-2020-13935", + "full_name": "RedTeamPentesting\/CVE-2020-13935", + "owner": { + "login": "RedTeamPentesting", + "id": 34096076, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34096076?v=4", + "html_url": "https:\/\/github.com\/RedTeamPentesting" + }, + "html_url": "https:\/\/github.com\/RedTeamPentesting\/CVE-2020-13935", + "description": "Exploit for WebSocket Vulnerability in Apache Tomcat", + "fork": false, + "created_at": "2020-11-02T14:48:55Z", + "updated_at": "2021-04-07T13:37:56Z", + "pushed_at": "2020-11-02T14:51:48Z", + "stargazers_count": 119, + "watchers_count": 119, + "forks_count": 27, + "forks": 27, + "watchers": 119, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13996.json b/2020/CVE-2020-13996.json new file mode 100644 index 0000000000..5ad35157fa --- /dev/null +++ b/2020/CVE-2020-13996.json @@ -0,0 +1,25 @@ +[ + { + "id": 284481729, + "name": "CVE-2020-13996", + "full_name": "mkelepce\/CVE-2020-13996", + "owner": { + "login": "mkelepce", + "id": 10780392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10780392?v=4", + "html_url": "https:\/\/github.com\/mkelepce" + }, + "html_url": "https:\/\/github.com\/mkelepce\/CVE-2020-13996", + "description": " Joomla! J2 Store 3.3.11 - 'filter_order_Dir' Authenticated SQL Injection", + "fork": false, + "created_at": "2020-08-02T14:50:04Z", + "updated_at": "2020-08-02T14:52:24Z", + "pushed_at": "2020-08-02T14:52:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14064.json b/2020/CVE-2020-14064.json index b315188db9..dbb212eac0 100644 --- a/2020/CVE-2020-14064.json +++ b/2020/CVE-2020-14064.json @@ -21,5 +21,28 @@ "forks": 0, "watchers": 1, "score": 0 + }, + { + "id": 300843760, + "name": "CVE-2020-14064", + "full_name": "masoud-zivari\/CVE-2020-14064", + "owner": { + "login": "masoud-zivari", + "id": 72297087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72297087?v=4", + "html_url": "https:\/\/github.com\/masoud-zivari" + }, + "html_url": "https:\/\/github.com\/masoud-zivari\/CVE-2020-14064", + "description": null, + "fork": false, + "created_at": "2020-10-03T09:30:34Z", + "updated_at": "2020-10-03T09:30:47Z", + "pushed_at": "2020-10-03T09:30:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-14065.json b/2020/CVE-2020-14065.json index 7fe9ea0369..c01275bf70 100644 --- a/2020/CVE-2020-14065.json +++ b/2020/CVE-2020-14065.json @@ -21,5 +21,28 @@ "forks": 0, "watchers": 1, "score": 0 + }, + { + "id": 300840687, + "name": "CVE-2020-14065", + "full_name": "masoud-zivari\/CVE-2020-14065", + "owner": { + "login": "masoud-zivari", + "id": 72297087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72297087?v=4", + "html_url": "https:\/\/github.com\/masoud-zivari" + }, + "html_url": "https:\/\/github.com\/masoud-zivari\/CVE-2020-14065", + "description": null, + "fork": false, + "created_at": "2020-10-03T09:13:19Z", + "updated_at": "2020-10-03T09:13:34Z", + "pushed_at": "2020-10-03T09:13:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-14066.json b/2020/CVE-2020-14066.json index 473084d38c..12248db5e6 100644 --- a/2020/CVE-2020-14066.json +++ b/2020/CVE-2020-14066.json @@ -21,5 +21,28 @@ "forks": 0, "watchers": 1, "score": 0 + }, + { + "id": 300841463, + "name": "CVE-2020-14066", + "full_name": "masoud-zivari\/CVE-2020-14066", + "owner": { + "login": "masoud-zivari", + "id": 72297087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72297087?v=4", + "html_url": "https:\/\/github.com\/masoud-zivari" + }, + "html_url": "https:\/\/github.com\/masoud-zivari\/CVE-2020-14066", + "description": null, + "fork": false, + "created_at": "2020-10-03T09:17:35Z", + "updated_at": "2020-10-03T09:17:50Z", + "pushed_at": "2020-10-03T09:17:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-14181.json b/2020/CVE-2020-14181.json index d041f6242f..e7b92ca0d3 100644 --- a/2020/CVE-2020-14181.json +++ b/2020/CVE-2020-14181.json @@ -1,4 +1,27 @@ [ + { + "id": 307446561, + "name": "CVE-2020-14181", + "full_name": "Rival420\/CVE-2020-14181", + "owner": { + "login": "Rival420", + "id": 51548322, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51548322?v=4", + "html_url": "https:\/\/github.com\/Rival420" + }, + "html_url": "https:\/\/github.com\/Rival420\/CVE-2020-14181", + "description": "POC For CVE-2020-1481 - Jira Username Enumerator\/Validator", + "fork": false, + "created_at": "2020-10-26T17:07:28Z", + "updated_at": "2021-03-29T07:28:14Z", + "pushed_at": "2020-10-30T09:36:23Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 0, + "forks": 0, + "watchers": 5, + "score": 0 + }, { "id": 336200955, "name": "CVE-2020-14181", diff --git a/2020/CVE-2020-14199.json b/2020/CVE-2020-14199.json new file mode 100644 index 0000000000..212f0d1fae --- /dev/null +++ b/2020/CVE-2020-14199.json @@ -0,0 +1,25 @@ +[ + { + "id": 280435778, + "name": "CVE-2020-14199", + "full_name": "nondejus\/CVE-2020-14199", + "owner": { + "login": "nondejus", + "id": 56696825, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56696825?v=4", + "html_url": "https:\/\/github.com\/nondejus" + }, + "html_url": "https:\/\/github.com\/nondejus\/CVE-2020-14199", + "description": null, + "fork": false, + "created_at": "2020-07-17T13:48:01Z", + "updated_at": "2020-07-17T13:58:07Z", + "pushed_at": "2020-07-17T13:58:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14292.json b/2020/CVE-2020-14292.json new file mode 100644 index 0000000000..de2a7218f5 --- /dev/null +++ b/2020/CVE-2020-14292.json @@ -0,0 +1,25 @@ +[ + { + "id": 288914124, + "name": "CVE-2020-14292", + "full_name": "alwentiu\/CVE-2020-14292", + "owner": { + "login": "alwentiu", + "id": 39551518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39551518?v=4", + "html_url": "https:\/\/github.com\/alwentiu" + }, + "html_url": "https:\/\/github.com\/alwentiu\/CVE-2020-14292", + "description": "Details of CVE-2020-14292", + "fork": false, + "created_at": "2020-08-20T05:24:30Z", + "updated_at": "2020-09-08T02:14:25Z", + "pushed_at": "2020-09-08T02:13:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14293.json b/2020/CVE-2020-14293.json new file mode 100644 index 0000000000..1d03738d7b --- /dev/null +++ b/2020/CVE-2020-14293.json @@ -0,0 +1,25 @@ +[ + { + "id": 298228408, + "name": "CVE-2020-14293", + "full_name": "patrickhener\/CVE-2020-14293", + "owner": { + "login": "patrickhener", + "id": 7579055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7579055?v=4", + "html_url": "https:\/\/github.com\/patrickhener" + }, + "html_url": "https:\/\/github.com\/patrickhener\/CVE-2020-14293", + "description": "This repository holds the advisory, exploits and vulnerable software of the CVE-2020-14293", + "fork": false, + "created_at": "2020-09-24T09:17:38Z", + "updated_at": "2020-10-06T10:32:07Z", + "pushed_at": "2020-10-02T10:38:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14294.json b/2020/CVE-2020-14294.json new file mode 100644 index 0000000000..bdfd55b406 --- /dev/null +++ b/2020/CVE-2020-14294.json @@ -0,0 +1,25 @@ +[ + { + "id": 298221475, + "name": "CVE-2020-14294", + "full_name": "patrickhener\/CVE-2020-14294", + "owner": { + "login": "patrickhener", + "id": 7579055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7579055?v=4", + "html_url": "https:\/\/github.com\/patrickhener" + }, + "html_url": "https:\/\/github.com\/patrickhener\/CVE-2020-14294", + "description": "This repository holds the advisory of the CVE-2020-14294", + "fork": false, + "created_at": "2020-09-24T08:49:05Z", + "updated_at": "2020-10-02T10:37:49Z", + "pushed_at": "2020-10-02T10:37:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14321.json b/2020/CVE-2020-14321.json new file mode 100644 index 0000000000..a0aa03a211 --- /dev/null +++ b/2020/CVE-2020-14321.json @@ -0,0 +1,25 @@ +[ + { + "id": 282554130, + "name": "CVE-2020-14321", + "full_name": "HoangKien1020\/CVE-2020-14321", + "owner": { + "login": "HoangKien1020", + "id": 24661746, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24661746?v=4", + "html_url": "https:\/\/github.com\/HoangKien1020" + }, + "html_url": "https:\/\/github.com\/HoangKien1020\/CVE-2020-14321", + "description": "Course enrolments allowed privilege escalation from teacher role into manager role to RCE", + "fork": false, + "created_at": "2020-07-26T01:28:53Z", + "updated_at": "2021-04-05T13:39:48Z", + "pushed_at": "2020-07-26T01:36:14Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14386.json b/2020/CVE-2020-14386.json new file mode 100644 index 0000000000..c8bc47a477 --- /dev/null +++ b/2020/CVE-2020-14386.json @@ -0,0 +1,25 @@ +[ + { + "id": 296445764, + "name": "cve-2020-14386", + "full_name": "cgwalters\/cve-2020-14386", + "owner": { + "login": "cgwalters", + "id": 244096, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/244096?v=4", + "html_url": "https:\/\/github.com\/cgwalters" + }, + "html_url": "https:\/\/github.com\/cgwalters\/cve-2020-14386", + "description": null, + "fork": false, + "created_at": "2020-09-17T21:25:18Z", + "updated_at": "2021-03-04T03:23:26Z", + "pushed_at": "2020-09-18T00:01:00Z", + "stargazers_count": 34, + "watchers_count": 34, + "forks_count": 15, + "forks": 15, + "watchers": 34, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14644.json b/2020/CVE-2020-14644.json new file mode 100644 index 0000000000..ecae6e7226 --- /dev/null +++ b/2020/CVE-2020-14644.json @@ -0,0 +1,25 @@ +[ + { + "id": 305639848, + "name": "cve-2020-14644", + "full_name": "0xkami\/cve-2020-14644", + "owner": { + "login": "0xkami", + "id": 19571618, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19571618?v=4", + "html_url": "https:\/\/github.com\/0xkami" + }, + "html_url": "https:\/\/github.com\/0xkami\/cve-2020-14644", + "description": "cve-2020-14644 漏洞环境", + "fork": false, + "created_at": "2020-10-20T08:25:40Z", + "updated_at": "2020-10-20T09:11:28Z", + "pushed_at": "2020-10-20T09:11:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14645.json b/2020/CVE-2020-14645.json index a8f75be884..5a4e0ab543 100644 --- a/2020/CVE-2020-14645.json +++ b/2020/CVE-2020-14645.json @@ -1,4 +1,73 @@ [ + { + "id": 281003266, + "name": "CVE-2020-14645", + "full_name": "Y4er\/CVE-2020-14645", + "owner": { + "login": "Y4er", + "id": 40487319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40487319?v=4", + "html_url": "https:\/\/github.com\/Y4er" + }, + "html_url": "https:\/\/github.com\/Y4er\/CVE-2020-14645", + "description": "Weblogic CVE-2020-14645 UniversalExtractor JNDI injection getDatabaseMetaData()", + "fork": false, + "created_at": "2020-07-20T03:27:24Z", + "updated_at": "2021-03-16T07:32:45Z", + "pushed_at": "2020-07-20T03:51:06Z", + "stargazers_count": 80, + "watchers_count": 80, + "forks_count": 13, + "forks": 13, + "watchers": 80, + "score": 0 + }, + { + "id": 281100240, + "name": "CVE-2020-14645", + "full_name": "DaBoQuan\/CVE-2020-14645", + "owner": { + "login": "DaBoQuan", + "id": 13045485, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13045485?v=4", + "html_url": "https:\/\/github.com\/DaBoQuan" + }, + "html_url": "https:\/\/github.com\/DaBoQuan\/CVE-2020-14645", + "description": null, + "fork": false, + "created_at": "2020-07-20T11:40:09Z", + "updated_at": "2020-08-31T02:50:43Z", + "pushed_at": "2020-07-20T14:03:23Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, + { + "id": 283214659, + "name": "CVE-2020-14645", + "full_name": "ChenZIDu\/CVE-2020-14645", + "owner": { + "login": "ChenZIDu", + "id": 49174343, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49174343?v=4", + "html_url": "https:\/\/github.com\/ChenZIDu" + }, + "html_url": "https:\/\/github.com\/ChenZIDu\/CVE-2020-14645", + "description": "环境下载", + "fork": false, + "created_at": "2020-07-28T13:05:13Z", + "updated_at": "2020-07-29T04:25:51Z", + "pushed_at": "2020-07-29T04:25:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 305992602, "name": "CVE-2020-14645-code", diff --git a/2020/CVE-2020-1472.json b/2020/CVE-2020-1472.json index 4b14a21332..f4c8485742 100644 --- a/2020/CVE-2020-1472.json +++ b/2020/CVE-2020-1472.json @@ -1,4 +1,510 @@ [ + { + "id": 287009597, + "name": "CVE-2020-1472-visualizer", + "full_name": "Tobey123\/CVE-2020-1472-visualizer", + "owner": { + "login": "Tobey123", + "id": 5292815, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5292815?v=4", + "html_url": "https:\/\/github.com\/Tobey123" + }, + "html_url": "https:\/\/github.com\/Tobey123\/CVE-2020-1472-visualizer", + "description": null, + "fork": false, + "created_at": "2020-08-12T12:35:56Z", + "updated_at": "2020-11-05T15:16:46Z", + "pushed_at": "2020-08-06T22:24:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 293756101, + "name": "CVE-2020-1472", + "full_name": "SecuraBV\/CVE-2020-1472", + "owner": { + "login": "SecuraBV", + "id": 46344423, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46344423?v=4", + "html_url": "https:\/\/github.com\/SecuraBV" + }, + "html_url": "https:\/\/github.com\/SecuraBV\/CVE-2020-1472", + "description": "Test tool for CVE-2020-1472", + "fork": false, + "created_at": "2020-09-08T08:58:37Z", + "updated_at": "2021-04-07T13:30:25Z", + "pushed_at": "2020-10-21T12:10:28Z", + "stargazers_count": 1269, + "watchers_count": 1269, + "forks_count": 292, + "forks": 292, + "watchers": 1269, + "score": 0 + }, + { + "id": 295480770, + "name": "CVE-2020-1472", + "full_name": "cube0x0\/CVE-2020-1472", + "owner": { + "login": "cube0x0", + "id": 39370848, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39370848?v=4", + "html_url": "https:\/\/github.com\/cube0x0" + }, + "html_url": "https:\/\/github.com\/cube0x0\/CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2020-09-14T16:52:37Z", + "updated_at": "2021-04-08T01:07:35Z", + "pushed_at": "2020-09-14T16:53:07Z", + "stargazers_count": 31, + "watchers_count": 31, + "forks_count": 9, + "forks": 9, + "watchers": 31, + "score": 0 + }, + { + "id": 295481822, + "name": "CVE-2020-1472", + "full_name": "dirkjanm\/CVE-2020-1472", + "owner": { + "login": "dirkjanm", + "id": 1773762, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1773762?v=4", + "html_url": "https:\/\/github.com\/dirkjanm" + }, + "html_url": "https:\/\/github.com\/dirkjanm\/CVE-2020-1472", + "description": "PoC for Zerologon - all research credits go to Tom Tervoort of Secura", + "fork": false, + "created_at": "2020-09-14T16:56:51Z", + "updated_at": "2021-04-08T10:22:43Z", + "pushed_at": "2020-11-03T09:45:24Z", + "stargazers_count": 779, + "watchers_count": 779, + "forks_count": 227, + "forks": 227, + "watchers": 779, + "score": 0 + }, + { + "id": 295482050, + "name": "CVE-2020-1472", + "full_name": "VoidSec\/CVE-2020-1472", + "owner": { + "login": "VoidSec", + "id": 5717603, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5717603?v=4", + "html_url": "https:\/\/github.com\/VoidSec" + }, + "html_url": "https:\/\/github.com\/VoidSec\/CVE-2020-1472", + "description": "Exploit Code for CVE-2020-1472 aka Zerologon", + "fork": false, + "created_at": "2020-09-14T16:57:49Z", + "updated_at": "2021-04-07T12:53:44Z", + "pushed_at": "2020-11-05T16:37:20Z", + "stargazers_count": 198, + "watchers_count": 198, + "forks_count": 38, + "forks": 38, + "watchers": 198, + "score": 0 + }, + { + "id": 295515909, + "name": "zerologon", + "full_name": "risksense\/zerologon", + "owner": { + "login": "risksense", + "id": 1999284, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1999284?v=4", + "html_url": "https:\/\/github.com\/risksense" + }, + "html_url": "https:\/\/github.com\/risksense\/zerologon", + "description": "Exploit for zerologon cve-2020-1472", + "fork": false, + "created_at": "2020-09-14T19:19:07Z", + "updated_at": "2021-04-07T11:37:32Z", + "pushed_at": "2020-10-15T18:31:15Z", + "stargazers_count": 297, + "watchers_count": 297, + "forks_count": 98, + "forks": 98, + "watchers": 297, + "score": 0 + }, + { + "id": 295517706, + "name": "zer0dump", + "full_name": "bb00\/zer0dump", + "owner": { + "login": "bb00", + "id": 11166320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11166320?v=4", + "html_url": "https:\/\/github.com\/bb00" + }, + "html_url": "https:\/\/github.com\/bb00\/zer0dump", + "description": "Abuse CVE-2020-1472 (Zerologon) to take over a domain and then repair the local stored machine account password.", + "fork": false, + "created_at": "2020-09-14T19:27:14Z", + "updated_at": "2021-04-02T22:09:33Z", + "pushed_at": "2020-09-16T14:05:27Z", + "stargazers_count": 147, + "watchers_count": 147, + "forks_count": 36, + "forks": 36, + "watchers": 147, + "score": 0 + }, + { + "id": 295692006, + "name": "CVE-2020-1472", + "full_name": "0xkami\/CVE-2020-1472", + "owner": { + "login": "0xkami", + "id": 19571618, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19571618?v=4", + "html_url": "https:\/\/github.com\/0xkami" + }, + "html_url": "https:\/\/github.com\/0xkami\/CVE-2020-1472", + "description": "CVE-2020-1472漏洞复现过程", + "fork": false, + "created_at": "2020-09-15T10:25:47Z", + "updated_at": "2020-11-07T02:11:06Z", + "pushed_at": "2020-09-15T10:39:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + }, + { + "id": 295716616, + "name": "CVE-2020-1472", + "full_name": "NAXG\/CVE-2020-1472", + "owner": { + "login": "NAXG", + "id": 28560949, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28560949?v=4", + "html_url": "https:\/\/github.com\/NAXG" + }, + "html_url": "https:\/\/github.com\/NAXG\/CVE-2020-1472", + "description": "CVE-2020-1472复现流程", + "fork": false, + "created_at": "2020-09-15T12:11:49Z", + "updated_at": "2020-09-17T20:50:53Z", + "pushed_at": "2020-09-16T08:45:06Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + }, + { + "id": 295743213, + "name": "CVE-2020-1472", + "full_name": "s0wr0b1ndef\/CVE-2020-1472", + "owner": { + "login": "s0wr0b1ndef", + "id": 37288034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37288034?v=4", + "html_url": "https:\/\/github.com\/s0wr0b1ndef" + }, + "html_url": "https:\/\/github.com\/s0wr0b1ndef\/CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2020-09-15T13:50:01Z", + "updated_at": "2020-09-20T18:17:37Z", + "pushed_at": "2021-03-20T05:07:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 295754317, + "name": "zerologon-CVE-2020-1472", + "full_name": "harshil-shah004\/zerologon-CVE-2020-1472", + "owner": { + "login": "harshil-shah004", + "id": 34110198, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34110198?v=4", + "html_url": "https:\/\/github.com\/harshil-shah004" + }, + "html_url": "https:\/\/github.com\/harshil-shah004\/zerologon-CVE-2020-1472", + "description": "PoC for Zerologon (CVE-2020-1472) - Exploit", + "fork": false, + "created_at": "2020-09-15T14:29:24Z", + "updated_at": "2021-01-27T07:28:51Z", + "pushed_at": "2020-09-16T11:06:19Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "forks": 0, + "watchers": 3, + "score": 0 + }, + { + "id": 295781919, + "name": "CVE-2020-1472-EXP", + "full_name": "k8gege\/CVE-2020-1472-EXP", + "owner": { + "login": "k8gege", + "id": 42312878, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42312878?v=4", + "html_url": "https:\/\/github.com\/k8gege" + }, + "html_url": "https:\/\/github.com\/k8gege\/CVE-2020-1472-EXP", + "description": "Ladon Moudle CVE-2020-1472 Exploit 域控提权神器", + "fork": false, + "created_at": "2020-09-15T16:10:21Z", + "updated_at": "2021-02-11T11:15:16Z", + "pushed_at": "2020-09-15T16:40:53Z", + "stargazers_count": 49, + "watchers_count": 49, + "forks_count": 17, + "forks": 17, + "watchers": 49, + "score": 0 + }, + { + "id": 295788757, + "name": "CVE-2020-1472", + "full_name": "422926799\/CVE-2020-1472", + "owner": { + "login": "422926799", + "id": 29516567, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29516567?v=4", + "html_url": "https:\/\/github.com\/422926799" + }, + "html_url": "https:\/\/github.com\/422926799\/CVE-2020-1472", + "description": "CVE-2020-1472", + "fork": false, + "created_at": "2020-09-15T16:36:40Z", + "updated_at": "2020-09-16T03:58:43Z", + "pushed_at": "2020-09-15T16:38:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 295903888, + "name": "zabbix-template-CVE-2020-1472", + "full_name": "scv-m\/zabbix-template-CVE-2020-1472", + "owner": { + "login": "scv-m", + "id": 965541, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/965541?v=4", + "html_url": "https:\/\/github.com\/scv-m" + }, + "html_url": "https:\/\/github.com\/scv-m\/zabbix-template-CVE-2020-1472", + "description": "Zabbix Template to monitor for Windows Event Viewer event's related to Netlogon Elevation of Privilege Vulnerability - CVE-2020-1472. Monitors event ID's 5827, 5828 & 5829. See: https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2020-1472", + "fork": false, + "created_at": "2020-09-16T02:37:52Z", + "updated_at": "2021-02-08T22:22:05Z", + "pushed_at": "2020-09-16T02:47:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, + { + "id": 295915198, + "name": "cve-2020-1472", + "full_name": "mstxq17\/cve-2020-1472", + "owner": { + "login": "mstxq17", + "id": 29624427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29624427?v=4", + "html_url": "https:\/\/github.com\/mstxq17" + }, + "html_url": "https:\/\/github.com\/mstxq17\/cve-2020-1472", + "description": "cve-2020-1472 复现利用及其exp", + "fork": false, + "created_at": "2020-09-16T03:40:47Z", + "updated_at": "2021-03-01T01:00:35Z", + "pushed_at": "2020-09-16T15:03:32Z", + "stargazers_count": 46, + "watchers_count": 46, + "forks_count": 10, + "forks": 10, + "watchers": 46, + "score": 0 + }, + { + "id": 295917575, + "name": "CVE-2020-1472", + "full_name": "Fa1c0n35\/CVE-2020-1472", + "owner": { + "login": "Fa1c0n35", + "id": 33335488, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33335488?v=4", + "html_url": "https:\/\/github.com\/Fa1c0n35" + }, + "html_url": "https:\/\/github.com\/Fa1c0n35\/CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2020-09-16T03:54:27Z", + "updated_at": "2020-09-19T17:56:42Z", + "pushed_at": "2020-09-16T03:54:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 295917979, + "name": "SecuraBV-CVE-2020-1472", + "full_name": "Fa1c0n35\/SecuraBV-CVE-2020-1472", + "owner": { + "login": "Fa1c0n35", + "id": 33335488, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33335488?v=4", + "html_url": "https:\/\/github.com\/Fa1c0n35" + }, + "html_url": "https:\/\/github.com\/Fa1c0n35\/SecuraBV-CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2020-09-16T03:57:04Z", + "updated_at": "2020-09-25T06:08:29Z", + "pushed_at": "2021-03-20T05:06:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 295956141, + "name": "CVE-2020-1472", + "full_name": "CanciuCostin\/CVE-2020-1472", + "owner": { + "login": "CanciuCostin", + "id": 27332434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27332434?v=4", + "html_url": "https:\/\/github.com\/CanciuCostin" + }, + "html_url": "https:\/\/github.com\/CanciuCostin\/CVE-2020-1472", + "description": "CVE-2020-1472 - Zero Logon vulnerability Python implementation", + "fork": false, + "created_at": "2020-09-16T07:25:22Z", + "updated_at": "2020-09-17T07:17:13Z", + "pushed_at": "2020-09-16T08:39:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 295972450, + "name": "cve-2020-1472_Tool-collection", + "full_name": "0xcccc666\/cve-2020-1472_Tool-collection", + "owner": { + "login": "0xcccc666", + "id": 71364553, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71364553?v=4", + "html_url": "https:\/\/github.com\/0xcccc666" + }, + "html_url": "https:\/\/github.com\/0xcccc666\/cve-2020-1472_Tool-collection", + "description": "cve-2020-1472_Tool collection", + "fork": false, + "created_at": "2020-09-16T08:32:52Z", + "updated_at": "2020-11-28T04:59:11Z", + "pushed_at": "2020-09-16T09:13:44Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "forks": 2, + "watchers": 2, + "score": 0 + }, + { + "id": 295984599, + "name": "CVE-2020-1472", + "full_name": "murataydemir\/CVE-2020-1472", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2020-1472", + "description": "[CVE-2020-1472] Netlogon Remote Protocol Call (MS-NRPC) Privilege Escalation (Zerologon)", + "fork": false, + "created_at": "2020-09-16T09:22:30Z", + "updated_at": "2021-01-15T04:57:38Z", + "pushed_at": "2020-09-16T20:59:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + }, + { + "id": 295992280, + "name": "CVE-2020-1472", + "full_name": "npocmak\/CVE-2020-1472", + "owner": { + "login": "npocmak", + "id": 33814019, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33814019?v=4", + "html_url": "https:\/\/github.com\/npocmak" + }, + "html_url": "https:\/\/github.com\/npocmak\/CVE-2020-1472", + "description": "https:\/\/github.com\/dirkjanm\/CVE-2020-1472", + "fork": false, + "created_at": "2020-09-16T09:54:09Z", + "updated_at": "2020-10-10T11:45:35Z", + "pushed_at": "2020-09-16T09:58:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, + { + "id": 296056571, + "name": "CVE-2020-1472", + "full_name": "victim10wq3\/CVE-2020-1472", + "owner": { + "login": "victim10wq3", + "id": 46973456, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46973456?v=4", + "html_url": "https:\/\/github.com\/victim10wq3" + }, + "html_url": "https:\/\/github.com\/victim10wq3\/CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2020-09-16T14:25:54Z", + "updated_at": "2020-09-19T17:56:06Z", + "pushed_at": "2020-09-16T14:28:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, { "id": 296388474, "name": "zerologon", @@ -22,6 +528,190 @@ "watchers": 41, "score": 0 }, + { + "id": 296468860, + "name": "CVE-2020-1472", + "full_name": "sv3nbeast\/CVE-2020-1472", + "owner": { + "login": "sv3nbeast", + "id": 55974091, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55974091?v=4", + "html_url": "https:\/\/github.com\/sv3nbeast" + }, + "html_url": "https:\/\/github.com\/sv3nbeast\/CVE-2020-1472", + "description": " CVE-2020-1472复现时使用的py文件整理打包", + "fork": false, + "created_at": "2020-09-18T00:02:26Z", + "updated_at": "2020-12-09T05:06:51Z", + "pushed_at": "2020-09-18T00:20:46Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 5, + "forks": 5, + "watchers": 7, + "score": 0 + }, + { + "id": 296948762, + "name": "CVE-2020-1472-Easy", + "full_name": "midpipps\/CVE-2020-1472-Easy", + "owner": { + "login": "midpipps", + "id": 4256983, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4256983?v=4", + "html_url": "https:\/\/github.com\/midpipps" + }, + "html_url": "https:\/\/github.com\/midpipps\/CVE-2020-1472-Easy", + "description": "A simple implementation\/code smash of a bunch of other repos", + "fork": false, + "created_at": "2020-09-19T20:44:40Z", + "updated_at": "2020-09-19T21:27:41Z", + "pushed_at": "2020-09-19T21:27:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 296966855, + "name": "CVE-2020-1472", + "full_name": "hectorgie\/CVE-2020-1472", + "owner": { + "login": "hectorgie", + "id": 56555336, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56555336?v=4", + "html_url": "https:\/\/github.com\/hectorgie" + }, + "html_url": "https:\/\/github.com\/hectorgie\/CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2020-09-19T23:15:41Z", + "updated_at": "2020-09-19T23:15:54Z", + "pushed_at": "2020-09-19T23:15:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 297085240, + "name": "zerologon-cve-2020-1472-notes", + "full_name": "johnpathe\/zerologon-cve-2020-1472-notes", + "owner": { + "login": "johnpathe", + "id": 8648275, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8648275?v=4", + "html_url": "https:\/\/github.com\/johnpathe" + }, + "html_url": "https:\/\/github.com\/johnpathe\/zerologon-cve-2020-1472-notes", + "description": null, + "fork": false, + "created_at": "2020-09-20T13:44:16Z", + "updated_at": "2020-10-19T06:55:24Z", + "pushed_at": "2020-10-19T06:55:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 297260718, + "name": "CVE-2020-1472", + "full_name": "t31m0\/CVE-2020-1472", + "owner": { + "login": "t31m0", + "id": 13071219, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13071219?v=4", + "html_url": "https:\/\/github.com\/t31m0" + }, + "html_url": "https:\/\/github.com\/t31m0\/CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2020-09-21T07:24:03Z", + "updated_at": "2020-09-21T07:24:16Z", + "pushed_at": "2020-09-21T07:24:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 298383438, + "name": "CVE-2020-1472", + "full_name": "grupooruss\/CVE-2020-1472", + "owner": { + "login": "grupooruss", + "id": 43943489, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43943489?v=4", + "html_url": "https:\/\/github.com\/grupooruss" + }, + "html_url": "https:\/\/github.com\/grupooruss\/CVE-2020-1472", + "description": "CVE 2020-1472 Script de validación ", + "fork": false, + "created_at": "2020-09-24T20:05:21Z", + "updated_at": "2020-09-24T20:08:43Z", + "pushed_at": "2020-09-24T20:08:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 298771178, + "name": "CVE-2020-1472", + "full_name": "striveben\/CVE-2020-1472", + "owner": { + "login": "striveben", + "id": 61238912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61238912?v=4", + "html_url": "https:\/\/github.com\/striveben" + }, + "html_url": "https:\/\/github.com\/striveben\/CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2020-09-26T08:31:47Z", + "updated_at": "2021-01-21T09:02:23Z", + "pushed_at": "2020-09-26T08:44:42Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 0, + "forks": 0, + "watchers": 4, + "score": 0 + }, + { + "id": 299216120, + "name": "CVE-2020-1472-02-", + "full_name": "Fa1c0n35\/CVE-2020-1472-02-", + "owner": { + "login": "Fa1c0n35", + "id": 33335488, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33335488?v=4", + "html_url": "https:\/\/github.com\/Fa1c0n35" + }, + "html_url": "https:\/\/github.com\/Fa1c0n35\/CVE-2020-1472-02-", + "description": null, + "fork": false, + "created_at": "2020-09-28T06:53:41Z", + "updated_at": "2020-09-28T06:53:54Z", + "pushed_at": "2021-03-20T05:09:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 299264416, "name": "CVE-2020-1472", @@ -45,6 +735,121 @@ "watchers": 0, "score": 0 }, + { + "id": 299708288, + "name": "Zerologon_CVE-2020-1472", + "full_name": "WiIs0n\/Zerologon_CVE-2020-1472", + "owner": { + "login": "WiIs0n", + "id": 40162782, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40162782?v=4", + "html_url": "https:\/\/github.com\/WiIs0n" + }, + "html_url": "https:\/\/github.com\/WiIs0n\/Zerologon_CVE-2020-1472", + "description": "POC for checking multiple hosts for Zerologon vulnerability", + "fork": false, + "created_at": "2020-09-29T18:45:44Z", + "updated_at": "2021-03-30T12:54:34Z", + "pushed_at": "2020-10-05T07:47:02Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 1, + "forks": 1, + "watchers": 5, + "score": 0 + }, + { + "id": 299733711, + "name": "ADZero", + "full_name": "Privia-Security\/ADZero", + "owner": { + "login": "Privia-Security", + "id": 69091374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69091374?v=4", + "html_url": "https:\/\/github.com\/Privia-Security" + }, + "html_url": "https:\/\/github.com\/Privia-Security\/ADZero", + "description": "Zerologon AutoExploit Tool | CVE-2020-1472", + "fork": false, + "created_at": "2020-09-29T20:43:06Z", + "updated_at": "2021-04-03T01:16:58Z", + "pushed_at": "2020-10-02T13:00:21Z", + "stargazers_count": 17, + "watchers_count": 17, + "forks_count": 1, + "forks": 1, + "watchers": 17, + "score": 0 + }, + { + "id": 299845895, + "name": "cve-2020-1472", + "full_name": "Ken-Abruzzi\/cve-2020-1472", + "owner": { + "login": "Ken-Abruzzi", + "id": 68931768, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68931768?v=4", + "html_url": "https:\/\/github.com\/Ken-Abruzzi" + }, + "html_url": "https:\/\/github.com\/Ken-Abruzzi\/cve-2020-1472", + "description": null, + "fork": false, + "created_at": "2020-09-30T07:45:50Z", + "updated_at": "2020-09-30T07:57:36Z", + "pushed_at": "2020-09-30T07:57:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 299977188, + "name": "Set-ZerologonMitigation", + "full_name": "rhymeswithmogul\/Set-ZerologonMitigation", + "owner": { + "login": "rhymeswithmogul", + "id": 19931245, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19931245?v=4", + "html_url": "https:\/\/github.com\/rhymeswithmogul" + }, + "html_url": "https:\/\/github.com\/rhymeswithmogul\/Set-ZerologonMitigation", + "description": "Protect your domain controllers against Zerologon (CVE-2020-1472).", + "fork": false, + "created_at": "2020-09-30T16:10:26Z", + "updated_at": "2020-10-13T15:41:20Z", + "pushed_at": "2020-09-30T16:34:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, + { + "id": 302859573, + "name": "cve-2020-1472", + "full_name": "shanfenglan\/cve-2020-1472", + "owner": { + "login": "shanfenglan", + "id": 49781523, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49781523?v=4", + "html_url": "https:\/\/github.com\/shanfenglan" + }, + "html_url": "https:\/\/github.com\/shanfenglan\/cve-2020-1472", + "description": null, + "fork": false, + "created_at": "2020-10-10T09:00:41Z", + "updated_at": "2020-10-18T05:46:12Z", + "pushed_at": "2020-10-10T09:02:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, { "id": 304362194, "name": "zerologon", @@ -68,6 +873,75 @@ "watchers": 0, "score": 0 }, + { + "id": 304764704, + "name": "CVE-2020-1472_ZeroLogonChecker", + "full_name": "CPO-EH\/CVE-2020-1472_ZeroLogonChecker", + "owner": { + "login": "CPO-EH", + "id": 56457033, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56457033?v=4", + "html_url": "https:\/\/github.com\/CPO-EH" + }, + "html_url": "https:\/\/github.com\/CPO-EH\/CVE-2020-1472_ZeroLogonChecker", + "description": "C# Vulnerability Checker for CVE-2020-1472 Aka Zerologon", + "fork": false, + "created_at": "2020-10-17T00:14:08Z", + "updated_at": "2020-10-17T11:03:34Z", + "pushed_at": "2020-10-17T10:29:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 305977168, + "name": "CVE-2020-1472", + "full_name": "puckiestyle\/CVE-2020-1472", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2020-10-21T09:42:34Z", + "updated_at": "2020-10-21T09:42:48Z", + "pushed_at": "2021-03-20T05:18:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 310337744, + "name": "CVE-2020-1472-visualizer", + "full_name": "mingchen-script\/CVE-2020-1472-visualizer", + "owner": { + "login": "mingchen-script", + "id": 68715366, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68715366?v=4", + "html_url": "https:\/\/github.com\/mingchen-script" + }, + "html_url": "https:\/\/github.com\/mingchen-script\/CVE-2020-1472-visualizer", + "description": null, + "fork": false, + "created_at": "2020-11-05T15:17:14Z", + "updated_at": "2020-11-05T15:19:05Z", + "pushed_at": "2020-11-05T15:19:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 311790363, "name": "dirkjanm_CVE-2020-1472_static_binaries", diff --git a/2020/CVE-2020-14882.json b/2020/CVE-2020-14882.json index b96202dbc9..2fd081a375 100644 --- a/2020/CVE-2020-14882.json +++ b/2020/CVE-2020-14882.json @@ -45,6 +45,29 @@ "watchers": 221, "score": 0 }, + { + "id": 308145197, + "name": "CVE-2020-14882", + "full_name": "s1kr10s\/CVE-2020-14882", + "owner": { + "login": "s1kr10s", + "id": 5374475, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5374475?v=4", + "html_url": "https:\/\/github.com\/s1kr10s" + }, + "html_url": "https:\/\/github.com\/s1kr10s\/CVE-2020-14882", + "description": "CVE-2020–14882 by Jang", + "fork": false, + "created_at": "2020-10-28T21:28:12Z", + "updated_at": "2021-03-18T23:50:58Z", + "pushed_at": "2020-10-29T03:57:09Z", + "stargazers_count": 28, + "watchers_count": 28, + "forks_count": 19, + "forks": 19, + "watchers": 28, + "score": 0 + }, { "id": 308184758, "name": "-Patched-McMaster-University-Blind-Command-Injection", @@ -68,6 +91,98 @@ "watchers": 0, "score": 0 }, + { + "id": 308238126, + "name": "CVE-2020-14882", + "full_name": "RedTeamWing\/CVE-2020-14882", + "owner": { + "login": "RedTeamWing", + "id": 25416365, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25416365?v=4", + "html_url": "https:\/\/github.com\/RedTeamWing" + }, + "html_url": "https:\/\/github.com\/RedTeamWing\/CVE-2020-14882", + "description": "CVE-2020-14882 Weblogic-Exp", + "fork": false, + "created_at": "2020-10-29T06:30:30Z", + "updated_at": "2021-03-14T05:03:17Z", + "pushed_at": "2020-10-29T06:36:01Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 8, + "forks": 8, + "watchers": 13, + "score": 0 + }, + { + "id": 308343789, + "name": "cve-2020-14882", + "full_name": "0thm4n3\/cve-2020-14882", + "owner": { + "login": "0thm4n3", + "id": 12746014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12746014?v=4", + "html_url": "https:\/\/github.com\/0thm4n3" + }, + "html_url": "https:\/\/github.com\/0thm4n3\/cve-2020-14882", + "description": "Bash script to exploit the Oracle's Weblogic Unauthenticated Remote Command Execution - CVE-2020-14882", + "fork": false, + "created_at": "2020-10-29T13:53:31Z", + "updated_at": "2021-03-18T23:46:12Z", + "pushed_at": "2020-10-31T13:03:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, + { + "id": 308374913, + "name": "cve-2020-14882", + "full_name": "wsfengfan\/cve-2020-14882", + "owner": { + "login": "wsfengfan", + "id": 33821840, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33821840?v=4", + "html_url": "https:\/\/github.com\/wsfengfan" + }, + "html_url": "https:\/\/github.com\/wsfengfan\/cve-2020-14882", + "description": "CVE-2020-14882 EXP 回显", + "fork": false, + "created_at": "2020-10-29T15:44:23Z", + "updated_at": "2020-12-06T17:09:24Z", + "pushed_at": "2020-11-09T09:55:10Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 2, + "forks": 2, + "watchers": 3, + "score": 0 + }, + { + "id": 308605927, + "name": "CVE-2020-14882", + "full_name": "alexfrancow\/CVE-2020-14882", + "owner": { + "login": "alexfrancow", + "id": 23419929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23419929?v=4", + "html_url": "https:\/\/github.com\/alexfrancow" + }, + "html_url": "https:\/\/github.com\/alexfrancow\/CVE-2020-14882", + "description": null, + "fork": false, + "created_at": "2020-10-30T11:07:11Z", + "updated_at": "2020-10-31T15:57:21Z", + "pushed_at": "2020-10-31T15:57:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, { "id": 308782228, "name": "CVE-2020-14882_POC", @@ -91,6 +206,29 @@ "watchers": 12, "score": 0 }, + { + "id": 309098912, + "name": "Weblogic_Unauthorized-bypass-RCE", + "full_name": "ludy-dev\/Weblogic_Unauthorized-bypass-RCE", + "owner": { + "login": "ludy-dev", + "id": 70466565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70466565?v=4", + "html_url": "https:\/\/github.com\/ludy-dev" + }, + "html_url": "https:\/\/github.com\/ludy-dev\/Weblogic_Unauthorized-bypass-RCE", + "description": "(CVE-2020-14882) Oracle Weblogic Unauthorized bypass RCE test script", + "fork": false, + "created_at": "2020-11-01T13:12:27Z", + "updated_at": "2021-03-18T23:50:26Z", + "pushed_at": "2020-11-01T13:56:48Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + }, { "id": 309655403, "name": "CVE-2020-14882_ALL", @@ -114,6 +252,75 @@ "watchers": 85, "score": 0 }, + { + "id": 309666360, + "name": "CVE-2020-14882-checker", + "full_name": "ovProphet\/CVE-2020-14882-checker", + "owner": { + "login": "ovProphet", + "id": 12277617, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12277617?v=4", + "html_url": "https:\/\/github.com\/ovProphet" + }, + "html_url": "https:\/\/github.com\/ovProphet\/CVE-2020-14882-checker", + "description": "CVE-2020-14882 detection script", + "fork": false, + "created_at": "2020-11-03T11:34:38Z", + "updated_at": "2021-03-18T23:48:22Z", + "pushed_at": "2020-11-03T11:34:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 309868259, + "name": "CVE-2020-14882", + "full_name": "NS-Sp4ce\/CVE-2020-14882", + "owner": { + "login": "NS-Sp4ce", + "id": 33349032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33349032?v=4", + "html_url": "https:\/\/github.com\/NS-Sp4ce" + }, + "html_url": "https:\/\/github.com\/NS-Sp4ce\/CVE-2020-14882", + "description": "CVE-2020-14882\/14883\/14750", + "fork": false, + "created_at": "2020-11-04T03:09:13Z", + "updated_at": "2021-01-19T07:12:06Z", + "pushed_at": "2020-11-04T03:15:33Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 1, + "forks": 1, + "watchers": 11, + "score": 0 + }, + { + "id": 310303375, + "name": "cve-2020-14882", + "full_name": "mmioimm\/cve-2020-14882", + "owner": { + "login": "mmioimm", + "id": 19258899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19258899?v=4", + "html_url": "https:\/\/github.com\/mmioimm" + }, + "html_url": "https:\/\/github.com\/mmioimm\/cve-2020-14882", + "description": null, + "fork": false, + "created_at": "2020-11-05T13:12:28Z", + "updated_at": "2021-01-29T03:18:00Z", + "pushed_at": "2020-11-05T13:14:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, { "id": 311265070, "name": "CVE-2020-14882", @@ -381,13 +588,13 @@ "description": null, "fork": false, "created_at": "2021-04-07T09:48:49Z", - "updated_at": "2021-04-08T18:38:38Z", + "updated_at": "2021-04-09T00:41:55Z", "pushed_at": "2021-04-08T15:17:01Z", - "stargazers_count": 7, - "watchers_count": 7, + "stargazers_count": 9, + "watchers_count": 9, "forks_count": 0, "forks": 0, - "watchers": 7, + "watchers": 9, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-14883.json b/2020/CVE-2020-14883.json index 51ed061e80..d3d65645c8 100644 --- a/2020/CVE-2020-14883.json +++ b/2020/CVE-2020-14883.json @@ -105,13 +105,13 @@ "description": "Alibaba-Nacos-Unauthorized\/ApacheDruid-RCE_CVE-2021-25646\/MS-Exchange-SSRF-CVE-2021-26885\/Oracle-WebLogic-CVE-2021-2109_RCE\/RG-CNVD-2021-14536\/RJ-SSL-VPN-UltraVires\/Redis-Unauthorized-RCE\/TDOA-V11.7-GetOnlineCookie\/VMware-vCenter-GetAnyFile\/yongyou-GRP-U8-XXE\/Oracle-WebLogic-CVE-2020-14883\/Oracle-WebLogic-CVE-2020-14882\/Apache-Solr-GetAnyFile\/F5-BIG-IP-CVE-2021-22986\/Sonicwall-SSL-VPN-RCE\/GitLab-Graphql-CNVD-2021-14193\/D-Link-DCS-CVE-2020-25078\/WLAN-AP-WEA453e-RCE\/360TianQing-Unauthorized\/360TianQing-SQLinjection\/FanWeiOA-V8-SQLinjection", "fork": false, "created_at": "2021-03-11T22:49:17Z", - "updated_at": "2021-04-08T17:57:00Z", + "updated_at": "2021-04-09T02:58:50Z", "pushed_at": "2021-04-08T13:53:46Z", - "stargazers_count": 338, - "watchers_count": 338, - "forks_count": 77, - "forks": 77, - "watchers": 338, + "stargazers_count": 346, + "watchers_count": 346, + "forks_count": 80, + "forks": 80, + "watchers": 346, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-1493.json b/2020/CVE-2020-1493.json new file mode 100644 index 0000000000..b023da0b9a --- /dev/null +++ b/2020/CVE-2020-1493.json @@ -0,0 +1,25 @@ +[ + { + "id": 290121561, + "name": "CVE-2020-1493", + "full_name": "0neb1n\/CVE-2020-1493", + "owner": { + "login": "0neb1n", + "id": 22587350, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22587350?v=4", + "html_url": "https:\/\/github.com\/0neb1n" + }, + "html_url": "https:\/\/github.com\/0neb1n\/CVE-2020-1493", + "description": null, + "fork": false, + "created_at": "2020-08-25T05:25:45Z", + "updated_at": "2021-01-24T17:07:03Z", + "pushed_at": "2020-08-25T05:46:30Z", + "stargazers_count": 27, + "watchers_count": 27, + "forks_count": 15, + "forks": 15, + "watchers": 27, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14947.json b/2020/CVE-2020-14947.json new file mode 100644 index 0000000000..8192e02937 --- /dev/null +++ b/2020/CVE-2020-14947.json @@ -0,0 +1,25 @@ +[ + { + "id": 276697965, + "name": "CVE-2020-14947", + "full_name": "mhaskar\/CVE-2020-14947", + "owner": { + "login": "mhaskar", + "id": 6861215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6861215?v=4", + "html_url": "https:\/\/github.com\/mhaskar" + }, + "html_url": "https:\/\/github.com\/mhaskar\/CVE-2020-14947", + "description": "The official exploit for OCS Inventory NG v2.7 Remote Command Execution CVE-2020-14947", + "fork": false, + "created_at": "2020-07-02T16:40:52Z", + "updated_at": "2020-10-21T22:17:41Z", + "pushed_at": "2020-07-02T16:46:10Z", + "stargazers_count": 17, + "watchers_count": 17, + "forks_count": 6, + "forks": 6, + "watchers": 17, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14955.json b/2020/CVE-2020-14955.json new file mode 100644 index 0000000000..40ad30aab9 --- /dev/null +++ b/2020/CVE-2020-14955.json @@ -0,0 +1,25 @@ +[ + { + "id": 302371253, + "name": "CVE-2020-14955", + "full_name": "intrigus-lgtm\/CVE-2020-14955", + "owner": { + "login": "intrigus-lgtm", + "id": 60750685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60750685?v=4", + "html_url": "https:\/\/github.com\/intrigus-lgtm" + }, + "html_url": "https:\/\/github.com\/intrigus-lgtm\/CVE-2020-14955", + "description": "Jiangmin", + "fork": false, + "created_at": "2020-10-08T14:41:23Z", + "updated_at": "2020-10-10T08:24:37Z", + "pushed_at": "2020-10-09T03:46:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15051.json b/2020/CVE-2020-15051.json new file mode 100644 index 0000000000..a6a75d91ce --- /dev/null +++ b/2020/CVE-2020-15051.json @@ -0,0 +1,25 @@ +[ + { + "id": 277732389, + "name": "CVE-2020-15051", + "full_name": "pratikshad19\/CVE-2020-15051", + "owner": { + "login": "pratikshad19", + "id": 67833998, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67833998?v=4", + "html_url": "https:\/\/github.com\/pratikshad19" + }, + "html_url": "https:\/\/github.com\/pratikshad19\/CVE-2020-15051", + "description": "CVE-2020-15051 : Artica Proxy before 4.30.000000 Community Edition allows Stored Cross Site Scripting.", + "fork": false, + "created_at": "2020-07-07T06:11:04Z", + "updated_at": "2020-07-20T16:22:23Z", + "pushed_at": "2020-07-20T16:22:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15052.json b/2020/CVE-2020-15052.json new file mode 100644 index 0000000000..eb905920a8 --- /dev/null +++ b/2020/CVE-2020-15052.json @@ -0,0 +1,25 @@ +[ + { + "id": 277770540, + "name": "CVE-2020-15052", + "full_name": "pratikshad19\/CVE-2020-15052", + "owner": { + "login": "pratikshad19", + "id": 67833998, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67833998?v=4", + "html_url": "https:\/\/github.com\/pratikshad19" + }, + "html_url": "https:\/\/github.com\/pratikshad19\/CVE-2020-15052", + "description": "Artica Proxy before 4.30.000000 Community Edition allows SQL Injection.", + "fork": false, + "created_at": "2020-07-07T09:13:18Z", + "updated_at": "2020-07-21T13:24:54Z", + "pushed_at": "2020-07-20T16:21:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15053.json b/2020/CVE-2020-15053.json new file mode 100644 index 0000000000..1c3cdd269f --- /dev/null +++ b/2020/CVE-2020-15053.json @@ -0,0 +1,25 @@ +[ + { + "id": 277772338, + "name": "CVE-2020-15053", + "full_name": "pratikshad19\/CVE-2020-15053", + "owner": { + "login": "pratikshad19", + "id": 67833998, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67833998?v=4", + "html_url": "https:\/\/github.com\/pratikshad19" + }, + "html_url": "https:\/\/github.com\/pratikshad19\/CVE-2020-15053", + "description": "Artica Proxy before 4.30.000000 Community Edition allows Reflected Cross Site Scripting.", + "fork": false, + "created_at": "2020-07-07T09:21:30Z", + "updated_at": "2020-07-20T16:21:09Z", + "pushed_at": "2020-07-20T16:21:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15148.json b/2020/CVE-2020-15148.json new file mode 100644 index 0000000000..4604681bf7 --- /dev/null +++ b/2020/CVE-2020-15148.json @@ -0,0 +1,48 @@ +[ + { + "id": 297223360, + "name": "CVE-2020-15148-bypasses", + "full_name": "Maskhe\/CVE-2020-15148-bypasses", + "owner": { + "login": "Maskhe", + "id": 30264078, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30264078?v=4", + "html_url": "https:\/\/github.com\/Maskhe" + }, + "html_url": "https:\/\/github.com\/Maskhe\/CVE-2020-15148-bypasses", + "description": "几条关于CVE-2020-15148(yii2反序列化)的绕过", + "fork": false, + "created_at": "2020-09-21T03:55:55Z", + "updated_at": "2021-03-11T10:41:35Z", + "pushed_at": "2020-09-21T04:04:39Z", + "stargazers_count": 67, + "watchers_count": 67, + "forks_count": 6, + "forks": 6, + "watchers": 67, + "score": 0 + }, + { + "id": 307620612, + "name": "cve-2020-15148", + "full_name": "0xkami\/cve-2020-15148", + "owner": { + "login": "0xkami", + "id": 19571618, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19571618?v=4", + "html_url": "https:\/\/github.com\/0xkami" + }, + "html_url": "https:\/\/github.com\/0xkami\/cve-2020-15148", + "description": "cve-2020-15148", + "fork": false, + "created_at": "2020-10-27T07:33:47Z", + "updated_at": "2020-12-17T09:04:51Z", + "pushed_at": "2020-10-27T07:35:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15169.json b/2020/CVE-2020-15169.json new file mode 100644 index 0000000000..8a424a5ae5 --- /dev/null +++ b/2020/CVE-2020-15169.json @@ -0,0 +1,25 @@ +[ + { + "id": 302388307, + "name": "CVE-2020-15169", + "full_name": "glasses618\/CVE-2020-15169", + "owner": { + "login": "glasses618", + "id": 10650655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10650655?v=4", + "html_url": "https:\/\/github.com\/glasses618" + }, + "html_url": "https:\/\/github.com\/glasses618\/CVE-2020-15169", + "description": null, + "fork": false, + "created_at": "2020-10-08T15:42:37Z", + "updated_at": "2020-10-08T15:43:15Z", + "pushed_at": "2020-10-08T15:43:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15227.json b/2020/CVE-2020-15227.json index d39fef968a..0a5b6871c4 100644 --- a/2020/CVE-2020-15227.json +++ b/2020/CVE-2020-15227.json @@ -1,4 +1,50 @@ [ + { + "id": 302645381, + "name": "CVE-2020-15227", + "full_name": "Langriklol\/CVE-2020-15227", + "owner": { + "login": "Langriklol", + "id": 20239181, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20239181?v=4", + "html_url": "https:\/\/github.com\/Langriklol" + }, + "html_url": "https:\/\/github.com\/Langriklol\/CVE-2020-15227", + "description": "CVE-2020-15227 exploit", + "fork": false, + "created_at": "2020-10-09T13:13:14Z", + "updated_at": "2020-11-08T21:38:22Z", + "pushed_at": "2020-11-05T21:29:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 302798857, + "name": "CVE-2020-15227", + "full_name": "hu4wufu\/CVE-2020-15227", + "owner": { + "login": "hu4wufu", + "id": 22029831, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22029831?v=4", + "html_url": "https:\/\/github.com\/hu4wufu" + }, + "html_url": "https:\/\/github.com\/hu4wufu\/CVE-2020-15227", + "description": "CVE-2020-15227 exploit", + "fork": false, + "created_at": "2020-10-10T02:38:15Z", + "updated_at": "2020-11-24T04:00:06Z", + "pushed_at": "2020-10-09T16:39:54Z", + "stargazers_count": 16, + "watchers_count": 16, + "forks_count": 4, + "forks": 4, + "watchers": 16, + "score": 0 + }, { "id": 313061696, "name": "CVE-2020-15227", diff --git a/2020/CVE-2020-15399.json b/2020/CVE-2020-15399.json new file mode 100644 index 0000000000..fc4576aebf --- /dev/null +++ b/2020/CVE-2020-15399.json @@ -0,0 +1,25 @@ +[ + { + "id": 284479027, + "name": "CVE-2020-15399", + "full_name": "mkelepce\/CVE-2020-15399", + "owner": { + "login": "mkelepce", + "id": 10780392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10780392?v=4", + "html_url": "https:\/\/github.com\/mkelepce" + }, + "html_url": "https:\/\/github.com\/mkelepce\/CVE-2020-15399", + "description": " Joomla! J2 JOBS 1.3.0 - 'sortby' Authenticated SQL Injection", + "fork": false, + "created_at": "2020-08-02T14:35:26Z", + "updated_at": "2020-08-02T14:38:26Z", + "pushed_at": "2020-08-02T14:38:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15492.json b/2020/CVE-2020-15492.json new file mode 100644 index 0000000000..412bdaae08 --- /dev/null +++ b/2020/CVE-2020-15492.json @@ -0,0 +1,25 @@ +[ + { + "id": 298218272, + "name": "CVE-2020-15492", + "full_name": "patrickhener\/CVE-2020-15492", + "owner": { + "login": "patrickhener", + "id": 7579055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7579055?v=4", + "html_url": "https:\/\/github.com\/patrickhener" + }, + "html_url": "https:\/\/github.com\/patrickhener\/CVE-2020-15492", + "description": "This repository holds the advisory, exploits and vulnerable software of the CVE-2020-15492", + "fork": false, + "created_at": "2020-09-24T08:36:40Z", + "updated_at": "2020-09-29T13:45:47Z", + "pushed_at": "2020-09-29T13:45:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15873.json b/2020/CVE-2020-15873.json new file mode 100644 index 0000000000..393400b491 --- /dev/null +++ b/2020/CVE-2020-15873.json @@ -0,0 +1,25 @@ +[ + { + "id": 295692158, + "name": "cs4239-cve-2020-15873", + "full_name": "limerencee\/cs4239-cve-2020-15873", + "owner": { + "login": "limerencee", + "id": 25873970, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25873970?v=4", + "html_url": "https:\/\/github.com\/limerencee" + }, + "html_url": "https:\/\/github.com\/limerencee\/cs4239-cve-2020-15873", + "description": "Proof of Concept of CVE-2020-15873 - Blind SQL Injection in Librenms < v1.65.1", + "fork": false, + "created_at": "2020-09-15T10:26:26Z", + "updated_at": "2020-10-05T04:34:32Z", + "pushed_at": "2020-09-21T12:14:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15906.json b/2020/CVE-2020-15906.json new file mode 100644 index 0000000000..3e7f5aa2bb --- /dev/null +++ b/2020/CVE-2020-15906.json @@ -0,0 +1,25 @@ +[ + { + "id": 281907147, + "name": "CVE-2020-15906", + "full_name": "S1lkys\/CVE-2020-15906", + "owner": { + "login": "S1lkys", + "id": 40408435, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40408435?v=4", + "html_url": "https:\/\/github.com\/S1lkys" + }, + "html_url": "https:\/\/github.com\/S1lkys\/CVE-2020-15906", + "description": "Writeup of CVE-2020-15906", + "fork": false, + "created_at": "2020-07-23T09:20:53Z", + "updated_at": "2021-03-22T04:03:34Z", + "pushed_at": "2020-10-26T22:01:33Z", + "stargazers_count": 40, + "watchers_count": 40, + "forks_count": 4, + "forks": 4, + "watchers": 40, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15956.json b/2020/CVE-2020-15956.json new file mode 100644 index 0000000000..7da06d0784 --- /dev/null +++ b/2020/CVE-2020-15956.json @@ -0,0 +1,25 @@ +[ + { + "id": 284867344, + "name": "cve-2020-15956", + "full_name": "megamagnus\/cve-2020-15956", + "owner": { + "login": "megamagnus", + "id": 68912653, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68912653?v=4", + "html_url": "https:\/\/github.com\/megamagnus" + }, + "html_url": "https:\/\/github.com\/megamagnus\/cve-2020-15956", + "description": "ActiveMediaServer.exe in ACTi NVR3 Standard Server 3.0.12.42 allows remote unauthenticated attackers to trigger a buffer overflow and application termination via a malformed payload.", + "fork": false, + "created_at": "2020-08-04T03:27:24Z", + "updated_at": "2020-08-07T04:39:24Z", + "pushed_at": "2020-08-04T15:50:13Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 0, + "forks": 0, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-16152.json b/2020/CVE-2020-16152.json new file mode 100644 index 0000000000..ace4fc61cc --- /dev/null +++ b/2020/CVE-2020-16152.json @@ -0,0 +1,25 @@ +[ + { + "id": 291464552, + "name": "CVE-2020-16152", + "full_name": "eriknl\/CVE-2020-16152", + "owner": { + "login": "eriknl", + "id": 7977955, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7977955?v=4", + "html_url": "https:\/\/github.com\/eriknl" + }, + "html_url": "https:\/\/github.com\/eriknl\/CVE-2020-16152", + "description": "Explanation and PoC for CVE-2020-16152", + "fork": false, + "created_at": "2020-08-30T12:18:12Z", + "updated_at": "2020-12-30T11:03:03Z", + "pushed_at": "2020-09-01T05:22:23Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 6, + "forks": 6, + "watchers": 7, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-16270.json b/2020/CVE-2020-16270.json new file mode 100644 index 0000000000..481f3b25f2 --- /dev/null +++ b/2020/CVE-2020-16270.json @@ -0,0 +1,25 @@ +[ + { + "id": 304345770, + "name": "CVE-2020-16270", + "full_name": "Security-AVS\/CVE-2020-16270", + "owner": { + "login": "Security-AVS", + "id": 72926885, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72926885?v=4", + "html_url": "https:\/\/github.com\/Security-AVS" + }, + "html_url": "https:\/\/github.com\/Security-AVS\/CVE-2020-16270", + "description": null, + "fork": false, + "created_at": "2020-10-15T14:06:28Z", + "updated_at": "2020-10-15T15:07:15Z", + "pushed_at": "2020-10-15T15:07:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-16898.json b/2020/CVE-2020-16898.json new file mode 100644 index 0000000000..3911b75cc7 --- /dev/null +++ b/2020/CVE-2020-16898.json @@ -0,0 +1,324 @@ +[ + { + "id": 302145941, + "name": "CVE-2020-16898", + "full_name": "advanced-threat-research\/CVE-2020-16898", + "owner": { + "login": "advanced-threat-research", + "id": 27901279, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27901279?v=4", + "html_url": "https:\/\/github.com\/advanced-threat-research" + }, + "html_url": "https:\/\/github.com\/advanced-threat-research\/CVE-2020-16898", + "description": "CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP\/IP Vulnerability Detection Logic and Rule", + "fork": false, + "created_at": "2020-10-07T19:56:09Z", + "updated_at": "2021-01-27T09:05:22Z", + "pushed_at": "2020-10-26T10:15:32Z", + "stargazers_count": 207, + "watchers_count": 207, + "forks_count": 31, + "forks": 31, + "watchers": 207, + "score": 0 + }, + { + "id": 303891965, + "name": "CVE-2020-16898", + "full_name": "corelight\/CVE-2020-16898", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight" + }, + "html_url": "https:\/\/github.com\/corelight\/CVE-2020-16898", + "description": "A network detection package for CVE-2020-16898 (Windows TCP\/IP Remote Code Execution Vulnerability)", + "fork": false, + "created_at": "2020-10-14T03:25:00Z", + "updated_at": "2021-02-24T17:35:51Z", + "pushed_at": "2020-10-22T15:22:55Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 1, + "forks": 1, + "watchers": 8, + "score": 0 + }, + { + "id": 304024639, + "name": "CVE-2020-16898_Check", + "full_name": "Maliek\/CVE-2020-16898_Check", + "owner": { + "login": "Maliek", + "id": 8858341, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8858341?v=4", + "html_url": "https:\/\/github.com\/Maliek" + }, + "html_url": "https:\/\/github.com\/Maliek\/CVE-2020-16898_Check", + "description": "Minor powershell script that checks for vulnerable interfaces.", + "fork": false, + "created_at": "2020-10-14T13:30:38Z", + "updated_at": "2020-10-16T09:20:02Z", + "pushed_at": "2020-10-16T09:20:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 3, + "forks": 3, + "watchers": 2, + "score": 0 + }, + { + "id": 304044860, + "name": "CVE-2020-16898", + "full_name": "ZephrFish\/CVE-2020-16898", + "owner": { + "login": "ZephrFish", + "id": 5783068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5783068?v=4", + "html_url": "https:\/\/github.com\/ZephrFish" + }, + "html_url": "https:\/\/github.com\/ZephrFish\/CVE-2020-16898", + "description": "HoneyPoC 2.0: Proof-of-Concept (PoC) script to exploit IPv6 (CVE-2020-16898).", + "fork": false, + "created_at": "2020-10-14T14:42:52Z", + "updated_at": "2021-03-19T01:24:50Z", + "pushed_at": "2020-10-14T16:56:04Z", + "stargazers_count": 18, + "watchers_count": 18, + "forks_count": 6, + "forks": 6, + "watchers": 18, + "score": 0 + }, + { + "id": 304075693, + "name": "cve-2020-16898", + "full_name": "esnet-security\/cve-2020-16898", + "owner": { + "login": "esnet-security", + "id": 46755983, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46755983?v=4", + "html_url": "https:\/\/github.com\/esnet-security" + }, + "html_url": "https:\/\/github.com\/esnet-security\/cve-2020-16898", + "description": "Detects CVE-2020-16898: \"Bad Neighbor\"", + "fork": false, + "created_at": "2020-10-14T16:38:06Z", + "updated_at": "2020-10-15T15:39:52Z", + "pushed_at": "2020-10-15T23:00:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 304139222, + "name": "CVE-2020-16898-Bad-Neighbor", + "full_name": "initconf\/CVE-2020-16898-Bad-Neighbor", + "owner": { + "login": "initconf", + "id": 4044729, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4044729?v=4", + "html_url": "https:\/\/github.com\/initconf" + }, + "html_url": "https:\/\/github.com\/initconf\/CVE-2020-16898-Bad-Neighbor", + "description": "Zeek detection for CVE-2020-16898-\"Bad Neighbor\"", + "fork": false, + "created_at": "2020-10-14T21:25:09Z", + "updated_at": "2020-10-22T21:12:06Z", + "pushed_at": "2020-10-22T21:12:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 304538917, + "name": "CVE-2020-16898", + "full_name": "Q1984\/CVE-2020-16898", + "owner": { + "login": "Q1984", + "id": 50952023, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50952023?v=4", + "html_url": "https:\/\/github.com\/Q1984" + }, + "html_url": "https:\/\/github.com\/Q1984\/CVE-2020-16898", + "description": "PoC Bad Neighbor BSOD exploit", + "fork": false, + "created_at": "2020-10-16T06:27:24Z", + "updated_at": "2020-10-16T11:17:23Z", + "pushed_at": "2020-10-16T11:17:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 304755825, + "name": "cve-2020-16898", + "full_name": "0xeb-bp\/cve-2020-16898", + "owner": { + "login": "0xeb-bp", + "id": 53204152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53204152?v=4", + "html_url": "https:\/\/github.com\/0xeb-bp" + }, + "html_url": "https:\/\/github.com\/0xeb-bp\/cve-2020-16898", + "description": "PoC BSOD for CVE-2020-16898 (badneighbor)", + "fork": false, + "created_at": "2020-10-16T23:03:15Z", + "updated_at": "2021-01-13T11:23:25Z", + "pushed_at": "2020-10-16T23:12:52Z", + "stargazers_count": 19, + "watchers_count": 19, + "forks_count": 4, + "forks": 4, + "watchers": 19, + "score": 0 + }, + { + "id": 304797048, + "name": "cve-2020-16898", + "full_name": "jiansiting\/cve-2020-16898", + "owner": { + "login": "jiansiting", + "id": 28823754, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28823754?v=4", + "html_url": "https:\/\/github.com\/jiansiting" + }, + "html_url": "https:\/\/github.com\/jiansiting\/cve-2020-16898", + "description": "PoC BSOD for CVE-2020-16898", + "fork": false, + "created_at": "2020-10-17T04:32:11Z", + "updated_at": "2020-10-28T03:38:27Z", + "pushed_at": "2020-10-17T04:32:19Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 3, + "forks": 3, + "watchers": 6, + "score": 0 + }, + { + "id": 304819444, + "name": "CVE-2020-16898_Workaround", + "full_name": "CPO-EH\/CVE-2020-16898_Workaround", + "owner": { + "login": "CPO-EH", + "id": 56457033, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56457033?v=4", + "html_url": "https:\/\/github.com\/CPO-EH" + }, + "html_url": "https:\/\/github.com\/CPO-EH\/CVE-2020-16898_Workaround", + "description": "PowerShell Script Workaround for VCE-220-16898 Vulnerability", + "fork": false, + "created_at": "2020-10-17T07:09:58Z", + "updated_at": "2020-10-21T16:45:04Z", + "pushed_at": "2020-10-21T16:45:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 304851828, + "name": "CVE-2020-16898_Checker", + "full_name": "CPO-EH\/CVE-2020-16898_Checker", + "owner": { + "login": "CPO-EH", + "id": 56457033, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56457033?v=4", + "html_url": "https:\/\/github.com\/CPO-EH" + }, + "html_url": "https:\/\/github.com\/CPO-EH\/CVE-2020-16898_Checker", + "description": "Check all Network Interfaces for CVE-2020-16898 Vulnerability", + "fork": false, + "created_at": "2020-10-17T10:23:56Z", + "updated_at": "2020-10-21T17:45:24Z", + "pushed_at": "2020-10-21T17:45:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 304888543, + "name": "CVE-2020-16898-exp", + "full_name": "momika233\/CVE-2020-16898-exp", + "owner": { + "login": "momika233", + "id": 56291820, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56291820?v=4", + "html_url": "https:\/\/github.com\/momika233" + }, + "html_url": "https:\/\/github.com\/momika233\/CVE-2020-16898-exp", + "description": null, + "fork": false, + "created_at": "2020-10-17T13:52:08Z", + "updated_at": "2021-01-06T08:49:01Z", + "pushed_at": "2020-10-17T13:52:38Z", + "stargazers_count": 15, + "watchers_count": 15, + "forks_count": 8, + "forks": 8, + "watchers": 15, + "score": 0 + }, + { + "id": 305598825, + "name": "CVE-2020-16898-EXP-POC", + "full_name": "komomon\/CVE-2020-16898-EXP-POC", + "owner": { + "login": "komomon", + "id": 52700174, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52700174?v=4", + "html_url": "https:\/\/github.com\/komomon" + }, + "html_url": "https:\/\/github.com\/komomon\/CVE-2020-16898-EXP-POC", + "description": "CVE-2020-16898 Windows TCP\/IP远程代码执行漏洞 EXP&POC", + "fork": false, + "created_at": "2020-10-20T05:24:47Z", + "updated_at": "2021-01-29T10:23:15Z", + "pushed_at": "2020-10-28T11:21:00Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 0, + "forks": 0, + "watchers": 4, + "score": 0 + }, + { + "id": 307994197, + "name": "CVE-2020-16898--EXP-POC", + "full_name": "komomon\/CVE-2020-16898--EXP-POC", + "owner": { + "login": "komomon", + "id": 52700174, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52700174?v=4", + "html_url": "https:\/\/github.com\/komomon" + }, + "html_url": "https:\/\/github.com\/komomon\/CVE-2020-16898--EXP-POC", + "description": "CVE-2020-16898 Windows TCP\/IP远程代码执行漏洞 EXP&POC", + "fork": false, + "created_at": "2020-10-28T11:25:58Z", + "updated_at": "2021-03-22T03:25:52Z", + "pushed_at": "2020-10-28T11:27:17Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 6, + "forks": 6, + "watchers": 7, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-16899.json b/2020/CVE-2020-16899.json new file mode 100644 index 0000000000..224c740e31 --- /dev/null +++ b/2020/CVE-2020-16899.json @@ -0,0 +1,48 @@ +[ + { + "id": 303511670, + "name": "CVE-2020-16899", + "full_name": "advanced-threat-research\/CVE-2020-16899", + "owner": { + "login": "advanced-threat-research", + "id": 27901279, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27901279?v=4", + "html_url": "https:\/\/github.com\/advanced-threat-research" + }, + "html_url": "https:\/\/github.com\/advanced-threat-research\/CVE-2020-16899", + "description": "CVE-2020-16899 - Microsoft Windows TCP\/IP Vulnerability Detection Logic and Rule", + "fork": false, + "created_at": "2020-10-12T20:59:03Z", + "updated_at": "2020-11-19T21:34:47Z", + "pushed_at": "2020-10-19T13:58:46Z", + "stargazers_count": 16, + "watchers_count": 16, + "forks_count": 6, + "forks": 6, + "watchers": 16, + "score": 0 + }, + { + "id": 304597619, + "name": "CVE-2020-16899", + "full_name": "bkerler\/CVE-2020-16899", + "owner": { + "login": "bkerler", + "id": 6317772, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6317772?v=4", + "html_url": "https:\/\/github.com\/bkerler" + }, + "html_url": "https:\/\/github.com\/bkerler\/CVE-2020-16899", + "description": "Windows RDNSS RCE", + "fork": false, + "created_at": "2020-10-16T10:44:22Z", + "updated_at": "2020-10-16T18:38:19Z", + "pushed_at": "2020-10-16T00:15:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-16938.json b/2020/CVE-2020-16938.json new file mode 100644 index 0000000000..0b1fdd0f72 --- /dev/null +++ b/2020/CVE-2020-16938.json @@ -0,0 +1,25 @@ +[ + { + "id": 306071294, + "name": "CVE-2020-16938", + "full_name": "ioncodes\/CVE-2020-16938", + "owner": { + "login": "ioncodes", + "id": 18533297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18533297?v=4", + "html_url": "https:\/\/github.com\/ioncodes" + }, + "html_url": "https:\/\/github.com\/ioncodes\/CVE-2020-16938", + "description": "Bypassing NTFS permissions to read any files as unprivileged user.", + "fork": false, + "created_at": "2020-10-21T15:38:22Z", + "updated_at": "2021-04-02T06:26:06Z", + "pushed_at": "2020-10-21T15:39:00Z", + "stargazers_count": 169, + "watchers_count": 169, + "forks_count": 37, + "forks": 37, + "watchers": 169, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-16939.json b/2020/CVE-2020-16939.json new file mode 100644 index 0000000000..4731a55dbf --- /dev/null +++ b/2020/CVE-2020-16939.json @@ -0,0 +1,25 @@ +[ + { + "id": 303857222, + "name": "CVE-2020-16939", + "full_name": "rogue-kdc\/CVE-2020-16939", + "owner": { + "login": "rogue-kdc", + "id": 49311295, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49311295?v=4", + "html_url": "https:\/\/github.com\/rogue-kdc" + }, + "html_url": "https:\/\/github.com\/rogue-kdc\/CVE-2020-16939", + "description": "PoC code for CVE-2020-16939 Windows Group Policy DACL Overwrite Privilege Escalation", + "fork": false, + "created_at": "2020-10-14T00:03:49Z", + "updated_at": "2021-01-29T03:13:14Z", + "pushed_at": "2020-10-27T16:42:14Z", + "stargazers_count": 12, + "watchers_count": 12, + "forks_count": 7, + "forks": 7, + "watchers": 12, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-16947.json b/2020/CVE-2020-16947.json index 75e42bd716..7b9deda48c 100644 --- a/2020/CVE-2020-16947.json +++ b/2020/CVE-2020-16947.json @@ -1,4 +1,27 @@ [ + { + "id": 304353448, + "name": "CVE-2020-16947", + "full_name": "0neb1n\/CVE-2020-16947", + "owner": { + "login": "0neb1n", + "id": 22587350, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22587350?v=4", + "html_url": "https:\/\/github.com\/0neb1n" + }, + "html_url": "https:\/\/github.com\/0neb1n\/CVE-2020-16947", + "description": "PoC of CVE-2020-16947 (Microsoft Outlook RCE vulnerablility)", + "fork": false, + "created_at": "2020-10-15T14:32:25Z", + "updated_at": "2021-02-07T14:56:21Z", + "pushed_at": "2020-10-20T20:09:58Z", + "stargazers_count": 119, + "watchers_count": 119, + "forks_count": 34, + "forks": 34, + "watchers": 119, + "score": 0 + }, { "id": 314771487, "name": "CVE-2020-16947", diff --git a/2020/CVE-2020-17382.json b/2020/CVE-2020-17382.json new file mode 100644 index 0000000000..13205eb4c2 --- /dev/null +++ b/2020/CVE-2020-17382.json @@ -0,0 +1,25 @@ +[ + { + "id": 296409739, + "name": "CVE-2020-17382", + "full_name": "uf0o\/CVE-2020-17382", + "owner": { + "login": "uf0o", + "id": 24236867, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24236867?v=4", + "html_url": "https:\/\/github.com\/uf0o" + }, + "html_url": "https:\/\/github.com\/uf0o\/CVE-2020-17382", + "description": "PoC exploits for CVE-2020-17382", + "fork": false, + "created_at": "2020-09-17T18:26:32Z", + "updated_at": "2021-03-07T01:19:33Z", + "pushed_at": "2020-10-02T18:45:43Z", + "stargazers_count": 106, + "watchers_count": 106, + "forks_count": 24, + "forks": 24, + "watchers": 106, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-17496.json b/2020/CVE-2020-17496.json new file mode 100644 index 0000000000..3ea717ca7d --- /dev/null +++ b/2020/CVE-2020-17496.json @@ -0,0 +1,48 @@ +[ + { + "id": 288998463, + "name": "CVE-2020-17496", + "full_name": "ctlyz123\/CVE-2020-17496", + "owner": { + "login": "ctlyz123", + "id": 50359597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50359597?v=4", + "html_url": "https:\/\/github.com\/ctlyz123" + }, + "html_url": "https:\/\/github.com\/ctlyz123\/CVE-2020-17496", + "description": null, + "fork": false, + "created_at": "2020-08-20T12:20:03Z", + "updated_at": "2020-09-07T14:06:34Z", + "pushed_at": "2020-08-20T12:24:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 3, + "forks": 3, + "watchers": 1, + "score": 0 + }, + { + "id": 292596829, + "name": "vBulletin_5.x-tab_panel-RCE", + "full_name": "ludy-dev\/vBulletin_5.x-tab_panel-RCE", + "owner": { + "login": "ludy-dev", + "id": 70466565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70466565?v=4", + "html_url": "https:\/\/github.com\/ludy-dev" + }, + "html_url": "https:\/\/github.com\/ludy-dev\/vBulletin_5.x-tab_panel-RCE", + "description": "(CVE-2020-17496) vBulletin 5.x Widget_tabbedcontainer_tab_panel RCE Vuln Test script", + "fork": false, + "created_at": "2020-09-03T14:41:29Z", + "updated_at": "2020-11-07T13:03:43Z", + "pushed_at": "2020-11-07T13:03:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 3, + "forks": 3, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1764.json b/2020/CVE-2020-1764.json new file mode 100644 index 0000000000..1a340e05d9 --- /dev/null +++ b/2020/CVE-2020-1764.json @@ -0,0 +1,25 @@ +[ + { + "id": 277557089, + "name": "cve-2020-1764-poc", + "full_name": "jpts\/cve-2020-1764-poc", + "owner": { + "login": "jpts", + "id": 5352661, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5352661?v=4", + "html_url": "https:\/\/github.com\/jpts" + }, + "html_url": "https:\/\/github.com\/jpts\/cve-2020-1764-poc", + "description": "Auth Bypass PoC for Kiali", + "fork": false, + "created_at": "2020-07-06T13:59:52Z", + "updated_at": "2020-09-21T13:51:22Z", + "pushed_at": "2020-07-06T14:02:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1938.json b/2020/CVE-2020-1938.json index 5682670742..91c2b44ea9 100644 --- a/2020/CVE-2020-1938.json +++ b/2020/CVE-2020-1938.json @@ -482,6 +482,29 @@ "watchers": 1, "score": 0 }, + { + "id": 280544880, + "name": "ghostcatch", + "full_name": "MateoSec\/ghostcatch", + "owner": { + "login": "MateoSec", + "id": 68019458, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68019458?v=4", + "html_url": "https:\/\/github.com\/MateoSec" + }, + "html_url": "https:\/\/github.com\/MateoSec\/ghostcatch", + "description": "Disables AJP connectors to remediate CVE-2020-1938!", + "fork": false, + "created_at": "2020-07-17T23:34:47Z", + "updated_at": "2020-07-18T00:06:32Z", + "pushed_at": "2020-07-18T00:06:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 312827286, "name": "cve-2020-1938", diff --git a/2020/CVE-2020-1948.json b/2020/CVE-2020-1948.json index 7174c76bff..9b44586b14 100644 --- a/2020/CVE-2020-1948.json +++ b/2020/CVE-2020-1948.json @@ -22,6 +22,52 @@ "watchers": 11, "score": 0 }, + { + "id": 277021315, + "name": "Dubbo-CVE-2020-1948", + "full_name": "txrw\/Dubbo-CVE-2020-1948", + "owner": { + "login": "txrw", + "id": 32354358, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32354358?v=4", + "html_url": "https:\/\/github.com\/txrw" + }, + "html_url": "https:\/\/github.com\/txrw\/Dubbo-CVE-2020-1948", + "description": "Apache Dubbo CVE-2020-1948 漏洞测试环境,亲测可用。", + "fork": false, + "created_at": "2020-07-04T02:06:28Z", + "updated_at": "2021-01-10T06:10:22Z", + "pushed_at": "2020-07-03T02:46:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, + { + "id": 278242568, + "name": "cve-2020-1948-poc", + "full_name": "M3g4Byt3\/cve-2020-1948-poc", + "owner": { + "login": "M3g4Byt3", + "id": 25048908, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25048908?v=4", + "html_url": "https:\/\/github.com\/M3g4Byt3" + }, + "html_url": "https:\/\/github.com\/M3g4Byt3\/cve-2020-1948-poc", + "description": null, + "fork": false, + "created_at": "2020-07-09T02:27:54Z", + "updated_at": "2020-09-02T09:32:18Z", + "pushed_at": "2020-07-02T10:03:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + }, { "id": 279463521, "name": "Dubbo-deserialization", diff --git a/2020/CVE-2020-2034.json b/2020/CVE-2020-2034.json new file mode 100644 index 0000000000..243d8ee5fa --- /dev/null +++ b/2020/CVE-2020-2034.json @@ -0,0 +1,25 @@ +[ + { + "id": 286057021, + "name": "CVE-2020-2034-POC", + "full_name": "blackhatethicalhacking\/CVE-2020-2034-POC", + "owner": { + "login": "blackhatethicalhacking", + "id": 13942386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13942386?v=4", + "html_url": "https:\/\/github.com\/blackhatethicalhacking" + }, + "html_url": "https:\/\/github.com\/blackhatethicalhacking\/CVE-2020-2034-POC", + "description": "Determine the Version Running on the Palo Alto Network Firewall for the Global Protect Portal", + "fork": false, + "created_at": "2020-08-08T14:19:44Z", + "updated_at": "2021-01-03T06:31:44Z", + "pushed_at": "2020-08-14T09:24:34Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 5, + "forks": 5, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24028.json b/2020/CVE-2020-24028.json new file mode 100644 index 0000000000..9498fef381 --- /dev/null +++ b/2020/CVE-2020-24028.json @@ -0,0 +1,25 @@ +[ + { + "id": 291787379, + "name": "CVE-2020-24028", + "full_name": "underprotection\/CVE-2020-24028", + "owner": { + "login": "underprotection", + "id": 60452208, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60452208?v=4", + "html_url": "https:\/\/github.com\/underprotection" + }, + "html_url": "https:\/\/github.com\/underprotection\/CVE-2020-24028", + "description": null, + "fork": false, + "created_at": "2020-08-31T18:00:21Z", + "updated_at": "2020-08-31T18:24:01Z", + "pushed_at": "2020-08-31T18:23:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24029.json b/2020/CVE-2020-24029.json new file mode 100644 index 0000000000..24eda01f2e --- /dev/null +++ b/2020/CVE-2020-24029.json @@ -0,0 +1,25 @@ +[ + { + "id": 291793224, + "name": "CVE-2020-24029", + "full_name": "underprotection\/CVE-2020-24029", + "owner": { + "login": "underprotection", + "id": 60452208, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60452208?v=4", + "html_url": "https:\/\/github.com\/underprotection" + }, + "html_url": "https:\/\/github.com\/underprotection\/CVE-2020-24029", + "description": null, + "fork": false, + "created_at": "2020-08-31T18:26:05Z", + "updated_at": "2020-08-31T18:46:30Z", + "pushed_at": "2020-08-31T18:46:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24030.json b/2020/CVE-2020-24030.json new file mode 100644 index 0000000000..1946371ea7 --- /dev/null +++ b/2020/CVE-2020-24030.json @@ -0,0 +1,25 @@ +[ + { + "id": 291795866, + "name": "CVE-2020-24030", + "full_name": "underprotection\/CVE-2020-24030", + "owner": { + "login": "underprotection", + "id": 60452208, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60452208?v=4", + "html_url": "https:\/\/github.com\/underprotection" + }, + "html_url": "https:\/\/github.com\/underprotection\/CVE-2020-24030", + "description": null, + "fork": false, + "created_at": "2020-08-31T18:38:58Z", + "updated_at": "2020-08-31T18:46:09Z", + "pushed_at": "2020-08-31T18:46:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24616.json b/2020/CVE-2020-24616.json new file mode 100644 index 0000000000..4818c21f8f --- /dev/null +++ b/2020/CVE-2020-24616.json @@ -0,0 +1,25 @@ +[ + { + "id": 292535943, + "name": "cve-2020-24616-poc", + "full_name": "0xkami\/cve-2020-24616-poc", + "owner": { + "login": "0xkami", + "id": 19571618, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19571618?v=4", + "html_url": "https:\/\/github.com\/0xkami" + }, + "html_url": "https:\/\/github.com\/0xkami\/cve-2020-24616-poc", + "description": "cve-2020-24616 poc", + "fork": false, + "created_at": "2020-09-03T10:18:39Z", + "updated_at": "2020-09-13T13:31:03Z", + "pushed_at": "2020-09-07T06:22:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 3, + "forks": 3, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24765.json b/2020/CVE-2020-24765.json new file mode 100644 index 0000000000..7e736d644e --- /dev/null +++ b/2020/CVE-2020-24765.json @@ -0,0 +1,25 @@ +[ + { + "id": 277878269, + "name": "CVE-2020-24765", + "full_name": "trump88\/CVE-2020-24765", + "owner": { + "login": "trump88", + "id": 67972622, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67972622?v=4", + "html_url": "https:\/\/github.com\/trump88" + }, + "html_url": "https:\/\/github.com\/trump88\/CVE-2020-24765", + "description": null, + "fork": false, + "created_at": "2020-07-07T17:15:57Z", + "updated_at": "2020-10-08T13:03:10Z", + "pushed_at": "2020-10-08T13:03:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24955.json b/2020/CVE-2020-24955.json new file mode 100644 index 0000000000..f235c43437 --- /dev/null +++ b/2020/CVE-2020-24955.json @@ -0,0 +1,25 @@ +[ + { + "id": 292162147, + "name": "CVE-2020-24955", + "full_name": "b1nary0x1\/CVE-2020-24955", + "owner": { + "login": "b1nary0x1", + "id": 68638314, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68638314?v=4", + "html_url": "https:\/\/github.com\/b1nary0x1" + }, + "html_url": "https:\/\/github.com\/b1nary0x1\/CVE-2020-24955", + "description": "SUPERAntiSyware Professional X Trial <= 10.0.1206 Local Privilege Escalation", + "fork": false, + "created_at": "2020-09-02T02:48:36Z", + "updated_at": "2020-09-02T03:01:10Z", + "pushed_at": "2020-09-02T03:00:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25068.json b/2020/CVE-2020-25068.json new file mode 100644 index 0000000000..ba8829cc7d --- /dev/null +++ b/2020/CVE-2020-25068.json @@ -0,0 +1,25 @@ +[ + { + "id": 292313004, + "name": "CVE-2020-25068", + "full_name": "bryanroma\/CVE-2020-25068", + "owner": { + "login": "bryanroma", + "id": 16670696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16670696?v=4", + "html_url": "https:\/\/github.com\/bryanroma" + }, + "html_url": "https:\/\/github.com\/bryanroma\/CVE-2020-25068", + "description": "Python script to exploit CVE-2020-25068. ", + "fork": false, + "created_at": "2020-09-02T14:53:57Z", + "updated_at": "2020-09-10T06:05:05Z", + "pushed_at": "2020-09-03T13:28:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25200.json b/2020/CVE-2020-25200.json new file mode 100644 index 0000000000..0154a776ef --- /dev/null +++ b/2020/CVE-2020-25200.json @@ -0,0 +1,25 @@ +[ + { + "id": 293369835, + "name": "pritunl-CVE-2020-25200", + "full_name": "lukaszstu\/pritunl-CVE-2020-25200", + "owner": { + "login": "lukaszstu", + "id": 70864053, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70864053?v=4", + "html_url": "https:\/\/github.com\/lukaszstu" + }, + "html_url": "https:\/\/github.com\/lukaszstu\/pritunl-CVE-2020-25200", + "description": "pritunl-CVE-2020-25200", + "fork": false, + "created_at": "2020-09-06T22:11:24Z", + "updated_at": "2021-03-03T17:07:50Z", + "pushed_at": "2020-09-08T05:48:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25213.json b/2020/CVE-2020-25213.json index 78b55ab105..689b86d907 100644 --- a/2020/CVE-2020-25213.json +++ b/2020/CVE-2020-25213.json @@ -1,4 +1,27 @@ [ + { + "id": 302958732, + "name": "wp-file-manager-CVE-2020-25213", + "full_name": "mansoorr123\/wp-file-manager-CVE-2020-25213", + "owner": { + "login": "mansoorr123", + "id": 54185552, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54185552?v=4", + "html_url": "https:\/\/github.com\/mansoorr123" + }, + "html_url": "https:\/\/github.com\/mansoorr123\/wp-file-manager-CVE-2020-25213", + "description": "https:\/\/medium.com\/@mansoorr\/exploiting-cve-2020-25213-wp-file-manager-wordpress-plugin-6-9-3f79241f0cd8", + "fork": false, + "created_at": "2020-10-10T17:50:01Z", + "updated_at": "2021-04-07T04:47:04Z", + "pushed_at": "2020-10-12T09:57:28Z", + "stargazers_count": 34, + "watchers_count": 34, + "forks_count": 13, + "forks": 13, + "watchers": 34, + "score": 0 + }, { "id": 312602621, "name": "WPKiller", diff --git a/2020/CVE-2020-25270.json b/2020/CVE-2020-25270.json new file mode 100644 index 0000000000..d770009fea --- /dev/null +++ b/2020/CVE-2020-25270.json @@ -0,0 +1,25 @@ +[ + { + "id": 297838971, + "name": "CVE-2020-25270", + "full_name": "Ko-kn3t\/CVE-2020-25270", + "owner": { + "login": "Ko-kn3t", + "id": 57166441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57166441?v=4", + "html_url": "https:\/\/github.com\/Ko-kn3t" + }, + "html_url": "https:\/\/github.com\/Ko-kn3t\/CVE-2020-25270", + "description": "PHPGurukul hostel-management-system 2.1 allows XSS via Guardian Name, Guardian Relation, Guardian Contact no, Address, City", + "fork": false, + "created_at": "2020-09-23T03:16:08Z", + "updated_at": "2020-09-27T13:34:18Z", + "pushed_at": "2020-09-23T03:22:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25271.json b/2020/CVE-2020-25271.json new file mode 100644 index 0000000000..05a72651cc --- /dev/null +++ b/2020/CVE-2020-25271.json @@ -0,0 +1,25 @@ +[ + { + "id": 297840535, + "name": "CVE-2020-25271", + "full_name": "Ko-kn3t\/CVE-2020-25271", + "owner": { + "login": "Ko-kn3t", + "id": 57166441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57166441?v=4", + "html_url": "https:\/\/github.com\/Ko-kn3t" + }, + "html_url": "https:\/\/github.com\/Ko-kn3t\/CVE-2020-25271", + "description": null, + "fork": false, + "created_at": "2020-09-23T03:24:20Z", + "updated_at": "2020-09-23T03:49:17Z", + "pushed_at": "2020-09-23T03:49:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25272.json b/2020/CVE-2020-25272.json new file mode 100644 index 0000000000..ebac8ddfaa --- /dev/null +++ b/2020/CVE-2020-25272.json @@ -0,0 +1,25 @@ +[ + { + "id": 297850617, + "name": "CVE-2020-25272", + "full_name": "Ko-kn3t\/CVE-2020-25272", + "owner": { + "login": "Ko-kn3t", + "id": 57166441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57166441?v=4", + "html_url": "https:\/\/github.com\/Ko-kn3t" + }, + "html_url": "https:\/\/github.com\/Ko-kn3t\/CVE-2020-25272", + "description": "Online Bus Booking System 1.0,there is XSS through the name parameter in book_now.php", + "fork": false, + "created_at": "2020-09-23T04:20:16Z", + "updated_at": "2020-09-27T13:37:22Z", + "pushed_at": "2020-09-23T04:28:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25273.json b/2020/CVE-2020-25273.json new file mode 100644 index 0000000000..6696fcbfcc --- /dev/null +++ b/2020/CVE-2020-25273.json @@ -0,0 +1,25 @@ +[ + { + "id": 297852230, + "name": "CVE-2020-25273", + "full_name": "Ko-kn3t\/CVE-2020-25273", + "owner": { + "login": "Ko-kn3t", + "id": 57166441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57166441?v=4", + "html_url": "https:\/\/github.com\/Ko-kn3t" + }, + "html_url": "https:\/\/github.com\/Ko-kn3t\/CVE-2020-25273", + "description": "Online Bus Booking System 1.0, there is Authentication bypass on the Admin Login screen in admin.php via username or password SQL injection.", + "fork": false, + "created_at": "2020-09-23T04:29:29Z", + "updated_at": "2020-09-26T16:07:01Z", + "pushed_at": "2020-09-26T03:43:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25398.json b/2020/CVE-2020-25398.json new file mode 100644 index 0000000000..a1ca3c2c83 --- /dev/null +++ b/2020/CVE-2020-25398.json @@ -0,0 +1,25 @@ +[ + { + "id": 279259540, + "name": "CVE-2020-25398", + "full_name": "h3llraiser\/CVE-2020-25398", + "owner": { + "login": "h3llraiser", + "id": 52741391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52741391?v=4", + "html_url": "https:\/\/github.com\/h3llraiser" + }, + "html_url": "https:\/\/github.com\/h3llraiser\/CVE-2020-25398", + "description": "CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv export functionality.", + "fork": false, + "created_at": "2020-07-13T09:37:11Z", + "updated_at": "2020-11-05T15:00:19Z", + "pushed_at": "2020-11-05T10:17:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25399.json b/2020/CVE-2020-25399.json new file mode 100644 index 0000000000..4ab859e23f --- /dev/null +++ b/2020/CVE-2020-25399.json @@ -0,0 +1,25 @@ +[ + { + "id": 279259641, + "name": "CVE-2020-25399", + "full_name": "h3llraiser\/CVE-2020-25399", + "owner": { + "login": "h3llraiser", + "id": 52741391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52741391?v=4", + "html_url": "https:\/\/github.com\/h3llraiser" + }, + "html_url": "https:\/\/github.com\/h3llraiser\/CVE-2020-25399", + "description": "Stored XSS in InterMind iMind Server through 3.13.65 allows any user to hijack another user's session by sending a malicious file in the chat.", + "fork": false, + "created_at": "2020-07-13T09:37:38Z", + "updated_at": "2020-11-05T15:00:40Z", + "pushed_at": "2020-11-05T10:43:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25487.json b/2020/CVE-2020-25487.json new file mode 100644 index 0000000000..5147900638 --- /dev/null +++ b/2020/CVE-2020-25487.json @@ -0,0 +1,25 @@ +[ + { + "id": 297710280, + "name": "CVE-2020-25487", + "full_name": "Ko-kn3t\/CVE-2020-25487", + "owner": { + "login": "Ko-kn3t", + "id": 57166441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57166441?v=4", + "html_url": "https:\/\/github.com\/Ko-kn3t" + }, + "html_url": "https:\/\/github.com\/Ko-kn3t\/CVE-2020-25487", + "description": "SQL injection Vulnerability in Zoo Management System", + "fork": false, + "created_at": "2020-09-22T16:37:46Z", + "updated_at": "2020-09-23T09:31:19Z", + "pushed_at": "2020-09-22T16:41:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25488.json b/2020/CVE-2020-25488.json new file mode 100644 index 0000000000..d524d0805b --- /dev/null +++ b/2020/CVE-2020-25488.json @@ -0,0 +1,25 @@ +[ + { + "id": 297708009, + "name": "CVE-2020-25488", + "full_name": "Ko-kn3t\/CVE-2020-25488", + "owner": { + "login": "Ko-kn3t", + "id": 57166441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57166441?v=4", + "html_url": "https:\/\/github.com\/Ko-kn3t" + }, + "html_url": "https:\/\/github.com\/Ko-kn3t\/CVE-2020-25488", + "description": "Login Bypass in Zoo Management System V1.0", + "fork": false, + "created_at": "2020-09-22T16:28:34Z", + "updated_at": "2020-09-22T17:06:49Z", + "pushed_at": "2020-09-22T17:06:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25514.json b/2020/CVE-2020-25514.json new file mode 100644 index 0000000000..8b18806349 --- /dev/null +++ b/2020/CVE-2020-25514.json @@ -0,0 +1,25 @@ +[ + { + "id": 297713936, + "name": "CVE-2020-25514", + "full_name": "Ko-kn3t\/CVE-2020-25514", + "owner": { + "login": "Ko-kn3t", + "id": 57166441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57166441?v=4", + "html_url": "https:\/\/github.com\/Ko-kn3t" + }, + "html_url": "https:\/\/github.com\/Ko-kn3t\/CVE-2020-25514", + "description": "Login Bypass in Simple Library Management System 1.0", + "fork": false, + "created_at": "2020-09-22T16:52:15Z", + "updated_at": "2020-09-22T16:58:44Z", + "pushed_at": "2020-09-22T16:58:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25515.json b/2020/CVE-2020-25515.json new file mode 100644 index 0000000000..f3a2a8e8c0 --- /dev/null +++ b/2020/CVE-2020-25515.json @@ -0,0 +1,25 @@ +[ + { + "id": 297721482, + "name": "CVE-2020-25515", + "full_name": "Ko-kn3t\/CVE-2020-25515", + "owner": { + "login": "Ko-kn3t", + "id": 57166441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57166441?v=4", + "html_url": "https:\/\/github.com\/Ko-kn3t" + }, + "html_url": "https:\/\/github.com\/Ko-kn3t\/CVE-2020-25515", + "description": "Unrestricted File Upload in Simple Library Management System 1.0", + "fork": false, + "created_at": "2020-09-22T17:23:21Z", + "updated_at": "2020-09-26T16:07:03Z", + "pushed_at": "2020-09-22T17:44:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25518.json b/2020/CVE-2020-25518.json new file mode 100644 index 0000000000..455a4e1ccb --- /dev/null +++ b/2020/CVE-2020-25518.json @@ -0,0 +1,25 @@ +[ + { + "id": 294713889, + "name": "wordpress_DoS", + "full_name": "g-rubert\/wordpress_DoS", + "owner": { + "login": "g-rubert", + "id": 40837605, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40837605?v=4", + "html_url": "https:\/\/github.com\/g-rubert" + }, + "html_url": "https:\/\/github.com\/g-rubert\/wordpress_DoS", + "description": "CVE-2020-25518, CVE-2020-25519", + "fork": false, + "created_at": "2020-09-11T14:14:36Z", + "updated_at": "2020-09-30T14:48:21Z", + "pushed_at": "2020-09-15T04:07:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25540.json b/2020/CVE-2020-25540.json new file mode 100644 index 0000000000..e6b263e540 --- /dev/null +++ b/2020/CVE-2020-25540.json @@ -0,0 +1,25 @@ +[ + { + "id": 305338473, + "name": "CVE-2020-25540", + "full_name": "Schira4396\/CVE-2020-25540", + "owner": { + "login": "Schira4396", + "id": 57404930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57404930?v=4", + "html_url": "https:\/\/github.com\/Schira4396" + }, + "html_url": "https:\/\/github.com\/Schira4396\/CVE-2020-25540", + "description": "ThinkAdmin CVE-2020-25540 poc", + "fork": false, + "created_at": "2020-10-19T09:56:20Z", + "updated_at": "2020-10-21T06:51:18Z", + "pushed_at": "2020-10-19T10:16:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-2555.json b/2020/CVE-2020-2555.json index 2f1d92d922..69c8d5c4cb 100644 --- a/2020/CVE-2020-2555.json +++ b/2020/CVE-2020-2555.json @@ -113,5 +113,28 @@ "forks": 9, "watchers": 10, "score": 0 + }, + { + "id": 296616953, + "name": "CVE-2020-2555", + "full_name": "Uvemode\/CVE-2020-2555", + "owner": { + "login": "Uvemode", + "id": 18345040, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18345040?v=4", + "html_url": "https:\/\/github.com\/Uvemode" + }, + "html_url": "https:\/\/github.com\/Uvemode\/CVE-2020-2555", + "description": null, + "fork": false, + "created_at": "2020-09-18T12:37:20Z", + "updated_at": "2020-09-18T13:51:11Z", + "pushed_at": "2020-10-12T16:54:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-25747.json b/2020/CVE-2020-25747.json new file mode 100644 index 0000000000..6b10e7e9d7 --- /dev/null +++ b/2020/CVE-2020-25747.json @@ -0,0 +1,25 @@ +[ + { + "id": 296643114, + "name": "CVE-2020-25747", + "full_name": "jet-pentest\/CVE-2020-25747", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2020-25747", + "description": "CVE-2020-25747", + "fork": false, + "created_at": "2020-09-18T14:23:35Z", + "updated_at": "2021-02-14T09:24:26Z", + "pushed_at": "2020-09-18T15:02:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25748.json b/2020/CVE-2020-25748.json new file mode 100644 index 0000000000..aaad5a7133 --- /dev/null +++ b/2020/CVE-2020-25748.json @@ -0,0 +1,25 @@ +[ + { + "id": 296653811, + "name": "CVE-2020-25748", + "full_name": "jet-pentest\/CVE-2020-25748", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2020-25748", + "description": "CVE-2020-25748", + "fork": false, + "created_at": "2020-09-18T15:03:38Z", + "updated_at": "2021-02-14T09:24:25Z", + "pushed_at": "2020-09-18T15:04:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25749.json b/2020/CVE-2020-25749.json new file mode 100644 index 0000000000..b62234da21 --- /dev/null +++ b/2020/CVE-2020-25749.json @@ -0,0 +1,25 @@ +[ + { + "id": 296654263, + "name": "CVE-2020-25749", + "full_name": "jet-pentest\/CVE-2020-25749", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2020-25749", + "description": "CVE-2020-25749", + "fork": false, + "created_at": "2020-09-18T15:05:16Z", + "updated_at": "2021-02-14T09:24:24Z", + "pushed_at": "2020-09-18T15:06:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25790.json b/2020/CVE-2020-25790.json new file mode 100644 index 0000000000..dc4c91fbe1 --- /dev/null +++ b/2020/CVE-2020-25790.json @@ -0,0 +1,25 @@ +[ + { + "id": 302557281, + "name": "CVE-2020-25790", + "full_name": "7Mitu\/CVE-2020-25790", + "owner": { + "login": "7Mitu", + "id": 30004765, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30004765?v=4", + "html_url": "https:\/\/github.com\/7Mitu" + }, + "html_url": "https:\/\/github.com\/7Mitu\/CVE-2020-25790", + "description": "Typesetter CMS文件上传漏洞环境", + "fork": false, + "created_at": "2020-10-09T06:50:02Z", + "updated_at": "2020-11-11T12:52:44Z", + "pushed_at": "2020-10-09T09:30:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25867.json b/2020/CVE-2020-25867.json new file mode 100644 index 0000000000..3e7643988b --- /dev/null +++ b/2020/CVE-2020-25867.json @@ -0,0 +1,25 @@ +[ + { + "id": 297988909, + "name": "CVE-2020-25867", + "full_name": "thomasfady\/CVE-2020-25867", + "owner": { + "login": "thomasfady", + "id": 35258605, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35258605?v=4", + "html_url": "https:\/\/github.com\/thomasfady" + }, + "html_url": "https:\/\/github.com\/thomasfady\/CVE-2020-25867", + "description": null, + "fork": false, + "created_at": "2020-09-23T14:02:40Z", + "updated_at": "2020-09-24T12:28:50Z", + "pushed_at": "2020-09-24T12:28:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-26061.json b/2020/CVE-2020-26061.json new file mode 100644 index 0000000000..2b70f5f58f --- /dev/null +++ b/2020/CVE-2020-26061.json @@ -0,0 +1,25 @@ +[ + { + "id": 301444083, + "name": "CVE-2020-26061", + "full_name": "missing0x00\/CVE-2020-26061", + "owner": { + "login": "missing0x00", + "id": 29318503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29318503?v=4", + "html_url": "https:\/\/github.com\/missing0x00" + }, + "html_url": "https:\/\/github.com\/missing0x00\/CVE-2020-26061", + "description": "CVE-2020-26061 - ClickStudios Passwordstate Password Reset Portal", + "fork": false, + "created_at": "2020-10-05T14:52:34Z", + "updated_at": "2020-10-05T15:23:40Z", + "pushed_at": "2020-10-05T15:22:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-26525.json b/2020/CVE-2020-26525.json new file mode 100644 index 0000000000..91727d9783 --- /dev/null +++ b/2020/CVE-2020-26525.json @@ -0,0 +1,25 @@ +[ + { + "id": 300532106, + "name": "SmartAsset-SQLinj-CVE-2020-26525", + "full_name": "lukaszstu\/SmartAsset-SQLinj-CVE-2020-26525", + "owner": { + "login": "lukaszstu", + "id": 70864053, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70864053?v=4", + "html_url": "https:\/\/github.com\/lukaszstu" + }, + "html_url": "https:\/\/github.com\/lukaszstu\/SmartAsset-SQLinj-CVE-2020-26525", + "description": "Damstra Smart Asset 2020.7 has SQL injection via the API\/api\/Asset originator parameter.", + "fork": false, + "created_at": "2020-10-02T07:12:18Z", + "updated_at": "2020-10-02T07:19:21Z", + "pushed_at": "2020-10-02T07:19:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-26526.json b/2020/CVE-2020-26526.json new file mode 100644 index 0000000000..181ffc2200 --- /dev/null +++ b/2020/CVE-2020-26526.json @@ -0,0 +1,25 @@ +[ + { + "id": 300532968, + "name": "SmartAsset-UE-CVE-2020-26526", + "full_name": "lukaszstu\/SmartAsset-UE-CVE-2020-26526", + "owner": { + "login": "lukaszstu", + "id": 70864053, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70864053?v=4", + "html_url": "https:\/\/github.com\/lukaszstu" + }, + "html_url": "https:\/\/github.com\/lukaszstu\/SmartAsset-UE-CVE-2020-26526", + "description": "It is possible to enumerate valid usernames on the login page.", + "fork": false, + "created_at": "2020-10-02T07:15:52Z", + "updated_at": "2020-10-02T07:18:50Z", + "pushed_at": "2020-10-02T07:18:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-26527.json b/2020/CVE-2020-26527.json new file mode 100644 index 0000000000..e11c6d8204 --- /dev/null +++ b/2020/CVE-2020-26527.json @@ -0,0 +1,25 @@ +[ + { + "id": 300534131, + "name": "SmartAsset-CORS-CVE-2020-26527", + "full_name": "lukaszstu\/SmartAsset-CORS-CVE-2020-26527", + "owner": { + "login": "lukaszstu", + "id": 70864053, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70864053?v=4", + "html_url": "https:\/\/github.com\/lukaszstu" + }, + "html_url": "https:\/\/github.com\/lukaszstu\/SmartAsset-CORS-CVE-2020-26527", + "description": null, + "fork": false, + "created_at": "2020-10-02T07:20:38Z", + "updated_at": "2020-10-02T09:13:48Z", + "pushed_at": "2020-10-02T09:13:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27194.json b/2020/CVE-2020-27194.json index a70e35e0c5..c00958e83b 100644 --- a/2020/CVE-2020-27194.json +++ b/2020/CVE-2020-27194.json @@ -1,4 +1,27 @@ [ + { + "id": 309990198, + "name": "CVE-2020-27194-exp", + "full_name": "willinin\/CVE-2020-27194-exp", + "owner": { + "login": "willinin", + "id": 13467761, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13467761?v=4", + "html_url": "https:\/\/github.com\/willinin" + }, + "html_url": "https:\/\/github.com\/willinin\/CVE-2020-27194-exp", + "description": null, + "fork": false, + "created_at": "2020-11-04T12:02:34Z", + "updated_at": "2020-11-13T12:46:18Z", + "pushed_at": "2020-11-04T13:10:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 311324023, "name": "CVE-2020-27194", diff --git a/2020/CVE-2020-27358.json b/2020/CVE-2020-27358.json new file mode 100644 index 0000000000..54937d3cc5 --- /dev/null +++ b/2020/CVE-2020-27358.json @@ -0,0 +1,25 @@ +[ + { + "id": 309261991, + "name": "cve-2020-27358-27359", + "full_name": "seb1055\/cve-2020-27358-27359", + "owner": { + "login": "seb1055", + "id": 24581748, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24581748?v=4", + "html_url": "https:\/\/github.com\/seb1055" + }, + "html_url": "https:\/\/github.com\/seb1055\/cve-2020-27358-27359", + "description": "CVE-2020-27358 and CVE-2020-27359", + "fork": false, + "created_at": "2020-11-02T04:54:52Z", + "updated_at": "2020-11-07T20:38:49Z", + "pushed_at": "2020-11-02T05:10:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27688.json b/2020/CVE-2020-27688.json new file mode 100644 index 0000000000..8f2b9c0c6f --- /dev/null +++ b/2020/CVE-2020-27688.json @@ -0,0 +1,25 @@ +[ + { + "id": 306543426, + "name": "CVE-2020-27688", + "full_name": "matthiasmaes\/CVE-2020-27688", + "owner": { + "login": "matthiasmaes", + "id": 13682386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13682386?v=4", + "html_url": "https:\/\/github.com\/matthiasmaes" + }, + "html_url": "https:\/\/github.com\/matthiasmaes\/CVE-2020-27688", + "description": "CVE-2020-27688", + "fork": false, + "created_at": "2020-10-23T06:02:28Z", + "updated_at": "2020-12-01T11:56:58Z", + "pushed_at": "2020-11-05T14:51:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27747.json b/2020/CVE-2020-27747.json new file mode 100644 index 0000000000..e26f129e60 --- /dev/null +++ b/2020/CVE-2020-27747.json @@ -0,0 +1,25 @@ +[ + { + "id": 308272718, + "name": "CVE-2020-27747", + "full_name": "jet-pentest\/CVE-2020-27747", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2020-27747", + "description": "Possible Account Takeover | Brute Force Ability", + "fork": false, + "created_at": "2020-10-29T09:06:24Z", + "updated_at": "2021-02-14T09:24:22Z", + "pushed_at": "2020-10-29T09:23:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27955.json b/2020/CVE-2020-27955.json index ca3ddadef2..8cb9e109fa 100644 --- a/2020/CVE-2020-27955.json +++ b/2020/CVE-2020-27955.json @@ -22,6 +22,29 @@ "watchers": 24, "score": 0 }, + { + "id": 310061053, + "name": "git-lfs-RCE-exploit-CVE-2020-27955-Go", + "full_name": "ExploitBox\/git-lfs-RCE-exploit-CVE-2020-27955-Go", + "owner": { + "login": "ExploitBox", + "id": 26202735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26202735?v=4", + "html_url": "https:\/\/github.com\/ExploitBox" + }, + "html_url": "https:\/\/github.com\/ExploitBox\/git-lfs-RCE-exploit-CVE-2020-27955-Go", + "description": null, + "fork": false, + "created_at": "2020-11-04T16:43:04Z", + "updated_at": "2021-03-15T07:15:13Z", + "pushed_at": "2020-11-04T19:09:31Z", + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 1, + "forks": 1, + "watchers": 13, + "score": 0 + }, { "id": 314947753, "name": "cve-2020-27955-poc", diff --git a/2020/CVE-2020-27976.json b/2020/CVE-2020-27976.json new file mode 100644 index 0000000000..550a442af5 --- /dev/null +++ b/2020/CVE-2020-27976.json @@ -0,0 +1,25 @@ +[ + { + "id": 308646506, + "name": "CVE-2020-27976", + "full_name": "k0rnh0li0\/CVE-2020-27976", + "owner": { + "login": "k0rnh0li0", + "id": 73505124, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73505124?v=4", + "html_url": "https:\/\/github.com\/k0rnh0li0" + }, + "html_url": "https:\/\/github.com\/k0rnh0li0\/CVE-2020-27976", + "description": "osCommerce Phoenix CE <=1.0.5.4 Authenticated RCE", + "fork": false, + "created_at": "2020-10-30T13:59:23Z", + "updated_at": "2021-02-24T06:37:06Z", + "pushed_at": "2020-10-30T14:18:06Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-2883.json b/2020/CVE-2020-2883.json index b642fcd371..3256394f35 100644 --- a/2020/CVE-2020-2883.json +++ b/2020/CVE-2020-2883.json @@ -68,6 +68,52 @@ "watchers": 0, "score": 0 }, + { + "id": 288624943, + "name": "WebLogic-Shiro-shell", + "full_name": "Y4er\/WebLogic-Shiro-shell", + "owner": { + "login": "Y4er", + "id": 40487319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40487319?v=4", + "html_url": "https:\/\/github.com\/Y4er" + }, + "html_url": "https:\/\/github.com\/Y4er\/WebLogic-Shiro-shell", + "description": "WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞,一键注册蚁剑filter内存shell", + "fork": false, + "created_at": "2020-08-19T03:34:06Z", + "updated_at": "2021-04-07T09:27:19Z", + "pushed_at": "2020-08-25T03:17:32Z", + "stargazers_count": 235, + "watchers_count": 235, + "forks_count": 36, + "forks": 36, + "watchers": 235, + "score": 0 + }, + { + "id": 304156994, + "name": "CVE-2020-2883", + "full_name": "FancyDoesSecurity\/CVE-2020-2883", + "owner": { + "login": "FancyDoesSecurity", + "id": 70301836, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70301836?v=4", + "html_url": "https:\/\/github.com\/FancyDoesSecurity" + }, + "html_url": "https:\/\/github.com\/FancyDoesSecurity\/CVE-2020-2883", + "description": null, + "fork": false, + "created_at": "2020-10-14T23:12:39Z", + "updated_at": "2020-11-03T23:46:48Z", + "pushed_at": "2020-10-14T23:14:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, { "id": 316249865, "name": "CVE-2020-2883", diff --git a/2020/CVE-2020-3187.json b/2020/CVE-2020-3187.json new file mode 100644 index 0000000000..d3c968b4a5 --- /dev/null +++ b/2020/CVE-2020-3187.json @@ -0,0 +1,48 @@ +[ + { + "id": 283057472, + "name": "CVE-2020-3187", + "full_name": "pry0cc\/CVE-2020-3187", + "owner": { + "login": "pry0cc", + "id": 4334403, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4334403?v=4", + "html_url": "https:\/\/github.com\/pry0cc" + }, + "html_url": "https:\/\/github.com\/pry0cc\/CVE-2020-3187", + "description": null, + "fork": false, + "created_at": "2020-07-28T00:59:06Z", + "updated_at": "2020-11-02T05:51:54Z", + "pushed_at": "2020-07-28T09:45:42Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 5, + "forks": 5, + "watchers": 5, + "score": 0 + }, + { + "id": 294323676, + "name": "CVE-2020-3187", + "full_name": "Ph4nt0m-b\/CVE-2020-3187", + "owner": { + "login": "Ph4nt0m-b", + "id": 50272190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50272190?v=4", + "html_url": "https:\/\/github.com\/Ph4nt0m-b" + }, + "html_url": "https:\/\/github.com\/Ph4nt0m-b\/CVE-2020-3187", + "description": null, + "fork": false, + "created_at": "2020-09-10T06:33:01Z", + "updated_at": "2020-09-10T06:34:31Z", + "pushed_at": "2020-09-10T06:34:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-3433.json b/2020/CVE-2020-3433.json new file mode 100644 index 0000000000..1cc10da4d8 --- /dev/null +++ b/2020/CVE-2020-3433.json @@ -0,0 +1,25 @@ +[ + { + "id": 298677378, + "name": "CVE-2020-3433", + "full_name": "goichot\/CVE-2020-3433", + "owner": { + "login": "goichot", + "id": 8002862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8002862?v=4", + "html_url": "https:\/\/github.com\/goichot" + }, + "html_url": "https:\/\/github.com\/goichot\/CVE-2020-3433", + "description": "PoCs and technical analysis of three vulnerabilities found on Cisco AnyConnect for Windows: CVE-2020-3433, CVE-2020-3434 and CVE-2020-3435 ", + "fork": false, + "created_at": "2020-09-25T20:53:48Z", + "updated_at": "2021-02-15T16:56:54Z", + "pushed_at": "2020-09-25T20:55:17Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 6, + "forks": 6, + "watchers": 11, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-3452.json b/2020/CVE-2020-3452.json index 4eeb805469..34f3cbf804 100644 --- a/2020/CVE-2020-3452.json +++ b/2020/CVE-2020-3452.json @@ -1,4 +1,257 @@ [ + { + "id": 282086490, + "name": "CVE-2020-3452-PoC", + "full_name": "XDev05\/CVE-2020-3452-PoC", + "owner": { + "login": "XDev05", + "id": 55960303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55960303?v=4", + "html_url": "https:\/\/github.com\/XDev05" + }, + "html_url": "https:\/\/github.com\/XDev05\/CVE-2020-3452-PoC", + "description": null, + "fork": false, + "created_at": "2020-07-24T00:39:11Z", + "updated_at": "2020-09-17T04:12:51Z", + "pushed_at": "2020-07-24T00:49:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, + { + "id": 282135631, + "name": "cve-2020-3452", + "full_name": "Loneyers\/cve-2020-3452", + "owner": { + "login": "Loneyers", + "id": 29177120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29177120?v=4", + "html_url": "https:\/\/github.com\/Loneyers" + }, + "html_url": "https:\/\/github.com\/Loneyers\/cve-2020-3452", + "description": "unauth file read in cisco asa & firepower.", + "fork": false, + "created_at": "2020-07-24T05:56:32Z", + "updated_at": "2020-08-17T08:48:02Z", + "pushed_at": "2020-07-24T06:02:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 282249421, + "name": "CVE-2020-3452-Cisco-Scanner", + "full_name": "PR3R00T\/CVE-2020-3452-Cisco-Scanner", + "owner": { + "login": "PR3R00T", + "id": 50199640, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50199640?v=4", + "html_url": "https:\/\/github.com\/PR3R00T" + }, + "html_url": "https:\/\/github.com\/PR3R00T\/CVE-2020-3452-Cisco-Scanner", + "description": "CVE-2020-3452 Cisco ASA Scanner -unauth Path Traversal Check", + "fork": false, + "created_at": "2020-07-24T15:04:45Z", + "updated_at": "2021-03-30T19:04:18Z", + "pushed_at": "2020-08-30T21:34:41Z", + "stargazers_count": 22, + "watchers_count": 22, + "forks_count": 5, + "forks": 5, + "watchers": 22, + "score": 0 + }, + { + "id": 282267605, + "name": "CVE-2020-3452", + "full_name": "mr-r3b00t\/CVE-2020-3452", + "owner": { + "login": "mr-r3b00t", + "id": 14963690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14963690?v=4", + "html_url": "https:\/\/github.com\/mr-r3b00t" + }, + "html_url": "https:\/\/github.com\/mr-r3b00t\/CVE-2020-3452", + "description": null, + "fork": false, + "created_at": "2020-07-24T16:26:52Z", + "updated_at": "2020-10-10T20:49:10Z", + "pushed_at": "2020-07-24T17:11:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + }, + { + "id": 282479219, + "name": "CVE-2020-3452", + "full_name": "foulenzer\/CVE-2020-3452", + "owner": { + "login": "foulenzer", + "id": 41641874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41641874?v=4", + "html_url": "https:\/\/github.com\/foulenzer" + }, + "html_url": "https:\/\/github.com\/foulenzer\/CVE-2020-3452", + "description": "Little, stupid python validator(?) for CVE-2020-3452 on CISCO devices.", + "fork": false, + "created_at": "2020-07-25T16:11:55Z", + "updated_at": "2020-10-20T14:27:21Z", + "pushed_at": "2020-08-02T16:11:11Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + }, + { + "id": 283542069, + "name": "http-vuln-cve2020-3452.nse", + "full_name": "Gh0st0ne\/http-vuln-cve2020-3452.nse", + "owner": { + "login": "Gh0st0ne", + "id": 47971115, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47971115?v=4", + "html_url": "https:\/\/github.com\/Gh0st0ne" + }, + "html_url": "https:\/\/github.com\/Gh0st0ne\/http-vuln-cve2020-3452.nse", + "description": "CVE-2020-3452 : Cisco ASA and FTD Unauthorized Remote File Reading Nmap NSE Script", + "fork": false, + "created_at": "2020-07-29T15:57:26Z", + "updated_at": "2020-07-30T23:54:22Z", + "pushed_at": "2020-10-15T13:42:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + }, + { + "id": 284219767, + "name": "CVE-2020-3452", + "full_name": "0x5ECF4ULT\/CVE-2020-3452", + "owner": { + "login": "0x5ECF4ULT", + "id": 17967646, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17967646?v=4", + "html_url": "https:\/\/github.com\/0x5ECF4ULT" + }, + "html_url": "https:\/\/github.com\/0x5ECF4ULT\/CVE-2020-3452", + "description": "CVE-2020-3452 exploit", + "fork": false, + "created_at": "2020-08-01T08:27:11Z", + "updated_at": "2021-01-21T19:16:42Z", + "pushed_at": "2020-08-01T08:59:28Z", + "stargazers_count": 23, + "watchers_count": 23, + "forks_count": 2, + "forks": 2, + "watchers": 23, + "score": 0 + }, + { + "id": 284677041, + "name": "CVE-2020-3452", + "full_name": "paran0id34\/CVE-2020-3452", + "owner": { + "login": "paran0id34", + "id": 68892986, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68892986?v=4", + "html_url": "https:\/\/github.com\/paran0id34" + }, + "html_url": "https:\/\/github.com\/paran0id34\/CVE-2020-3452", + "description": "CVE-2020-3452 - directory traversal in Cisco ASA and Cisco Firepower Threat Defense", + "fork": false, + "created_at": "2020-08-03T11:02:23Z", + "updated_at": "2020-08-04T08:22:02Z", + "pushed_at": "2020-08-04T08:22:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 287222475, + "name": "CVE-2020-3452", + "full_name": "murataydemir\/CVE-2020-3452", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2020-3452", + "description": "[CVE-2020-3452] Cisco Adaptive Security Appliance (ASA) & Cisco Firepower Threat Defense (FTD) Web Service Read-Only Directory Traversal", + "fork": false, + "created_at": "2020-08-13T08:22:27Z", + "updated_at": "2021-01-26T06:07:07Z", + "pushed_at": "2020-09-16T20:50:02Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 4, + "forks": 4, + "watchers": 3, + "score": 0 + }, + { + "id": 291733229, + "name": "Cisco-ASA-LFI", + "full_name": "ludy-dev\/Cisco-ASA-LFI", + "owner": { + "login": "ludy-dev", + "id": 70466565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70466565?v=4", + "html_url": "https:\/\/github.com\/ludy-dev" + }, + "html_url": "https:\/\/github.com\/ludy-dev\/Cisco-ASA-LFI", + "description": "(CVE-2020-3452) Cisco Adaptive Security Appliance Software - Local File Inclusion Vuln Test sciript", + "fork": false, + "created_at": "2020-08-31T14:11:19Z", + "updated_at": "2020-11-07T10:00:24Z", + "pushed_at": "2020-11-07T10:00:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 299192944, + "name": "CVE-2020-3452-Exploit", + "full_name": "3ndG4me\/CVE-2020-3452-Exploit", + "owner": { + "login": "3ndG4me", + "id": 14339392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14339392?v=4", + "html_url": "https:\/\/github.com\/3ndG4me" + }, + "html_url": "https:\/\/github.com\/3ndG4me\/CVE-2020-3452-Exploit", + "description": "Just basic scanner abusing CVE-2020-3452 to enumerate the standard files accessible in the Web Directory of the CISCO ASA applicances.", + "fork": false, + "created_at": "2020-09-28T05:00:37Z", + "updated_at": "2021-01-24T17:05:51Z", + "pushed_at": "2020-10-10T17:19:51Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 2, + "forks": 2, + "watchers": 5, + "score": 0 + }, { "id": 314063056, "name": "CVE-2020-3452", diff --git a/2020/CVE-2020-5410.json b/2020/CVE-2020-5410.json index 59e08068c0..04c35e47cc 100644 --- a/2020/CVE-2020-5410.json +++ b/2020/CVE-2020-5410.json @@ -45,6 +45,29 @@ "watchers": 26, "score": 0 }, + { + "id": 297145964, + "name": "ki-vuln-cve-2020-5410", + "full_name": "mugisyahid\/ki-vuln-cve-2020-5410", + "owner": { + "login": "mugisyahid", + "id": 18200609, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18200609?v=4", + "html_url": "https:\/\/github.com\/mugisyahid" + }, + "html_url": "https:\/\/github.com\/mugisyahid\/ki-vuln-cve-2020-5410", + "description": null, + "fork": false, + "created_at": "2020-09-20T19:13:17Z", + "updated_at": "2020-09-20T19:19:37Z", + "pushed_at": "2020-09-20T19:19:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 340598389, "name": "SpringCloud-Config-CVE-2020-5410", diff --git a/2020/CVE-2020-5902.json b/2020/CVE-2020-5902.json index f447244468..e5e076ea91 100644 --- a/2020/CVE-2020-5902.json +++ b/2020/CVE-2020-5902.json @@ -1,4 +1,1039 @@ [ + { + "id": 277122836, + "name": "CVE-2020-5902", + "full_name": "dwisiswant0\/CVE-2020-5902", + "owner": { + "login": "dwisiswant0", + "id": 25837540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25837540?v=4", + "html_url": "https:\/\/github.com\/dwisiswant0" + }, + "html_url": "https:\/\/github.com\/dwisiswant0\/CVE-2020-5902", + "description": "CVE-2020-5902", + "fork": false, + "created_at": "2020-07-04T14:12:57Z", + "updated_at": "2021-03-16T07:08:42Z", + "pushed_at": "2020-07-04T14:21:27Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 1, + "forks": 1, + "watchers": 10, + "score": 0 + }, + { + "id": 277243283, + "name": "CVE-2020-5902-Scanner", + "full_name": "aqhmal\/CVE-2020-5902-Scanner", + "owner": { + "login": "aqhmal", + "id": 22043590, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22043590?v=4", + "html_url": "https:\/\/github.com\/aqhmal" + }, + "html_url": "https:\/\/github.com\/aqhmal\/CVE-2020-5902-Scanner", + "description": "Automated script for F5 BIG-IP scanner (CVE-2020-5902) using hosts retrieved from Shodan API.", + "fork": false, + "created_at": "2020-07-05T06:19:09Z", + "updated_at": "2020-12-03T14:36:56Z", + "pushed_at": "2020-07-07T07:19:16Z", + "stargazers_count": 45, + "watchers_count": 45, + "forks_count": 19, + "forks": 19, + "watchers": 45, + "score": 0 + }, + { + "id": 277342661, + "name": "CVE-2020-5902", + "full_name": "jas502n\/CVE-2020-5902", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2020-5902", + "description": "CVE-2020-5902 BIG-IP", + "fork": false, + "created_at": "2020-07-05T16:38:32Z", + "updated_at": "2021-04-02T12:41:00Z", + "pushed_at": "2020-07-15T02:52:33Z", + "stargazers_count": 343, + "watchers_count": 343, + "forks_count": 108, + "forks": 108, + "watchers": 343, + "score": 0 + }, + { + "id": 277342677, + "name": "CVE-2020-5902", + "full_name": "ar0dd\/CVE-2020-5902", + "owner": { + "login": "ar0dd", + "id": 42455358, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42455358?v=4", + "html_url": "https:\/\/github.com\/ar0dd" + }, + "html_url": "https:\/\/github.com\/ar0dd\/CVE-2020-5902", + "description": "POC code for checking for this vulnerability. Since the code has been released, I decided to release this one as well. Patch Immediately!", + "fork": false, + "created_at": "2020-07-05T16:38:36Z", + "updated_at": "2021-03-05T14:05:58Z", + "pushed_at": "2020-07-05T16:44:03Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 2, + "forks": 2, + "watchers": 14, + "score": 0 + }, + { + "id": 277346592, + "name": "CVE-2020-5902", + "full_name": "yassineaboukir\/CVE-2020-5902", + "owner": { + "login": "yassineaboukir", + "id": 9937267, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9937267?v=4", + "html_url": "https:\/\/github.com\/yassineaboukir" + }, + "html_url": "https:\/\/github.com\/yassineaboukir\/CVE-2020-5902", + "description": "Proof of concept for CVE-2020-5902", + "fork": false, + "created_at": "2020-07-05T17:01:27Z", + "updated_at": "2021-01-25T14:53:46Z", + "pushed_at": "2020-07-06T17:47:17Z", + "stargazers_count": 71, + "watchers_count": 71, + "forks_count": 22, + "forks": 22, + "watchers": 71, + "score": 0 + }, + { + "id": 277354676, + "name": "CVE-2020-5902-NSE", + "full_name": "rwincey\/CVE-2020-5902-NSE", + "owner": { + "login": "rwincey", + "id": 5438659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5438659?v=4", + "html_url": "https:\/\/github.com\/rwincey" + }, + "html_url": "https:\/\/github.com\/rwincey\/CVE-2020-5902-NSE", + "description": null, + "fork": false, + "created_at": "2020-07-05T17:51:38Z", + "updated_at": "2020-07-09T12:44:19Z", + "pushed_at": "2020-07-06T17:10:45Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 3, + "forks": 3, + "watchers": 9, + "score": 0 + }, + { + "id": 277360749, + "name": "CVE-2020-5902", + "full_name": "Un4gi\/CVE-2020-5902", + "owner": { + "login": "Un4gi", + "id": 47873286, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47873286?v=4", + "html_url": "https:\/\/github.com\/Un4gi" + }, + "html_url": "https:\/\/github.com\/Un4gi\/CVE-2020-5902", + "description": "Proof of Concept for CVE-2020-5902", + "fork": false, + "created_at": "2020-07-05T18:29:37Z", + "updated_at": "2020-09-05T23:07:17Z", + "pushed_at": "2020-07-08T21:44:17Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, + { + "id": 277376523, + "name": "CVE-2020-5902", + "full_name": "nsflabs\/CVE-2020-5902", + "owner": { + "login": "nsflabs", + "id": 64648766, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64648766?v=4", + "html_url": "https:\/\/github.com\/nsflabs" + }, + "html_url": "https:\/\/github.com\/nsflabs\/CVE-2020-5902", + "description": null, + "fork": false, + "created_at": "2020-07-05T20:16:07Z", + "updated_at": "2021-02-15T19:00:42Z", + "pushed_at": "2020-07-05T20:32:18Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 9, + "forks": 9, + "watchers": 10, + "score": 0 + }, + { + "id": 277412358, + "name": "CVE-2020-5902", + "full_name": "yasserjanah\/CVE-2020-5902", + "owner": { + "login": "yasserjanah", + "id": 20858378, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20858378?v=4", + "html_url": "https:\/\/github.com\/yasserjanah" + }, + "html_url": "https:\/\/github.com\/yasserjanah\/CVE-2020-5902", + "description": "exploit code for F5-Big-IP (CVE-2020-5902)", + "fork": false, + "created_at": "2020-07-06T01:12:23Z", + "updated_at": "2021-03-18T16:48:45Z", + "pushed_at": "2020-07-06T01:36:32Z", + "stargazers_count": 23, + "watchers_count": 23, + "forks_count": 11, + "forks": 11, + "watchers": 23, + "score": 0 + }, + { + "id": 277422712, + "name": "RCE-CVE-2020-5902", + "full_name": "JSec1337\/RCE-CVE-2020-5902", + "owner": { + "login": "JSec1337", + "id": 62246378, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62246378?v=4", + "html_url": "https:\/\/github.com\/JSec1337" + }, + "html_url": "https:\/\/github.com\/JSec1337\/RCE-CVE-2020-5902", + "description": "BIG-IP F5 Remote Code Execution", + "fork": false, + "created_at": "2020-07-06T02:21:18Z", + "updated_at": "2020-07-06T02:53:43Z", + "pushed_at": "2020-07-06T02:53:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 277438754, + "name": "CVE-2020-5902", + "full_name": "dunderhay\/CVE-2020-5902", + "owner": { + "login": "dunderhay", + "id": 27876907, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27876907?v=4", + "html_url": "https:\/\/github.com\/dunderhay" + }, + "html_url": "https:\/\/github.com\/dunderhay\/CVE-2020-5902", + "description": "Python script to exploit F5 Big-IP CVE-2020-5902 ", + "fork": false, + "created_at": "2020-07-06T04:03:58Z", + "updated_at": "2021-02-25T22:13:26Z", + "pushed_at": "2020-07-28T08:43:11Z", + "stargazers_count": 38, + "watchers_count": 38, + "forks_count": 10, + "forks": 10, + "watchers": 38, + "score": 0 + }, + { + "id": 277448062, + "name": "cve-2020-5902", + "full_name": "r0ttenbeef\/cve-2020-5902", + "owner": { + "login": "r0ttenbeef", + "id": 48027449, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48027449?v=4", + "html_url": "https:\/\/github.com\/r0ttenbeef" + }, + "html_url": "https:\/\/github.com\/r0ttenbeef\/cve-2020-5902", + "description": "cve-2020-5902 POC exploit", + "fork": false, + "created_at": "2020-07-06T05:11:37Z", + "updated_at": "2020-08-13T16:47:17Z", + "pushed_at": "2020-07-06T22:35:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "forks": 0, + "watchers": 2, + "score": 0 + }, + { + "id": 277463829, + "name": "CVE-2020-5902_RCE", + "full_name": "sv3nbeast\/CVE-2020-5902_RCE", + "owner": { + "login": "sv3nbeast", + "id": 55974091, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55974091?v=4", + "html_url": "https:\/\/github.com\/sv3nbeast" + }, + "html_url": "https:\/\/github.com\/sv3nbeast\/CVE-2020-5902_RCE", + "description": null, + "fork": false, + "created_at": "2020-07-06T06:45:21Z", + "updated_at": "2020-07-08T03:03:42Z", + "pushed_at": "2020-07-06T09:18:11Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 3, + "forks": 3, + "watchers": 8, + "score": 0 + }, + { + "id": 277466351, + "name": "scanner-CVE-2020-5902", + "full_name": "cybersecurityworks553\/scanner-CVE-2020-5902", + "owner": { + "login": "cybersecurityworks553", + "id": 63910792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63910792?v=4", + "html_url": "https:\/\/github.com\/cybersecurityworks553" + }, + "html_url": "https:\/\/github.com\/cybersecurityworks553\/scanner-CVE-2020-5902", + "description": "CVE-2020-5902 scanner", + "fork": false, + "created_at": "2020-07-06T06:58:29Z", + "updated_at": "2020-07-06T07:16:06Z", + "pushed_at": "2020-07-06T07:16:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 277496316, + "name": "CVE-2020-5902-POC-EXP", + "full_name": "lijiaxing1997\/CVE-2020-5902-POC-EXP", + "owner": { + "login": "lijiaxing1997", + "id": 34918652, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34918652?v=4", + "html_url": "https:\/\/github.com\/lijiaxing1997" + }, + "html_url": "https:\/\/github.com\/lijiaxing1997\/CVE-2020-5902-POC-EXP", + "description": "批量扫描CVE-2020-5902,远程代码执行,已测试", + "fork": false, + "created_at": "2020-07-06T09:16:36Z", + "updated_at": "2020-12-12T06:18:13Z", + "pushed_at": "2020-07-09T09:24:55Z", + "stargazers_count": 9, + "watchers_count": 9, + "forks_count": 5, + "forks": 5, + "watchers": 9, + "score": 0 + }, + { + "id": 277513237, + "name": "poc-CVE-2020-5902", + "full_name": "qlkwej\/poc-CVE-2020-5902", + "owner": { + "login": "qlkwej", + "id": 25258929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25258929?v=4", + "html_url": "https:\/\/github.com\/qlkwej" + }, + "html_url": "https:\/\/github.com\/qlkwej\/poc-CVE-2020-5902", + "description": "dummy poc", + "fork": false, + "created_at": "2020-07-06T10:36:07Z", + "updated_at": "2020-07-07T02:31:59Z", + "pushed_at": "2020-07-06T10:41:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 277549906, + "name": "F5-BIG-IP-CVE-2020-5902", + "full_name": "Zinkuth\/F5-BIG-IP-CVE-2020-5902", + "owner": { + "login": "Zinkuth", + "id": 36253549, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36253549?v=4", + "html_url": "https:\/\/github.com\/Zinkuth" + }, + "html_url": "https:\/\/github.com\/Zinkuth\/F5-BIG-IP-CVE-2020-5902", + "description": null, + "fork": false, + "created_at": "2020-07-06T13:30:44Z", + "updated_at": "2020-07-06T13:47:41Z", + "pushed_at": "2020-07-06T13:40:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 277567865, + "name": "CVE-2020-5902", + "full_name": "0xAbdullah\/CVE-2020-5902", + "owner": { + "login": "0xAbdullah", + "id": 29471278, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29471278?v=4", + "html_url": "https:\/\/github.com\/0xAbdullah" + }, + "html_url": "https:\/\/github.com\/0xAbdullah\/CVE-2020-5902", + "description": "Python script to check CVE-2020-5902 (F5 BIG-IP devices).", + "fork": false, + "created_at": "2020-07-06T14:41:29Z", + "updated_at": "2020-07-07T12:48:34Z", + "pushed_at": "2020-07-07T12:48:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 277584668, + "name": "CVE-2020-5902", + "full_name": "jinnywc\/CVE-2020-5902", + "owner": { + "login": "jinnywc", + "id": 30540295, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30540295?v=4", + "html_url": "https:\/\/github.com\/jinnywc" + }, + "html_url": "https:\/\/github.com\/jinnywc\/CVE-2020-5902", + "description": "CVE-2020-5902", + "fork": false, + "created_at": "2020-07-06T15:49:46Z", + "updated_at": "2020-07-06T15:55:37Z", + "pushed_at": "2020-07-06T15:53:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 277626606, + "name": "F5-Patch", + "full_name": "GoodiesHQ\/F5-Patch", + "owner": { + "login": "GoodiesHQ", + "id": 4576046, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4576046?v=4", + "html_url": "https:\/\/github.com\/GoodiesHQ" + }, + "html_url": "https:\/\/github.com\/GoodiesHQ\/F5-Patch", + "description": "Patch F5 appliance CVE-2020-5902", + "fork": false, + "created_at": "2020-07-06T19:07:33Z", + "updated_at": "2020-07-06T19:07:34Z", + "pushed_at": "2020-07-06T19:07:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 277692329, + "name": "CVE-2020-5902", + "full_name": "jiansiting\/CVE-2020-5902", + "owner": { + "login": "jiansiting", + "id": 28823754, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28823754?v=4", + "html_url": "https:\/\/github.com\/jiansiting" + }, + "html_url": "https:\/\/github.com\/jiansiting\/CVE-2020-5902", + "description": "F5 BIG-IP Scanner (CVE-2020-5902)", + "fork": false, + "created_at": "2020-07-07T02:03:39Z", + "updated_at": "2020-10-10T22:34:06Z", + "pushed_at": "2020-07-07T02:03:40Z", + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 4, + "forks": 4, + "watchers": 5, + "score": 0 + }, + { + "id": 277704969, + "name": "CVE-2020-5902-fix", + "full_name": "wdlid\/CVE-2020-5902-fix", + "owner": { + "login": "wdlid", + "id": 12636756, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12636756?v=4", + "html_url": "https:\/\/github.com\/wdlid" + }, + "html_url": "https:\/\/github.com\/wdlid\/CVE-2020-5902-fix", + "description": "Fix CVE-2020-5902", + "fork": false, + "created_at": "2020-07-07T03:16:02Z", + "updated_at": "2020-07-07T13:20:47Z", + "pushed_at": "2020-07-07T03:18:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 277725875, + "name": "CVE-2020-5902-F5BIG", + "full_name": "Any3ite\/CVE-2020-5902-F5BIG", + "owner": { + "login": "Any3ite", + "id": 20638313, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20638313?v=4", + "html_url": "https:\/\/github.com\/Any3ite" + }, + "html_url": "https:\/\/github.com\/Any3ite\/CVE-2020-5902-F5BIG", + "description": null, + "fork": false, + "created_at": "2020-07-07T05:32:46Z", + "updated_at": "2020-07-07T05:54:24Z", + "pushed_at": "2020-07-07T05:54:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 277798487, + "name": "CVE-2020-5902", + "full_name": "k3nundrum\/CVE-2020-5902", + "owner": { + "login": "k3nundrum", + "id": 47409600, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47409600?v=4", + "html_url": "https:\/\/github.com\/k3nundrum" + }, + "html_url": "https:\/\/github.com\/k3nundrum\/CVE-2020-5902", + "description": null, + "fork": false, + "created_at": "2020-07-07T11:31:31Z", + "updated_at": "2020-07-08T13:06:25Z", + "pushed_at": "2020-07-08T13:06:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 277800636, + "name": "CVE-2020-5902-F5-BIGIP", + "full_name": "inho28\/CVE-2020-5902-F5-BIGIP", + "owner": { + "login": "inho28", + "id": 57725357, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57725357?v=4", + "html_url": "https:\/\/github.com\/inho28" + }, + "html_url": "https:\/\/github.com\/inho28\/CVE-2020-5902-F5-BIGIP", + "description": "Scan from a given list for F5 BIG-IP and check for CVE-2020-5902", + "fork": false, + "created_at": "2020-07-07T11:42:34Z", + "updated_at": "2020-07-07T12:00:28Z", + "pushed_at": "2020-07-07T12:00:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 277851560, + "name": "f5_scanner", + "full_name": "cristiano-corrado\/f5_scanner", + "owner": { + "login": "cristiano-corrado", + "id": 3243602, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3243602?v=4", + "html_url": "https:\/\/github.com\/cristiano-corrado" + }, + "html_url": "https:\/\/github.com\/cristiano-corrado\/f5_scanner", + "description": "F5 mass scanner and CVE-2020-5902 checker", + "fork": false, + "created_at": "2020-07-07T15:17:13Z", + "updated_at": "2020-07-08T06:46:15Z", + "pushed_at": "2020-07-08T06:46:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 277900768, + "name": "CVE-2020-5902", + "full_name": "ajdumanhug\/CVE-2020-5902", + "owner": { + "login": "ajdumanhug", + "id": 9420289, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9420289?v=4", + "html_url": "https:\/\/github.com\/ajdumanhug" + }, + "html_url": "https:\/\/github.com\/ajdumanhug\/CVE-2020-5902", + "description": "POC", + "fork": false, + "created_at": "2020-07-07T19:07:55Z", + "updated_at": "2020-07-09T04:38:49Z", + "pushed_at": "2020-07-09T04:38:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 277985626, + "name": "CVE-2020-5902", + "full_name": "zhzyker\/CVE-2020-5902", + "owner": { + "login": "zhzyker", + "id": 32918050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32918050?v=4", + "html_url": "https:\/\/github.com\/zhzyker" + }, + "html_url": "https:\/\/github.com\/zhzyker\/CVE-2020-5902", + "description": "F5 BIG-IP 任意文件读取+远程命令执行RCE", + "fork": false, + "created_at": "2020-07-08T04:02:07Z", + "updated_at": "2021-03-19T13:45:38Z", + "pushed_at": "2020-07-08T04:10:12Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 6, + "forks": 6, + "watchers": 8, + "score": 0 + }, + { + "id": 278061523, + "name": "EvilRip", + "full_name": "GovindPalakkal\/EvilRip", + "owner": { + "login": "GovindPalakkal", + "id": 62349500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62349500?v=4", + "html_url": "https:\/\/github.com\/GovindPalakkal" + }, + "html_url": "https:\/\/github.com\/GovindPalakkal\/EvilRip", + "description": "It is a small script to fetch out the subdomains\/ip vulnerable to CVE-2020-5902 written in bash", + "fork": false, + "created_at": "2020-07-08T10:38:35Z", + "updated_at": "2020-07-13T08:20:12Z", + "pushed_at": "2020-07-11T06:13:34Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 0, + "forks": 0, + "watchers": 6, + "score": 0 + }, + { + "id": 278139122, + "name": "CVE-2020-5902", + "full_name": "dnerzker\/CVE-2020-5902", + "owner": { + "login": "dnerzker", + "id": 39024823, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39024823?v=4", + "html_url": "https:\/\/github.com\/dnerzker" + }, + "html_url": "https:\/\/github.com\/dnerzker\/CVE-2020-5902", + "description": null, + "fork": false, + "created_at": "2020-07-08T16:22:53Z", + "updated_at": "2020-07-16T16:16:40Z", + "pushed_at": "2020-07-16T16:16:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 278201438, + "name": "checkvulnCVE20205902", + "full_name": "renanhsilva\/checkvulnCVE20205902", + "owner": { + "login": "renanhsilva", + "id": 29900840, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29900840?v=4", + "html_url": "https:\/\/github.com\/renanhsilva" + }, + "html_url": "https:\/\/github.com\/renanhsilva\/checkvulnCVE20205902", + "description": "A powershell script to check vulnerability CVE-2020-5902 of ip list", + "fork": false, + "created_at": "2020-07-08T21:50:32Z", + "updated_at": "2021-04-04T00:01:08Z", + "pushed_at": "2020-07-08T21:56:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 278202552, + "name": "f5scan", + "full_name": "halencarjunior\/f5scan", + "owner": { + "login": "halencarjunior", + "id": 403088, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/403088?v=4", + "html_url": "https:\/\/github.com\/halencarjunior" + }, + "html_url": "https:\/\/github.com\/halencarjunior\/f5scan", + "description": "F5 BIG IP Scanner for CVE-2020-5902", + "fork": false, + "created_at": "2020-07-08T21:57:37Z", + "updated_at": "2020-07-10T17:14:14Z", + "pushed_at": "2020-08-13T14:07:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 278278361, + "name": "GoF5-CVE-2020-5902", + "full_name": "deepsecurity-pe\/GoF5-CVE-2020-5902", + "owner": { + "login": "deepsecurity-pe", + "id": 55849696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55849696?v=4", + "html_url": "https:\/\/github.com\/deepsecurity-pe" + }, + "html_url": "https:\/\/github.com\/deepsecurity-pe\/GoF5-CVE-2020-5902", + "description": "Script para validar CVE-2020-5902 hecho en Go.", + "fork": false, + "created_at": "2020-07-09T06:09:39Z", + "updated_at": "2020-12-01T02:26:30Z", + "pushed_at": "2020-07-09T06:37:05Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, + { + "id": 278297746, + "name": "CVE-2020-5902-fofa-scan", + "full_name": "Shu1L\/CVE-2020-5902-fofa-scan", + "owner": { + "login": "Shu1L", + "id": 61683660, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61683660?v=4", + "html_url": "https:\/\/github.com\/Shu1L" + }, + "html_url": "https:\/\/github.com\/Shu1L\/CVE-2020-5902-fofa-scan", + "description": null, + "fork": false, + "created_at": "2020-07-09T07:44:07Z", + "updated_at": "2020-07-12T07:49:15Z", + "pushed_at": "2020-07-09T08:06:07Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 2, + "forks": 2, + "watchers": 4, + "score": 0 + }, + { + "id": 278308798, + "name": "F5-Big-IP-CVE-2020-5902-mass-exploiter", + "full_name": "d4rk007\/F5-Big-IP-CVE-2020-5902-mass-exploiter", + "owner": { + "login": "d4rk007", + "id": 44454186, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44454186?v=4", + "html_url": "https:\/\/github.com\/d4rk007" + }, + "html_url": "https:\/\/github.com\/d4rk007\/F5-Big-IP-CVE-2020-5902-mass-exploiter", + "description": "F5 Big-IP CVE-2020-5902 mass exploiter\/fuzzer.", + "fork": false, + "created_at": "2020-07-09T08:34:37Z", + "updated_at": "2020-12-11T05:05:29Z", + "pushed_at": "2020-07-11T14:10:11Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 3, + "forks": 3, + "watchers": 3, + "score": 0 + }, + { + "id": 278380388, + "name": "CVE-2020-5902-Vuln-Checker", + "full_name": "TheCyberViking\/CVE-2020-5902-Vuln-Checker", + "owner": { + "login": "TheCyberViking", + "id": 22121899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22121899?v=4", + "html_url": "https:\/\/github.com\/TheCyberViking" + }, + "html_url": "https:\/\/github.com\/TheCyberViking\/CVE-2020-5902-Vuln-Checker", + "description": "Simple Vulnerability Checker Wrote by me \"@TheCyberViking\" and A fellow Researcher who wanted to be left Nameless... you know who you are you beautiful bitch", + "fork": false, + "created_at": "2020-07-09T14:01:29Z", + "updated_at": "2020-07-26T14:48:39Z", + "pushed_at": "2020-07-26T14:48:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 278382238, + "name": "CVE-2020-5902", + "full_name": "itsjeffersonli\/CVE-2020-5902", + "owner": { + "login": "itsjeffersonli", + "id": 53053198, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53053198?v=4", + "html_url": "https:\/\/github.com\/itsjeffersonli" + }, + "html_url": "https:\/\/github.com\/itsjeffersonli\/CVE-2020-5902", + "description": "Exploits for CVE-2020-5902 POC ", + "fork": false, + "created_at": "2020-07-09T14:08:54Z", + "updated_at": "2021-01-04T14:34:14Z", + "pushed_at": "2020-09-04T18:13:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, + "score": 0 + }, + { + "id": 278562778, + "name": "checker-CVE-2020-5902", + "full_name": "MrCl0wnLab\/checker-CVE-2020-5902", + "owner": { + "login": "MrCl0wnLab", + "id": 17049332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17049332?v=4", + "html_url": "https:\/\/github.com\/MrCl0wnLab" + }, + "html_url": "https:\/\/github.com\/MrCl0wnLab\/checker-CVE-2020-5902", + "description": "Checker CVE-2020-5902: BIG-IP versions 15.0.0 through 15.1.0.3, 14.1.0 through 14.1.2.5, 13.1.0 through 13.1.3.3, 12.1.0 through 12.1.5.1, and 11.6.1 through 11.6.5.1 suffer from Traffic Management User Interface (TMUI) arbitrary file read and command execution vulnerabilities.", + "fork": false, + "created_at": "2020-07-10T07:00:35Z", + "updated_at": "2021-04-06T03:26:38Z", + "pushed_at": "2020-07-10T15:31:07Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + }, + { + "id": 278572697, + "name": "CVE-2020-5902-POC", + "full_name": "qiong-qi\/CVE-2020-5902-POC", + "owner": { + "login": "qiong-qi", + "id": 67992753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67992753?v=4", + "html_url": "https:\/\/github.com\/qiong-qi" + }, + "html_url": "https:\/\/github.com\/qiong-qi\/CVE-2020-5902-POC", + "description": "批量检测CVE-2020-5902", + "fork": false, + "created_at": "2020-07-10T07:49:23Z", + "updated_at": "2020-07-10T07:54:22Z", + "pushed_at": "2020-07-10T07:54:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 278670349, + "name": "f5-bigip-rce-cve-2020-5902", + "full_name": "theLSA\/f5-bigip-rce-cve-2020-5902", + "owner": { + "login": "theLSA", + "id": 28248956, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28248956?v=4", + "html_url": "https:\/\/github.com\/theLSA" + }, + "html_url": "https:\/\/github.com\/theLSA\/f5-bigip-rce-cve-2020-5902", + "description": "F5 BIG-IP RCE CVE-2020-5902 automatic check tool", + "fork": false, + "created_at": "2020-07-10T15:33:00Z", + "updated_at": "2021-04-02T02:42:56Z", + "pushed_at": "2020-07-12T10:36:20Z", + "stargazers_count": 49, + "watchers_count": 49, + "forks_count": 13, + "forks": 13, + "watchers": 49, + "score": 0 + }, + { + "id": 278738841, + "name": "CVE-2020-5902-Mass", + "full_name": "pwnhacker0x18\/CVE-2020-5902-Mass", + "owner": { + "login": "pwnhacker0x18", + "id": 51971493, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51971493?v=4", + "html_url": "https:\/\/github.com\/pwnhacker0x18" + }, + "html_url": "https:\/\/github.com\/pwnhacker0x18\/CVE-2020-5902-Mass", + "description": "Mass exploit for CVE-2020-5902", + "fork": false, + "created_at": "2020-07-10T21:43:11Z", + "updated_at": "2020-07-18T04:08:12Z", + "pushed_at": "2020-07-10T21:50:42Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, + { + "id": 278872820, + "name": "CVE-2020-5902", + "full_name": "Al1ex\/CVE-2020-5902", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2020-5902", + "description": "CVE-2020-5902", + "fork": false, + "created_at": "2020-07-11T14:01:08Z", + "updated_at": "2020-09-24T16:10:11Z", + "pushed_at": "2020-07-11T14:12:18Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + }, + { + "id": 279083082, + "name": "cve-2020-5902", + "full_name": "momika233\/cve-2020-5902", + "owner": { + "login": "momika233", + "id": 56291820, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56291820?v=4", + "html_url": "https:\/\/github.com\/momika233" + }, + "html_url": "https:\/\/github.com\/momika233\/cve-2020-5902", + "description": null, + "fork": false, + "created_at": "2020-07-12T14:37:25Z", + "updated_at": "2020-07-12T14:40:28Z", + "pushed_at": "2020-07-12T14:40:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 280314712, + "name": "CVE-2020-5902-rce-gui", + "full_name": "rockmelodies\/CVE-2020-5902-rce-gui", + "owner": { + "login": "rockmelodies", + "id": 24653177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24653177?v=4", + "html_url": "https:\/\/github.com\/rockmelodies" + }, + "html_url": "https:\/\/github.com\/rockmelodies\/CVE-2020-5902-rce-gui", + "description": "GUI", + "fork": false, + "created_at": "2020-07-17T03:13:30Z", + "updated_at": "2021-01-08T00:17:22Z", + "pushed_at": "2020-07-17T08:09:30Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 1, + "forks": 1, + "watchers": 8, + "score": 0 + }, + { + "id": 281204236, + "name": "cve-2020-5902-ioc-bigip-checker", + "full_name": "f5devcentral\/cve-2020-5902-ioc-bigip-checker", + "owner": { + "login": "f5devcentral", + "id": 18314976, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18314976?v=4", + "html_url": "https:\/\/github.com\/f5devcentral" + }, + "html_url": "https:\/\/github.com\/f5devcentral\/cve-2020-5902-ioc-bigip-checker", + "description": null, + "fork": false, + "created_at": "2020-07-20T19:10:09Z", + "updated_at": "2021-02-12T21:56:03Z", + "pushed_at": "2020-08-24T03:44:29Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 11, + "forks": 11, + "watchers": 14, + "score": 0 + }, { "id": 283054636, "name": "CVE-2020-5902-F5BigIP", @@ -22,6 +1057,98 @@ "watchers": 4, "score": 0 }, + { + "id": 286226256, + "name": "CVE-2020-5902-Scanner", + "full_name": "PushpenderIndia\/CVE-2020-5902-Scanner", + "owner": { + "login": "PushpenderIndia", + "id": 56433698, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56433698?v=4", + "html_url": "https:\/\/github.com\/PushpenderIndia" + }, + "html_url": "https:\/\/github.com\/PushpenderIndia\/CVE-2020-5902-Scanner", + "description": "Automated F5 Big IP Remote Code Execution (CVE-2020-5902) Scanner Written In Python 3", + "fork": false, + "created_at": "2020-08-09T11:46:23Z", + "updated_at": "2021-04-03T06:58:51Z", + "pushed_at": "2020-08-09T12:10:16Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 2, + "forks": 2, + "watchers": 7, + "score": 0 + }, + { + "id": 287223574, + "name": "CVE-2020-5902", + "full_name": "murataydemir\/CVE-2020-5902", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2020-5902", + "description": "[CVE-2020-5902] F5 BIG-IP Remote Code Execution (RCE)", + "fork": false, + "created_at": "2020-08-13T08:27:25Z", + "updated_at": "2021-01-24T17:06:23Z", + "pushed_at": "2020-08-30T00:23:59Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, + { + "id": 288487774, + "name": "cve-2020-5902", + "full_name": "superzerosec\/cve-2020-5902", + "owner": { + "login": "superzerosec", + "id": 57648217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57648217?v=4", + "html_url": "https:\/\/github.com\/superzerosec" + }, + "html_url": "https:\/\/github.com\/superzerosec\/cve-2020-5902", + "description": null, + "fork": false, + "created_at": "2020-08-18T15:04:08Z", + "updated_at": "2020-08-18T15:04:33Z", + "pushed_at": "2020-08-18T15:04:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "forks": 1, + "watchers": 0, + "score": 0 + }, + { + "id": 294219427, + "name": "BIG-IP-F5-TMUI-RCE-Vulnerability", + "full_name": "ludy-dev\/BIG-IP-F5-TMUI-RCE-Vulnerability", + "owner": { + "login": "ludy-dev", + "id": 70466565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70466565?v=4", + "html_url": "https:\/\/github.com\/ludy-dev" + }, + "html_url": "https:\/\/github.com\/ludy-dev\/BIG-IP-F5-TMUI-RCE-Vulnerability", + "description": "(CVE-2020-5902) BIG IP F5 TMUI RCE Vulnerability RCE PoC\/ Test Script ", + "fork": false, + "created_at": "2020-09-09T20:15:03Z", + "updated_at": "2020-11-07T10:08:19Z", + "pushed_at": "2020-11-07T10:08:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 336016319, "name": "F5-BIG-IP-CVE-2020-5902-shodan-scanner", diff --git a/2020/CVE-2020-5903.json b/2020/CVE-2020-5903.json new file mode 100644 index 0000000000..cbfa7fd28d --- /dev/null +++ b/2020/CVE-2020-5903.json @@ -0,0 +1,25 @@ +[ + { + "id": 290087949, + "name": "CVE-2020-5903", + "full_name": "ltvthang\/CVE-2020-5903", + "owner": { + "login": "ltvthang", + "id": 5304208, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5304208?v=4", + "html_url": "https:\/\/github.com\/ltvthang" + }, + "html_url": "https:\/\/github.com\/ltvthang\/CVE-2020-5903", + "description": "CVE-2020-5902", + "fork": false, + "created_at": "2020-08-25T02:07:41Z", + "updated_at": "2020-10-25T06:02:24Z", + "pushed_at": "2020-07-08T06:33:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-6286.json b/2020/CVE-2020-6286.json new file mode 100644 index 0000000000..643921ddcd --- /dev/null +++ b/2020/CVE-2020-6286.json @@ -0,0 +1,25 @@ +[ + { + "id": 287230779, + "name": "CVE-2020-6286", + "full_name": "murataydemir\/CVE-2020-6286", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2020-6286", + "description": "[CVE-2020-6286] SAP NetWeaver AS JAVA (LM Configuration Wizard) Directory Traversal", + "fork": false, + "created_at": "2020-08-13T09:00:12Z", + "updated_at": "2021-03-02T13:32:54Z", + "pushed_at": "2020-08-29T23:49:49Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 2, + "forks": 2, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-6287.json b/2020/CVE-2020-6287.json new file mode 100644 index 0000000000..9f7f6d02a2 --- /dev/null +++ b/2020/CVE-2020-6287.json @@ -0,0 +1,117 @@ +[ + { + "id": 279903611, + "name": "SAP_RECON", + "full_name": "chipik\/SAP_RECON", + "owner": { + "login": "chipik", + "id": 6584277, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6584277?v=4", + "html_url": "https:\/\/github.com\/chipik" + }, + "html_url": "https:\/\/github.com\/chipik\/SAP_RECON", + "description": "PoC for CVE-2020-6287, CVE-2020-6286 (SAP RECON vulnerability)", + "fork": false, + "created_at": "2020-07-15T15:20:09Z", + "updated_at": "2021-04-05T06:31:06Z", + "pushed_at": "2020-09-29T17:20:12Z", + "stargazers_count": 163, + "watchers_count": 163, + "forks_count": 53, + "forks": 53, + "watchers": 163, + "score": 0 + }, + { + "id": 281199347, + "name": "CVE-2020-6287-exploit", + "full_name": "duc-nt\/CVE-2020-6287-exploit", + "owner": { + "login": "duc-nt", + "id": 61867814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61867814?v=4", + "html_url": "https:\/\/github.com\/duc-nt" + }, + "html_url": "https:\/\/github.com\/duc-nt\/CVE-2020-6287-exploit", + "description": "PoC for CVE-2020-6287 The PoC in python for add user only, no administrator permission set. Inspired by @zeroSteiner from metasploit. Original Metasploit PR module: https:\/\/github.com\/rapid7\/metasploit-framework\/pull\/13852\/commits\/d1e2c75b3eafa7f62a6aba9fbe6220c8da97baa8 This PoC only create user with unauthentication permission and no more administrator permission set. This project is created only for educational purposes and cannot be used for law violation or personal gain. The author of this project is not responsible for any possible harm caused by the materials of this project. Original finding: CVE-2020-6287: Pablo Artuso CVE-2020-6286: Yvan 'iggy' G. Usage: python sap-CVE-2020-6287-add-user.py = 4.3.2", + "fork": false, + "created_at": "2020-08-04T10:23:28Z", + "updated_at": "2020-08-23T01:03:22Z", + "pushed_at": "2020-08-05T22:38:53Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 2, + "forks": 2, + "watchers": 11, + "score": 0 + }, + { + "id": 285586960, + "name": "CVE-2020-8816", + "full_name": "team0se7en\/CVE-2020-8816", + "owner": { + "login": "team0se7en", + "id": 49656318, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49656318?v=4", + "html_url": "https:\/\/github.com\/team0se7en" + }, + "html_url": "https:\/\/github.com\/team0se7en\/CVE-2020-8816", + "description": "Pi-hole ( <= 4.3.2) authenticated remote code execution.", + "fork": false, + "created_at": "2020-08-06T14:04:54Z", + "updated_at": "2020-08-12T09:35:48Z", + "pushed_at": "2020-08-06T15:14:12Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 0, + "forks": 0, + "watchers": 6, + "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-8835.json b/2020/CVE-2020-8835.json index e4cbf195cd..20e67745f3 100644 --- a/2020/CVE-2020-8835.json +++ b/2020/CVE-2020-8835.json @@ -22,6 +22,29 @@ "watchers": 0, "score": 0 }, + { + "id": 277140244, + "name": "Rick_write_exp_CVE-2020-8835", + "full_name": "snappyJack\/Rick_write_exp_CVE-2020-8835", + "owner": { + "login": "snappyJack", + "id": 16055573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16055573?v=4", + "html_url": "https:\/\/github.com\/snappyJack" + }, + "html_url": "https:\/\/github.com\/snappyJack\/Rick_write_exp_CVE-2020-8835", + "description": null, + "fork": false, + "created_at": "2020-07-04T15:51:14Z", + "updated_at": "2020-07-14T09:45:02Z", + "pushed_at": "2020-07-04T16:40:18Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, + "score": 0 + }, { "id": 296130768, "name": "CVE-2020-8835", @@ -44,5 +67,28 @@ "forks": 6, "watchers": 12, "score": 0 + }, + { + "id": 305013237, + "name": "CVE-2020-8835", + "full_name": "SplendidSky\/CVE-2020-8835", + "owner": { + "login": "SplendidSky", + "id": 12770529, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12770529?v=4", + "html_url": "https:\/\/github.com\/SplendidSky" + }, + "html_url": "https:\/\/github.com\/SplendidSky\/CVE-2020-8835", + "description": null, + "fork": false, + "created_at": "2020-10-18T03:17:58Z", + "updated_at": "2020-10-18T09:12:40Z", + "pushed_at": "2020-10-18T09:12:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-8958.json b/2020/CVE-2020-8958.json new file mode 100644 index 0000000000..1b153ac660 --- /dev/null +++ b/2020/CVE-2020-8958.json @@ -0,0 +1,25 @@ +[ + { + "id": 279807177, + "name": "gpon", + "full_name": "qurbat\/gpon", + "owner": { + "login": "qurbat", + "id": 37518297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37518297?v=4", + "html_url": "https:\/\/github.com\/qurbat" + }, + "html_url": "https:\/\/github.com\/qurbat\/gpon", + "description": "A proof of concept for CVE-2020-8958 written in Python.", + "fork": false, + "created_at": "2020-07-15T08:10:01Z", + "updated_at": "2020-10-05T11:14:21Z", + "pushed_at": "2020-10-05T11:14:18Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9006.json b/2020/CVE-2020-9006.json new file mode 100644 index 0000000000..8cfc64f347 --- /dev/null +++ b/2020/CVE-2020-9006.json @@ -0,0 +1,25 @@ +[ + { + "id": 281305774, + "name": "cve-2020-9006", + "full_name": "tz4678\/cve-2020-9006", + "owner": { + "login": "tz4678", + "id": 12753171, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12753171?v=4", + "html_url": "https:\/\/github.com\/tz4678" + }, + "html_url": "https:\/\/github.com\/tz4678\/cve-2020-9006", + "description": null, + "fork": false, + "created_at": "2020-07-21T05:39:58Z", + "updated_at": "2020-07-21T17:41:22Z", + "pushed_at": "2020-07-21T17:41:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9047.json b/2020/CVE-2020-9047.json new file mode 100644 index 0000000000..8f9d0f2b16 --- /dev/null +++ b/2020/CVE-2020-9047.json @@ -0,0 +1,25 @@ +[ + { + "id": 279328764, + "name": "CVE-2020-9047", + "full_name": "norrismw\/CVE-2020-9047", + "owner": { + "login": "norrismw", + "id": 42365063, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42365063?v=4", + "html_url": "https:\/\/github.com\/norrismw" + }, + "html_url": "https:\/\/github.com\/norrismw\/CVE-2020-9047", + "description": null, + "fork": false, + "created_at": "2020-07-13T14:40:34Z", + "updated_at": "2021-03-19T02:30:16Z", + "pushed_at": "2020-07-13T14:47:02Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 0, + "forks": 0, + "watchers": 4, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9376.json b/2020/CVE-2020-9376.json new file mode 100644 index 0000000000..1510c22ed8 --- /dev/null +++ b/2020/CVE-2020-9376.json @@ -0,0 +1,25 @@ +[ + { + "id": 278486856, + "name": "dlink-dir610-exploits", + "full_name": "renatoalencar\/dlink-dir610-exploits", + "owner": { + "login": "renatoalencar", + "id": 6964593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6964593?v=4", + "html_url": "https:\/\/github.com\/renatoalencar" + }, + "html_url": "https:\/\/github.com\/renatoalencar\/dlink-dir610-exploits", + "description": "Exploits for CVE-2020-9376 and CVE-2020-9377", + "fork": false, + "created_at": "2020-07-09T22:48:51Z", + "updated_at": "2020-07-09T23:08:46Z", + "pushed_at": "2020-07-09T22:49:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "forks": 2, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9484.json b/2020/CVE-2020-9484.json index 542e7496fc..09898f092c 100644 --- a/2020/CVE-2020-9484.json +++ b/2020/CVE-2020-9484.json @@ -137,6 +137,29 @@ "watchers": 1, "score": 0 }, + { + "id": 293086175, + "name": "CVE-2020-9484-exploit", + "full_name": "anjai94\/CVE-2020-9484-exploit", + "owner": { + "login": "anjai94", + "id": 30573192, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30573192?v=4", + "html_url": "https:\/\/github.com\/anjai94" + }, + "html_url": "https:\/\/github.com\/anjai94\/CVE-2020-9484-exploit", + "description": null, + "fork": false, + "created_at": "2020-09-05T13:56:51Z", + "updated_at": "2021-02-17T11:32:23Z", + "pushed_at": "2020-09-05T14:08:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, + "score": 0 + }, { "id": 325878746, "name": "CVE-2020-9484", diff --git a/2020/CVE-2020-9495.json b/2020/CVE-2020-9495.json new file mode 100644 index 0000000000..72119d8d76 --- /dev/null +++ b/2020/CVE-2020-9495.json @@ -0,0 +1,25 @@ +[ + { + "id": 283590587, + "name": "CVE-2020-9495", + "full_name": "ggolawski\/CVE-2020-9495", + "owner": { + "login": "ggolawski", + "id": 35563296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35563296?v=4", + "html_url": "https:\/\/github.com\/ggolawski" + }, + "html_url": "https:\/\/github.com\/ggolawski\/CVE-2020-9495", + "description": null, + "fork": false, + "created_at": "2020-07-29T19:57:32Z", + "updated_at": "2020-08-20T08:24:04Z", + "pushed_at": "2020-07-29T20:54:14Z", + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 0, + "forks": 0, + "watchers": 8, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9496.json b/2020/CVE-2020-9496.json index 2ba6dc20c8..4d1aa80d24 100644 --- a/2020/CVE-2020-9496.json +++ b/2020/CVE-2020-9496.json @@ -1,4 +1,27 @@ [ + { + "id": 287762650, + "name": "CVE-2020-9496", + "full_name": "dwisiswant0\/CVE-2020-9496", + "owner": { + "login": "dwisiswant0", + "id": 25837540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25837540?v=4", + "html_url": "https:\/\/github.com\/dwisiswant0" + }, + "html_url": "https:\/\/github.com\/dwisiswant0\/CVE-2020-9496", + "description": null, + "fork": false, + "created_at": "2020-08-15T14:29:49Z", + "updated_at": "2021-03-16T07:08:42Z", + "pushed_at": "2020-08-16T01:04:01Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 3, + "forks": 3, + "watchers": 4, + "score": 0 + }, { "id": 353653665, "name": "apache-ofbiz-CVE-2020-9496", diff --git a/2020/CVE-2020-9767.json b/2020/CVE-2020-9767.json new file mode 100644 index 0000000000..0dd15f4f38 --- /dev/null +++ b/2020/CVE-2020-9767.json @@ -0,0 +1,25 @@ +[ + { + "id": 284798243, + "name": "Zoom-dll-hijacking", + "full_name": "shubham0d\/Zoom-dll-hijacking", + "owner": { + "login": "shubham0d", + "id": 12750163, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12750163?v=4", + "html_url": "https:\/\/github.com\/shubham0d" + }, + "html_url": "https:\/\/github.com\/shubham0d\/Zoom-dll-hijacking", + "description": "A dll hijacking vulnerability in zoom meeting < 5.1.4. CVE-2020-9767", + "fork": false, + "created_at": "2020-08-03T20:17:10Z", + "updated_at": "2020-12-14T03:24:48Z", + "pushed_at": "2020-09-30T20:14:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9768.json b/2020/CVE-2020-9768.json new file mode 100644 index 0000000000..2d4d2d5a6d --- /dev/null +++ b/2020/CVE-2020-9768.json @@ -0,0 +1,25 @@ +[ + { + "id": 298576538, + "name": "CVE-2020-9768", + "full_name": "XorgX304\/CVE-2020-9768", + "owner": { + "login": "XorgX304", + "id": 46254011, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46254011?v=4", + "html_url": "https:\/\/github.com\/XorgX304" + }, + "html_url": "https:\/\/github.com\/XorgX304\/CVE-2020-9768", + "description": "AppleJPEGDriverUserClient : mach port use-after-free\/type-confusion via race condition", + "fork": false, + "created_at": "2020-09-25T13:12:04Z", + "updated_at": "2021-02-09T09:03:25Z", + "pushed_at": "2020-03-26T22:29:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9934.json b/2020/CVE-2020-9934.json new file mode 100644 index 0000000000..f570182114 --- /dev/null +++ b/2020/CVE-2020-9934.json @@ -0,0 +1,25 @@ +[ + { + "id": 283028117, + "name": "CVE-2020-9934", + "full_name": "mattshockl\/CVE-2020-9934", + "owner": { + "login": "mattshockl", + "id": 5934002, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5934002?v=4", + "html_url": "https:\/\/github.com\/mattshockl" + }, + "html_url": "https:\/\/github.com\/mattshockl\/CVE-2020-9934", + "description": "CVE-2020–9934 POC", + "fork": false, + "created_at": "2020-07-27T22:09:01Z", + "updated_at": "2020-10-10T02:52:19Z", + "pushed_at": "2020-07-28T16:39:20Z", + "stargazers_count": 14, + "watchers_count": 14, + "forks_count": 2, + "forks": 2, + "watchers": 14, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9992.json b/2020/CVE-2020-9992.json new file mode 100644 index 0000000000..24fed0f429 --- /dev/null +++ b/2020/CVE-2020-9992.json @@ -0,0 +1,25 @@ +[ + { + "id": 296170343, + "name": "c0ntextomy", + "full_name": "c0ntextomy\/c0ntextomy", + "owner": { + "login": "c0ntextomy", + "id": 71413975, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71413975?v=4", + "html_url": "https:\/\/github.com\/c0ntextomy" + }, + "html_url": "https:\/\/github.com\/c0ntextomy\/c0ntextomy", + "description": "CVE-2020-9992 - A design flaw in MobileDevice.framework\/Xcode and iOS\/iPadOS\/tvOS Development Tools allows an attacker in the same network to gain remote code execution on a target device", + "fork": false, + "created_at": "2020-09-16T23:35:22Z", + "updated_at": "2021-02-28T07:05:05Z", + "pushed_at": "2020-09-23T14:52:06Z", + "stargazers_count": 50, + "watchers_count": 50, + "forks_count": 9, + "forks": 9, + "watchers": 50, + "score": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-24086.json b/2021/CVE-2021-24086.json index 14c486b690..b1b2f659b3 100644 --- a/2021/CVE-2021-24086.json +++ b/2021/CVE-2021-24086.json @@ -13,13 +13,13 @@ "description": "Proof of concept for CVE-2021-24086, a NULL dereference in tcpip.sys triggered remotely.", "fork": false, "created_at": "2021-04-07T11:10:40Z", - "updated_at": "2021-04-08T20:12:59Z", + "updated_at": "2021-04-09T01:34:10Z", "pushed_at": "2021-04-07T16:34:18Z", - "stargazers_count": 87, - "watchers_count": 87, + "stargazers_count": 88, + "watchers_count": 88, "forks_count": 18, "forks": 18, - "watchers": 87, + "watchers": 88, "score": 0 }, { diff --git a/2021/CVE-2021-25646.json b/2021/CVE-2021-25646.json index 5ae8a01459..fd48099444 100644 --- a/2021/CVE-2021-25646.json +++ b/2021/CVE-2021-25646.json @@ -105,13 +105,13 @@ "description": "Alibaba-Nacos-Unauthorized\/ApacheDruid-RCE_CVE-2021-25646\/MS-Exchange-SSRF-CVE-2021-26885\/Oracle-WebLogic-CVE-2021-2109_RCE\/RG-CNVD-2021-14536\/RJ-SSL-VPN-UltraVires\/Redis-Unauthorized-RCE\/TDOA-V11.7-GetOnlineCookie\/VMware-vCenter-GetAnyFile\/yongyou-GRP-U8-XXE\/Oracle-WebLogic-CVE-2020-14883\/Oracle-WebLogic-CVE-2020-14882\/Apache-Solr-GetAnyFile\/F5-BIG-IP-CVE-2021-22986\/Sonicwall-SSL-VPN-RCE\/GitLab-Graphql-CNVD-2021-14193\/D-Link-DCS-CVE-2020-25078\/WLAN-AP-WEA453e-RCE\/360TianQing-Unauthorized\/360TianQing-SQLinjection\/FanWeiOA-V8-SQLinjection", "fork": false, "created_at": "2021-03-11T22:49:17Z", - "updated_at": "2021-04-08T17:57:00Z", + "updated_at": "2021-04-09T02:58:50Z", "pushed_at": "2021-04-08T13:53:46Z", - "stargazers_count": 338, - "watchers_count": 338, - "forks_count": 77, - "forks": 77, - "watchers": 338, + "stargazers_count": 346, + "watchers_count": 346, + "forks_count": 80, + "forks": 80, + "watchers": 346, "score": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-26855.json b/2021/CVE-2021-26855.json index ab483bf9c5..2efb5b0d14 100644 --- a/2021/CVE-2021-26855.json +++ b/2021/CVE-2021-26855.json @@ -431,8 +431,8 @@ "pushed_at": "2021-03-14T23:51:37Z", "stargazers_count": 10, "watchers_count": 10, - "forks_count": 3, - "forks": 3, + "forks_count": 4, + "forks": 4, "watchers": 10, "score": 0 }, diff --git a/2021/CVE-2021-3156.json b/2021/CVE-2021-3156.json index fc87f865da..b8bd9fa28c 100644 --- a/2021/CVE-2021-3156.json +++ b/2021/CVE-2021-3156.json @@ -661,8 +661,8 @@ "pushed_at": "2021-02-03T22:28:14Z", "stargazers_count": 33, "watchers_count": 33, - "forks_count": 15, - "forks": 15, + "forks_count": 16, + "forks": 16, "watchers": 33, "score": 0 }, diff --git a/2021/CVE-2021-34567.json b/2021/CVE-2021-34567.json new file mode 100644 index 0000000000..6a1a7b9e9c --- /dev/null +++ b/2021/CVE-2021-34567.json @@ -0,0 +1,25 @@ +[ + { + "id": 356089875, + "name": "cve-2021-34567", + "full_name": "hu185396\/cve-2021-34567", + "owner": { + "login": "hu185396", + "id": 50415778, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50415778?v=4", + "html_url": "https:\/\/github.com\/hu185396" + }, + "html_url": "https:\/\/github.com\/hu185396\/cve-2021-34567", + "description": null, + "fork": false, + "created_at": "2021-04-09T00:52:10Z", + "updated_at": "2021-04-09T00:52:13Z", + "pushed_at": "2021-04-09T00:52:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/README.md b/README.md index 22e5d6a402..1747b0d8ef 100644 --- a/README.md +++ b/README.md @@ -757,6 +757,9 @@ Composr 10.0.36 allows XSS in an XML script. - [orionhridoy/CVE-2021-30150](https://github.com/orionhridoy/CVE-2021-30150) +### CVE-2021-34567 +- [hu185396/cve-2021-34567](https://github.com/hu185396/cve-2021-34567) + ## 2020 ### CVE-2020-0001 (2020-01-08) @@ -767,6 +770,14 @@ In getProcessRecordLocked of ActivityManagerService.java isolated apps are not h - [Zachinio/CVE-2020-0001](https://github.com/Zachinio/CVE-2020-0001) +### CVE-2020-0014 (2020-02-13) + + +It is possible for a malicious application to construct a TYPE_TOAST window manually and make that window clickable. This could lead to a local escalation of privilege with no additional execution privileges needed. User action is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-128674520 + + +- [tea9/CVE-2020-0014-Toast](https://github.com/tea9/CVE-2020-0014-Toast) + ### CVE-2020-0022 (2020-02-13) @@ -787,6 +798,8 @@ In binder_transaction of binder.c, there is a possible out of bounds write due t - [bluefrostsecurity/CVE-2020-0041](https://github.com/bluefrostsecurity/CVE-2020-0041) - [j4nn/CVE-2020-0041](https://github.com/j4nn/CVE-2020-0041) +- [minutesinch/CVE-2020-0041](https://github.com/minutesinch/CVE-2020-0041) +- [minutesinch/CVE-2020-0041-Original](https://github.com/minutesinch/CVE-2020-0041-Original) - [TechnoHT/CVE-2020-0041](https://github.com/TechnoHT/CVE-2020-0041) ### CVE-2020-0069 (2020-03-10) @@ -818,6 +831,14 @@ In startActivities of ActivityStartController.java, there is a possible escalati - [liuyun201990/StrandHogg2](https://github.com/liuyun201990/StrandHogg2) - [tea9/CVE-2020-0096-StrandHogg2](https://github.com/tea9/CVE-2020-0096-StrandHogg2) +### CVE-2020-0108 (2020-08-11) + + +In postNotification of ServiceRecord.java, there is a possible bypass of foreground process restrictions due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-8.1 Android-9Android ID: A-140108616 + + +- [CrackerCat/ServiceCheater](https://github.com/CrackerCat/ServiceCheater) + ### CVE-2020-0113 (2020-06-10) @@ -826,6 +847,14 @@ In sendCaptureResult of Camera3OutputUtils.cpp, there is a possible out of bound - [XDo0/ServiceCheater](https://github.com/XDo0/ServiceCheater) +### CVE-2020-0114 (2020-06-10) + + +In onCreateSliceProvider of KeyguardSliceProvider.java, there is a possible confused deputy due to a PendingIntent error. This could lead to local escalation of privilege that allows actions performed as the System UI, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147606347 + + +- [tea9/CVE-2020-0114-systemui](https://github.com/tea9/CVE-2020-0114-systemui) + ### CVE-2020-0121 (2020-06-10) @@ -945,6 +974,7 @@ A remote code execution vulnerability exists in the way that the scripting engin - [binaryfigments/CVE-2020-0674](https://github.com/binaryfigments/CVE-2020-0674) - [maxpl0it/CVE-2020-0674-Exploit](https://github.com/maxpl0it/CVE-2020-0674-Exploit) +- [Ken-Abruzzi/CVE-2020-0674](https://github.com/Ken-Abruzzi/CVE-2020-0674) ### CVE-2020-0683 (2020-02-11) @@ -975,6 +1005,9 @@ A remote code execution vulnerability exists in Microsoft Exchange software when - [mahyarx/Exploit_CVE-2020-0688](https://github.com/mahyarx/Exploit_CVE-2020-0688) - [ktpdpro/CVE-2020-0688](https://github.com/ktpdpro/CVE-2020-0688) - [w4fz5uck5/cve-2020-0688-webshell-upload-technique](https://github.com/w4fz5uck5/cve-2020-0688-webshell-upload-technique) +- [murataydemir/CVE-2020-0688](https://github.com/murataydemir/CVE-2020-0688) +- [zyn3rgy/ecp_slap](https://github.com/zyn3rgy/ecp_slap) +- [SLSteff/CVE-2020-0688-Scanner](https://github.com/SLSteff/CVE-2020-0688-Scanner) - [MrTiz9/CVE-2020-0688](https://github.com/MrTiz9/CVE-2020-0688) ### CVE-2020-0708 (2020-02-11) @@ -1078,6 +1111,11 @@ A remote code execution vulnerability exists in the way that the Microsoft Serve - [Barriuso/SMBGhost_AutomateExploitation](https://github.com/Barriuso/SMBGhost_AutomateExploitation) - [1060275195/SMBGhost](https://github.com/1060275195/SMBGhost) - [Almorabea/SMBGhost-LPE-Metasploit-Module](https://github.com/Almorabea/SMBGhost-LPE-Metasploit-Module) +- [ZecOps/SMBGhost-SMBleed-scanner](https://github.com/ZecOps/SMBGhost-SMBleed-scanner) +- [5l1v3r1/smbghost-5](https://github.com/5l1v3r1/smbghost-5) +- [rsmudge/CVE-2020-0796-BOF](https://github.com/rsmudge/CVE-2020-0796-BOF) +- [codewithpradhan/SMBGhost-CVE-2020-0796-](https://github.com/codewithpradhan/SMBGhost-CVE-2020-0796-) +- [AaronWilsonGrylls/CVE-2020-0796-POC](https://github.com/AaronWilsonGrylls/CVE-2020-0796-POC) - [datntsec/CVE-2020-0796](https://github.com/datntsec/CVE-2020-0796) - [MasterSploit/LPE---CVE-2020-0796](https://github.com/MasterSploit/LPE---CVE-2020-0796) - [ORCA666/CVE-2020-0796](https://github.com/ORCA666/CVE-2020-0796) @@ -1115,6 +1153,14 @@ An elevation of privilege vulnerability exists in Windows Installer because of t - [klinix5/CVE-2020-0814](https://github.com/klinix5/CVE-2020-0814) +### CVE-2020-0890 (2020-09-11) + + +A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application.The security update addresses the vulnerability by resolving the conditions where Hyper-V would fail to handle these requests., aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2020-0904. + + +- [gerhart01/hyperv_local_dos_poc](https://github.com/gerhart01/hyperv_local_dos_poc) + ### CVE-2020-0910 (2020-04-15) @@ -1131,6 +1177,9 @@ A spoofing vulnerability exists when Microsoft SharePoint Server does not proper - [ericzhong2010/GUI-Check-CVE-2020-0976](https://github.com/ericzhong2010/GUI-Check-CVE-2020-0976) +### CVE-2020-1 +- [full-disclosure/FDEU-CVE-2020-1FC5](https://github.com/full-disclosure/FDEU-CVE-2020-1FC5) + ### CVE-2020-1015 (2020-04-15) @@ -1155,6 +1204,7 @@ An elevation of privilege vulnerability exists when the Windows Print Spooler se - [zveriu/CVE-2009-0229-PoC](https://github.com/zveriu/CVE-2009-0229-PoC) - [shubham0d/CVE-2020-1048](https://github.com/shubham0d/CVE-2020-1048) +- [Ken-Abruzzi/CVE-2020-1048](https://github.com/Ken-Abruzzi/CVE-2020-1048) ### CVE-2020-1054 (2020-05-21) @@ -1163,6 +1213,9 @@ An elevation of privilege vulnerability exists in Windows when the Windows kerne - [0xeb-bp/cve-2020-1054](https://github.com/0xeb-bp/cve-2020-1054) +- [Iamgublin/CVE-2020-1054](https://github.com/Iamgublin/CVE-2020-1054) +- [KaLendsi/CVE-2020-1054](https://github.com/KaLendsi/CVE-2020-1054) +- [Graham382/CVE-2020-1054](https://github.com/Graham382/CVE-2020-1054) ### CVE-2020-1066 (2020-05-21) @@ -1188,6 +1241,8 @@ An information disclosure vulnerability exists in the way that the Microsoft Ser - [ZecOps/CVE-2020-1206-POC](https://github.com/ZecOps/CVE-2020-1206-POC) +- [Info-Security-Solution-Kolkata/CVE-2020-1206-Exploit](https://github.com/Info-Security-Solution-Kolkata/CVE-2020-1206-Exploit) +- [Info-Security-Solution-Kolkata/Smbleed-CVE-2020-1206-Exploit](https://github.com/Info-Security-Solution-Kolkata/Smbleed-CVE-2020-1206-Exploit) ### CVE-2020-1283 (2020-06-09) @@ -1206,14 +1261,34 @@ A remote code execution vulnerability exists in the way that the Microsoft Serve - [P1kAju/CVE-2020-1301](https://github.com/P1kAju/CVE-2020-1301) - [shubham0d/CVE-2020-1301](https://github.com/shubham0d/CVE-2020-1301) +### CVE-2020-1313 (2020-06-09) + + +An elevation of privilege vulnerability exists when the Windows Update Orchestrator Service improperly handles file operations, aka 'Windows Update Orchestrator Service Elevation of Privilege Vulnerability'. + + +- [irsl/CVE-2020-1313](https://github.com/irsl/CVE-2020-1313) + ### CVE-2020-1337 (2020-08-17) An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. +- [math1as/CVE-2020-1337-exploit](https://github.com/math1as/CVE-2020-1337-exploit) +- [VoidSec/CVE-2020-1337](https://github.com/VoidSec/CVE-2020-1337) +- [neofito/CVE-2020-1337](https://github.com/neofito/CVE-2020-1337) +- [sailay1996/cve-2020-1337-poc](https://github.com/sailay1996/cve-2020-1337-poc) - [password520/cve-2020-1337-poc](https://github.com/password520/cve-2020-1337-poc) +### CVE-2020-1349 (2020-07-14) + + +A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka 'Microsoft Outlook Remote Code Execution Vulnerability'. + + +- [0neb1n/CVE-2020-1349](https://github.com/0neb1n/CVE-2020-1349) + ### CVE-2020-1350 (2020-07-14) @@ -1221,6 +1296,27 @@ A remote code execution vulnerability exists in Windows Domain Name System serve - [psc4re/NSE-scripts](https://github.com/psc4re/NSE-scripts) +- [mr-r3b00t/CVE-2020-1350](https://github.com/mr-r3b00t/CVE-2020-1350) +- [zoomerxsec/Fake_CVE-2020-1350](https://github.com/zoomerxsec/Fake_CVE-2020-1350) +- [T13nn3s/CVE-2020-1350](https://github.com/T13nn3s/CVE-2020-1350) +- [corelight/SIGRed](https://github.com/corelight/SIGRed) +- [jmaddington/dRMM-CVE-2020-1350-response](https://github.com/jmaddington/dRMM-CVE-2020-1350-response) +- [maxpl0it/CVE-2020-1350-DoS](https://github.com/maxpl0it/CVE-2020-1350-DoS) +- [captainGeech42/CVE-2020-1350](https://github.com/captainGeech42/CVE-2020-1350) +- [connormcgarr/CVE-2020-1350](https://github.com/connormcgarr/CVE-2020-1350) +- [graph-inc/CVE-2020-1350](https://github.com/graph-inc/CVE-2020-1350) +- [CVEmaster/CVE-2020-1350](https://github.com/CVEmaster/CVE-2020-1350) +- [Secuora-Org/CVE-2020-1350-checker.ps1](https://github.com/Secuora-Org/CVE-2020-1350-checker.ps1) +- [gdwnet/cve-2020-1350](https://github.com/gdwnet/cve-2020-1350) +- [simeononsecurity/CVE-2020-1350-Fix](https://github.com/simeononsecurity/CVE-2020-1350-Fix) + +### CVE-2020-1362 (2020-07-14) + + +An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory, aka 'Windows WalletService Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1344, CVE-2020-1369. + + +- [Q4n/CVE-2020-1362](https://github.com/Q4n/CVE-2020-1362) ### CVE-2020-1472 (2020-08-17) @@ -1228,9 +1324,47 @@ A remote code execution vulnerability exists in Windows Domain Name System serve An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'. +- [Tobey123/CVE-2020-1472-visualizer](https://github.com/Tobey123/CVE-2020-1472-visualizer) +- [SecuraBV/CVE-2020-1472](https://github.com/SecuraBV/CVE-2020-1472) +- [cube0x0/CVE-2020-1472](https://github.com/cube0x0/CVE-2020-1472) +- [dirkjanm/CVE-2020-1472](https://github.com/dirkjanm/CVE-2020-1472) +- [VoidSec/CVE-2020-1472](https://github.com/VoidSec/CVE-2020-1472) +- [risksense/zerologon](https://github.com/risksense/zerologon) +- [bb00/zer0dump](https://github.com/bb00/zer0dump) +- [0xkami/CVE-2020-1472](https://github.com/0xkami/CVE-2020-1472) +- [NAXG/CVE-2020-1472](https://github.com/NAXG/CVE-2020-1472) +- [s0wr0b1ndef/CVE-2020-1472](https://github.com/s0wr0b1ndef/CVE-2020-1472) +- [harshil-shah004/zerologon-CVE-2020-1472](https://github.com/harshil-shah004/zerologon-CVE-2020-1472) +- [k8gege/CVE-2020-1472-EXP](https://github.com/k8gege/CVE-2020-1472-EXP) +- [422926799/CVE-2020-1472](https://github.com/422926799/CVE-2020-1472) +- [scv-m/zabbix-template-CVE-2020-1472](https://github.com/scv-m/zabbix-template-CVE-2020-1472) +- [mstxq17/cve-2020-1472](https://github.com/mstxq17/cve-2020-1472) +- [Fa1c0n35/CVE-2020-1472](https://github.com/Fa1c0n35/CVE-2020-1472) +- [Fa1c0n35/SecuraBV-CVE-2020-1472](https://github.com/Fa1c0n35/SecuraBV-CVE-2020-1472) +- [CanciuCostin/CVE-2020-1472](https://github.com/CanciuCostin/CVE-2020-1472) +- [0xcccc666/cve-2020-1472_Tool-collection](https://github.com/0xcccc666/cve-2020-1472_Tool-collection) +- [murataydemir/CVE-2020-1472](https://github.com/murataydemir/CVE-2020-1472) +- [npocmak/CVE-2020-1472](https://github.com/npocmak/CVE-2020-1472) +- [victim10wq3/CVE-2020-1472](https://github.com/victim10wq3/CVE-2020-1472) - [zeronetworks/zerologon](https://github.com/zeronetworks/zerologon) +- [sv3nbeast/CVE-2020-1472](https://github.com/sv3nbeast/CVE-2020-1472) +- [midpipps/CVE-2020-1472-Easy](https://github.com/midpipps/CVE-2020-1472-Easy) +- [hectorgie/CVE-2020-1472](https://github.com/hectorgie/CVE-2020-1472) +- [johnpathe/zerologon-cve-2020-1472-notes](https://github.com/johnpathe/zerologon-cve-2020-1472-notes) +- [t31m0/CVE-2020-1472](https://github.com/t31m0/CVE-2020-1472) +- [grupooruss/CVE-2020-1472](https://github.com/grupooruss/CVE-2020-1472) +- [striveben/CVE-2020-1472](https://github.com/striveben/CVE-2020-1472) +- [Fa1c0n35/CVE-2020-1472-02-](https://github.com/Fa1c0n35/CVE-2020-1472-02-) - [Whippet0/CVE-2020-1472](https://github.com/Whippet0/CVE-2020-1472) +- [WiIs0n/Zerologon_CVE-2020-1472](https://github.com/WiIs0n/Zerologon_CVE-2020-1472) +- [Privia-Security/ADZero](https://github.com/Privia-Security/ADZero) +- [Ken-Abruzzi/cve-2020-1472](https://github.com/Ken-Abruzzi/cve-2020-1472) +- [rhymeswithmogul/Set-ZerologonMitigation](https://github.com/rhymeswithmogul/Set-ZerologonMitigation) +- [shanfenglan/cve-2020-1472](https://github.com/shanfenglan/cve-2020-1472) - [maikelnight/zerologon](https://github.com/maikelnight/zerologon) +- [CPO-EH/CVE-2020-1472_ZeroLogonChecker](https://github.com/CPO-EH/CVE-2020-1472_ZeroLogonChecker) +- [puckiestyle/CVE-2020-1472](https://github.com/puckiestyle/CVE-2020-1472) +- [mingchen-script/CVE-2020-1472-visualizer](https://github.com/mingchen-script/CVE-2020-1472-visualizer) - [Qazeer/dirkjanm_CVE-2020-1472_static_binaries](https://github.com/Qazeer/dirkjanm_CVE-2020-1472_static_binaries) - [JayP232/The_big_Zero](https://github.com/JayP232/The_big_Zero) - [b1ack0wl/CVE-2020-1472](https://github.com/b1ack0wl/CVE-2020-1472) @@ -1241,6 +1375,14 @@ An elevation of privilege vulnerability exists when an attacker establishes a vu - [hell-moon/ZeroLogon-Exploit](https://github.com/hell-moon/ZeroLogon-Exploit) - [Udyz/Zerologon](https://github.com/Udyz/Zerologon) +### CVE-2020-1493 (2020-08-17) + + +An information disclosure vulnerability exists when attaching files to Outlook messages, aka 'Microsoft Outlook Information Disclosure Vulnerability'. + + +- [0neb1n/CVE-2020-1493](https://github.com/0neb1n/CVE-2020-1493) + ### CVE-2020-1611 (2020-01-15) @@ -1249,6 +1391,14 @@ A Local File Inclusion vulnerability in Juniper Networks Junos Space allows an a - [Ibonok/CVE-2020-1611](https://github.com/Ibonok/CVE-2020-1611) +### CVE-2020-1764 (2020-03-26) + + +A hard-coded cryptographic key vulnerability in the default configuration file was found in Kiali, all versions prior to 1.15.1. A remote attacker could abuse this flaw by creating their own JWT signed tokens and bypass Kiali authentication mechanisms, possibly gaining privileges to view and alter the Istio configuration. + + +- [jpts/cve-2020-1764-poc](https://github.com/jpts/cve-2020-1764-poc) + ### CVE-2020-1937 (2020-02-24) @@ -1284,6 +1434,7 @@ When using the Apache JServ Protocol (AJP), care must be taken when trusting inc - [doggycheng/CNVD-2020-10487](https://github.com/doggycheng/CNVD-2020-10487) - [I-Runtime-Error/CVE-2020-1938](https://github.com/I-Runtime-Error/CVE-2020-1938) - [Umesh2807/Ghostcat](https://github.com/Umesh2807/Ghostcat) +- [MateoSec/ghostcatch](https://github.com/MateoSec/ghostcatch) - [kukudechen-chen/cve-2020-1938](https://github.com/kukudechen-chen/cve-2020-1938) - [YU5Z8X2CvH1fv4ep/CVE-2020-1938-MSF-MODULE](https://github.com/YU5Z8X2CvH1fv4ep/CVE-2020-1938-MSF-MODULE) - [Hancheng-Lei/Hacking-Vulnerability-CVE-2020-1938-Ghostcat](https://github.com/Hancheng-Lei/Hacking-Vulnerability-CVE-2020-1938-Ghostcat) @@ -1307,6 +1458,8 @@ This vulnerability can affect all Dubbo users stay on version 2.7.6 or lower. An - [ctlyz123/CVE-2020-1948](https://github.com/ctlyz123/CVE-2020-1948) +- [txrw/Dubbo-CVE-2020-1948](https://github.com/txrw/Dubbo-CVE-2020-1948) +- [M3g4Byt3/cve-2020-1948-poc](https://github.com/M3g4Byt3/cve-2020-1948-poc) - [L0kiii/Dubbo-deserialization](https://github.com/L0kiii/Dubbo-deserialization) ### CVE-2020-1958 (2020-04-01) @@ -1333,6 +1486,14 @@ The X.509 GeneralName type is a generic type for representing different types of - [MBHudson/CVE-2020-1971](https://github.com/MBHudson/CVE-2020-1971) +### CVE-2020-2034 (2020-07-08) + + +An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be exploited if GlobalProtect portal feature is not enabled. This issue impacts PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; all versions of PAN-OS 8.0 and PAN-OS 7.1. Prisma Access services are not impacted by this vulnerability. + + +- [blackhatethicalhacking/CVE-2020-2034-POC](https://github.com/blackhatethicalhacking/CVE-2020-2034-POC) + ### CVE-2020-2333 - [section-c/CVE-2020-2333](https://github.com/section-c/CVE-2020-2333) @@ -1370,6 +1531,7 @@ Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (compo - [0nise/CVE-2020-2555](https://github.com/0nise/CVE-2020-2555) - [Y4er/CVE-2020-2555](https://github.com/Y4er/CVE-2020-2555) - [Maskhe/cve-2020-2555](https://github.com/Maskhe/cve-2020-2555) +- [Uvemode/CVE-2020-2555](https://github.com/Uvemode/CVE-2020-2555) ### CVE-2020-2655 (2020-01-15) @@ -1388,6 +1550,8 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - [Y4er/CVE-2020-2883](https://github.com/Y4er/CVE-2020-2883) - [MagicZer0/Weblogic_CVE-2020-2883_POC](https://github.com/MagicZer0/Weblogic_CVE-2020-2883_POC) - [ZZZWD/CVE-2020-2883](https://github.com/ZZZWD/CVE-2020-2883) +- [Y4er/WebLogic-Shiro-shell](https://github.com/Y4er/WebLogic-Shiro-shell) +- [FancyDoesSecurity/CVE-2020-2883](https://github.com/FancyDoesSecurity/CVE-2020-2883) - [Al1ex/CVE-2020-2883](https://github.com/Al1ex/CVE-2020-2883) ### CVE-2020-2978 (2020-07-15) @@ -1416,12 +1580,40 @@ A vulnerability in the web server for Cisco IP Phones could allow an unauthentic - [abood05972/CVE-2020-3161](https://github.com/abood05972/CVE-2020-3161) +### CVE-2020-3187 (2020-05-06) + + +A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences. An exploit could allow the attacker to view or delete arbitrary files on the targeted system. When the device is reloaded after exploitation of this vulnerability, any files that were deleted are restored. The attacker can only view and delete files within the web services file system. This file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability can not be used to obtain access to ASA or FTD system files or underlying operating system (OS) files. Reloading the affected device will restore all files within the web services file system. + + +- [pry0cc/CVE-2020-3187](https://github.com/pry0cc/CVE-2020-3187) +- [Ph4nt0m-b/CVE-2020-3187](https://github.com/Ph4nt0m-b/CVE-2020-3187) + +### CVE-2020-3433 (2020-08-17) + + +A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. + + +- [goichot/CVE-2020-3433](https://github.com/goichot/CVE-2020-3433) + ### CVE-2020-3452 (2020-07-22) A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files. +- [XDev05/CVE-2020-3452-PoC](https://github.com/XDev05/CVE-2020-3452-PoC) +- [Loneyers/cve-2020-3452](https://github.com/Loneyers/cve-2020-3452) +- [PR3R00T/CVE-2020-3452-Cisco-Scanner](https://github.com/PR3R00T/CVE-2020-3452-Cisco-Scanner) +- [mr-r3b00t/CVE-2020-3452](https://github.com/mr-r3b00t/CVE-2020-3452) +- [foulenzer/CVE-2020-3452](https://github.com/foulenzer/CVE-2020-3452) +- [Gh0st0ne/http-vuln-cve2020-3452.nse](https://github.com/Gh0st0ne/http-vuln-cve2020-3452.nse) +- [0x5ECF4ULT/CVE-2020-3452](https://github.com/0x5ECF4ULT/CVE-2020-3452) +- [paran0id34/CVE-2020-3452](https://github.com/paran0id34/CVE-2020-3452) +- [murataydemir/CVE-2020-3452](https://github.com/murataydemir/CVE-2020-3452) +- [ludy-dev/Cisco-ASA-LFI](https://github.com/ludy-dev/Cisco-ASA-LFI) +- [3ndG4me/CVE-2020-3452-Exploit](https://github.com/3ndG4me/CVE-2020-3452-Exploit) - [grim3/CVE-2020-3452](https://github.com/grim3/CVE-2020-3452) - [cygenta/CVE-2020-3452](https://github.com/cygenta/CVE-2020-3452) - [darklotuskdb/CISCO-CVE-2020-3452-Scanner-Exploiter](https://github.com/darklotuskdb/CISCO-CVE-2020-3452-Scanner-Exploiter) @@ -1571,6 +1763,7 @@ Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1. - [dead5nd/config-demo](https://github.com/dead5nd/config-demo) - [osamahamad/CVE-2020-5410-POC](https://github.com/osamahamad/CVE-2020-5410-POC) +- [mugisyahid/ki-vuln-cve-2020-5410](https://github.com/mugisyahid/ki-vuln-cve-2020-5410) - [thelostworldFree/SpringCloud-Config-CVE-2020-5410](https://github.com/thelostworldFree/SpringCloud-Config-CVE-2020-5410) ### CVE-2020-5421 (2020-09-18) @@ -1611,9 +1804,66 @@ index.php?sec=godmode/extensions&sec2=extensions/files_repo in Pandora FMS v In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. +- [dwisiswant0/CVE-2020-5902](https://github.com/dwisiswant0/CVE-2020-5902) +- [aqhmal/CVE-2020-5902-Scanner](https://github.com/aqhmal/CVE-2020-5902-Scanner) +- [jas502n/CVE-2020-5902](https://github.com/jas502n/CVE-2020-5902) +- [ar0dd/CVE-2020-5902](https://github.com/ar0dd/CVE-2020-5902) +- [yassineaboukir/CVE-2020-5902](https://github.com/yassineaboukir/CVE-2020-5902) +- [rwincey/CVE-2020-5902-NSE](https://github.com/rwincey/CVE-2020-5902-NSE) +- [Un4gi/CVE-2020-5902](https://github.com/Un4gi/CVE-2020-5902) +- [nsflabs/CVE-2020-5902](https://github.com/nsflabs/CVE-2020-5902) +- [yasserjanah/CVE-2020-5902](https://github.com/yasserjanah/CVE-2020-5902) +- [JSec1337/RCE-CVE-2020-5902](https://github.com/JSec1337/RCE-CVE-2020-5902) +- [dunderhay/CVE-2020-5902](https://github.com/dunderhay/CVE-2020-5902) +- [r0ttenbeef/cve-2020-5902](https://github.com/r0ttenbeef/cve-2020-5902) +- [sv3nbeast/CVE-2020-5902_RCE](https://github.com/sv3nbeast/CVE-2020-5902_RCE) +- [cybersecurityworks553/scanner-CVE-2020-5902](https://github.com/cybersecurityworks553/scanner-CVE-2020-5902) +- [lijiaxing1997/CVE-2020-5902-POC-EXP](https://github.com/lijiaxing1997/CVE-2020-5902-POC-EXP) +- [qlkwej/poc-CVE-2020-5902](https://github.com/qlkwej/poc-CVE-2020-5902) +- [Zinkuth/F5-BIG-IP-CVE-2020-5902](https://github.com/Zinkuth/F5-BIG-IP-CVE-2020-5902) +- [0xAbdullah/CVE-2020-5902](https://github.com/0xAbdullah/CVE-2020-5902) +- [jinnywc/CVE-2020-5902](https://github.com/jinnywc/CVE-2020-5902) +- [GoodiesHQ/F5-Patch](https://github.com/GoodiesHQ/F5-Patch) +- [jiansiting/CVE-2020-5902](https://github.com/jiansiting/CVE-2020-5902) +- [wdlid/CVE-2020-5902-fix](https://github.com/wdlid/CVE-2020-5902-fix) +- [Any3ite/CVE-2020-5902-F5BIG](https://github.com/Any3ite/CVE-2020-5902-F5BIG) +- [k3nundrum/CVE-2020-5902](https://github.com/k3nundrum/CVE-2020-5902) +- [inho28/CVE-2020-5902-F5-BIGIP](https://github.com/inho28/CVE-2020-5902-F5-BIGIP) +- [cristiano-corrado/f5_scanner](https://github.com/cristiano-corrado/f5_scanner) +- [ajdumanhug/CVE-2020-5902](https://github.com/ajdumanhug/CVE-2020-5902) +- [zhzyker/CVE-2020-5902](https://github.com/zhzyker/CVE-2020-5902) +- [GovindPalakkal/EvilRip](https://github.com/GovindPalakkal/EvilRip) +- [dnerzker/CVE-2020-5902](https://github.com/dnerzker/CVE-2020-5902) +- [renanhsilva/checkvulnCVE20205902](https://github.com/renanhsilva/checkvulnCVE20205902) +- [halencarjunior/f5scan](https://github.com/halencarjunior/f5scan) +- [deepsecurity-pe/GoF5-CVE-2020-5902](https://github.com/deepsecurity-pe/GoF5-CVE-2020-5902) +- [Shu1L/CVE-2020-5902-fofa-scan](https://github.com/Shu1L/CVE-2020-5902-fofa-scan) +- [d4rk007/F5-Big-IP-CVE-2020-5902-mass-exploiter](https://github.com/d4rk007/F5-Big-IP-CVE-2020-5902-mass-exploiter) +- [TheCyberViking/CVE-2020-5902-Vuln-Checker](https://github.com/TheCyberViking/CVE-2020-5902-Vuln-Checker) +- [itsjeffersonli/CVE-2020-5902](https://github.com/itsjeffersonli/CVE-2020-5902) +- [MrCl0wnLab/checker-CVE-2020-5902](https://github.com/MrCl0wnLab/checker-CVE-2020-5902) +- [qiong-qi/CVE-2020-5902-POC](https://github.com/qiong-qi/CVE-2020-5902-POC) +- [theLSA/f5-bigip-rce-cve-2020-5902](https://github.com/theLSA/f5-bigip-rce-cve-2020-5902) +- [pwnhacker0x18/CVE-2020-5902-Mass](https://github.com/pwnhacker0x18/CVE-2020-5902-Mass) +- [Al1ex/CVE-2020-5902](https://github.com/Al1ex/CVE-2020-5902) +- [momika233/cve-2020-5902](https://github.com/momika233/cve-2020-5902) +- [rockmelodies/CVE-2020-5902-rce-gui](https://github.com/rockmelodies/CVE-2020-5902-rce-gui) +- [f5devcentral/cve-2020-5902-ioc-bigip-checker](https://github.com/f5devcentral/cve-2020-5902-ioc-bigip-checker) - [corelight/CVE-2020-5902-F5BigIP](https://github.com/corelight/CVE-2020-5902-F5BigIP) +- [PushpenderIndia/CVE-2020-5902-Scanner](https://github.com/PushpenderIndia/CVE-2020-5902-Scanner) +- [murataydemir/CVE-2020-5902](https://github.com/murataydemir/CVE-2020-5902) +- [superzerosec/cve-2020-5902](https://github.com/superzerosec/cve-2020-5902) +- [ludy-dev/BIG-IP-F5-TMUI-RCE-Vulnerability](https://github.com/ludy-dev/BIG-IP-F5-TMUI-RCE-Vulnerability) - [faisalfs10x/F5-BIG-IP-CVE-2020-5902-shodan-scanner](https://github.com/faisalfs10x/F5-BIG-IP-CVE-2020-5902-shodan-scanner) +### CVE-2020-5903 (2020-07-01) + + +In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, a Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. + + +- [ltvthang/CVE-2020-5903](https://github.com/ltvthang/CVE-2020-5903) + ### CVE-2020-6207 (2020-03-10) @@ -1622,6 +1872,26 @@ SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing - [chipik/SAP_EEM_CVE-2020-6207](https://github.com/chipik/SAP_EEM_CVE-2020-6207) +### CVE-2020-6286 (2020-07-14) + + +The insufficient input path validation of certain parameter in the web service of SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to exploit a method to download zip files to a specific directory, leading to Path Traversal. + + +- [murataydemir/CVE-2020-6286](https://github.com/murataydemir/CVE-2020-6286) + +### CVE-2020-6287 (2020-07-14) + + +SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system, leading to Missing Authentication Check. + + +- [chipik/SAP_RECON](https://github.com/chipik/SAP_RECON) +- [duc-nt/CVE-2020-6287-exploit](https://github.com/duc-nt/CVE-2020-6287-exploit) +- [Onapsis/CVE-2020-6287_RECON-scanner](https://github.com/Onapsis/CVE-2020-6287_RECON-scanner) +- [ynsmroztas/CVE-2020-6287-Sap-Add-User](https://github.com/ynsmroztas/CVE-2020-6287-Sap-Add-User) +- [murataydemir/CVE-2020-6287](https://github.com/murataydemir/CVE-2020-6287) + ### CVE-2020-6308 (2020-10-20) @@ -1640,6 +1910,30 @@ Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote at - [ChoKyuWon/CVE-2020-6418](https://github.com/ChoKyuWon/CVE-2020-6418) - [Goyotan/CVE-2020-6418-PoC](https://github.com/Goyotan/CVE-2020-6418-PoC) +### CVE-2020-6468 (2020-05-20) + + +Type confusion in V8 in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + + +- [Goyotan/CVE-2020-6468-PoC](https://github.com/Goyotan/CVE-2020-6468-PoC) + +### CVE-2020-6514 (2020-07-22) + + +Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream. + + +- [cudi1999/CVE-2020-6514](https://github.com/cudi1999/CVE-2020-6514) + +### CVE-2020-6519 (2020-07-22) + + +Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page. + + +- [PerimeterX/CVE-2020-6519](https://github.com/PerimeterX/CVE-2020-6519) + ### CVE-2020-6650 (2020-03-23) @@ -1729,6 +2023,7 @@ Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL I - [secoba/DjVul_StringAgg](https://github.com/secoba/DjVul_StringAgg) - [SNCKER/CVE-2020-7471](https://github.com/SNCKER/CVE-2020-7471) - [Tempuss/CTF_CVE-2020-7471](https://github.com/Tempuss/CTF_CVE-2020-7471) +- [victomteng1997/cve-2020-7471-Time_Blind_SQLi-](https://github.com/victomteng1997/cve-2020-7471-Time_Blind_SQLi-) ### CVE-2020-7473 (2020-05-07) @@ -1746,6 +2041,14 @@ all versions of url-regex are vulnerable to Regular Expression Denial of Service - [niftylettuce/url-regex-safe](https://github.com/niftylettuce/url-regex-safe) +### CVE-2020-7693 (2020-07-09) + + +Incorrect handling of Upgrade header with the value websocket leads in crashing of containers hosting sockjs apps. This affects the package sockjs before 0.3.20. + + +- [andsnw/sockjs-dos-py](https://github.com/andsnw/sockjs-dos-py) + ### CVE-2020-7799 (2020-01-28) @@ -1755,6 +2058,9 @@ An issue was discovered in FusionAuth before 1.11.0. An authenticated user, allo - [Pikaqi/cve-2020-7799](https://github.com/Pikaqi/cve-2020-7799) - [ianxtianxt/CVE-2020-7799](https://github.com/ianxtianxt/CVE-2020-7799) +### CVE-2020-7897 +- [mooneee/cve-2020-7897](https://github.com/mooneee/cve-2020-7897) + ### CVE-2020-7931 (2020-01-23) @@ -1781,6 +2087,7 @@ Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows - [wcxxxxx/CVE-2020-7961](https://github.com/wcxxxxx/CVE-2020-7961) - [thelostworldFree/CVE-2020-7961-payloads](https://github.com/thelostworldFree/CVE-2020-7961-payloads) - [shacojx/LifeRCEJsonWSTool-POC-CVE-2020-7961-Gui](https://github.com/shacojx/LifeRCEJsonWSTool-POC-CVE-2020-7961-Gui) +- [shacojx/GLiferay-CVE-2020-7961-golang](https://github.com/shacojx/GLiferay-CVE-2020-7961-golang) - [shacojx/POC-CVE-2020-7961-Token-iterate](https://github.com/shacojx/POC-CVE-2020-7961-Token-iterate) - [Udyz/CVE-2020-7961-Mass](https://github.com/Udyz/CVE-2020-7961-Mass) - [ShutdownRepo/CVE-2020-7961](https://github.com/ShutdownRepo/CVE-2020-7961) @@ -1824,6 +2131,7 @@ The is a code injection vulnerability in versions of Rails prior to 5.0.1 that w - [lucasallan/CVE-2020-8163](https://github.com/lucasallan/CVE-2020-8163) +- [h4ms1k/CVE-2020-8163](https://github.com/h4ms1k/CVE-2020-8163) ### CVE-2020-8165 (2020-06-19) @@ -1848,6 +2156,18 @@ Uncontrolled resource consumption in `jpeg-js` before 0.4.0 may allow attacker t - [sysollie/get-pixels-updated](https://github.com/sysollie/get-pixels-updated) - [sysollie/save-pixels-updated](https://github.com/sysollie/save-pixels-updated) +### CVE-2020-8193 (2020-07-10) + + +Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints. + + +- [jas502n/CVE-2020-8193](https://github.com/jas502n/CVE-2020-8193) +- [Airboi/Citrix-ADC-RCE-CVE-2020-8193](https://github.com/Airboi/Citrix-ADC-RCE-CVE-2020-8193) +- [Zeop-CyberSec/citrix_adc_netscaler_lfi](https://github.com/Zeop-CyberSec/citrix_adc_netscaler_lfi) +- [PR3R00T/CVE-2020-8193-Citrix-Scanner](https://github.com/PR3R00T/CVE-2020-8193-Citrix-Scanner) +- [ctlyz123/CVE-2020-8193](https://github.com/ctlyz123/CVE-2020-8193) + ### CVE-2020-8209 (2020-08-17) @@ -1856,6 +2176,22 @@ Improper access control in Citrix XenMobile Server 10.12 before RP2, Citrix XenM - [B1anda0/CVE-2020-8209](https://github.com/B1anda0/CVE-2020-8209) +### CVE-2020-8218 (2020-07-30) + + +A code injection vulnerability exists in Pulse Connect Secure <9.1R8 that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface. + + +- [withdk/pulse-gosecure-rce-poc](https://github.com/withdk/pulse-gosecure-rce-poc) + +### CVE-2020-8241 (2020-10-28) + + +A vulnerability in the Pulse Secure Desktop Client < 9.1R9 could allow the attacker to perform a MITM Attack if end users are convinced to connect to a malicious server. + + +- [withdk/pulse-secure-vpn-mitm-research](https://github.com/withdk/pulse-secure-vpn-mitm-research) + ### CVE-2020-8277 (2020-11-18) @@ -1899,6 +2235,14 @@ The Code Snippets plugin before 2.14.0 for WordPress allows CSRF because of the - [Rapidsafeguard/codesnippets_CVE-2020-8417](https://github.com/Rapidsafeguard/codesnippets_CVE-2020-8417) - [Vulnmachines/WordPress_CVE-2020-8417](https://github.com/Vulnmachines/WordPress_CVE-2020-8417) +### CVE-2020-8437 (2020-03-02) + + +The bencoding parser in BitTorrent uTorrent through 3.5.5 (build 45505) misparses nested bencoded dictionaries, which allows a remote attacker to cause a denial of service. + + +- [guywhataguy/uTorrent-CVE-2020-8437](https://github.com/guywhataguy/uTorrent-CVE-2020-8437) + ### CVE-2020-8515 (2020-02-01) @@ -1919,6 +2263,24 @@ Kubernetes API server in all versions allow an attacker who is able to create a - [Dviejopomata/CVE-2020-8554](https://github.com/Dviejopomata/CVE-2020-8554) - [alebedev87/gatekeeper-cve-2020-8554](https://github.com/alebedev87/gatekeeper-cve-2020-8554) +### CVE-2020-8558 (2020-07-27) + + +The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally thought to be reachable only by other processes on the same host, but due to this defeect, could be reachable by other hosts on the same LAN as the node, or by containers running on the same node as the service. + + +- [tabbysable/POC-2020-8558](https://github.com/tabbysable/POC-2020-8558) +- [rhysemmas/martian-packets](https://github.com/rhysemmas/martian-packets) + +### CVE-2020-8559 (2020-07-22) + + +The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise. + + +- [tabbysable/POC-2020-8559](https://github.com/tabbysable/POC-2020-8559) +- [tdwyer/CVE-2020-8559](https://github.com/tdwyer/CVE-2020-8559) + ### CVE-2020-8597 (2020-02-03) @@ -1979,6 +2341,8 @@ Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged das - [AndreyRainchik/CVE-2020-8816](https://github.com/AndreyRainchik/CVE-2020-8816) - [MartinSohn/CVE-2020-8816](https://github.com/MartinSohn/CVE-2020-8816) +- [cybervaca/CVE-2020-8816](https://github.com/cybervaca/CVE-2020-8816) +- [team0se7en/CVE-2020-8816](https://github.com/team0se7en/CVE-2020-8816) ### CVE-2020-8825 (2020-02-10) @@ -1995,7 +2359,9 @@ In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) di - [Prabhashaka/IT19147192-CVE-2020-8835](https://github.com/Prabhashaka/IT19147192-CVE-2020-8835) +- [snappyJack/Rick_write_exp_CVE-2020-8835](https://github.com/snappyJack/Rick_write_exp_CVE-2020-8835) - [ret2hell/CVE-2020-8835](https://github.com/ret2hell/CVE-2020-8835) +- [SplendidSky/CVE-2020-8835](https://github.com/SplendidSky/CVE-2020-8835) ### CVE-2020-8840 (2020-02-10) @@ -2022,6 +2388,22 @@ The AUEPLauncher service in Radeon AMD User Experience Program Launcher through - [sailay1996/amd_eop_poc](https://github.com/sailay1996/amd_eop_poc) +### CVE-2020-8958 (2020-07-15) + + +Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Address field. + + +- [qurbat/gpon](https://github.com/qurbat/gpon) + +### CVE-2020-9006 (2020-02-17) + + +The Popup Builder plugin 2.2.8 through 2.6.7.6 for WordPress is vulnerable to SQL injection (in the sgImportPopups function in sg_popup_ajax.php) via PHP Deserialization on attacker-controlled data with the attachmentUrl POST variable. This allows creation of an arbitrary WordPress Administrator account, leading to possible Remote Code Execution because Administrators can run PHP code on Wordpress instances. (This issue has been fixed in the 3.x branch of popup-builder.) + + +- [tz4678/cve-2020-9006](https://github.com/tz4678/cve-2020-9006) + ### CVE-2020-9008 (2020-02-25) @@ -2038,6 +2420,14 @@ Joplin through 1.0.184 allows Arbitrary File Read via XSS. - [JavierOlmedo/CVE-2020-9038](https://github.com/JavierOlmedo/CVE-2020-9038) +### CVE-2020-9047 (2020-06-26) + + +A vulnerability exists that could allow the execution of unauthorized code or operating system commands on systems running exacqVision Web Service versions 20.06.3.0 and prior and exacqVision Enterprise Manager versions 20.06.4.0 and prior. An attacker with administrative privileges could potentially download and run a malicious executable that could allow OS command injection on the system. + + +- [norrismw/CVE-2020-9047](https://github.com/norrismw/CVE-2020-9047) + ### CVE-2020-9273 (2020-02-20) @@ -2070,6 +2460,14 @@ TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows remote attac - [thewhiteh4t/cve-2020-9375](https://github.com/thewhiteh4t/cve-2020-9375) +### CVE-2020-9376 (2020-07-09) + + +** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-610 devices allow Information Disclosure via SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1 to getcfg.php. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. + + +- [renatoalencar/dlink-dir610-exploits](https://github.com/renatoalencar/dlink-dir610-exploits) + ### CVE-2020-9380 (2020-03-05) @@ -2130,6 +2528,7 @@ When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8. - [qerogram/CVE-2020-9484](https://github.com/qerogram/CVE-2020-9484) - [osamahamad/CVE-2020-9484-Mass-Scan](https://github.com/osamahamad/CVE-2020-9484-Mass-Scan) - [DeviantSec/CVE-2020-9484-Scanner](https://github.com/DeviantSec/CVE-2020-9484-Scanner) +- [anjai94/CVE-2020-9484-exploit](https://github.com/anjai94/CVE-2020-9484-exploit) - [PenTestical/CVE-2020-9484](https://github.com/PenTestical/CVE-2020-9484) - [X-x-X-0/-CVE-2020-9484-](https://github.com/X-x-X-0/-CVE-2020-9484-) - [X-x-X-0/-CVE-2020-9484](https://github.com/X-x-X-0/-CVE-2020-9484) @@ -2137,12 +2536,21 @@ When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8. - [VICXOR/CVE-2020-9484](https://github.com/VICXOR/CVE-2020-9484) - [DXY0411/CVE-2020-9484](https://github.com/DXY0411/CVE-2020-9484) +### CVE-2020-9495 (2020-06-19) + + +Apache Archiva login service before 2.2.5 is vulnerable to LDAP injection. A attacker is able to retrieve user attribute data from the connected LDAP server by providing special values to the login form. With certain characters it is possible to modify the LDAP filter used to query the LDAP users. By measuring the response time for the login request, arbitrary attribute data can be retrieved from LDAP user objects. + + +- [ggolawski/CVE-2020-9495](https://github.com/ggolawski/CVE-2020-9495) + ### CVE-2020-9496 (2020-07-15) XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03 +- [dwisiswant0/CVE-2020-9496](https://github.com/dwisiswant0/CVE-2020-9496) - [Vulnmachines/apache-ofbiz-CVE-2020-9496](https://github.com/Vulnmachines/apache-ofbiz-CVE-2020-9496) ### CVE-2020-9547 (2020-03-01) @@ -2169,6 +2577,22 @@ An issue was discovered in chat.php in LiveZilla Live Chat 8.0.1.3 (Helpdesk). A - [ari034/CVE-2020-9758](https://github.com/ari034/CVE-2020-9758) +### CVE-2020-9767 (2020-08-14) + + +A vulnerability related to Dynamic-link Library (“DLL”) loading in the Zoom Sharing Service would allow an attacker who had local access to a machine on which the service was running with elevated privileges to elevate their system privileges as well through use of a malicious DLL. Zoom addressed this issue, which only applies to Windows users, in the 5.0.4 client release. + + +- [shubham0d/Zoom-dll-hijacking](https://github.com/shubham0d/Zoom-dll-hijacking) + +### CVE-2020-9768 (2020-04-01) + + +A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2. An application may be able to execute arbitrary code with system privileges. + + +- [XorgX304/CVE-2020-9768](https://github.com/XorgX304/CVE-2020-9768) + ### CVE-2020-9781 (2020-04-01) @@ -2185,6 +2609,22 @@ A logic issue was addressed with improved state management. This issue is fixed - [Wowfunhappy/Fix-Apple-Mail-CVE-2020-9922](https://github.com/Wowfunhappy/Fix-Apple-Mail-CVE-2020-9922) +### CVE-2020-9934 (2020-10-16) + + +An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A local user may be able to view sensitive user information. + + +- [mattshockl/CVE-2020-9934](https://github.com/mattshockl/CVE-2020-9934) + +### CVE-2020-9992 (2020-10-16) + + +This issue was addressed by encrypting communications over the network to devices running iOS 14, iPadOS 14, tvOS 14, and watchOS 7. This issue is fixed in iOS 14.0 and iPadOS 14.0, Xcode 12.0. An attacker in a privileged network position may be able to execute arbitrary code on a paired device during a debug session over the network. + + +- [c0ntextomy/c0ntextomy](https://github.com/c0ntextomy/c0ntextomy) + ### CVE-2020-10135 (2020-05-19) @@ -2231,6 +2671,9 @@ Sonatype Nexus Repository before 3.21.2 allows Remote Code Execution. - [zhzyker/CVE-2020-10204](https://github.com/zhzyker/CVE-2020-10204) +### CVE-2020-10205 +- [5l1v3r1/CVE-2020-10205](https://github.com/5l1v3r1/CVE-2020-10205) + ### CVE-2020-10238 (2020-03-16) @@ -2289,6 +2732,14 @@ FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction betwee - [0nise/CVE-2020-10673](https://github.com/0nise/CVE-2020-10673) - [Al1ex/CVE-2020-10673](https://github.com/Al1ex/CVE-2020-10673) +### CVE-2020-10713 (2020-07-30) + + +A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access to the system such as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a networked system with root access. With this access, an attacker could then craft a string to cause a buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. + + +- [eclypsium/BootHole](https://github.com/eclypsium/BootHole) + ### CVE-2020-10749 (2020-06-03) @@ -2487,6 +2938,14 @@ An issue was discovered in Joomla! before 3.9.17. Improper input validations in - [HoangKien1020/CVE-2020-11890](https://github.com/HoangKien1020/CVE-2020-11890) +### CVE-2020-11896 (2020-06-17) + + +The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling. + + +- [Fans0n-Fan/Treck20-Related](https://github.com/Fans0n-Fan/Treck20-Related) + ### CVE-2020-11932 (2020-05-12) @@ -2505,6 +2964,14 @@ Apache Unomi allows conditions to use OGNL scripting which offers the possibilit - [1135/unomi_exploit](https://github.com/1135/unomi_exploit) +### CVE-2020-11989 (2020-06-22) + + +Apache Shiro before 1.5.3, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass. + + +- [HYWZ36/HYWZ36-CVE-2020-11989-code](https://github.com/HYWZ36/HYWZ36-CVE-2020-11989-code) + ### CVE-2020-11990 (2020-12-01) @@ -2513,6 +2980,14 @@ We have resolved a security issue in the camera plugin that could have affected - [forse01/CVE-2020-11990-Cordova](https://github.com/forse01/CVE-2020-11990-Cordova) +### CVE-2020-11996 (2020-06-26) + + +A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive. + + +- [rusakovichma/tomcat-embed-core-9.0.31-CVE-2020-11996](https://github.com/rusakovichma/tomcat-embed-core-9.0.31-CVE-2020-11996) + ### CVE-2020-12078 (2020-04-28) @@ -2554,6 +3029,14 @@ Improper input validation in BlueZ may allow an unauthenticated user to potentia - [naren-jayram/Linux-Heap-Based-Type-Confusion-in-L2CAP](https://github.com/naren-jayram/Linux-Heap-Based-Type-Confusion-in-L2CAP) +### CVE-2020-12432 (2020-07-21) + + +The WOPI API integration for Vereign Collabora CODE through 4.2.2 does not properly restrict delivery of JavaScript to a victim's browser, and lacks proper MIME type access control, which could lead to XSS that steals account credentials via cookies or local storage. The attacker must first obtain an API access token, which can be accomplished if the attacker is able to upload a .docx or .odt file. The associated API endpoints for exploitation are /wopi/files and /wopi/getAccessToken. + + +- [d7x/CVE-2020-12432](https://github.com/d7x/CVE-2020-12432) + ### CVE-2020-12629 (2020-05-04) @@ -2654,6 +3137,22 @@ A vulnerability in a dynamically loaded AMD driver in AMD Ryzen Master V15 may a - [ekknod/EC_PRO-LAN](https://github.com/ekknod/EC_PRO-LAN) +### CVE-2020-13094 (2020-05-18) + + +Dolibarr before 11.0.4 allows XSS. + + +- [mkelepce/CVE-2020-13094](https://github.com/mkelepce/CVE-2020-13094) + +### CVE-2020-13151 (2020-08-05) + + +Aerospike Community Edition 4.9.0.5 allows for unauthenticated submission and execution of user-defined functions (UDFs), written in Lua, as part of a database query. It attempts to restrict code execution by disabling os.execute() calls, but this is insufficient. Anyone with network access can use a crafted UDF to execute arbitrary OS commands on all nodes of the cluster at the permission level of the user running the Aerospike service. + + +- [b4ny4n/CVE-2020-13151](https://github.com/b4ny4n/CVE-2020-13151) + ### CVE-2020-13158 (2020-06-22) @@ -2670,6 +3169,14 @@ Artica Proxy before 4.30.000000 Community Edition allows OS command injection vi - [InfoSec4Fun/CVE-2020-13159](https://github.com/InfoSec4Fun/CVE-2020-13159) +### CVE-2020-13162 (2020-06-16) + + +A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client versions prior to 9.1.6 down to 5.3 R70 for Windows (which runs as NT AUTHORITY/SYSTEM) allows unprivileged users to run a Microsoft Installer executable with elevated privileges. + + +- [redtimmy/tu-TOCTOU-kaiu-TOCMEU-CVE-2020-13162-](https://github.com/redtimmy/tu-TOCTOU-kaiu-TOCMEU-CVE-2020-13162-) + ### CVE-2020-13254 (2020-06-03) @@ -2678,6 +3185,14 @@ An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cas - [danpalmer/django-cve-2020-13254](https://github.com/danpalmer/django-cve-2020-13254) +### CVE-2020-13259 (2020-09-16) + + +A vulnerability in the web-based management interface of RAD SecFlow-1v os-image SF_0290_2.3.01.26 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user. This could be exploited in conjunction with CVE-2020-13260. + + +- [UrielYochpaz/CVE-2020-13259](https://github.com/UrielYochpaz/CVE-2020-13259) + ### CVE-2020-13277 (2020-06-19) @@ -2694,9 +3209,25 @@ An issue was discovered in Docker Engine before 19.03.11. An attacker in a conta - [mmzaeimi/Docker-Container-CVE-2020-13401](https://github.com/mmzaeimi/Docker-Container-CVE-2020-13401) +### CVE-2020-13424 (2020-05-23) + + +The XCloner component before 3.5.4 for Joomla! allows Authenticated Local File Disclosure. + + +- [mkelepce/CVE-2020-13424](https://github.com/mkelepce/CVE-2020-13424) + ### CVE-2020-13457 - [alt3kx/CVE-2020-13457](https://github.com/alt3kx/CVE-2020-13457) +### CVE-2020-13640 (2020-06-18) + + +A SQL injection issue in the gVectors wpDiscuz plugin 5.3.5 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the order parameter of a wpdLoadMoreComments request. (No 7.x versions are affected.) + + +- [asterite3/CVE-2020-13640](https://github.com/asterite3/CVE-2020-13640) + ### CVE-2020-13777 (2020-06-04) @@ -2739,6 +3270,31 @@ showAlert() in the administration panel in Bludit 3.12.0 allows XSS. - [gh0st56/CVE-2020-13889](https://github.com/gh0st56/CVE-2020-13889) +### CVE-2020-13925 (2020-07-14) + + +Similar to CVE-2020-1956, Kylin has one more restful API which concatenates the API inputs into OS commands and then executes them on the server; while the reported API misses necessary input validation, which causes the hackers to have the possibility to execute OS command remotely. Users of all previous versions after 2.3 should upgrade to 3.1.0. + + +- [bit4woo/CVE-2020-13925](https://github.com/bit4woo/CVE-2020-13925) + +### CVE-2020-13933 (2020-08-17) + + +Apache Shiro before 1.6.0, when using Apache Shiro, a specially crafted HTTP request may cause an authentication bypass. + + +- [lyy289065406/CVE-2020-13933](https://github.com/lyy289065406/CVE-2020-13933) +- [0xkami/cve-2020-13933](https://github.com/0xkami/cve-2020-13933) + +### CVE-2020-13935 (2020-07-14) + + +The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service. + + +- [RedTeamPentesting/CVE-2020-13935](https://github.com/RedTeamPentesting/CVE-2020-13935) + ### CVE-2020-13937 (2020-10-19) @@ -2761,6 +3317,14 @@ It is possible to inject malicious OGNL or MVEL scripts into the /context.json p - [yaunsky/Unomi-CVE-2020-13942](https://github.com/yaunsky/Unomi-CVE-2020-13942) - [hoanx4/apche_unomi_rce](https://github.com/hoanx4/apche_unomi_rce) +### CVE-2020-13996 (2020-06-09) + + +The J2Store plugin before 3.3.13 for Joomla! allows a SQL injection attack by a trusted store manager. + + +- [mkelepce/CVE-2020-13996](https://github.com/mkelepce/CVE-2020-13996) + ### CVE-2020-14064 (2020-07-15) @@ -2768,6 +3332,7 @@ IceWarp Email Server 12.3.0.1 has Incorrect Access Control for user accounts. - [networksecure/CVE-2020-14064](https://github.com/networksecure/CVE-2020-14064) +- [masoud-zivari/CVE-2020-14064](https://github.com/masoud-zivari/CVE-2020-14064) ### CVE-2020-14065 (2020-07-15) @@ -2776,6 +3341,7 @@ IceWarp Email Server 12.3.0.1 allows remote attackers to upload files and consum - [networksecure/CVE-2020-14065](https://github.com/networksecure/CVE-2020-14065) +- [masoud-zivari/CVE-2020-14065](https://github.com/masoud-zivari/CVE-2020-14065) ### CVE-2020-14066 (2020-07-15) @@ -2784,6 +3350,7 @@ IceWarp Email Server 12.3.0.1 allows remote attackers to upload JavaScript files - [networksecure/CVE-2020-14066](https://github.com/networksecure/CVE-2020-14066) +- [masoud-zivari/CVE-2020-14066](https://github.com/masoud-zivari/CVE-2020-14066) ### CVE-2020-14179 (2020-09-20) @@ -2799,6 +3366,7 @@ Affected versions of Atlassian Jira Server and Data Center allow remote, unauthe Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the /ViewUserHover.jspa endpoint. The affected versions are before version 7.13.6, from version 8.0.0 before 8.5.7, and from version 8.6.0 before 8.12.0. +- [Rival420/CVE-2020-14181](https://github.com/Rival420/CVE-2020-14181) - [bk-rao/CVE-2020-14181](https://github.com/bk-rao/CVE-2020-14181) ### CVE-2020-14195 (2020-06-16) @@ -2809,6 +3377,14 @@ FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction betwee - [Al1ex/CVE-2020-14195](https://github.com/Al1ex/CVE-2020-14195) +### CVE-2020-14199 (2020-06-16) + + +BIP-143 in the Bitcoin protocol specification mishandles the signing of a Segwit transaction, which allows attackers to trick a user into making two signatures in certain cases, potentially leading to a huge transaction fee. NOTE: this affects all hardware wallets. It was fixed in 1.9.1 for the Trezor One and 2.3.1 for the Trezor Model T. + + +- [nondejus/CVE-2020-14199](https://github.com/nondejus/CVE-2020-14199) + ### CVE-2020-14210 (2020-06-16) @@ -2817,6 +3393,33 @@ Reflected Cross-Site Scripting (XSS) vulnerability in MONITORAPP WAF in which sc - [monitorapp-aicc/report](https://github.com/monitorapp-aicc/report) +### CVE-2020-14292 (2020-09-09) + + +In the COVIDSafe application through 1.0.21 for Android, unsafe use of the Bluetooth transport option in the GATT connection allows attackers to trick the application into establishing a connection over Bluetooth BR/EDR transport, which reveals the public Bluetooth address of the victim's phone without authorisation, bypassing the Bluetooth address randomisation protection in the user's phone. + + +- [alwentiu/CVE-2020-14292](https://github.com/alwentiu/CVE-2020-14292) + +### CVE-2020-14293 (2020-10-02) + + +conf_datetime in Secudos DOMOS 5.8 allows remote attackers to execute arbitrary commands as root via shell metacharacters in the zone field (obtained from the web interface). + + +- [patrickhener/CVE-2020-14293](https://github.com/patrickhener/CVE-2020-14293) + +### CVE-2020-14294 (2020-10-02) + + +An issue was discovered in Secudos Qiata FTA 1.70.19. The comment feature allows persistent XSS that is executed when reading transfer comments or the global notice board. + + +- [patrickhener/CVE-2020-14294](https://github.com/patrickhener/CVE-2020-14294) + +### CVE-2020-14321 +- [HoangKien1020/CVE-2020-14321](https://github.com/HoangKien1020/CVE-2020-14321) + ### CVE-2020-14368 (2020-12-14) @@ -2825,12 +3428,31 @@ A flaw was found in Eclipse Che in versions prior to 7.14.0 that impacts CodeRea - [codingchili/CVE-2020-14368](https://github.com/codingchili/CVE-2020-14368) +### CVE-2020-14386 (2020-09-16) + + +A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity. + + +- [cgwalters/cve-2020-14386](https://github.com/cgwalters/cve-2020-14386) + +### CVE-2020-14644 (2020-07-15) + + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [0xkami/cve-2020-14644](https://github.com/0xkami/cve-2020-14644) + ### CVE-2020-14645 (2020-07-15) Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). +- [Y4er/CVE-2020-14645](https://github.com/Y4er/CVE-2020-14645) +- [DaBoQuan/CVE-2020-14645](https://github.com/DaBoQuan/CVE-2020-14645) +- [ChenZIDu/CVE-2020-14645](https://github.com/ChenZIDu/CVE-2020-14645) - [HYWZ36/CVE-2020-14645-code](https://github.com/HYWZ36/CVE-2020-14645-code) - [Schira4396/CVE-2020-14645](https://github.com/Schira4396/CVE-2020-14645) @@ -2860,9 +3482,18 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - [zhzyker/exphub](https://github.com/zhzyker/exphub) - [jas502n/CVE-2020-14882](https://github.com/jas502n/CVE-2020-14882) +- [s1kr10s/CVE-2020-14882](https://github.com/s1kr10s/CVE-2020-14882) - [Umarovm/-Patched-McMaster-University-Blind-Command-Injection](https://github.com/Umarovm/-Patched-McMaster-University-Blind-Command-Injection) +- [RedTeamWing/CVE-2020-14882](https://github.com/RedTeamWing/CVE-2020-14882) +- [0thm4n3/cve-2020-14882](https://github.com/0thm4n3/cve-2020-14882) +- [wsfengfan/cve-2020-14882](https://github.com/wsfengfan/cve-2020-14882) +- [alexfrancow/CVE-2020-14882](https://github.com/alexfrancow/CVE-2020-14882) - [GGyao/CVE-2020-14882_POC](https://github.com/GGyao/CVE-2020-14882_POC) +- [ludy-dev/Weblogic_Unauthorized-bypass-RCE](https://github.com/ludy-dev/Weblogic_Unauthorized-bypass-RCE) - [GGyao/CVE-2020-14882_ALL](https://github.com/GGyao/CVE-2020-14882_ALL) +- [ovProphet/CVE-2020-14882-checker](https://github.com/ovProphet/CVE-2020-14882-checker) +- [NS-Sp4ce/CVE-2020-14882](https://github.com/NS-Sp4ce/CVE-2020-14882) +- [mmioimm/cve-2020-14882](https://github.com/mmioimm/cve-2020-14882) - [QmF0c3UK/CVE-2020-14882](https://github.com/QmF0c3UK/CVE-2020-14882) - [murataydemir/CVE-2020-14882](https://github.com/murataydemir/CVE-2020-14882) - [AirEvan/CVE-2020-14882-GUI-Test](https://github.com/AirEvan/CVE-2020-14882-GUI-Test) @@ -2888,6 +3519,22 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware - [Osyanina/westone-CVE-2020-14883-scanner](https://github.com/Osyanina/westone-CVE-2020-14883-scanner) - [Yang0615777/PocList](https://github.com/Yang0615777/PocList) +### CVE-2020-14947 (2020-06-30) + + +OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require/commandLine/CommandLine.php because mib_file in plugins/main_sections/ms_config/ms_snmp_config.php is mishandled in get_mib_oid. + + +- [mhaskar/CVE-2020-14947](https://github.com/mhaskar/CVE-2020-14947) + +### CVE-2020-14955 (2020-06-26) + + +In Jiangmin Antivirus 16.0.13.129, the driver file (KVFG.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220440. + + +- [intrigus-lgtm/CVE-2020-14955](https://github.com/intrigus-lgtm/CVE-2020-14955) + ### CVE-2020-14965 (2020-06-23) @@ -2905,12 +3552,55 @@ OX App Suite through 7.10.3 allows SSRF via the the /ajax/messaging/message mess - [skr0x1c0/Blind-SSRF-CVE-2020-15002](https://github.com/skr0x1c0/Blind-SSRF-CVE-2020-15002) - [skr0x1c0/SSRF-CVE-2020-15002](https://github.com/skr0x1c0/SSRF-CVE-2020-15002) +### CVE-2020-15051 (2020-07-15) + + +An issue was discovered in Artica Proxy before 4.30.000000. Stored XSS exists via the Server Domain Name, Your Email Address, Group Name, MYSQL Server, Database, MYSQL Username, Group Name, and Task Description fields. + + +- [pratikshad19/CVE-2020-15051](https://github.com/pratikshad19/CVE-2020-15051) + +### CVE-2020-15052 (2020-07-20) + + +An issue was discovered in Artica Proxy CE before 4.28.030.418. SQL Injection exists via the Netmask, Hostname, and Alias fields. + + +- [pratikshad19/CVE-2020-15052](https://github.com/pratikshad19/CVE-2020-15052) + +### CVE-2020-15053 (2020-07-20) + + +An issue was discovered in Artica Proxy CE before 4.28.030.418. Reflected XSS exists via these search fields: real time request, System Events, Proxy Events, Proxy Objects, and Firewall objects. + + +- [pratikshad19/CVE-2020-15053](https://github.com/pratikshad19/CVE-2020-15053) + +### CVE-2020-15148 (2020-09-15) + + +Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote code execution if the application calls `unserialize()` on arbitrary user input. This is fixed in version 2.0.38. A possible workaround without upgrading is available in the linked advisory. + + +- [Maskhe/CVE-2020-15148-bypasses](https://github.com/Maskhe/CVE-2020-15148-bypasses) +- [0xkami/cve-2020-15148](https://github.com/0xkami/cve-2020-15148) + +### CVE-2020-15169 (2020-09-11) + + +In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting (XSS) vulnerability in Action View's translation helpers. Views that allow the user to control the default (not found) value of the `t` and `translate` helpers could be susceptible to XSS attacks. When an HTML-unsafe string is passed as the default for a missing translation key named html or ending in _html, the default string is incorrectly marked as HTML-safe and not escaped. This is patched in versions 6.0.3.3 and 5.2.4.4. A workaround without upgrading is proposed in the source advisory. + + +- [glasses618/CVE-2020-15169](https://github.com/glasses618/CVE-2020-15169) + ### CVE-2020-15227 (2020-10-01) Nette versions before 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16, 3.0.6 are vulnerable to an code injection attack by passing specially formed parameters to URL that may possibly leading to RCE. Nette is a PHP/Composer MVC Framework. +- [Langriklol/CVE-2020-15227](https://github.com/Langriklol/CVE-2020-15227) +- [hu4wufu/CVE-2020-15227](https://github.com/hu4wufu/CVE-2020-15227) - [filipsedivy/CVE-2020-15227](https://github.com/filipsedivy/CVE-2020-15227) - [VottusCode/cve-2020-15227](https://github.com/VottusCode/cve-2020-15227) @@ -2954,6 +3644,17 @@ A user enumeration vulnerability flaw was found in Venki Supravizio BPM 10.1.2. - [inflixim4be/CVE-2020-15392](https://github.com/inflixim4be/CVE-2020-15392) +### CVE-2020-15399 +- [mkelepce/CVE-2020-15399](https://github.com/mkelepce/CVE-2020-15399) + +### CVE-2020-15492 (2020-07-23) + + +An issue was discovered in INNEO Startup TOOLS 2017 M021 12.0.66.3784 through 2018 M040 13.0.70.3804. The sut_srv.exe web application (served on TCP port 85) includes user input into a filesystem access without any further validation. This might allow an unauthenticated attacker to read files on the server via Directory Traversal, or possibly have unspecified other impact. + + +- [patrickhener/CVE-2020-15492](https://github.com/patrickhener/CVE-2020-15492) + ### CVE-2020-15778 (2020-07-24) @@ -2962,6 +3663,22 @@ scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote func - [cpandya2909/CVE-2020-15778](https://github.com/cpandya2909/CVE-2020-15778) +### CVE-2020-15873 (2020-07-21) + + +In LibreNMS before 1.65.1, an authenticated attacker can achieve SQL Injection via the customoid.inc.php device_id POST parameter to ajax_form.php. + + +- [limerencee/cs4239-cve-2020-15873](https://github.com/limerencee/cs4239-cve-2020-15873) + +### CVE-2020-15906 (2020-10-22) + + +tiki-login.php in Tiki before 21.2 sets the admin password to a blank value after 50 invalid login attempts. + + +- [S1lkys/CVE-2020-15906](https://github.com/S1lkys/CVE-2020-15906) + ### CVE-2020-15931 (2020-10-20) @@ -2970,6 +3687,14 @@ Netwrix Account Lockout Examiner before 5.1 allows remote attackers to capture t - [optiv/CVE-2020-15931](https://github.com/optiv/CVE-2020-15931) +### CVE-2020-15956 (2020-08-04) + + +ActiveMediaServer.exe in ACTi NVR3 Standard Server 3.0.12.42 allows remote unauthenticated attackers to trigger a buffer overflow and application termination via a malformed payload. + + +- [megamagnus/cve-2020-15956](https://github.com/megamagnus/cve-2020-15956) + ### CVE-2020-15999 (2020-11-02) @@ -2996,12 +3721,70 @@ An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ub - [zev3n/Ubuntu-Gnome-privilege-escalation](https://github.com/zev3n/Ubuntu-Gnome-privilege-escalation) +### CVE-2020-16152 +- [eriknl/CVE-2020-16152](https://github.com/eriknl/CVE-2020-16152) + +### CVE-2020-16270 (2020-10-16) + + +OLIMPOKS under 3.3.39 allows Auth/Admin ErrorMessage XSS. Remote Attacker can use discovered vulnerability to inject malicious JavaScript payload to victim’s browsers in context of vulnerable applications. Executed code can be used to steal administrator’s cookies, influence HTML content of targeted application and perform phishing-related attacks. Vulnerable application used in more than 3000 organizations in different sectors from retail to industries. + + +- [Security-AVS/CVE-2020-16270](https://github.com/Security-AVS/CVE-2020-16270) + +### CVE-2020-16898 (2020-10-16) + + +A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets, aka 'Windows TCP/IP Remote Code Execution Vulnerability'. + + +- [advanced-threat-research/CVE-2020-16898](https://github.com/advanced-threat-research/CVE-2020-16898) +- [corelight/CVE-2020-16898](https://github.com/corelight/CVE-2020-16898) +- [Maliek/CVE-2020-16898_Check](https://github.com/Maliek/CVE-2020-16898_Check) +- [ZephrFish/CVE-2020-16898](https://github.com/ZephrFish/CVE-2020-16898) +- [esnet-security/cve-2020-16898](https://github.com/esnet-security/cve-2020-16898) +- [initconf/CVE-2020-16898-Bad-Neighbor](https://github.com/initconf/CVE-2020-16898-Bad-Neighbor) +- [Q1984/CVE-2020-16898](https://github.com/Q1984/CVE-2020-16898) +- [0xeb-bp/cve-2020-16898](https://github.com/0xeb-bp/cve-2020-16898) +- [jiansiting/cve-2020-16898](https://github.com/jiansiting/cve-2020-16898) +- [CPO-EH/CVE-2020-16898_Workaround](https://github.com/CPO-EH/CVE-2020-16898_Workaround) +- [CPO-EH/CVE-2020-16898_Checker](https://github.com/CPO-EH/CVE-2020-16898_Checker) +- [momika233/CVE-2020-16898-exp](https://github.com/momika233/CVE-2020-16898-exp) +- [komomon/CVE-2020-16898-EXP-POC](https://github.com/komomon/CVE-2020-16898-EXP-POC) +- [komomon/CVE-2020-16898--EXP-POC](https://github.com/komomon/CVE-2020-16898--EXP-POC) + +### CVE-2020-16899 (2020-10-16) + + +A denial of service vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets, aka 'Windows TCP/IP Denial of Service Vulnerability'. + + +- [advanced-threat-research/CVE-2020-16899](https://github.com/advanced-threat-research/CVE-2020-16899) +- [bkerler/CVE-2020-16899](https://github.com/bkerler/CVE-2020-16899) + +### CVE-2020-16938 (2020-10-16) + + +An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-16901. + + +- [ioncodes/CVE-2020-16938](https://github.com/ioncodes/CVE-2020-16938) + +### CVE-2020-16939 (2020-10-16) + + +An elevation of privilege vulnerability exists when Group Policy improperly checks access, aka 'Group Policy Elevation of Privilege Vulnerability'. + + +- [rogue-kdc/CVE-2020-16939](https://github.com/rogue-kdc/CVE-2020-16939) + ### CVE-2020-16947 (2020-10-16) A remote code execution vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory, aka 'Microsoft Outlook Remote Code Execution Vulnerability'. +- [0neb1n/CVE-2020-16947](https://github.com/0neb1n/CVE-2020-16947) - [MasterSploit/CVE-2020-16947](https://github.com/MasterSploit/CVE-2020-16947) ### CVE-2020-17008 @@ -3050,6 +3833,14 @@ Microsoft Exchange Remote Code Execution Vulnerability This CVE ID is unique fro - [Airboi/CVE-2020-17144-EXP](https://github.com/Airboi/CVE-2020-17144-EXP) - [zcgonvh/CVE-2020-17144](https://github.com/zcgonvh/CVE-2020-17144) +### CVE-2020-17382 (2020-10-02) + + +The MSI AmbientLink MsIo64 driver 1.0.0.8 has a Buffer Overflow (0x80102040, 0x80102044, 0x80102050,and 0x80102054). + + +- [uf0o/CVE-2020-17382](https://github.com/uf0o/CVE-2020-17382) + ### CVE-2020-17453 (2021-04-05) @@ -3066,6 +3857,15 @@ SEOWON INTECH SLC-130 And SLR-120S devices allow Remote Code Execution via the i - [Al1ex/CVE-2020-17456](https://github.com/Al1ex/CVE-2020-17456) +### CVE-2020-17496 (2020-08-12) + + +vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759. + + +- [ctlyz123/CVE-2020-17496](https://github.com/ctlyz123/CVE-2020-17496) +- [ludy-dev/vBulletin_5.x-tab_panel-RCE](https://github.com/ludy-dev/vBulletin_5.x-tab_panel-RCE) + ### CVE-2020-17518 (2021-01-05) @@ -3194,6 +3994,30 @@ Ilex International Sign&go Workstation Security Suite 7.1 allows elevation o - [ricardojba/CVE-2020-23968-ILEX-SignGo-EoP](https://github.com/ricardojba/CVE-2020-23968-ILEX-SignGo-EoP) +### CVE-2020-24028 (2020-09-02) + + +ForLogic Qualiex v1 and v3 allows any authenticated customer to achieve privilege escalation via user creations, password changes, or user permission updates. + + +- [underprotection/CVE-2020-24028](https://github.com/underprotection/CVE-2020-24028) + +### CVE-2020-24029 (2020-09-02) + + +Because of unauthenticated password changes in ForLogic Qualiex v1 and v3, customer and admin permissions and data can be accessed via a simple request. + + +- [underprotection/CVE-2020-24029](https://github.com/underprotection/CVE-2020-24029) + +### CVE-2020-24030 (2020-09-02) + + +ForLogic Qualiex v1 and v3 has weak token expiration. This allows remote unauthenticated privilege escalation and access to sensitive data via token reuse. + + +- [underprotection/CVE-2020-24030](https://github.com/underprotection/CVE-2020-24030) + ### CVE-2020-24032 (2020-08-18) @@ -3230,6 +4054,14 @@ An issue was discovered in includes/webconsole.php in RaspAP 2.5. With authentic ### CVE-2020-24597 - [HoangKien1020/CVE-2020-24597](https://github.com/HoangKien1020/CVE-2020-24597) +### CVE-2020-24616 (2020-08-25) + + +FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP). + + +- [0xkami/cve-2020-24616-poc](https://github.com/0xkami/cve-2020-24616-poc) + ### CVE-2020-24750 (2020-09-17) @@ -3238,6 +4070,30 @@ FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction betwee - [Al1ex/CVE-2020-24750](https://github.com/Al1ex/CVE-2020-24750) +### CVE-2020-24765 (2020-10-20) + + +InterMind iMind Server through 3.13.65 allows remote unauthenticated attackers to read the self-diagnostic archive via a direct api/rs/monitoring/rs/api/system/dump-diagnostic-info?server=127.0.0.1 request. + + +- [trump88/CVE-2020-24765](https://github.com/trump88/CVE-2020-24765) + +### CVE-2020-24955 (2020-09-01) + + +SUPERAntiSyware Professional X Trial 10.0.1206 is vulnerable to local privilege escalation because it allows unprivileged users to restore a malicious DLL from quarantine into the system32 folder via an NTFS directory junction, as demonstrated by a crafted ualapi.dll file that is detected as malware. + + +- [b1nary0x1/CVE-2020-24955](https://github.com/b1nary0x1/CVE-2020-24955) + +### CVE-2020-25068 (2020-09-03) + + +Setelsa Conacwin v3.7.1.2 is vulnerable to a local file inclusion vulnerability. This vulnerability allows a remote unauthenticated attacker to read internal files on the server via an http:IP:PORT/../../path/file_to_disclose Directory Traversal URI. NOTE: The manufacturer indicated that the affected version does not exist. Furthermore, they indicated that they detected this problem in an internal audit more than 3 years ago and fixed it in 2017. + + +- [bryanroma/CVE-2020-25068](https://github.com/bryanroma/CVE-2020-25068) + ### CVE-2020-25078 (2020-09-02) @@ -3246,12 +4102,21 @@ An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L - [MzzdToT/CVE-2020-25078](https://github.com/MzzdToT/CVE-2020-25078) +### CVE-2020-25200 (2020-10-01) + + +** DISPUTED ** Pritunl 1.29.2145.25 allows attackers to enumerate valid VPN usernames via a series of /auth/session login attempts. Initially, the server will return error 401. However, if the username is valid, then after 20 login attempts, the server will start responding with error 400. Invalid usernames will receive error 401 indefinitely. Note: This has been disputed by the vendor as not a vulnerability. They argue that this is an intended design. + + +- [lukaszstu/pritunl-CVE-2020-25200](https://github.com/lukaszstu/pritunl-CVE-2020-25200) + ### CVE-2020-25213 (2020-09-09) The File Manager (wp-file-manager) plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension. This, for example, allows attackers to run the elFinder upload (or mkfile and put) command to write PHP code into the wp-content/plugins/wp-file-manager/lib/files/ directory. This was exploited in the wild in August and September 2020. +- [mansoorr123/wp-file-manager-CVE-2020-25213](https://github.com/mansoorr123/wp-file-manager-CVE-2020-25213) - [kakamband/WPKiller](https://github.com/kakamband/WPKiller) - [forse01/CVE-2020-25213-Wordpress](https://github.com/forse01/CVE-2020-25213-Wordpress) - [k0rup710n/Wordpress-CVE-2020-25213](https://github.com/k0rup710n/Wordpress-CVE-2020-25213) @@ -3265,6 +4130,65 @@ AppImage libappimage before 1.0.3 allows attackers to trigger an overwrite of a - [refi64/CVE-2020-25265-25266](https://github.com/refi64/CVE-2020-25265-25266) +### CVE-2020-25270 (2020-10-08) + + +PHPGurukul hostel-management-system 2.1 allows XSS via Guardian Name, Guardian Relation, Guardian Contact no, Address, or City. + + +- [Ko-kn3t/CVE-2020-25270](https://github.com/Ko-kn3t/CVE-2020-25270) + +### CVE-2020-25271 (2020-10-08) + + +PHPGurukul hospital-management-system-in-php 4.0 allows XSS via admin/patient-search.php, doctor/search.php, book-appointment.php, doctor/appointment-history.php, or admin/appointment-history.php. + + +- [Ko-kn3t/CVE-2020-25271](https://github.com/Ko-kn3t/CVE-2020-25271) + +### CVE-2020-25272 (2020-10-08) + + +In SourceCodester Online Bus Booking System 1.0, there is XSS through the name parameter in book_now.php. + + +- [Ko-kn3t/CVE-2020-25272](https://github.com/Ko-kn3t/CVE-2020-25272) + +### CVE-2020-25273 (2020-10-08) + + +In SourceCodester Online Bus Booking System 1.0, there is Authentication bypass on the Admin Login screen in admin.php via username or password SQL injection. + + +- [Ko-kn3t/CVE-2020-25273](https://github.com/Ko-kn3t/CVE-2020-25273) + +### CVE-2020-25398 (2020-11-05) + + +CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv export functionality. + + +- [h3llraiser/CVE-2020-25398](https://github.com/h3llraiser/CVE-2020-25398) + +### CVE-2020-25399 (2020-11-05) + + +Stored XSS in InterMind iMind Server through 3.13.65 allows any user to hijack another user's session by sending a malicious file in the chat. + + +- [h3llraiser/CVE-2020-25399](https://github.com/h3llraiser/CVE-2020-25399) + +### CVE-2020-25487 (2020-09-22) + + +PHPGURUKUL Zoo Management System Using PHP and MySQL version 1.0 is affected by: SQL Injection via zms/animal-detail.php. + + +- [Ko-kn3t/CVE-2020-25487](https://github.com/Ko-kn3t/CVE-2020-25487) + +### CVE-2020-25488 +- [Ko-kn3t/CVE-2020-25488](https://github.com/Ko-kn3t/CVE-2020-25488) + ### CVE-2020-25498 (2021-01-06) @@ -3273,6 +4197,33 @@ Cross Site Scripting (XSS) vulnerability in Beetel router 777VR1 can be exploite - [the-girl-who-lived/CVE-2020-25498](https://github.com/the-girl-who-lived/CVE-2020-25498) +### CVE-2020-25514 (2020-09-22) + + +Sourcecodester Simple Library Management System 1.0 is affected by Incorrect Access Control via the Login Panel, http://<site>/lms/admin.php. + + +- [Ko-kn3t/CVE-2020-25514](https://github.com/Ko-kn3t/CVE-2020-25514) + +### CVE-2020-25515 (2020-09-22) + + +Sourcecodester Simple Library Management System 1.0 is affected by Insecure Permissions via Books > New Book , http://<site>/lms/index.php?page=books. + + +- [Ko-kn3t/CVE-2020-25515](https://github.com/Ko-kn3t/CVE-2020-25515) + +### CVE-2020-25518 +- [g-rubert/wordpress_DoS](https://github.com/g-rubert/wordpress_DoS) + +### CVE-2020-25540 (2020-09-14) + + +ThinkAdmin v6 is affected by a directory traversal vulnerability. An unauthorized attacker can read arbitrarily file on a remote server via GET request encode parameter. + + +- [Schira4396/CVE-2020-25540](https://github.com/Schira4396/CVE-2020-25540) + ### CVE-2020-25637 (2020-10-06) @@ -3297,6 +4248,30 @@ A flaw in the way reply ICMP packets are limited in the Linux kernel functionali - [tdwyer/CVE-2020-25705](https://github.com/tdwyer/CVE-2020-25705) +### CVE-2020-25747 (2020-09-24) + + +The Telnet service of Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) can allow a remote attacker to gain access to RTSP and ONFIV services without authentication. Thus, the attacker can watch live streams from the camera, rotate the camera, change some settings (brightness, clarity, time), restart the camera, or reset it to factory settings. + + +- [jet-pentest/CVE-2020-25747](https://github.com/jet-pentest/CVE-2020-25747) + +### CVE-2020-25748 (2020-09-24) + + +A Cleartext Transmission issue was discovered on Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339). Someone in the middle can intercept and modify the video data from the camera, which is transmitted in an unencrypted form. One can also modify responses from NTP and RTSP servers and force the camera to use the changed values. + + +- [jet-pentest/CVE-2020-25748](https://github.com/jet-pentest/CVE-2020-25748) + +### CVE-2020-25749 (2020-09-24) + + +The Telnet service of Rubetek cameras RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) could allow an remote attacker to take full control of the device with a high-privileged account. The vulnerability exists because a system account has a default and static password. The Telnet service cannot be disabled and this password cannot be changed via standard functionality. + + +- [jet-pentest/CVE-2020-25749](https://github.com/jet-pentest/CVE-2020-25749) + ### CVE-2020-25769 - [lagartojuancho/CVE-2020-25769](https://github.com/lagartojuancho/CVE-2020-25769) @@ -3308,6 +4283,14 @@ An issue was discovered on Accfly Wireless Security IR Camera 720P System with s - [tezeb/accfly](https://github.com/tezeb/accfly) +### CVE-2020-25790 (2020-09-19) + + +** DISPUTED ** Typesetter CMS 5.x through 5.1 allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archive. NOTE: the vendor disputes the significance of this report because "admins are considered trustworthy"; however, the behavior "contradicts our security policy" and is being fixed for 5.2. + + +- [7Mitu/CVE-2020-25790](https://github.com/7Mitu/CVE-2020-25790) + ### CVE-2020-25860 (2020-12-21) @@ -3316,6 +4299,22 @@ The install.c module in the Pengutronix RAUC update client prior to version 1.5 - [rauc/rauc-1.5-integration](https://github.com/rauc/rauc-1.5-integration) +### CVE-2020-25867 (2020-10-07) + + +SoPlanning before 1.47 doesn't correctly check the security key used to publicly share plannings. It allows a bypass to get access without authentication. + + +- [thomasfady/CVE-2020-25867](https://github.com/thomasfady/CVE-2020-25867) + +### CVE-2020-26061 (2020-10-05) + + +ClickStudios Passwordstate Password Reset Portal prior to build 8501 is affected by an authentication bypass vulnerability. The ResetPassword function does not validate whether the user has successfully authenticated using security questions. An unauthenticated, remote attacker can send a crafted HTTP request to the /account/ResetPassword page to set a new password for any registered user. + + +- [missing0x00/CVE-2020-26061](https://github.com/missing0x00/CVE-2020-26061) + ### CVE-2020-26217 (2020-11-16) @@ -3342,6 +4341,30 @@ XStream is a Java library to serialize objects to XML and back again. In XStream - [jas502n/CVE-2020-26259](https://github.com/jas502n/CVE-2020-26259) - [Al1ex/CVE-2020-26259](https://github.com/Al1ex/CVE-2020-26259) +### CVE-2020-26525 (2020-10-02) + + +Damstra Smart Asset 2020.7 has SQL injection via the API/api/Asset originator parameter. This allows forcing the database and server to initiate remote connections to third party DNS servers. + + +- [lukaszstu/SmartAsset-SQLinj-CVE-2020-26525](https://github.com/lukaszstu/SmartAsset-SQLinj-CVE-2020-26525) + +### CVE-2020-26526 (2020-10-02) + + +An issue was discovered in Damstra Smart Asset 2020.7. It is possible to enumerate valid usernames on the login page. The application sends a different server response when the username is invalid than when the username is valid ("Unable to find an APIDomain" versus "Wrong email or password"). + + +- [lukaszstu/SmartAsset-UE-CVE-2020-26526](https://github.com/lukaszstu/SmartAsset-UE-CVE-2020-26526) + +### CVE-2020-26527 (2020-10-02) + + +An issue was discovered in API/api/Version in Damstra Smart Asset 2020.7. Cross-origin resource sharing trusts random origins by accepting the arbitrary 'Origin: example.com' header and responding with 200 OK and a wildcard 'Access-Control-Allow-Origin: *' header. + + +- [lukaszstu/SmartAsset-CORS-CVE-2020-26527](https://github.com/lukaszstu/SmartAsset-CORS-CVE-2020-26527) + ### CVE-2020-26732 (2021-01-14) @@ -3367,6 +4390,7 @@ Cross Site Scripting (XSS) in Configuration page in SKYWORTH GN542VF Hardware Ve An issue was discovered in the Linux kernel before 5.8.15. scalar32_min_max_or in kernel/bpf/verifier.c mishandles bounds tracking during use of 64-bit values, aka CID-5b9fbeb75b6a. +- [willinin/CVE-2020-27194-exp](https://github.com/willinin/CVE-2020-27194-exp) - [xmzyshypnc/CVE-2020-27194](https://github.com/xmzyshypnc/CVE-2020-27194) ### CVE-2020-27199 (2020-12-16) @@ -3385,6 +4409,14 @@ In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11 - [motikan2010/CVE-2020-27223](https://github.com/motikan2010/CVE-2020-27223) +### CVE-2020-27358 (2020-10-31) + + +An issue was discovered in REDCap 8.11.6 through 9.x before 10. The messenger's CSV feature (that allows users to export their conversation threads as CSV) allows non-privileged users to export one another's conversation threads by changing the thread_id parameter in the request to the endpoint Messenger/messenger_download_csv.php?title=Hey&thread_id={THREAD_ID}. + + +- [seb1055/cve-2020-27358-27359](https://github.com/seb1055/cve-2020-27358-27359) + ### CVE-2020-27368 (2021-01-14) @@ -3401,6 +4433,22 @@ BigBlueButton before 2.2.27 has an unsafe JODConverter setting in which LibreOff - [hannob/CVE-2020-27603-bbb-libreoffice-poc](https://github.com/hannob/CVE-2020-27603-bbb-libreoffice-poc) +### CVE-2020-27688 (2020-11-05) + + +RVToolsPasswordEncryption.exe in RVTools 4.0.6 allows users to encrypt passwords to be used in the configuration files. This encryption used a static IV and key, and thus using the Decrypt() method from VISKD.cs from the RVTools.exe executable allows for decrypting the encrypted passwords. The accounts used in the configuration files have access to vSphere instances. + + +- [matthiasmaes/CVE-2020-27688](https://github.com/matthiasmaes/CVE-2020-27688) + +### CVE-2020-27747 (2020-10-29) + + +An issue was discovered in Click Studios Passwordstate 8.9 (Build 8973).If the user of the system has assigned himself a PIN code for entering from a mobile device using the built-in generator (4 digits), a remote attacker has the opportunity to conduct a brute force attack on this PIN code. As result, remote attacker retrieves all passwords from another systems, available for affected account. + + +- [jet-pentest/CVE-2020-27747](https://github.com/jet-pentest/CVE-2020-27747) + ### CVE-2020-27930 (2020-12-08) @@ -3440,6 +4488,7 @@ Git LFS 2.12.0 allows Remote Code Execution. - [ExploitBox/git-lfs-RCE-exploit-CVE-2020-27955](https://github.com/ExploitBox/git-lfs-RCE-exploit-CVE-2020-27955) +- [ExploitBox/git-lfs-RCE-exploit-CVE-2020-27955-Go](https://github.com/ExploitBox/git-lfs-RCE-exploit-CVE-2020-27955-Go) - [yhsung/cve-2020-27955-poc](https://github.com/yhsung/cve-2020-27955-poc) - [r00t4dm/CVE-2020-27955](https://github.com/r00t4dm/CVE-2020-27955) - [williamgoulois/git-lfs-RCE-exploit-CVE-2020-27955-revshell](https://github.com/williamgoulois/git-lfs-RCE-exploit-CVE-2020-27955-revshell) @@ -3449,6 +4498,14 @@ Git LFS 2.12.0 allows Remote Code Execution. - [dennyson120/CVE-2020-27955](https://github.com/dennyson120/CVE-2020-27955) - [NeoDarwin/CVE-2020-27955](https://github.com/NeoDarwin/CVE-2020-27955) +### CVE-2020-27976 (2020-10-28) + + +osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Within admin/mail.php, a from POST parameter can be passed to the application. This affects the PHP mail function, and the sendmail -f option. + + +- [k0rnh0li0/CVE-2020-27976](https://github.com/k0rnh0li0/CVE-2020-27976) + ### CVE-2020-28052 (2020-12-17)