From 2edbd9572a0d5b8024c2bdd2370c090d9f9fdb4a Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Sun, 12 Feb 2023 03:31:15 +0900 Subject: [PATCH] Auto Update 2023/02/11 18:31:14 --- 2018/CVE-2018-5955.json | 8 ++++---- 2019/CVE-2019-5736.json | 4 ++-- 2021/CVE-2021-1675.json | 8 ++++---- 2021/CVE-2021-21972.json | 16 ++++++++-------- 2021/CVE-2021-23017.json | 8 ++++---- 2021/CVE-2021-26855.json | 8 ++++---- 2021/CVE-2021-4034.json | 8 ++++---- 2022/CVE-2022-20223.json | 8 ++++---- 2022/CVE-2022-20452.json | 8 ++++---- 2022/CVE-2022-21907.json | 4 ++-- 2022/CVE-2022-26134.json | 8 ++++---- 2022/CVE-2022-29455.json | 8 ++++---- 2022/CVE-2022-34169.json | 8 ++++---- 2022/CVE-2022-44268.json | 8 ++++---- 2022/CVE-2022-45771.json | 35 +++++++++++++++++++++++++++++++++++ 2022/CVE-2022-46689.json | 24 ++++++++++++------------ 2023/CVE-2023-0669.json | 12 ++++++------ 2023/CVE-2023-24055.json | 8 ++++---- 2023/CVE-2023-25194.json | 8 ++++---- README.md | 1 + 20 files changed, 118 insertions(+), 82 deletions(-) diff --git a/2018/CVE-2018-5955.json b/2018/CVE-2018-5955.json index 5ce87cf4b8..55dcc25bac 100644 --- a/2018/CVE-2018-5955.json +++ b/2018/CVE-2018-5955.json @@ -42,10 +42,10 @@ "description": "一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能", "fork": false, "created_at": "2019-12-21T22:45:55Z", - "updated_at": "2023-02-08T02:53:38Z", + "updated_at": "2023-02-11T16:50:34Z", "pushed_at": "2020-01-05T21:46:25Z", - "stargazers_count": 592, - "watchers_count": 592, + "stargazers_count": 591, + "watchers_count": 591, "has_discussions": false, "forks_count": 129, "allow_forking": true, @@ -67,7 +67,7 @@ ], "visibility": "public", "forks": 129, - "watchers": 592, + "watchers": 591, "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-5736.json b/2019/CVE-2019-5736.json index 52fd0d8e36..9a46c63ddd 100644 --- a/2019/CVE-2019-5736.json +++ b/2019/CVE-2019-5736.json @@ -47,13 +47,13 @@ "stargazers_count": 602, "watchers_count": 602, "has_discussions": false, - "forks_count": 164, + "forks_count": 165, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 164, + "forks": 165, "watchers": 602, "score": 0 }, diff --git a/2021/CVE-2021-1675.json b/2021/CVE-2021-1675.json index 4682a9ac8d..f538950ab9 100644 --- a/2021/CVE-2021-1675.json +++ b/2021/CVE-2021-1675.json @@ -42,10 +42,10 @@ "description": "C# and Impacket implementation of PrintNightmare CVE-2021-1675\/CVE-2021-34527", "fork": false, "created_at": "2021-06-29T17:24:14Z", - "updated_at": "2023-02-10T10:40:52Z", + "updated_at": "2023-02-11T18:02:31Z", "pushed_at": "2021-07-20T15:28:13Z", - "stargazers_count": 1650, - "watchers_count": 1650, + "stargazers_count": 1651, + "watchers_count": 1651, "has_discussions": false, "forks_count": 583, "allow_forking": true, @@ -54,7 +54,7 @@ "topics": [], "visibility": "public", "forks": 583, - "watchers": 1650, + "watchers": 1651, "score": 0 }, { diff --git a/2021/CVE-2021-21972.json b/2021/CVE-2021-21972.json index 0a34eee30c..5b3d6480f2 100644 --- a/2021/CVE-2021-21972.json +++ b/2021/CVE-2021-21972.json @@ -42,10 +42,10 @@ "description": "CVE-2021-21972 Exploit", "fork": false, "created_at": "2021-02-24T11:14:58Z", - "updated_at": "2023-02-06T12:30:50Z", + "updated_at": "2023-02-11T13:59:33Z", "pushed_at": "2021-12-30T12:26:11Z", - "stargazers_count": 422, - "watchers_count": 422, + "stargazers_count": 423, + "watchers_count": 423, "has_discussions": false, "forks_count": 141, "allow_forking": true, @@ -56,7 +56,7 @@ ], "visibility": "public", "forks": 141, - "watchers": 422, + "watchers": 423, "score": 0 }, { @@ -102,10 +102,10 @@ "description": "Proof of Concept Exploit for vCenter CVE-2021-21972", "fork": false, "created_at": "2021-02-24T16:31:34Z", - "updated_at": "2023-02-08T13:26:34Z", + "updated_at": "2023-02-11T13:51:36Z", "pushed_at": "2021-02-25T16:05:02Z", - "stargazers_count": 214, - "watchers_count": 214, + "stargazers_count": 215, + "watchers_count": 215, "has_discussions": false, "forks_count": 80, "allow_forking": true, @@ -114,7 +114,7 @@ "topics": [], "visibility": "public", "forks": 80, - "watchers": 214, + "watchers": 215, "score": 0 }, { diff --git a/2021/CVE-2021-23017.json b/2021/CVE-2021-23017.json index d5b03921d2..ce37cc43e9 100644 --- a/2021/CVE-2021-23017.json +++ b/2021/CVE-2021-23017.json @@ -42,10 +42,10 @@ "description": "PoC for Nginx 0.6.18 - 1.20.0 Memory Overwrite Vulnerability CVE-2021-23017", "fork": false, "created_at": "2022-06-30T04:39:58Z", - "updated_at": "2023-01-29T21:58:15Z", + "updated_at": "2023-02-11T14:44:12Z", "pushed_at": "2022-07-01T00:33:57Z", - "stargazers_count": 35, - "watchers_count": 35, + "stargazers_count": 36, + "watchers_count": 36, "has_discussions": false, "forks_count": 8, "allow_forking": true, @@ -57,7 +57,7 @@ ], "visibility": "public", "forks": 8, - "watchers": 35, + "watchers": 36, "score": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-26855.json b/2021/CVE-2021-26855.json index fc0a221991..560d9a0338 100644 --- a/2021/CVE-2021-26855.json +++ b/2021/CVE-2021-26855.json @@ -319,10 +319,10 @@ "description": "A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).", "fork": false, "created_at": "2021-03-08T11:54:32Z", - "updated_at": "2023-01-13T17:10:39Z", + "updated_at": "2023-02-11T15:27:15Z", "pushed_at": "2022-03-02T15:41:29Z", - "stargazers_count": 144, - "watchers_count": 144, + "stargazers_count": 143, + "watchers_count": 143, "has_discussions": false, "forks_count": 23, "allow_forking": true, @@ -339,7 +339,7 @@ ], "visibility": "public", "forks": 23, - "watchers": 144, + "watchers": 143, "score": 0 }, { diff --git a/2021/CVE-2021-4034.json b/2021/CVE-2021-4034.json index 3c9ef32640..ae5a18845a 100644 --- a/2021/CVE-2021-4034.json +++ b/2021/CVE-2021-4034.json @@ -2329,10 +2329,10 @@ "description": "CVE-2021-4034", "fork": false, "created_at": "2022-01-28T13:51:17Z", - "updated_at": "2022-01-28T15:05:03Z", + "updated_at": "2023-02-11T15:29:59Z", "pushed_at": "2022-01-28T13:59:31Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -2341,7 +2341,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0 }, { diff --git a/2022/CVE-2022-20223.json b/2022/CVE-2022-20223.json index 40e94da2a2..e25244073c 100644 --- a/2022/CVE-2022-20223.json +++ b/2022/CVE-2022-20223.json @@ -13,10 +13,10 @@ "description": null, "fork": false, "created_at": "2022-08-16T12:21:34Z", - "updated_at": "2022-08-16T12:30:29Z", + "updated_at": "2023-02-11T13:40:08Z", "pushed_at": "2022-08-16T12:37:04Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-20452.json b/2022/CVE-2022-20452.json index 56bd6df217..e057a1a8a3 100644 --- a/2022/CVE-2022-20452.json +++ b/2022/CVE-2022-20452.json @@ -13,10 +13,10 @@ "description": "Exploit for CVE-2022-20452, privilege escalation on Android from installed app to system app (or another app) via LazyValue using Parcel after recycle()", "fork": false, "created_at": "2023-01-10T16:24:51Z", - "updated_at": "2023-02-10T15:40:44Z", + "updated_at": "2023-02-11T17:04:59Z", "pushed_at": "2023-01-10T16:25:49Z", - "stargazers_count": 133, - "watchers_count": 133, + "stargazers_count": 134, + "watchers_count": 134, "has_discussions": false, "forks_count": 24, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 24, - "watchers": 133, + "watchers": 134, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-21907.json b/2022/CVE-2022-21907.json index 4704d81c4a..dbbf3cdc00 100644 --- a/2022/CVE-2022-21907.json +++ b/2022/CVE-2022-21907.json @@ -96,13 +96,13 @@ "stargazers_count": 365, "watchers_count": 365, "has_discussions": false, - "forks_count": 100, + "forks_count": 101, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 100, + "forks": 101, "watchers": 365, "score": 0 }, diff --git a/2022/CVE-2022-26134.json b/2022/CVE-2022-26134.json index bd0d64fe6e..3f4c431366 100644 --- a/2022/CVE-2022-26134.json +++ b/2022/CVE-2022-26134.json @@ -532,10 +532,10 @@ "description": "Confluence Pre-Auth Remote Code Execution via OGNL Injection (CVE-2022-26134)", "fork": false, "created_at": "2022-06-06T02:43:06Z", - "updated_at": "2023-01-07T10:13:40Z", + "updated_at": "2023-02-11T17:56:01Z", "pushed_at": "2022-06-06T03:37:25Z", - "stargazers_count": 24, - "watchers_count": 24, + "stargazers_count": 25, + "watchers_count": 25, "has_discussions": false, "forks_count": 13, "allow_forking": true, @@ -544,7 +544,7 @@ "topics": [], "visibility": "public", "forks": 13, - "watchers": 24, + "watchers": 25, "score": 0 }, { diff --git a/2022/CVE-2022-29455.json b/2022/CVE-2022-29455.json index 6a4b0190f0..0f8fd6d667 100644 --- a/2022/CVE-2022-29455.json +++ b/2022/CVE-2022-29455.json @@ -42,10 +42,10 @@ "description": "Wordpress Vulnerability - XSS ( Cross-Site Scripting )", "fork": false, "created_at": "2022-09-05T12:08:50Z", - "updated_at": "2023-02-09T22:08:15Z", + "updated_at": "2023-02-11T13:59:32Z", "pushed_at": "2022-09-05T12:21:59Z", - "stargazers_count": 8, - "watchers_count": 8, + "stargazers_count": 9, + "watchers_count": 9, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -54,7 +54,7 @@ "topics": [], "visibility": "public", "forks": 3, - "watchers": 8, + "watchers": 9, "score": 0 }, { diff --git a/2022/CVE-2022-34169.json b/2022/CVE-2022-34169.json index eebcef90ff..28b1b6708c 100644 --- a/2022/CVE-2022-34169.json +++ b/2022/CVE-2022-34169.json @@ -42,10 +42,10 @@ "description": "cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具,可根据不同的Jdk生成出其所对应的xslt文件", "fork": false, "created_at": "2023-01-17T03:48:11Z", - "updated_at": "2023-02-11T05:42:58Z", + "updated_at": "2023-02-11T15:33:54Z", "pushed_at": "2023-01-17T12:27:08Z", - "stargazers_count": 51, - "watchers_count": 51, + "stargazers_count": 52, + "watchers_count": 52, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -54,7 +54,7 @@ "topics": [], "visibility": "public", "forks": 3, - "watchers": 51, + "watchers": 52, "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-44268.json b/2022/CVE-2022-44268.json index b248f90b9a..7dabff6f0f 100644 --- a/2022/CVE-2022-44268.json +++ b/2022/CVE-2022-44268.json @@ -190,10 +190,10 @@ "description": "A PoC for the CVE-2022-44268 - ImageMagick arbitrary file read", "fork": false, "created_at": "2023-02-05T18:42:27Z", - "updated_at": "2023-02-11T08:13:27Z", + "updated_at": "2023-02-11T14:31:56Z", "pushed_at": "2023-02-05T19:35:03Z", - "stargazers_count": 92, - "watchers_count": 92, + "stargazers_count": 93, + "watchers_count": 93, "has_discussions": false, "forks_count": 11, "allow_forking": true, @@ -202,7 +202,7 @@ "topics": [], "visibility": "public", "forks": 11, - "watchers": 92, + "watchers": 93, "score": 0 }, { diff --git a/2022/CVE-2022-45771.json b/2022/CVE-2022-45771.json index b7f2fa516c..fd8ef83007 100644 --- a/2022/CVE-2022-45771.json +++ b/2022/CVE-2022-45771.json @@ -32,5 +32,40 @@ "forks": 6, "watchers": 32, "score": 0 + }, + { + "id": 600465186, + "name": "CVE-2022-45771", + "full_name": "yuriisanin\/CVE-2022-45771", + "owner": { + "login": "yuriisanin", + "id": 11749007, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11749007?v=4", + "html_url": "https:\/\/github.com\/yuriisanin" + }, + "html_url": "https:\/\/github.com\/yuriisanin\/CVE-2022-45771", + "description": "[PoC] Privilege escalation & code execution via LFI in PwnDoC ", + "fork": false, + "created_at": "2023-02-11T15:26:14Z", + "updated_at": "2023-02-11T15:39:37Z", + "pushed_at": "2023-02-11T15:30:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "privesc", + "privilege-escalation", + "pwndoc", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0 } ] \ No newline at end of file diff --git a/2022/CVE-2022-46689.json b/2022/CVE-2022-46689.json index ca100d3f1f..161f8e619e 100644 --- a/2022/CVE-2022-46689.json +++ b/2022/CVE-2022-46689.json @@ -71,10 +71,10 @@ "description": "Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.", "fork": false, "created_at": "2022-12-26T06:56:35Z", - "updated_at": "2023-02-11T11:54:50Z", + "updated_at": "2023-02-11T16:53:32Z", "pushed_at": "2023-02-09T10:16:13Z", - "stargazers_count": 703, - "watchers_count": 703, + "stargazers_count": 705, + "watchers_count": 705, "has_discussions": false, "forks_count": 50, "allow_forking": true, @@ -83,7 +83,7 @@ "topics": [], "visibility": "public", "forks": 50, - "watchers": 703, + "watchers": 705, "score": 0 }, { @@ -252,10 +252,10 @@ "description": "iOS customization app powered by CVE-2022-46689", "fork": false, "created_at": "2023-01-12T14:31:30Z", - "updated_at": "2023-02-07T18:25:06Z", + "updated_at": "2023-02-11T16:18:57Z", "pushed_at": "2023-02-03T22:18:47Z", - "stargazers_count": 10, - "watchers_count": 10, + "stargazers_count": 11, + "watchers_count": 11, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -274,7 +274,7 @@ ], "visibility": "public", "forks": 1, - "watchers": 10, + "watchers": 11, "score": 0 }, { @@ -320,10 +320,10 @@ "description": "CVE-2022-46689", "fork": false, "created_at": "2023-01-26T19:52:30Z", - "updated_at": "2023-02-11T09:42:59Z", + "updated_at": "2023-02-11T14:01:20Z", "pushed_at": "2023-02-11T11:54:47Z", - "stargazers_count": 96, - "watchers_count": 96, + "stargazers_count": 95, + "watchers_count": 95, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -332,7 +332,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 96, + "watchers": 95, "score": 0 } ] \ No newline at end of file diff --git a/2023/CVE-2023-0669.json b/2023/CVE-2023-0669.json index 030a162119..c2163220d4 100644 --- a/2023/CVE-2023-0669.json +++ b/2023/CVE-2023-0669.json @@ -13,19 +13,19 @@ "description": "CVE-2023-0669 GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object.", "fork": false, "created_at": "2023-02-10T13:02:55Z", - "updated_at": "2023-02-11T09:51:03Z", + "updated_at": "2023-02-11T18:04:10Z", "pushed_at": "2023-02-11T10:56:50Z", - "stargazers_count": 3, - "watchers_count": 3, + "stargazers_count": 7, + "watchers_count": 7, "has_discussions": false, - "forks_count": 1, + "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 1, - "watchers": 3, + "forks": 2, + "watchers": 7, "score": 0 } ] \ No newline at end of file diff --git a/2023/CVE-2023-24055.json b/2023/CVE-2023-24055.json index 3494cb4594..cb9d4f2a20 100644 --- a/2023/CVE-2023-24055.json +++ b/2023/CVE-2023-24055.json @@ -42,10 +42,10 @@ "description": "CVE-2023-24055 PoC (KeePass 2.5x)", "fork": false, "created_at": "2023-01-25T03:21:42Z", - "updated_at": "2023-02-11T11:17:51Z", + "updated_at": "2023-02-11T15:23:16Z", "pushed_at": "2023-02-10T08:03:59Z", - "stargazers_count": 211, - "watchers_count": 211, + "stargazers_count": 213, + "watchers_count": 213, "has_discussions": false, "forks_count": 35, "allow_forking": true, @@ -54,7 +54,7 @@ "topics": [], "visibility": "public", "forks": 35, - "watchers": 211, + "watchers": 213, "score": 0 }, { diff --git a/2023/CVE-2023-25194.json b/2023/CVE-2023-25194.json index e15ec856c1..57aaaf0c2a 100644 --- a/2023/CVE-2023-25194.json +++ b/2023/CVE-2023-25194.json @@ -13,10 +13,10 @@ "description": null, "fork": false, "created_at": "2023-02-09T10:49:46Z", - "updated_at": "2023-02-11T11:41:53Z", + "updated_at": "2023-02-11T16:55:16Z", "pushed_at": "2023-02-09T11:00:26Z", - "stargazers_count": 27, - "watchers_count": 27, + "stargazers_count": 29, + "watchers_count": 29, "has_discussions": false, "forks_count": 15, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 15, - "watchers": 27, + "watchers": 29, "score": 0 } ] \ No newline at end of file diff --git a/README.md b/README.md index f2013df50e..40f9969696 100644 --- a/README.md +++ b/README.md @@ -5465,6 +5465,7 @@ An issue in the /api/audits component of Pwndoc v0.5.3 allows attackers to escal - [p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE](https://github.com/p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE) +- [yuriisanin/CVE-2022-45771](https://github.com/yuriisanin/CVE-2022-45771) ### CVE-2022-45934 (2022-11-26)