From 3742786a3a5c8bfec1ba35a9cf4f771081120ab1 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Sat, 11 Jan 2025 03:32:38 +0900 Subject: [PATCH] Auto Update 2025/01/10 18:32:38 --- 2001/CVE-2001-1473.json | 2 +- 2017/CVE-2017-11882.json | 8 +++--- 2020/CVE-2020-0796.json | 8 +++--- 2021/CVE-2021-21974.json | 31 +++++++++++++++++++++++ 2021/CVE-2021-40444.json | 8 +++--- 2021/CVE-2021-44228.json | 2 +- 2021/CVE-2021-46070.json | 31 ----------------------- 2022/CVE-2022-22965.json | 8 +++--- 2022/CVE-2022-2992.json | 8 +++--- 2023/CVE-2023-36884.json | 8 +++--- 2023/CVE-2023-41425.json | 31 ----------------------- 2023/CVE-2023-45866.json | 8 +++--- 2023/CVE-2023-7172.json | 4 +-- 2024/CVE-2024-1086.json | 8 +++--- 2024/CVE-2024-11477.json | 8 +++--- 2024/CVE-2024-12471.json | 33 +++++++++++++++++++++++++ 2024/CVE-2024-12558.json | 33 +++++++++++++++++++++++++ 2024/CVE-2024-12594.json | 33 +++++++++++++++++++++++++ 2024/CVE-2024-27115.json | 8 +++--- 2024/CVE-2024-2961.json | 4 +-- 2024/CVE-2024-33297.json | 33 +++++++++++++++++++++++++ 2024/CVE-2024-33298.json | 33 +++++++++++++++++++++++++ 2024/CVE-2024-33299.json | 33 +++++++++++++++++++++++++ 2024/CVE-2024-34102.json | 8 +++--- 2024/CVE-2024-36840.json | 42 +++++++++++++++++++++++++++++++ 2024/CVE-2024-42327.json | 8 +++--- 2024/CVE-2024-49113.json | 28 ++++++++++----------- 2024/CVE-2024-50603.json | 12 ++++----- 2024/CVE-2024-53677.json | 35 ++++++++++++++++++++++++-- 2024/CVE-2024-54379.json | 33 +++++++++++++++++++++++++ 2024/CVE-2024-54498.json | 8 +++--- 2024/CVE-2024-57487.json | 33 +++++++++++++++++++++++++ 2024/CVE-2024-6387.json | 4 +-- README.md | 53 +++++++++++++++++++++++++++++++++++++--- 34 files changed, 500 insertions(+), 147 deletions(-) create mode 100644 2024/CVE-2024-12471.json create mode 100644 2024/CVE-2024-12558.json create mode 100644 2024/CVE-2024-12594.json create mode 100644 2024/CVE-2024-33297.json create mode 100644 2024/CVE-2024-33298.json create mode 100644 2024/CVE-2024-33299.json create mode 100644 2024/CVE-2024-36840.json create mode 100644 2024/CVE-2024-54379.json create mode 100644 2024/CVE-2024-57487.json diff --git a/2001/CVE-2001-1473.json b/2001/CVE-2001-1473.json index fff13abdef..cfaa0592b3 100644 --- a/2001/CVE-2001-1473.json +++ b/2001/CVE-2001-1473.json @@ -35,6 +35,6 @@ "forks": 0, "watchers": 0, "score": 0, - "subscribers_count": 0 + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2017/CVE-2017-11882.json b/2017/CVE-2017-11882.json index 664677af50..6737412254 100644 --- a/2017/CVE-2017-11882.json +++ b/2017/CVE-2017-11882.json @@ -1044,8 +1044,8 @@ }, { "id": 908465504, - "name": "Malware-Analysis-CVE-2017-11882", - "full_name": "yaseenibnakhtar\/Malware-Analysis-CVE-2017-11882", + "name": "001-Malware-Analysis-CVE-2017-11882", + "full_name": "yaseenibnakhtar\/001-Malware-Analysis-CVE-2017-11882", "owner": { "login": "yaseenibnakhtar", "id": 167536932, @@ -1053,11 +1053,11 @@ "html_url": "https:\/\/github.com\/yaseenibnakhtar", "user_view_type": "public" }, - "html_url": "https:\/\/github.com\/yaseenibnakhtar\/Malware-Analysis-CVE-2017-11882", + "html_url": "https:\/\/github.com\/yaseenibnakhtar\/001-Malware-Analysis-CVE-2017-11882", "description": "Malware Analysis CVE-2017-11882", "fork": false, "created_at": "2024-12-26T06:23:27Z", - "updated_at": "2024-12-26T06:24:35Z", + "updated_at": "2025-01-10T13:07:05Z", "pushed_at": "2024-12-26T06:24:31Z", "stargazers_count": 0, "watchers_count": 0, diff --git a/2020/CVE-2020-0796.json b/2020/CVE-2020-0796.json index 3d29ebd7d7..b004c53335 100644 --- a/2020/CVE-2020-0796.json +++ b/2020/CVE-2020-0796.json @@ -1039,10 +1039,10 @@ "description": "CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost", "fork": false, "created_at": "2020-03-30T11:42:56Z", - "updated_at": "2025-01-01T17:53:11Z", + "updated_at": "2025-01-10T17:59:26Z", "pushed_at": "2020-12-07T20:04:27Z", - "stargazers_count": 1304, - "watchers_count": 1304, + "stargazers_count": 1303, + "watchers_count": 1303, "has_discussions": false, "forks_count": 343, "allow_forking": true, @@ -1057,7 +1057,7 @@ ], "visibility": "public", "forks": 343, - "watchers": 1304, + "watchers": 1303, "score": 0, "subscribers_count": 34 }, diff --git a/2021/CVE-2021-21974.json b/2021/CVE-2021-21974.json index 8fb92cb223..16d1ebadc7 100644 --- a/2021/CVE-2021-21974.json +++ b/2021/CVE-2021-21974.json @@ -122,5 +122,36 @@ "watchers": 0, "score": 0, "subscribers_count": 1 + }, + { + "id": 914982846, + "name": "CVE-2021-21974", + "full_name": "mercylessghost\/CVE-2021-21974", + "owner": { + "login": "mercylessghost", + "id": 142067779, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142067779?v=4", + "html_url": "https:\/\/github.com\/mercylessghost", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mercylessghost\/CVE-2021-21974", + "description": null, + "fork": false, + "created_at": "2025-01-10T18:00:20Z", + "updated_at": "2025-01-10T18:00:24Z", + "pushed_at": "2025-01-10T18:00:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-40444.json b/2021/CVE-2021-40444.json index 8352863580..1964acbae2 100644 --- a/2021/CVE-2021-40444.json +++ b/2021/CVE-2021-40444.json @@ -231,10 +231,10 @@ "description": "CVE-2021-40444 PoC", "fork": false, "created_at": "2021-09-10T16:55:53Z", - "updated_at": "2025-01-05T14:16:19Z", + "updated_at": "2025-01-10T14:20:22Z", "pushed_at": "2021-12-25T18:31:02Z", - "stargazers_count": 1606, - "watchers_count": 1606, + "stargazers_count": 1607, + "watchers_count": 1607, "has_discussions": false, "forks_count": 483, "allow_forking": true, @@ -243,7 +243,7 @@ "topics": [], "visibility": "public", "forks": 483, - "watchers": 1606, + "watchers": 1607, "score": 0, "subscribers_count": 28 }, diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json index 7e1fce4452..aa4afa156e 100644 --- a/2021/CVE-2021-44228.json +++ b/2021/CVE-2021-44228.json @@ -1574,7 +1574,7 @@ "fork": false, "created_at": "2021-12-11T12:16:45Z", "updated_at": "2024-04-29T17:48:37Z", - "pushed_at": "2024-12-28T04:32:25Z", + "pushed_at": "2025-01-10T17:39:32Z", "stargazers_count": 2, "watchers_count": 2, "has_discussions": false, diff --git a/2021/CVE-2021-46070.json b/2021/CVE-2021-46070.json index 56e86c6e89..0d33a9fe84 100644 --- a/2021/CVE-2021-46070.json +++ b/2021/CVE-2021-46070.json @@ -29,36 +29,5 @@ "watchers": 0, "score": 0, "subscribers_count": 1 - }, - { - "id": 448075803, - "name": "CVE-2021-46070", - "full_name": "plsanu\/CVE-2021-46070", - "owner": { - "login": "plsanu", - "id": 61007700, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", - "html_url": "https:\/\/github.com\/plsanu", - "user_view_type": "public" - }, - "html_url": "https:\/\/github.com\/plsanu\/CVE-2021-46070", - "description": "CVE-2021-46070 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel.", - "fork": false, - "created_at": "2022-01-14T18:54:29Z", - "updated_at": "2023-12-30T08:24:16Z", - "pushed_at": "2022-01-14T19:32:55Z", - "stargazers_count": 1, - "watchers_count": 1, - "has_discussions": false, - "forks_count": 0, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 0, - "watchers": 1, - "score": 0, - "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-22965.json b/2022/CVE-2022-22965.json index abffc0326b..16438f187b 100644 --- a/2022/CVE-2022-22965.json +++ b/2022/CVE-2022-22965.json @@ -918,10 +918,10 @@ "description": "CVE-2022-22965\\Spring-Core-RCE堪比关于 Apache Log4j2核弹级别漏洞exp的rce一键利用", "fork": false, "created_at": "2022-04-02T09:13:54Z", - "updated_at": "2024-08-12T20:22:05Z", + "updated_at": "2025-01-10T15:09:16Z", "pushed_at": "2022-04-02T10:14:11Z", - "stargazers_count": 12, - "watchers_count": 12, + "stargazers_count": 13, + "watchers_count": 13, "has_discussions": false, "forks_count": 7, "allow_forking": true, @@ -930,7 +930,7 @@ "topics": [], "visibility": "public", "forks": 7, - "watchers": 12, + "watchers": 13, "score": 0, "subscribers_count": 2 }, diff --git a/2022/CVE-2022-2992.json b/2022/CVE-2022-2992.json index 10519744b5..3c431046dd 100644 --- a/2022/CVE-2022-2992.json +++ b/2022/CVE-2022-2992.json @@ -14,10 +14,10 @@ "description": "Authenticated Remote Command Execution in Gitlab via GitHub import", "fork": false, "created_at": "2022-10-08T11:42:49Z", - "updated_at": "2024-12-27T02:58:40Z", + "updated_at": "2025-01-10T18:09:47Z", "pushed_at": "2022-10-09T03:54:53Z", - "stargazers_count": 224, - "watchers_count": 224, + "stargazers_count": 225, + "watchers_count": 225, "has_discussions": false, "forks_count": 37, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 37, - "watchers": 224, + "watchers": 225, "score": 0, "subscribers_count": 4 }, diff --git a/2023/CVE-2023-36884.json b/2023/CVE-2023-36884.json index 538a65fb75..35aa019f86 100644 --- a/2023/CVE-2023-36884.json +++ b/2023/CVE-2023-36884.json @@ -270,10 +270,10 @@ "description": "MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit", "fork": false, "created_at": "2023-09-28T11:53:44Z", - "updated_at": "2025-01-06T17:08:46Z", + "updated_at": "2025-01-10T17:22:52Z", "pushed_at": "2023-11-02T09:08:31Z", - "stargazers_count": 35, - "watchers_count": 35, + "stargazers_count": 36, + "watchers_count": 36, "has_discussions": false, "forks_count": 10, "allow_forking": true, @@ -282,7 +282,7 @@ "topics": [], "visibility": "public", "forks": 10, - "watchers": 35, + "watchers": 36, "score": 0, "subscribers_count": 3 } diff --git a/2023/CVE-2023-41425.json b/2023/CVE-2023-41425.json index 6af91bc3f8..b0b7c76987 100644 --- a/2023/CVE-2023-41425.json +++ b/2023/CVE-2023-41425.json @@ -383,36 +383,5 @@ "watchers": 1, "score": 0, "subscribers_count": 1 - }, - { - "id": 912981235, - "name": "CVE-2023-41425", - "full_name": "samu21req\/CVE-2023-41425", - "owner": { - "login": "samu21req", - "id": 61760887, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61760887?v=4", - "html_url": "https:\/\/github.com\/samu21req", - "user_view_type": "public" - }, - "html_url": "https:\/\/github.com\/samu21req\/CVE-2023-41425", - "description": null, - "fork": false, - "created_at": "2025-01-06T19:38:36Z", - "updated_at": "2025-01-06T19:44:38Z", - "pushed_at": "2025-01-06T19:44:35Z", - "stargazers_count": 0, - "watchers_count": 0, - "has_discussions": false, - "forks_count": 0, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 0, - "watchers": 0, - "score": 0, - "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2023/CVE-2023-45866.json b/2023/CVE-2023-45866.json index 12970b2ff6..b05611d91f 100644 --- a/2023/CVE-2023-45866.json +++ b/2023/CVE-2023-45866.json @@ -14,10 +14,10 @@ "description": "🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)", "fork": false, "created_at": "2024-01-16T06:52:02Z", - "updated_at": "2025-01-09T19:08:50Z", + "updated_at": "2025-01-10T18:25:51Z", "pushed_at": "2024-08-18T08:26:46Z", - "stargazers_count": 1374, - "watchers_count": 1374, + "stargazers_count": 1379, + "watchers_count": 1379, "has_discussions": false, "forks_count": 236, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 236, - "watchers": 1374, + "watchers": 1379, "score": 0, "subscribers_count": 21 }, diff --git a/2023/CVE-2023-7172.json b/2023/CVE-2023-7172.json index fd6290496c..b8ca2b8fe6 100644 --- a/2023/CVE-2023-7172.json +++ b/2023/CVE-2023-7172.json @@ -19,13 +19,13 @@ "stargazers_count": 6, "watchers_count": 6, "has_discussions": false, - "forks_count": 1, + "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 1, + "forks": 2, "watchers": 6, "score": 0, "subscribers_count": 1 diff --git a/2024/CVE-2024-1086.json b/2024/CVE-2024-1086.json index 0b681408f9..f369282d0c 100644 --- a/2024/CVE-2024-1086.json +++ b/2024/CVE-2024-1086.json @@ -14,10 +14,10 @@ "description": "Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.", "fork": false, "created_at": "2024-03-20T21:16:41Z", - "updated_at": "2025-01-10T10:14:29Z", + "updated_at": "2025-01-10T16:21:43Z", "pushed_at": "2024-04-17T16:09:54Z", - "stargazers_count": 2325, - "watchers_count": 2325, + "stargazers_count": 2327, + "watchers_count": 2327, "has_discussions": false, "forks_count": 302, "allow_forking": true, @@ -32,7 +32,7 @@ ], "visibility": "public", "forks": 302, - "watchers": 2325, + "watchers": 2327, "score": 0, "subscribers_count": 27 }, diff --git a/2024/CVE-2024-11477.json b/2024/CVE-2024-11477.json index 135e718758..d43bd19f65 100644 --- a/2024/CVE-2024-11477.json +++ b/2024/CVE-2024-11477.json @@ -14,10 +14,10 @@ "description": "CVE-2024-11477 7Zip Code Execution Writeup and Analysis", "fork": false, "created_at": "2024-11-29T06:13:36Z", - "updated_at": "2025-01-02T02:40:25Z", + "updated_at": "2025-01-10T12:44:00Z", "pushed_at": "2024-12-04T01:01:28Z", - "stargazers_count": 48, - "watchers_count": 48, + "stargazers_count": 49, + "watchers_count": 49, "has_discussions": false, "forks_count": 11, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 11, - "watchers": 48, + "watchers": 49, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-12471.json b/2024/CVE-2024-12471.json new file mode 100644 index 0000000000..20e42a7bd1 --- /dev/null +++ b/2024/CVE-2024-12471.json @@ -0,0 +1,33 @@ +[ + { + "id": 913357660, + "name": "CVE-2024-12471", + "full_name": "RandomRobbieBF\/CVE-2024-12471", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-12471", + "description": "Post Saint: ChatGPT, GPT4, DALL-E, Stable Diffusion, Pexels, Dezgo AI Text & Image Generator <= 1.3.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Upload", + "fork": false, + "created_at": "2025-01-07T14:30:08Z", + "updated_at": "2025-01-10T13:56:26Z", + "pushed_at": "2025-01-07T14:31:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-12558.json b/2024/CVE-2024-12558.json new file mode 100644 index 0000000000..63034fe36d --- /dev/null +++ b/2024/CVE-2024-12558.json @@ -0,0 +1,33 @@ +[ + { + "id": 912762940, + "name": "CVE-2024-12558", + "full_name": "RandomRobbieBF\/CVE-2024-12558", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-12558", + "description": "WP BASE Booking of Appointments, Services and Events <= 4.9.2 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure via app_export_db", + "fork": false, + "created_at": "2025-01-06T10:45:29Z", + "updated_at": "2025-01-10T13:55:30Z", + "pushed_at": "2025-01-06T10:47:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-12594.json b/2024/CVE-2024-12594.json new file mode 100644 index 0000000000..59a2c947f7 --- /dev/null +++ b/2024/CVE-2024-12594.json @@ -0,0 +1,33 @@ +[ + { + "id": 912770578, + "name": "CVE-2024-12594", + "full_name": "RandomRobbieBF\/CVE-2024-12594", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-12594", + "description": "ALL In One Custom Login Page <= 7.1.1 - Missing Authorization to Authenticated (Subscriber+)Privilege Escalation", + "fork": false, + "created_at": "2025-01-06T11:05:21Z", + "updated_at": "2025-01-10T13:55:51Z", + "pushed_at": "2025-01-06T11:06:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27115.json b/2024/CVE-2024-27115.json index 4a225ede01..ed59a4db9e 100644 --- a/2024/CVE-2024-27115.json +++ b/2024/CVE-2024-27115.json @@ -14,10 +14,10 @@ "description": "Exploit For SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)", "fork": false, "created_at": "2025-01-07T13:38:34Z", - "updated_at": "2025-01-10T06:20:06Z", + "updated_at": "2025-01-10T17:15:12Z", "pushed_at": "2025-01-07T14:16:47Z", - "stargazers_count": 3, - "watchers_count": 3, + "stargazers_count": 4, + "watchers_count": 4, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 3, + "watchers": 4, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-2961.json b/2024/CVE-2024-2961.json index a49ffb4aab..4299beec6f 100644 --- a/2024/CVE-2024-2961.json +++ b/2024/CVE-2024-2961.json @@ -81,13 +81,13 @@ "stargazers_count": 427, "watchers_count": 427, "has_discussions": false, - "forks_count": 53, + "forks_count": 54, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 53, + "forks": 54, "watchers": 427, "score": 0, "subscribers_count": 8 diff --git a/2024/CVE-2024-33297.json b/2024/CVE-2024-33297.json new file mode 100644 index 0000000000..d5b119c592 --- /dev/null +++ b/2024/CVE-2024-33297.json @@ -0,0 +1,33 @@ +[ + { + "id": 914929938, + "name": "CVE-2024-33297", + "full_name": "MathSabo\/CVE-2024-33297", + "owner": { + "login": "MathSabo", + "id": 110696037, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110696037?v=4", + "html_url": "https:\/\/github.com\/MathSabo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MathSabo\/CVE-2024-33297", + "description": "Stored Cross Site Scripting vulnerability in Microweber < 2.0.9", + "fork": false, + "created_at": "2025-01-10T15:48:20Z", + "updated_at": "2025-01-10T16:15:22Z", + "pushed_at": "2025-01-10T16:15:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33298.json b/2024/CVE-2024-33298.json new file mode 100644 index 0000000000..8fb6be49cd --- /dev/null +++ b/2024/CVE-2024-33298.json @@ -0,0 +1,33 @@ +[ + { + "id": 914938551, + "name": "CVE-2024-33298", + "full_name": "MathSabo\/CVE-2024-33298", + "owner": { + "login": "MathSabo", + "id": 110696037, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110696037?v=4", + "html_url": "https:\/\/github.com\/MathSabo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MathSabo\/CVE-2024-33298", + "description": "Stored Cross Site Scripting vulnerability in Microweber < 2.0.9", + "fork": false, + "created_at": "2025-01-10T16:08:42Z", + "updated_at": "2025-01-10T16:15:14Z", + "pushed_at": "2025-01-10T16:15:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33299.json b/2024/CVE-2024-33299.json new file mode 100644 index 0000000000..dcc2a086f8 --- /dev/null +++ b/2024/CVE-2024-33299.json @@ -0,0 +1,33 @@ +[ + { + "id": 914941872, + "name": "CVE-2024-33299", + "full_name": "MathSabo\/CVE-2024-33299", + "owner": { + "login": "MathSabo", + "id": 110696037, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110696037?v=4", + "html_url": "https:\/\/github.com\/MathSabo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MathSabo\/CVE-2024-33299", + "description": "Stored Cross Site Scripting vulnerability in Microweber < 2.0.9", + "fork": false, + "created_at": "2025-01-10T16:16:39Z", + "updated_at": "2025-01-10T16:19:33Z", + "pushed_at": "2025-01-10T16:19:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34102.json b/2024/CVE-2024-34102.json index 82d14e845b..0870278ff1 100644 --- a/2024/CVE-2024-34102.json +++ b/2024/CVE-2024-34102.json @@ -81,13 +81,13 @@ "stargazers_count": 29, "watchers_count": 29, "has_discussions": false, - "forks_count": 9, + "forks_count": 10, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 9, + "forks": 10, "watchers": 29, "score": 0, "subscribers_count": 2 @@ -143,13 +143,13 @@ "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, - "forks_count": 0, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 0, + "forks": 1, "watchers": 0, "score": 0, "subscribers_count": 1 diff --git a/2024/CVE-2024-36840.json b/2024/CVE-2024-36840.json new file mode 100644 index 0000000000..53e8c380ff --- /dev/null +++ b/2024/CVE-2024-36840.json @@ -0,0 +1,42 @@ +[ + { + "id": 914938311, + "name": "CVE-2024-36840-Exploit", + "full_name": "theexploiters\/CVE-2024-36840-Exploit", + "owner": { + "login": "theexploiters", + "id": 185040501, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/185040501?v=4", + "html_url": "https:\/\/github.com\/theexploiters", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/theexploiters\/CVE-2024-36840-Exploit", + "description": "Exploit For: CVE-2024-36840: SQL Injection Vulnerability in Boelter Blue System Management (Version 1.3)", + "fork": false, + "created_at": "2025-01-10T16:08:07Z", + "updated_at": "2025-01-10T17:15:12Z", + "pushed_at": "2025-01-10T16:12:31Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "boelter-blue-system", + "boelter-blue-system-exploit", + "cve-2024-36840", + "cve-2024-36840-exploit", + "cve-exploit", + "cve-exploits", + "exploit", + "google-dorking" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42327.json b/2024/CVE-2024-42327.json index 840104d4f5..48b88c438a 100644 --- a/2024/CVE-2024-42327.json +++ b/2024/CVE-2024-42327.json @@ -200,10 +200,10 @@ "description": "Zabbix CVE-2024-42327 PoC", "fork": false, "created_at": "2025-01-01T18:25:44Z", - "updated_at": "2025-01-08T08:05:10Z", + "updated_at": "2025-01-10T14:41:19Z", "pushed_at": "2025-01-03T13:49:03Z", - "stargazers_count": 34, - "watchers_count": 34, + "stargazers_count": 35, + "watchers_count": 35, "has_discussions": false, "forks_count": 4, "allow_forking": true, @@ -212,7 +212,7 @@ "topics": [], "visibility": "public", "forks": 4, - "watchers": 34, + "watchers": 35, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-49113.json b/2024/CVE-2024-49113.json index 1594ac2e46..cf6d31e6d3 100644 --- a/2024/CVE-2024-49113.json +++ b/2024/CVE-2024-49113.json @@ -14,19 +14,19 @@ "description": "LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113", "fork": false, "created_at": "2025-01-01T15:48:38Z", - "updated_at": "2025-01-10T11:23:02Z", + "updated_at": "2025-01-10T18:26:02Z", "pushed_at": "2025-01-02T16:07:23Z", - "stargazers_count": 420, - "watchers_count": 420, + "stargazers_count": 424, + "watchers_count": 424, "has_discussions": false, - "forks_count": 100, + "forks_count": 101, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 100, - "watchers": 420, + "forks": 101, + "watchers": 424, "score": 0, "subscribers_count": 3 }, @@ -45,10 +45,10 @@ "description": null, "fork": false, "created_at": "2025-01-03T07:05:33Z", - "updated_at": "2025-01-07T15:44:47Z", + "updated_at": "2025-01-10T16:40:53Z", "pushed_at": "2025-01-03T08:20:03Z", - "stargazers_count": 6, - "watchers_count": 6, + "stargazers_count": 7, + "watchers_count": 7, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -57,7 +57,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 6, + "watchers": 7, "score": 0, "subscribers_count": 1 }, @@ -76,10 +76,10 @@ "description": "Hi, This is to check targets vulnerable for CVE-2024-49113 in bulk, faster.", "fork": false, "created_at": "2025-01-06T11:59:02Z", - "updated_at": "2025-01-06T12:04:05Z", + "updated_at": "2025-01-10T16:41:30Z", "pushed_at": "2025-01-06T12:04:02Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -88,7 +88,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-50603.json b/2024/CVE-2024-50603.json index ff15b76298..bc04f10042 100644 --- a/2024/CVE-2024-50603.json +++ b/2024/CVE-2024-50603.json @@ -14,19 +14,19 @@ "description": "CVE-2024-50603-nuclei-poc", "fork": false, "created_at": "2025-01-08T12:00:38Z", - "updated_at": "2025-01-10T11:57:46Z", + "updated_at": "2025-01-10T12:45:07Z", "pushed_at": "2025-01-08T12:08:46Z", - "stargazers_count": 1, - "watchers_count": 1, + "stargazers_count": 2, + "watchers_count": 2, "has_discussions": false, - "forks_count": 0, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 0, - "watchers": 1, + "forks": 1, + "watchers": 2, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-53677.json b/2024/CVE-2024-53677.json index 6b820d2d6a..38cb5c2d13 100644 --- a/2024/CVE-2024-53677.json +++ b/2024/CVE-2024-53677.json @@ -267,7 +267,7 @@ "stargazers_count": 4, "watchers_count": 4, "has_discussions": false, - "forks_count": 1, + "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -281,7 +281,7 @@ "vulnerability" ], "visibility": "public", - "forks": 1, + "forks": 0, "watchers": 4, "score": 0, "subscribers_count": 1 @@ -347,5 +347,36 @@ "watchers": 0, "score": 0, "subscribers_count": 1 + }, + { + "id": 914978081, + "name": "CVE-2024-53677", + "full_name": "SeanRickerd\/CVE-2024-53677", + "owner": { + "login": "SeanRickerd", + "id": 5073531, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5073531?v=4", + "html_url": "https:\/\/github.com\/SeanRickerd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SeanRickerd\/CVE-2024-53677", + "description": "Vulnerable Environment and Exploit for CVE-2024-53677", + "fork": false, + "created_at": "2025-01-10T17:47:24Z", + "updated_at": "2025-01-10T18:09:53Z", + "pushed_at": "2025-01-10T18:05:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2024/CVE-2024-54379.json b/2024/CVE-2024-54379.json new file mode 100644 index 0000000000..ded22ff016 --- /dev/null +++ b/2024/CVE-2024-54379.json @@ -0,0 +1,33 @@ +[ + { + "id": 905860280, + "name": "CVE-2024-54379", + "full_name": "RandomRobbieBF\/CVE-2024-54379", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-54379", + "description": "Minterpress <= 1.0.5 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update", + "fork": false, + "created_at": "2024-12-19T17:04:01Z", + "updated_at": "2025-01-10T13:57:11Z", + "pushed_at": "2024-12-19T17:04:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-54498.json b/2024/CVE-2024-54498.json index 95d1236d28..15088097ac 100644 --- a/2024/CVE-2024-54498.json +++ b/2024/CVE-2024-54498.json @@ -14,10 +14,10 @@ "description": "Escape macOS Sandbox using sharedfilelistd exploit", "fork": false, "created_at": "2025-01-08T09:55:44Z", - "updated_at": "2025-01-10T09:11:05Z", + "updated_at": "2025-01-10T15:55:38Z", "pushed_at": "2025-01-09T06:34:50Z", - "stargazers_count": 22, - "watchers_count": 22, + "stargazers_count": 24, + "watchers_count": 24, "has_discussions": false, "forks_count": 4, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 4, - "watchers": 22, + "watchers": 24, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-57487.json b/2024/CVE-2024-57487.json new file mode 100644 index 0000000000..61c459f65b --- /dev/null +++ b/2024/CVE-2024-57487.json @@ -0,0 +1,33 @@ +[ + { + "id": 914937603, + "name": "CVE-2024-57487-and-CVE-2024-57488", + "full_name": "aaryan-11-x\/CVE-2024-57487-and-CVE-2024-57488", + "owner": { + "login": "aaryan-11-x", + "id": 102362952, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102362952?v=4", + "html_url": "https:\/\/github.com\/aaryan-11-x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aaryan-11-x\/CVE-2024-57487-and-CVE-2024-57488", + "description": "POC of CVE-2024-57487 & CVE-2024-57488", + "fork": false, + "created_at": "2025-01-10T16:06:23Z", + "updated_at": "2025-01-10T17:16:29Z", + "pushed_at": "2025-01-10T17:16:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6387.json b/2024/CVE-2024-6387.json index 67c185f50d..1982076865 100644 --- a/2024/CVE-2024-6387.json +++ b/2024/CVE-2024-6387.json @@ -19,13 +19,13 @@ "stargazers_count": 473, "watchers_count": 473, "has_discussions": false, - "forks_count": 182, + "forks_count": 183, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 182, + "forks": 183, "watchers": 473, "score": 0, "subscribers_count": 5 diff --git a/README.md b/README.md index 896e0f7398..eec8afd764 100644 --- a/README.md +++ b/README.md @@ -2521,6 +2521,13 @@ ### CVE-2024-12345 - [RoyaRadin/CVE-2024-12345-POC](https://github.com/RoyaRadin/CVE-2024-12345-POC) +### CVE-2024-12471 (2025-01-07) + +The Post Saint: ChatGPT, GPT4, DALL-E, Stable Diffusion, Pexels, Dezgo AI Text & Image Generator plugin for WordPress is vulnerable to arbitrary files uploads due to a missing capability check and file type validation on the add_image_to_library AJAX action function in all versions up to, and including, 1.3.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload arbitrary files that make remote code execution possible. + + +- [RandomRobbieBF/CVE-2024-12471](https://github.com/RandomRobbieBF/CVE-2024-12471) + ### CVE-2024-12484 (2024-12-11) In Codezips Technical Discussion Forum 1.0 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Das betrifft eine unbekannte Funktionalität der Datei /signuppost.php. Durch das Manipulieren des Arguments Username mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung. @@ -2535,6 +2542,20 @@ - [RandomRobbieBF/CVE-2024-12542](https://github.com/RandomRobbieBF/CVE-2024-12542) +### CVE-2024-12558 (2024-12-21) + +The WP BASE Booking of Appointments, Services and Events plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_db function in all versions up to, and including, 4.9.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to expose sensitive information from the database, such as the hashed administrator password. + + +- [RandomRobbieBF/CVE-2024-12558](https://github.com/RandomRobbieBF/CVE-2024-12558) + +### CVE-2024-12594 (2024-12-24) + +The Custom Login Page Styler – Login Protected Private Site , Change wp-admin login url , WordPress login logo , Temporary admin login access , Rename login , Login customizer, Hide wp-login – Limit Login Attempts – Locked Site plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the 'lps_generate_temp_access_url' AJAX action in all versions up to, and including, 7.1.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to login as other users such as subscribers. + + +- [RandomRobbieBF/CVE-2024-12594](https://github.com/RandomRobbieBF/CVE-2024-12594) + ### CVE-2024-12849 (2025-01-07) The Error Log Viewer By WP Guru plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.0.1.3 via the wp_ajax_nopriv_elvwp_log_download AJAX action. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information. @@ -5120,6 +5141,15 @@ - [fdzdev/CVE-2024-33231](https://github.com/fdzdev/CVE-2024-33231) +### CVE-2024-33297 +- [MathSabo/CVE-2024-33297](https://github.com/MathSabo/CVE-2024-33297) + +### CVE-2024-33298 +- [MathSabo/CVE-2024-33298](https://github.com/MathSabo/CVE-2024-33298) + +### CVE-2024-33299 +- [MathSabo/CVE-2024-33299](https://github.com/MathSabo/CVE-2024-33299) + ### CVE-2024-33352 - [mmiszczyk/CVE-2024-33352](https://github.com/mmiszczyk/CVE-2024-33352) @@ -5607,6 +5637,13 @@ - [phtcloud-dev/CVE-2024-36837](https://github.com/phtcloud-dev/CVE-2024-36837) - [lhc321-source/CVE-2024-36837](https://github.com/lhc321-source/CVE-2024-36837) +### CVE-2024-36840 (2024-06-12) + +SQL Injection vulnerability in Boelter Blue System Management v.1.3 allows a remote attacker to execute arbitrary code and obtain sensitive information via the id parameter to news_details.php and location_details.php; and the section parameter to services.php. + + +- [theexploiters/CVE-2024-36840-Exploit](https://github.com/theexploiters/CVE-2024-36840-Exploit) + ### CVE-2024-36842 - [abbiy/CVE-2024-36842-Backdooring-Oncord-Android-Sterio-](https://github.com/abbiy/CVE-2024-36842-Backdooring-Oncord-Android-Sterio-) @@ -7923,6 +7960,7 @@ - [EQSTLab/CVE-2024-53677](https://github.com/EQSTLab/CVE-2024-53677) - [0xPThree/struts_cve-2024-53677](https://github.com/0xPThree/struts_cve-2024-53677) - [punitdarji/Apache-struts-cve-2024-53677](https://github.com/punitdarji/Apache-struts-cve-2024-53677) +- [SeanRickerd/CVE-2024-53677](https://github.com/SeanRickerd/CVE-2024-53677) ### CVE-2024-54152 (2024-12-10) @@ -7973,6 +8011,13 @@ - [RandomRobbieBF/CVE-2024-54378](https://github.com/RandomRobbieBF/CVE-2024-54378) +### CVE-2024-54379 (2024-12-16) + +Missing Authorization vulnerability in Blokhaus Minterpress allows Privilege Escalation.This issue affects Minterpress: from n/a through 1.0.5. + + +- [RandomRobbieBF/CVE-2024-54379](https://github.com/RandomRobbieBF/CVE-2024-54379) + ### CVE-2024-54385 (2024-12-16) Server-Side Request Forgery (SSRF) vulnerability in SoftLab Radio Player allows Server Side Request Forgery.This issue affects Radio Player: from n/a through 2.0.82. @@ -8159,6 +8204,9 @@ - [absholi7ly/CVE-2024-56512-Apache-NiFi-Exploit](https://github.com/absholi7ly/CVE-2024-56512-Apache-NiFi-Exploit) +### CVE-2024-57487 +- [aaryan-11-x/CVE-2024-57487-and-CVE-2024-57488](https://github.com/aaryan-11-x/CVE-2024-57487-and-CVE-2024-57488) + ### CVE-2024-1642470 - [Symbolexe/CVE-2024-1642470](https://github.com/Symbolexe/CVE-2024-1642470) @@ -14341,7 +14389,6 @@ - [Diegomjx/CVE-2023-41425-WonderCMS-Authenticated-RCE](https://github.com/Diegomjx/CVE-2023-41425-WonderCMS-Authenticated-RCE) - [0x0d3ad/CVE-2023-41425](https://github.com/0x0d3ad/CVE-2023-41425) - [xpltive/CVE-2023-41425](https://github.com/xpltive/CVE-2023-41425) -- [samu21req/CVE-2023-41425](https://github.com/samu21req/CVE-2023-41425) ### CVE-2023-41436 (2023-09-15) @@ -25189,6 +25236,7 @@ - [n2x4/Feb2023-CVE-2021-21974-OSINT](https://github.com/n2x4/Feb2023-CVE-2021-21974-OSINT) - [CYBERTHREATANALYSIS/ESXi-Ransomware-Scanner-mi](https://github.com/CYBERTHREATANALYSIS/ESXi-Ransomware-Scanner-mi) - [hateme021202/cve-2021-21974](https://github.com/hateme021202/cve-2021-21974) +- [mercylessghost/CVE-2021-21974](https://github.com/mercylessghost/CVE-2021-21974) ### CVE-2021-21975 (2021-03-31) @@ -30034,7 +30082,6 @@ - [plsanu/Vehicle-Service-Management-System-Service-Requests-Stored-Cross-Site-Scripting-XSS](https://github.com/plsanu/Vehicle-Service-Management-System-Service-Requests-Stored-Cross-Site-Scripting-XSS) -- [plsanu/CVE-2021-46070](https://github.com/plsanu/CVE-2021-46070) ### CVE-2021-46071 (2022-01-06) @@ -44779,7 +44826,7 @@ - [n18dcat053-luuvannga/DetectPacket-CVE-2017-11882](https://github.com/n18dcat053-luuvannga/DetectPacket-CVE-2017-11882) - [nhuynhuy/cve-2017-11882](https://github.com/nhuynhuy/cve-2017-11882) - [jadeapar/Dragonfish-s-Malware-Cyber-Analysis](https://github.com/jadeapar/Dragonfish-s-Malware-Cyber-Analysis) -- [yaseenibnakhtar/Malware-Analysis-CVE-2017-11882](https://github.com/yaseenibnakhtar/Malware-Analysis-CVE-2017-11882) +- [yaseenibnakhtar/001-Malware-Analysis-CVE-2017-11882](https://github.com/yaseenibnakhtar/001-Malware-Analysis-CVE-2017-11882) ### CVE-2017-11907 (2017-12-12)