From 374856192f2db4040dd5b20abcc1a3f2f40ecddb Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Sun, 1 May 2022 09:16:17 +0900 Subject: [PATCH] Auto Update 2022/05/01 00:16:17 --- 2016/CVE-2016-2107.json | 8 +- 2017/CVE-2017-0143.json | 4 +- 2017/CVE-2017-8917.json | 4 +- 2018/CVE-2018-0952.json | 29 ++++ 2018/CVE-2018-10949.json | 29 ++++ 2018/CVE-2018-11776.json | 292 +++++++++++++++++++++++++++++++++++++++ 2018/CVE-2018-1207.json | 8 +- 2018/CVE-2018-12463.json | 29 ++++ 2018/CVE-2018-13784.json | 29 ++++ 2018/CVE-2018-14.json | 29 ++++ 2018/CVE-2018-14083.json | 29 ++++ 2018/CVE-2018-14729.json | 29 ++++ 2018/CVE-2018-15131.json | 29 ++++ 2018/CVE-2018-15499.json | 36 +++++ 2018/CVE-2018-15727.json | 27 ++++ 2018/CVE-2018-15912.json | 29 ++++ 2018/CVE-2018-16370.json | 29 ++++ 2018/CVE-2018-16373.json | 29 ++++ 2018/CVE-2018-2628.json | 54 ++++++++ 2018/CVE-2018-2844.json | 29 ++++ 2018/CVE-2018-2893.json | 108 +++++++++++++++ 2018/CVE-2018-2894.json | 54 ++++++++ 2018/CVE-2018-4121.json | 27 ++++ 2018/CVE-2018-4233.json | 29 ++++ 2018/CVE-2018-5740.json | 29 ++++ 2018/CVE-2018-6389.json | 33 +++++ 2018/CVE-2018-6643.json | 29 ++++ 2018/CVE-2018-7600.json | 27 ++++ 2018/CVE-2018-7602.json | 27 ++++ 2018/CVE-2018-8090.json | 32 +++++ 2018/CVE-2018-8120.json | 54 ++++++++ 2018/CVE-2018-8172.json | 29 ++++ 2018/CVE-2018-8174.json | 54 ++++++++ 2018/CVE-2018-8208.json | 29 ++++ 2018/CVE-2018-8897.json | 27 ++++ 2018/CVE-2018-9948.json | 27 ++++ 2020/CVE-2020-1472.json | 32 ++--- 2020/CVE-2020-16152.json | 4 +- 2020/CVE-2020-3187.json | 4 +- 2021/CVE-2021-22204.json | 2 +- 2021/CVE-2021-3156.json | 6 +- 2021/CVE-2021-4034.json | 16 +-- 2021/CVE-2021-44228.json | 12 +- 2022/CVE-2022-1077.json | 29 ++++ 2022/CVE-2022-21449.json | 2 +- 2022/CVE-2022-22965.json | 12 +- 2022/CVE-2022-29072.json | 8 +- 2022/CVE-2022-29464.json | 8 +- README.md | 184 ++++++++++++++++++++++++ 49 files changed, 1650 insertions(+), 65 deletions(-) create mode 100644 2018/CVE-2018-0952.json create mode 100644 2018/CVE-2018-10949.json create mode 100644 2018/CVE-2018-12463.json create mode 100644 2018/CVE-2018-13784.json create mode 100644 2018/CVE-2018-14.json create mode 100644 2018/CVE-2018-14083.json create mode 100644 2018/CVE-2018-14729.json create mode 100644 2018/CVE-2018-15131.json create mode 100644 2018/CVE-2018-15499.json create mode 100644 2018/CVE-2018-15912.json create mode 100644 2018/CVE-2018-16370.json create mode 100644 2018/CVE-2018-16373.json create mode 100644 2018/CVE-2018-2844.json create mode 100644 2018/CVE-2018-4233.json create mode 100644 2018/CVE-2018-5740.json create mode 100644 2018/CVE-2018-6643.json create mode 100644 2018/CVE-2018-8090.json create mode 100644 2018/CVE-2018-8172.json create mode 100644 2018/CVE-2018-8208.json create mode 100644 2022/CVE-2022-1077.json diff --git a/2016/CVE-2016-2107.json b/2016/CVE-2016-2107.json index ac59900c92..58d63ee51a 100644 --- a/2016/CVE-2016-2107.json +++ b/2016/CVE-2016-2107.json @@ -13,17 +13,17 @@ "description": "Simple test for the May 2016 OpenSSL padding oracle (CVE-2016-2107)", "fork": false, "created_at": "2016-05-03T16:47:32Z", - "updated_at": "2022-04-15T12:28:41Z", + "updated_at": "2022-04-30T18:37:48Z", "pushed_at": "2019-03-10T02:18:00Z", - "stargazers_count": 177, - "watchers_count": 177, + "stargazers_count": 178, + "watchers_count": 178, "forks_count": 59, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 59, - "watchers": 177, + "watchers": 178, "score": 0 }, { diff --git a/2017/CVE-2017-0143.json b/2017/CVE-2017-0143.json index 3149cc3e61..0a2f258670 100644 --- a/2017/CVE-2017-0143.json +++ b/2017/CVE-2017-0143.json @@ -71,12 +71,12 @@ "pushed_at": "2022-04-23T17:30:03Z", "stargazers_count": 6, "watchers_count": 6, - "forks_count": 2, + "forks_count": 3, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 2, + "forks": 3, "watchers": 6, "score": 0 } diff --git a/2017/CVE-2017-8917.json b/2017/CVE-2017-8917.json index 0b376b210a..8b91c2fbd5 100644 --- a/2017/CVE-2017-8917.json +++ b/2017/CVE-2017-8917.json @@ -44,12 +44,12 @@ "pushed_at": "2022-03-07T20:04:08Z", "stargazers_count": 29, "watchers_count": 29, - "forks_count": 18, + "forks_count": 19, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 18, + "forks": 19, "watchers": 29, "score": 0 }, diff --git a/2018/CVE-2018-0952.json b/2018/CVE-2018-0952.json new file mode 100644 index 0000000000..a1c9ee787e --- /dev/null +++ b/2018/CVE-2018-0952.json @@ -0,0 +1,29 @@ +[ + { + "id": 145615979, + "name": "CVE-2018-0952-SystemCollector", + "full_name": "atredispartners\/CVE-2018-0952-SystemCollector", + "owner": { + "login": "atredispartners", + "id": 7254370, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7254370?v=4", + "html_url": "https:\/\/github.com\/atredispartners" + }, + "html_url": "https:\/\/github.com\/atredispartners\/CVE-2018-0952-SystemCollector", + "description": "PoC for Privilege Escalation in Windows 10 Diagnostics Hub Standard Collector Service", + "fork": false, + "created_at": "2018-08-21T20:29:10Z", + "updated_at": "2022-03-16T12:49:42Z", + "pushed_at": "2018-08-21T20:30:24Z", + "stargazers_count": 108, + "watchers_count": 108, + "forks_count": 36, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 36, + "watchers": 108, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-10949.json b/2018/CVE-2018-10949.json new file mode 100644 index 0000000000..1a845065dd --- /dev/null +++ b/2018/CVE-2018-10949.json @@ -0,0 +1,29 @@ +[ + { + "id": 147528239, + "name": "CVE-2018-10949", + "full_name": "0x00-0x00\/CVE-2018-10949", + "owner": { + "login": "0x00-0x00", + "id": 23364530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23364530?v=4", + "html_url": "https:\/\/github.com\/0x00-0x00" + }, + "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2018-10949", + "description": "Zimbra Collaboration Suite Username Enumeration ", + "fork": false, + "created_at": "2018-09-05T14:09:13Z", + "updated_at": "2020-10-20T18:45:33Z", + "pushed_at": "2018-09-05T14:10:09Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-11776.json b/2018/CVE-2018-11776.json index be1ef8fa75..84c9795810 100644 --- a/2018/CVE-2018-11776.json +++ b/2018/CVE-2018-11776.json @@ -1,4 +1,31 @@ [ + { + "id": 145897861, + "name": "CVE-2018-11776", + "full_name": "trbpnd\/CVE-2018-11776", + "owner": { + "login": "trbpnd", + "id": 39193403, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39193403?v=4", + "html_url": "https:\/\/github.com\/trbpnd" + }, + "html_url": "https:\/\/github.com\/trbpnd\/CVE-2018-11776", + "description": "Docker image for a vulnerable struts app", + "fork": false, + "created_at": "2018-08-23T19:25:26Z", + "updated_at": "2018-08-23T19:28:53Z", + "pushed_at": "2018-08-23T19:28:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 145901668, "name": "CVE-2018-11776", @@ -31,6 +58,163 @@ "watchers": 14, "score": 0 }, + { + "id": 145935231, + "name": "CVE-2018-11776", + "full_name": "jiguangrst\/CVE-2018-11776", + "owner": { + "login": "jiguangrst", + "id": 22545712, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22545712?v=4", + "html_url": "https:\/\/github.com\/jiguangrst" + }, + "html_url": "https:\/\/github.com\/jiguangrst\/CVE-2018-11776", + "description": "CVE-2018-11776(S2-057) EXPLOIT CODE", + "fork": false, + "created_at": "2018-08-24T03:01:29Z", + "updated_at": "2020-12-29T15:23:34Z", + "pushed_at": "2018-08-24T03:27:02Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "topics": [ + "cve", + "cve-2018-11776", + "python3", + "struts2" + ], + "visibility": "public", + "forks": 5, + "watchers": 10, + "score": 0 + }, + { + "id": 145985371, + "name": "CVE-2018-11776-Python-PoC", + "full_name": "hook-s3c\/CVE-2018-11776-Python-PoC", + "owner": { + "login": "hook-s3c", + "id": 31825993, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31825993?v=4", + "html_url": "https:\/\/github.com\/hook-s3c" + }, + "html_url": "https:\/\/github.com\/hook-s3c\/CVE-2018-11776-Python-PoC", + "description": "Working Python test and PoC for CVE-2018-11776, includes Docker lab", + "fork": false, + "created_at": "2018-08-24T11:53:02Z", + "updated_at": "2022-03-07T23:00:55Z", + "pushed_at": "2018-08-25T02:14:49Z", + "stargazers_count": 124, + "watchers_count": 124, + "forks_count": 51, + "allow_forking": true, + "is_template": false, + "topics": [ + "cve-2018-11776", + "exploit", + "java", + "poc", + "struts2" + ], + "visibility": "public", + "forks": 51, + "watchers": 124, + "score": 0 + }, + { + "id": 146056002, + "name": "struts-pwn_CVE-2018-11776", + "full_name": "mazen160\/struts-pwn_CVE-2018-11776", + "owner": { + "login": "mazen160", + "id": 8996052, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8996052?v=4", + "html_url": "https:\/\/github.com\/mazen160" + }, + "html_url": "https:\/\/github.com\/mazen160\/struts-pwn_CVE-2018-11776", + "description": " An exploit for Apache Struts CVE-2018-11776", + "fork": false, + "created_at": "2018-08-25T01:53:30Z", + "updated_at": "2022-02-13T16:30:34Z", + "pushed_at": "2018-08-26T02:31:39Z", + "stargazers_count": 302, + "watchers_count": 302, + "forks_count": 102, + "allow_forking": true, + "is_template": false, + "topics": [ + "apache", + "cve-2018-11776", + "exploit", + "st2-057", + "struts", + "struts-pwn" + ], + "visibility": "public", + "forks": 102, + "watchers": 302, + "score": 0 + }, + { + "id": 146060181, + "name": "CVE-2018-11776", + "full_name": "bhdresh\/CVE-2018-11776", + "owner": { + "login": "bhdresh", + "id": 8931885, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8931885?v=4", + "html_url": "https:\/\/github.com\/bhdresh" + }, + "html_url": "https:\/\/github.com\/bhdresh\/CVE-2018-11776", + "description": "Vulnerable docker container for CVE-2018-11776", + "fork": false, + "created_at": "2018-08-25T03:06:30Z", + "updated_at": "2021-08-02T14:42:23Z", + "pushed_at": "2018-08-25T04:53:35Z", + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "topics": [ + "cve-2018-11776", + "docker", + "vulnerable" + ], + "visibility": "public", + "forks": 6, + "watchers": 10, + "score": 0 + }, + { + "id": 146094544, + "name": "CVE-2018-11776", + "full_name": "knqyf263\/CVE-2018-11776", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2018-11776", + "description": "Environment for CVE-2018-11776 \/ S2-057 (Apache Struts 2)", + "fork": false, + "created_at": "2018-08-25T12:45:15Z", + "updated_at": "2021-01-19T03:50:38Z", + "pushed_at": "2018-08-25T14:20:46Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0 + }, { "id": 146330536, "name": "Strutter", @@ -58,6 +242,114 @@ "watchers": 22, "score": 0 }, + { + "id": 146373342, + "name": "cve-2018-11776-docker", + "full_name": "tuxotron\/cve-2018-11776-docker", + "owner": { + "login": "tuxotron", + "id": 937637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/937637?v=4", + "html_url": "https:\/\/github.com\/tuxotron" + }, + "html_url": "https:\/\/github.com\/tuxotron\/cve-2018-11776-docker", + "description": null, + "fork": false, + "created_at": "2018-08-28T01:14:52Z", + "updated_at": "2019-09-24T14:38:18Z", + "pushed_at": "2018-08-29T17:58:27Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0 + }, + { + "id": 146519519, + "name": "S2-057-CVE-2018-11776", + "full_name": "brianwrf\/S2-057-CVE-2018-11776", + "owner": { + "login": "brianwrf", + "id": 8141813, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8141813?v=4", + "html_url": "https:\/\/github.com\/brianwrf" + }, + "html_url": "https:\/\/github.com\/brianwrf\/S2-057-CVE-2018-11776", + "description": "A simple exploit for Apache Struts RCE S2-057 (CVE-2018-11776)", + "fork": false, + "created_at": "2018-08-28T23:48:14Z", + "updated_at": "2018-12-23T03:47:07Z", + "pushed_at": "2018-08-29T00:03:56Z", + "stargazers_count": 15, + "watchers_count": 15, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 15, + "score": 0 + }, + { + "id": 146650579, + "name": "Apache-Struts-Shodan-Exploit", + "full_name": "649\/Apache-Struts-Shodan-Exploit", + "owner": { + "login": "649", + "id": 23534047, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23534047?v=4", + "html_url": "https:\/\/github.com\/649" + }, + "html_url": "https:\/\/github.com\/649\/Apache-Struts-Shodan-Exploit", + "description": "This tool takes advantage of CVE-2018-11776 and Shodan to perform mass exploitation of verified and vulnerable Apache Struts servers.", + "fork": false, + "created_at": "2018-08-29T19:50:26Z", + "updated_at": "2022-01-09T21:15:03Z", + "pushed_at": "2018-08-30T00:16:01Z", + "stargazers_count": 55, + "watchers_count": 55, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 55, + "score": 0 + }, + { + "id": 147746262, + "name": "CVE-2018-11776-Python-PoC", + "full_name": "jezzus\/CVE-2018-11776-Python-PoC", + "owner": { + "login": "jezzus", + "id": 9899999, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9899999?v=4", + "html_url": "https:\/\/github.com\/jezzus" + }, + "html_url": "https:\/\/github.com\/jezzus\/CVE-2018-11776-Python-PoC", + "description": null, + "fork": false, + "created_at": "2018-09-06T23:49:20Z", + "updated_at": "2018-09-06T23:49:20Z", + "pushed_at": "2018-09-06T23:49:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 164352202, "name": "cve-2018-11776", diff --git a/2018/CVE-2018-1207.json b/2018/CVE-2018-1207.json index 011b6cec25..f61267c505 100644 --- a/2018/CVE-2018-1207.json +++ b/2018/CVE-2018-1207.json @@ -13,17 +13,17 @@ "description": "Exploit iDRAC 7 & 8 firmware < 2.52.52.52", "fork": false, "created_at": "2021-12-09T23:47:22Z", - "updated_at": "2022-02-16T03:28:53Z", + "updated_at": "2022-04-30T20:10:35Z", "pushed_at": "2021-12-10T01:43:29Z", - "stargazers_count": 2, - "watchers_count": 2, + "stargazers_count": 3, + "watchers_count": 3, "forks_count": 1, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 1, - "watchers": 2, + "watchers": 3, "score": 0 } ] \ No newline at end of file diff --git a/2018/CVE-2018-12463.json b/2018/CVE-2018-12463.json new file mode 100644 index 0000000000..e4d5ca4f4c --- /dev/null +++ b/2018/CVE-2018-12463.json @@ -0,0 +1,29 @@ +[ + { + "id": 140411928, + "name": "CVE-2018-12463", + "full_name": "alt3kx\/CVE-2018-12463", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2018-12463", + "description": "XML external entity (XXE) vulnerability in \/ssc\/fm-ws\/services in Fortify Software Security Center (SSC) 17.10, 17.20 & 18.10 (0day CVE-2018-12463)", + "fork": false, + "created_at": "2018-07-10T09:51:40Z", + "updated_at": "2021-10-08T04:36:54Z", + "pushed_at": "2022-04-07T19:09:31Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-13784.json b/2018/CVE-2018-13784.json new file mode 100644 index 0000000000..f656e697cc --- /dev/null +++ b/2018/CVE-2018-13784.json @@ -0,0 +1,29 @@ +[ + { + "id": 141165293, + "name": "prestashop-exploits", + "full_name": "ambionics\/prestashop-exploits", + "owner": { + "login": "ambionics", + "id": 29630660, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29630660?v=4", + "html_url": "https:\/\/github.com\/ambionics" + }, + "html_url": "https:\/\/github.com\/ambionics\/prestashop-exploits", + "description": "Collection of exploits\/POC for PrestaShop cookie vulnerabilities (CVE-2018-13784)", + "fork": false, + "created_at": "2018-07-16T16:33:41Z", + "updated_at": "2022-04-24T06:58:51Z", + "pushed_at": "2018-07-17T09:02:34Z", + "stargazers_count": 50, + "watchers_count": 50, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 50, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-14.json b/2018/CVE-2018-14.json new file mode 100644 index 0000000000..d9aed22f09 --- /dev/null +++ b/2018/CVE-2018-14.json @@ -0,0 +1,29 @@ +[ + { + "id": 144012223, + "name": "legacySymfony", + "full_name": "lckJack\/legacySymfony", + "owner": { + "login": "lckJack", + "id": 38405856, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38405856?v=4", + "html_url": "https:\/\/github.com\/lckJack" + }, + "html_url": "https:\/\/github.com\/lckJack\/legacySymfony", + "description": "Easy script to check if drupal 8.x-8.5.6 is vulnerable to CVE-2018-14.773", + "fork": false, + "created_at": "2018-08-08T12:42:56Z", + "updated_at": "2018-08-08T17:28:27Z", + "pushed_at": "2018-08-08T12:46:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-14083.json b/2018/CVE-2018-14083.json new file mode 100644 index 0000000000..2be8549ca7 --- /dev/null +++ b/2018/CVE-2018-14083.json @@ -0,0 +1,29 @@ +[ + { + "id": 142094467, + "name": "CVE-2018-14083", + "full_name": "pudding2\/CVE-2018-14083", + "owner": { + "login": "pudding2", + "id": 28480779, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28480779?v=4", + "html_url": "https:\/\/github.com\/pudding2" + }, + "html_url": "https:\/\/github.com\/pudding2\/CVE-2018-14083", + "description": null, + "fork": false, + "created_at": "2018-07-24T02:36:08Z", + "updated_at": "2019-01-14T11:31:59Z", + "pushed_at": "2018-07-24T02:56:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-14729.json b/2018/CVE-2018-14729.json new file mode 100644 index 0000000000..be7a5beee0 --- /dev/null +++ b/2018/CVE-2018-14729.json @@ -0,0 +1,29 @@ +[ + { + "id": 147314445, + "name": "CVE-2018-14729", + "full_name": "c0010\/CVE-2018-14729", + "owner": { + "login": "c0010", + "id": 26903770, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26903770?v=4", + "html_url": "https:\/\/github.com\/c0010" + }, + "html_url": "https:\/\/github.com\/c0010\/CVE-2018-14729", + "description": "Discuz backend getshell", + "fork": false, + "created_at": "2018-09-04T08:37:03Z", + "updated_at": "2022-01-06T04:05:02Z", + "pushed_at": "2018-08-27T12:55:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-15131.json b/2018/CVE-2018-15131.json new file mode 100644 index 0000000000..455954b0fe --- /dev/null +++ b/2018/CVE-2018-15131.json @@ -0,0 +1,29 @@ +[ + { + "id": 147528539, + "name": "CVE-2018-15131", + "full_name": "0x00-0x00\/CVE-2018-15131", + "owner": { + "login": "0x00-0x00", + "id": 23364530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23364530?v=4", + "html_url": "https:\/\/github.com\/0x00-0x00" + }, + "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2018-15131", + "description": "Zimbra Collaboration Suite Username Enumeration ", + "fork": false, + "created_at": "2018-09-05T14:11:16Z", + "updated_at": "2018-10-28T04:05:13Z", + "pushed_at": "2018-09-05T14:11:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-15499.json b/2018/CVE-2018-15499.json new file mode 100644 index 0000000000..d987971656 --- /dev/null +++ b/2018/CVE-2018-15499.json @@ -0,0 +1,36 @@ +[ + { + "id": 145583266, + "name": "CVE-2018-15499", + "full_name": "DownWithUp\/CVE-2018-15499", + "owner": { + "login": "DownWithUp", + "id": 16905064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16905064?v=4", + "html_url": "https:\/\/github.com\/DownWithUp" + }, + "html_url": "https:\/\/github.com\/DownWithUp\/CVE-2018-15499", + "description": "PoC code for CVE-2018-15499 (exploit race condition for BSoD)", + "fork": false, + "created_at": "2018-08-21T15:26:35Z", + "updated_at": "2021-07-20T21:00:37Z", + "pushed_at": "2018-08-23T12:55:23Z", + "stargazers_count": 11, + "watchers_count": 11, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "topics": [ + "bsod", + "cve", + "drivers", + "exploit", + "exploit-development", + "winapi" + ], + "visibility": "public", + "forks": 5, + "watchers": 11, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-15727.json b/2018/CVE-2018-15727.json index 5b0caed2ff..89bf471ceb 100644 --- a/2018/CVE-2018-15727.json +++ b/2018/CVE-2018-15727.json @@ -1,4 +1,31 @@ [ + { + "id": 146628899, + "name": "grafana-CVE-2018-15727", + "full_name": "u238\/grafana-CVE-2018-15727", + "owner": { + "login": "u238", + "id": 2368573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2368573?v=4", + "html_url": "https:\/\/github.com\/u238" + }, + "html_url": "https:\/\/github.com\/u238\/grafana-CVE-2018-15727", + "description": "a small utility to generate a cookie in order to exploit a grafana vulnerability (CVE-2018-15727)", + "fork": false, + "created_at": "2018-08-29T16:35:22Z", + "updated_at": "2022-01-20T10:45:56Z", + "pushed_at": "2018-08-31T20:31:12Z", + "stargazers_count": 22, + "watchers_count": 22, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 22, + "score": 0 + }, { "id": 468758637, "name": "CVE-2018-15727", diff --git a/2018/CVE-2018-15912.json b/2018/CVE-2018-15912.json new file mode 100644 index 0000000000..61699d5d9f --- /dev/null +++ b/2018/CVE-2018-15912.json @@ -0,0 +1,29 @@ +[ + { + "id": 146484081, + "name": "CVE-2018-15912-PoC", + "full_name": "coderobe\/CVE-2018-15912-PoC", + "owner": { + "login": "coderobe", + "id": 8442384, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8442384?v=4", + "html_url": "https:\/\/github.com\/coderobe" + }, + "html_url": "https:\/\/github.com\/coderobe\/CVE-2018-15912-PoC", + "description": null, + "fork": false, + "created_at": "2018-08-28T17:40:52Z", + "updated_at": "2018-08-30T10:59:24Z", + "pushed_at": "2018-08-28T17:54:24Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16370.json b/2018/CVE-2018-16370.json new file mode 100644 index 0000000000..cc4336dcec --- /dev/null +++ b/2018/CVE-2018-16370.json @@ -0,0 +1,29 @@ +[ + { + "id": 147602690, + "name": "CVE-2018-16370", + "full_name": "snappyJack\/CVE-2018-16370", + "owner": { + "login": "snappyJack", + "id": 16055573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16055573?v=4", + "html_url": "https:\/\/github.com\/snappyJack" + }, + "html_url": "https:\/\/github.com\/snappyJack\/CVE-2018-16370", + "description": "In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through \/Public\/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive.", + "fork": false, + "created_at": "2018-09-06T01:52:47Z", + "updated_at": "2018-09-06T02:02:55Z", + "pushed_at": "2018-09-06T02:02:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16373.json b/2018/CVE-2018-16373.json new file mode 100644 index 0000000000..11ced614a6 --- /dev/null +++ b/2018/CVE-2018-16373.json @@ -0,0 +1,29 @@ +[ + { + "id": 147603389, + "name": "CVE-2018-16373", + "full_name": "snappyJack\/CVE-2018-16373", + "owner": { + "login": "snappyJack", + "id": 16055573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16055573?v=4", + "html_url": "https:\/\/github.com\/snappyJack" + }, + "html_url": "https:\/\/github.com\/snappyJack\/CVE-2018-16373", + "description": "Frog CMS 0.9.5 has an Upload > vulnerability that can create files via > \/admin\/?\/plugin\/file_manager\/save", + "fork": false, + "created_at": "2018-09-06T02:00:24Z", + "updated_at": "2018-09-06T02:01:33Z", + "pushed_at": "2018-09-06T02:01:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-2628.json b/2018/CVE-2018-2628.json index ce88f5377b..324e7a1d7c 100644 --- a/2018/CVE-2018-2628.json +++ b/2018/CVE-2018-2628.json @@ -408,6 +408,60 @@ "watchers": 0, "score": 0 }, + { + "id": 139417715, + "name": "CVE-2018-2628", + "full_name": "likescam\/CVE-2018-2628", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/CVE-2018-2628", + "description": null, + "fork": false, + "created_at": "2018-07-02T09:00:34Z", + "updated_at": "2019-05-26T06:58:12Z", + "pushed_at": "2018-07-02T09:00:52Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0 + }, + { + "id": 147341225, + "name": "WebLogic-RCE-exploit", + "full_name": "Nervous\/WebLogic-RCE-exploit", + "owner": { + "login": "Nervous", + "id": 172442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172442?v=4", + "html_url": "https:\/\/github.com\/Nervous" + }, + "html_url": "https:\/\/github.com\/Nervous\/WebLogic-RCE-exploit", + "description": "A remote code execution exploit for WebLogic based on CVE-2018-2628", + "fork": false, + "created_at": "2018-09-04T12:17:21Z", + "updated_at": "2021-08-18T20:03:08Z", + "pushed_at": "2018-09-04T12:21:21Z", + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0 + }, { "id": 155318699, "name": "CVE-2018-2628", diff --git a/2018/CVE-2018-2844.json b/2018/CVE-2018-2844.json new file mode 100644 index 0000000000..edd2ff4d7c --- /dev/null +++ b/2018/CVE-2018-2844.json @@ -0,0 +1,29 @@ +[ + { + "id": 146413224, + "name": "virtualbox-cve-2018-2844", + "full_name": "renorobert\/virtualbox-cve-2018-2844", + "owner": { + "login": "renorobert", + "id": 4233909, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4233909?v=4", + "html_url": "https:\/\/github.com\/renorobert" + }, + "html_url": "https:\/\/github.com\/renorobert\/virtualbox-cve-2018-2844", + "description": null, + "fork": false, + "created_at": "2018-08-28T08:04:19Z", + "updated_at": "2022-03-09T09:19:41Z", + "pushed_at": "2018-08-28T08:06:21Z", + "stargazers_count": 101, + "watchers_count": 101, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 101, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-2893.json b/2018/CVE-2018-2893.json index 888ab9b912..580f40ff50 100644 --- a/2018/CVE-2018-2893.json +++ b/2018/CVE-2018-2893.json @@ -1,4 +1,85 @@ [ + { + "id": 141531715, + "name": "CVE-2018-2893", + "full_name": "sry309\/CVE-2018-2893", + "owner": { + "login": "sry309", + "id": 15671013, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15671013?v=4", + "html_url": "https:\/\/github.com\/sry309" + }, + "html_url": "https:\/\/github.com\/sry309\/CVE-2018-2893", + "description": "CVE-2018-2893", + "fork": false, + "created_at": "2018-07-19T06:06:10Z", + "updated_at": "2022-01-28T05:45:12Z", + "pushed_at": "2018-07-19T05:59:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 43, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 43, + "watchers": 2, + "score": 0 + }, + { + "id": 141534186, + "name": "CVE-2018-2893", + "full_name": "ryanInf\/CVE-2018-2893", + "owner": { + "login": "ryanInf", + "id": 19621374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19621374?v=4", + "html_url": "https:\/\/github.com\/ryanInf" + }, + "html_url": "https:\/\/github.com\/ryanInf\/CVE-2018-2893", + "description": "CVE-2018-2893 PoC", + "fork": false, + "created_at": "2018-07-19T06:28:12Z", + "updated_at": "2021-11-01T06:30:09Z", + "pushed_at": "2018-07-19T06:12:51Z", + "stargazers_count": 29, + "watchers_count": 29, + "forks_count": 37, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 37, + "watchers": 29, + "score": 0 + }, + { + "id": 141678694, + "name": "CVE-2018-2893", + "full_name": "bigsizeme\/CVE-2018-2893", + "owner": { + "login": "bigsizeme", + "id": 17845094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17845094?v=4", + "html_url": "https:\/\/github.com\/bigsizeme" + }, + "html_url": "https:\/\/github.com\/bigsizeme\/CVE-2018-2893", + "description": "反弹shell生成器", + "fork": false, + "created_at": "2018-07-20T07:26:43Z", + "updated_at": "2022-02-15T03:53:37Z", + "pushed_at": "2018-07-23T04:31:27Z", + "stargazers_count": 17, + "watchers_count": 17, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 17, + "score": 0 + }, { "id": 141856470, "name": "CVE-2018-2893", @@ -26,6 +107,33 @@ "watchers": 95, "score": 0 }, + { + "id": 142403659, + "name": "CVE-2018-2893", + "full_name": "qianl0ng\/CVE-2018-2893", + "owner": { + "login": "qianl0ng", + "id": 26949233, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26949233?v=4", + "html_url": "https:\/\/github.com\/qianl0ng" + }, + "html_url": "https:\/\/github.com\/qianl0ng\/CVE-2018-2893", + "description": "可以直接反弹shell", + "fork": false, + "created_at": "2018-07-26T07:16:38Z", + "updated_at": "2021-06-18T23:11:26Z", + "pushed_at": "2018-07-26T07:50:15Z", + "stargazers_count": 45, + "watchers_count": 45, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 45, + "score": 0 + }, { "id": 151921677, "name": "CVE-2018-2893", diff --git a/2018/CVE-2018-2894.json b/2018/CVE-2018-2894.json index a581e8f025..8ca99d9869 100644 --- a/2018/CVE-2018-2894.json +++ b/2018/CVE-2018-2894.json @@ -1,4 +1,58 @@ [ + { + "id": 141601079, + "name": "cve-2018-2894", + "full_name": "111ddea\/cve-2018-2894", + "owner": { + "login": "111ddea", + "id": 41444127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41444127?v=4", + "html_url": "https:\/\/github.com\/111ddea" + }, + "html_url": "https:\/\/github.com\/111ddea\/cve-2018-2894", + "description": "cve-2018-2894 不同别人的利用方法。", + "fork": false, + "created_at": "2018-07-19T15:50:35Z", + "updated_at": "2021-10-22T07:46:36Z", + "pushed_at": "2018-07-22T08:34:27Z", + "stargazers_count": 15, + "watchers_count": 15, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 15, + "score": 0 + }, + { + "id": 141661586, + "name": "CVE-2018-2894", + "full_name": "LandGrey\/CVE-2018-2894", + "owner": { + "login": "LandGrey", + "id": 16769779, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16769779?v=4", + "html_url": "https:\/\/github.com\/LandGrey" + }, + "html_url": "https:\/\/github.com\/LandGrey\/CVE-2018-2894", + "description": "CVE-2018-2894 WebLogic Unrestricted File Upload Lead To RCE Check Script", + "fork": false, + "created_at": "2018-07-20T03:59:18Z", + "updated_at": "2022-04-19T02:12:57Z", + "pushed_at": "2018-07-20T12:46:50Z", + "stargazers_count": 133, + "watchers_count": 133, + "forks_count": 53, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 53, + "watchers": 133, + "score": 0 + }, { "id": 151928392, "name": "CVE-2018-2894", diff --git a/2018/CVE-2018-4121.json b/2018/CVE-2018-4121.json index 06655f82d2..d3b9131fd3 100644 --- a/2018/CVE-2018-4121.json +++ b/2018/CVE-2018-4121.json @@ -26,6 +26,33 @@ "watchers": 119, "score": 0 }, + { + "id": 141314432, + "name": "CVE-2018-4121", + "full_name": "likescam\/CVE-2018-4121", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/CVE-2018-4121", + "description": null, + "fork": false, + "created_at": "2018-07-17T16:15:29Z", + "updated_at": "2018-07-17T16:15:44Z", + "pushed_at": "2018-07-17T16:15:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 147746670, "name": "CVE-2018-4121", diff --git a/2018/CVE-2018-4233.json b/2018/CVE-2018-4233.json new file mode 100644 index 0000000000..427f56dd9c --- /dev/null +++ b/2018/CVE-2018-4233.json @@ -0,0 +1,29 @@ +[ + { + "id": 144027153, + "name": "cve-2018-4233", + "full_name": "saelo\/cve-2018-4233", + "owner": { + "login": "saelo", + "id": 2453290, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2453290?v=4", + "html_url": "https:\/\/github.com\/saelo" + }, + "html_url": "https:\/\/github.com\/saelo\/cve-2018-4233", + "description": "Exploit for CVE-2018-4233, a WebKit JIT optimization bug used during Pwn2Own 2018", + "fork": false, + "created_at": "2018-08-08T14:41:20Z", + "updated_at": "2022-04-26T07:49:18Z", + "pushed_at": "2018-08-17T23:31:46Z", + "stargazers_count": 167, + "watchers_count": 167, + "forks_count": 33, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 33, + "watchers": 167, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-5740.json b/2018/CVE-2018-5740.json new file mode 100644 index 0000000000..c070ac2cc9 --- /dev/null +++ b/2018/CVE-2018-5740.json @@ -0,0 +1,29 @@ +[ + { + "id": 144792218, + "name": "cve-2018-5740", + "full_name": "sischkg\/cve-2018-5740", + "owner": { + "login": "sischkg", + "id": 3468384, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3468384?v=4", + "html_url": "https:\/\/github.com\/sischkg" + }, + "html_url": "https:\/\/github.com\/sischkg\/cve-2018-5740", + "description": null, + "fork": false, + "created_at": "2018-08-15T01:50:41Z", + "updated_at": "2019-02-25T15:06:06Z", + "pushed_at": "2018-08-15T06:25:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6389.json b/2018/CVE-2018-6389.json index ac9d258d4a..6bf0e6e8aa 100644 --- a/2018/CVE-2018-6389.json +++ b/2018/CVE-2018-6389.json @@ -412,6 +412,39 @@ "watchers": 0, "score": 0 }, + { + "id": 146678844, + "name": "trellis-cve-2018-6389", + "full_name": "ItinerisLtd\/trellis-cve-2018-6389", + "owner": { + "login": "ItinerisLtd", + "id": 32365928, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32365928?v=4", + "html_url": "https:\/\/github.com\/ItinerisLtd" + }, + "html_url": "https:\/\/github.com\/ItinerisLtd\/trellis-cve-2018-6389", + "description": "Mitigate CVE-2018-6389 WordPress load-scripts \/ load-styles attacks", + "fork": false, + "created_at": "2018-08-30T01:25:20Z", + "updated_at": "2020-08-11T04:43:27Z", + "pushed_at": "2018-08-30T01:47:48Z", + "stargazers_count": 7, + "watchers_count": 7, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [ + "ansible-galaxy", + "cve-2018-6389", + "security", + "trellis", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0 + }, { "id": 155115549, "name": "Wordpress-DOS", diff --git a/2018/CVE-2018-6643.json b/2018/CVE-2018-6643.json new file mode 100644 index 0000000000..7fca65d064 --- /dev/null +++ b/2018/CVE-2018-6643.json @@ -0,0 +1,29 @@ +[ + { + "id": 146195248, + "name": "CVE-2018-6643", + "full_name": "undefinedmode\/CVE-2018-6643", + "owner": { + "login": "undefinedmode", + "id": 4165481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4165481?v=4", + "html_url": "https:\/\/github.com\/undefinedmode" + }, + "html_url": "https:\/\/github.com\/undefinedmode\/CVE-2018-6643", + "description": "CVE-2018-6643", + "fork": false, + "created_at": "2018-08-26T16:03:08Z", + "updated_at": "2018-08-27T13:36:10Z", + "pushed_at": "2018-08-28T23:03:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7600.json b/2018/CVE-2018-7600.json index f99af09d3e..e18b684e33 100644 --- a/2018/CVE-2018-7600.json +++ b/2018/CVE-2018-7600.json @@ -477,6 +477,33 @@ "watchers": 0, "score": 0 }, + { + "id": 140643631, + "name": "CVE-2018-7600", + "full_name": "happynote3966\/CVE-2018-7600", + "owner": { + "login": "happynote3966", + "id": 19719330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19719330?v=4", + "html_url": "https:\/\/github.com\/happynote3966" + }, + "html_url": "https:\/\/github.com\/happynote3966\/CVE-2018-7600", + "description": null, + "fork": false, + "created_at": "2018-07-12T01:12:44Z", + "updated_at": "2018-07-17T03:24:11Z", + "pushed_at": "2018-07-17T03:24:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 151199861, "name": "CVE-2018-7600-Drupal-RCE", diff --git a/2018/CVE-2018-7602.json b/2018/CVE-2018-7602.json index bbcafc49f3..5bf99907d0 100644 --- a/2018/CVE-2018-7602.json +++ b/2018/CVE-2018-7602.json @@ -26,6 +26,33 @@ "watchers": 5, "score": 0 }, + { + "id": 140663638, + "name": "CVE-2018-7602", + "full_name": "happynote3966\/CVE-2018-7602", + "owner": { + "login": "happynote3966", + "id": 19719330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19719330?v=4", + "html_url": "https:\/\/github.com\/happynote3966" + }, + "html_url": "https:\/\/github.com\/happynote3966\/CVE-2018-7602", + "description": null, + "fork": false, + "created_at": "2018-07-12T05:08:14Z", + "updated_at": "2018-07-17T02:57:18Z", + "pushed_at": "2018-07-17T02:57:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0 + }, { "id": 155205612, "name": "CVE-2018-7602", diff --git a/2018/CVE-2018-8090.json b/2018/CVE-2018-8090.json new file mode 100644 index 0000000000..27cfb40d01 --- /dev/null +++ b/2018/CVE-2018-8090.json @@ -0,0 +1,32 @@ +[ + { + "id": 141976453, + "name": "CVE-2018-8090", + "full_name": "kernelm0de\/CVE-2018-8090", + "owner": { + "login": "kernelm0de", + "id": 30472260, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30472260?v=4", + "html_url": "https:\/\/github.com\/kernelm0de" + }, + "html_url": "https:\/\/github.com\/kernelm0de\/CVE-2018-8090", + "description": "DLL Hijacking in Quickheal Total Security\/ Internet Security\/ Antivirus Pro (Installers)", + "fork": false, + "created_at": "2018-07-23T07:17:07Z", + "updated_at": "2019-01-22T12:46:02Z", + "pushed_at": "2018-07-26T13:39:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "topics": [ + "cve", + "dll-hijacking" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8120.json b/2018/CVE-2018-8120.json index 603b142e43..d8b0c6fc61 100644 --- a/2018/CVE-2018-8120.json +++ b/2018/CVE-2018-8120.json @@ -111,6 +111,60 @@ "watchers": 289, "score": 0 }, + { + "id": 140512208, + "name": "CVE-2018-8120", + "full_name": "EVOL4\/CVE-2018-8120", + "owner": { + "login": "EVOL4", + "id": 26862344, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26862344?v=4", + "html_url": "https:\/\/github.com\/EVOL4" + }, + "html_url": "https:\/\/github.com\/EVOL4\/CVE-2018-8120", + "description": "dd", + "fork": false, + "created_at": "2018-07-11T02:41:16Z", + "updated_at": "2018-11-16T12:24:05Z", + "pushed_at": "2018-08-10T13:06:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0 + }, + { + "id": 144975276, + "name": "CVE-2018-8120", + "full_name": "ozkanbilge\/CVE-2018-8120", + "owner": { + "login": "ozkanbilge", + "id": 39211596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39211596?v=4", + "html_url": "https:\/\/github.com\/ozkanbilge" + }, + "html_url": "https:\/\/github.com\/ozkanbilge\/CVE-2018-8120", + "description": "CVE-2018-8120 Windows LPE exploit", + "fork": false, + "created_at": "2018-08-16T10:51:00Z", + "updated_at": "2020-10-20T17:21:43Z", + "pushed_at": "2018-08-16T10:53:19Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0 + }, { "id": 162424739, "name": "CVE-2018-8120", diff --git a/2018/CVE-2018-8172.json b/2018/CVE-2018-8172.json new file mode 100644 index 0000000000..5c3be7c929 --- /dev/null +++ b/2018/CVE-2018-8172.json @@ -0,0 +1,29 @@ +[ + { + "id": 145187210, + "name": "CVE-2018-8172", + "full_name": "SyFi\/CVE-2018-8172", + "owner": { + "login": "SyFi", + "id": 26314806, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26314806?v=4", + "html_url": "https:\/\/github.com\/SyFi" + }, + "html_url": "https:\/\/github.com\/SyFi\/CVE-2018-8172", + "description": "Microsoft Visual Studio CVE-2018-8172 Remote Code Execution Vulnerability", + "fork": false, + "created_at": "2018-08-18T03:37:15Z", + "updated_at": "2020-10-21T22:16:11Z", + "pushed_at": "2018-08-18T03:56:36Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 3, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8174.json b/2018/CVE-2018-8174.json index 20f16a5836..3e9fbf97a3 100644 --- a/2018/CVE-2018-8174.json +++ b/2018/CVE-2018-8174.json @@ -107,6 +107,60 @@ "watchers": 1, "score": 0 }, + { + "id": 140478620, + "name": "cve-2018-8174_analysis", + "full_name": "piotrflorczyk\/cve-2018-8174_analysis", + "owner": { + "login": "piotrflorczyk", + "id": 7830144, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7830144?v=4", + "html_url": "https:\/\/github.com\/piotrflorczyk" + }, + "html_url": "https:\/\/github.com\/piotrflorczyk\/cve-2018-8174_analysis", + "description": "Analysis of VBS exploit CVE-2018-8174", + "fork": false, + "created_at": "2018-07-10T19:31:25Z", + "updated_at": "2021-12-15T14:34:28Z", + "pushed_at": "2018-07-12T08:35:13Z", + "stargazers_count": 20, + "watchers_count": 20, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 20, + "score": 0 + }, + { + "id": 147615569, + "name": "CVE-2018-8174-msf", + "full_name": "likescam\/CVE-2018-8174-msf", + "owner": { + "login": "likescam", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likescam" + }, + "html_url": "https:\/\/github.com\/likescam\/CVE-2018-8174-msf", + "description": null, + "fork": false, + "created_at": "2018-09-06T04:03:25Z", + "updated_at": "2018-09-06T04:03:37Z", + "pushed_at": "2018-09-06T04:03:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 188212551, "name": "ie11_vbscript_exploit", diff --git a/2018/CVE-2018-8208.json b/2018/CVE-2018-8208.json new file mode 100644 index 0000000000..566567c6ae --- /dev/null +++ b/2018/CVE-2018-8208.json @@ -0,0 +1,29 @@ +[ + { + "id": 144541015, + "name": "CVE-2018-8208", + "full_name": "kaisaryousuf\/CVE-2018-8208", + "owner": { + "login": "kaisaryousuf", + "id": 27071719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27071719?v=4", + "html_url": "https:\/\/github.com\/kaisaryousuf" + }, + "html_url": "https:\/\/github.com\/kaisaryousuf\/CVE-2018-8208", + "description": null, + "fork": false, + "created_at": "2018-08-13T06:56:11Z", + "updated_at": "2018-11-12T16:22:38Z", + "pushed_at": "2018-06-21T15:06:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8897.json b/2018/CVE-2018-8897.json index 4f2c9be1f6..ade3df7955 100644 --- a/2018/CVE-2018-8897.json +++ b/2018/CVE-2018-8897.json @@ -79,5 +79,32 @@ "forks": 112, "watchers": 406, "score": 0 + }, + { + "id": 144062105, + "name": "syscall_exploit_CVE-2018-8897", + "full_name": "nmulasmajic\/syscall_exploit_CVE-2018-8897", + "owner": { + "login": "nmulasmajic", + "id": 30013958, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30013958?v=4", + "html_url": "https:\/\/github.com\/nmulasmajic" + }, + "html_url": "https:\/\/github.com\/nmulasmajic\/syscall_exploit_CVE-2018-8897", + "description": "Implements the POP\/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).", + "fork": false, + "created_at": "2018-08-08T20:04:56Z", + "updated_at": "2022-02-17T02:17:51Z", + "pushed_at": "2018-08-08T20:12:20Z", + "stargazers_count": 112, + "watchers_count": 112, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 112, + "score": 0 } ] \ No newline at end of file diff --git a/2018/CVE-2018-9948.json b/2018/CVE-2018-9948.json index c837349135..e1ab7f7198 100644 --- a/2018/CVE-2018-9948.json +++ b/2018/CVE-2018-9948.json @@ -25,5 +25,32 @@ "forks": 2, "watchers": 4, "score": 0 + }, + { + "id": 145526091, + "name": "cve-2018-9948-9958-exp", + "full_name": "orangepirate\/cve-2018-9948-9958-exp", + "owner": { + "login": "orangepirate", + "id": 40813235, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40813235?v=4", + "html_url": "https:\/\/github.com\/orangepirate" + }, + "html_url": "https:\/\/github.com\/orangepirate\/cve-2018-9948-9958-exp", + "description": "a exp for cve-2018-9948\/9958 , current shellcode called win-calc ", + "fork": false, + "created_at": "2018-08-21T07:43:38Z", + "updated_at": "2018-08-24T00:18:07Z", + "pushed_at": "2018-08-24T00:18:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-1472.json b/2020/CVE-2020-1472.json index 25dbee96e8..21a0ac253c 100644 --- a/2020/CVE-2020-1472.json +++ b/2020/CVE-2020-1472.json @@ -94,17 +94,17 @@ "description": "PoC for Zerologon - all research credits go to Tom Tervoort of Secura", "fork": false, "created_at": "2020-09-14T16:56:51Z", - "updated_at": "2022-04-29T13:20:49Z", + "updated_at": "2022-04-30T18:52:20Z", "pushed_at": "2020-11-03T09:45:24Z", - "stargazers_count": 920, - "watchers_count": 920, - "forks_count": 258, + "stargazers_count": 921, + "watchers_count": 921, + "forks_count": 259, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 258, - "watchers": 920, + "forks": 259, + "watchers": 921, "score": 0 }, { @@ -121,10 +121,10 @@ "description": "Exploit Code for CVE-2020-1472 aka Zerologon", "fork": false, "created_at": "2020-09-14T16:57:49Z", - "updated_at": "2022-04-28T04:47:54Z", + "updated_at": "2022-04-30T22:31:59Z", "pushed_at": "2020-11-05T16:37:20Z", - "stargazers_count": 309, - "watchers_count": 309, + "stargazers_count": 310, + "watchers_count": 310, "forks_count": 55, "allow_forking": true, "is_template": false, @@ -138,7 +138,7 @@ ], "visibility": "public", "forks": 55, - "watchers": 309, + "watchers": 310, "score": 0 }, { @@ -479,17 +479,17 @@ "description": "CVE-2020-1472 - Zero Logon vulnerability Python implementation", "fork": false, "created_at": "2020-09-16T07:25:22Z", - "updated_at": "2022-01-17T05:45:19Z", + "updated_at": "2022-04-30T23:21:59Z", "pushed_at": "2020-09-16T08:39:06Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 2, + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 3, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 2, - "watchers": 2, + "forks": 3, + "watchers": 3, "score": 0 }, { diff --git a/2020/CVE-2020-16152.json b/2020/CVE-2020-16152.json index 72419d3950..ec5e8e0189 100644 --- a/2020/CVE-2020-16152.json +++ b/2020/CVE-2020-16152.json @@ -44,12 +44,12 @@ "pushed_at": "2022-01-02T08:08:01Z", "stargazers_count": 0, "watchers_count": 0, - "forks_count": 0, + "forks_count": 1, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 0, + "forks": 1, "watchers": 0, "score": 0 } diff --git a/2020/CVE-2020-3187.json b/2020/CVE-2020-3187.json index 484bcd515c..afac446879 100644 --- a/2020/CVE-2020-3187.json +++ b/2020/CVE-2020-3187.json @@ -44,12 +44,12 @@ "pushed_at": "2020-09-10T06:34:29Z", "stargazers_count": 0, "watchers_count": 0, - "forks_count": 2, + "forks_count": 3, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 2, + "forks": 3, "watchers": 0, "score": 0 }, diff --git a/2021/CVE-2021-22204.json b/2021/CVE-2021-22204.json index b8345bdc9c..8008e8f617 100644 --- a/2021/CVE-2021-22204.json +++ b/2021/CVE-2021-22204.json @@ -212,7 +212,7 @@ "fork": false, "created_at": "2022-04-16T22:49:47Z", "updated_at": "2022-04-29T01:38:43Z", - "pushed_at": "2022-04-30T15:15:07Z", + "pushed_at": "2022-04-30T19:29:57Z", "stargazers_count": 2, "watchers_count": 2, "forks_count": 0, diff --git a/2021/CVE-2021-3156.json b/2021/CVE-2021-3156.json index df1fc5088f..b2d0cd1994 100644 --- a/2021/CVE-2021-3156.json +++ b/2021/CVE-2021-3156.json @@ -730,12 +730,12 @@ "pushed_at": "2022-02-13T12:21:53Z", "stargazers_count": 101, "watchers_count": 101, - "forks_count": 42, + "forks_count": 43, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 42, + "forks": 43, "watchers": 101, "score": 0 }, @@ -1348,7 +1348,7 @@ "fork": false, "created_at": "2022-03-10T19:10:28Z", "updated_at": "2022-04-15T01:47:21Z", - "pushed_at": "2022-04-15T01:47:03Z", + "pushed_at": "2022-04-30T23:59:59Z", "stargazers_count": 4, "watchers_count": 4, "forks_count": 0, diff --git a/2021/CVE-2021-4034.json b/2021/CVE-2021-4034.json index c7b3ec813f..a197983f4f 100644 --- a/2021/CVE-2021-4034.json +++ b/2021/CVE-2021-4034.json @@ -1815,17 +1815,17 @@ "description": "Proof of concept for pwnkit vulnerability", "fork": false, "created_at": "2022-01-27T14:43:57Z", - "updated_at": "2022-04-30T17:47:44Z", + "updated_at": "2022-05-01T00:06:01Z", "pushed_at": "2022-04-19T12:33:32Z", - "stargazers_count": 256, - "watchers_count": 256, + "stargazers_count": 257, + "watchers_count": 257, "forks_count": 34, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 34, - "watchers": 256, + "watchers": 257, "score": 0 }, { @@ -2621,17 +2621,17 @@ "description": "pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034)", "fork": false, "created_at": "2022-01-30T10:34:28Z", - "updated_at": "2022-04-10T08:35:44Z", + "updated_at": "2022-04-30T22:40:59Z", "pushed_at": "2022-01-30T10:44:34Z", - "stargazers_count": 3, - "watchers_count": 3, + "stargazers_count": 4, + "watchers_count": 4, "forks_count": 0, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 0, - "watchers": 3, + "watchers": 4, "score": 0 }, { diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json index dea0ddd8e9..0d11e23bd8 100644 --- a/2021/CVE-2021-44228.json +++ b/2021/CVE-2021-44228.json @@ -6377,11 +6377,11 @@ "description": "A scanner and a proof of sample exploit for log4j RCE CVE-2021-44228 ", "fork": false, "created_at": "2021-12-15T16:01:36Z", - "updated_at": "2021-12-25T09:42:50Z", + "updated_at": "2022-04-30T23:16:13Z", "pushed_at": "2021-12-15T19:15:07Z", - "stargazers_count": 3, - "watchers_count": 3, - "forks_count": 1, + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 2, "allow_forking": true, "is_template": false, "topics": [ @@ -6390,8 +6390,8 @@ "log4j" ], "visibility": "public", - "forks": 1, - "watchers": 3, + "forks": 2, + "watchers": 4, "score": 0 }, { diff --git a/2022/CVE-2022-1077.json b/2022/CVE-2022-1077.json new file mode 100644 index 0000000000..5910566190 --- /dev/null +++ b/2022/CVE-2022-1077.json @@ -0,0 +1,29 @@ +[ + { + "id": 487389384, + "name": "CVE-2022-1077", + "full_name": "MrEmpy\/CVE-2022-1077", + "owner": { + "login": "MrEmpy", + "id": 71796063, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71796063?v=4", + "html_url": "https:\/\/github.com\/MrEmpy" + }, + "html_url": "https:\/\/github.com\/MrEmpy\/CVE-2022-1077", + "description": "TEM FLEX-1080\/FLEX-1085 1.6.0 log log.cgi Information Disclosure", + "fork": false, + "created_at": "2022-04-30T21:55:03Z", + "updated_at": "2022-04-30T22:24:38Z", + "pushed_at": "2022-04-30T22:08:24Z", + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21449.json b/2022/CVE-2022-21449.json index 0d4ff8a9d7..e6b0e8a5ea 100644 --- a/2022/CVE-2022-21449.json +++ b/2022/CVE-2022-21449.json @@ -122,7 +122,7 @@ "fork": false, "created_at": "2022-04-24T10:59:11Z", "updated_at": "2022-04-27T09:28:36Z", - "pushed_at": "2022-04-24T11:22:15Z", + "pushed_at": "2022-04-30T19:05:13Z", "stargazers_count": 5, "watchers_count": 5, "forks_count": 1, diff --git a/2022/CVE-2022-22965.json b/2022/CVE-2022-22965.json index 8235030f77..2536415082 100644 --- a/2022/CVE-2022-22965.json +++ b/2022/CVE-2022-22965.json @@ -17,7 +17,7 @@ "pushed_at": "2022-04-07T19:05:54Z", "stargazers_count": 254, "watchers_count": 254, - "forks_count": 80, + "forks_count": 81, "allow_forking": true, "is_template": false, "topics": [ @@ -31,7 +31,7 @@ "tomcat" ], "visibility": "public", - "forks": 80, + "forks": 81, "watchers": 254, "score": 0 }, @@ -1617,17 +1617,17 @@ "description": null, "fork": false, "created_at": "2022-04-23T09:01:22Z", - "updated_at": "2022-04-28T12:15:48Z", + "updated_at": "2022-04-30T18:26:48Z", "pushed_at": "2022-04-28T13:25:08Z", - "stargazers_count": 3, - "watchers_count": 3, + "stargazers_count": 4, + "watchers_count": 4, "forks_count": 0, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 0, - "watchers": 3, + "watchers": 4, "score": 0 }, { diff --git a/2022/CVE-2022-29072.json b/2022/CVE-2022-29072.json index 833b33d273..6e7d2be03b 100644 --- a/2022/CVE-2022-29072.json +++ b/2022/CVE-2022-29072.json @@ -13,17 +13,17 @@ "description": "7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area.", "fork": false, "created_at": "2022-04-15T22:59:03Z", - "updated_at": "2022-04-30T02:14:54Z", + "updated_at": "2022-04-30T20:55:49Z", "pushed_at": "2022-04-22T11:26:31Z", - "stargazers_count": 639, - "watchers_count": 639, + "stargazers_count": 640, + "watchers_count": 640, "forks_count": 102, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 102, - "watchers": 639, + "watchers": 640, "score": 0 }, { diff --git a/2022/CVE-2022-29464.json b/2022/CVE-2022-29464.json index 207c58f3c2..648c0fe790 100644 --- a/2022/CVE-2022-29464.json +++ b/2022/CVE-2022-29464.json @@ -211,10 +211,10 @@ "description": "😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.", "fork": false, "created_at": "2022-04-24T18:25:26Z", - "updated_at": "2022-04-27T10:30:10Z", + "updated_at": "2022-04-30T18:53:51Z", "pushed_at": "2022-04-24T18:34:06Z", - "stargazers_count": 15, - "watchers_count": 15, + "stargazers_count": 16, + "watchers_count": 16, "forks_count": 5, "allow_forking": true, "is_template": false, @@ -226,7 +226,7 @@ ], "visibility": "public", "forks": 5, - "watchers": 15, + "watchers": 16, "score": 0 }, { diff --git a/README.md b/README.md index 17bb4f80de..cb100ef513 100644 --- a/README.md +++ b/README.md @@ -224,6 +224,14 @@ A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of t - [pqlx/CVE-2022-1015](https://github.com/pqlx/CVE-2022-1015) - [zanezhub/CVE-2022-1015-1016](https://github.com/zanezhub/CVE-2022-1015-1016) +### CVE-2022-1077 (2022-03-29) + + +A vulnerability was found in TEM FLEX-1080 and FLEX-1085 1.6.0. It has been declared as problematic. This vulnerability log.cgi of the component Log Handler. A direct request leads to information disclosure of hardware information. The attack can be initiated remotely and does not require any form of authentication. + + +- [MrEmpy/CVE-2022-1077](https://github.com/MrEmpy/CVE-2022-1077) + ### CVE-2022-1096 - [Maverick-cmd/Chrome-and-Edge-Version-Dumper](https://github.com/Maverick-cmd/Chrome-and-Edge-Version-Dumper) @@ -14989,6 +14997,17 @@ The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows - [preempt/credssp](https://github.com/preempt/credssp) +### CVE-2018-0952 (2018-08-15) + + +An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations, aka "Diagnostic Hub Standard Collector Elevation Of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Microsoft Visual Studio, Windows 10 Servers. + + +- [atredispartners/CVE-2018-0952-SystemCollector](https://github.com/atredispartners/CVE-2018-0952-SystemCollector) + +### CVE-2018-14 +- [lckJack/legacySymfony](https://github.com/lckJack/legacySymfony) + ### CVE-2018-1010 (2018-04-11) @@ -15233,6 +15252,8 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar - [wrysunny/cve-2018-2628](https://github.com/wrysunny/cve-2018-2628) - [jas502n/CVE-2018-2628](https://github.com/jas502n/CVE-2018-2628) - [stevenlinfeng/CVE-2018-2628](https://github.com/stevenlinfeng/CVE-2018-2628) +- [likescam/CVE-2018-2628](https://github.com/likescam/CVE-2018-2628) +- [Nervous/WebLogic-RCE-exploit](https://github.com/Nervous/WebLogic-RCE-exploit) - [Lighird/CVE-2018-2628](https://github.com/Lighird/CVE-2018-2628) - [0xMJ/CVE-2018-2628](https://github.com/0xMJ/CVE-2018-2628) - [0xn0ne/weblogicScanner](https://github.com/0xn0ne/weblogicScanner) @@ -15248,6 +15269,14 @@ Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality - [erpscanteam/CVE-2018-2636](https://github.com/erpscanteam/CVE-2018-2636) - [Cymmetria/micros_honeypot](https://github.com/Cymmetria/micros_honeypot) +### CVE-2018-2844 (2018-04-18) + + +Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.1.36 and Prior to 5.2.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). + + +- [renorobert/virtualbox-cve-2018-2844](https://github.com/renorobert/virtualbox-cve-2018-2844) + ### CVE-2018-2879 (2018-04-18) @@ -15264,7 +15293,11 @@ Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). +- [sry309/CVE-2018-2893](https://github.com/sry309/CVE-2018-2893) +- [ryanInf/CVE-2018-2893](https://github.com/ryanInf/CVE-2018-2893) +- [bigsizeme/CVE-2018-2893](https://github.com/bigsizeme/CVE-2018-2893) - [pyn3rd/CVE-2018-2893](https://github.com/pyn3rd/CVE-2018-2893) +- [qianl0ng/CVE-2018-2893](https://github.com/qianl0ng/CVE-2018-2893) - [jas502n/CVE-2018-2893](https://github.com/jas502n/CVE-2018-2893) - [ianxtianxt/CVE-2018-2893](https://github.com/ianxtianxt/CVE-2018-2893) @@ -15274,6 +15307,8 @@ Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middlewar Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). +- [111ddea/cve-2018-2894](https://github.com/111ddea/cve-2018-2894) +- [LandGrey/CVE-2018-2894](https://github.com/LandGrey/CVE-2018-2894) - [jas502n/CVE-2018-2894](https://github.com/jas502n/CVE-2018-2894) - [k8gege/PyLadon](https://github.com/k8gege/PyLadon) @@ -15417,6 +15452,7 @@ An issue was discovered in certain Apple products. iOS before 11.3 is affected. - [FSecureLABS/CVE-2018-4121](https://github.com/FSecureLABS/CVE-2018-4121) +- [likescam/CVE-2018-4121](https://github.com/likescam/CVE-2018-4121) - [jezzus/CVE-2018-4121](https://github.com/jezzus/CVE-2018-4121) ### CVE-2018-4124 (2018-04-03) @@ -15455,6 +15491,14 @@ An issue was discovered in certain Apple products. macOS before 10.13.5 is affec - [Synacktiv-contrib/CVE-2018-4193](https://github.com/Synacktiv-contrib/CVE-2018-4193) +### CVE-2018-4233 (2018-06-08) + + +An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. + + +- [saelo/cve-2018-4233](https://github.com/saelo/cve-2018-4233) + ### CVE-2018-4241 (2018-06-08) @@ -15674,6 +15718,14 @@ Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potenti - [ezelf/seatel_terminals](https://github.com/ezelf/seatel_terminals) +### CVE-2018-5740 (2019-01-16) + + +"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2. + + +- [sischkg/cve-2018-5740](https://github.com/sischkg/cve-2018-5740) + ### CVE-2018-5951 (2020-03-02) @@ -15740,6 +15792,7 @@ In WordPress through 4.9.2, unauthenticated attackers can cause a denial of serv - [s0md3v/Shiva](https://github.com/s0md3v/Shiva) - [mudhappy/Wordpress-Hack-CVE-2018-6389](https://github.com/mudhappy/Wordpress-Hack-CVE-2018-6389) - [armaanpathan12345/WP-DOS-Exploit-CVE-2018-6389](https://github.com/armaanpathan12345/WP-DOS-Exploit-CVE-2018-6389) +- [ItinerisLtd/trellis-cve-2018-6389](https://github.com/ItinerisLtd/trellis-cve-2018-6389) - [Zazzzles/Wordpress-DOS](https://github.com/Zazzzles/Wordpress-DOS) - [fakedob/tvsz](https://github.com/fakedob/tvsz) - [vineetkia/Wordpress-DOS-Attack-CVE-2018-6389](https://github.com/vineetkia/Wordpress-DOS-Attack-CVE-2018-6389) @@ -15877,6 +15930,14 @@ An issue was discovered that affects all producers of BIOS firmware who make a c - [kkamagui/napper-for-tpm](https://github.com/kkamagui/napper-for-tpm) +### CVE-2018-6643 (2018-08-28) + + +Infoblox NetMRI 7.1.1 has Reflected Cross-Site Scripting via the /api/docs/index.php query parameter. + + +- [undefinedmode/CVE-2018-6643](https://github.com/undefinedmode/CVE-2018-6643) + ### CVE-2018-6789 (2018-02-08) @@ -16029,6 +16090,7 @@ Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 - [fyraiga/CVE-2018-7600-drupalgeddon2-scanner](https://github.com/fyraiga/CVE-2018-7600-drupalgeddon2-scanner) - [Damian972/drupalgeddon-2](https://github.com/Damian972/drupalgeddon-2) - [jyo-zi/CVE-2018-7600](https://github.com/jyo-zi/CVE-2018-7600) +- [happynote3966/CVE-2018-7600](https://github.com/happynote3966/CVE-2018-7600) - [shellord/CVE-2018-7600-Drupal-RCE](https://github.com/shellord/CVE-2018-7600-Drupal-RCE) - [r3dxpl0it/CVE-2018-7600](https://github.com/r3dxpl0it/CVE-2018-7600) - [cved-sources/cve-2018-7600](https://github.com/cved-sources/cve-2018-7600) @@ -16053,6 +16115,7 @@ A remote code execution vulnerability exists within multiple subsystems of Drupa - [1337g/Drupalgedon3](https://github.com/1337g/Drupalgedon3) +- [happynote3966/CVE-2018-7602](https://github.com/happynote3966/CVE-2018-7602) - [kastellanos/CVE-2018-7602](https://github.com/kastellanos/CVE-2018-7602) - [cyberharsh/DrupalCVE-2018-7602](https://github.com/cyberharsh/DrupalCVE-2018-7602) @@ -16171,6 +16234,14 @@ YzmCMS 3.7 has Stored XSS via the title parameter to advertisement/adver/edit.ht - [Jx0n0/YZMCMSxss](https://github.com/Jx0n0/YZMCMSxss) +### CVE-2018-8090 (2018-07-25) + + +Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (QHTS32.exe), (QHTSFT32.exe) - Version 10.0.1.38; Quick Heal Internet Security 64 bit 17.00 (QHIS64.exe), (QHISFT64.exe) - Version 10.0.0.37; Quick Heal Internet Security 32 bit 17.00 (QHIS32.exe), (QHISFT32.exe) - Version 10.0.0.37; Quick Heal AntiVirus Pro 64 bit 17.00 (QHAV64.exe), (QHAVFT64.exe) - Version 10.0.0.37; and Quick Heal AntiVirus Pro 32 bit 17.00 (QHAV32.exe), (QHAVFT32.exe) - Version 10.0.0.37 allow DLL Hijacking because of Insecure Library Loading. + + +- [kernelm0de/CVE-2018-8090](https://github.com/kernelm0de/CVE-2018-8090) + ### CVE-2018-8108 (2018-03-14) @@ -16197,12 +16268,22 @@ An elevation of privilege vulnerability exists in Windows when the Win32k compon - [unamer/CVE-2018-8120](https://github.com/unamer/CVE-2018-8120) - [ne1llee/cve-2018-8120](https://github.com/ne1llee/cve-2018-8120) - [alpha1ab/CVE-2018-8120](https://github.com/alpha1ab/CVE-2018-8120) +- [EVOL4/CVE-2018-8120](https://github.com/EVOL4/CVE-2018-8120) +- [ozkanbilge/CVE-2018-8120](https://github.com/ozkanbilge/CVE-2018-8120) - [qiantu88/CVE-2018-8120](https://github.com/qiantu88/CVE-2018-8120) - [Y0n0Y/cve-2018-8120-exp](https://github.com/Y0n0Y/cve-2018-8120-exp) - [DreamoneOnly/CVE-2018-8120](https://github.com/DreamoneOnly/CVE-2018-8120) - [StartZYP/CVE-2018-8120](https://github.com/StartZYP/CVE-2018-8120) - [wikiZ/cve-2018-8120](https://github.com/wikiZ/cve-2018-8120) +### CVE-2018-8172 (2018-07-10) + + +A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup of a file for an unbuilt project, aka "Visual Studio Remote Code Execution Vulnerability." This affects Microsoft Visual Studio, Expression Blend 4. + + +- [SyFi/CVE-2018-8172](https://github.com/SyFi/CVE-2018-8172) + ### CVE-2018-8174 (2018-05-09) @@ -16213,6 +16294,8 @@ A remote code execution vulnerability exists in the way that the VBScript engine - [Yt1g3r/CVE-2018-8174_EXP](https://github.com/Yt1g3r/CVE-2018-8174_EXP) - [SyFi/CVE-2018-8174](https://github.com/SyFi/CVE-2018-8174) - [orf53975/Rig-Exploit-for-CVE-2018-8174](https://github.com/orf53975/Rig-Exploit-for-CVE-2018-8174) +- [piotrflorczyk/cve-2018-8174_analysis](https://github.com/piotrflorczyk/cve-2018-8174_analysis) +- [likescam/CVE-2018-8174-msf](https://github.com/likescam/CVE-2018-8174-msf) - [ruthlezs/ie11_vbscript_exploit](https://github.com/ruthlezs/ie11_vbscript_exploit) - [ericisnotrealname/CVE-2018-8174_EXP](https://github.com/ericisnotrealname/CVE-2018-8174_EXP) - [www201001/https-github.com-iBearcat-CVE-2018-8174_EXP](https://github.com/www201001/https-github.com-iBearcat-CVE-2018-8174_EXP) @@ -16223,6 +16306,14 @@ A remote code execution vulnerability exists in the way that the VBScript engine - [lisinan988/CVE-2018-8174-exp](https://github.com/lisinan988/CVE-2018-8174-exp) - [sinisterghost/https-github.com-iBearcat-CVE-2018-8174_EXP](https://github.com/sinisterghost/https-github.com-iBearcat-CVE-2018-8174_EXP) +### CVE-2018-8208 (2018-06-14) + + +An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8214. + + +- [kaisaryousuf/CVE-2018-8208](https://github.com/kaisaryousuf/CVE-2018-8208) + ### CVE-2018-8214 (2018-06-14) @@ -16365,6 +16456,7 @@ A statement in the System Programming Guide of the Intel 64 and IA-32 Architectu - [nmulasmajic/CVE-2018-8897](https://github.com/nmulasmajic/CVE-2018-8897) - [jiazhang0/pop-mov-ss-exploit](https://github.com/jiazhang0/pop-mov-ss-exploit) - [can1357/CVE-2018-8897](https://github.com/can1357/CVE-2018-8897) +- [nmulasmajic/syscall_exploit_CVE-2018-8897](https://github.com/nmulasmajic/syscall_exploit_CVE-2018-8897) ### CVE-2018-8941 (2018-04-03) @@ -16486,6 +16578,7 @@ This vulnerability allows remote attackers to disclose sensitive information on - [manojcode/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958](https://github.com/manojcode/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958) +- [orangepirate/cve-2018-9948-9958-exp](https://github.com/orangepirate/cve-2018-9948-9958-exp) ### CVE-2018-9950 (2018-05-17) @@ -16681,6 +16774,14 @@ A weakness was found in postgresql-jdbc before version 42.2.5. It was possible t - [tafamace/CVE-2018-10936](https://github.com/tafamace/CVE-2018-10936) +### CVE-2018-10949 (2018-05-09) + + +mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 allows Account Enumeration by leveraging a Discrepancy between the "HTTP 404 - account is not active" and "HTTP 401 - must authenticate" errors. + + +- [0x00-0x00/CVE-2018-10949](https://github.com/0x00-0x00/CVE-2018-10949) + ### CVE-2018-11235 (2018-05-30) @@ -16804,8 +16905,18 @@ From version 1.3.0 onward, Apache Spark's standalone master exposes a REST API f Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace. +- [trbpnd/CVE-2018-11776](https://github.com/trbpnd/CVE-2018-11776) - [xfox64x/CVE-2018-11776](https://github.com/xfox64x/CVE-2018-11776) +- [jiguangrst/CVE-2018-11776](https://github.com/jiguangrst/CVE-2018-11776) +- [hook-s3c/CVE-2018-11776-Python-PoC](https://github.com/hook-s3c/CVE-2018-11776-Python-PoC) +- [mazen160/struts-pwn_CVE-2018-11776](https://github.com/mazen160/struts-pwn_CVE-2018-11776) +- [bhdresh/CVE-2018-11776](https://github.com/bhdresh/CVE-2018-11776) +- [knqyf263/CVE-2018-11776](https://github.com/knqyf263/CVE-2018-11776) - [Ekultek/Strutter](https://github.com/Ekultek/Strutter) +- [tuxotron/cve-2018-11776-docker](https://github.com/tuxotron/cve-2018-11776-docker) +- [brianwrf/S2-057-CVE-2018-11776](https://github.com/brianwrf/S2-057-CVE-2018-11776) +- [649/Apache-Struts-Shodan-Exploit](https://github.com/649/Apache-Struts-Shodan-Exploit) +- [jezzus/CVE-2018-11776-Python-PoC](https://github.com/jezzus/CVE-2018-11776-Python-PoC) - [cved-sources/cve-2018-11776](https://github.com/cved-sources/cve-2018-11776) - [OzNetNerd/apche-struts-vuln-demo-cve-2018-11776](https://github.com/OzNetNerd/apche-struts-vuln-demo-cve-2018-11776) - [cucadili/CVE-2018-11776](https://github.com/cucadili/CVE-2018-11776) @@ -16893,6 +17004,14 @@ LTB (aka LDAP Tool Box) Self Service Password before 1.3 allows a change to a us - [reversebrain/CVE-2018-12421](https://github.com/reversebrain/CVE-2018-12421) +### CVE-2018-12463 (2018-07-12) + + +An XML external entity (XXE) vulnerability in Fortify Software Security Center (SSC), version 17.1, 17.2, 18.1 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. + + +- [alt3kx/CVE-2018-12463](https://github.com/alt3kx/CVE-2018-12463) + ### CVE-2018-12533 (2018-06-18) @@ -17017,6 +17136,14 @@ An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6. - [shinecome/zip](https://github.com/shinecome/zip) +### CVE-2018-13784 (2018-07-09) + + +PrestaShop before 1.6.1.20 and 1.7.x before 1.7.3.4 mishandles cookie encryption in Cookie.php, Rinjdael.php, and Blowfish.php. + + +- [ambionics/prestashop-exploits](https://github.com/ambionics/prestashop-exploits) + ### CVE-2018-13797 (2018-07-10) @@ -17041,6 +17168,14 @@ Codiad through 2.8.4 allows Remote Code Execution, a different vulnerability tha - [hidog123/Codiad-CVE-2018-14009](https://github.com/hidog123/Codiad-CVE-2018-14009) +### CVE-2018-14083 (2018-07-25) + + +LICA miniCMTS E8K(u/i/...) devices allow remote attackers to obtain sensitive information via a direct POST request for the inc/user.ini file, leading to discovery of a password hash. + + +- [pudding2/CVE-2018-14083](https://github.com/pudding2/CVE-2018-14083) + ### CVE-2018-14442 (2018-07-20) @@ -17090,6 +17225,14 @@ System command injection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.500 - [tin-z/CVE-2018-14714-POC](https://github.com/tin-z/CVE-2018-14714-POC) - [sunn1day/CVE-2018-14714-POC](https://github.com/sunn1day/CVE-2018-14714-POC) +### CVE-2018-14729 (2019-05-22) + + +The database backup feature in upload/source/admincp/admincp_db.php in Discuz! 2.5 and 3.4 allows remote attackers to execute arbitrary PHP code. + + +- [c0010/CVE-2018-14729](https://github.com/c0010/CVE-2018-14729) + ### CVE-2018-14772 (2018-10-16) @@ -17114,6 +17257,14 @@ MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read a - [yukar1z0e/CVE-2018-14847](https://github.com/yukar1z0e/CVE-2018-14847) - [hacker30468/Mikrotik-router-hack](https://github.com/hacker30468/Mikrotik-router-hack) +### CVE-2018-15131 (2019-05-30) + + +An issue was discovered in Synacor Zimbra Collaboration Suite 8.6.x before 8.6.0 Patch 11, 8.7.x before 8.7.11 Patch 6, 8.8.x before 8.8.8 Patch 9, and 8.8.9 before 8.8.9 Patch 3. Account number enumeration is possible via inconsistent responses for specific types of authentication requests. + + +- [0x00-0x00/CVE-2018-15131](https://github.com/0x00-0x00/CVE-2018-15131) + ### CVE-2018-15133 (2018-08-09) @@ -17178,6 +17329,14 @@ OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not dela - [robiul-awal/CVE-2018-15473](https://github.com/robiul-awal/CVE-2018-15473) - [Goldenmonkeyy/SSHusernameEnum](https://github.com/Goldenmonkeyy/SSHusernameEnum) +### CVE-2018-15499 (2018-08-24) + + +GEAR Software products that include GEARAspiWDM.sys, 2.2.5.0, allow local users to cause a denial of service (Race Condition and BSoD on Windows) by not checking that user-mode memory is available right before writing to it. A check is only performed at the beginning of a long subroutine. + + +- [DownWithUp/CVE-2018-15499](https://github.com/DownWithUp/CVE-2018-15499) + ### CVE-2018-15686 (2018-10-26) @@ -17192,6 +17351,7 @@ A vulnerability in unit_deserialize of systemd allows an attacker to supply arbi Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user. +- [u238/grafana-CVE-2018-15727](https://github.com/u238/grafana-CVE-2018-15727) - [svnsyn/CVE-2018-15727](https://github.com/svnsyn/CVE-2018-15727) ### CVE-2018-15832 (2018-09-20) @@ -17219,6 +17379,14 @@ The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerabl - [cved-sources/cve-2018-15877](https://github.com/cved-sources/cve-2018-15877) - [Cinnamon1212/CVE-2018-15877-RCE](https://github.com/Cinnamon1212/CVE-2018-15877-RCE) +### CVE-2018-15912 (2018-08-29) + + +An issue was discovered in manjaro-update-system.sh in manjaro-system 20180716-1 on Manjaro Linux. A local attacker can install or remove arbitrary packages and package repositories potentially containing hooks with arbitrary code, which will automatically be run as root, or remove packages vital to the system. + + +- [coderobe/CVE-2018-15912-PoC](https://github.com/coderobe/CVE-2018-15912-PoC) + ### CVE-2018-15961 (2018-09-25) @@ -17301,6 +17469,22 @@ ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitial - [mpgn/CVE-2018-16341](https://github.com/mpgn/CVE-2018-16341) - [puckiestyle/CVE-2018-16341](https://github.com/puckiestyle/CVE-2018-16341) +### CVE-2018-16370 (2018-09-02) + + +In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive. + + +- [snappyJack/CVE-2018-16370](https://github.com/snappyJack/CVE-2018-16370) + +### CVE-2018-16373 (2018-09-02) + + +Frog CMS 0.9.5 has an Upload vulnerability that can create files via /admin/?/plugin/file_manager/save. + + +- [snappyJack/CVE-2018-16373](https://github.com/snappyJack/CVE-2018-16373) + ### CVE-2018-16492 (2019-02-01)