From 3915a822c05ce3a52cbef316f3d510a07a23faf5 Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Fri, 15 Jan 2021 18:10:17 +0900 Subject: [PATCH] Auto Update 2021/01/15 18:10:17 --- 2008/CVE-2008-0166.json | 8 +++---- 2008/CVE-2008-4687.json | 8 +++---- 2014/CVE-2014-4210.json | 12 +++++------ 2015/CVE-2015-1805.json | 8 +++---- 2015/CVE-2015-8239.json | 25 ++++++++++++++++++++++ 2016/CVE-2016-0638.json | 12 +++++------ 2016/CVE-2016-2386.json | 12 +++++------ 2016/CVE-2016-4014.json | 12 +++++------ 2017/CVE-2017-0199.json | 24 ++++++++++----------- 2017/CVE-2017-11882.json | 40 +++++++++++++++++----------------- 2017/CVE-2017-12617.json | 8 +++---- 2017/CVE-2017-3248.json | 12 +++++------ 2017/CVE-2017-5638.json | 8 +++---- 2017/CVE-2017-7529.json | 4 ++-- 2017/CVE-2017-9248.json | 4 ++-- 2017/CVE-2017-9822.json | 12 +++++------ 2018/CVE-2018-0802.json | 8 +++---- 2018/CVE-2018-15133.json | 12 +++++------ 2018/CVE-2018-2628.json | 12 +++++------ 2018/CVE-2018-2894.json | 8 +++---- 2018/CVE-2018-5955.json | 8 +++---- 2019/CVE-2019-11510.json | 8 +++---- 2019/CVE-2019-11708.json | 8 +++---- 2019/CVE-2019-1458.json | 8 +++---- 2019/CVE-2019-17558.json | 12 +++++------ 2019/CVE-2019-18935.json | 12 +++++------ 2019/CVE-2019-18988.json | 4 ++-- 2019/CVE-2019-2618.json | 20 ++++++++--------- 2019/CVE-2019-5736.json | 23 -------------------- 2019/CVE-2019-5786.json | 8 +++---- 2019/CVE-2019-8605.json | 25 ++++++++++++++++++++++ 2019/CVE-2019-9599.json | 12 +++++------ 2020/CVE-2020-0022.json | 8 +++---- 2020/CVE-2020-0601.json | 23 -------------------- 2020/CVE-2020-0683.json | 8 +++---- 2020/CVE-2020-0688.json | 12 +++++------ 2020/CVE-2020-0796.json | 8 +++---- 2020/CVE-2020-1048.json | 8 +++---- 2020/CVE-2020-1349.json | 12 +++++------ 2020/CVE-2020-13935.json | 8 +++---- 2020/CVE-2020-13937.json | 25 ++++++++++++++++++++++ 2020/CVE-2020-14386.json | 12 +++++------ 2020/CVE-2020-1472.json | 6 +++--- 2020/CVE-2020-14882.json | 36 +++++++++++++++---------------- 2020/CVE-2020-14883.json | 12 +++++------ 2020/CVE-2020-1493.json | 12 +++++------ 2020/CVE-2020-16947.json | 12 +++++------ 2020/CVE-2020-17518.json | 12 +++++------ 2020/CVE-2020-17519.json | 12 +++++------ 2020/CVE-2020-17530.json | 4 ++-- 2020/CVE-2020-1938.json | 8 +++---- 2020/CVE-2020-2551.json | 12 +++++------ 2020/CVE-2020-26732.json | 2 +- 2020/CVE-2020-26733.json | 2 +- 2020/CVE-2020-27368.json | 8 +++---- 2020/CVE-2020-3452.json | 20 ++++++++--------- 2020/CVE-2020-5509.json | 25 ---------------------- 2020/CVE-2020-5902.json | 12 +++++------ 2020/CVE-2020-6207.json | 12 +++++------ 2020/CVE-2020-6286.json | 12 +++++------ 2020/CVE-2020-6287.json | 12 +++++------ 2020/CVE-2020-8165.json | 46 ++++++++++++++++++++++++++++++++++++++++ 2020/CVE-2020-8175.json | 8 +++---- 2020/CVE-2020-8617.json | 12 +++++------ 2021/CVE-2021-1056.json | 8 +++---- 2021/CVE-2021-3129.json | 8 +++---- README.md | 36 ++++++++++++++++++++++--------- 67 files changed, 468 insertions(+), 402 deletions(-) create mode 100644 2015/CVE-2015-8239.json create mode 100644 2019/CVE-2019-8605.json create mode 100644 2020/CVE-2020-13937.json delete mode 100644 2020/CVE-2020-5509.json diff --git a/2008/CVE-2008-0166.json b/2008/CVE-2008-0166.json index 95d6f7114c..5c98e96885 100644 --- a/2008/CVE-2008-0166.json +++ b/2008/CVE-2008-0166.json @@ -13,13 +13,13 @@ "description": "Debian OpenSSL Predictable PRNG (CVE-2008-0166)", "fork": false, "created_at": "2013-09-22T21:20:31Z", - "updated_at": "2021-01-08T04:48:30Z", + "updated_at": "2021-01-15T06:29:45Z", "pushed_at": "2017-04-24T14:16:56Z", - "stargazers_count": 286, - "watchers_count": 286, + "stargazers_count": 287, + "watchers_count": 287, "forks_count": 89, "forks": 89, - "watchers": 286, + "watchers": 287, "score": 0 }, { diff --git a/2008/CVE-2008-4687.json b/2008/CVE-2008-4687.json index 338a0bf998..fd557506e7 100644 --- a/2008/CVE-2008-4687.json +++ b/2008/CVE-2008-4687.json @@ -13,13 +13,13 @@ "description": null, "fork": false, "created_at": "2020-05-30T04:53:07Z", - "updated_at": "2020-05-30T05:14:42Z", + "updated_at": "2021-01-15T08:51:26Z", "pushed_at": "2020-05-30T05:14:40Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "forks_count": 0, "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0 } ] \ No newline at end of file diff --git a/2014/CVE-2014-4210.json b/2014/CVE-2014-4210.json index fe87c7d5ca..429007b9f3 100644 --- a/2014/CVE-2014-4210.json +++ b/2014/CVE-2014-4210.json @@ -36,13 +36,13 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2021-01-15T02:15:12Z", + "updated_at": "2021-01-15T03:18:57Z", "pushed_at": "2020-11-27T15:10:58Z", - "stargazers_count": 882, - "watchers_count": 882, - "forks_count": 208, - "forks": 208, - "watchers": 882, + "stargazers_count": 883, + "watchers_count": 883, + "forks_count": 209, + "forks": 209, + "watchers": 883, "score": 0 }, { diff --git a/2015/CVE-2015-1805.json b/2015/CVE-2015-1805.json index 8227aac9f2..9cb0535615 100644 --- a/2015/CVE-2015-1805.json +++ b/2015/CVE-2015-1805.json @@ -36,13 +36,13 @@ "description": "CVE-2015-1805 root tool", "fork": false, "created_at": "2016-04-01T12:10:14Z", - "updated_at": "2021-01-14T10:22:08Z", + "updated_at": "2021-01-15T08:51:30Z", "pushed_at": "2017-11-23T20:55:03Z", - "stargazers_count": 252, - "watchers_count": 252, + "stargazers_count": 253, + "watchers_count": 253, "forks_count": 151, "forks": 151, - "watchers": 252, + "watchers": 253, "score": 0 }, { diff --git a/2015/CVE-2015-8239.json b/2015/CVE-2015-8239.json new file mode 100644 index 0000000000..039240a156 --- /dev/null +++ b/2015/CVE-2015-8239.json @@ -0,0 +1,25 @@ +[ + { + "id": 329796212, + "name": "sudo_digest_toctou_poc_CVE-2015-8239", + "full_name": "justinsteven\/sudo_digest_toctou_poc_CVE-2015-8239", + "owner": { + "login": "justinsteven", + "id": 1893909, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/1893909?v=4", + "html_url": "https:\/\/github.com\/justinsteven" + }, + "html_url": "https:\/\/github.com\/justinsteven\/sudo_digest_toctou_poc_CVE-2015-8239", + "description": null, + "fork": false, + "created_at": "2021-01-15T03:14:02Z", + "updated_at": "2021-01-15T03:18:03Z", + "pushed_at": "2021-01-15T03:18:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2016/CVE-2016-0638.json b/2016/CVE-2016-0638.json index 3826bfcb92..4c4407371b 100644 --- a/2016/CVE-2016-0638.json +++ b/2016/CVE-2016-0638.json @@ -13,13 +13,13 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2021-01-15T02:15:12Z", + "updated_at": "2021-01-15T03:18:57Z", "pushed_at": "2020-11-27T15:10:58Z", - "stargazers_count": 882, - "watchers_count": 882, - "forks_count": 208, - "forks": 208, - "watchers": 882, + "stargazers_count": 883, + "watchers_count": 883, + "forks_count": 209, + "forks": 209, + "watchers": 883, "score": 0 }, { diff --git a/2016/CVE-2016-2386.json b/2016/CVE-2016-2386.json index 3ee47e9422..c585015166 100644 --- a/2016/CVE-2016-2386.json +++ b/2016/CVE-2016-2386.json @@ -13,13 +13,13 @@ "description": "[CVE-2016-2386] SAP NetWeaver AS JAVA UDDI Component SQL Injection", "fork": false, "created_at": "2020-08-13T12:07:09Z", - "updated_at": "2020-08-13T12:53:21Z", + "updated_at": "2021-01-15T04:59:48Z", "pushed_at": "2020-08-13T12:53:19Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, "score": 0 } ] \ No newline at end of file diff --git a/2016/CVE-2016-4014.json b/2016/CVE-2016-4014.json index fce06f3ae4..df01f682fd 100644 --- a/2016/CVE-2016-4014.json +++ b/2016/CVE-2016-4014.json @@ -13,13 +13,13 @@ "description": "[CVE-2016-4014] SAP Netweaver AS JAVA UDDI Component XML External Entity (XXE)", "fork": false, "created_at": "2020-08-13T11:51:37Z", - "updated_at": "2020-08-13T12:54:16Z", + "updated_at": "2021-01-15T04:59:40Z", "pushed_at": "2020-08-13T12:54:13Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, "score": 0 } ] \ No newline at end of file diff --git a/2017/CVE-2017-0199.json b/2017/CVE-2017-0199.json index 7c85da0bf1..304dd53e1a 100644 --- a/2017/CVE-2017-0199.json +++ b/2017/CVE-2017-0199.json @@ -59,13 +59,13 @@ "description": "Exploit toolkit CVE-2017-0199 - v4.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft Office RCE. It could generate a malicious RTF\/PPSX file and deliver metasploit \/ meterpreter \/ other payload to victim without any complex configuration.", "fork": false, "created_at": "2017-04-17T08:10:07Z", - "updated_at": "2021-01-10T04:10:28Z", + "updated_at": "2021-01-15T03:27:42Z", "pushed_at": "2017-11-19T11:01:16Z", - "stargazers_count": 639, - "watchers_count": 639, + "stargazers_count": 640, + "watchers_count": 640, "forks_count": 284, "forks": 284, - "watchers": 639, + "watchers": 640, "score": 0 }, { @@ -128,13 +128,13 @@ "description": "Exploit toolkit CVE-2017-0199 - v2.0 is a handy python script which provides a quick and effective way to exploit Microsoft RTF RCE. It could generate a malicious RTF file and deliver metasploit \/ meterpreter \/ any other payload to victim without any complex configuration.", "fork": false, "created_at": "2017-04-22T04:01:38Z", - "updated_at": "2020-04-07T06:30:43Z", + "updated_at": "2021-01-15T03:33:36Z", "pushed_at": "2017-04-22T04:01:54Z", - "stargazers_count": 7, - "watchers_count": 7, + "stargazers_count": 8, + "watchers_count": 8, "forks_count": 11, "forks": 11, - "watchers": 7, + "watchers": 8, "score": 0 }, { @@ -266,13 +266,13 @@ "description": null, "fork": false, "created_at": "2017-06-30T09:08:40Z", - "updated_at": "2020-03-26T07:51:03Z", + "updated_at": "2021-01-15T03:34:09Z", "pushed_at": "2017-06-30T09:11:27Z", - "stargazers_count": 1, - "watchers_count": 1, + "stargazers_count": 2, + "watchers_count": 2, "forks_count": 2, "forks": 2, - "watchers": 1, + "watchers": 2, "score": 0 }, { diff --git a/2017/CVE-2017-11882.json b/2017/CVE-2017-11882.json index 8e4c526e87..fc19488f4a 100644 --- a/2017/CVE-2017-11882.json +++ b/2017/CVE-2017-11882.json @@ -36,13 +36,13 @@ "description": "Proof-of-Concept exploits for CVE-2017-11882", "fork": false, "created_at": "2017-11-20T16:35:30Z", - "updated_at": "2021-01-13T19:54:37Z", + "updated_at": "2021-01-15T08:57:44Z", "pushed_at": "2017-11-29T16:13:23Z", - "stargazers_count": 479, - "watchers_count": 479, - "forks_count": 199, - "forks": 199, - "watchers": 479, + "stargazers_count": 480, + "watchers_count": 480, + "forks_count": 198, + "forks": 198, + "watchers": 480, "score": 0 }, { @@ -59,13 +59,13 @@ "description": "CVE-2017-11882 from https:\/\/github.com\/embedi\/CVE-2017-11882", "fork": false, "created_at": "2017-11-21T05:55:53Z", - "updated_at": "2021-01-13T19:54:38Z", + "updated_at": "2021-01-15T08:56:29Z", "pushed_at": "2017-11-29T03:33:53Z", - "stargazers_count": 479, - "watchers_count": 479, - "forks_count": 245, - "forks": 245, - "watchers": 479, + "stargazers_count": 480, + "watchers_count": 480, + "forks_count": 244, + "forks": 244, + "watchers": 480, "score": 0 }, { @@ -266,13 +266,13 @@ "description": null, "fork": false, "created_at": "2017-11-27T01:50:44Z", - "updated_at": "2021-01-14T02:06:32Z", + "updated_at": "2021-01-15T03:33:08Z", "pushed_at": "2017-11-27T01:50:52Z", - "stargazers_count": 1, - "watchers_count": 1, + "stargazers_count": 2, + "watchers_count": 2, "forks_count": 0, "forks": 0, - "watchers": 1, + "watchers": 2, "score": 0 }, { @@ -358,13 +358,13 @@ "description": null, "fork": false, "created_at": "2018-01-16T05:49:01Z", - "updated_at": "2021-01-09T23:50:41Z", + "updated_at": "2021-01-15T03:33:11Z", "pushed_at": "2018-01-16T05:49:10Z", - "stargazers_count": 9, - "watchers_count": 9, + "stargazers_count": 10, + "watchers_count": 10, "forks_count": 4, "forks": 4, - "watchers": 9, + "watchers": 10, "score": 0 }, { diff --git a/2017/CVE-2017-12617.json b/2017/CVE-2017-12617.json index ce3b161a33..929111b8a4 100644 --- a/2017/CVE-2017-12617.json +++ b/2017/CVE-2017-12617.json @@ -13,13 +13,13 @@ "description": "Apache Tomcat < 9.0.1 (Beta) \/ < 8.5.23 \/ < 8.0.47 \/ < 7.0.8 - JSP Upload Bypass \/ Remote Code Execution ", "fork": false, "created_at": "2017-10-05T23:41:52Z", - "updated_at": "2020-12-16T08:00:31Z", + "updated_at": "2021-01-15T06:05:47Z", "pushed_at": "2017-10-11T07:43:50Z", - "stargazers_count": 352, - "watchers_count": 352, + "stargazers_count": 353, + "watchers_count": 353, "forks_count": 132, "forks": 132, - "watchers": 352, + "watchers": 353, "score": 0 }, { diff --git a/2017/CVE-2017-3248.json b/2017/CVE-2017-3248.json index 2270e5c211..40c29cc355 100644 --- a/2017/CVE-2017-3248.json +++ b/2017/CVE-2017-3248.json @@ -36,13 +36,13 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2021-01-15T02:15:12Z", + "updated_at": "2021-01-15T03:18:57Z", "pushed_at": "2020-11-27T15:10:58Z", - "stargazers_count": 882, - "watchers_count": 882, - "forks_count": 208, - "forks": 208, - "watchers": 882, + "stargazers_count": 883, + "watchers_count": 883, + "forks_count": 209, + "forks": 209, + "watchers": 883, "score": 0 } ] \ No newline at end of file diff --git a/2017/CVE-2017-5638.json b/2017/CVE-2017-5638.json index 56fe43746e..a6dc8ee3ac 100644 --- a/2017/CVE-2017-5638.json +++ b/2017/CVE-2017-5638.json @@ -312,13 +312,13 @@ "description": "An exploit for Apache Struts CVE-2017-5638", "fork": false, "created_at": "2017-03-12T02:02:25Z", - "updated_at": "2020-12-11T06:40:52Z", + "updated_at": "2021-01-15T03:36:05Z", "pushed_at": "2018-05-21T18:33:26Z", - "stargazers_count": 380, - "watchers_count": 380, + "stargazers_count": 381, + "watchers_count": 381, "forks_count": 138, "forks": 138, - "watchers": 380, + "watchers": 381, "score": 0 }, { diff --git a/2017/CVE-2017-7529.json b/2017/CVE-2017-7529.json index 010fb60b15..a6ff8f4315 100644 --- a/2017/CVE-2017-7529.json +++ b/2017/CVE-2017-7529.json @@ -17,8 +17,8 @@ "pushed_at": "2017-07-21T06:29:35Z", "stargazers_count": 10, "watchers_count": 10, - "forks_count": 7, - "forks": 7, + "forks_count": 8, + "forks": 8, "watchers": 10, "score": 0 }, diff --git a/2017/CVE-2017-9248.json b/2017/CVE-2017-9248.json index 0e3e03a209..c67bb013f9 100644 --- a/2017/CVE-2017-9248.json +++ b/2017/CVE-2017-9248.json @@ -17,8 +17,8 @@ "pushed_at": "2020-12-22T03:10:47Z", "stargazers_count": 93, "watchers_count": 93, - "forks_count": 33, - "forks": 33, + "forks_count": 34, + "forks": 34, "watchers": 93, "score": 0 }, diff --git a/2017/CVE-2017-9822.json b/2017/CVE-2017-9822.json index a4b333f45c..f822bf4989 100644 --- a/2017/CVE-2017-9822.json +++ b/2017/CVE-2017-9822.json @@ -13,13 +13,13 @@ "description": "[CVE-2017-9822] DotNetNuke Cookie Deserialization Remote Code Execution (RCE)", "fork": false, "created_at": "2020-08-28T12:45:44Z", - "updated_at": "2020-09-14T02:50:54Z", + "updated_at": "2021-01-15T04:57:55Z", "pushed_at": "2020-08-30T00:27:40Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 0, - "forks": 0, - "watchers": 1, + "stargazers_count": 2, + "watchers_count": 2, + "forks_count": 1, + "forks": 1, + "watchers": 2, "score": 0 } ] \ No newline at end of file diff --git a/2018/CVE-2018-0802.json b/2018/CVE-2018-0802.json index e33c003d9b..33a5d80985 100644 --- a/2018/CVE-2018-0802.json +++ b/2018/CVE-2018-0802.json @@ -82,13 +82,13 @@ "description": null, "fork": false, "created_at": "2018-01-16T05:49:01Z", - "updated_at": "2021-01-09T23:50:41Z", + "updated_at": "2021-01-15T03:33:11Z", "pushed_at": "2018-01-16T05:49:10Z", - "stargazers_count": 9, - "watchers_count": 9, + "stargazers_count": 10, + "watchers_count": 10, "forks_count": 4, "forks": 4, - "watchers": 9, + "watchers": 10, "score": 0 }, { diff --git a/2018/CVE-2018-15133.json b/2018/CVE-2018-15133.json index 54ef6c2ce8..9aa15b47f6 100644 --- a/2018/CVE-2018-15133.json +++ b/2018/CVE-2018-15133.json @@ -128,13 +128,13 @@ "description": "Exploit for Laravel Remote Code Execution with API_KEY (CVE-2018-15133)", "fork": false, "created_at": "2020-11-13T16:33:52Z", - "updated_at": "2021-01-11T17:44:35Z", + "updated_at": "2021-01-15T05:03:57Z", "pushed_at": "2020-12-31T20:34:30Z", - "stargazers_count": 4, - "watchers_count": 4, - "forks_count": 5, - "forks": 5, - "watchers": 4, + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 6, + "forks": 6, + "watchers": 5, "score": 0 }, { diff --git a/2018/CVE-2018-2628.json b/2018/CVE-2018-2628.json index 1d18ef08b3..18e65df529 100644 --- a/2018/CVE-2018-2628.json +++ b/2018/CVE-2018-2628.json @@ -450,13 +450,13 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2021-01-15T02:15:12Z", + "updated_at": "2021-01-15T03:18:57Z", "pushed_at": "2020-11-27T15:10:58Z", - "stargazers_count": 882, - "watchers_count": 882, - "forks_count": 208, - "forks": 208, - "watchers": 882, + "stargazers_count": 883, + "watchers_count": 883, + "forks_count": 209, + "forks": 209, + "watchers": 883, "score": 0 }, { diff --git a/2018/CVE-2018-2894.json b/2018/CVE-2018-2894.json index 5d42169b95..a1080d8cc5 100644 --- a/2018/CVE-2018-2894.json +++ b/2018/CVE-2018-2894.json @@ -82,13 +82,13 @@ "description": "Ladon Scanner For Python, Large Network Penetration Scanner & Cobalt Strike, vulnerability \/ exploit \/ detection \/ MS17010\/SmbGhost\/CVE-2020-0796\/CVE-2018-2894", "fork": false, "created_at": "2019-11-19T16:51:39Z", - "updated_at": "2021-01-12T06:43:31Z", + "updated_at": "2021-01-15T04:14:55Z", "pushed_at": "2020-12-08T15:39:24Z", - "stargazers_count": 32, - "watchers_count": 32, + "stargazers_count": 34, + "watchers_count": 34, "forks_count": 11, "forks": 11, - "watchers": 32, + "watchers": 34, "score": 0 }, { diff --git a/2018/CVE-2018-5955.json b/2018/CVE-2018-5955.json index 8806e1ff0a..f73619eafe 100644 --- a/2018/CVE-2018-5955.json +++ b/2018/CVE-2018-5955.json @@ -36,13 +36,13 @@ "description": "一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能", "fork": false, "created_at": "2019-12-21T22:45:55Z", - "updated_at": "2021-01-14T14:18:30Z", + "updated_at": "2021-01-15T09:01:20Z", "pushed_at": "2020-01-05T21:46:25Z", - "stargazers_count": 352, - "watchers_count": 352, + "stargazers_count": 354, + "watchers_count": 354, "forks_count": 81, "forks": 81, - "watchers": 352, + "watchers": 354, "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-11510.json b/2019/CVE-2019-11510.json index 6037cbf32e..381df9eaef 100644 --- a/2019/CVE-2019-11510.json +++ b/2019/CVE-2019-11510.json @@ -13,13 +13,13 @@ "description": "Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510)", "fork": false, "created_at": "2019-08-21T08:40:26Z", - "updated_at": "2020-12-29T08:55:05Z", + "updated_at": "2021-01-15T06:07:23Z", "pushed_at": "2020-01-11T13:55:33Z", - "stargazers_count": 339, - "watchers_count": 339, + "stargazers_count": 341, + "watchers_count": 341, "forks_count": 138, "forks": 138, - "watchers": 339, + "watchers": 341, "score": 0 }, { diff --git a/2019/CVE-2019-11708.json b/2019/CVE-2019-11708.json index 4fe60aa906..95bcae82cf 100644 --- a/2019/CVE-2019-11708.json +++ b/2019/CVE-2019-11708.json @@ -13,13 +13,13 @@ "description": "Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit.", "fork": false, "created_at": "2019-09-29T07:08:52Z", - "updated_at": "2021-01-14T10:41:08Z", + "updated_at": "2021-01-15T03:24:19Z", "pushed_at": "2020-06-13T17:40:14Z", - "stargazers_count": 580, - "watchers_count": 580, + "stargazers_count": 581, + "watchers_count": 581, "forks_count": 81, "forks": 81, - "watchers": 580, + "watchers": 581, "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-1458.json b/2019/CVE-2019-1458.json index 25f5cfcf42..b190e58e2f 100644 --- a/2019/CVE-2019-1458.json +++ b/2019/CVE-2019-1458.json @@ -13,13 +13,13 @@ "description": "POC for cve-2019-1458", "fork": false, "created_at": "2020-03-03T17:55:07Z", - "updated_at": "2021-01-09T22:41:48Z", + "updated_at": "2021-01-15T03:22:09Z", "pushed_at": "2020-03-04T07:05:24Z", - "stargazers_count": 127, - "watchers_count": 127, + "stargazers_count": 128, + "watchers_count": 128, "forks_count": 51, "forks": 51, - "watchers": 127, + "watchers": 128, "score": 0 }, { diff --git a/2019/CVE-2019-17558.json b/2019/CVE-2019-17558.json index cb711d4c4c..bb97b2cd6e 100644 --- a/2019/CVE-2019-17558.json +++ b/2019/CVE-2019-17558.json @@ -36,13 +36,13 @@ "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340", "fork": false, "created_at": "2020-04-01T09:33:35Z", - "updated_at": "2021-01-15T01:58:53Z", + "updated_at": "2021-01-15T09:04:09Z", "pushed_at": "2020-11-07T05:55:00Z", - "stargazers_count": 2266, - "watchers_count": 2266, - "forks_count": 639, - "forks": 639, - "watchers": 2266, + "stargazers_count": 2268, + "watchers_count": 2268, + "forks_count": 640, + "forks": 640, + "watchers": 2268, "score": 0 }, { diff --git a/2019/CVE-2019-18935.json b/2019/CVE-2019-18935.json index cde0ec2a18..9a546fbce7 100644 --- a/2019/CVE-2019-18935.json +++ b/2019/CVE-2019-18935.json @@ -128,13 +128,13 @@ "description": "[CVE-2019-18935] Telerik UI for ASP.NET AJAX (RadAsyncUpload Handler) .NET JSON Deserialization", "fork": false, "created_at": "2020-08-19T17:11:02Z", - "updated_at": "2020-11-29T04:05:28Z", + "updated_at": "2021-01-15T04:58:41Z", "pushed_at": "2020-08-25T07:55:22Z", - "stargazers_count": 3, - "watchers_count": 3, - "forks_count": 0, - "forks": 0, - "watchers": 3, + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, + "forks": 1, + "watchers": 4, "score": 0 }, { diff --git a/2019/CVE-2019-18988.json b/2019/CVE-2019-18988.json index 412e5ead18..9fe9e34c9a 100644 --- a/2019/CVE-2019-18988.json +++ b/2019/CVE-2019-18988.json @@ -40,8 +40,8 @@ "pushed_at": "2020-07-13T15:30:50Z", "stargazers_count": 3, "watchers_count": 3, - "forks_count": 1, - "forks": 1, + "forks_count": 2, + "forks": 2, "watchers": 3, "score": 0 } diff --git a/2019/CVE-2019-2618.json b/2019/CVE-2019-2618.json index c0cbe1b440..7a4c550be7 100644 --- a/2019/CVE-2019-2618.json +++ b/2019/CVE-2019-2618.json @@ -82,13 +82,13 @@ "description": "增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持", "fork": false, "created_at": "2019-06-21T09:22:43Z", - "updated_at": "2021-01-13T15:55:37Z", + "updated_at": "2021-01-15T08:33:28Z", "pushed_at": "2020-04-26T10:49:25Z", - "stargazers_count": 701, - "watchers_count": 701, + "stargazers_count": 702, + "watchers_count": 702, "forks_count": 143, "forks": 143, - "watchers": 701, + "watchers": 702, "score": 0 }, { @@ -151,13 +151,13 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2021-01-15T02:15:12Z", + "updated_at": "2021-01-15T03:18:57Z", "pushed_at": "2020-11-27T15:10:58Z", - "stargazers_count": 882, - "watchers_count": 882, - "forks_count": 208, - "forks": 208, - "watchers": 882, + "stargazers_count": 883, + "watchers_count": 883, + "forks_count": 209, + "forks": 209, + "watchers": 883, "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-5736.json b/2019/CVE-2019-5736.json index 7e1f7f4680..53b22c0907 100644 --- a/2019/CVE-2019-5736.json +++ b/2019/CVE-2019-5736.json @@ -45,29 +45,6 @@ "watchers": 452, "score": 0 }, - { - "id": 170656576, - "name": "CVE-2019-5736", - "full_name": "likescam\/CVE-2019-5736", - "owner": { - "login": "likescam", - "id": 2469038, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/2469038?v=4", - "html_url": "https:\/\/github.com\/likescam" - }, - "html_url": "https:\/\/github.com\/likescam\/CVE-2019-5736", - "description": null, - "fork": false, - "created_at": "2019-02-14T08:37:25Z", - "updated_at": "2019-02-14T08:37:36Z", - "pushed_at": "2019-02-14T08:37:34Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, - "score": 0 - }, { "id": 170656601, "name": "cve-2019-5736-poc", diff --git a/2019/CVE-2019-5786.json b/2019/CVE-2019-5786.json index 0374607ca3..2e5576fdf1 100644 --- a/2019/CVE-2019-5786.json +++ b/2019/CVE-2019-5786.json @@ -13,13 +13,13 @@ "description": "FileReader Exploit", "fork": false, "created_at": "2019-03-20T18:43:49Z", - "updated_at": "2020-12-31T02:54:21Z", + "updated_at": "2021-01-15T03:19:14Z", "pushed_at": "2019-03-20T18:47:25Z", - "stargazers_count": 253, - "watchers_count": 253, + "stargazers_count": 254, + "watchers_count": 254, "forks_count": 85, "forks": 85, - "watchers": 253, + "watchers": 254, "score": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-8605.json b/2019/CVE-2019-8605.json new file mode 100644 index 0000000000..4cd8b96ae9 --- /dev/null +++ b/2019/CVE-2019-8605.json @@ -0,0 +1,25 @@ +[ + { + "id": 329825173, + "name": "CVE-2019-8605", + "full_name": "1nteger-c\/CVE-2019-8605", + "owner": { + "login": "1nteger-c", + "id": 51286442, + "avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/51286442?v=4", + "html_url": "https:\/\/github.com\/1nteger-c" + }, + "html_url": "https:\/\/github.com\/1nteger-c\/CVE-2019-8605", + "description": null, + "fork": false, + "created_at": "2021-01-15T06:12:14Z", + "updated_at": "2021-01-15T06:21:40Z", + "pushed_at": "2021-01-15T06:21:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9599.json b/2019/CVE-2019-9599.json index cf70e29761..be34b46811 100644 --- a/2019/CVE-2019-9599.json +++ b/2019/CVE-2019-9599.json @@ -13,13 +13,13 @@ "description": "Programa ideal para robar toda la información de un dispositivo remotamente a través de la aplicación AirDroid. [CVE-2019-9599] (https:\/\/www.exploit-db.com\/exploits\/46337)", "fork": false, "created_at": "2019-02-09T02:18:37Z", - "updated_at": "2020-08-16T23:48:07Z", + "updated_at": "2021-01-15T05:05:53Z", "pushed_at": "2019-11-03T17:29:56Z", - "stargazers_count": 7, - "watchers_count": 7, - "forks_count": 0, - "forks": 0, - "watchers": 7, + "stargazers_count": 8, + "watchers_count": 8, + "forks_count": 1, + "forks": 1, + "watchers": 8, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-0022.json b/2020/CVE-2020-0022.json index 4a5a5493ce..6b9866fd80 100644 --- a/2020/CVE-2020-0022.json +++ b/2020/CVE-2020-0022.json @@ -36,13 +36,13 @@ "description": "poc for cve-2020-0022", "fork": false, "created_at": "2020-02-15T16:55:44Z", - "updated_at": "2021-01-12T02:51:01Z", + "updated_at": "2021-01-15T07:00:11Z", "pushed_at": "2020-07-16T06:51:16Z", - "stargazers_count": 48, - "watchers_count": 48, + "stargazers_count": 49, + "watchers_count": 49, "forks_count": 23, "forks": 23, - "watchers": 48, + "watchers": 49, "score": 0 }, { diff --git a/2020/CVE-2020-0601.json b/2020/CVE-2020-0601.json index 5d861f0834..7f6005ae82 100644 --- a/2020/CVE-2020-0601.json +++ b/2020/CVE-2020-0601.json @@ -1,27 +1,4 @@ [ - { - "id": 233959211, - "name": "CVE-2020-0601", - "full_name": "nissan-sudo\/CVE-2020-0601", - "owner": { - "login": "nissan-sudo", - "id": 58976920, - "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/58976920?v=4", - "html_url": "https:\/\/github.com\/nissan-sudo" - }, - "html_url": "https:\/\/github.com\/nissan-sudo\/CVE-2020-0601", - "description": "Remote Code Execution Exploit ", - "fork": false, - "created_at": "2020-01-14T23:53:18Z", - "updated_at": "2020-01-27T17:28:37Z", - "pushed_at": "2020-01-14T23:56:22Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 1, - "forks": 1, - "watchers": 2, - "score": 0 - }, { "id": 233960159, "name": "cve-2020-0601", diff --git a/2020/CVE-2020-0683.json b/2020/CVE-2020-0683.json index e430c2e52e..a7a36dbc0c 100644 --- a/2020/CVE-2020-0683.json +++ b/2020/CVE-2020-0683.json @@ -13,13 +13,13 @@ "description": "CVE-2020-0683 - Windows MSI “Installer service” Elevation of Privilege", "fork": false, "created_at": "2020-02-11T16:42:34Z", - "updated_at": "2021-01-08T18:51:51Z", + "updated_at": "2021-01-15T08:39:13Z", "pushed_at": "2020-02-11T21:34:28Z", - "stargazers_count": 234, - "watchers_count": 234, + "stargazers_count": 236, + "watchers_count": 236, "forks_count": 48, "forks": 48, - "watchers": 234, + "watchers": 236, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-0688.json b/2020/CVE-2020-0688.json index 528a145f84..adbaf74b24 100644 --- a/2020/CVE-2020-0688.json +++ b/2020/CVE-2020-0688.json @@ -335,13 +335,13 @@ "description": "[CVE-2020-0688] Microsoft Exchange Server Fixed Cryptographic Key Remote Code Execution (RCE)", "fork": false, "created_at": "2020-08-17T12:41:51Z", - "updated_at": "2020-08-29T21:00:58Z", + "updated_at": "2021-01-15T04:58:34Z", "pushed_at": "2020-08-29T21:00:56Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, "score": 0 }, { diff --git a/2020/CVE-2020-0796.json b/2020/CVE-2020-0796.json index b6246fa696..c4541dc7b8 100644 --- a/2020/CVE-2020-0796.json +++ b/2020/CVE-2020-0796.json @@ -13,13 +13,13 @@ "description": "Ladon Scanner For Python, Large Network Penetration Scanner & Cobalt Strike, vulnerability \/ exploit \/ detection \/ MS17010\/SmbGhost\/CVE-2020-0796\/CVE-2018-2894", "fork": false, "created_at": "2019-11-19T16:51:39Z", - "updated_at": "2021-01-12T06:43:31Z", + "updated_at": "2021-01-15T04:14:55Z", "pushed_at": "2020-12-08T15:39:24Z", - "stargazers_count": 32, - "watchers_count": 32, + "stargazers_count": 34, + "watchers_count": 34, "forks_count": 11, "forks": 11, - "watchers": 32, + "watchers": 34, "score": 0 }, { diff --git a/2020/CVE-2020-1048.json b/2020/CVE-2020-1048.json index 88e1ddad6b..0463db2f13 100644 --- a/2020/CVE-2020-1048.json +++ b/2020/CVE-2020-1048.json @@ -36,13 +36,13 @@ "description": "POC exploit code for CVE-2020-1048(PrintDemon)", "fork": false, "created_at": "2020-06-23T18:45:24Z", - "updated_at": "2020-11-30T07:46:18Z", + "updated_at": "2021-01-15T05:51:16Z", "pushed_at": "2020-06-25T12:22:06Z", - "stargazers_count": 9, - "watchers_count": 9, + "stargazers_count": 10, + "watchers_count": 10, "forks_count": 3, "forks": 3, - "watchers": 9, + "watchers": 10, "score": 0 }, { diff --git a/2020/CVE-2020-1349.json b/2020/CVE-2020-1349.json index 83637d2d23..aa508e0463 100644 --- a/2020/CVE-2020-1349.json +++ b/2020/CVE-2020-1349.json @@ -13,13 +13,13 @@ "description": null, "fork": false, "created_at": "2020-07-28T11:33:38Z", - "updated_at": "2020-12-01T15:09:04Z", + "updated_at": "2021-01-15T04:52:52Z", "pushed_at": "2020-07-28T13:36:41Z", - "stargazers_count": 9, - "watchers_count": 9, - "forks_count": 3, - "forks": 3, - "watchers": 9, + "stargazers_count": 10, + "watchers_count": 10, + "forks_count": 4, + "forks": 4, + "watchers": 10, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-13935.json b/2020/CVE-2020-13935.json index c9a06a37d8..68ef877abf 100644 --- a/2020/CVE-2020-13935.json +++ b/2020/CVE-2020-13935.json @@ -13,13 +13,13 @@ "description": "Exploit for WebSocket Vulnerability in Apache Tomcat", "fork": false, "created_at": "2020-11-02T14:48:55Z", - "updated_at": "2021-01-12T07:03:50Z", + "updated_at": "2021-01-15T06:57:27Z", "pushed_at": "2020-11-02T14:51:48Z", - "stargazers_count": 111, - "watchers_count": 111, + "stargazers_count": 112, + "watchers_count": 112, "forks_count": 23, "forks": 23, - "watchers": 111, + "watchers": 112, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-13937.json b/2020/CVE-2020-13937.json new file mode 100644 index 0000000000..5c43067afa --- /dev/null +++ b/2020/CVE-2020-13937.json @@ -0,0 +1,25 @@ +[ + { + "id": 329859295, + "name": "CVE-2020-13937", + "full_name": "yaunsky\/CVE-2020-13937", + "owner": { + "login": "yaunsky", + "id": 48243087, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/48243087?v=4", + "html_url": "https:\/\/github.com\/yaunsky" + }, + "html_url": "https:\/\/github.com\/yaunsky\/CVE-2020-13937", + "description": "Apache Kylin API未授权访问漏洞;CVE-2020-13937;Apache Kylin漏洞", + "fork": false, + "created_at": "2021-01-15T08:57:09Z", + "updated_at": "2021-01-15T08:59:48Z", + "pushed_at": "2021-01-15T08:59:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "forks": 0, + "watchers": 1, + "score": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14386.json b/2020/CVE-2020-14386.json index 89291ee8b4..fa7efad6b7 100644 --- a/2020/CVE-2020-14386.json +++ b/2020/CVE-2020-14386.json @@ -13,13 +13,13 @@ "description": null, "fork": false, "created_at": "2020-09-17T21:25:18Z", - "updated_at": "2020-12-11T09:39:23Z", + "updated_at": "2021-01-15T04:52:06Z", "pushed_at": "2020-09-18T00:01:00Z", - "stargazers_count": 25, - "watchers_count": 25, - "forks_count": 13, - "forks": 13, - "watchers": 25, + "stargazers_count": 26, + "watchers_count": 26, + "forks_count": 14, + "forks": 14, + "watchers": 26, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-1472.json b/2020/CVE-2020-1472.json index 87f6c69f30..1a51fe8d68 100644 --- a/2020/CVE-2020-1472.json +++ b/2020/CVE-2020-1472.json @@ -450,12 +450,12 @@ "description": "[CVE-2020-1472] Netlogon Remote Protocol Call (MS-NRPC) Privilege Escalation (Zerologon)", "fork": false, "created_at": "2020-09-16T09:22:30Z", - "updated_at": "2020-09-16T21:00:01Z", + "updated_at": "2021-01-15T04:57:38Z", "pushed_at": "2020-09-16T20:59:59Z", "stargazers_count": 0, "watchers_count": 0, - "forks_count": 1, - "forks": 1, + "forks_count": 2, + "forks": 2, "watchers": 0, "score": 0 }, diff --git a/2020/CVE-2020-14882.json b/2020/CVE-2020-14882.json index 155207b29a..4a255b9e3d 100644 --- a/2020/CVE-2020-14882.json +++ b/2020/CVE-2020-14882.json @@ -13,13 +13,13 @@ "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340", "fork": false, "created_at": "2020-04-01T09:33:35Z", - "updated_at": "2021-01-15T01:58:53Z", + "updated_at": "2021-01-15T09:04:09Z", "pushed_at": "2020-11-07T05:55:00Z", - "stargazers_count": 2266, - "watchers_count": 2266, - "forks_count": 639, - "forks": 639, - "watchers": 2266, + "stargazers_count": 2268, + "watchers_count": 2268, + "forks_count": 640, + "forks": 640, + "watchers": 2268, "score": 0 }, { @@ -36,13 +36,13 @@ "description": "Vulmap - Web vulnerability scanning and verification tools,支持扫描 activemq, flink, shiro, solr, struts2, tomcat, unomi, drupal, elasticsearch, nexus, weblogic, jboss, thinkphp,并且具备漏洞利用功能。CVE-2020-14882, CVE-2020-2555, CVE-2020-2883, S2-061, CVE-2020-13942, CVE-2020-17530, CVE-2020-17518, CVE-2020-17519", "fork": false, "created_at": "2020-10-09T06:34:36Z", - "updated_at": "2021-01-15T02:15:40Z", + "updated_at": "2021-01-15T09:07:54Z", "pushed_at": "2021-01-13T10:38:48Z", - "stargazers_count": 752, - "watchers_count": 752, + "stargazers_count": 754, + "watchers_count": 754, "forks_count": 133, "forks": 133, - "watchers": 752, + "watchers": 754, "score": 0 }, { @@ -404,13 +404,13 @@ "description": "[CVE-2020-14882] Oracle WebLogic Server Authentication Bypass", "fork": false, "created_at": "2020-11-09T13:02:43Z", - "updated_at": "2020-11-09T16:35:41Z", + "updated_at": "2021-01-15T04:56:58Z", "pushed_at": "2020-11-09T16:35:39Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, "score": 0 }, { @@ -519,8 +519,8 @@ "description": "CodeTest信息收集和漏洞利用工具,可在进行渗透测试之时方便利用相关信息收集脚本进行信息的获取和验证工作,漏洞利用模块可选择需要测试的漏洞模块,或者选择所有模块测试,包含CVE-2020-14882, CVE-2020-2555等,可自己收集脚本后按照模板进行修改。", "fork": false, "created_at": "2020-12-29T09:11:31Z", - "updated_at": "2021-01-15T02:47:52Z", - "pushed_at": "2021-01-08T17:01:35Z", + "updated_at": "2021-01-15T05:27:09Z", + "pushed_at": "2021-01-15T05:27:06Z", "stargazers_count": 22, "watchers_count": 22, "forks_count": 4, diff --git a/2020/CVE-2020-14883.json b/2020/CVE-2020-14883.json index db0140f642..1937f6f04b 100644 --- a/2020/CVE-2020-14883.json +++ b/2020/CVE-2020-14883.json @@ -13,13 +13,13 @@ "description": "[CVE-2020-14882] Oracle WebLogic Server Authenticated Remote Code Execution (RCE)", "fork": false, "created_at": "2020-11-09T15:26:28Z", - "updated_at": "2020-12-08T16:21:22Z", + "updated_at": "2021-01-15T04:56:48Z", "pushed_at": "2020-11-09T17:21:45Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 0, - "forks": 0, - "watchers": 2, + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 1, + "forks": 1, + "watchers": 3, "score": 0 }, { diff --git a/2020/CVE-2020-1493.json b/2020/CVE-2020-1493.json index 49616e69c1..7a7758419e 100644 --- a/2020/CVE-2020-1493.json +++ b/2020/CVE-2020-1493.json @@ -13,13 +13,13 @@ "description": null, "fork": false, "created_at": "2020-08-25T05:25:45Z", - "updated_at": "2020-11-25T09:36:38Z", + "updated_at": "2021-01-15T04:52:42Z", "pushed_at": "2020-08-25T05:46:30Z", - "stargazers_count": 25, - "watchers_count": 25, - "forks_count": 14, - "forks": 14, - "watchers": 25, + "stargazers_count": 26, + "watchers_count": 26, + "forks_count": 15, + "forks": 15, + "watchers": 26, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-16947.json b/2020/CVE-2020-16947.json index 4adaf5af0a..aba1d22d57 100644 --- a/2020/CVE-2020-16947.json +++ b/2020/CVE-2020-16947.json @@ -13,13 +13,13 @@ "description": "PoC of CVE-2020-16947 (Microsoft Outlook RCE vulnerablility)", "fork": false, "created_at": "2020-10-15T14:32:25Z", - "updated_at": "2021-01-05T16:41:07Z", + "updated_at": "2021-01-15T04:51:23Z", "pushed_at": "2020-10-20T20:09:58Z", - "stargazers_count": 116, - "watchers_count": 116, - "forks_count": 32, - "forks": 32, - "watchers": 116, + "stargazers_count": 117, + "watchers_count": 117, + "forks_count": 33, + "forks": 33, + "watchers": 117, "score": 0 }, { diff --git a/2020/CVE-2020-17518.json b/2020/CVE-2020-17518.json index 96ab99c1c6..fc5c947aaf 100644 --- a/2020/CVE-2020-17518.json +++ b/2020/CVE-2020-17518.json @@ -36,13 +36,13 @@ "description": "[CVE-2020-17518] Apache Flink RESTful API Arbitrary File Upload via Directory Traversal", "fork": false, "created_at": "2021-01-10T01:12:45Z", - "updated_at": "2021-01-10T01:18:11Z", + "updated_at": "2021-01-15T04:56:37Z", "pushed_at": "2021-01-10T01:18:09Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, "score": 0 }, { diff --git a/2020/CVE-2020-17519.json b/2020/CVE-2020-17519.json index 6293cc9f1e..a68d988b6e 100644 --- a/2020/CVE-2020-17519.json +++ b/2020/CVE-2020-17519.json @@ -105,13 +105,13 @@ "description": "[CVE-2020-17519] Apache Flink RESTful API Arbitrary File Read", "fork": false, "created_at": "2021-01-10T01:24:50Z", - "updated_at": "2021-01-10T01:26:10Z", + "updated_at": "2021-01-15T04:55:07Z", "pushed_at": "2021-01-10T01:26:07Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, "score": 0 }, { diff --git a/2020/CVE-2020-17530.json b/2020/CVE-2020-17530.json index 52a55903dd..79148ad517 100644 --- a/2020/CVE-2020-17530.json +++ b/2020/CVE-2020-17530.json @@ -40,8 +40,8 @@ "pushed_at": "2020-12-18T00:57:50Z", "stargazers_count": 38, "watchers_count": 38, - "forks_count": 16, - "forks": 16, + "forks_count": 17, + "forks": 17, "watchers": 38, "score": 0 }, diff --git a/2020/CVE-2020-1938.json b/2020/CVE-2020-1938.json index 628fda2621..aa57d4d1ad 100644 --- a/2020/CVE-2020-1938.json +++ b/2020/CVE-2020-1938.json @@ -312,13 +312,13 @@ "description": "Ghostcat read file\/code execute,CNVD-2020-10487(CVE-2020-1938) ", "fork": false, "created_at": "2020-02-22T16:16:20Z", - "updated_at": "2021-01-15T00:58:45Z", + "updated_at": "2021-01-15T06:33:39Z", "pushed_at": "2020-03-09T14:51:43Z", - "stargazers_count": 162, - "watchers_count": 162, + "stargazers_count": 163, + "watchers_count": 163, "forks_count": 60, "forks": 60, - "watchers": 162, + "watchers": 163, "score": 0 }, { diff --git a/2020/CVE-2020-2551.json b/2020/CVE-2020-2551.json index 72fc8a6428..a48a0d0552 100644 --- a/2020/CVE-2020-2551.json +++ b/2020/CVE-2020-2551.json @@ -13,13 +13,13 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2021-01-15T02:15:12Z", + "updated_at": "2021-01-15T03:18:57Z", "pushed_at": "2020-11-27T15:10:58Z", - "stargazers_count": 882, - "watchers_count": 882, - "forks_count": 208, - "forks": 208, - "watchers": 882, + "stargazers_count": 883, + "watchers_count": 883, + "forks_count": 209, + "forks": 209, + "watchers": 883, "score": 0 }, { diff --git a/2020/CVE-2020-26732.json b/2020/CVE-2020-26732.json index 5bd0e79f41..ecb14f28f0 100644 --- a/2020/CVE-2020-26732.json +++ b/2020/CVE-2020-26732.json @@ -13,7 +13,7 @@ "description": "Skyworth GN542VF Boa version 0.94.13 does not set the Secure flag for the session cookie in an HTTPS session", "fork": false, "created_at": "2021-01-14T09:55:59Z", - "updated_at": "2021-01-14T10:10:41Z", + "updated_at": "2021-01-15T05:06:18Z", "pushed_at": "2021-01-14T10:08:28Z", "stargazers_count": 1, "watchers_count": 1, diff --git a/2020/CVE-2020-26733.json b/2020/CVE-2020-26733.json index 7bebd54d17..558c978977 100644 --- a/2020/CVE-2020-26733.json +++ b/2020/CVE-2020-26733.json @@ -13,7 +13,7 @@ "description": "SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 Cross Site Scripting (XSS) Vulnerability", "fork": false, "created_at": "2021-01-14T10:03:14Z", - "updated_at": "2021-01-14T10:14:25Z", + "updated_at": "2021-01-15T05:06:07Z", "pushed_at": "2021-01-14T10:03:56Z", "stargazers_count": 1, "watchers_count": 1, diff --git a/2020/CVE-2020-27368.json b/2020/CVE-2020-27368.json index db1f736c80..486f544af0 100644 --- a/2020/CVE-2020-27368.json +++ b/2020/CVE-2020-27368.json @@ -1,6 +1,6 @@ [ { - "id": 329575827, + "id": 329814538, "name": "CVE-2020-27368", "full_name": "swzhouu\/CVE-2020-27368", "owner": { @@ -12,9 +12,9 @@ "html_url": "https:\/\/github.com\/swzhouu\/CVE-2020-27368", "description": "SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 Directory Indexing Vulnerability", "fork": false, - "created_at": "2021-01-14T10:05:25Z", - "updated_at": "2021-01-14T10:14:26Z", - "pushed_at": "2021-01-14T10:06:05Z", + "created_at": "2021-01-15T05:08:13Z", + "updated_at": "2021-01-15T05:09:03Z", + "pushed_at": "2021-01-15T05:08:48Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 0, diff --git a/2020/CVE-2020-3452.json b/2020/CVE-2020-3452.json index 383c6994b0..7233577a5e 100644 --- a/2020/CVE-2020-3452.json +++ b/2020/CVE-2020-3452.json @@ -197,13 +197,13 @@ "description": "[CVE-2020-3452] Cisco Adaptive Security Appliance (ASA) & Cisco Firepower Threat Defense (FTD) Web Service Read-Only Directory Traversal", "fork": false, "created_at": "2020-08-13T08:22:27Z", - "updated_at": "2020-09-16T20:50:04Z", + "updated_at": "2021-01-15T04:57:48Z", "pushed_at": "2020-09-16T20:50:02Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 2, - "forks": 2, - "watchers": 0, + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 3, + "forks": 3, + "watchers": 1, "score": 0 }, { @@ -243,13 +243,13 @@ "description": "Just basic scanner abusing CVE-2020-3452 to enumerate the standard files accessible in the Web Directory of the CISCO ASA applicances.", "fork": false, "created_at": "2020-09-28T05:00:37Z", - "updated_at": "2021-01-12T20:46:40Z", + "updated_at": "2021-01-15T05:04:06Z", "pushed_at": "2020-10-10T17:19:51Z", - "stargazers_count": 3, - "watchers_count": 3, + "stargazers_count": 4, + "watchers_count": 4, "forks_count": 2, "forks": 2, - "watchers": 3, + "watchers": 4, "score": 0 }, { diff --git a/2020/CVE-2020-5509.json b/2020/CVE-2020-5509.json deleted file mode 100644 index 7710a3d4df..0000000000 --- a/2020/CVE-2020-5509.json +++ /dev/null @@ -1,25 +0,0 @@ -[ - { - "id": 231982886, - "name": "CVE-2020-5509", - "full_name": "FULLSHADE\/CVE-2020-5509", - "owner": { - "login": "FULLSHADE", - "id": 54753063, - "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/54753063?v=4", - "html_url": "https:\/\/github.com\/FULLSHADE" - }, - "html_url": "https:\/\/github.com\/FULLSHADE\/CVE-2020-5509", - "description": "Car Rental Project v.1.0 Remote Code Execution", - "fork": false, - "created_at": "2020-01-05T22:13:24Z", - "updated_at": "2021-01-04T01:36:26Z", - "pushed_at": "2020-01-05T22:23:20Z", - "stargazers_count": 4, - "watchers_count": 4, - "forks_count": 2, - "forks": 2, - "watchers": 4, - "score": 0 - } -] \ No newline at end of file diff --git a/2020/CVE-2020-5902.json b/2020/CVE-2020-5902.json index 93c054dfd1..b50f514fc7 100644 --- a/2020/CVE-2020-5902.json +++ b/2020/CVE-2020-5902.json @@ -1117,13 +1117,13 @@ "description": "[CVE-2020-5902] F5 BIG-IP Remote Code Execution (RCE)", "fork": false, "created_at": "2020-08-13T08:27:25Z", - "updated_at": "2020-08-30T00:24:01Z", + "updated_at": "2021-01-15T04:58:08Z", "pushed_at": "2020-08-30T00:23:59Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 0, - "forks": 0, - "watchers": 0, + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "forks": 1, + "watchers": 1, "score": 0 }, { diff --git a/2020/CVE-2020-6207.json b/2020/CVE-2020-6207.json index 77ef5f1bd4..266090c37b 100644 --- a/2020/CVE-2020-6207.json +++ b/2020/CVE-2020-6207.json @@ -13,13 +13,13 @@ "description": "PoC for CVE-2020-6207 (Missing Authentication Check in SAP Solution Manager)", "fork": false, "created_at": "2021-01-14T10:49:40Z", - "updated_at": "2021-01-15T02:56:24Z", + "updated_at": "2021-01-15T08:33:51Z", "pushed_at": "2021-01-14T13:35:09Z", - "stargazers_count": 3, - "watchers_count": 3, - "forks_count": 1, - "forks": 1, - "watchers": 3, + "stargazers_count": 6, + "watchers_count": 6, + "forks_count": 3, + "forks": 3, + "watchers": 6, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-6286.json b/2020/CVE-2020-6286.json index ad9b1f07a1..96400d66da 100644 --- a/2020/CVE-2020-6286.json +++ b/2020/CVE-2020-6286.json @@ -13,13 +13,13 @@ "description": "[CVE-2020-6286] SAP NetWeaver AS JAVA (LM Configuration Wizard) Directory Traversal", "fork": false, "created_at": "2020-08-13T09:00:12Z", - "updated_at": "2020-08-29T23:49:51Z", + "updated_at": "2021-01-15T04:58:15Z", "pushed_at": "2020-08-29T23:49:49Z", - "stargazers_count": 0, - "watchers_count": 0, - "forks_count": 1, - "forks": 1, - "watchers": 0, + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 2, + "forks": 2, + "watchers": 1, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-6287.json b/2020/CVE-2020-6287.json index a6036c2438..063078f6f4 100644 --- a/2020/CVE-2020-6287.json +++ b/2020/CVE-2020-6287.json @@ -105,13 +105,13 @@ "description": "[CVE-2020-6287] SAP NetWeaver AS JAVA (LM Configuration Wizard) Authentication Bypass (Create Simple & Administrator Java User)", "fork": false, "created_at": "2020-08-13T09:12:37Z", - "updated_at": "2020-11-19T13:14:32Z", + "updated_at": "2021-01-15T04:57:19Z", "pushed_at": "2020-09-18T15:18:21Z", - "stargazers_count": 4, - "watchers_count": 4, - "forks_count": 1, - "forks": 1, - "watchers": 4, + "stargazers_count": 5, + "watchers_count": 5, + "forks_count": 2, + "forks": 2, + "watchers": 5, "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-8165.json b/2020/CVE-2020-8165.json index bdefaac4b8..0d1fef7225 100644 --- a/2020/CVE-2020-8165.json +++ b/2020/CVE-2020-8165.json @@ -113,5 +113,51 @@ "forks": 0, "watchers": 0, "score": 0 + }, + { + "id": 329810247, + "name": "CVE-2020-8165", + "full_name": "AssassinUKG\/CVE-2020-8165", + "owner": { + "login": "AssassinUKG", + "id": 5285547, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/5285547?v=4", + "html_url": "https:\/\/github.com\/AssassinUKG" + }, + "html_url": "https:\/\/github.com\/AssassinUKG\/CVE-2020-8165", + "description": null, + "fork": false, + "created_at": "2021-01-15T04:40:24Z", + "updated_at": "2021-01-15T04:44:41Z", + "pushed_at": "2021-01-15T04:44:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 329840409, + "name": "CVE-2020-8165", + "full_name": "progfay\/CVE-2020-8165", + "owner": { + "login": "progfay", + "id": 19568747, + "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/19568747?v=4", + "html_url": "https:\/\/github.com\/progfay" + }, + "html_url": "https:\/\/github.com\/progfay\/CVE-2020-8165", + "description": "PoC for CVE-2020-8165", + "fork": false, + "created_at": "2021-01-15T07:31:21Z", + "updated_at": "2021-01-15T07:38:23Z", + "pushed_at": "2021-01-15T07:31:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "forks": 0, + "watchers": 0, + "score": 0 } ] \ No newline at end of file diff --git a/2020/CVE-2020-8175.json b/2020/CVE-2020-8175.json index f5e38cced0..a886d3c502 100644 --- a/2020/CVE-2020-8175.json +++ b/2020/CVE-2020-8175.json @@ -13,13 +13,13 @@ "description": "An updated version of get-pixels that patches the CVE-2020-8175 security issue.", "fork": false, "created_at": "2021-01-07T09:31:26Z", - "updated_at": "2021-01-07T10:39:47Z", + "updated_at": "2021-01-15T08:57:26Z", "pushed_at": "2021-01-07T10:02:44Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "forks_count": 0, "forks": 0, - "watchers": 0, + "watchers": 1, "score": 0 }, { diff --git a/2020/CVE-2020-8617.json b/2020/CVE-2020-8617.json index 46f37be02c..68c7160658 100644 --- a/2020/CVE-2020-8617.json +++ b/2020/CVE-2020-8617.json @@ -13,13 +13,13 @@ "description": "PoC for CVE-2020-8617 (BIND)", "fork": false, "created_at": "2020-05-20T12:26:45Z", - "updated_at": "2020-10-22T08:31:05Z", + "updated_at": "2021-01-15T05:43:02Z", "pushed_at": "2020-05-20T13:03:50Z", - "stargazers_count": 40, - "watchers_count": 40, - "forks_count": 10, - "forks": 10, - "watchers": 40, + "stargazers_count": 41, + "watchers_count": 41, + "forks_count": 11, + "forks": 11, + "watchers": 41, "score": 0 }, { diff --git a/2021/CVE-2021-1056.json b/2021/CVE-2021-1056.json index bef22645f8..a064e59e9b 100644 --- a/2021/CVE-2021-1056.json +++ b/2021/CVE-2021-1056.json @@ -13,13 +13,13 @@ "description": "PoC for CVE-2021-1056, related to GPU Container Security", "fork": false, "created_at": "2021-01-08T11:29:48Z", - "updated_at": "2021-01-14T02:29:13Z", + "updated_at": "2021-01-15T03:28:09Z", "pushed_at": "2021-01-12T09:21:02Z", - "stargazers_count": 2, - "watchers_count": 2, + "stargazers_count": 3, + "watchers_count": 3, "forks_count": 0, "forks": 0, - "watchers": 2, + "watchers": 3, "score": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-3129.json b/2021/CVE-2021-3129.json index 2eba235fb5..a4c666d9e3 100644 --- a/2021/CVE-2021-3129.json +++ b/2021/CVE-2021-3129.json @@ -13,13 +13,13 @@ "description": "Exploit for CVE-2021-3129", "fork": false, "created_at": "2021-01-13T12:52:20Z", - "updated_at": "2021-01-14T09:55:37Z", + "updated_at": "2021-01-15T04:02:52Z", "pushed_at": "2021-01-13T13:25:10Z", - "stargazers_count": 3, - "watchers_count": 3, + "stargazers_count": 4, + "watchers_count": 4, "forks_count": 2, "forks": 2, - "watchers": 3, + "watchers": 4, "score": 0 } ] \ No newline at end of file diff --git a/README.md b/README.md index f134a2f967..82da586558 100644 --- a/README.md +++ b/README.md @@ -158,7 +158,6 @@ Race condition in the Intel(R) Driver and Support Assistant before version 20.1. A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'. -- [nissan-sudo/CVE-2020-0601](https://github.com/nissan-sudo/CVE-2020-0601) - [0xxon/cve-2020-0601](https://github.com/0xxon/cve-2020-0601) - [SherlockSec/CVE-2020-0601](https://github.com/SherlockSec/CVE-2020-0601) - [JPurrier/CVE-2020-0601](https://github.com/JPurrier/CVE-2020-0601) @@ -1011,14 +1010,6 @@ In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3. - [pandaMingx/CVE-2020-5421](https://github.com/pandaMingx/CVE-2020-5421) -### CVE-2020-5509 (2020-01-14) - - -PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an executable file in an upload of a new profile image. - - -- [FULLSHADE/CVE-2020-5509](https://github.com/FULLSHADE/CVE-2020-5509) - ### CVE-2020-5837 (2020-05-11) @@ -1369,6 +1360,8 @@ A deserialization of untrusted data vulnernerability exists in rails < 5.2.4. - [taipansec/CVE-2020-8165](https://github.com/taipansec/CVE-2020-8165) - [hybryx/CVE-2020-8165](https://github.com/hybryx/CVE-2020-8165) - [macosta-42/CVE-2020-8165](https://github.com/macosta-42/CVE-2020-8165) +- [AssassinUKG/CVE-2020-8165](https://github.com/AssassinUKG/CVE-2020-8165) +- [progfay/CVE-2020-8165](https://github.com/progfay/CVE-2020-8165) ### CVE-2020-8175 (2020-07-24) @@ -2439,6 +2432,14 @@ The payload length in a WebSocket frame was not correctly validated in Apache To - [RedTeamPentesting/CVE-2020-13935](https://github.com/RedTeamPentesting/CVE-2020-13935) +### CVE-2020-13937 (2020-10-19) + + +Apache Kylin 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.5.2, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 3.0.0-alpha, 3.0.0-alpha2, 3.0.0-beta, 3.0.0, 3.0.1, 3.0.2, 3.1.0, 4.0.0-alpha has one restful api which exposed Kylin's configuration information without any authentication, so it is dangerous because some confidential information entries will be disclosed to everyone. + + +- [yaunsky/CVE-2020-13937](https://github.com/yaunsky/CVE-2020-13937) + ### CVE-2020-13942 (2020-11-24) @@ -4704,7 +4705,6 @@ runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allow - [q3k/cve-2019-5736-poc](https://github.com/q3k/cve-2019-5736-poc) - [Frichetten/CVE-2019-5736-PoC](https://github.com/Frichetten/CVE-2019-5736-PoC) -- [likescam/CVE-2019-5736](https://github.com/likescam/CVE-2019-5736) - [likescam/cve-2019-5736-poc](https://github.com/likescam/cve-2019-5736-poc) - [agppp/cve-2019-5736-poc](https://github.com/agppp/cve-2019-5736-poc) - [b3d3c/poc-cve-2019-5736](https://github.com/b3d3c/poc-cve-2019-5736) @@ -5085,6 +5085,14 @@ Multiple memory corruption issues were addressed with improved memory handling. - [BadAccess11/CVE-2019-8601](https://github.com/BadAccess11/CVE-2019-8601) +### CVE-2019-8605 (2019-12-18) + + +A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to execute arbitrary code with system privileges. + + +- [1nteger-c/CVE-2019-8605](https://github.com/1nteger-c/CVE-2019-8605) + ### CVE-2019-8627 - [maldiohead/CVE-2019-8627](https://github.com/maldiohead/CVE-2019-8627) @@ -14839,6 +14847,14 @@ The Jenkins CLI subsystem in Jenkins before 1.638 and LTS before 1.625.2 allows - [cved-sources/cve-2015-8103](https://github.com/cved-sources/cve-2015-8103) +### CVE-2015-8239 (2017-10-10) + + +The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed. + + +- [justinsteven/sudo_digest_toctou_poc_CVE-2015-8239](https://github.com/justinsteven/sudo_digest_toctou_poc_CVE-2015-8239) + ### CVE-2015-8277 (2016-02-23)