diff --git a/2017/CVE-2017-12615.json b/2017/CVE-2017-12615.json index aa9f6a94dd..2770338cf5 100644 --- a/2017/CVE-2017-12615.json +++ b/2017/CVE-2017-12615.json @@ -417,12 +417,12 @@ "description": "tomcat自动化漏洞扫描利用工具,支持批量弱口令检测、后台部署war包getshell、CVE-2017-12615 文件上传、CVE-2020-1938\/CNVD-2020-10487 文件包含", "fork": false, "created_at": "2024-08-29T06:38:16Z", - "updated_at": "2024-12-30T18:29:52Z", + "updated_at": "2024-12-31T23:18:30Z", "pushed_at": "2024-11-13T03:12:58Z", - "stargazers_count": 167, - "watchers_count": 167, + "stargazers_count": 168, + "watchers_count": 168, "has_discussions": false, - "forks_count": 14, + "forks_count": 15, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -436,8 +436,8 @@ "tools" ], "visibility": "public", - "forks": 14, - "watchers": 167, + "forks": 15, + "watchers": 168, "score": 0, "subscribers_count": 2 }, diff --git a/2020/CVE-2020-0601.json b/2020/CVE-2020-0601.json index 09962f63a0..8081fde2bf 100644 --- a/2020/CVE-2020-0601.json +++ b/2020/CVE-2020-0601.json @@ -540,7 +540,7 @@ "forks": 3, "watchers": 3, "score": 0, - "subscribers_count": 1 + "subscribers_count": 2 }, { "id": 235000073, @@ -602,7 +602,7 @@ "forks": 16, "watchers": 77, "score": 0, - "subscribers_count": 6 + "subscribers_count": 7 }, { "id": 235858699, diff --git a/2020/CVE-2020-1034.json b/2020/CVE-2020-1034.json index a1454d33d2..a521ce6da4 100644 --- a/2020/CVE-2020-1034.json +++ b/2020/CVE-2020-1034.json @@ -35,7 +35,7 @@ "forks": 40, "watchers": 120, "score": 0, - "subscribers_count": 6 + "subscribers_count": 7 }, { "id": 473326116, diff --git a/2020/CVE-2020-1066.json b/2020/CVE-2020-1066.json index 9ed27136b6..84caa1e527 100644 --- a/2020/CVE-2020-1066.json +++ b/2020/CVE-2020-1066.json @@ -59,6 +59,6 @@ "forks": 0, "watchers": 1, "score": 0, - "subscribers_count": 3 + "subscribers_count": 4 } ] \ No newline at end of file diff --git a/2020/CVE-2020-1938.json b/2020/CVE-2020-1938.json index e4ef6ad6ac..cfdb43f939 100644 --- a/2020/CVE-2020-1938.json +++ b/2020/CVE-2020-1938.json @@ -981,12 +981,12 @@ "description": "tomcat自动化漏洞扫描利用工具,支持批量弱口令检测、后台部署war包getshell、CVE-2017-12615 文件上传、CVE-2020-1938\/CNVD-2020-10487 文件包含", "fork": false, "created_at": "2024-08-29T06:38:16Z", - "updated_at": "2024-12-30T18:29:52Z", + "updated_at": "2024-12-31T23:18:30Z", "pushed_at": "2024-11-13T03:12:58Z", - "stargazers_count": 167, - "watchers_count": 167, + "stargazers_count": 168, + "watchers_count": 168, "has_discussions": false, - "forks_count": 14, + "forks_count": 15, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -1000,8 +1000,8 @@ "tools" ], "visibility": "public", - "forks": 14, - "watchers": 167, + "forks": 15, + "watchers": 168, "score": 0, "subscribers_count": 2 } diff --git a/2021/CVE-2021-21772.json b/2021/CVE-2021-21772.json index 08d8d5970b..70432b8c36 100644 --- a/2021/CVE-2021-21772.json +++ b/2021/CVE-2021-21772.json @@ -28,6 +28,6 @@ "forks": 0, "watchers": 0, "score": 0, - "subscribers_count": 0 + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2021/CVE-2021-42287.json b/2021/CVE-2021-42287.json index c641a7d0ee..50f81737d0 100644 --- a/2021/CVE-2021-42287.json +++ b/2021/CVE-2021-42287.json @@ -19,13 +19,13 @@ "stargazers_count": 1348, "watchers_count": 1348, "has_discussions": false, - "forks_count": 322, + "forks_count": 323, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 322, + "forks": 323, "watchers": 1348, "score": 0, "subscribers_count": 27 diff --git a/2023/CVE-2023-21752.json b/2023/CVE-2023-21752.json index 01652f6583..b820ccc41b 100644 --- a/2023/CVE-2023-21752.json +++ b/2023/CVE-2023-21752.json @@ -14,10 +14,10 @@ "description": null, "fork": false, "created_at": "2023-01-10T15:59:26Z", - "updated_at": "2024-12-17T20:19:27Z", + "updated_at": "2024-12-31T20:57:04Z", "pushed_at": "2023-01-13T09:01:20Z", - "stargazers_count": 307, - "watchers_count": 307, + "stargazers_count": 308, + "watchers_count": 308, "has_discussions": false, "forks_count": 66, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 66, - "watchers": 307, + "watchers": 308, "score": 0, "subscribers_count": 5 }, diff --git a/2023/CVE-2023-24278.json b/2023/CVE-2023-24278.json index 0afa2ec8cb..213b6c1d1f 100644 --- a/2023/CVE-2023-24278.json +++ b/2023/CVE-2023-24278.json @@ -14,10 +14,10 @@ "description": "It was discovered two reflected cross site scripting (XSS) vulnerabilities in the Squidex open source headless CMS software. The Reflected Cross Site Scripting vulnerabilities affect all versions of Squidex prior to 7.4.0 and affect both authenticated and unauthenticated victim users.", "fork": false, "created_at": "2024-12-23T13:10:47Z", - "updated_at": "2024-12-24T15:44:07Z", + "updated_at": "2024-12-31T21:12:30Z", "pushed_at": "2024-12-23T13:22:22Z", - "stargazers_count": 1, - "watchers_count": 1, + "stargazers_count": 2, + "watchers_count": 2, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 1, + "watchers": 2, "score": 0, "subscribers_count": 1 } diff --git a/2023/CVE-2023-40028.json b/2023/CVE-2023-40028.json index d512a1c115..f0d7442399 100644 --- a/2023/CVE-2023-40028.json +++ b/2023/CVE-2023-40028.json @@ -81,13 +81,13 @@ "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, - "forks_count": 0, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 0, + "forks": 1, "watchers": 1, "score": 0, "subscribers_count": 1 diff --git a/2023/CVE-2023-46805.json b/2023/CVE-2023-46805.json index 2bf6245890..45655c8a51 100644 --- a/2023/CVE-2023-46805.json +++ b/2023/CVE-2023-46805.json @@ -111,10 +111,10 @@ "description": "The script in this repository only checks whether the vulnerabilities specified in the Ivanti Connect Secure product exist.", "fork": false, "created_at": "2024-01-18T13:25:46Z", - "updated_at": "2024-04-30T02:04:11Z", + "updated_at": "2024-12-31T18:42:04Z", "pushed_at": "2024-03-23T14:52:22Z", - "stargazers_count": 4, - "watchers_count": 4, + "stargazers_count": 5, + "watchers_count": 5, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -123,7 +123,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 4, + "watchers": 5, "score": 0, "subscribers_count": 1 }, diff --git a/2024/CVE-2024-21182.json b/2024/CVE-2024-21182.json index 6f74300832..dbcdb0bbfc 100644 --- a/2024/CVE-2024-21182.json +++ b/2024/CVE-2024-21182.json @@ -19,13 +19,13 @@ "stargazers_count": 26, "watchers_count": 26, "has_discussions": false, - "forks_count": 5, + "forks_count": 6, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 5, + "forks": 6, "watchers": 26, "score": 0, "subscribers_count": 1 diff --git a/2024/CVE-2024-21887.json b/2024/CVE-2024-21887.json index 1974cd66f0..0c9c0c1dce 100644 --- a/2024/CVE-2024-21887.json +++ b/2024/CVE-2024-21887.json @@ -107,10 +107,10 @@ "description": "The script in this repository only checks whether the vulnerabilities specified in the Ivanti Connect Secure product exist.", "fork": false, "created_at": "2024-01-18T13:25:46Z", - "updated_at": "2024-04-30T02:04:11Z", + "updated_at": "2024-12-31T18:42:04Z", "pushed_at": "2024-03-23T14:52:22Z", - "stargazers_count": 4, - "watchers_count": 4, + "stargazers_count": 5, + "watchers_count": 5, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -119,7 +119,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 4, + "watchers": 5, "score": 0, "subscribers_count": 1 }, diff --git a/2024/CVE-2024-51442.json b/2024/CVE-2024-51442.json new file mode 100644 index 0000000000..53878c38e1 --- /dev/null +++ b/2024/CVE-2024-51442.json @@ -0,0 +1,33 @@ +[ + { + "id": 910603659, + "name": "CVE-2024-51442", + "full_name": "mselbrede\/CVE-2024-51442", + "owner": { + "login": "mselbrede", + "id": 43323139, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43323139?v=4", + "html_url": "https:\/\/github.com\/mselbrede", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mselbrede\/CVE-2024-51442", + "description": "CVE-2024-51442 write up and example config file", + "fork": false, + "created_at": "2024-12-31T19:27:36Z", + "updated_at": "2024-12-31T19:33:28Z", + "pushed_at": "2024-12-31T19:33:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-54152.json b/2024/CVE-2024-54152.json index 44112617a0..d0723aee75 100644 --- a/2024/CVE-2024-54152.json +++ b/2024/CVE-2024-54152.json @@ -14,19 +14,19 @@ "description": null, "fork": false, "created_at": "2024-12-30T01:07:48Z", - "updated_at": "2024-12-31T10:15:57Z", + "updated_at": "2024-12-31T20:49:57Z", "pushed_at": "2024-12-30T01:08:00Z", - "stargazers_count": 5, - "watchers_count": 5, + "stargazers_count": 6, + "watchers_count": 6, "has_discussions": false, - "forks_count": 1, + "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 1, - "watchers": 5, + "forks": 2, + "watchers": 6, "score": 0, "subscribers_count": 1 } diff --git a/README.md b/README.md index 24bfe567ef..bff163325d 100644 --- a/README.md +++ b/README.md @@ -7515,6 +7515,9 @@ ### CVE-2024-51435 - [bevennyamande/CVE-2024-51435](https://github.com/bevennyamande/CVE-2024-51435) +### CVE-2024-51442 +- [mselbrede/CVE-2024-51442](https://github.com/mselbrede/CVE-2024-51442) + ### CVE-2024-51567 (2024-10-29) upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows remote attackers to bypass authentication and execute arbitrary commands via /dataBases/upgrademysqlstatus by bypassing secMiddleware (which is only for a POST request) and using shell metacharacters in the statusfile property, as exploited in the wild in October 2024 by PSAUX. Versions through 2.3.6 and (unpatched) 2.3.7 are affected.